diff --git a/build.sbt b/build.sbt index 16fb6d47c1..52d68b88df 100644 --- a/build.sbt +++ b/build.sbt @@ -47,6 +47,7 @@ lazy val akkaPersistenceDeps = akkaPersistenceQuery, akkaClusterShardingTyped, akkaPersistenceCassandra, + keyspacedriver, cassandraLauncher ) @@ -180,7 +181,7 @@ lazy val `hmda-platform` = (project in file("hmda")) val oldStrategy = (assembly / assemblyMergeStrategy).value oldStrategy(x) }, - reStart / envVars ++= Map("CASSANDRA_CLUSTER_HOSTS" -> "localhost", "APP_PORT" -> "2551"), + reStart / envVars ++= Map("CASSANDRA_CLUSTER_HOSTS" -> "localhost", "APP_PORT" -> "2551"), ), dockerSettings, packageSettings diff --git a/common/src/main/resources/persistence-keyspace-sigv4.conf b/common/src/main/resources/persistence-keyspace-sigv4.conf new file mode 100644 index 0000000000..0a3e1b5426 --- /dev/null +++ b/common/src/main/resources/persistence-keyspace-sigv4.conf @@ -0,0 +1,108 @@ +include "serialization.conf" + +akka { + + persistence { + journal.plugin = "akka.persistence.cassandra.journal" + snapshot-store.plugin = "akka.persistence.cassandra.snapshot" + + query { + journal.id = "akka.persistence.cassandra.query" + } + + cassandra { + events-by-tag { + max-message-batch-size = 30 + max-message-batch-size = ${?TAG_BATCH_SIZE} + flush-interval = 150ms + flush-interval = ${?TAG_FLUSH_INTERVAL} + } + journal { + keyspace = "hmda2_journal" + keyspace = ${?CASSANDRA_JOURNAL_KEYSPACE} + table = "journal" + events-by-tag.max-message-batch-size = 30 + events-by-tag.max-message-batch-size = ${?TAG_BATCH_SIZE} + events-by-tag.flush-interval = 150ms + events-by-tag.flush-interval = ${?TAG_FLUSH_INTERVAL} + } + query { + # reference: https://github.com/akka/akka-persistence-cassandra/blob/v0.101/core/src/main/resources/reference.conf + # Sequence numbers for a persistenceId is assumed to be monotonically increasing + # without gaps. That is used for detecting missing events. + # In early versions of the journal that might not be true and therefore + # this can be relaxed by setting this property to off. + gap-free-sequence-numbers = off + } + snapshot { + keyspace = "hmda2_snapshot" + keyspace = ${?CASSANDRA_SNAPSHOT_KEYSPACE} + table = "snapshot" + } + } + } + + +} + +datastax-java-driver { + profiles { + akka-persistence-cassandra-profile { + basic { + request.consistency = LOCAL_QUORUM + } + } + } + basic { + contact-points = ["localhost:9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false + request.consistency = LOCAL_QUORUM + } + + + + advanced { + + advanced.protocol { + version = V4 + } + auth-provider { + class = software.aws.mcs.auth.SigV4AuthProvider + aws-region = "us-east-1" + } + request-tracker { + classes = [RequestLogger] + logs { + slow { + threshold = 1 second + enabled = true + } + } + } + ssl-engine-factory { + class = DefaultSslEngineFactory + truststore-path = ${?CASSANDRA_TRUSTSTORE_FILE} + truststore-password = ${?CASSANDRA_TRUSTSTORE_PASSWORD} + hostname-validation = false + } + + } +} + +kafka { + hosts = "localhost:9092" + hosts = ${?KAFKA_CLUSTER_HOSTS} + idle-timeout = 5 + idle-timeout = ${?KAFKA_IDLE_TIMEOUT} + security.protocol="" + security.protocol=${?KAFKA_SECURITY} + ssl.truststore.location = "" + ssl.truststore.location = ${?TRUSTSTORE_PATH} + ssl.truststore.password = "" + ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} + ssl.endpoint = "" + ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} +} \ No newline at end of file diff --git a/common/src/main/resources/persistence-keyspace.conf b/common/src/main/resources/persistence-keyspace.conf new file mode 100644 index 0000000000..cf3f00227e --- /dev/null +++ b/common/src/main/resources/persistence-keyspace.conf @@ -0,0 +1,109 @@ +include "serialization.conf" + +akka { + + persistence { + journal.plugin = "akka.persistence.cassandra.journal" + snapshot-store.plugin = "akka.persistence.cassandra.snapshot" + + query { + journal.id = "akka.persistence.cassandra.query" + } + + cassandra { + events-by-tag { + max-message-batch-size = 30 + max-message-batch-size = ${?TAG_BATCH_SIZE} + flush-interval = 150ms + flush-interval = ${?TAG_FLUSH_INTERVAL} + } + journal { + keyspace = "hmda2_journal" + keyspace = ${?CASSANDRA_JOURNAL_KEYSPACE} + table = "journal" + events-by-tag.max-message-batch-size = 30 + events-by-tag.max-message-batch-size = ${?TAG_BATCH_SIZE} + events-by-tag.flush-interval = 150ms + events-by-tag.flush-interval = ${?TAG_FLUSH_INTERVAL} + } + query { + # reference: https://github.com/akka/akka-persistence-cassandra/blob/v0.101/core/src/main/resources/reference.conf + # Sequence numbers for a persistenceId is assumed to be monotonically increasing + # without gaps. That is used for detecting missing events. + # In early versions of the journal that might not be true and therefore + # this can be relaxed by setting this property to off. + gap-free-sequence-numbers = off + } + snapshot { + keyspace = "hmda2_snapshot" + keyspace = ${?CASSANDRA_SNAPSHOT_KEYSPACE} + table = "snapshot" + } + } + } + + +} + +datastax-java-driver { + + profiles { + akka-persistence-cassandra-profile { + basic { + request.consistency = LOCAL_QUORUM + } + } + } + + basic { + contact-points = ["localhost:9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false + request.consistency = LOCAL_QUORUM + } + + advanced { + advanced.protocol { + version = V4 + } + auth-provider { + class = PlainTextAuthProvider + username = "" + username = ${?CASSANDRA_CLUSTER_USERNAME} + password = "" + password = ${?CASSANDRA_CLUSTER_PASSWORD} + } + request-tracker { + classes = [RequestLogger] + logs { + slow { + threshold = 1 second + enabled = true + } + } + } + ssl-engine-factory { + class = DefaultSslEngineFactory + truststore-path = ${?CASSANDRA_TRUSTSTORE_FILE} + truststore-password = ${?CASSANDRA_TRUSTSTORE_PASSWORD} + hostname-validation = false + } + } +} + +kafka { + hosts = "localhost:9092" + hosts = ${?KAFKA_CLUSTER_HOSTS} + idle-timeout = 5 + idle-timeout = ${?KAFKA_IDLE_TIMEOUT} + security.protocol="" + security.protocol=${?KAFKA_SECURITY} + ssl.truststore.location = "" + ssl.truststore.location = ${?TRUSTSTORE_PATH} + ssl.truststore.password = "" + ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} + ssl.endpoint = "" + ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} +} \ No newline at end of file diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index b0fe3caf85..fab98d2e30 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -16,6 +16,10 @@ akka { max-message-batch-size = ${?TAG_BATCH_SIZE} flush-interval = 150ms flush-interval = ${?TAG_FLUSH_INTERVAL} + # read-profile = "akka-persistence-cassandra-profile-keyspaces" + # write-profile = "akka-persistence-cassandra-profile-keyspaces" + read-profile1 = ${?CASSANDRA_PROFILE} + write-profile = ${?CASSANDRA_PROFILE} } journal { keyspace = "hmda2_journal" @@ -46,12 +50,24 @@ akka { } datastax-java-driver { + + profiles { + akka-persistence-cassandra-profile { + # akka-persistence-cassandra-profile-keyspaces { + basic { + request.consistency = LOCAL_QUORUM + } + } + } + basic { contact-points = ["localhost:9042"] - contact-points = [${?CASSANDRA_CLUSTER_HOSTS}":9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] load-balancing-policy.local-datacenter = "datacenter1" load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false } + advanced { advanced.protocol { version = V4 @@ -64,7 +80,7 @@ datastax-java-driver { password = ${?CASSANDRA_CLUSTER_PASSWORD} } request-tracker { - class = RequestLogger + classes = [RequestLogger] logs { slow { threshold = 1 second @@ -82,17 +98,17 @@ kafka { idle-timeout = ${?KAFKA_IDLE_TIMEOUT} security.protocol="" security.protocol=${?KAFKA_SECURITY} - // ssl.truststore.location = "" - // ssl.truststore.location = ${?TRUSTSTORE_PATH} - // ssl.truststore.password = "" - // ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} - // ssl.endpoint = "" - // ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} + + # ssl.truststore.location = "" + # ssl.truststore.location = ${?TRUSTSTORE_PATH} + # ssl.truststore.password = "" + # ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} + # ssl.endpoint = "" + # ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} sasl.mechanism="AWS_MSK_IAM" - //sasl.mechanism=${?KAFKA_SASL_MECHANISM} + #sasl.mechanism=${?KAFKA_SASL_MECHANISM} sasl.jaas.config="software.amazon.msk.auth.iam.IAMLoginModule required;" - //sasl.jaas.config="{?KAFKA_SASL_JAAS_CONFIG}" + # sasl.jaas.config="{?KAFKA_SASL_JAAS_CONFIG}" sasl.client.callback.handler.class="software.amazon.msk.auth.iam.IAMClientCallbackHandler" - //sasl.client.callback.handler.class="{?KAFKA_SASL_CLASS}" -} - + #sasl.client.callback.handler.class="{?KAFKA_SASL_CLASS}" +} \ No newline at end of file diff --git a/hmda-analytics/src/main/resources/application.conf b/hmda-analytics/src/main/resources/application.conf index 63a40cbc03..e3064b84c5 100644 --- a/hmda-analytics/src/main/resources/application.conf +++ b/hmda-analytics/src/main/resources/application.conf @@ -1,4 +1,9 @@ -include "persistence.conf" +# Apache Cassandra with PlainTextAuthProvider + include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" akka { loglevel = info diff --git a/hmda/src/main/resources/application-kubernetes.conf b/hmda/src/main/resources/application-kubernetes.conf index 7351495c16..c4605329dc 100644 --- a/hmda/src/main/resources/application-kubernetes.conf +++ b/hmda/src/main/resources/application-kubernetes.conf @@ -1,4 +1,9 @@ +# Apache Cassandra with PlainTextAuthProvider include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" include "hmda.conf" include "cors.conf" diff --git a/hmda/src/main/resources/application.conf b/hmda/src/main/resources/application.conf index ac8629b3fd..72c09f1cfb 100644 --- a/hmda/src/main/resources/application.conf +++ b/hmda/src/main/resources/application.conf @@ -1,4 +1,10 @@ +# Apache Cassandra with PlainTextAuthProvider include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" + include "hmda.conf" include "cors.conf" include "edits.conf" diff --git a/irs-publisher/src/main/resources/application.conf b/irs-publisher/src/main/resources/application.conf index a0314d4b4c..92ba4c82e4 100644 --- a/irs-publisher/src/main/resources/application.conf +++ b/irs-publisher/src/main/resources/application.conf @@ -1,4 +1,9 @@ +# Apache Cassandra with PlainTextAuthProvider include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" akka { loglevel = info diff --git a/kubernetes/beta/hmda-platform/templates/deployment.yaml b/kubernetes/beta/hmda-platform/templates/deployment.yaml index 6052475ba7..a7f894f93c 100644 --- a/kubernetes/beta/hmda-platform/templates/deployment.yaml +++ b/kubernetes/beta/hmda-platform/templates/deployment.yaml @@ -30,6 +30,9 @@ spec: - name: tz-config hostPath: path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore serviceAccountName: {{ .Values.service.account.name }} containers: - name: {{ .Chart.Name }} @@ -37,6 +40,9 @@ spec: volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" resources: {{ toYaml .Values.resources | indent 12 }} securityContext: @@ -186,6 +192,13 @@ spec: key: cassandra.password - name: CASSANDRA_LOG_LEVEL value: {{ .Values.logs.cassandra }} + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: cassandra-truststore-password - name: KEYCLOAK_REALM_URL valueFrom: configMapKeyRef: @@ -206,6 +219,16 @@ spec: configMapKeyRef: name: kafka-configmap key: kafka.hosts + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-access-key-id + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-secret-access-key - name: HTTP_CENSUS_HOST valueFrom: configMapKeyRef: diff --git a/kubernetes/hmda-analytics/templates/deployment.yaml b/kubernetes/hmda-analytics/templates/deployment.yaml index d8842f18ed..1de32b5800 100644 --- a/kubernetes/hmda-analytics/templates/deployment.yaml +++ b/kubernetes/hmda-analytics/templates/deployment.yaml @@ -22,13 +22,19 @@ spec: volumes: - name: tz-config hostPath: - path: /usr/share/zoneinfo/America/New_York + path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false @@ -108,11 +114,28 @@ spec: secretKeyRef: name: cassandra-credentials key: cassandra.password + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: KAFKA_CLUSTER_HOSTS valueFrom: configMapKeyRef: name: kafka-configmap key: kafka.hosts + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-access-key-id + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-secret-access-key resources: {{ toYaml .Values.resources | indent 12 }} {{- with .Values.nodeSelector }} diff --git a/kubernetes/hmda-platform/README.md b/kubernetes/hmda-platform/README.md index 54b856d1c5..066f84ac36 100644 --- a/kubernetes/hmda-platform/README.md +++ b/kubernetes/hmda-platform/README.md @@ -1,14 +1,37 @@ Pre-requisites - [k8ssandra](https://k8ssandra.io/) +- [AWS Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/getting-started.ddl.html) - [Strimzi](https://strimzi.io/) - [Postresql](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) - [Keycloak](https://github.com/bitnami/charts/tree/main/bitnami/keycloak) - S3 Buckets +- Create keyscapes +``` +CREATE KEYSPACE IF NOT EXISTS hmda2_journal + WITH replication = {'class': 'SingleRegionStrategy'}; +CREATE KEYSPACE IF NOT EXISTS hmda2_snapshot + WITH replication = {'class': 'SingleRegionStrategy'}; +``` +- Create tables (after some modification, not all fields are supported) +https://github.com/cfpb/hmda-platform/blob/master/hmda-sql-doc/cassandra-scripts.txt +``` +cqlsh -u username -p passsword -f ../hmda-sql-doc/cassandra-scripts.txt +``` + Install - Add Secrets ``` -kubectl create secret generic cassandra-credentials --from-literal=cassandra.username= --from-literal=cassandra.password= +curl https://certs.secureserver.net/repository/sf-class2-root.crt -O +openssl x509 -outform der -in sf-class2-root.crt -out temp_file.der +keytool -import -alias cassandra -keystore cassandra_truststore.jks -file temp_file.der +... +Trust this certificate? [no]: yes +Certificate was added to keystore + +kubectl create secret generic cassandra-truststore --from-file=cassandra_truststore.jks +kubectl create secret generic cassandra-truststore-password --from-literal=password=XXXX +# kubectl create secret generic cassandra-credentials --from-literal=cassandra.username= --from-literal=cassandra.password= kubectl create secret generic inst-postgres-credentials --from-literal=username= --from-literal=password= --from-literal=host= --from-literal=url="jdbc:postgresql://postgresql:5432/hmda?user= &password= &sslmode=false" ``` - Add Configmap @@ -39,5 +62,7 @@ Delete helm uninstall hmda-platform kubectl delete secret cassandra-credentials kubectl delete secret inst-postgres-credentials +kubectl delete secret cassandra-truststore +kubectl delete secret cassandra-truststore-password kubectl delete -f https://github.com/cfpb/hmda-platform/tree/master/kubernetes/config-maps -``` +``` \ No newline at end of file diff --git a/kubernetes/hmda-platform/templates/deployment.yaml b/kubernetes/hmda-platform/templates/deployment.yaml index 4c1fde7662..2f2d9a8a5a 100644 --- a/kubernetes/hmda-platform/templates/deployment.yaml +++ b/kubernetes/hmda-platform/templates/deployment.yaml @@ -30,6 +30,9 @@ spec: - name: tz-config hostPath: path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore serviceAccountName: {{ .Values.service.account.name }} containers: - name: {{ .Chart.Name }} @@ -37,6 +40,9 @@ spec: volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" resources: {{ toYaml .Values.resources | indent 12 }} securityContext: @@ -186,6 +192,13 @@ spec: key: cassandra.password - name: CASSANDRA_LOG_LEVEL value: {{ .Values.logs.cassandra }} + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: KEYCLOAK_REALM_URL valueFrom: configMapKeyRef: @@ -206,6 +219,16 @@ spec: configMapKeyRef: name: kafka-configmap key: kafka.hosts + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-access-key-id + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-secret-access-key - name: HTTP_CENSUS_HOST valueFrom: configMapKeyRef: diff --git a/kubernetes/irs-publisher/templates/deployment.yaml b/kubernetes/irs-publisher/templates/deployment.yaml index 9ebc70ac22..b08c0f99cd 100644 --- a/kubernetes/irs-publisher/templates/deployment.yaml +++ b/kubernetes/irs-publisher/templates/deployment.yaml @@ -22,9 +22,17 @@ spec: app: {{ include "irs-publisher.name" . }} release: {{ .Release.Name }} spec: + volumes: + - name: cassandra-truststore + secret: + secretName: cassandra-truststore containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + volumeMounts: + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false @@ -73,6 +81,13 @@ spec: secretKeyRef: name: cassandra-credentials key: cassandra.password + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: BANK_FILTER_LIST valueFrom: configMapKeyRef: diff --git a/kubernetes/modified-lar/templates/deployment.yaml b/kubernetes/modified-lar/templates/deployment.yaml index 65a4e2f75d..47032b9c07 100644 --- a/kubernetes/modified-lar/templates/deployment.yaml +++ b/kubernetes/modified-lar/templates/deployment.yaml @@ -43,6 +43,9 @@ spec: - name: tz-config hostPath: path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore - emptyDir: {} name: jksfolder containers: @@ -51,6 +54,9 @@ spec: volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" - mountPath: /opt/java/openjdk/lib/security/ name: jksfolder securityContext: @@ -129,6 +135,13 @@ spec: secretKeyRef: name: cassandra-credentials key: cassandra.password + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: KAFKA_CLUSTER_HOSTS valueFrom: configMapKeyRef: diff --git a/modified-lar/src/main/resources/application.conf b/modified-lar/src/main/resources/application.conf index 9525b561dd..04feaa1175 100644 --- a/modified-lar/src/main/resources/application.conf +++ b/modified-lar/src/main/resources/application.conf @@ -1,4 +1,9 @@ +# Apache Cassandra with PlainTextAuthProvider include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" akka { loglevel = info diff --git a/project/Dependencies.scala b/project/Dependencies.scala index b8432654fb..dd7bbc921f 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -83,9 +83,9 @@ object Dependencies { lazy val scalacheckShapeless = "com.github.alexarchambault" %% "scalacheck-shapeless_1.14" % Version.scalacheckShapeless % Test lazy val diffx = "com.softwaremill.diffx" %% "diffx-core" % Version.diffx % Test lazy val kubernetesApi = "io.kubernetes" % "client-java" % Version.kubernetesApi + lazy val keyspacedriver = "software.aws.mcs" % "aws-sigv4-auth-cassandra-java-driver-plugin" % "4.0.9" // https://mvnrepository.com/artifact/software.amazon.msk/aws-msk-iam-auth lazy val mskdriver = "software.amazon.msk" % "aws-msk-iam-auth" % "2.2.0" - // overriding the log4j-slf4j bridge used by spring, transitively brought in by s3mock // this is needed because of CVE-2021-44228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 lazy val log4jToSlf4j = "org.apache.logging.log4j" % "log4j-to-slf4j" % Version.log4j % Test