From 5686780dbfbb529acc1e63e5fce2f71f506886cc Mon Sep 17 00:00:00 2001 From: bhargav joshi Date: Wed, 23 Oct 2024 12:34:19 -0400 Subject: [PATCH 01/13] aws keyspace configs for dev hmda-platform --- .../main/resources/persistence-keyspace.conf | 109 ++++++++++++++++++ common/src/main/resources/persistence.conf | 31 ++++- .../scala/hmda/auth/OAuth2Authorization.scala | 2 +- .../resources/application-dev-keyspace.conf | 13 +++ hmda/src/main/resources/application-dev.conf | 1 + hmda/src/main/resources/application.conf | 17 ++- hmda/src/main/scala/hmda/HmdaPlatform.scala | 5 +- 7 files changed, 169 insertions(+), 9 deletions(-) create mode 100644 common/src/main/resources/persistence-keyspace.conf create mode 100644 hmda/src/main/resources/application-dev-keyspace.conf diff --git a/common/src/main/resources/persistence-keyspace.conf b/common/src/main/resources/persistence-keyspace.conf new file mode 100644 index 0000000000..cf3f00227e --- /dev/null +++ b/common/src/main/resources/persistence-keyspace.conf @@ -0,0 +1,109 @@ +include "serialization.conf" + +akka { + + persistence { + journal.plugin = "akka.persistence.cassandra.journal" + snapshot-store.plugin = "akka.persistence.cassandra.snapshot" + + query { + journal.id = "akka.persistence.cassandra.query" + } + + cassandra { + events-by-tag { + max-message-batch-size = 30 + max-message-batch-size = ${?TAG_BATCH_SIZE} + flush-interval = 150ms + flush-interval = ${?TAG_FLUSH_INTERVAL} + } + journal { + keyspace = "hmda2_journal" + keyspace = ${?CASSANDRA_JOURNAL_KEYSPACE} + table = "journal" + events-by-tag.max-message-batch-size = 30 + events-by-tag.max-message-batch-size = ${?TAG_BATCH_SIZE} + events-by-tag.flush-interval = 150ms + events-by-tag.flush-interval = ${?TAG_FLUSH_INTERVAL} + } + query { + # reference: https://github.com/akka/akka-persistence-cassandra/blob/v0.101/core/src/main/resources/reference.conf + # Sequence numbers for a persistenceId is assumed to be monotonically increasing + # without gaps. That is used for detecting missing events. + # In early versions of the journal that might not be true and therefore + # this can be relaxed by setting this property to off. + gap-free-sequence-numbers = off + } + snapshot { + keyspace = "hmda2_snapshot" + keyspace = ${?CASSANDRA_SNAPSHOT_KEYSPACE} + table = "snapshot" + } + } + } + + +} + +datastax-java-driver { + + profiles { + akka-persistence-cassandra-profile { + basic { + request.consistency = LOCAL_QUORUM + } + } + } + + basic { + contact-points = ["localhost:9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false + request.consistency = LOCAL_QUORUM + } + + advanced { + advanced.protocol { + version = V4 + } + auth-provider { + class = PlainTextAuthProvider + username = "" + username = ${?CASSANDRA_CLUSTER_USERNAME} + password = "" + password = ${?CASSANDRA_CLUSTER_PASSWORD} + } + request-tracker { + classes = [RequestLogger] + logs { + slow { + threshold = 1 second + enabled = true + } + } + } + ssl-engine-factory { + class = DefaultSslEngineFactory + truststore-path = ${?CASSANDRA_TRUSTSTORE_FILE} + truststore-password = ${?CASSANDRA_TRUSTSTORE_PASSWORD} + hostname-validation = false + } + } +} + +kafka { + hosts = "localhost:9092" + hosts = ${?KAFKA_CLUSTER_HOSTS} + idle-timeout = 5 + idle-timeout = ${?KAFKA_IDLE_TIMEOUT} + security.protocol="" + security.protocol=${?KAFKA_SECURITY} + ssl.truststore.location = "" + ssl.truststore.location = ${?TRUSTSTORE_PATH} + ssl.truststore.password = "" + ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} + ssl.endpoint = "" + ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} +} \ No newline at end of file diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index cafed4125f..c71c1e2a1b 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -16,6 +16,10 @@ akka { max-message-batch-size = ${?TAG_BATCH_SIZE} flush-interval = 150ms flush-interval = ${?TAG_FLUSH_INTERVAL} + // read-profile = "akka-persistence-cassandra-profile-keyspaces" + // write-profile = "akka-persistence-cassandra-profile-keyspaces" + // read-profile1 = ${?CASSANDRA_PROFILE} + // write-profile = ${?CASSANDRA_PROFILE} } journal { keyspace = "hmda2_journal" @@ -46,13 +50,26 @@ akka { } datastax-java-driver { + + profiles { + akka-persistence-cassandra-profile { + // akka-persistence-cassandra-profile-keyspaces { + basic { + request.consistency = LOCAL_QUORUM + } + } + } + basic { - contact-points = ["localhost:9042"] - contact-points = [${?CASSANDRA_CLUSTER_HOSTS}":9042"] - load-balancing-policy.local-datacenter = "datacenter1" - load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + contact-points = ["localhost:9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false } + advanced { + advanced.protocol { version = V4 } @@ -64,7 +81,7 @@ datastax-java-driver { password = ${?CASSANDRA_CLUSTER_PASSWORD} } request-tracker { - class = RequestLogger + classes = [RequestLogger] logs { slow { threshold = 1 second @@ -72,7 +89,9 @@ datastax-java-driver { } } } + } + } kafka { @@ -88,4 +107,4 @@ kafka { ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} ssl.endpoint = "" ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} -} +} \ No newline at end of file diff --git a/common/src/main/scala/hmda/auth/OAuth2Authorization.scala b/common/src/main/scala/hmda/auth/OAuth2Authorization.scala index 667bcc4f0e..1679dc557d 100644 --- a/common/src/main/scala/hmda/auth/OAuth2Authorization.scala +++ b/common/src/main/scala/hmda/auth/OAuth2Authorization.scala @@ -118,7 +118,7 @@ class OAuth2Authorization(logger: Logger, tokenVerifier: TokenVerifier) { } protected def withLocalModeBypass(thunk: => Directive1[VerifiedToken]): Directive1[VerifiedToken] = - if (runtimeMode == "dev" || runtimeMode == "docker-compose" || runtimeMode == "kind") { + if (runtimeMode == "dev" || runtimeMode == "dev-keyspace" || runtimeMode == "docker-compose" || runtimeMode == "kind") { provide(VerifiedToken()) } else { thunk } diff --git a/hmda/src/main/resources/application-dev-keyspace.conf b/hmda/src/main/resources/application-dev-keyspace.conf new file mode 100644 index 0000000000..84a6585078 --- /dev/null +++ b/hmda/src/main/resources/application-dev-keyspace.conf @@ -0,0 +1,13 @@ +include "application.conf" +include "persistence-keyspace.conf" + +APP_PORT = 2551 +APP_PORT = ${?APP_PORT} + +akka { + + cluster { + seed-nodes = ["akka://hmda2@127.0.0.1:"${APP_PORT}] + } + +} \ No newline at end of file diff --git a/hmda/src/main/resources/application-dev.conf b/hmda/src/main/resources/application-dev.conf index e3866274d1..f83a7c57d4 100644 --- a/hmda/src/main/resources/application-dev.conf +++ b/hmda/src/main/resources/application-dev.conf @@ -1,3 +1,4 @@ +include "persistence.conf" include "application.conf" diff --git a/hmda/src/main/resources/application.conf b/hmda/src/main/resources/application.conf index ac8629b3fd..040fbe33e8 100644 --- a/hmda/src/main/resources/application.conf +++ b/hmda/src/main/resources/application.conf @@ -1,4 +1,4 @@ -include "persistence.conf" +//include "persistence.conf" include "hmda.conf" include "cors.conf" include "edits.conf" @@ -144,4 +144,19 @@ cinnamon.prometheus { // runs on port 9009 exporters += http-server +} + +kafka { + hosts = "localhost:9092" + hosts = ${?KAFKA_CLUSTER_HOSTS} + idle-timeout = 5 + idle-timeout = ${?KAFKA_IDLE_TIMEOUT} + security.protocol="" + security.protocol=${?KAFKA_SECURITY} + ssl.truststore.location = "" + ssl.truststore.location = ${?TRUSTSTORE_PATH} + ssl.truststore.password = "" + ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} + ssl.endpoint = "" + ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} } \ No newline at end of file diff --git a/hmda/src/main/scala/hmda/HmdaPlatform.scala b/hmda/src/main/scala/hmda/HmdaPlatform.scala index 4d97b40a4b..93a7ec3e1f 100644 --- a/hmda/src/main/scala/hmda/HmdaPlatform.scala +++ b/hmda/src/main/scala/hmda/HmdaPlatform.scala @@ -55,6 +55,9 @@ object HmdaPlatform extends App { case "kind" => ConfigFactory.parseResources("application-kind.conf").resolve() + case "dev-keyspace" => + ConfigFactory.parseResources("application-dev-keyspace.conf").resolve() + case "kubernetes" => log.info(s"HOSTNAME: ${System.getenv("HOSTNAME")}") log.info(s"HOSTADDRESS: " + InetAddress.getLocalHost().getHostAddress()) @@ -77,7 +80,7 @@ object HmdaPlatform extends App { AkkaManagement(system).start() } - if (runtimeMode == "dev") { + if (runtimeMode == "dev" || runtimeMode == "dev-keyspace") { CassandraUtil.startEmbeddedCassandra() AkkaManagement(system).start() implicit val embeddedKafkaConfig: EmbeddedKafkaConfig = EmbeddedKafkaConfig( From b40145674e7a3a425066d4b327efb20ac57099ef Mon Sep 17 00:00:00 2001 From: zencircle Date: Wed, 30 Oct 2024 11:37:55 -0400 Subject: [PATCH 02/13] add profile back --- common/src/main/resources/persistence.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index c71c1e2a1b..700ac21dd2 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -18,8 +18,8 @@ akka { flush-interval = ${?TAG_FLUSH_INTERVAL} // read-profile = "akka-persistence-cassandra-profile-keyspaces" // write-profile = "akka-persistence-cassandra-profile-keyspaces" - // read-profile1 = ${?CASSANDRA_PROFILE} - // write-profile = ${?CASSANDRA_PROFILE} + read-profile1 = ${?CASSANDRA_PROFILE} + write-profile = ${?CASSANDRA_PROFILE} } journal { keyspace = "hmda2_journal" From b19db8afcecf7b8bf8f165d6e1d03a16bc7382d2 Mon Sep 17 00:00:00 2001 From: zencircle Date: Wed, 30 Oct 2024 16:28:27 -0400 Subject: [PATCH 03/13] add sigv4 config for dev --- build.sbt | 3 +- .../resources/persistence-keyspace-sigv4.conf | 108 ++++++++++++++++++ .../scala/hmda/auth/OAuth2Authorization.scala | 2 +- .../application-dev-keyspace-sigv4.conf | 13 +++ .../resources/application-dev-keyspace.conf | 2 +- hmda/src/main/scala/hmda/HmdaPlatform.scala | 5 +- project/Dependencies.scala | 1 + 7 files changed, 130 insertions(+), 4 deletions(-) create mode 100644 common/src/main/resources/persistence-keyspace-sigv4.conf create mode 100644 hmda/src/main/resources/application-dev-keyspace-sigv4.conf diff --git a/build.sbt b/build.sbt index e32debb50c..bff26308c5 100644 --- a/build.sbt +++ b/build.sbt @@ -46,6 +46,7 @@ lazy val akkaPersistenceDeps = akkaPersistenceQuery, akkaClusterShardingTyped, akkaPersistenceCassandra, + keyspacedriver, cassandraLauncher ) @@ -176,7 +177,7 @@ lazy val `hmda-platform` = (project in file("hmda")) val oldStrategy = (assembly / assemblyMergeStrategy).value oldStrategy(x) }, - reStart / envVars ++= Map("CASSANDRA_CLUSTER_HOSTS" -> "localhost", "APP_PORT" -> "2551"), +// reStart / envVars ++= Map("CASSANDRA_CLUSTER_HOSTS" -> "localhost", "APP_PORT" -> "2551"), ), dockerSettings, packageSettings diff --git a/common/src/main/resources/persistence-keyspace-sigv4.conf b/common/src/main/resources/persistence-keyspace-sigv4.conf new file mode 100644 index 0000000000..0a3e1b5426 --- /dev/null +++ b/common/src/main/resources/persistence-keyspace-sigv4.conf @@ -0,0 +1,108 @@ +include "serialization.conf" + +akka { + + persistence { + journal.plugin = "akka.persistence.cassandra.journal" + snapshot-store.plugin = "akka.persistence.cassandra.snapshot" + + query { + journal.id = "akka.persistence.cassandra.query" + } + + cassandra { + events-by-tag { + max-message-batch-size = 30 + max-message-batch-size = ${?TAG_BATCH_SIZE} + flush-interval = 150ms + flush-interval = ${?TAG_FLUSH_INTERVAL} + } + journal { + keyspace = "hmda2_journal" + keyspace = ${?CASSANDRA_JOURNAL_KEYSPACE} + table = "journal" + events-by-tag.max-message-batch-size = 30 + events-by-tag.max-message-batch-size = ${?TAG_BATCH_SIZE} + events-by-tag.flush-interval = 150ms + events-by-tag.flush-interval = ${?TAG_FLUSH_INTERVAL} + } + query { + # reference: https://github.com/akka/akka-persistence-cassandra/blob/v0.101/core/src/main/resources/reference.conf + # Sequence numbers for a persistenceId is assumed to be monotonically increasing + # without gaps. That is used for detecting missing events. + # In early versions of the journal that might not be true and therefore + # this can be relaxed by setting this property to off. + gap-free-sequence-numbers = off + } + snapshot { + keyspace = "hmda2_snapshot" + keyspace = ${?CASSANDRA_SNAPSHOT_KEYSPACE} + table = "snapshot" + } + } + } + + +} + +datastax-java-driver { + profiles { + akka-persistence-cassandra-profile { + basic { + request.consistency = LOCAL_QUORUM + } + } + } + basic { + contact-points = ["localhost:9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false + request.consistency = LOCAL_QUORUM + } + + + + advanced { + + advanced.protocol { + version = V4 + } + auth-provider { + class = software.aws.mcs.auth.SigV4AuthProvider + aws-region = "us-east-1" + } + request-tracker { + classes = [RequestLogger] + logs { + slow { + threshold = 1 second + enabled = true + } + } + } + ssl-engine-factory { + class = DefaultSslEngineFactory + truststore-path = ${?CASSANDRA_TRUSTSTORE_FILE} + truststore-password = ${?CASSANDRA_TRUSTSTORE_PASSWORD} + hostname-validation = false + } + + } +} + +kafka { + hosts = "localhost:9092" + hosts = ${?KAFKA_CLUSTER_HOSTS} + idle-timeout = 5 + idle-timeout = ${?KAFKA_IDLE_TIMEOUT} + security.protocol="" + security.protocol=${?KAFKA_SECURITY} + ssl.truststore.location = "" + ssl.truststore.location = ${?TRUSTSTORE_PATH} + ssl.truststore.password = "" + ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} + ssl.endpoint = "" + ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} +} \ No newline at end of file diff --git a/common/src/main/scala/hmda/auth/OAuth2Authorization.scala b/common/src/main/scala/hmda/auth/OAuth2Authorization.scala index 1679dc557d..549754ae94 100644 --- a/common/src/main/scala/hmda/auth/OAuth2Authorization.scala +++ b/common/src/main/scala/hmda/auth/OAuth2Authorization.scala @@ -118,7 +118,7 @@ class OAuth2Authorization(logger: Logger, tokenVerifier: TokenVerifier) { } protected def withLocalModeBypass(thunk: => Directive1[VerifiedToken]): Directive1[VerifiedToken] = - if (runtimeMode == "dev" || runtimeMode == "dev-keyspace" || runtimeMode == "docker-compose" || runtimeMode == "kind") { + if (runtimeMode == "dev" || runtimeMode == "dev-keyspace" || runtimeMode == "dev-keyspace-sigv4" || runtimeMode == "docker-compose" || runtimeMode == "kind") { provide(VerifiedToken()) } else { thunk } diff --git a/hmda/src/main/resources/application-dev-keyspace-sigv4.conf b/hmda/src/main/resources/application-dev-keyspace-sigv4.conf new file mode 100644 index 0000000000..1dcab5b4ec --- /dev/null +++ b/hmda/src/main/resources/application-dev-keyspace-sigv4.conf @@ -0,0 +1,13 @@ +include "application.conf" +include "persistence-keyspace-sigv4.conf" + +APP_PORT = 2551 +APP_PORT = ${?APP_PORT} + +akka { + + cluster { + seed-nodes = ["akka://hmda2@127.0.0.1:"${APP_PORT}] + } + +} \ No newline at end of file diff --git a/hmda/src/main/resources/application-dev-keyspace.conf b/hmda/src/main/resources/application-dev-keyspace.conf index 84a6585078..1dcab5b4ec 100644 --- a/hmda/src/main/resources/application-dev-keyspace.conf +++ b/hmda/src/main/resources/application-dev-keyspace.conf @@ -1,5 +1,5 @@ include "application.conf" -include "persistence-keyspace.conf" +include "persistence-keyspace-sigv4.conf" APP_PORT = 2551 APP_PORT = ${?APP_PORT} diff --git a/hmda/src/main/scala/hmda/HmdaPlatform.scala b/hmda/src/main/scala/hmda/HmdaPlatform.scala index 93a7ec3e1f..7e890d1dae 100644 --- a/hmda/src/main/scala/hmda/HmdaPlatform.scala +++ b/hmda/src/main/scala/hmda/HmdaPlatform.scala @@ -58,6 +58,9 @@ object HmdaPlatform extends App { case "dev-keyspace" => ConfigFactory.parseResources("application-dev-keyspace.conf").resolve() + case "dev-keyspace-sigv4" => + ConfigFactory.parseResources("application-dev-keyspace.conf").resolve() + case "kubernetes" => log.info(s"HOSTNAME: ${System.getenv("HOSTNAME")}") log.info(s"HOSTADDRESS: " + InetAddress.getLocalHost().getHostAddress()) @@ -80,7 +83,7 @@ object HmdaPlatform extends App { AkkaManagement(system).start() } - if (runtimeMode == "dev" || runtimeMode == "dev-keyspace") { + if (runtimeMode == "dev" || runtimeMode == "dev-keyspace" || runtimeMode == "dev-keyspace-sigv4") { CassandraUtil.startEmbeddedCassandra() AkkaManagement(system).start() implicit val embeddedKafkaConfig: EmbeddedKafkaConfig = EmbeddedKafkaConfig( diff --git a/project/Dependencies.scala b/project/Dependencies.scala index 8c0ad4617b..0cba661bb3 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -83,6 +83,7 @@ object Dependencies { lazy val scalacheckShapeless = "com.github.alexarchambault" %% "scalacheck-shapeless_1.14" % Version.scalacheckShapeless % Test lazy val diffx = "com.softwaremill.diffx" %% "diffx-core" % Version.diffx % Test lazy val kubernetesApi = "io.kubernetes" % "client-java" % Version.kubernetesApi + lazy val keyspacedriver = "software.aws.mcs" % "aws-sigv4-auth-cassandra-java-driver-plugin" % "4.0.9" // overriding the log4j-slf4j bridge used by spring, transitively brought in by s3mock // this is needed because of CVE-2021-44228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 From b2bfc39a87d557bb34f4fa6fc3088dacd5f175e7 Mon Sep 17 00:00:00 2001 From: zencircle Date: Fri, 1 Nov 2024 14:18:50 -0400 Subject: [PATCH 04/13] remove additional runtimes, add persistance files for keyspaces to analytics and modified-lar, make keyspaces default configs --- .../resources/application-dev-keyspace-sigv4.conf | 13 ------------- .../main/resources/application-dev-keyspace.conf | 13 ------------- 2 files changed, 26 deletions(-) delete mode 100644 hmda/src/main/resources/application-dev-keyspace-sigv4.conf delete mode 100644 hmda/src/main/resources/application-dev-keyspace.conf diff --git a/hmda/src/main/resources/application-dev-keyspace-sigv4.conf b/hmda/src/main/resources/application-dev-keyspace-sigv4.conf deleted file mode 100644 index 1dcab5b4ec..0000000000 --- a/hmda/src/main/resources/application-dev-keyspace-sigv4.conf +++ /dev/null @@ -1,13 +0,0 @@ -include "application.conf" -include "persistence-keyspace-sigv4.conf" - -APP_PORT = 2551 -APP_PORT = ${?APP_PORT} - -akka { - - cluster { - seed-nodes = ["akka://hmda2@127.0.0.1:"${APP_PORT}] - } - -} \ No newline at end of file diff --git a/hmda/src/main/resources/application-dev-keyspace.conf b/hmda/src/main/resources/application-dev-keyspace.conf deleted file mode 100644 index 1dcab5b4ec..0000000000 --- a/hmda/src/main/resources/application-dev-keyspace.conf +++ /dev/null @@ -1,13 +0,0 @@ -include "application.conf" -include "persistence-keyspace-sigv4.conf" - -APP_PORT = 2551 -APP_PORT = ${?APP_PORT} - -akka { - - cluster { - seed-nodes = ["akka://hmda2@127.0.0.1:"${APP_PORT}] - } - -} \ No newline at end of file From 6384d5313773f2ba4b19b54b563a2902d801b909 Mon Sep 17 00:00:00 2001 From: zencircle Date: Fri, 1 Nov 2024 14:22:35 -0400 Subject: [PATCH 05/13] remove additional runtimes, add persistance files for keyspaces to analytics and modified-lar, make keyspaces default configs --- .../scala/hmda/auth/OAuth2Authorization.scala | 2 +- .../src/main/resources/application.conf | 21 ++++++------------- hmda/src/main/resources/application-dev.conf | 1 - .../resources/application-kubernetes.conf | 7 ++++++- hmda/src/main/resources/application.conf | 6 ++++++ hmda/src/main/scala/hmda/HmdaPlatform.scala | 8 +------ .../src/main/resources/application.conf | 19 ++++++----------- 7 files changed, 26 insertions(+), 38 deletions(-) diff --git a/common/src/main/scala/hmda/auth/OAuth2Authorization.scala b/common/src/main/scala/hmda/auth/OAuth2Authorization.scala index 549754ae94..667bcc4f0e 100644 --- a/common/src/main/scala/hmda/auth/OAuth2Authorization.scala +++ b/common/src/main/scala/hmda/auth/OAuth2Authorization.scala @@ -118,7 +118,7 @@ class OAuth2Authorization(logger: Logger, tokenVerifier: TokenVerifier) { } protected def withLocalModeBypass(thunk: => Directive1[VerifiedToken]): Directive1[VerifiedToken] = - if (runtimeMode == "dev" || runtimeMode == "dev-keyspace" || runtimeMode == "dev-keyspace-sigv4" || runtimeMode == "docker-compose" || runtimeMode == "kind") { + if (runtimeMode == "dev" || runtimeMode == "docker-compose" || runtimeMode == "kind") { provide(VerifiedToken()) } else { thunk } diff --git a/hmda-analytics/src/main/resources/application.conf b/hmda-analytics/src/main/resources/application.conf index 3cc1f5c774..b526acfef2 100644 --- a/hmda-analytics/src/main/resources/application.conf +++ b/hmda-analytics/src/main/resources/application.conf @@ -1,4 +1,9 @@ -include "persistence.conf" +// Apache Cassandra with PlainTextAuthProvider +//include "persistence.conf" +// AWS Keyspace with PlainTextAuthProvider +//include "persistence-keyspace.conf" +// AWS Keyspace with SigV4AuthProvider +include "persistence-keyspace-sigv4.conf" akka { loglevel = info @@ -38,20 +43,6 @@ cassandra-snapshot-store { authentication.password = ${?CASSANDRA_CLUSTER_PASSWORD} } -kafka { - hosts = "localhost:9092" - hosts = ${?KAFKA_CLUSTER_HOSTS} - idle-timeout = 5 - idle-timeout = ${?KAFKA_IDLE_TIMEOUT} - ssl { - truststore.location="" - truststore.location = ${?KAFKA_SSL_LOCATION} - truststore.password="" - truststore.password = ${?KAFKA_SSL_PASSWORD} - endpoint="" - endpoint = ${?KAFKA_SSL_ENDPOINT} - } -} hmda { analytics { diff --git a/hmda/src/main/resources/application-dev.conf b/hmda/src/main/resources/application-dev.conf index f83a7c57d4..e3866274d1 100644 --- a/hmda/src/main/resources/application-dev.conf +++ b/hmda/src/main/resources/application-dev.conf @@ -1,4 +1,3 @@ -include "persistence.conf" include "application.conf" diff --git a/hmda/src/main/resources/application-kubernetes.conf b/hmda/src/main/resources/application-kubernetes.conf index 7351495c16..012af0b8e9 100644 --- a/hmda/src/main/resources/application-kubernetes.conf +++ b/hmda/src/main/resources/application-kubernetes.conf @@ -1,4 +1,9 @@ -include "persistence.conf" +// Apache Cassandra with PlainTextAuthProvider +//include "persistence.conf" +// AWS Keyspace with PlainTextAuthProvider +//include "persistence-keyspace.conf" +// AWS Keyspace with SigV4AuthProvider +include "persistence-keyspace-sigv4.conf" include "hmda.conf" include "cors.conf" diff --git a/hmda/src/main/resources/application.conf b/hmda/src/main/resources/application.conf index 040fbe33e8..8171f3f27f 100644 --- a/hmda/src/main/resources/application.conf +++ b/hmda/src/main/resources/application.conf @@ -1,4 +1,10 @@ +// Apache Cassandra with PlainTextAuthProvider //include "persistence.conf" +// AWS Keyspace with PlainTextAuthProvider +//include "persistence-keyspace.conf" +// AWS Keyspace with SigV4AuthProvider +include "persistence-keyspace-sigv4.conf" + include "hmda.conf" include "cors.conf" include "edits.conf" diff --git a/hmda/src/main/scala/hmda/HmdaPlatform.scala b/hmda/src/main/scala/hmda/HmdaPlatform.scala index 7e890d1dae..4d97b40a4b 100644 --- a/hmda/src/main/scala/hmda/HmdaPlatform.scala +++ b/hmda/src/main/scala/hmda/HmdaPlatform.scala @@ -55,12 +55,6 @@ object HmdaPlatform extends App { case "kind" => ConfigFactory.parseResources("application-kind.conf").resolve() - case "dev-keyspace" => - ConfigFactory.parseResources("application-dev-keyspace.conf").resolve() - - case "dev-keyspace-sigv4" => - ConfigFactory.parseResources("application-dev-keyspace.conf").resolve() - case "kubernetes" => log.info(s"HOSTNAME: ${System.getenv("HOSTNAME")}") log.info(s"HOSTADDRESS: " + InetAddress.getLocalHost().getHostAddress()) @@ -83,7 +77,7 @@ object HmdaPlatform extends App { AkkaManagement(system).start() } - if (runtimeMode == "dev" || runtimeMode == "dev-keyspace" || runtimeMode == "dev-keyspace-sigv4") { + if (runtimeMode == "dev") { CassandraUtil.startEmbeddedCassandra() AkkaManagement(system).start() implicit val embeddedKafkaConfig: EmbeddedKafkaConfig = EmbeddedKafkaConfig( diff --git a/modified-lar/src/main/resources/application.conf b/modified-lar/src/main/resources/application.conf index 10fbceb1a1..1e761fe3b5 100644 --- a/modified-lar/src/main/resources/application.conf +++ b/modified-lar/src/main/resources/application.conf @@ -1,4 +1,9 @@ -include "persistence.conf" +// Apache Cassandra with PlainTextAuthProvider +//include "persistence.conf" +// AWS Keyspace with PlainTextAuthProvider +//include "persistence-keyspace.conf" +// AWS Keyspace with SigV4AuthProvider +include "persistence-keyspace-sigv4.conf" akka { loglevel = info @@ -46,18 +51,6 @@ cassandra-snapshot-store { authentication.password = ${?CASSANDRA_CLUSTER_PASSWORD} } -kafka { - hosts = "localhost:9092" - hosts = ${?KAFKA_CLUSTER_HOSTS} - ssl { - truststore.location="" - truststore.location = ${?KAFKA_SSL_LOCATION} - truststore.password="" - truststore.password = ${?KAFKA_SSL_PASSWORD} - endpoint="" - endpoint = ${?KAFKA_SSL_ENDPOINT} - } -} aws { access-key-id = "" From 1e136ef1efcc7ea5ea83d4c22a032f19c2872490 Mon Sep 17 00:00:00 2001 From: zencircle Date: Tue, 5 Nov 2024 12:32:39 -0500 Subject: [PATCH 06/13] add irs-publisher application.conf with keyspace --- irs-publisher/src/main/resources/application.conf | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/irs-publisher/src/main/resources/application.conf b/irs-publisher/src/main/resources/application.conf index 3970bb53e6..557c61a189 100644 --- a/irs-publisher/src/main/resources/application.conf +++ b/irs-publisher/src/main/resources/application.conf @@ -1,4 +1,9 @@ -include "persistence.conf" +// Apache Cassandra with PlainTextAuthProvider +//include "persistence.conf" +// AWS Keyspace with PlainTextAuthProvider +//include "persistence-keyspace.conf" +// AWS Keyspace with SigV4AuthProvider +include "persistence-keyspace-sigv4.conf" akka { loglevel = info From 1cb59b94cd0bf85d32fe9270d4b93decbc801936 Mon Sep 17 00:00:00 2001 From: zencircle Date: Tue, 5 Nov 2024 14:30:37 -0500 Subject: [PATCH 07/13] removed the kafka configs that were part of runtime testing --- hmda/src/main/resources/application.conf | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/hmda/src/main/resources/application.conf b/hmda/src/main/resources/application.conf index 8171f3f27f..f2cdd3b726 100644 --- a/hmda/src/main/resources/application.conf +++ b/hmda/src/main/resources/application.conf @@ -150,19 +150,4 @@ cinnamon.prometheus { // runs on port 9009 exporters += http-server -} - -kafka { - hosts = "localhost:9092" - hosts = ${?KAFKA_CLUSTER_HOSTS} - idle-timeout = 5 - idle-timeout = ${?KAFKA_IDLE_TIMEOUT} - security.protocol="" - security.protocol=${?KAFKA_SECURITY} - ssl.truststore.location = "" - ssl.truststore.location = ${?TRUSTSTORE_PATH} - ssl.truststore.password = "" - ssl.truststore.password = ${?TRUSTSTORE_PASSWORD} - ssl.endpoint = "" - ssl.endpoint = ${?KAFKA_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG} } \ No newline at end of file From eac398c7ef9aa6a69bfcb99cabb82b83dd033846 Mon Sep 17 00:00:00 2001 From: zencircle Date: Tue, 5 Nov 2024 15:25:53 -0500 Subject: [PATCH 08/13] revert to earlier spacing and default profile --- common/src/main/resources/persistence.conf | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index 700ac21dd2..f1b9110ec1 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -16,8 +16,8 @@ akka { max-message-batch-size = ${?TAG_BATCH_SIZE} flush-interval = 150ms flush-interval = ${?TAG_FLUSH_INTERVAL} - // read-profile = "akka-persistence-cassandra-profile-keyspaces" - // write-profile = "akka-persistence-cassandra-profile-keyspaces" + read-profile = "akka-persistence-cassandra-profile-keyspaces" + write-profile = "akka-persistence-cassandra-profile-keyspaces" read-profile1 = ${?CASSANDRA_PROFILE} write-profile = ${?CASSANDRA_PROFILE} } @@ -61,15 +61,14 @@ datastax-java-driver { } basic { - contact-points = ["localhost:9042"] - contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] - load-balancing-policy.local-datacenter = "" - load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} - load-balancing-policy.slow-replica-avoidance = false + contact-points = ["localhost:9042"] + ontact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false } advanced { - advanced.protocol { version = V4 } @@ -89,9 +88,7 @@ datastax-java-driver { } } } - } - } kafka { From 046bc73243490bf34026987d85090bf63ad903a9 Mon Sep 17 00:00:00 2001 From: zencircle Date: Tue, 5 Nov 2024 15:29:40 -0500 Subject: [PATCH 09/13] revert to earlier spacing and default profile 2 --- common/src/main/resources/persistence.conf | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index f1b9110ec1..08e3639f50 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -16,8 +16,8 @@ akka { max-message-batch-size = ${?TAG_BATCH_SIZE} flush-interval = 150ms flush-interval = ${?TAG_FLUSH_INTERVAL} - read-profile = "akka-persistence-cassandra-profile-keyspaces" - write-profile = "akka-persistence-cassandra-profile-keyspaces" + // read-profile = "akka-persistence-cassandra-profile-keyspaces" + // write-profile = "akka-persistence-cassandra-profile-keyspaces" read-profile1 = ${?CASSANDRA_PROFILE} write-profile = ${?CASSANDRA_PROFILE} } @@ -61,11 +61,11 @@ datastax-java-driver { } basic { - contact-points = ["localhost:9042"] - ontact-points = [${?CASSANDRA_CLUSTER_HOSTS}] - load-balancing-policy.local-datacenter = "" - load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} - load-balancing-policy.slow-replica-avoidance = false + contact-points = ["localhost:9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} + load-balancing-policy.slow-replica-avoidance = false } advanced { From f809a51b36f75962c9b241eba08b93259d403eec Mon Sep 17 00:00:00 2001 From: zencircle Date: Tue, 5 Nov 2024 15:32:14 -0500 Subject: [PATCH 10/13] revert to earlier spacing and default profile 3 --- common/src/main/resources/persistence.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index 08e3639f50..9fb827423b 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -63,7 +63,7 @@ datastax-java-driver { basic { contact-points = ["localhost:9042"] contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] - load-balancing-policy.local-datacenter = "" + load-balancing-policy.local-datacenter = "datacenter1" load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} load-balancing-policy.slow-replica-avoidance = false } From 5af0648c4ef96b659e1abf82c0d40fef66f62d2e Mon Sep 17 00:00:00 2001 From: zencircle Date: Wed, 6 Nov 2024 15:39:30 -0500 Subject: [PATCH 11/13] keyspace related helm chart config updates --- .../hmda-platform/templates/deployment.yaml | 23 +++++++++++++++ .../hmda-analytics/templates/deployment.yaml | 25 +++++++++++++++- kubernetes/hmda-platform/README.md | 29 +++++++++++++++++-- .../hmda-platform/templates/deployment.yaml | 23 +++++++++++++++ .../irs-publisher/templates/deployment.yaml | 15 ++++++++++ .../modified-lar/templates/deployment.yaml | 13 +++++++++ 6 files changed, 125 insertions(+), 3 deletions(-) diff --git a/kubernetes/beta/hmda-platform/templates/deployment.yaml b/kubernetes/beta/hmda-platform/templates/deployment.yaml index 6052475ba7..a7f894f93c 100644 --- a/kubernetes/beta/hmda-platform/templates/deployment.yaml +++ b/kubernetes/beta/hmda-platform/templates/deployment.yaml @@ -30,6 +30,9 @@ spec: - name: tz-config hostPath: path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore serviceAccountName: {{ .Values.service.account.name }} containers: - name: {{ .Chart.Name }} @@ -37,6 +40,9 @@ spec: volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" resources: {{ toYaml .Values.resources | indent 12 }} securityContext: @@ -186,6 +192,13 @@ spec: key: cassandra.password - name: CASSANDRA_LOG_LEVEL value: {{ .Values.logs.cassandra }} + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: cassandra-truststore-password - name: KEYCLOAK_REALM_URL valueFrom: configMapKeyRef: @@ -206,6 +219,16 @@ spec: configMapKeyRef: name: kafka-configmap key: kafka.hosts + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-access-key-id + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-secret-access-key - name: HTTP_CENSUS_HOST valueFrom: configMapKeyRef: diff --git a/kubernetes/hmda-analytics/templates/deployment.yaml b/kubernetes/hmda-analytics/templates/deployment.yaml index d8842f18ed..1de32b5800 100644 --- a/kubernetes/hmda-analytics/templates/deployment.yaml +++ b/kubernetes/hmda-analytics/templates/deployment.yaml @@ -22,13 +22,19 @@ spec: volumes: - name: tz-config hostPath: - path: /usr/share/zoneinfo/America/New_York + path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false @@ -108,11 +114,28 @@ spec: secretKeyRef: name: cassandra-credentials key: cassandra.password + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: KAFKA_CLUSTER_HOSTS valueFrom: configMapKeyRef: name: kafka-configmap key: kafka.hosts + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-access-key-id + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-secret-access-key resources: {{ toYaml .Values.resources | indent 12 }} {{- with .Values.nodeSelector }} diff --git a/kubernetes/hmda-platform/README.md b/kubernetes/hmda-platform/README.md index 54b856d1c5..066f84ac36 100644 --- a/kubernetes/hmda-platform/README.md +++ b/kubernetes/hmda-platform/README.md @@ -1,14 +1,37 @@ Pre-requisites - [k8ssandra](https://k8ssandra.io/) +- [AWS Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/getting-started.ddl.html) - [Strimzi](https://strimzi.io/) - [Postresql](https://github.com/bitnami/charts/tree/main/bitnami/postgresql) - [Keycloak](https://github.com/bitnami/charts/tree/main/bitnami/keycloak) - S3 Buckets +- Create keyscapes +``` +CREATE KEYSPACE IF NOT EXISTS hmda2_journal + WITH replication = {'class': 'SingleRegionStrategy'}; +CREATE KEYSPACE IF NOT EXISTS hmda2_snapshot + WITH replication = {'class': 'SingleRegionStrategy'}; +``` +- Create tables (after some modification, not all fields are supported) +https://github.com/cfpb/hmda-platform/blob/master/hmda-sql-doc/cassandra-scripts.txt +``` +cqlsh -u username -p passsword -f ../hmda-sql-doc/cassandra-scripts.txt +``` + Install - Add Secrets ``` -kubectl create secret generic cassandra-credentials --from-literal=cassandra.username= --from-literal=cassandra.password= +curl https://certs.secureserver.net/repository/sf-class2-root.crt -O +openssl x509 -outform der -in sf-class2-root.crt -out temp_file.der +keytool -import -alias cassandra -keystore cassandra_truststore.jks -file temp_file.der +... +Trust this certificate? [no]: yes +Certificate was added to keystore + +kubectl create secret generic cassandra-truststore --from-file=cassandra_truststore.jks +kubectl create secret generic cassandra-truststore-password --from-literal=password=XXXX +# kubectl create secret generic cassandra-credentials --from-literal=cassandra.username= --from-literal=cassandra.password= kubectl create secret generic inst-postgres-credentials --from-literal=username= --from-literal=password= --from-literal=host= --from-literal=url="jdbc:postgresql://postgresql:5432/hmda?user= &password= &sslmode=false" ``` - Add Configmap @@ -39,5 +62,7 @@ Delete helm uninstall hmda-platform kubectl delete secret cassandra-credentials kubectl delete secret inst-postgres-credentials +kubectl delete secret cassandra-truststore +kubectl delete secret cassandra-truststore-password kubectl delete -f https://github.com/cfpb/hmda-platform/tree/master/kubernetes/config-maps -``` +``` \ No newline at end of file diff --git a/kubernetes/hmda-platform/templates/deployment.yaml b/kubernetes/hmda-platform/templates/deployment.yaml index 4c1fde7662..2f2d9a8a5a 100644 --- a/kubernetes/hmda-platform/templates/deployment.yaml +++ b/kubernetes/hmda-platform/templates/deployment.yaml @@ -30,6 +30,9 @@ spec: - name: tz-config hostPath: path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore serviceAccountName: {{ .Values.service.account.name }} containers: - name: {{ .Chart.Name }} @@ -37,6 +40,9 @@ spec: volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" resources: {{ toYaml .Values.resources | indent 12 }} securityContext: @@ -186,6 +192,13 @@ spec: key: cassandra.password - name: CASSANDRA_LOG_LEVEL value: {{ .Values.logs.cassandra }} + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: KEYCLOAK_REALM_URL valueFrom: configMapKeyRef: @@ -206,6 +219,16 @@ spec: configMapKeyRef: name: kafka-configmap key: kafka.hosts + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-access-key-id + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: aws-credentials + key: aws-secret-access-key - name: HTTP_CENSUS_HOST valueFrom: configMapKeyRef: diff --git a/kubernetes/irs-publisher/templates/deployment.yaml b/kubernetes/irs-publisher/templates/deployment.yaml index 9ebc70ac22..b08c0f99cd 100644 --- a/kubernetes/irs-publisher/templates/deployment.yaml +++ b/kubernetes/irs-publisher/templates/deployment.yaml @@ -22,9 +22,17 @@ spec: app: {{ include "irs-publisher.name" . }} release: {{ .Release.Name }} spec: + volumes: + - name: cassandra-truststore + secret: + secretName: cassandra-truststore containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + volumeMounts: + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false @@ -73,6 +81,13 @@ spec: secretKeyRef: name: cassandra-credentials key: cassandra.password + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: BANK_FILTER_LIST valueFrom: configMapKeyRef: diff --git a/kubernetes/modified-lar/templates/deployment.yaml b/kubernetes/modified-lar/templates/deployment.yaml index 426741282c..1ffac1e794 100644 --- a/kubernetes/modified-lar/templates/deployment.yaml +++ b/kubernetes/modified-lar/templates/deployment.yaml @@ -26,12 +26,18 @@ spec: - name: tz-config hostPath: path: /usr/share/zoneinfo/America/New_York + - name: cassandra-truststore + secret: + secretName: cassandra-truststore containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" volumeMounts: - name: tz-config mountPath: /etc/localtime + - name: cassandra-truststore + readOnly: true + mountPath: "/opt/cassandra_truststore" securityContext: readOnlyRootFilesystem: true allowPrivilegeEscalation: false @@ -104,6 +110,13 @@ spec: secretKeyRef: name: cassandra-credentials key: cassandra.password + - name: CASSANDRA_TRUSTSTORE_FILE + value: "/opt/cassandra_truststore/cassandra_truststore.jks" + - name: CASSANDRA_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: cassandra-truststore-password + key: password - name: KAFKA_CLUSTER_HOSTS valueFrom: configMapKeyRef: From 9c8436681fc3e43c05b4640d68695c54115cd9ac Mon Sep 17 00:00:00 2001 From: PatrickGoRaft Date: Fri, 31 Jan 2025 11:15:50 -0500 Subject: [PATCH 12/13] updates to support cassandra and keyspaces at the same time --- build.sbt | 2 +- common/src/main/resources/persistence.conf | 2 +- hmda-analytics/src/main/resources/application.conf | 12 ++++++------ hmda/src/main/resources/application-kubernetes.conf | 12 ++++++------ hmda/src/main/resources/application.conf | 12 ++++++------ irs-publisher/src/main/resources/application.conf | 12 ++++++------ modified-lar/src/main/resources/application.conf | 12 ++++++------ 7 files changed, 32 insertions(+), 32 deletions(-) diff --git a/build.sbt b/build.sbt index 3ef96d8ba6..52d68b88df 100644 --- a/build.sbt +++ b/build.sbt @@ -181,7 +181,7 @@ lazy val `hmda-platform` = (project in file("hmda")) val oldStrategy = (assembly / assemblyMergeStrategy).value oldStrategy(x) }, -// reStart / envVars ++= Map("CASSANDRA_CLUSTER_HOSTS" -> "localhost", "APP_PORT" -> "2551"), + reStart / envVars ++= Map("CASSANDRA_CLUSTER_HOSTS" -> "localhost", "APP_PORT" -> "2551"), ), dockerSettings, packageSettings diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index fab98d2e30..97e2013655 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -62,7 +62,7 @@ datastax-java-driver { basic { contact-points = ["localhost:9042"] - contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}":9042"] load-balancing-policy.local-datacenter = "datacenter1" load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} load-balancing-policy.slow-replica-avoidance = false diff --git a/hmda-analytics/src/main/resources/application.conf b/hmda-analytics/src/main/resources/application.conf index a6108ac8e3..f9f68dca5b 100644 --- a/hmda-analytics/src/main/resources/application.conf +++ b/hmda-analytics/src/main/resources/application.conf @@ -1,9 +1,9 @@ -// Apache Cassandra with PlainTextAuthProvider -//include "persistence.conf" -// AWS Keyspace with PlainTextAuthProvider -//include "persistence-keyspace.conf" -// AWS Keyspace with SigV4AuthProvider -include "persistence-keyspace-sigv4.conf" +# Apache Cassandra with PlainTextAuthProvider +#include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" akka { loglevel = info diff --git a/hmda/src/main/resources/application-kubernetes.conf b/hmda/src/main/resources/application-kubernetes.conf index 012af0b8e9..c4605329dc 100644 --- a/hmda/src/main/resources/application-kubernetes.conf +++ b/hmda/src/main/resources/application-kubernetes.conf @@ -1,9 +1,9 @@ -// Apache Cassandra with PlainTextAuthProvider -//include "persistence.conf" -// AWS Keyspace with PlainTextAuthProvider -//include "persistence-keyspace.conf" -// AWS Keyspace with SigV4AuthProvider -include "persistence-keyspace-sigv4.conf" +# Apache Cassandra with PlainTextAuthProvider +include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" include "hmda.conf" include "cors.conf" diff --git a/hmda/src/main/resources/application.conf b/hmda/src/main/resources/application.conf index f2cdd3b726..72c09f1cfb 100644 --- a/hmda/src/main/resources/application.conf +++ b/hmda/src/main/resources/application.conf @@ -1,9 +1,9 @@ -// Apache Cassandra with PlainTextAuthProvider -//include "persistence.conf" -// AWS Keyspace with PlainTextAuthProvider -//include "persistence-keyspace.conf" -// AWS Keyspace with SigV4AuthProvider -include "persistence-keyspace-sigv4.conf" +# Apache Cassandra with PlainTextAuthProvider +include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" include "hmda.conf" include "cors.conf" diff --git a/irs-publisher/src/main/resources/application.conf b/irs-publisher/src/main/resources/application.conf index 460e1e7159..92ba4c82e4 100644 --- a/irs-publisher/src/main/resources/application.conf +++ b/irs-publisher/src/main/resources/application.conf @@ -1,9 +1,9 @@ -// Apache Cassandra with PlainTextAuthProvider -//include "persistence.conf" -// AWS Keyspace with PlainTextAuthProvider -//include "persistence-keyspace.conf" -// AWS Keyspace with SigV4AuthProvider -include "persistence-keyspace-sigv4.conf" +# Apache Cassandra with PlainTextAuthProvider +include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" akka { loglevel = info diff --git a/modified-lar/src/main/resources/application.conf b/modified-lar/src/main/resources/application.conf index bcb930a4e4..ee539dd258 100644 --- a/modified-lar/src/main/resources/application.conf +++ b/modified-lar/src/main/resources/application.conf @@ -1,9 +1,9 @@ -// Apache Cassandra with PlainTextAuthProvider -//include "persistence.conf" -// AWS Keyspace with PlainTextAuthProvider -//include "persistence-keyspace.conf" -// AWS Keyspace with SigV4AuthProvider -include "persistence-keyspace-sigv4.conf" +# Apache Cassandra with PlainTextAuthProvider + include "persistence.conf" +# AWS Keyspace with PlainTextAuthProvider +# include "persistence-keyspace.conf" +# AWS Keyspace with SigV4AuthProvider +# include "persistence-keyspace-sigv4.conf" akka { loglevel = info From 042d87bfa8cff49de738b6e439ac9b01c7ff16cf Mon Sep 17 00:00:00 2001 From: PatrickGoRaft Date: Fri, 31 Jan 2025 13:27:09 -0500 Subject: [PATCH 13/13] updates to support cassandra and keyspaces at the same time --- common/src/main/resources/persistence.conf | 2 +- hmda-analytics/src/main/resources/application.conf | 2 +- modified-lar/src/main/resources/application.conf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/common/src/main/resources/persistence.conf b/common/src/main/resources/persistence.conf index 97e2013655..fab98d2e30 100644 --- a/common/src/main/resources/persistence.conf +++ b/common/src/main/resources/persistence.conf @@ -62,7 +62,7 @@ datastax-java-driver { basic { contact-points = ["localhost:9042"] - contact-points = [${?CASSANDRA_CLUSTER_HOSTS}":9042"] + contact-points = [${?CASSANDRA_CLUSTER_HOSTS}] load-balancing-policy.local-datacenter = "datacenter1" load-balancing-policy.local-datacenter = ${?CASSANDRA_CLUSTER_DC} load-balancing-policy.slow-replica-avoidance = false diff --git a/hmda-analytics/src/main/resources/application.conf b/hmda-analytics/src/main/resources/application.conf index f9f68dca5b..e3064b84c5 100644 --- a/hmda-analytics/src/main/resources/application.conf +++ b/hmda-analytics/src/main/resources/application.conf @@ -1,5 +1,5 @@ # Apache Cassandra with PlainTextAuthProvider -#include "persistence.conf" + include "persistence.conf" # AWS Keyspace with PlainTextAuthProvider # include "persistence-keyspace.conf" # AWS Keyspace with SigV4AuthProvider diff --git a/modified-lar/src/main/resources/application.conf b/modified-lar/src/main/resources/application.conf index ee539dd258..04feaa1175 100644 --- a/modified-lar/src/main/resources/application.conf +++ b/modified-lar/src/main/resources/application.conf @@ -1,5 +1,5 @@ # Apache Cassandra with PlainTextAuthProvider - include "persistence.conf" +include "persistence.conf" # AWS Keyspace with PlainTextAuthProvider # include "persistence-keyspace.conf" # AWS Keyspace with SigV4AuthProvider