diff options
7 files changed, 96 insertions, 10 deletions
diff --git a/config/grootstream.yaml b/config/grootstream.yaml index e01fda3..d78376d 100644 --- a/config/grootstream.yaml +++ b/config/grootstream.yaml @@ -11,6 +11,21 @@ grootstream: files: - 64af7077-eb9b-4b8f-80cf-2ceebc89bea9 - 004390bc-3135-4a6f-a492-3662ecb9e289 + kms: + local: + type: local + vault: + type: vault + url: <vault-url> + token: <vault-token> + key_path: <vault-key-path> + + ssl: + disabled: true + cert_path: ./config/ssl/cert.pem + private_key_path: ./config/ssl/key.pem + + properties: hos.path: http://192.168.44.12:9098/hos hos.bucket.name.traffic_file: traffic_file_bucket diff --git a/docs/grootstream-design-cn.md b/docs/grootstream-design-cn.md index e9b6fa6..253f95d 100644 --- a/docs/grootstream-design-cn.md +++ b/docs/grootstream-design-cn.md @@ -115,7 +115,12 @@ grootstream: type: vault url: <vault-url> token: <vault-token> - keyPath: <vault-key-path> + default_key_path: <default-vault-key-path> + plugin_key_path: <plugin-vault-key-path> + ssl: + disabled: true + cert_path: <certificate-path> + private_key_path: <private-key-path> properties: # 用户自定义属性的支持从函数中获取,使用方式见函数定义 hos.path: http://127.0.0.1:9093 @@ -124,11 +129,12 @@ grootstream: scheduler.knowledge_base.update.interval.minutes: 1 #知识库文件定时更新时间 ``` -| 属性名 | 必填 | 默认值 | 类型 | 描述 | -|----------------|----|-----|--------------------|----------------------------------------| -| knowledge_base | Y | - | Object | 知识库配置 | -| kms | N | - | Object | kms (key management system, 密钥管理系统) 配置 | -| properties | N | - | Map(String,Object) | 自定义属性配置:key-value 格式 | +| 属性名 | 必填 | 默认值 | 类型 | 描述 | +| -------------- | ---- | ------ | ------------------ | ---------------------------------------------- | +| knowledge_base | Y | - | Object | 知识库配置 | +| kms | N | - | Object | kms (key management system, 密钥管理系统) 配置 | +| tls | N | - | Object | 客户端启用SSL双向认证 | +| properties | N | - | Map(String,Object) | 自定义属性配置:key-value 格式 | @@ -1606,7 +1612,7 @@ Example 2: 会话日志字段encapsulation(JsonString格式)嵌套结构进行� Parameters: -- secret = `<string>` 用于生成MAC的密钥。 +- secret_key = `<string>` 用于生成MAC的密钥。 - algorithm= `<string>` 用于生成MAC的HASH算法。默认是`sha256` - output_format = `<string>` 输出MAC的格式。默认为`'hex'` 。支持:`base64` | `hex `。 @@ -1803,8 +1809,6 @@ Parameters precision: 2 ``` - #### - #### Number Sum 在时间窗口内对指定数字类型字段进行求和:支持 int,long,double,float类型。 @@ -2072,7 +2076,7 @@ Parameters: [CN函数库](https://docs.geedge.net/pages/viewpage.action?pageId=129087866) -用户自定义插件 +用户自定义插件(IN Progress) | 名称 | 描述 | 类型 | 必填 | 约束 | |----------------------|---------|---------------|----|---------| diff --git a/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfig.java b/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfig.java index 5212137..aeda71d 100644 --- a/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfig.java +++ b/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfig.java @@ -18,6 +18,8 @@ public class CommonConfig implements Serializable { private Map<String,KmsConfig> kmsConfig = CommonConfigOptions.KMS.defaultValue(); + private SSLConfig sslConfig = CommonConfigOptions.SSL.defaultValue(); + private Map<String,String> propertiesConfig = CommonConfigOptions.PROPERTIES.defaultValue(); public void setKnowledgeBaseConfig(List<KnowledgeBaseConfig> knowledgeBaseConfig) { @@ -30,6 +32,11 @@ public class CommonConfig implements Serializable { this.kmsConfig = kmsConfig; } + public void setSslConfig(SSLConfig sslConfig) { + checkNotNull(sslConfig, CommonConfigOptions.SSL + " sslConfig should not be null"); + this.sslConfig = sslConfig; + } + diff --git a/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigDomProcessor.java b/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigDomProcessor.java index 4a3425d..249033d 100644 --- a/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigDomProcessor.java +++ b/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigDomProcessor.java @@ -30,6 +30,8 @@ public class CommonConfigDomProcessor extends AbstractDomConfigProcessor { commonConfig.setKnowledgeBaseConfig(parseKnowledgeBaseConfig(node)); } else if (CommonConfigOptions.KMS.key().equals(name)) { commonConfig.setKmsConfig(parseKmsConfig(node)); + } else if (CommonConfigOptions.SSL.key().equals(name)) { + commonConfig.setSslConfig(parseSSLConfig(node)); } else if (CommonConfigOptions.PROPERTIES.key().equals(name)) { commonConfig.setPropertiesConfig(parsePropertiesConfig(node)); } else { @@ -82,6 +84,23 @@ public class CommonConfigDomProcessor extends AbstractDomConfigProcessor { return knowledgeBaseConfig; } + private SSLConfig parseSSLConfig (Node sslRootNode) { + SSLConfig sslConfig = new SSLConfig(); + for (Node node : childElements(sslRootNode)) { + String name = cleanNodeName(node); + if (CommonConfigOptions.SSL_DISABLED.key().equals(name)) { + sslConfig.setDisabled(getBooleanValue(getTextContent(node))); + } else if (CommonConfigOptions.SSL_CERT_PATH.key().equals(name)) { + sslConfig.setCertPath(getTextContent(node)); + } else if (CommonConfigOptions.SSL_PRIVATE_KEY_PATH.key().equals(name)) { + sslConfig.setPrivateKeyPath(getTextContent(node)); + } else { + log.warn("Unrecognized SSL configuration element: {}", name); + } + } + return sslConfig; + } + private Map<String, KmsConfig> parseKmsConfig(Node kmsRootNode) { Map<String, KmsConfig> kmsConfigMap = new HashMap<>(); for (Node node : childElements(kmsRootNode)) { diff --git a/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigOptions.java b/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigOptions.java index 701ffc3..48a99ba 100644 --- a/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigOptions.java +++ b/groot-common/src/main/java/com/geedgenetworks/common/config/CommonConfigOptions.java @@ -83,6 +83,25 @@ public class CommonConfigOptions { .defaultValue("") .withDescription("The key path of KMS."); + public static final Option<SSLConfig> SSL = Options.key("ssl") + .type(new TypeReference<SSLConfig>() {}) + .noDefaultValue() + .withDescription("The ssl configuration."); + + public static final Option<Boolean> SSL_DISABLED = Options.key("disabled") + .booleanType() + .defaultValue(true) + .withDescription("The disabled flag of the configuration."); + + public static final Option<String> SSL_CERT_PATH = Options.key("cert_path") + .stringType() + .defaultValue("") + .withDescription("The certificate path of the configuration."); + + public static final Option<String> SSL_PRIVATE_KEY_PATH = Options.key("private_key_path") + .stringType() + .defaultValue("") + .withDescription("The private key path of the configuration."); diff --git a/groot-common/src/main/java/com/geedgenetworks/common/config/SSLConfig.java b/groot-common/src/main/java/com/geedgenetworks/common/config/SSLConfig.java new file mode 100644 index 0000000..0759711 --- /dev/null +++ b/groot-common/src/main/java/com/geedgenetworks/common/config/SSLConfig.java @@ -0,0 +1,17 @@ +package com.geedgenetworks.common.config; + +import lombok.Data; + +import java.io.Serializable; + +@Data +public class SSLConfig implements Serializable { + + private Boolean disabled = CommonConfigOptions.SSL_DISABLED.defaultValue(); + + private String certPath = CommonConfigOptions.SSL_CERT_PATH.defaultValue(); + + private String privateKeyPath = CommonConfigOptions.SSL_PRIVATE_KEY_PATH.defaultValue(); + + +} diff --git a/groot-examples/end-to-end-example/src/main/resources/grootstream.yaml b/groot-examples/end-to-end-example/src/main/resources/grootstream.yaml index cc670b7..20c71f5 100644 --- a/groot-examples/end-to-end-example/src/main/resources/grootstream.yaml +++ b/groot-examples/end-to-end-example/src/main/resources/grootstream.yaml @@ -19,6 +19,11 @@ grootstream: token: <vault-token> key_path: <vault-key-path> + ssl: + disabled: false + cert_path: ./config/ssl/cert.pem + private_key_path: ./config/ssl/key.pem + properties: hos.path: http://192.168.44.12:9098/hos hos.bucket.name.traffic_file: traffic_file_bucket |