diff --git a/RELEASENOTES.md b/RELEASENOTES.md index f371972..323b05f 100644 --- a/RELEASENOTES.md +++ b/RELEASENOTES.md @@ -1,6 +1,6 @@ # Release-Notes -## Sprint 13 (19.06.2024 - 09.06.2024) +## Sprint 13 (19.06.2024 - 09.07.2024) ### Hinzugefügt - Tenant Credentials diff --git a/docs/README.md b/docs/README.md index a3e7563..6de76f1 100644 --- a/docs/README.md +++ b/docs/README.md @@ -95,19 +95,19 @@ Mit der Rest Ressource GET '.../filesInFolder?bucketName=bucket1&path=...&archiv ### Konfiguration Zur Konfiguration der Credentials der Buckets dient das Property ***mobidam.s3.bucket-credential-config***. -Dieses ist als Map gestaltet und enthält für jeden benannten Bucket die Namen von Umgebungsvariablen für Access-Key und Secret-Key: +Dieses ist als Map gestaltet und enthält die default Tenant-Credentials. Nach Bedarf können der Access-Key und Secret-Key für die einzelnen Buckets separat konfiguriert werden: ``` -x-itmkm82k: - access-key-env-var: MOBIDAM_BUCKET1_ACCESS_KEY - secret-key-env-var: MOBIDAM_BUCKET1_SECRET_KEY +tenant-default: + access-key-env-var: MOBIDAM_ACCESS_KEY + secret-key-env-var: MOBIDAM_SECRET_KEY int-mdasc-mdasdev: access-key-env-var: MOBIDAM_BUCKET2_ACCESS_KEY secret-key-env-var: MOBIDAM_BUCKET2_SECRET_KEY ``` Die Umgebungsvariablen müssen entsprechend in der Laufzeitumgebung bereitgestellt werden: ``` -MOBIDAM_BUCKET1_ACCESS_KEY= -MOBIDAM_BUCKET1_SECRET_KEY= +MOBIDAM_ACCESS_KEY= +MOBIDAM_SECRET_KEY= MOBIDAM_BUCKET2_ACCESS_KEY= MOBIDAM_BUCKET2_SECRET_KEY= ``` diff --git a/src/main/java/de/muenchen/mobidam/s3/S3CredentialProvider.java b/src/main/java/de/muenchen/mobidam/s3/S3CredentialProvider.java index 75c2f12..e39d793 100644 --- a/src/main/java/de/muenchen/mobidam/s3/S3CredentialProvider.java +++ b/src/main/java/de/muenchen/mobidam/s3/S3CredentialProvider.java @@ -22,6 +22,8 @@ @RequiredArgsConstructor public class S3CredentialProvider implements Processor { + private static final String TENANT_CONFIG = "tenant-default"; + private final S3BucketCredentialConfig properties; private final EnvironmentReader environmentReader; @@ -52,10 +54,18 @@ private S3BucketCredentialConfig.BucketCredentialConfig verifyCredentials(String Map map = properties.getBucketCredentialConfig(); S3BucketCredentialConfig.BucketCredentialConfig envVars = map.get(bucketName); if (envVars == null) { - exchange.getMessage() - .setBody(ErrorResponseBuilder.build(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Configuration for bucket not found: " + bucketName)); - throw new MobidamException("Configuration for bucket not found: " + bucketName); + envVars = tryTenantCredentials(map); + if (envVars == null) { + exchange.getMessage() + .setBody(ErrorResponseBuilder.build(HttpStatus.INTERNAL_SERVER_ERROR.value(), + "Configuration for bucket and tenant not found: " + bucketName)); + throw new MobidamException("Configuration for bucket and tenant not found: " + bucketName); + } } return envVars; } + + private S3BucketCredentialConfig.BucketCredentialConfig tryTenantCredentials(Map propertiesMap) { + return propertiesMap.get(TENANT_CONFIG); + } } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 0107a02..89becc5 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -23,19 +23,7 @@ mobidam: expiration: 30 s3: bucket-credential-config: - x-itmkm82k: - access-key-env-var: MOBIDAM_ACCESS_KEY - secret-key-env-var: MOBIDAM_SECRET_KEY - int-mdasc-mdasdev: - access-key-env-var: MOBIDAM_ACCESS_KEY - secret-key-env-var: MOBIDAM_SECRET_KEY - int-mdask-lapas: - access-key-env-var: MOBIDAM_ACCESS_KEY - secret-key-env-var: MOBIDAM_SECRET_KEY - int-mdask-kvutest: - access-key-env-var: MOBIDAM_ACCESS_KEY - secret-key-env-var: MOBIDAM_SECRET_KEY - int-mdask-bau: + tenant-default: access-key-env-var: MOBIDAM_ACCESS_KEY secret-key-env-var: MOBIDAM_SECRET_KEY int-pitprojektmdask-vespa: diff --git a/src/test/java/de/muenchen/mobidam/s3/S3BucketTest.java b/src/test/java/de/muenchen/mobidam/s3/S3BucketTest.java index dbe0870..be09598 100644 --- a/src/test/java/de/muenchen/mobidam/s3/S3BucketTest.java +++ b/src/test/java/de/muenchen/mobidam/s3/S3BucketTest.java @@ -120,7 +120,7 @@ public void test_RouteWithBucketNameParameterNotExist() { } @Test - public void test_RouteWithBucketNameNotFound() { + public void test_RouteWithBucketNameNotFoundAndTenantNotFound() { var s3Request = ExchangeBuilder.anExchange(camelContext) .withHeader(Constants.CAMEL_SERVLET_CONTEXT_PATH, Constants.CAMEL_SERVLET_CONTEXT_PATH_FILES_IN_FOLDER) @@ -129,7 +129,7 @@ public void test_RouteWithBucketNameNotFound() { var response = producer.send("{{camel.route.common}}", s3Request); var error = response.getIn().getBody(ErrorResponse.class); - Assertions.assertEquals("Configuration for bucket not found: foo", error.getError()); + Assertions.assertEquals("Bucket not configured: foo", error.getError()); Assertions.assertEquals(BigDecimal.valueOf(HttpStatus.INTERNAL_SERVER_ERROR.value()), error.getStatus()); } diff --git a/src/test/java/de/muenchen/mobidam/s3/S3PresignedUrlTest.java b/src/test/java/de/muenchen/mobidam/s3/S3PresignedUrlTest.java index cd764a0..06e9632 100644 --- a/src/test/java/de/muenchen/mobidam/s3/S3PresignedUrlTest.java +++ b/src/test/java/de/muenchen/mobidam/s3/S3PresignedUrlTest.java @@ -167,7 +167,7 @@ public void test_RouteWithPresignedUrlObjectNotExist() { } @Test - public void test_RouteWithPresignedUrlBucketNotExist() { + public void test_RouteWithPresignedUrlWithBucketAndTenantNotConfigured() { // Set S3 test-bucket content s3InitClient.putObject(PutObjectRequest.builder().bucket(TEST_BUCKET).key("File_1.csv").build(), @@ -181,7 +181,7 @@ public void test_RouteWithPresignedUrlBucketNotExist() { var response = producer.send("{{camel.route.common}}", s3Request); var error = response.getIn().getBody(ErrorResponse.class); - Assertions.assertEquals("Configuration for bucket not found: BucketNotExist", error.getError()); + Assertions.assertEquals("Bucket not configured: BucketNotExist", error.getError()); Assertions.assertEquals(BigDecimal.valueOf(500), error.getStatus()); } diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml index cbfcf70..47f4c87 100644 --- a/src/test/resources/application.yml +++ b/src/test/resources/application.yml @@ -40,6 +40,9 @@ mobidam: expiration: 30 s3: bucket-credential-config: + tenant-default: + access-key-env-var: MOBIDAM_ACCESS_KEY + secret-key-env-var: MOBIDAM_SECRET_KEY test-bucket: access-key-env-var: FOO_ACCESS_KEY secret-key-env-var: FOO_SECRET_KEY \ No newline at end of file