Merge pull request #2303 from sgayangi/choreo-analytics

Add secret for choreo analytics URL and token
wso2 · Apr 8, 2024 · 91f833d · 91f833d
2 parents 48f9e5b + 4704c2d
commit 91f833d
Show file tree

Hide file tree

Showing 8 changed files with 81 additions and 29 deletions.
diff --git a/...cs.publishers/src/main/java/org/wso2/apk/enforcer/analytics/publisher/util/Constants.java b/...cs.publishers/src/main/java/org/wso2/apk/enforcer/analytics/publisher/util/Constants.java
@@ -66,8 +66,9 @@ public class Constants {
     public static final String FAULT_EVENT_TYPE = "fault";
 
     //Reporter config properties
-    public static final String AUTH_API_URL = "auth.api.url";
-    public static final String AUTH_API_TOKEN = "auth.api.token";
+    public static final String AUTH_API_URL = "authURL";
+    public static final String AUTH_API_TOKEN = "authToken";
+    public static final String MOESIF_TOKEN = "moesifToken";
 
     //Proxy configs
     public static final String PROXY_ENABLE = "proxy_config_enable";

diff --git a/...g.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/AnalyticsConstants.java b/...g.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/analytics/AnalyticsConstants.java
@@ -27,8 +27,6 @@ public class AnalyticsConstants {
     protected static final String IS_CHOREO_DEPLOYMENT_CONFIG_KEY = "isChoreoDeployment";
     protected static final String TYPE_CONFIG_KEY = "type";
     protected static final String PUBLISHER_REPORTER_CLASS_CONFIG_KEY = "publisher.reporter.class";
-    public static final String AUTH_URL_CONFIG_KEY = "authURL";
-    public static final String AUTH_TOKEN_CONFIG_KEY = "authToken";
 
     public static final String RESPONSE_SCHEMA = "RESPONSE";
     public static final String ERROR_SCHEMA = "ERROR";

diff --git a/...forcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/config/ConfigHolder.java b/...forcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/config/ConfigHolder.java
@@ -434,6 +434,17 @@ private void populateAnalyticsConfig(Analytics analyticsConfig) {
             for (Map.Entry<String, String> config : configPropertiesMap.entrySet()) {
                 resolvedConfigMap.put(config.getKey(), getEnvValue(config.getValue()).toString());
             }
+            String authURL = envVarConfig.getChoreoAnalyticsAuthUrl();
+            String authToken = envVarConfig.getChoreoAnalyticsAuthToken();
+            String moesifToken = envVarConfig.getMoesifToken();
+
+            // if the analytics publisher is of default type, retrieve authURL and authToken
+            if (analyticsPublisher.getType().equalsIgnoreCase(Constants.DEFAULT_ANALYTICS_PUBLISHER)){
+                resolvedConfigMap.put(Constants.AUTH_URL_CONFIG_KEY, authURL);
+                resolvedConfigMap.put(Constants.AUTH_URL_CONFIG_TOKEN, authToken);
+            } else if (analyticsPublisher.getType().equalsIgnoreCase(Constants.MOESIF_ANALYTICS_PUBLISHER)){
+                resolvedConfigMap.put(Constants.MOESIF_TOKEN, moesifToken);
+            }
             analyticsDTO.addAnalyticsPublisherConfig(new AnalyticsPublisherConfigDTO(analyticsPublisher.getEnabled(),
                     analyticsPublisher.getType(), resolvedConfigMap));
         }

diff --git a/...forcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/config/EnvVarConfig.java b/...forcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/config/EnvVarConfig.java
@@ -55,7 +55,9 @@ public class EnvVarConfig {
     public static final String REDIS_CERT_FILE = "REDIS_CERT_FILE";
     public static final String REDIS_CA_CERT_FILE = "REDIS_CA_CERT_FILE";
     public static final String REVOKED_TOKEN_CLEANUP_INTERVAL = "REVOKED_TOKEN_CLEANUP_INTERVAL";
-
+    public static final String CHOREO_ANALYTICS_AUTH_TOKEN = "CHOREO_ANALYTICS_AUTH_TOKEN";
+    public static final String CHOREO_ANALYTICS_AUTH_URL = "CHOREO_ANALYTICS_AUTH_URL";
+    public static final String MOESIF_TOKEN = "MOESIF_TOKEN";
 
     // Since the container is running in linux container, path separator is not needed.
     private static final String DEFAULT_TRUSTED_CA_CERTS_PATH = "/home/wso2/security/truststore";
@@ -85,6 +87,11 @@ public class EnvVarConfig {
     public static final String DEFAULT_REDIS_CERT_FILE = "/home/wso2/security/redis/redis.crt";
     public static final String DEFAULT_REDIS_CA_CERT_FILE = "/home/wso2/security/redis/ca.crt";
     public static final int DEFAULT_REVOKED_TOKEN_CLEANUP_INTERVAL = 60*60; // In seconds
+
+    public static final String DEFAULT_CHOREO_ANALYTICS_AUTH_TOKEN = "";
+    public static final String DEFAULT_CHOREO_ANALYTICS_AUTH_URL = "";
+    public static final String DEFAULT_MOESIF_TOKEN = "";
+
     private static EnvVarConfig instance;
     private final String trustedAdapterCertsPath;
     private final String trustDefaultCerts;
@@ -116,6 +123,10 @@ public class EnvVarConfig {
     private final String redisKeyFile;
     private final String redisCertFile;
     private final String redisCaCertFile;
+
+    private final String choreoAnalyticsAuthToken;
+    private final String choreoAnalyticsAuthUrl;
+    private final String moesifToken;
     private final int revokedTokenCleanupInterval;
 
     private EnvVarConfig() {
@@ -160,6 +171,9 @@ private EnvVarConfig() {
         redisCertFile = retrieveEnvVarOrDefault(REDIS_CERT_FILE, DEFAULT_REDIS_CERT_FILE);
         redisCaCertFile = retrieveEnvVarOrDefault(REDIS_CA_CERT_FILE, DEFAULT_REDIS_CA_CERT_FILE);
         revokedTokenCleanupInterval = getRevokedTokenCleanupIntervalFromEnv();
+        choreoAnalyticsAuthToken = retrieveEnvVarOrDefault(CHOREO_ANALYTICS_AUTH_TOKEN, DEFAULT_CHOREO_ANALYTICS_AUTH_TOKEN);
+        choreoAnalyticsAuthUrl = retrieveEnvVarOrDefault(CHOREO_ANALYTICS_AUTH_URL, DEFAULT_CHOREO_ANALYTICS_AUTH_URL);
+        moesifToken = retrieveEnvVarOrDefault(MOESIF_TOKEN, DEFAULT_MOESIF_TOKEN);
     }
 
     public static EnvVarConfig getInstance() {
@@ -319,5 +333,17 @@ public String getCommonControllerRestPort() {
 
         return commonControllerRestPort;
     }
+
+    public String getChoreoAnalyticsAuthToken() {
+        return choreoAnalyticsAuthToken;
+    }
+
+    public String getChoreoAnalyticsAuthUrl() {
+        return choreoAnalyticsAuthUrl;
+    }
+
+    public String getMoesifToken() {
+        return moesifToken;
+    }
 }
 
diff --git a/...g.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/AnalyticsConstants.java b/...g.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/AnalyticsConstants.java
@@ -23,8 +23,6 @@
  */
 public class AnalyticsConstants {
 
-    public static final String AUTH_URL_CONFIG_KEY = "authURL";
-    public static final String AUTH_TOKEN_CONFIG_KEY = "authToken";
     public static final String UPSTREAM_SUCCESS_RESPONSE_DETAIL = "via_upstream";
     public static final String EXT_AUTH_DENIED_RESPONSE_DETAIL = "ext_authz_denied";
     public static final String EXT_AUTH_ERROR_RESPONSE_DETAIL = "ext_authz_error";

diff --git a/...forcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/Constants.java b/...forcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/Constants.java
@@ -81,4 +81,9 @@ since new lines in different OSs differ (Linux: \n, Windows: \r\n) */
 
     // multi-env constants
     public static final String DEFAULT_ALL_ENVIRONMENTS_TOKEN_ISSUER = "*";
+    public static final String AUTH_URL_CONFIG_KEY = "authURL";
+    public static final String AUTH_URL_CONFIG_TOKEN = "authToken";
+    public static final String MOESIF_TOKEN = "moesifToken";
+    public static final String DEFAULT_ANALYTICS_PUBLISHER = "default";
+    public static final String MOESIF_ANALYTICS_PUBLISHER = "moesif";
 }
diff --git a/...s/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml b/...s/templates/data-plane/gateway-components/gateway-runtime/gateway-runtime-deployment.yaml
@@ -96,6 +96,37 @@ spec:
             {{- else }}
               value: -Dhttpclient.hostnameVerifier=AllowAll -Xms512m -Xmx512m -XX:MaxRAMFraction=2
             {{- end }}
+            {{- if and .Values.wso2.apk.dp.gatewayRuntime.analytics .Values.wso2.apk.dp.gatewayRuntime.analytics.publishers }}
+            {{- $defaultPublisherSecretName := "" }}
+            {{- $moesifPublisherSecretName := "" }}
+            {{- range .Values.wso2.apk.dp.gatewayRuntime.analytics.publishers }}
+              {{- if eq .type "default" }}
+                {{- $defaultPublisherSecretName = .secretName }}
+              {{- end }}
+              {{- if eq .type "moesif" }}
+                {{- $moesifPublisherSecretName = .secretName }}
+              {{- end }}
+            {{- end }}
+            {{- if $defaultPublisherSecretName }}
+            - name: CHOREO_ANALYTICS_AUTH_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $defaultPublisherSecretName }}
+                  key: "authToken"
+            - name: CHOREO_ANALYTICS_AUTH_URL
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $defaultPublisherSecretName }}
+                  key: "authURL"
+            {{- end }}
+            {{- if $moesifPublisherSecretName }}
+            - name: MOESIF_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ $moesifPublisherSecretName }}
+                  key: "moesifToken"
+            {{- end }}
+            {{- end }}
             {{- if .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis }}
             - name: REDIS_USERNAME
               value: {{ .Values.wso2.apk.dp.gatewayRuntime.deployment.enforcer.redis.username | default "default" }}
@@ -139,18 +170,6 @@ spec:
             - name: REVOKED_TOKEN_CLEANUP_INTERVAL
               value: "3600"
             {{- end }}
-        {{- if and .Values.wso2.apk.dp.gatewayRuntime.analytics .Values.wso2.apk.dp.gatewayRuntime.analytics.secretName }}
-            - name: analytics_authToken
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.wso2.apk.dp.gatewayRuntime.analytics.secretName }}
-                  key: "analytics_authToken"
-            - name: analytics_authURL
-              valueFrom:
-                secretKeyRef:
-                  name: {{ .Values.wso2.apk.dp.gatewayRuntime.analytics.secretName }}
-                  key: "analytics_authURL"
-        {{- end }}
           volumeMounts:
             - name: tmp
               mountPath: /tmp

diff --git a/helm-charts/values.yaml.template b/helm-charts/values.yaml.template
@@ -591,22 +591,16 @@ wso2:
         analytics:
           # -- Enable/Disable analytics in gateway runtime.
           enabled: true
-          # -- Type of analytics data publisher. Can be "Choreo" or "ELK".
-          type: "Choreo"
-          # -- Choreo analytics secret.
-          secretName: "choreo-analytics-secret"
-          # -- Property values for the analytics.
-          properties:
-            property_name : property_value
           # -- Analytics Publishers
           publishers:
           - enabled: true
             type: "default"
-            configProperties:
-              auth.api.url: "$env{analytics_authURL}"
-              auth.api.token: "$env{analytics_authToken}"
+            secretName: "choreo-analytics-secret" # user created secret name
           - enabled: true
             type: "elk"
+          - enabled: true
+            type: "moesif"
+            secretName: "moesif-secret"
           # -- Optional: File name of the log file.
           logFileName: "logs/enforcer_analytics.log"
           # -- Optional: Log level the analytics data. Can be one of DEBUG, INFO, WARN, ERROR, OFF.