This is an automated email from the ASF dual-hosted git repository. joewitt pushed a commit to branch support/nifi-1.15 in repository https://gitbox.apache.org/repos/asf/nifi.git
commit b981914661998be567ac22d8c1971300a4478e4c Author: exceptionfactory <exceptionfact...@apache.org> AuthorDate: Tue Nov 9 12:13:59 2021 -0600 NIFI-9372 Corrected NiFi application log messages - Removed unnecessary spaces from initialization log - Changed bootstrap temporary password file processing messages to debug - Updated several log statements using parameterized strings - Refactored NiFi unit test class --- .../src/main/java/org/apache/nifi/NiFi.java | 29 +-- .../groovy/org/apache/nifi/NiFiGroovyTest.groovy | 285 --------------------- .../test/java/org/apache/nifi/ListAppender.java | 41 +++ .../src/test/java/org/apache/nifi/NiFiTest.java | 116 +++++++++ ...nt_key.properties => encrypted.nifi.properties} | 0 ...h_sensitive_properties_protected_aes.properties | 183 ------------- ...nsitive_properties_protected_aes_128.properties | 183 ------------- ...ties_protected_aes_different_key_128.properties | 186 -------------- .../src/test/resources/logback-test.xml | 8 +- 9 files changed, 171 insertions(+), 860 deletions(-) diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/main/java/org/apache/nifi/NiFi.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/main/java/org/apache/nifi/NiFi.java index eef3310..541d4cf 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/main/java/org/apache/nifi/NiFi.java +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/main/java/org/apache/nifi/NiFi.java @@ -92,7 +92,7 @@ public class NiFi implements NiFiEntryPoint { final File kerberosConfigFile = properties.getKerberosConfigurationFile(); if (kerberosConfigFile != null) { final String kerberosConfigFilePath = kerberosConfigFile.getAbsolutePath(); - LOGGER.info("Setting java.security.krb5.conf to {}", kerberosConfigFilePath); + LOGGER.debug("Setting java.security.krb5.conf to {}", kerberosConfigFilePath); System.setProperty("java.security.krb5.conf", kerberosConfigFilePath); } @@ -175,8 +175,8 @@ public class NiFi implements NiFiEntryPoint { } final long duration = System.nanoTime() - startTime; - LOGGER.info("Controller initialization took {} nanoseconds ( {} seconds).", - duration, (int) TimeUnit.SECONDS.convert(duration, TimeUnit.NANOSECONDS)); + final double durationSeconds = TimeUnit.NANOSECONDS.toMillis(duration) / 1000.0; + LOGGER.info("Started Application Controller in {} seconds ({} ns)", durationSeconds, duration); } } @@ -186,8 +186,7 @@ public class NiFi implements NiFiEntryPoint { protected void setDefaultUncaughtExceptionHandler() { Thread.setDefaultUncaughtExceptionHandler((thread, exception) -> { - LOGGER.error("An Unknown Error Occurred in Thread {}: {}", thread, exception.toString()); - LOGGER.error("", exception); + LOGGER.error("An Unknown Error Occurred in Thread {}: {}", thread, exception.toString(), exception); }); } @@ -211,7 +210,7 @@ public class NiFi implements NiFiEntryPoint { try { urls.add(p.toUri().toURL()); } catch (final MalformedURLException mef) { - LOGGER.warn("Unable to load " + p.getFileName() + " due to " + mef, mef); + LOGGER.warn("Unable to load bootstrap library [{}]", p.getFileName(), mef); } }); } catch (IOException ioe) { @@ -226,7 +225,7 @@ public class NiFi implements NiFiEntryPoint { runDiagnosticsOnShutdown(); shutdown(); } catch (final Throwable t) { - LOGGER.warn("Problem occurred ensuring Jetty web server was properly terminated due to ", t); + LOGGER.warn("Problem occurred ensuring Jetty web server was properly terminated", t); } } @@ -258,14 +257,14 @@ public class NiFi implements NiFiEntryPoint { protected void shutdown() { this.shutdown = true; - LOGGER.info("Initiating shutdown of Jetty web server..."); + LOGGER.info("Application Server shutdown started"); if (nifiServer != null) { nifiServer.stop(); } if (bootstrapListener != null) { bootstrapListener.stop(); } - LOGGER.info("Jetty web server shutdown completed (nicely or otherwise)."); + LOGGER.info("Application Server shutdown completed"); } /** @@ -330,7 +329,7 @@ public class NiFi implements NiFiEntryPoint { NiFiProperties properties = convertArgumentsToValidatedNiFiProperties(args); new NiFi(properties); } catch (final Throwable t) { - LOGGER.error("Failure to launch NiFi due to " + t, t); + LOGGER.error("Failure to launch NiFi", t); } } @@ -367,7 +366,7 @@ public class NiFi implements NiFiEntryPoint { final Object loaderInstance = withKeyMethod.invoke(null, key); final Method getMethod = propsLoaderClass.getMethod("get"); final NiFiProperties properties = (NiFiProperties) getMethod.invoke(loaderInstance); - LOGGER.info("Loaded {} properties", properties.size()); + LOGGER.info("Application Properties loaded [{}]", properties.size()); return properties; } catch (InvocationTargetException wrappedException) { final String msg = "There was an issue decrypting protected properties"; @@ -405,7 +404,7 @@ public class NiFi implements NiFiEntryPoint { private static String getKeyFromKeyFileAndPrune(List<String> parsedArgs) { String key = null; - LOGGER.debug("The bootstrap process provided the " + KEY_FILE_FLAG + " flag"); + LOGGER.debug("The bootstrap process provided the {} flag", KEY_FILE_FLAG); int i = parsedArgs.indexOf(KEY_FILE_FLAG); if (parsedArgs.size() <= i + 1) { LOGGER.error("The bootstrap process passed the {} flag without a filename", KEY_FILE_FLAG); @@ -419,7 +418,7 @@ public class NiFi implements NiFiEntryPoint { if (0 == key.length()) throw new IllegalArgumentException("Key in keyfile " + passwordfilePath + " yielded an empty key"); - LOGGER.info("Now overwriting file in {}", passwordfilePath); + LOGGER.debug("Overwriting temporary bootstrap key file [{}]", passwordfilePath); // Overwrite the contents of the file (to avoid littering file system // unlinked with key material): @@ -434,11 +433,10 @@ public class NiFi implements NiFiEntryPoint { sb.append(Integer.toHexString(random.nextInt())); } String pad = sb.toString(); - LOGGER.info("Overwriting key material with pad: {}", pad); overwriter.write(pad); overwriter.close(); - LOGGER.info("Removing/unlinking file: {}", passwordfilePath); + LOGGER.debug("Removing temporary bootstrap key file [{}]", passwordfilePath); passwordFile.delete(); } catch (IOException e) { @@ -446,7 +444,6 @@ public class NiFi implements NiFiEntryPoint { System.exit(1); } - LOGGER.info("Read property protection key from key file provided by bootstrap process"); return key; } diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/groovy/org/apache/nifi/NiFiGroovyTest.groovy b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/groovy/org/apache/nifi/NiFiGroovyTest.groovy deleted file mode 100644 index 7fdc4dd..0000000 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/groovy/org/apache/nifi/NiFiGroovyTest.groovy +++ /dev/null @@ -1,285 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.nifi - -import ch.qos.logback.classic.spi.LoggingEvent -import ch.qos.logback.core.AppenderBase -import org.apache.nifi.properties.ApplicationPropertiesProtector -import org.apache.nifi.properties.NiFiPropertiesLoader -import org.apache.nifi.properties.PropertyProtectionScheme -import org.apache.nifi.properties.ProtectedPropertyContext -import org.apache.nifi.properties.SensitivePropertyProvider -import org.apache.nifi.properties.StandardSensitivePropertyProviderFactory -import org.apache.nifi.util.NiFiProperties -import org.bouncycastle.jce.provider.BouncyCastleProvider -import org.junit.After -import org.junit.AfterClass -import org.junit.BeforeClass -import org.junit.Test -import org.junit.runner.RunWith -import org.junit.runners.JUnit4 -import org.slf4j.Logger -import org.slf4j.LoggerFactory -import org.slf4j.bridge.SLF4JBridgeHandler - -import javax.crypto.Cipher -import java.security.Security - -@RunWith(JUnit4.class) -class NiFiGroovyTest extends GroovyTestCase { - private static final Logger logger = LoggerFactory.getLogger(NiFiGroovyTest.class) - - private static String originalPropertiesPath = System.getProperty(NiFiProperties.PROPERTIES_FILE_PATH) - - private static final String TEST_RES_PATH = NiFiGroovyTest.getClassLoader().getResource(".").toURI().getPath() - - private static int getMaxKeyLength() { - return (Cipher.getMaxAllowedKeyLength("AES") > 128) ? 256 : 128 - } - - @BeforeClass - static void setUpOnce() throws Exception { - Security.addProvider(new BouncyCastleProvider()) - - SLF4JBridgeHandler.install() - - logger.metaClass.methodMissing = { String name, args -> - logger.info("[${name?.toUpperCase()}] ${(args as List).join(" ")}") - } - - logger.info("Identified test resources path as ${TEST_RES_PATH}") - } - - @After - void tearDown() throws Exception { - TestAppender.reset() - System.setIn(System.in) - } - - @AfterClass - static void tearDownOnce() { - if (originalPropertiesPath) { - System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, originalPropertiesPath) - } - } - - @Test - void testInitializePropertiesShouldHandleNoBootstrapKey() throws Exception { - // Arrange - def args = [] as String[] - - String plainPropertiesPath = "${TEST_RES_PATH}/NiFiProperties/conf/nifi.properties" - System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, plainPropertiesPath) - - // Act - NiFiProperties loadedProperties = NiFi.initializeProperties(args, NiFiGroovyTest.class.classLoader) - - // Assert - assert loadedProperties.size() > 0 - } - - @Test - void testMainShouldHandleNoBootstrapKeyWithProtectedProperties() throws Exception { - // Arrange - def args = [] as String[] - - System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, "${TEST_RES_PATH}/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_different_key.properties") - - // Act - NiFi.main(args) - - // Assert - assert TestAppender.events.last().getMessage() == "Failure to launch NiFi due to java.lang.IllegalArgumentException: There was an issue decrypting protected properties" - } - - @Test - void testParseArgsShouldSplitCombinedArgs() throws Exception { - // Arrange - def args = ["-K filename"] as String[] - - // Act - def parsedArgs = NiFi.parseArgs(args) - - // Assert - assert parsedArgs.size() == 2 - assert parsedArgs == args.join(" ").split(" ") as List - } - - @Test - void testMainShouldHandleBadArgs() throws Exception { - // Arrange - def args = ["-K"] as String[] - - System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, "${TEST_RES_PATH}/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes.properties") - - // Act - NiFi.main(args) - - // Assert - assert TestAppender.events.collect { - it.getFormattedMessage() - }.contains("The bootstrap process passed the -K flag without a filename") - assert TestAppender.events.last().getMessage() == "Failure to launch NiFi due to java.lang.IllegalArgumentException: The bootstrap process did not provide a valid key" - } - - @Test - void testMainShouldHandleMalformedBootstrapKeyFromFile() throws Exception { - // Arrange - def passwordFile = new File("${TEST_RES_PATH}/NiFiProperties/password-testMainShouldHandleMalformedBootstrapKeyFromFile.txt") - passwordFile.text = "BAD KEY" - def args = ["-K", passwordFile.absolutePath] as String[] - - System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, "${TEST_RES_PATH}/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes.properties") - - // Act - NiFi.main(args) - - // Assert - assert TestAppender.events.last().getMessage() == "Failure to launch NiFi due to java.lang.IllegalArgumentException: The bootstrap process did not provide a valid key" - } - - @Test - void testInitializePropertiesShouldSetBootstrapKeyFromFile() throws Exception { - // Arrange - int currentMaxKeyLengthInBits = getMaxKeyLength() - - // 64 chars of '0' for a 256 bit key; 32 chars for 128 bit - final String DIFFERENT_KEY = "0" * (currentMaxKeyLengthInBits / 4) - def passwordFile = new File("${TEST_RES_PATH}/NiFiProperties/password-testInitializePropertiesShouldSetBootstrapKeyFromFile.txt") - passwordFile.text = DIFFERENT_KEY - def args = ["-K", passwordFile.absolutePath] as String[] - - String testPropertiesPath = "${TEST_RES_PATH}/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_different_key${currentMaxKeyLengthInBits == 256 ? "" : "_128"}.properties" - System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, testPropertiesPath) - - def protectedNiFiProperties = new NiFiPropertiesLoader().readProtectedPropertiesFromDisk(new File(testPropertiesPath)) - NiFiProperties unprocessedProperties = protectedNiFiProperties.getApplicationProperties() - def protectedKeys = getProtectedKeys(unprocessedProperties) - logger.info("Reading from raw properties file gives protected properties: ${protectedKeys}") - - // Act - NiFiProperties properties = NiFi.initializeProperties(args, NiFiGroovyTest.class.classLoader) - - // Assert - - // Ensure that there were protected properties, they were encrypted using AES/GCM (128/256 bit key), and they were decrypted (raw value != retrieved value) - assert !hasProtectedKeys(properties) - def unprotectedProperties = decrypt(protectedNiFiProperties, DIFFERENT_KEY) - def protectedPropertyKeys = getProtectedPropertyKeys(unprocessedProperties) - protectedPropertyKeys.every { k, v -> - String rawValue = protectedNiFiProperties.getProperty(k) - logger.raw("${k} -> ${rawValue}") - String retrievedValue = properties.getProperty(k) - logger.decrypted("${k} -> ${retrievedValue}") - - assert v =~ "aes/gcm" - - logger.assert("${retrievedValue} != ${rawValue}") - assert retrievedValue != rawValue - - String decryptedProperty = unprotectedProperties.getProperty(k) - logger.assert("${retrievedValue} == ${decryptedProperty}") - assert retrievedValue == decryptedProperty - true - } - } - - private static boolean hasProtectedKeys(NiFiProperties properties) { - properties.getPropertyKeys().any { it.endsWith(ApplicationPropertiesProtector.PROTECTED_KEY_SUFFIX) } - } - - private static Map<String, String> getProtectedPropertyKeys(NiFiProperties properties) { - getProtectedKeys(properties).collectEntries { String key -> - [(key): properties.getProperty(key + ApplicationPropertiesProtector.PROTECTED_KEY_SUFFIX)] - } - } - - private static Set<String> getProtectedKeys(NiFiProperties properties) { - properties.getPropertyKeys().findAll { it.endsWith(ApplicationPropertiesProtector.PROTECTED_KEY_SUFFIX) }.collect { it - ApplicationPropertiesProtector.PROTECTED_KEY_SUFFIX } - } - - private static NiFiProperties decrypt(NiFiProperties encryptedProperties, String keyHex) { - SensitivePropertyProvider spp = StandardSensitivePropertyProviderFactory.withKey(keyHex) - .getProvider(PropertyProtectionScheme.AES_GCM) - def map = encryptedProperties.getPropertyKeys().collectEntries { String key -> - if (encryptedProperties.getProperty(key + ApplicationPropertiesProtector.PROTECTED_KEY_SUFFIX) == spp.getIdentifierKey()) { - [(key): spp.unprotect(encryptedProperties.getProperty(key), ProtectedPropertyContext.defaultContext(key))] - } else if (!key.endsWith(ApplicationPropertiesProtector.PROTECTED_KEY_SUFFIX)) { - [(key): encryptedProperties.getProperty(key)] - } - } - new NiFiProperties(map as Properties) - } - - @Test - void testShouldValidateKeys() { - // Arrange - final List<String> VALID_KEYS = [ - "0" * 64, // 256 bit keys - "ABCDEF01" * 8, - "0123" * 8, // 128 bit keys - "0123456789ABCDEFFEDCBA9876543210", - "0123456789ABCDEFFEDCBA9876543210".toLowerCase(), - ] - - // Act - def isValid = VALID_KEYS.collectEntries { String key -> [(key): NiFi.isHexKeyValid(key)] } - logger.info("Key validity: ${isValid}") - - // Assert - assert isValid.every { k, v -> v } - } - - @Test - void testShouldNotValidateInvalidKeys() { - // Arrange - final List<String> VALID_KEYS = [ - "0" * 63, - "ABCDEFG1" * 8, - "0123" * 9, - "0123456789ABCDEFFEDCBA987654321", - "0123456789ABCDEF FEDCBA9876543210".toLowerCase(), - null, - "", - " " - ] - - // Act - def isValid = VALID_KEYS.collectEntries { String key -> [(key): NiFi.isHexKeyValid(key)] } - logger.info("Key validity: ${isValid}") - - // Assert - assert isValid.every { k, v -> !v } - } -} - -class TestAppender extends AppenderBase<LoggingEvent> { - static List<LoggingEvent> events = new ArrayList<>() - - @Override - protected void append(LoggingEvent e) { - synchronized (events) { - events.add(e) - } - } - - static void reset() { - synchronized (events) { - events.clear() - } - } -} \ No newline at end of file diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/java/org/apache/nifi/ListAppender.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/java/org/apache/nifi/ListAppender.java new file mode 100644 index 0000000..f27f935 --- /dev/null +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/java/org/apache/nifi/ListAppender.java @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.nifi; + +import ch.qos.logback.classic.spi.LoggingEvent; +import ch.qos.logback.core.AppenderBase; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +public class ListAppender extends AppenderBase<LoggingEvent> { + private static final List<LoggingEvent> LOGGING_EVENTS = Collections.synchronizedList(new ArrayList<>()); + + public static List<LoggingEvent> getLoggingEvents() { + return LOGGING_EVENTS; + } + + public static void clear() { + LOGGING_EVENTS.clear(); + } + + @Override + protected void append(final LoggingEvent loggingEvent) { + LOGGING_EVENTS.add(loggingEvent); + } +} diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/java/org/apache/nifi/NiFiTest.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/java/org/apache/nifi/NiFiTest.java new file mode 100644 index 0000000..f95024a --- /dev/null +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/java/org/apache/nifi/NiFiTest.java @@ -0,0 +1,116 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.nifi; + +import ch.qos.logback.classic.spi.LoggingEvent; +import org.apache.commons.lang3.StringUtils; +import org.apache.nifi.util.NiFiProperties; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + +import java.io.File; +import java.io.FileWriter; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.Optional; + +import static org.junit.jupiter.api.Assertions.assertTrue; + +public class NiFiTest { + private static final String[] ARGUMENTS = new String[]{}; + + private static final String KEY_ARGUMENT = "-K"; + + private static final String[] FILE_NOT_SPECIFIED_ARGUMENTS = new String[]{ KEY_ARGUMENT }; + + private static final String FAILURE_TO_LAUNCH = "Failure to launch NiFi"; + + private static final String PROPERTIES_LOADED = "Application Properties loaded"; + + private static final String PROPERTIES_PATH = "/NiFiProperties/conf/nifi.properties"; + + private static final String ENCRYPTED_PROPERTIES_PATH = "/NiFiProperties/conf/encrypted.nifi.properties"; + + private static final String ROOT_KEY = StringUtils.repeat("0", 64); + + @BeforeEach + public void setAppender() { + ListAppender.clear(); + } + + @AfterEach + public void clearPropertiesFilePath() { + System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, StringUtils.EMPTY); + } + + @Test + public void testMainBootstrapKeyFileNotSpecified() { + setPropertiesFilePath(PROPERTIES_PATH); + + NiFi.main(FILE_NOT_SPECIFIED_ARGUMENTS); + + assertFailureToLaunch(); + } + + @Test + public void testMainBootstrapKeyNotSpecified() { + setPropertiesFilePath(PROPERTIES_PATH); + + NiFi.main(ARGUMENTS); + + assertFailureToLaunch(); + } + + @Test + public void testMainEncryptedNiFiProperties() throws IOException { + final File rootKeyFile = File.createTempFile(getClass().getSimpleName(), ".root.key"); + rootKeyFile.deleteOnExit(); + try (final PrintWriter writer = new PrintWriter(new FileWriter(rootKeyFile))) { + writer.println(ROOT_KEY); + } + + setPropertiesFilePath(ENCRYPTED_PROPERTIES_PATH); + + NiFi.main(new String[]{ KEY_ARGUMENT, rootKeyFile.getAbsolutePath() }); + + assertApplicationPropertiesLoaded(); + assertFailureToLaunch(); + } + + private void assertApplicationPropertiesLoaded() { + final Optional<LoggingEvent> event = ListAppender.getLoggingEvents().stream().filter( + loggingEvent -> loggingEvent.getMessage().startsWith(PROPERTIES_LOADED) + ).findFirst(); + assertTrue(event.isPresent(), "Properties loaded log not found"); + } + + private void assertFailureToLaunch() { + final Optional<LoggingEvent> event = ListAppender.getLoggingEvents().stream().filter( + loggingEvent -> loggingEvent.getMessage().startsWith(FAILURE_TO_LAUNCH) + ).findFirst(); + assertTrue(event.isPresent(), "Failure log not found"); + } + + private void setPropertiesFilePath(final String relativePath) { + System.setProperty(NiFiProperties.PROPERTIES_FILE_PATH, getResourcesPath(relativePath)); + } + + private String getResourcesPath(final String relativePath) { + return getClass().getResource(relativePath).getPath(); + } +} diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_different_key.properties b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/encrypted.nifi.properties similarity index 100% rename from nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_different_key.properties rename to nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/encrypted.nifi.properties diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes.properties b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes.properties deleted file mode 100644 index ec3e440..0000000 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes.properties +++ /dev/null @@ -1,183 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Core Properties # -nifi.flow.configuration.file=./target/conf/flow.xml.gz -nifi.flow.configuration.archive.enabled=true -nifi.flow.configuration.archive.dir=./target/conf/archive/ -nifi.flow.configuration.archive.max.time=30 days -nifi.flow.configuration.archive.max.storage=500 MB -nifi.flowcontroller.autoResumeState=true -nifi.flowcontroller.graceful.shutdown.period=10 sec -nifi.flowservice.writedelay.interval=500 ms -nifi.administrative.yield.duration=30 sec -# If a component has no work to do (is "bored"), how long should we wait before checking again for work? -nifi.bored.yield.duration=10 millis - -nifi.authorizer.configuration.file=./target/conf/authorizers.xml -nifi.login.identity.provider.configuration.file=./target/conf/login-identity-providers.xml -nifi.templates.directory=./target/conf/templates -nifi.ui.banner.text=n8hL1zgQcYpG70Vm||e1hYsrc7FLvi1E9LcHM1VYeN5atWJIGg/WCsyuxxNqN1lK1ASGEZR8040NFZNqwsnbx+ -nifi.ui.banner.text.protected=aes/gcm/256 -nifi.ui.autorefresh.interval=30 sec -nifi.nar.library.directory=./target/lib -nifi.nar.working.directory=./target/work/nar/ -nifi.documentation.working.directory=./target/work/docs/components - -#################### -# State Management # -#################### -nifi.state.management.configuration.file=./target/conf/state-management.xml -# The ID of the local state provider -nifi.state.management.provider.local=local-provider -# The ID of the cluster-wide state provider. This will be ignored if NiFi is not clustered but must be populated if running in a cluster. -nifi.state.management.provider.cluster=zk-provider -# Specifies whether or not this instance of NiFi should run an embedded ZooKeeper server -nifi.state.management.embedded.zookeeper.start=false -# Properties file that provides the ZooKeeper properties to use if <nifi.state.management.embedded.zookeeper.start> is set to true -nifi.state.management.embedded.zookeeper.properties=./target/conf/zookeeper.properties - - -# H2 Settings -nifi.database.directory=./target/database_repository -nifi.h2.url.append=;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE - -# FlowFile Repository -nifi.flowfile.repository.implementation=org.apache.nifi.controller.repository.WriteAheadFlowFileRepository -nifi.flowfile.repository.directory=./target/flowfile_repository -nifi.flowfile.repository.partitions=256 -nifi.flowfile.repository.checkpoint.interval=2 mins -nifi.flowfile.repository.always.sync=false - -nifi.swap.manager.implementation=org.apache.nifi.controller.FileSystemSwapManager -nifi.queue.swap.threshold=20000 -nifi.swap.in.period=5 sec -nifi.swap.in.threads=1 -nifi.swap.out.period=5 sec -nifi.swap.out.threads=4 - -# Content Repository -nifi.content.repository.implementation=org.apache.nifi.controller.repository.FileSystemRepository -nifi.content.claim.max.appendable.size=10 MB -nifi.content.claim.max.flow.files=100 -nifi.content.repository.directory.default=./target/content_repository -nifi.content.repository.archive.max.retention.period=12 hours -nifi.content.repository.archive.max.usage.percentage=50% -nifi.content.repository.archive.enabled=true -nifi.content.repository.always.sync=false -nifi.content.viewer.url=/nifi-content-viewer/ - -# Provenance Repository Properties -nifi.provenance.repository.implementation=org.apache.nifi.provenance.PersistentProvenanceRepository - -# Persistent Provenance Repository Properties -nifi.provenance.repository.directory.default=./target/provenance_repository -nifi.provenance.repository.max.storage.time=24 hours -nifi.provenance.repository.max.storage.size=1 GB -nifi.provenance.repository.rollover.time=30 secs -nifi.provenance.repository.rollover.size=100 MB -nifi.provenance.repository.query.threads=2 -nifi.provenance.repository.index.threads=1 -nifi.provenance.repository.compress.on.rollover=true -nifi.provenance.repository.always.sync=false -nifi.provenance.repository.journal.count=16 -# Comma-separated list of fields. Fields that are not indexed will not be searchable. Valid fields are: -# EventType, FlowFileUUID, Filename, TransitURI, ProcessorID, AlternateIdentifierURI, Relationship, Details -nifi.provenance.repository.indexed.fields=EventType, FlowFileUUID, Filename, ProcessorID, Relationship -# FlowFile Attributes that should be indexed and made searchable. Some examples to consider are filename, uuid, mime.type -nifi.provenance.repository.indexed.attributes= -# Large values for the shard size will result in more Java heap usage when searching the Provenance Repository -# but should provide better performance -nifi.provenance.repository.index.shard.size=500 MB -# Indicates the maximum length that a FlowFile attribute can be when retrieving a Provenance Event from -# the repository. If the length of any attribute exceeds this value, it will be truncated when the event is retrieved. -nifi.provenance.repository.max.attribute.length=65536 - -# Volatile Provenance Respository Properties -nifi.provenance.repository.buffer.size=100000 - -# Component Status Repository -nifi.components.status.repository.implementation=org.apache.nifi.controller.status.history.VolatileComponentStatusRepository -nifi.components.status.repository.buffer.size=1440 -nifi.components.status.snapshot.frequency=1 min - -# Site to Site properties -nifi.remote.input.host= -nifi.remote.input.secure=false -nifi.remote.input.socket.port= -nifi.remote.input.http.enabled=true -nifi.remote.input.http.transaction.ttl=30 sec - -# web properties # -nifi.web.war.directory=./target/lib -nifi.web.http.host= -nifi.web.http.port=8080 -nifi.web.https.host= -nifi.web.https.port= -nifi.web.jetty.working.directory=./target/work/jetty -nifi.web.jetty.threads=200 - -# security properties # -nifi.sensitive.props.key= -nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL -nifi.sensitive.props.additional.keys=nifi.ui.banner.text - -nifi.security.keystore= -nifi.security.keystoreType= -nifi.security.keystorePasswd= -nifi.security.keyPasswd= -nifi.security.truststore= -nifi.security.truststoreType= -nifi.security.truststorePasswd= -nifi.security.user.authorizer=file-provider -nifi.security.user.login.identity.provider= -nifi.security.ocsp.responder.url= -nifi.security.ocsp.responder.certificate= - -# Identity Mapping Properties # -# These properties allow normalizing user identities such that identities coming from different identity providers -# (certificates, LDAP, Kerberos) can be treated the same internally in NiFi. The following example demonstrates normalizing -# DNs from certificates and principals from Kerberos into a common identity string: -# -# nifi.security.identity.mapping.pattern.dn=^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$ -# nifi.security.identity.mapping.value.dn=$1@$2 -# nifi.security.identity.mapping.pattern.kerb=^(.*?)/instance@(.*?)$ -# nifi.security.identity.mapping.value.kerb=$1@$2 - -# cluster common properties (all nodes must have same values) # -nifi.cluster.protocol.heartbeat.interval=5 sec -nifi.cluster.protocol.is.secure=false - -# cluster node properties (only configure for cluster nodes) # -nifi.cluster.is.node=false -nifi.cluster.node.address= -nifi.cluster.node.protocol.port= -nifi.cluster.node.protocol.threads=10 -nifi.cluster.node.event.history.size=25 -nifi.cluster.node.connection.timeout=5 sec -nifi.cluster.node.read.timeout=5 sec -nifi.cluster.firewall.file= - -# zookeeper properties, used for cluster management # -nifi.zookeeper.connect.string= -nifi.zookeeper.connect.timeout=3 secs -nifi.zookeeper.session.timeout=3 secs -nifi.zookeeper.root.node=/nifi - -# kerberos # -nifi.kerberos.krb5.file= -nifi.kerberos.service.principal= -nifi.kerberos.keytab.location= -nifi.kerberos.authentication.expiration=12 hours \ No newline at end of file diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_128.properties b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_128.properties deleted file mode 100644 index eba1ad1..0000000 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_128.properties +++ /dev/null @@ -1,183 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Core Properties # -nifi.flow.configuration.file=./target/conf/flow.xml.gz -nifi.flow.configuration.archive.enabled=true -nifi.flow.configuration.archive.dir=./target/conf/archive/ -nifi.flow.configuration.archive.max.time=30 days -nifi.flow.configuration.archive.max.storage=500 MB -nifi.flowcontroller.autoResumeState=true -nifi.flowcontroller.graceful.shutdown.period=10 sec -nifi.flowservice.writedelay.interval=500 ms -nifi.administrative.yield.duration=30 sec -# If a component has no work to do (is "bored"), how long should we wait before checking again for work? -nifi.bored.yield.duration=10 millis - -nifi.authorizer.configuration.file=./target/conf/authorizers.xml -nifi.login.identity.provider.configuration.file=./target/conf/login-identity-providers.xml -nifi.templates.directory=./target/conf/templates -nifi.ui.banner.text=27BJszAmDdMuexAk||fYvTyQ3k/jlV9aiu8Ff7rF6cDDlVO0eXtGOQqR0LQDISq5VlnpHMvHVFgHxAaIRMWZy0 -nifi.ui.banner.text.protected=aes/gcm/128 -nifi.ui.autorefresh.interval=30 sec -nifi.nar.library.directory=./target/lib -nifi.nar.working.directory=./target/work/nar/ -nifi.documentation.working.directory=./target/work/docs/components - -#################### -# State Management # -#################### -nifi.state.management.configuration.file=./target/conf/state-management.xml -# The ID of the local state provider -nifi.state.management.provider.local=local-provider -# The ID of the cluster-wide state provider. This will be ignored if NiFi is not clustered but must be populated if running in a cluster. -nifi.state.management.provider.cluster=zk-provider -# Specifies whether or not this instance of NiFi should run an embedded ZooKeeper server -nifi.state.management.embedded.zookeeper.start=false -# Properties file that provides the ZooKeeper properties to use if <nifi.state.management.embedded.zookeeper.start> is set to true -nifi.state.management.embedded.zookeeper.properties=./target/conf/zookeeper.properties - - -# H2 Settings -nifi.database.directory=./target/database_repository -nifi.h2.url.append=;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE - -# FlowFile Repository -nifi.flowfile.repository.implementation=org.apache.nifi.controller.repository.WriteAheadFlowFileRepository -nifi.flowfile.repository.directory=./target/flowfile_repository -nifi.flowfile.repository.partitions=256 -nifi.flowfile.repository.checkpoint.interval=2 mins -nifi.flowfile.repository.always.sync=false - -nifi.swap.manager.implementation=org.apache.nifi.controller.FileSystemSwapManager -nifi.queue.swap.threshold=20000 -nifi.swap.in.period=5 sec -nifi.swap.in.threads=1 -nifi.swap.out.period=5 sec -nifi.swap.out.threads=4 - -# Content Repository -nifi.content.repository.implementation=org.apache.nifi.controller.repository.FileSystemRepository -nifi.content.claim.max.appendable.size=10 MB -nifi.content.claim.max.flow.files=100 -nifi.content.repository.directory.default=./target/content_repository -nifi.content.repository.archive.max.retention.period=12 hours -nifi.content.repository.archive.max.usage.percentage=50% -nifi.content.repository.archive.enabled=true -nifi.content.repository.always.sync=false -nifi.content.viewer.url=/nifi-content-viewer/ - -# Provenance Repository Properties -nifi.provenance.repository.implementation=org.apache.nifi.provenance.PersistentProvenanceRepository - -# Persistent Provenance Repository Properties -nifi.provenance.repository.directory.default=./target/provenance_repository -nifi.provenance.repository.max.storage.time=24 hours -nifi.provenance.repository.max.storage.size=1 GB -nifi.provenance.repository.rollover.time=30 secs -nifi.provenance.repository.rollover.size=100 MB -nifi.provenance.repository.query.threads=2 -nifi.provenance.repository.index.threads=1 -nifi.provenance.repository.compress.on.rollover=true -nifi.provenance.repository.always.sync=false -nifi.provenance.repository.journal.count=16 -# Comma-separated list of fields. Fields that are not indexed will not be searchable. Valid fields are: -# EventType, FlowFileUUID, Filename, TransitURI, ProcessorID, AlternateIdentifierURI, Relationship, Details -nifi.provenance.repository.indexed.fields=EventType, FlowFileUUID, Filename, ProcessorID, Relationship -# FlowFile Attributes that should be indexed and made searchable. Some examples to consider are filename, uuid, mime.type -nifi.provenance.repository.indexed.attributes= -# Large values for the shard size will result in more Java heap usage when searching the Provenance Repository -# but should provide better performance -nifi.provenance.repository.index.shard.size=500 MB -# Indicates the maximum length that a FlowFile attribute can be when retrieving a Provenance Event from -# the repository. If the length of any attribute exceeds this value, it will be truncated when the event is retrieved. -nifi.provenance.repository.max.attribute.length=65536 - -# Volatile Provenance Respository Properties -nifi.provenance.repository.buffer.size=100000 - -# Component Status Repository -nifi.components.status.repository.implementation=org.apache.nifi.controller.status.history.VolatileComponentStatusRepository -nifi.components.status.repository.buffer.size=1440 -nifi.components.status.snapshot.frequency=1 min - -# Site to Site properties -nifi.remote.input.host= -nifi.remote.input.secure=false -nifi.remote.input.socket.port= -nifi.remote.input.http.enabled=true -nifi.remote.input.http.transaction.ttl=30 sec - -# web properties # -nifi.web.war.directory=./target/lib -nifi.web.http.host= -nifi.web.http.port=8080 -nifi.web.https.host= -nifi.web.https.port= -nifi.web.jetty.working.directory=./target/work/jetty -nifi.web.jetty.threads=200 - -# security properties # -nifi.sensitive.props.key= -nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL -nifi.sensitive.props.additional.keys=nifi.ui.banner.text - -nifi.security.keystore= -nifi.security.keystoreType= -nifi.security.keystorePasswd= -nifi.security.keyPasswd= -nifi.security.truststore= -nifi.security.truststoreType= -nifi.security.truststorePasswd= -nifi.security.user.authorizer=file-provider -nifi.security.user.login.identity.provider= -nifi.security.ocsp.responder.url= -nifi.security.ocsp.responder.certificate= - -# Identity Mapping Properties # -# These properties allow normalizing user identities such that identities coming from different identity providers -# (certificates, LDAP, Kerberos) can be treated the same internally in NiFi. The following example demonstrates normalizing -# DNs from certificates and principals from Kerberos into a common identity string: -# -# nifi.security.identity.mapping.pattern.dn=^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$ -# nifi.security.identity.mapping.value.dn=$1@$2 -# nifi.security.identity.mapping.pattern.kerb=^(.*?)/instance@(.*?)$ -# nifi.security.identity.mapping.value.kerb=$1@$2 - -# cluster common properties (all nodes must have same values) # -nifi.cluster.protocol.heartbeat.interval=5 sec -nifi.cluster.protocol.is.secure=false - -# cluster node properties (only configure for cluster nodes) # -nifi.cluster.is.node=false -nifi.cluster.node.address= -nifi.cluster.node.protocol.port= -nifi.cluster.node.protocol.threads=10 -nifi.cluster.node.event.history.size=25 -nifi.cluster.node.connection.timeout=5 sec -nifi.cluster.node.read.timeout=5 sec -nifi.cluster.firewall.file= - -# zookeeper properties, used for cluster management # -nifi.zookeeper.connect.string= -nifi.zookeeper.connect.timeout=3 secs -nifi.zookeeper.session.timeout=3 secs -nifi.zookeeper.root.node=/nifi - -# kerberos # -nifi.kerberos.krb5.file= -nifi.kerberos.service.principal= -nifi.kerberos.keytab.location= -nifi.kerberos.authentication.expiration=12 hours \ No newline at end of file diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_different_key_128.properties b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_different_key_128.properties deleted file mode 100644 index 4ca2dfd..0000000 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/NiFiProperties/conf/nifi_with_sensitive_properties_protected_aes_different_key_128.properties +++ /dev/null @@ -1,186 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Core Properties # -nifi.flow.configuration.file=./target/conf/flow.xml.gz -nifi.flow.configuration.archive.enabled=true -nifi.flow.configuration.archive.dir=./target/conf/archive/ -nifi.flow.configuration.archive.max.time=30 days -nifi.flow.configuration.archive.max.storage=500 MB -nifi.flowcontroller.autoResumeState=true -nifi.flowcontroller.graceful.shutdown.period=10 sec -nifi.flowservice.writedelay.interval=500 ms -nifi.administrative.yield.duration=30 sec -# If a component has no work to do (is "bored"), how long should we wait before checking again for work? -nifi.bored.yield.duration=10 millis - -nifi.authorizer.configuration.file=./target/conf/authorizers.xml -nifi.login.identity.provider.configuration.file=./target/conf/login-identity-providers.xml -nifi.templates.directory=./target/conf/templates -nifi.ui.banner.text=Oz8CaBm6MBkMt/Qq||VUgDFT/PBSjTqJsKXZwdn9hMADEwmp+7Ezx5zHSMXVxLcC947pgqJTf8I0bFrLQqE6i6 -nifi.ui.banner.text.protected=aes/gcm/128 -nifi.ui.autorefresh.interval=30 sec -nifi.nar.library.directory=./target/lib -nifi.nar.working.directory=./target/work/nar/ -nifi.documentation.working.directory=./target/work/docs/components - -#################### -# State Management # -#################### -nifi.state.management.configuration.file=./target/conf/state-management.xml -# The ID of the local state provider -nifi.state.management.provider.local=local-provider -# The ID of the cluster-wide state provider. This will be ignored if NiFi is not clustered but must be populated if running in a cluster. -nifi.state.management.provider.cluster=zk-provider -# Specifies whether or not this instance of NiFi should run an embedded ZooKeeper server -nifi.state.management.embedded.zookeeper.start=false -# Properties file that provides the ZooKeeper properties to use if <nifi.state.management.embedded.zookeeper.start> is set to true -nifi.state.management.embedded.zookeeper.properties=./target/conf/zookeeper.properties - - -# H2 Settings -nifi.database.directory=./target/database_repository -nifi.h2.url.append=;LOCK_TIMEOUT=25000;WRITE_DELAY=0;AUTO_SERVER=FALSE - -# FlowFile Repository -nifi.flowfile.repository.implementation=org.apache.nifi.controller.repository.WriteAheadFlowFileRepository -nifi.flowfile.repository.directory=./target/flowfile_repository -nifi.flowfile.repository.partitions=256 -nifi.flowfile.repository.checkpoint.interval=2 mins -nifi.flowfile.repository.always.sync=false - -nifi.swap.manager.implementation=org.apache.nifi.controller.FileSystemSwapManager -nifi.queue.swap.threshold=20000 -nifi.swap.in.period=5 sec -nifi.swap.in.threads=1 -nifi.swap.out.period=5 sec -nifi.swap.out.threads=4 - -# Content Repository -nifi.content.repository.implementation=org.apache.nifi.controller.repository.FileSystemRepository -nifi.content.claim.max.appendable.size=10 MB -nifi.content.claim.max.flow.files=100 -nifi.content.repository.directory.default=./target/content_repository -nifi.content.repository.archive.max.retention.period=12 hours -nifi.content.repository.archive.max.usage.percentage=50% -nifi.content.repository.archive.enabled=true -nifi.content.repository.always.sync=false -nifi.content.viewer.url=/nifi-content-viewer/ - -# Provenance Repository Properties -nifi.provenance.repository.implementation=org.apache.nifi.provenance.PersistentProvenanceRepository - -# Persistent Provenance Repository Properties -nifi.provenance.repository.directory.default=./target/provenance_repository -nifi.provenance.repository.max.storage.time=24 hours -nifi.provenance.repository.max.storage.size=1 GB -nifi.provenance.repository.rollover.time=30 secs -nifi.provenance.repository.rollover.size=100 MB -nifi.provenance.repository.query.threads=2 -nifi.provenance.repository.index.threads=1 -nifi.provenance.repository.compress.on.rollover=true -nifi.provenance.repository.always.sync=false -nifi.provenance.repository.journal.count=16 -# Comma-separated list of fields. Fields that are not indexed will not be searchable. Valid fields are: -# EventType, FlowFileUUID, Filename, TransitURI, ProcessorID, AlternateIdentifierURI, Relationship, Details -nifi.provenance.repository.indexed.fields=EventType, FlowFileUUID, Filename, ProcessorID, Relationship -# FlowFile Attributes that should be indexed and made searchable. Some examples to consider are filename, uuid, mime.type -nifi.provenance.repository.indexed.attributes= -# Large values for the shard size will result in more Java heap usage when searching the Provenance Repository -# but should provide better performance -nifi.provenance.repository.index.shard.size=500 MB -# Indicates the maximum length that a FlowFile attribute can be when retrieving a Provenance Event from -# the repository. If the length of any attribute exceeds this value, it will be truncated when the event is retrieved. -nifi.provenance.repository.max.attribute.length=65536 - -# Volatile Provenance Respository Properties -nifi.provenance.repository.buffer.size=100000 - -# Component Status Repository -nifi.components.status.repository.implementation=org.apache.nifi.controller.status.history.VolatileComponentStatusRepository -nifi.components.status.repository.buffer.size=1440 -nifi.components.status.snapshot.frequency=1 min - -# Site to Site properties -nifi.remote.input.host= -nifi.remote.input.secure=false -nifi.remote.input.socket.port= -nifi.remote.input.http.enabled=true -nifi.remote.input.http.transaction.ttl=30 sec - -# web properties # -nifi.web.war.directory=./target/lib -nifi.web.http.host= -nifi.web.http.port=8080 -nifi.web.https.host= -nifi.web.https.port= -nifi.web.jetty.working.directory=./target/work/jetty -nifi.web.jetty.threads=200 - -# security properties # -nifi.sensitive.props.key=rs7OIQ1levcunDAt||9iJDLs0XREoyAjiV9BTCYLdsoHJQ9DxSvRmOhnVs9wC5ffl24pvLjZkeGkNzbQ -nifi.sensitive.props.key.protected=aes/gcm/128 -nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL -nifi.sensitive.props.additional.keys=nifi.ui.banner.text - -nifi.security.keystore=/path/to/keystore.jks -nifi.security.keystoreType=JKS -nifi.security.keystorePasswd=zvww8lpJFCXBmdiW||SqHaIINVVjBVPGxaDfp3a1qWKRIkf1qCSIooduFOmQOMWiZLbvJ6eHoH -nifi.security.keystorePasswd.protected=aes/gcm/128 -nifi.security.keyPasswd=9xLoWaOzNotWRLcd||HSlgmdUjOzkSuvxcWVuVH290nUzrUPL9E9Au1txDQqzpLYW/jQ -nifi.security.keyPasswd.protected=aes/gcm/128 -nifi.security.truststore= -nifi.security.truststoreType= -nifi.security.truststorePasswd= -nifi.security.user.authorizer=file-provider -nifi.security.user.login.identity.provider= -nifi.security.ocsp.responder.url= -nifi.security.ocsp.responder.certificate= - -# Identity Mapping Properties # -# These properties allow normalizing user identities such that identities coming from different identity providers -# (certificates, LDAP, Kerberos) can be treated the same internally in NiFi. The following example demonstrates normalizing -# DNs from certificates and principals from Kerberos into a common identity string: -# -# nifi.security.identity.mapping.pattern.dn=^CN=(.*?), OU=(.*?), O=(.*?), L=(.*?), ST=(.*?), C=(.*?)$ -# nifi.security.identity.mapping.value.dn=$1@$2 -# nifi.security.identity.mapping.pattern.kerb=^(.*?)/instance@(.*?)$ -# nifi.security.identity.mapping.value.kerb=$1@$2 - -# cluster common properties (all nodes must have same values) # -nifi.cluster.protocol.heartbeat.interval=5 sec -nifi.cluster.protocol.is.secure=false - -# cluster node properties (only configure for cluster nodes) # -nifi.cluster.is.node=false -nifi.cluster.node.address= -nifi.cluster.node.protocol.port= -nifi.cluster.node.protocol.threads=10 -nifi.cluster.node.event.history.size=25 -nifi.cluster.node.connection.timeout=5 sec -nifi.cluster.node.read.timeout=5 sec -nifi.cluster.firewall.file= - -# zookeeper properties, used for cluster management # -nifi.zookeeper.connect.string= -nifi.zookeeper.connect.timeout=3 secs -nifi.zookeeper.session.timeout=3 secs -nifi.zookeeper.root.node=/nifi - -# kerberos # -nifi.kerberos.krb5.file= -nifi.kerberos.service.principal= -nifi.kerberos.keytab.location= -nifi.kerberos.authentication.expiration=12 hours \ No newline at end of file diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/logback-test.xml b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/logback-test.xml index 7f0a03b..7a7385c 100644 --- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/logback-test.xml +++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-runtime/src/test/resources/logback-test.xml @@ -15,12 +15,7 @@ --> <configuration> - <appender name="CONSOLE" class="ch.qos.logback.core.ConsoleAppender"> - <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> - <pattern>%-4r [%t] %-5p %c - %m%n</pattern> - </encoder> - </appender> - <appender name="TEST" class="org.apache.nifi.TestAppender"> + <appender name="TEST" class="org.apache.nifi.ListAppender"> <encoder class="ch.qos.logback.classic.encoder.PatternLayoutEncoder"> <pattern>%-4r [%t] %-5p %c - %m%n</pattern> </encoder> @@ -28,7 +23,6 @@ <logger name="org.apache.nifi.processor" level="DEBUG"/> <root level="DEBUG"> - <appender-ref ref="CONSOLE"/> <appender-ref ref="TEST"/> </root> </configuration>