[ https://issues.apache.org/jira/browse/NIFI-4708?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16313859#comment-16313859 ]
ASF GitHub Bot commented on NIFI-4708: -------------------------------------- Github user kevdoran commented on a diff in the pull request: https://github.com/apache/nifi/pull/2376#discussion_r159977391 --- Diff: nifi-toolkit/nifi-toolkit-encrypt-config/src/main/groovy/org/apache/nifi/toolkit/encryptconfig/EncryptConfigMain.groovy --- @@ -0,0 +1,145 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.nifi.toolkit.encryptconfig + +import org.apache.commons.cli.HelpFormatter +import org.apache.commons.cli.Options +import org.apache.nifi.properties.ConfigEncryptionTool +import org.bouncycastle.jce.provider.BouncyCastleProvider +import org.slf4j.Logger +import org.slf4j.LoggerFactory + +import java.security.Security + +class EncryptConfigMain { + + private static final Logger logger = LoggerFactory.getLogger(EncryptConfigMain.class) + + static final int EXIT_STATUS_SUCCESS = 0 + static final int EXIT_STATUS_FAILURE = -1 + static final int EXIT_STATUS_OTHER = 1 + + static final String NIFI_REGISTRY_OPT = "nifiRegistry" + static final String NIFI_REGISTRY_FLAG = "--${NIFI_REGISTRY_OPT}".toString() + static final String DECRYPT_OPT = "decrypt" + static final String DECRYPT_FLAG = "--${DECRYPT_OPT}".toString() + + static final int HELP_FORMAT_WIDTH = 160 + + // Access should only be through static methods + private EncryptConfigMain() { + } + + static printUsage(String message = "") { + + if (message) { + System.out.println(message) + System.out.println() + } + + String header = "\nThis tool enables easy encryption and decryption of configuration files for NiFi and its sub-projects. " + + "Unprotected files can be input to this tool to be protected by a key in a manner that is understood by NiFi. " + + "Protected files, along with a key, can be input to this tool to be unprotected, for troubleshooting or automation purposes.\n\n" + + def options = new Options() + options.addOption("h", "help", false, "Show usage information (this message)") + options.addOption(null, NIFI_REGISTRY_OPT, false, "Specifies to target NiFi Registry. When this flag is not included, NiFi is the target.") + + HelpFormatter helpFormatter = new HelpFormatter() + helpFormatter.setWidth(160) + helpFormatter.setOptionComparator(null) + helpFormatter.printHelp("${EncryptConfigMain.class.getCanonicalName()} [-h] [options]", header, options, "\n") + System.out.println() + + helpFormatter.setSyntaxPrefix("") // disable "usage: " prefix for the following outputs + + Options nifiModeOptions = ConfigEncryptionTool.getCliOptions() + helpFormatter.printHelp( + "When targeting NiFi:", + nifiModeOptions, + false) + System.out.println() + + Options nifiRegistryModeOptions = NiFiRegistryMode.getCliOptions() + nifiRegistryModeOptions.addOption(null, DECRYPT_OPT, false, "Can be used with -r to decrypt a previously encrypted NiFi Registry Properties file. Decrypted content is printed to STDOUT.") + helpFormatter.printHelp( + "When targeting NiFi Registry using the ${NIFI_REGISTRY_FLAG} flag:", + nifiRegistryModeOptions, + false) + System.out.println() + +// String footer = """ --- End diff -- - [ ] remove dead code in EMC > Add support for NiFi Registry to the encrypt-config tool in NiFi Toolkit > ------------------------------------------------------------------------ > > Key: NIFI-4708 > URL: https://issues.apache.org/jira/browse/NIFI-4708 > Project: Apache NiFi > Issue Type: Improvement > Reporter: Kevin Doran > Assignee: Kevin Doran > Fix For: 1.5.0 > > > NiFi Registry now supports loading encrypted config files (e.g., > nifi-registry.properties, authorizers.xml, login-identity-providers.xml). > These files are very difficult to encrypt by hand, and is not recommended. > Because NiFi Registry utilizes the same encryption algorithms supported by > NiFi, the easiest way to build a tool for encrypting NiFi Registry config > properties is to extend the the encrypt-config tool in NiFi Toolkit to > support NiFi Registry as well. -- This message was sent by Atlassian JIRA (v6.4.14#64029)