Configuration Service

Introduction

The Configuration Service maintains all the configuration files in version control system (Subversion repository) which tracks the history of file and directory changes over time. We access Subversion programmatically using SVNKit which is a pure Java Subversion client library.

For information on using the Configuration Service, see these sections:

Architecture

Configuration service is divided into following modules:

  1. Server

    1. It exposes HTTP rest end points to store/retrieve configuration files from central repository.
    2. Internally server maintains two types of repositories:
      1. SVN Repository: store for normal/small files
      2. Annex File Repository: store for large files

  2. Client

    1. Config client is a convenient lightweight wrapper for accessing the CSW Configuration HTTP Server.
    2. It is build using Akka Http’s request level client API.

  3. CLI

    1. It is a command line application which internally uses Config Client and hides HTTP interaction with Config server.
    2. This CLI also provides additional login/logout commands to authenticate and authorize user to perform administrator actions such as create/update/delete etc. operations.

Configuration Server

Configuration server is made up of following three main components:

  1. HTTP Routes/Layer
  2. SVN Service/Repo
  3. Annex Service

Config Service

HTTP Routes/Layer

Configuration server exposes set of HTTP routes to write or read configuration files to/from subversion(svn) or local file system(annex).

Write Routes

  • create
  • update
  • delete
  • setActive
  • resetActive

These are admin protected which uses utilities provided by csw-aas-http adapter for protection. csw-aas-http adapter internally uses Keycloak for authentication and authorization.

Admin protected routes expects Access Token to have config-admin realm role. This token needs to be passed in HTTP requests header field called Authorization: Bearer ****.

Read Routes

  • get
  • get active
  • get metadata
  • list
  • history

These routes are read only and not protected. Anyone with valid HTTP request can access these routes.

SVN Service/Repo

Primary store for small or normal configuration files is Subversion. SVNKit is used to perform all the read’s and write’s operations programmatically.

There is a notion of active files in configuration service. Whenever user creates new file using create API provided by service, there are following two files gets created in svn behind the scenes.

  • Normal file which user has requested with provided content
  • {name}.$active file which keeps track of current active version of file

Once new file is created, user can keep updating it as and when required but {name}.$active file will still point to initial version of file. When user is done with changes and wants respective components to pick these new changes, he can mark specific version as active version by using setActiveVersion API. These will update {name}.$active file to point to provided version.

Annex Service

Large/Binary files are stored in annex repo. There are two ways file gets archived in annex store:

  • Files of size more than 10 MB
  • If user explicitly specifies annex=true while creating new file

Whenever new annex file has to be created, there are following three files gets created in svn and annex store behind the scenes:

  • actual large file which user has requested with provided content in annex store
  • while creating large file, it’s sha gets calculated based on file content and new file {name}.$sha1 with this sha gets created in svn repo
  • {name}.$active file which keeps track of current active version of file

Internals

Important classes involved in configuration service are:

  • ConfigServiceRoute: contains all the read and write http routes

  • SvnConfigService: responsible for all the interactions with SvnRepo and AnnexFileService to perform CRUD operations

  • SvnRepo: responsible for all the CRUD operations on svn repository using SVNKit

  • AnnexFileService: responsible for calculating SHA1 based on file content and interacting with AnnexFileRepo to perform CRUD operations

  • AnnexFileRepo: represents file based repository for large/binary/annex files

Below sequence diagram indicates how these classes are involved in creation of annex file:

Config Sequence

5.0.1