Skip to content

Commit

Permalink
feat : eks config
Browse files Browse the repository at this point in the history 
feat : eks config
  • Loading branch information
@JMcunst
JMcunst authored Nov 5, 2023
2 parents ef26332 + 63653af commit 862d78a
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 27 deletions.
50 changes: 29 additions & 21 deletions src/main/java/com/catcher/batch/datasource/config/DatabaseConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
import org.springframework.boot.jdbc.DataSourceBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.jdbc.datasource.DriverManagerDataSource;

import javax.sql.DataSource;

Expand Down Expand Up @@ -51,26 +52,33 @@ public class DatabaseConfiguration {

@Bean
public DataSource dataSource() throws Exception {

JSch jsch = new JSch();
Session session = jsch.getSession(
KmsUtils.decrypt(sshUsername),
KmsUtils.decrypt(sshHost),
sshPort
);
session.setPassword(KmsUtils.decrypt(sshPassword));
session.setConfig("StrictHostKeyChecking", "no");
session.connect();

int assignedPort = session.setPortForwardingL(0,
KmsUtils.decrypt(originUrl),
localPort
); // TODO: lport 값(현재 0)은 추후 서버 올릴때는 지정해줘야함

return DataSourceBuilder.create()
.url(KmsUtils.decrypt(databaseUrl).replace(Integer.toString(localPort), Integer.toString(assignedPort)))
.username(KmsUtils.decrypt(databaseUsername))
.password(KmsUtils.decrypt(databasePassword))
.build();
// KMS 활용한 연결
// JSch jsch = new JSch();
// Session session = jsch.getSession(
// KmsUtils.decrypt(sshUsername),
// KmsUtils.decrypt(sshHost),
// sshPort
// );
// session.setPassword(KmsUtils.decrypt(sshPassword));
// session.setConfig("StrictHostKeyChecking", "no");
// session.connect();
//
// int assignedPort = session.setPortForwardingL(0,
// KmsUtils.decrypt(originUrl),
// localPort
// ); // TODO: lport 값(현재 0)은 추후 서버 올릴때는 지정해줘야함
//
// return DataSourceBuilder.create()
// .url(KmsUtils.decrypt(databaseUrl).replace(Integer.toString(localPort), Integer.toString(assignedPort)))
// .username(KmsUtils.decrypt(databaseUsername))
// .password(KmsUtils.decrypt(databasePassword))
// .build();
// EKS ConfigMap & Secret
DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(driverClassName);
dataSource.setUrl(databaseUrl);
dataSource.setUsername(databaseUsername);
dataSource.setPassword(databasePassword);
return dataSource;
}
}
11 changes: 5 additions & 6 deletions src/main/java/com/catcher/batch/infrastructure/utils/KmsUtils.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package com.catcher.batch.infrastructure.utils;

import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.kms.AWSKMS;
Expand All @@ -25,14 +26,13 @@ public class KmsUtils {
@Value("${aws.kms.keyId}")
private static String KEY_ID;

@Value("${spring.profiles.active}")
private static String PROFILE;
// @Value("${spring.profiles.active}")
// private static String PROFILE;

public static String encrypt(String text) {
try {
AWSKMS kmsClient = AWSKMSClientBuilder.standard()
.withCredentials(new ProfileCredentialsProvider(PROFILE))
.withRegion(Regions.AP_NORTHEAST_2)
.withCredentials(DefaultAWSCredentialsProviderChain.getInstance())
.build();

EncryptRequest request = new EncryptRequest();
Expand All @@ -50,8 +50,7 @@ public static String encrypt(String text) {
public static String decrypt(String cipherBase64) {
try {
AWSKMS kmsClient = AWSKMSClientBuilder.standard()
.withCredentials(new ProfileCredentialsProvider(PROFILE))
.withRegion(Regions.AP_NORTHEAST_2)
.withCredentials(DefaultAWSCredentialsProviderChain.getInstance())
.build();

DecryptRequest request = new DecryptRequest();
Expand Down

0 comments on commit 862d78a

Please sign in to comment.