diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml index c673e79..3404aa7 100644 --- a/.github/workflows/checks.yaml +++ b/.github/workflows/checks.yaml @@ -43,7 +43,7 @@ jobs: server-id: github - name: Maven Verify run: | - mvn --batch-mode clean install -DskipTests -s settings.xml + mvn --batch-mode clean install -s settings.xml env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/README.md b/README.md index 5e99f57..e68c156 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,46 @@ Integration of the [OpenTDF Platform](https://github.com/opentdf/platform) into [NiFi](https://nifi.apache.org/) Components: -* ConvertToTDF: A NiFi processor that converts FlowFile content to TDF format -* ConvertFromTDF: A NiFi processor that converts TDF formatted FlowFile content to it's plaintext representation -* OpenTDFControllerService: A NiFi controller service providing OpenTDF Platform Configuration +* "Zero Trust Data Format" (ZTDF) Processors: + * [ConvertToZTDF](./nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertToZTDF.java): A NiFi processor that converts FlowFile content to TDF format. Does not currently support assertions + * [ConvertFromZTDF](./nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertFromZTDF.java): A NiFi processor that converts TDF formatted FlowFile content to it's plaintext representation +* Controller Services: + * [OpenTDFControllerService](./nifi-tdf-controller-services-api/src/main/java/io/opentdf/nifi/OpenTDFControllerService.java): A NiFi controller service providing OpenTDF Platform Configuration +#### FlowChart: Generic Plaintext to ZTDF Nifi Flow + +```mermaid +--- +title: Generic Plaintext to ZTDF NiFi Flow +--- +flowchart TD + a[FlowFile: \nPlaintext content] + b["`**UpdateAttribute**`" Add data policy attributes to FlowFile] + c["`**ConvertToZTDF**`"] + d["Process ZTDF"] + e["Handle Error"] + a -- success --> b + b -- success --> c + c -- success (content = ZTDF) --> d + c -- failure --> e +``` + +#### FlowChart: Generic ZTDF to Plaintext Nifi Flow +```mermaid +--- +title: Generic ZTDF to Plaintext Nifi Flow +--- +flowchart TD + a[FlowFile: \nZTDF content] + b["`**ConvertFromZTDF**`"] + c["Process ZTDF"] + d["Handle Error"] + a -- success --> b + b -- success (content = plaintext) --> c + b -- failure --> d +``` + # Quick Start - Docker Compose 1. Build the NiFi Archives (NARs) and place in the docker compose mounted volumes diff --git a/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertFromTDF.java b/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertFromZTDF.java similarity index 91% rename from nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertFromTDF.java rename to nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertFromZTDF.java index 7d3f139..374f2d6 100644 --- a/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertFromTDF.java +++ b/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertFromZTDF.java @@ -18,9 +18,9 @@ import java.util.List; -@CapabilityDescription("Decrypts TDF flow file content") -@Tags({"TDF", "OpenTDF", "Decrypt", "Data Centric Security"}) -public class ConvertFromTDF extends AbstractTDFProcessor { +@CapabilityDescription("Decrypts ZTDF flow file content") +@Tags({"ZTDF", "Zero Trust Data Format", "OpenTDF", "Decrypt", "Data Centric Security"}) +public class ConvertFromZTDF extends AbstractTDFProcessor { @Override public List getSupportedPropertyDescriptors() { @@ -40,7 +40,7 @@ public void onTrigger(ProcessContext processContext, ProcessSession processSessi try { getTDF().loadTDF(seekableByteChannel, outputStream, sdk.getServices().kas()); } catch (Exception e) { - getLogger().error("error decrypting tdf", e); + getLogger().error("error decrypting ZTDF", e); throw new IOException(e); } }); diff --git a/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertToTDF.java b/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertToZTDF.java similarity index 96% rename from nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertToTDF.java rename to nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertToZTDF.java index 0003b64..9cc698a 100644 --- a/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertToTDF.java +++ b/nifi-tdf-processors/src/main/java/io/opentdf/nifi/ConvertToZTDF.java @@ -26,15 +26,15 @@ import java.util.Set; import java.util.stream.Collectors; -@CapabilityDescription("Transforms flow file content into a TDF") -@Tags({"TDF", "OpenTDF", "Encrypt", "Data Centric Security"}) +@CapabilityDescription("Transforms flow file content into a ZTDF") +@Tags({"ZTDF", "OpenTDF", "Zero Trust Data Format", "Encrypt", "Data Centric Security"}) @ReadsAttributes(value = { @ReadsAttribute(attribute = "kas_url", description = "The Key Access Server (KAS) URL used TDF Creation. This overrides " + "the KAS URL property of this processor."), @ReadsAttribute(attribute = "tdf_attribute", description = "A comma separated list of data attributes added " + "to created TDF Data Policy. e.g. http://example.org/attr/foo/value/bar,http://example.org/attr/foo/value/bar2") }) -public class ConvertToTDF extends AbstractTDFProcessor { +public class ConvertToZTDF extends AbstractTDFProcessor { static final String KAS_URL_ATTRIBUTE = "kas_url"; static final String TDF_ATTRIBUTE = "tdf_attribute"; diff --git a/nifi-tdf-processors/src/main/java/io/opentdf/nifi/SimpleOpenTDFControllerService.java b/nifi-tdf-processors/src/main/java/io/opentdf/nifi/SimpleOpenTDFControllerService.java index 32816af..d411da4 100644 --- a/nifi-tdf-processors/src/main/java/io/opentdf/nifi/SimpleOpenTDFControllerService.java +++ b/nifi-tdf-processors/src/main/java/io/opentdf/nifi/SimpleOpenTDFControllerService.java @@ -15,7 +15,7 @@ import java.util.Arrays; import java.util.List; -@Tags({"TDF", "OpenTDF", "Configuration"}) +@Tags({"TDF", "ZTDF", "OpenTDF", "Configuration"}) @CapabilityDescription("Provides An implementation of the OpenTDFControllerService API for OpenTDF SDK Configuration Parameters") public class SimpleOpenTDFControllerService extends AbstractControllerService implements OpenTDFControllerService { diff --git a/nifi-tdf-processors/src/main/resources/META-INF/services/org.apache.nifi.processor.Processor b/nifi-tdf-processors/src/main/resources/META-INF/services/org.apache.nifi.processor.Processor index 94c8308..138c940 100644 --- a/nifi-tdf-processors/src/main/resources/META-INF/services/org.apache.nifi.processor.Processor +++ b/nifi-tdf-processors/src/main/resources/META-INF/services/org.apache.nifi.processor.Processor @@ -1,2 +1,2 @@ -io.opentdf.nifi.ConvertFromTDF -io.opentdf.nifi.ConvertToTDF \ No newline at end of file +io.opentdf.nifi.ConvertFromZTDF +io.opentdf.nifi.ConvertToZTDF \ No newline at end of file diff --git a/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertFromTDFTest.java b/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertFromZTDFTest.java similarity index 97% rename from nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertFromTDFTest.java rename to nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertFromZTDFTest.java index ac85723..2daf927 100644 --- a/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertFromTDFTest.java +++ b/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertFromZTDFTest.java @@ -29,7 +29,7 @@ import static org.mockito.Mockito.*; -class ConvertFromTDFTest { +class ConvertFromZTDFTest { SDK mockSDK; TDF mockTDF; @@ -109,7 +109,7 @@ public void testConvertFromTDF() throws Exception { MockFlowFile messageTwo = runner.enqueue("message two".getBytes()); runner.run(1); List flowFileList = - runner.getFlowFilesForRelationship(ConvertFromTDF.REL_SUCCESS); + runner.getFlowFilesForRelationship(ConvertFromZTDF.REL_SUCCESS); assertEquals(2, flowFileList.size(), "Two successful flow files"); assertEquals(1, flowFileList.stream().filter(x -> x.getAttribute("filename").equals(messageOne.getAttribute("filename"))) .filter(x -> x.getContent().equals("Decrypted:message one")).count()); @@ -118,7 +118,7 @@ public void testConvertFromTDF() throws Exception { } - public static class MockRunner extends ConvertFromTDF { + public static class MockRunner extends ConvertFromZTDF { TDF mockTDF; SDKBuilder mockSDKBuilder; diff --git a/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertToTDFTest.java b/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertToZTDFTest.java similarity index 92% rename from nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertToTDFTest.java rename to nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertToZTDFTest.java index 2f1c531..6e9fea7 100644 --- a/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertToTDFTest.java +++ b/nifi-tdf-processors/src/test/java/io/opentdf/nifi/ConvertToZTDFTest.java @@ -4,7 +4,6 @@ import io.opentdf.platform.sdk.SDK; import io.opentdf.platform.sdk.TDF; import org.apache.commons.io.IOUtils; -import org.apache.commons.lang3.StringUtils; import org.apache.nifi.processor.ProcessContext; import org.apache.nifi.util.MockFlowFile; import org.apache.nifi.util.TestRunner; @@ -25,7 +24,7 @@ import static org.junit.jupiter.api.Assertions.*; import static org.mockito.Mockito.*; -class ConvertToTDFTest { +class ConvertToZTDFTest { SDK mockSDK; TDF mockTDF; @@ -55,7 +54,7 @@ public void testToTDF() throws Exception { TestRunner runner = TestRunners.newTestRunner(MockRunner.class); ((MockRunner) runner.getProcessor()).mockSDK = mockSDK; ((MockRunner) runner.getProcessor()).mockTDF = mockTDF; - runner.setProperty(ConvertToTDF.KAS_URL, "https://kas1"); + runner.setProperty(ConvertToZTDF.KAS_URL, "https://kas1"); setupTDFControllerService(runner); runner.assertValid(); @@ -94,14 +93,14 @@ public void testToTDF() throws Exception { //message one has no attribute MockFlowFile messageOne = runner.enqueue("message one".getBytes()); //message two has attributes - MockFlowFile messageTwo = runner.enqueue("message two".getBytes(), Map.of(ConvertToTDF.TDF_ATTRIBUTE, + MockFlowFile messageTwo = runner.enqueue("message two".getBytes(), Map.of(ConvertToZTDF.TDF_ATTRIBUTE, "https://example.org/attr/one/value/a,https://example.org/attr/one/value/b")); //message three has attributes and kas url override - MockFlowFile messageThree = runner.enqueue("message three".getBytes(), Map.of(ConvertToTDF.TDF_ATTRIBUTE, - "https://example.org/attr/one/value/c", ConvertToTDF.KAS_URL_ATTRIBUTE, "https://kas2")); + MockFlowFile messageThree = runner.enqueue("message three".getBytes(), Map.of(ConvertToZTDF.TDF_ATTRIBUTE, + "https://example.org/attr/one/value/c", ConvertToZTDF.KAS_URL_ATTRIBUTE, "https://kas2")); runner.run(1); List flowFileList = - runner.getFlowFilesForRelationship(ConvertFromTDF.REL_SUCCESS); + runner.getFlowFilesForRelationship(ConvertFromZTDF.REL_SUCCESS); assertEquals(2, flowFileList.size(), "Two flowfiles for success relationship"); assertEquals(1, flowFileList.stream().filter(x -> x.getAttribute("filename").equals(messageTwo.getAttribute("filename"))) .filter(x -> x.getContent().equals("TDF:message two")).count()); @@ -110,13 +109,13 @@ public void testToTDF() throws Exception { flowFileList = - runner.getFlowFilesForRelationship(ConvertFromTDF.REL_FAILURE); + runner.getFlowFilesForRelationship(ConvertFromZTDF.REL_FAILURE); assertEquals(1, flowFileList.size(), "One flowfile for failure relationship"); assertEquals(1, flowFileList.stream().filter(x -> x.getAttribute("filename").equals(messageOne.getAttribute("filename"))) .filter(x -> x.getContent().equals("message one")).count()); } - public static class MockRunner extends ConvertToTDF { + public static class MockRunner extends ConvertToZTDF { SDK mockSDK; TDF mockTDF; diff --git a/pom.xml b/pom.xml index d4ae7e7..2c8871f 100644 --- a/pom.xml +++ b/pom.xml @@ -137,6 +137,17 @@ + + org.apache.maven.plugins + maven-surefire-plugin + 3.2.5 + + + 1 + + + +