From 25c4cb1839d75e25d1be9014bc1893be2cd56f4f Mon Sep 17 00:00:00 2001
From: Jari Nippula <jarix@ssrc.tii.ae>
Date: Thu, 10 Aug 2023 10:58:32 +0300
Subject: [PATCH] Utilize fog default dds profiles

---
 Dockerfile                                    |  2 +-
 combine_default_profiles.py                   | 66 +++++++++++++++++++
 ...mustache => dds_security_part_mustache.xml |  8 ---
 entrypoint.sh                                 | 12 +++-
 ...gent_refs.py => parse_dds_security_part.py | 24 +++----
 5 files changed, 89 insertions(+), 23 deletions(-)
 create mode 100755 combine_default_profiles.py
 rename agent.refs.mustache => dds_security_part_mustache.xml (92%)
 rename parse_agent_refs.py => parse_dds_security_part.py (59%)

diff --git a/Dockerfile b/Dockerfile
index ff848353..497b0e09 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -42,4 +42,4 @@ RUN ln -s /usr/local/lib/libmicroxrcedds_agent.so.2.2.0 /usr/local/lib/libmicrox
 ENV PATH="/usr/local/bin:$PATH" \
     LD_LIBRARY_PATH="/usr/local/lib:$LD_LIBRARY_PATH"
 
-COPY entrypoint.sh parse_agent_refs.py agent.refs.mustache agent.refs /
+COPY entrypoint.sh parse_dds_security_part.py dds_security_part_mustache.xml combine_default_profiles.py agent.refs /
diff --git a/combine_default_profiles.py b/combine_default_profiles.py
new file mode 100755
index 00000000..4e10a03d
--- /dev/null
+++ b/combine_default_profiles.py
@@ -0,0 +1,66 @@
+#!/usr/bin/python3
+
+import sys, os, re
+import shutil
+
+agent_refs_path=""
+if len(sys.argv) > 1:
+  agent_refs_path=sys.argv[1]
+
+dds_security_part_file = os.path.join(agent_refs_path, "dds_security_part.xml")
+default_profiles_file = os.path.join(agent_refs_path, "default_profiles.xml")
+agent_refs_tmp_file = os.path.join(agent_refs_path, "agent.refs.tmp")
+agent_refs_file = os.path.join(agent_refs_path, "agent.refs")
+
+def cleanup_temporary_files():
+  # cleanup
+  if os.path.exists(agent_refs_tmp_file):
+    os.remove(agent_refs_tmp_file)
+  if os.path.exists(default_profiles_file):
+    os.remove(default_profiles_file)
+  if os.path.exists(dds_security_part_file):
+    os.remove(dds_security_part_file)
+
+sec_part_data = ""
+add_sec_part = False
+if os.path.exists(dds_security_part_file):
+  add_sec_part = True
+  with open(dds_security_part_file, "r") as f:
+    sec_part_data = f.read()
+else:
+  print("No ROS2 security additions found for default profiles")
+
+### Combine original profiles data to agent.refs
+keep_config = True
+with open(default_profiles_file, "r") as in_f:
+  with open(agent_refs_tmp_file, "w") as out_f:
+    for line in in_f.readlines():
+      line_str = line.strip()
+
+      # Replace participant profile name
+      if line_str.startswith("<participant profile_name="):
+        line = re.sub(
+            '<participant profile_name="\S+"',
+            '<participant profile_name="default_xrce_participant"',
+            line)
+
+      # Remove data_reader and data_writer configs
+      #  as they conflicts with xrce client side configs
+      if line_str.startswith("<data_writer") or line_str.startswith("<data_reader"):
+        keep_config = False
+
+      if keep_config:
+        out_f.write(line)
+        if add_sec_part and line_str.startswith("<rtps>"):
+            out_f.write(sec_part_data)
+
+      if line_str.startswith("</data_writer") or line_str.startswith("</data_reader"):
+        keep_config = True
+
+# Replace original agent.refs with generated one
+if os.path.exists(agent_refs_tmp_file):
+  if os.path.exists(agent_refs_file):
+    os.remove(agent_refs_file)
+  shutil.copyfile(agent_refs_tmp_file, agent_refs_file)
+
+cleanup_temporary_files()
diff --git a/agent.refs.mustache b/dds_security_part_mustache.xml
similarity index 92%
rename from agent.refs.mustache
rename to dds_security_part_mustache.xml
index 1eca03c3..e93f281f 100644
--- a/agent.refs.mustache
+++ b/dds_security_part_mustache.xml
@@ -1,8 +1,3 @@
-<profiles>
-    <participant profile_name="default_xrce_participant">
-        <domainId>0</domainId>
-        <rtps>
-            <name>default_xrce_participant</name>
             <propertiesPolicy>
                 <properties>
                     <!-- Activate DDS:Auth:PKI-DH plugin -->
@@ -58,6 +53,3 @@
                     </property>
                 </properties>
             </propertiesPolicy>
-        </rtps>
-    </participant>
-</profiles>
diff --git a/entrypoint.sh b/entrypoint.sh
index d5c85876..bb1c8f4e 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,8 +1,16 @@
 #!/bin/bash -e
 
-unset FASTRTPS_DEFAULT_PROFILES_FILE
 
-/parse_agent_refs.py
+if [ "$FASTRTPS_DEFAULT_PROFILES_FILE" != "" ]; then
+        cp $FASTRTPS_DEFAULT_PROFILES_FILE /default_profiles.xml
+else
+        cp agent.refs default_profiles.xml
+fi
+
+/parse_dds_security_part.py
+/combine_default_profiles.py
+
+unset FASTRTPS_DEFAULT_PROFILES_FILE
 
 _term() {
         # FILL UP PROCESS SEARCH PATTERN HERE TO FIND PROPER PROCESS FOR SIGINT:
diff --git a/parse_agent_refs.py b/parse_dds_security_part.py
similarity index 59%
rename from parse_agent_refs.py
rename to parse_dds_security_part.py
index 4c7f59cc..79e151dd 100755
--- a/parse_agent_refs.py
+++ b/parse_dds_security_part.py
@@ -3,9 +3,9 @@
 import sys, os
 import pystache
 
-agent_refs_path=""
+dds_security_part_path=""
 if len(sys.argv) > 1:
-  agent_refs_path=sys.argv[1]
+  dds_security_part_path=sys.argv[1]
 
 env_keystore = os.environ.get("ROS_SECURITY_KEYSTORE")
 env_enclave_override = os.environ.get("ROS_SECURITY_ENCLAVE_OVERRIDE")
@@ -36,17 +36,17 @@
 with open(key_path, "r") as f:
   key = f.read().rstrip()
 
-agent_refs_must_file = os.path.join(agent_refs_path, "agent.refs.mustache")
-with open(agent_refs_must_file, "r") as f:
+dds_security_part_must_file = os.path.join(dds_security_part_path, "dds_security_part_mustache.xml")
+with open(dds_security_part_must_file, "r") as f:
   tmpl = f.read()
 
-agent_refs_data = pystache.render(tmpl, {'enclave_path': enclave_path, 'key_p11': key })
+dds_security_part_data = pystache.render(tmpl, {'enclave_path': enclave_path, 'key_p11': key })
 
-# Remove original agent.refs
-agent_refs_file = os.path.join(agent_refs_path, "agent.refs")
-if os.path.exists(agent_refs_file):
-  os.remove(agent_refs_file)
+# Remove old dds_security_part.xml if exists
+dds_security_part_file = os.path.join(dds_security_part_path, "dds_security_part.xml")
+if os.path.exists(dds_security_part_file):
+  os.remove(dds_security_part_file)
 
-# Write new agent.refs with sros params
-with open(agent_refs_file, 'w') as f:
-  f.write(agent_refs_data)
+# Write new dds_security_part.xml with sros params for combining
+with open(dds_security_part_file, 'w') as f:
+  f.write(dds_security_part_data)