Updating postgres image to 12 to match image used for testing.

ChangeLog:
  - Upgrade docker DB image.
  - Upgrade psycopg2 version.

config/opennsa.conf.template

@@ -16,4 +16,3 @@ tls=${TLS_ENABLED}
 
 [dud:topology]
 nrmmap=${NRM_FILE}
-

docker-compose.override.yml_placeholder

@@ -15,7 +15,7 @@ services:
     #volumes:
     #  - ./config/myNRMFile.nrm:/home/opennsa/opennsa/config/opennsa.nrm
   db:
-    image: postgres:9.6.5
+    image: postgres:12
     ##Expose 5432 locally 
     ports:
       - 5432:5432

docker-compose.yml

@@ -2,7 +2,7 @@ version: "3.7"
 
 services:
   db:
-    image: postgres:9.6.5
+    image: postgres:12
     expose:
       - 5432
     volumes:

docker/Dockerfile

@@ -5,7 +5,6 @@ FROM debian:stable-slim
 LABEL maintainer="Henrik Thostrup Jensen <htj@nordu.net>"
 
 # -- Environment --
-ENV GIT_REPO https://github.com/NORDUnet/opennsa
 ENV USER opennsa
 
 
@@ -19,26 +18,15 @@ ADD . /home/$USER/opennsa/
 # pyasn1 and crypto is needed for ssh backends
 RUN apt update \
    && apt install -y \
-   git-core \
+   libpq-dev \
    python3 \
-   python3-twisted-bin \
-   python3-openssl \
-   python3-psycopg2 \
    python3-pip \
-   python3-cryptography \
-   python3-dateutil \
-   && pip3 install \
-   twistar \
-   service-identity \
-   pyasn1 \
-   # -- Instal OpenNSA --
-   # && echo git clone $GIT_REPO \
-   # && su - $USER -c "git clone $GIT_REPO" \
-   ## Unsure why but this needs to be pulled away from the main apt install
+   netcat \
+   iputils-ping \
+   && pip3 install -r /home/$USER/opennsa/requirements.txt \
    && chown $USER:$USER -R /home/opennsa/opennsa \
-   && apt install -y netcat iputils-ping \
    # -- Cleanup --
-   && apt remove -y git-core python3-pip  \
+   && apt remove -y python3-pip  \
    && apt autoremove -y \
    && rm -rf /var/lib/apt/lists/* \
    && cp /home/$USER/opennsa/docker/run_opennsa.sh /home/$USER/opennsa \

opennsa/opennsaTlsContext.py

@@ -44,11 +44,14 @@ class opennsaTlsContext:
             try:
                 CACertificates.append(ssl.Certificate.loadPEM(CAFileContent))
             except crypto.Error as error:
-                log.msg('Cannot load CA certificate from %s: %s' % (CAFilename, error), system = LOG_SYSTEM)
+                log.msg(f'Cannot load CA certificate from {CAFilename}: {error}', system=LOG_SYSTEM)
             else:
-                log.msg('Loaded CA certificate %s' % (str(CACertificates[-1].getSubject())), system = LOG_SYSTEM)
+                try:
+                    log.msg(f'Loaded CA certificate {CACertificates[-1].getSubject()}', system=LOG_SYSTEM)
+                except:
+                    log.msg("Failed to serialize Certificate Subject")
         if len(CACertificates) == 0:
-            print('No certificiates loaded for CTX verificiation. CA verification will not work.')
+            print('No certificates loaded for CTX verification. CA verification will not work.')
         return ssl.trustRootFromCertificates(CACertificates)
 
     def getTrustRoot(self):

requirements.txt

-#twisted>=19.7.0
 twisted>=21.2.0
 twistar>=2.0
-#psycopg2>=2.7,<2.8 --no-binary psycopg2
-psycopg2
+psycopg2>=2.9,<2.10 --no-binary psycopg2
 pyOpenSSL>=17.5.0
-python-dateutil
-service_identity
-idna
\ No newline at end of file
+python-dotenv>=0.19.0
+cryptography>=3.4.8
+python-dateutil>=2.8,<2.9
+service-identity>=21.1.0,<22.0.0
+idna>=3.2,<3.3