summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2019-02-07 16:36:56 -0600
committerInstrumental <jonathan.gathman@att.com>2019-02-07 16:37:00 -0600
commit27afb0201ce717c25d8ffcc50f8b4972fc98f5c5 (patch)
treefcc70c64abc1b5741f92b65b354ea009f5fc4175
parente2fa0e67712b92c69f6863afe10c1c973a068e3e (diff)
Refine properties for non-root
Issue-ID: AAF-698 Change-Id: I266f0e36842fb506dbb3e412e12eedf64e24418a Signed-off-by: Instrumental <jonathan.gathman@att.com>
-rw-r--r--auth/auth-cass/cass_init/cmd.sh5
-rw-r--r--auth/auth-cass/docker/Dockerfile.cass5
-rw-r--r--auth/auth-cass/docker/dbash.sh28
-rw-r--r--auth/auth-cass/docker/dbuild.sh4
-rw-r--r--auth/auth-cass/docker/drun.sh1
-rw-r--r--auth/docker/Dockerfile.base2
-rw-r--r--auth/docker/Dockerfile.client2
-rw-r--r--auth/docker/Dockerfile.config3
-rw-r--r--auth/docker/Dockerfile.core2
-rw-r--r--auth/docker/Dockerfile.ms4
-rw-r--r--auth/docker/aaf.sh3
-rwxr-xr-xauth/docker/dbuild.sh5
-rw-r--r--auth/docker/drun.sh5
-rw-r--r--auth/sample/bin/service.sh3
-rw-r--r--conf/CA/bootstrap.sh3
15 files changed, 33 insertions, 42 deletions
diff --git a/auth/auth-cass/cass_init/cmd.sh b/auth/auth-cass/cass_init/cmd.sh
index ffaf182d..ba55648e 100644
--- a/auth/auth-cass/cass_init/cmd.sh
+++ b/auth/auth-cass/cass_init/cmd.sh
@@ -33,6 +33,7 @@ fi
# Always need startup status...
if [ ! -e "$DIR" ]; then
mkdir -p "$DIR"
+ chmod 777 $DIR
fi
function status {
@@ -134,7 +135,7 @@ case "$1" in
# Startup like normal
echo "Cassandra Startup"
- /usr/local/bin/docker-entrypoint.sh
+ exec /usr/local/bin/docker-entrypoint.sh
;;
wait)
# Wait for initialization. This can be called from Docker only as a check to make sure it is ready
@@ -148,7 +149,7 @@ case "$1" in
# Startup like normal
echo "Cassandra Startup"
- /usr/local/bin/docker-entrypoint.sh
+ exec /usr/local/bin/docker-entrypoint.sh
;;
esac
diff --git a/auth/auth-cass/docker/Dockerfile.cass b/auth/auth-cass/docker/Dockerfile.cass
index e79b33fc..aa6a9efb 100644
--- a/auth/auth-cass/docker/Dockerfile.cass
+++ b/auth/auth-cass/docker/Dockerfile.cass
@@ -30,6 +30,11 @@ COPY cass_init/*.props /opt/app/aaf/cass_init/
COPY aaf-auth-batch-${AAF_VERSION}-full.jar /opt/app/aaf/cass_init/
COPY cass_data/*.dat /opt/app/aaf/cass_init/dats/
+RUN mkdir -p /opt/app/aaf/status && chmod 777 /opt/app/aaf/status
+#RUN addgroup ${USER} && adduser --no-create-home --ingroup ${USER} --disabled-password --gecos "" --shell /bin/bash ${USER}
+#RUN chown -R ${USER}:${USER} /opt/app/aaf/cass_init
+
+
ENTRYPOINT ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh"]
CMD ["start"]
# Default is to start up with CQL setup only
diff --git a/auth/auth-cass/docker/dbash.sh b/auth/auth-cass/docker/dbash.sh
deleted file mode 100644
index 1e13d27d..00000000
--- a/auth/auth-cass/docker/dbash.sh
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/bash
-#########
-# ============LICENSE_START====================================================
-# org.onap.aaf
-# ===========================================================================
-# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
-# ===========================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END====================================================
-#
-# Pull in AAF Env Variables from AAF install
-if [ -e ../../docker/d.props ]; then
- . ../../docker/d.props
-fi
-DOCKER=${DOCKER:-docker}
-
-$DOCKER exec -it aaf_cass bash
-
diff --git a/auth/auth-cass/docker/dbuild.sh b/auth/auth-cass/docker/dbuild.sh
index 100b8cb9..c708dad5 100644
--- a/auth/auth-cass/docker/dbuild.sh
+++ b/auth/auth-cass/docker/dbuild.sh
@@ -30,7 +30,9 @@ echo "Building aaf_cass Container for aaf_cass:$VERSION"
DIR=$(pwd)
cd ..
-sed -e 's/${AAF_VERSION}/'${VERSION}'/g' $DIR/Dockerfile.cass > Dockerfile
+sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
+ -e 's/${USER}/'${USER}'/g' \
+ $DIR/Dockerfile.cass > Dockerfile
cd ..
cp -Rf sample/cass_data auth-cass/cass_data
cp sample/data/sample.identities.dat auth-cass
diff --git a/auth/auth-cass/docker/drun.sh b/auth/auth-cass/docker/drun.sh
index 778947eb..cd8ab78c 100644
--- a/auth/auth-cass/docker/drun.sh
+++ b/auth/auth-cass/docker/drun.sh
@@ -38,6 +38,7 @@ fi
if [ "`$DOCKER ps -a | grep aaf-cass`" == "" ]; then
echo "starting Cass from 'run'"
# NOTE: These HEAP Sizes are minimal. Not set for full organizations.
+ # --user ${USER} \
$DOCKER run \
--name aaf-cass \
-e HEAP_NEWSIZE=512M \
diff --git a/auth/docker/Dockerfile.base b/auth/docker/Dockerfile.base
index 1d74362d..879c3191 100644
--- a/auth/docker/Dockerfile.base
+++ b/auth/docker/Dockerfile.base
@@ -23,5 +23,5 @@ MAINTAINER AAF Team, AT&T 2018
LABEL description="aaf_base"
RUN apk add --no-cache bash
RUN apk add --no-cache openssl
-RUN addgroup aaf && adduser aaf -G aaf -D -s /bin/bash
+RUN addgroup ${USER} && adduser ${USER} -G ${USER} -D -s /bin/bash
diff --git a/auth/docker/Dockerfile.client b/auth/docker/Dockerfile.client
index f662aace..d0c20578 100644
--- a/auth/docker/Dockerfile.client
+++ b/auth/docker/Dockerfile.client
@@ -31,6 +31,6 @@ COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/
COPY cert/*trust*.b64 /opt/app/aaf_config/cert/
-RUN chown -R aaf:aaf /opt/app/aaf_config
+RUN chown -R ${USER}:${USER} /opt/app/aaf_config
CMD ["/bin/bash","-c","/opt/app/aaf_config/bin/agent.sh"]
diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config
index ca3df765..a6d6d4f1 100644
--- a/auth/docker/Dockerfile.config
+++ b/auth/docker/Dockerfile.config
@@ -37,7 +37,8 @@ COPY bin/pod_wait.sh /opt/app/aaf_config/bin/
COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
COPY bin/aaf-auth-batch-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
-RUN chown -R aaf:aaf /opt/app/aaf_config && mkdir /opt/app/osaaf && chown aaf:aaf /opt/app/osaaf
+RUN chown -R ${USER}:${USER} /opt/app/aaf_config
+RUN mkdir -p /opt/app/osaaf && chown ${USER}:${USER} /opt/app/osaaf
CMD ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"]
CMD []
diff --git a/auth/docker/Dockerfile.core b/auth/docker/Dockerfile.core
index 7237a00d..3e87ca56 100644
--- a/auth/docker/Dockerfile.core
+++ b/auth/docker/Dockerfile.core
@@ -30,5 +30,5 @@ COPY lib /opt/app/aaf/lib
COPY bin /opt/app/aaf/bin
COPY theme /opt/app/aaf/theme
-RUN chown -R aaf:aaf /opt/app/aaf
+RUN chown -R ${USER}:${USER} /opt/app/aaf
diff --git a/auth/docker/Dockerfile.ms b/auth/docker/Dockerfile.ms
index 222816c6..d5614316 100644
--- a/auth/docker/Dockerfile.ms
+++ b/auth/docker/Dockerfile.ms
@@ -25,7 +25,9 @@ LABEL description="aaf_${AAF_COMPONENT}"
LABEL version=${AAF_VERSION}
COPY bin/pod_wait.sh /opt/app/aaf/bin/
-RUN mkdir /opt/app/osaaf && chown aaf:aaf /opt/app/osaaf && chown -R aaf:aaf /opt/app/aaf/bin
+RUN mkdir -p /opt/app/osaaf && chown ${USER}:${USER} /opt/app/osaaf
+RUN mkdir -p /opt/app/aaf/status && chown ${USER}:${USER} /opt/app/aaf/status
+RUN chown -R ${USER}:${USER} /opt/app/aaf
#CMD ["bash","-c","cd /opt/app/aaf;bin/${AAF_COMPONENT}"]
CMD []
diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh
index a039be8a..ac888390 100644
--- a/auth/docker/aaf.sh
+++ b/auth/docker/aaf.sh
@@ -32,9 +32,10 @@ function run_it() {
-v "aaf_status:/opt/app/aaf/status" \
$LINKS \
--env aaf_locator_container=docker \
+ --env aaf_locator_container_ns=${NAMESPACE} \
--env aaf_locator_fqdn=${HOSTNAME} \
--env aaf_locate_url=https://aaf-locate:8095 \
- --env aaf_locator_public_hostname=$HOSTNAME \
+ --env aaf_locator_public_hostname=${HOSTNAME} \
--env AAF_ENV=${AAF_ENV} \
--env LATITUDE=${LATITUDE} \
--env LONGITUDE=${LONGITUDE} \
diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh
index fd59ed49..f9ff9b3b 100755
--- a/auth/docker/dbuild.sh
+++ b/auth/docker/dbuild.sh
@@ -38,6 +38,7 @@ cd -
# AAF Base version - set the core image, etc
sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
+ -e 's/${USER}/'${USER}'/g' \
Dockerfile.base > Dockerfile
$DOCKER build -t ${ORG}/${PROJECT}/aaf_base:${VERSION} .
$DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:${VERSION}
@@ -55,6 +56,7 @@ cp -Rf ../conf/CA sample
sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
-e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
-e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${USER}/'${USER}'/g' \
docker/Dockerfile.config > sample/Dockerfile
$DOCKER build -t ${ORG}/${PROJECT}/aaf_config:${VERSION} sample
$DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:${VERSION}
@@ -65,6 +67,7 @@ cp ../cadi/servlet-sample/target/aaf-cadi-servlet-sample-${VERSION}-sample.jar s
sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
-e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
-e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${USER}/'${USER}'/g' \
docker/Dockerfile.client > sample/Dockerfile
$DOCKER build -t ${ORG}/${PROJECT}/aaf_agent:${VERSION} sample
$DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:${VERSION}
@@ -82,6 +85,7 @@ echo Building aaf_$AAF_COMPONENT...
sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
-e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
-e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${USER}/'${USER}'/g' \
Dockerfile.core >../aaf_${VERSION}/Dockerfile
cd ..
$DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_${VERSION}
@@ -105,6 +109,7 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do
sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
-e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
-e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${USER}/'${USER}'/g' \
Dockerfile.ms >../aaf_${VERSION}/Dockerfile
cd ..
$DOCKER build -t ${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} aaf_${VERSION}
diff --git a/auth/docker/drun.sh b/auth/docker/drun.sh
index 6fc3a9a6..d7d43d65 100644
--- a/auth/docker/drun.sh
+++ b/auth/docker/drun.sh
@@ -91,6 +91,7 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do
#ADD_HOST="$ADD_HOST --add-host=$CASS_HOST"
#fi
#--hostname="${AAF_COMPONENT}.${NAMESPACE}" \
+ # --env aaf_locate_url=https://aaf-locate:8095 \
# $ADD_HOST \
$DOCKER run \
-d \
@@ -99,7 +100,9 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do
${LINKS} \
--env AAF_ENV=${AAF_ENV} \
--env aaf_locator_container=docker \
- --env aaf_locator_fqdn=$HOSTNAME \
+ --env aaf_locator_container_ns=${NAMESPACE} \
+ --env aaf_locator_fqdn=${HOSTNAME} \
+ --env aaf_locator_public_hostname=${HOSTNAME} \
--env LATITUDE=${LATITUDE} \
--env LONGITUDE=${LONGITUDE} \
--env CASSANDRA_CLUSTER=${CASSANDRA_CLUSTER} \
diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh
index df8a744a..2b964b1c 100644
--- a/auth/sample/bin/service.sh
+++ b/auth/sample/bin/service.sh
@@ -136,9 +136,6 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
for P in `env`; do
if [[ "$P" == aaf_locator* ]]; then
echo "$P" >> ${TMP}
- if [[ "$P" == aaf_locator_container=* ]]; then
- echo aaf_locator_container.hostname=${HOSTNAME} >> ${TMP}
- fi
fi
done
diff --git a/conf/CA/bootstrap.sh b/conf/CA/bootstrap.sh
index bf946782..c6064fbe 100644
--- a/conf/CA/bootstrap.sh
+++ b/conf/CA/bootstrap.sh
@@ -32,7 +32,8 @@ if [ ! -e ./serial ]; then
fi
NAME=aaf.bootstrap
-FQDN="${HOSTNAME:=$(hostname -f)}"
+HOSTNAME="${HOSTNAME:=$(hostname -)}"
+FQDN="${aaf_locator_fqdn:=$HOSTNAME}"
FQI=aaf@aaf.osaaf.org
SUBJECT="/CN=$FQDN/OU=$FQI`cat subject.aaf`"
SIGNER_P12=$1