summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--auth/auth-cass/cass_init/cmd.sh4
-rw-r--r--auth/auth-cass/cass_init/push.sh5
-rw-r--r--auth/auth-cass/cass_init/restore.sh2
-rw-r--r--auth/auth-cass/docker/Dockerfile.cass11
-rw-r--r--auth/docker/Dockerfile.agent13
-rw-r--r--auth/docker/Dockerfile.base15
-rw-r--r--auth/docker/Dockerfile.config16
-rw-r--r--auth/docker/Dockerfile.core14
-rw-r--r--auth/docker/Dockerfile.hello19
-rw-r--r--auth/docker/agent.sh4
-rw-r--r--auth/docker/components1
-rw-r--r--auth/docker/dbuild.sh249
-rw-r--r--auth/docker/dclean.sh4
-rw-r--r--auth/docker/drun.sh50
-rw-r--r--auth/docker/dstop.sh7
-rw-r--r--auth/helm/aaf-hello/templates/aaf-hello.yaml16
-rw-r--r--auth/helm/aaf/aaf.sh4
-rw-r--r--auth/helm/aaf/templates/aaf-service.yaml2
-rwxr-xr-xauth/sample/bin/client.sh26
-rw-r--r--auth/sample/bin/service.sh4
-rw-r--r--cadi/aaf/src/assemble/cadi-aaf.xml10
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java14
22 files changed, 290 insertions, 200 deletions
diff --git a/auth/auth-cass/cass_init/cmd.sh b/auth/auth-cass/cass_init/cmd.sh
index f605a472..bfd592a3 100644
--- a/auth/auth-cass/cass_init/cmd.sh
+++ b/auth/auth-cass/cass_init/cmd.sh
@@ -24,7 +24,7 @@
DIR="/opt/app/aaf/status"
INSTALLED_VERSION=/var/lib/cassandra/AAF_VERSION
AAF_INIT_DATA=/var/lib/cassandra/AAF_INIT_DATA
-CQLSH=${CQLSH:=/opt/cassandra/bin/cqlsh}
+CQLSH=${CQLSH:=/usr/bin/cqlsh}
if [ ! -e /aaf_cmd ]; then
ln -s /opt/app/aaf/cass_init/cmd.sh /aaf_cmd
@@ -137,7 +137,7 @@ function install_onap {
bash prep.sh
status push data to cassandra
# bash push.sh
- echo "YES" | bash restore.sh
+ bash push.sh
cd -
echo $(date) > $AAF_INIT_DATA
fi
diff --git a/auth/auth-cass/cass_init/push.sh b/auth/auth-cass/cass_init/push.sh
index f887f077..a6f8277d 100644
--- a/auth/auth-cass/cass_init/push.sh
+++ b/auth/auth-cass/cass_init/push.sh
@@ -22,6 +22,9 @@
# These are obtained from "gzipped" files, or pre-placed (i.e. initialization)
# in the "dats" directory
#
+
+CQLSH="${CQLSH:=/usr/bin/cqlsh} -k authz"
+
DIR=/opt/app/aaf/cass_init
cd $DIR
if [ ! -e dats ]; then
@@ -35,7 +38,7 @@ fi
cd dats
for T in $(ls *.dat); do
if [ -s $T ]; then
- cqlsh --request-timeout=100 -e "COPY authz.${T/.dat/} FROM '$T' WITH DELIMITER='|';";
+ $CQLSH --request-timeout=100 -e "COPY authz.${T/.dat/} FROM '$T' WITH DELIMITER='|';";
fi
done
cd $DIR
diff --git a/auth/auth-cass/cass_init/restore.sh b/auth/auth-cass/cass_init/restore.sh
index ba2c49eb..0bf0ea65 100644
--- a/auth/auth-cass/cass_init/restore.sh
+++ b/auth/auth-cass/cass_init/restore.sh
@@ -4,7 +4,7 @@
echo `date`
ENV=DOCKER
-CQLSH="${CQLSH:=/opt/cassandra/bin/cqlsh} -k authz"
+CQLSH="${CQLSH:=/usr/bin/cqlsh} -k authz"
cd dats
if [ "$*" = "" ]; then
diff --git a/auth/auth-cass/docker/Dockerfile.cass b/auth/auth-cass/docker/Dockerfile.cass
index 5d9c3db9..2d60da2e 100644
--- a/auth/auth-cass/docker/Dockerfile.cass
+++ b/auth/auth-cass/docker/Dockerfile.cass
@@ -34,11 +34,12 @@ COPY sample.identities.dat /opt/app/aaf/cass_init/data/identites.dat
RUN mkdir -p /opt/app/aaf/status &&\
chmod 777 /opt/app/aaf/status && \
- addgroup ${DUSER} && adduser --ingroup cassandra --disabled-password --gecos "" --shell /bin/bash ${DUSER} && \
- chown -R ${DUSER}:cassandra /opt/app/aaf/cass_init &&\
- chown -R ${DUSER}:cassandra /etc/cassandra &&\
- mkdir -p /var/lib/cassandra/data && chown -R ${DUSER}:cassandra /var/lib/cassandra &&\
- chown -R ${DUSER}:cassandra /var/log/cassandra &&\
+ if [ ! -z "${DUSER}" ]; then \
+ addgroup --gid 1000 ${DUSER}; \
+ adduser --ingroup ${DUSER} --disabled-password --gecos "" --shell /bin/bash -u 1000 ${DUSER} ; \
+ mkdir -p /var/lib/cassandra/data /var/log/cassandra ; \
+ chown -R 1000:1000 /opt/app/aaf /etc/cassandra /var/log/cassandra /var/lib/cassandra ; \
+ fi && \
ln -s /opt/app/aaf/cass_init/cmd.sh /aaf_cmd && chmod a+x /aaf_cmd
USER ${DUSER}
diff --git a/auth/docker/Dockerfile.agent b/auth/docker/Dockerfile.agent
index e974dc49..71f70098 100644
--- a/auth/docker/Dockerfile.agent
+++ b/auth/docker/Dockerfile.agent
@@ -27,9 +27,14 @@ LABEL version=${AAF_VERSION}
COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh
COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh
COPY bin/aaf-cadi-aaf-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/
-COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/
+#COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/
COPY cert/*trust*.b64 /opt/app/aaf_config/cert/
-RUN chmod 755 /opt/app/aaf_config/bin/* &&\
- if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi
-USER ${DUSER}
+
CMD []
+
+RUN mkdir -p /opt/app/osaaf/local && \
+ if [ -n "${DUSER}" ]; then \
+ addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; \
+ chown ${DUSER}:${DUSER} /opt/app/osaaf/local; \
+ fi
+# Note: User added if in d.props
diff --git a/auth/docker/Dockerfile.base b/auth/docker/Dockerfile.base
index 523d63f0..4d305d7a 100644
--- a/auth/docker/Dockerfile.base
+++ b/auth/docker/Dockerfile.base
@@ -18,19 +18,20 @@
# ============LICENSE_END====================================================
#
# Use dbuild.sh input parameter to set registry
-#FROM ${REGISTRY}/openjdk:11-jre-slim
#FROM ${REGISTRY}/openjdk:8-jdk-alpine
FROM ${REGISTRY}/alpine
-#FROM openjdk:12-jdk-alpine
-#FROM openjdk:13-jdk-alpine
MAINTAINER AAF Team, AT&T 2018
LABEL description="aaf_base"
ENV JAVA_HOME /usr/lib/jvm/java-11-openjdk
-RUN apk --no-cache add openjdk11 &&\
- apk add --no-cache bash &&\
+
+RUN apk add --no-cache bash &&\
+ apk --no-cache add openjdk11 &&\
apk add --no-cache openssl &&\
- apk add --no-cache curl &&\
- if [ -n "${DUSER}" ]; then addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; fi
+ apk add --no-cache curl
+
+# mkdir -p /opt/app/aaf/status
+# addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash
+# Note: User added if in d.props
diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config
index b2263ecc..3d9aa352 100644
--- a/auth/docker/Dockerfile.config
+++ b/auth/docker/Dockerfile.config
@@ -36,8 +36,16 @@ COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh
COPY bin/aaf-auth-cmd-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/
COPY bin/aaf-auth-batch-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/
-RUN mkdir -p /opt/app/osaaf &&\
- chmod 755 /opt/app/aaf_config/bin/*.sh &&\
- if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/osaaf && chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi
-USER ${DUSER}
+RUN mkdir -p /opt/app/aaf /opt/app/osaaf/logs && \
+ if [ -n "${DUSER}" ]; then \
+ addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; \
+ chown -R ${DUSER}:${DUSER} /opt/app/aaf /opt/app/osaaf /opt/app/aaf_config; \
+ fi && \
+ chmod 774 /opt/app/aaf_config/bin/*.sh
+
CMD ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"]
+# Note: User added if in d.props
+# if [ -n "${DUSER}" ]; then \
+# addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; \
+# chown -R ${DUSER}:${DUSER} /opt/app/aaf /opt/app/aaf_config; \
+# fi && \
diff --git a/auth/docker/Dockerfile.core b/auth/docker/Dockerfile.core
index 4179c5e7..206d1c4d 100644
--- a/auth/docker/Dockerfile.core
+++ b/auth/docker/Dockerfile.core
@@ -30,11 +30,11 @@ COPY lib /opt/app/aaf/lib
COPY bin /opt/app/aaf/bin
COPY theme/ /opt/app/aaf/theme/
-RUN mkdir -p /opt/app/osaaf &&\
- mkdir -p /opt/app/aaf/status &&\
- chmod 755 /opt/app/aaf/bin/* &&\
- if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \
- && chown ${DUSER}:${DUSER} /opt/app/osaaf \
- && chown -R ${DUSER}:${DUSER} /opt/app/aaf;\
+RUN mkdir -p /opt/app/aaf && \
+ if [ -n "${DUSER}" ]; then \
+ addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash ;\
+ chown -R ${DUSER}:${DUSER} /opt/app/aaf ;\
+ chmod 774 /opt/app/aaf/bin/* ;\
fi
-USER ${DUSER}
+
+# Note: User added if in d.props
diff --git a/auth/docker/Dockerfile.hello b/auth/docker/Dockerfile.hello
index 82d9a9f5..e8a60566 100644
--- a/auth/docker/Dockerfile.hello
+++ b/auth/docker/Dockerfile.hello
@@ -27,15 +27,16 @@ LABEL version=${AAF_VERSION}
COPY bin/pod_wait.sh /opt/app/aaf/bin/
COPY lib /opt/app/aaf/lib
COPY bin/hello /opt/app/aaf/bin/
-COPY etc /opt/app/aaf/etc
-COPY logs /opt/app/aaf/logs
+COPY etc /opt/app/osaaf/etc
+COPY logs /opt/app/osaaf/logs
-RUN mkdir -p /opt/app/osaaf &&\
- mkdir -p /opt/app/aaf/status &&\
- chmod 755 /opt/app/aaf/bin/* &&\
- if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \
- && chown ${DUSER}:${DUSER} /opt/app/osaaf \
- && chown -R ${DUSER}:${DUSER} /opt/app/aaf;\
+RUN mkdir -p /opt/app/aaf /opt/app/osaaf/logs/hello /opt/app/osaaf/local && \
+ if [ -n "${DUSER}" ]; then \
+ addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash ;\
+ chown -R ${DUSER}:${DUSER} /opt/app/aaf /opt/app/osaaf;\
+ chmod 774 /opt/app/aaf/bin/* ;\
fi
-USER ${DUSER}
+
CMD []
+
+# Note: User added if in d.props
diff --git a/auth/docker/agent.sh b/auth/docker/agent.sh
index f59bd228..0abce9c6 100644
--- a/auth/docker/agent.sh
+++ b/auth/docker/agent.sh
@@ -111,8 +111,9 @@ function run_it() {
fi
$DOCKER run -it --rm \
${USER_LINE} \
- -v "${VOLUME}:/opt/app/osaaf" \
+ -v "${VOLUME}:/opt/app/osaaf/local" \
--add-host="$AAF_FQDN:$AAF_FQDN_IP" \
+ $USER_LINE \
--env AAF_FQDN=${AAF_FQDN} \
--env DEPLOY_FQI=${DEPLOY_FQI} \
--env DEPLOY_PASSWORD=${DEPLOY_PASSWORD} \
@@ -138,6 +139,7 @@ function reset_sso {
mkdir -p ~/.aaf
> $HOME/.aaf/sso.props
sso aaf_locate_url "https://$AAF_FQDN:8095"
+ sso aaf_url_cm "https://$AAF_FQDN:8150"
sso cadi_latitude "$LATITUDE"
sso cadi_longitude "$LONGITUDE"
sso cadi_loglevel "DEBUG"
diff --git a/auth/docker/components b/auth/docker/components
index 7f58dc33..bb5f27b2 100644
--- a/auth/docker/components
+++ b/auth/docker/components
@@ -3,5 +3,4 @@ locate
oauth
cm
gui
-hello
fs
diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh
index 0a816461..e768904b 100644
--- a/auth/docker/dbuild.sh
+++ b/auth/docker/dbuild.sh
@@ -31,6 +31,19 @@ fi
# Remove "SNAPSHOT" from AAF Jars in Containers
JAR_VERSION=${VERSION/-SNAPSHOT/}
+function SCP() {
+ SANS=${1/-SNAPSHOT/}
+ echo $1 = $SANS
+ if [ -e $SANS ]; then
+ cp $SANS $2
+ else
+
+ ln $1 $SANS
+ cp $SANS $2
+ rm $SANS
+ fi
+}
+
# process input. originally, an optional positional parameter is used to designate a component.
# A flagged parameter has been added to optionally indicate docker pull registry. Ideally, options
# would be flagged but we're avoiding ripple effect of changing original usage
@@ -46,6 +59,7 @@ if [ $# -gt 0 ]; then
else
DOCKER_PULL_REGISTRY=$3
fi
+ shift
fi
fi
fi
@@ -54,81 +68,82 @@ grep -v '#' d.props | grep '=' | grep -v -e "=$"
DOCKER=${DOCKER:=docker}
-echo "Building Containers for aaf components, version $VERSION"
-# AAF_cass now needs a version...
-echo "### Build Cass"
-cd ../auth-cass/docker
-pwd
-bash ./dbuild.sh $DOCKER_PULL_REGISTRY
-cd -
-
########
-# First, build a AAF Base version - set the core image, etc
-echo "### Build Base"
-sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
- -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
- -e 's/${DUSER}/'${DUSER}'/g' \
- -e 's/${REGISTRY}/'${DOCKER_PULL_REGISTRY}'/g' \
- Dockerfile.base > Dockerfile
-$DOCKER build -t ${ORG}/${PROJECT}/aaf_base:${VERSION} .
-$DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:${VERSION}
-$DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:latest
-rm Dockerfile
-
-function SCP() {
- SANS=${1/-SNAPSHOT/}
- echo $1 = $SANS
- if [ -e $SANS ]; then
- cp $SANS $2
- else
-
- ln $1 $SANS
- cp $SANS $2
- rm $SANS
- fi
-}
+# Preliminary: if Cass exists, build that first
+if [[ -z "$1" || "$1" = "cass" ]]; then
+ echo "#### Delegate to Cassandra build"
+ echo "Building Containers for aaf components, version $VERSION"
+ # AAF_cass now needs a version...
+ echo "### Build Cass"
+ cd ../auth-cass/docker
+ bash ./dbuild.sh $DOCKER_PULL_REGISTRY
+ cd -
+fi
-########
-# Second, Create the AAF Config (Security) Images
+if [[ -z "$1" || "$1" = "base" ]]; then
+ ########
+ # First, build a AAF Base version - set the core image, etc
+ echo "### Build Base"
+ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
+ -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
+ -e 's/${DUSER}/'${DUSER}'/g' \
+ -e 's/${REGISTRY}/'${DOCKER_PULL_REGISTRY}'/g' \
+ Dockerfile.base > Dockerfile
+ $DOCKER build -t ${ORG}/${PROJECT}/aaf_base:${VERSION} .
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:${VERSION}
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:latest
+ rm Dockerfile
+fi
+
+# Common copies
cd ..
-# Note: only 2 jars each in Agent/Config
-SCP auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin
-SCP auth-batch/target/aaf-auth-batch-$VERSION-full.jar sample/bin
SCP ../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar sample/bin
-SCP ../cadi/servlet-sample/target/aaf-cadi-servlet-sample-${VERSION}-sample.jar sample/bin
-cp -Rf ../conf/CA sample
-
-# AAF Config image (for AAF itself)
-echo "### Build Config"
-sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
- -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
- -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
- -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
- -e 's/${DUSER}/'${DUSER}'/g' \
- docker/Dockerfile.config > sample/Dockerfile
-$DOCKER build -t ${ORG}/${PROJECT}/aaf_config:${VERSION} sample
-$DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:${VERSION}
-$DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:latest
-
-
-# AAF Agent Image (for Clients)
-echo "### Build Agent"
-sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
- -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
- -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
- -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
- -e 's/${DUSER}/'${DUSER}'/g' \
- docker/Dockerfile.agent > sample/Dockerfile
-$DOCKER build -t ${ORG}/${PROJECT}/aaf_agent:${VERSION} sample
-$DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:${VERSION}
-$DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest
+
+if [[ -z "$1" || "$1" = "config" ]]; then
+ ########
+ # Second, Create the AAF Config (Security) Images
+ # Note: only 2 jars each in Agent/Config
+ SCP auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin
+ SCP auth-batch/target/aaf-auth-batch-$VERSION-full.jar sample/bin
+ SCP ../cadi/servlet-sample/target/aaf-cadi-servlet-sample-${VERSION}-sample.jar sample/bin
+ cp -Rf ../conf/CA sample
+
+ # AAF Config image (for AAF itself)
+ echo "### Build Config"
+ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
+ -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
+ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
+ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${DUSER}/'${DUSER}'/g' \
+ docker/Dockerfile.config > sample/Dockerfile
+ # Note: do Config as Root, to get directories correct
+ $DOCKER build -t ${ORG}/${PROJECT}/aaf_config:${VERSION} sample
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:${VERSION}
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:latest
+fi
+
+if [[ -z "$1" || "$1" = "agent" ]]; then
+ # AAF Agent Image (for Clients)
+ echo "### Build Agent"
+ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
+ -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
+ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
+ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${DUSER}/'${DUSER}'/g' \
+ docker/Dockerfile.agent > sample/Dockerfile
+ #if [ -n "$DUSER" ]; then
+ # echo "USER $DUSER" >> sample/Dockerfile
+ #fi
+ $DOCKER build -t ${ORG}/${PROJECT}/aaf_agent:${VERSION} sample
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:${VERSION}
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest
+
+fi
# Clean up
-rm sample/Dockerfile sample/bin/aaf-*-*.jar
-rm -Rf sample/CA
+rm -Rf sample/Dockerfile sample/bin/aaf-*-*.jar sample/CA
cd -
-
########
# Third Copy AAF Executables to a BUILD Directory, for easy Cleanup
echo "### Copy to aaf_DBUILD"
@@ -155,53 +170,65 @@ if [ ! "$VERSION" = "$JAR_VERSION" ]; then
done
cd ${START_DIR}
fi
-
-########
-# Third, build a core Docker Image to be used for all AAF Components
cp ../sample/bin/pod_wait.sh ../aaf_DBUILD/bin
-# Apply currrent Properties to Docker file, and put in place.
-sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
- -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
- -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
- -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
- -e 's/${DUSER}/'${DUSER}'/g' \
- Dockerfile.core >../aaf_DBUILD/Dockerfile
-cd ..
-
-echo "### Building Core"
-# Don't need "Hello" App in core
-mv aaf_DBUILD/lib/aaf-auth-hello-${JAR_VERSION}* /tmp
-$DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_DBUILD
-$DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:${VERSION}
-$DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:latest
-rm aaf_DBUILD/Dockerfile
-mv /tmp/aaf-auth-hello-${JAR_VERSION}* aaf_DBUILD/lib
-
-########
-# Fourth, do Hello
-# Apply currrent Properties to Docker file, and put in place.
-echo "### Building Hello"
-cd -
-sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
- -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
- -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
- -e 's/${DUSER}/'${DUSER}'/g' \
- Dockerfile.hello >../aaf_DBUILD/Dockerfile
-cd ..
-
-cp -Rf sample/etc aaf_DBUILD
-cp -Rf sample/logs aaf_DBUILD
-
-for C in cass certman cmd deforg fs gui locate oauth service; do
- rm aaf_DBUILD/lib/aaf-auth-$C-*
-done
+if [[ -z "$1" || "$1" = "core" ]]; then
+ ########
+ # Fourth, build a core Docker Image to be used for all AAF Components
+ # Apply currrent Properties to Docker file, and put in place.
+ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
+ -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
+ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \
+ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${DUSER}/'${DUSER}'/g' \
+ Dockerfile.core >../aaf_DBUILD/Dockerfile
+ if [ -n "$DUSER" ]; then
+ echo "USER $DUSER" >> ../aaf_DBUILD/Dockerfile
+ fi
+ cd ..
+
+ $DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_DBUILD
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:${VERSION}
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:latest
+ rm aaf_DBUILD/Dockerfile
+
+ cd -
+fi
-$DOCKER build -t ${ORG}/${PROJECT}/aaf_hello:${VERSION} aaf_DBUILD
-$DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:${VERSION}
-$DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:latest
+if [[ -z "$1" || "$1" = "hello" ]]; then
+ ########
+ # Fifth, do Hello
+ # Apply currrent Properties to Docker file, and put in place.
+ echo "### Building Hello"
+ cp ../sample/bin/client.sh ../aaf_DBUILD/bin
+ cp ../sample/hello/init.sh ../aaf_DBUILD/bin/hello_init.sh
+ SCP ../../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar ../aaf_DBUILD/bin
+
+ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \
+ -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \
+ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \
+ -e 's/${DUSER}/'${DUSER}'/g' \
+ Dockerfile.hello >../aaf_DBUILD/Dockerfile
+ #if [ -n "$DUSER" ]; then
+ # echo "USER $DUSER" >> ../aaf_DBUILD/Dockerfile
+ #fi
+
+ cd ..
+ cp -Rf sample/etc aaf_DBUILD
+ cp -Rf sample/logs aaf_DBUILD
+ cp -Rf sample/cert aaf_DBUILD
+
+ for C in cass certman cmd deforg fs gui locate oauth service; do
+ rm aaf_DBUILD/lib/aaf-auth-$C-*
+ done
+ $DOCKER build -t ${ORG}/${PROJECT}/aaf_hello:${VERSION} aaf_DBUILD
+ if [ -n ${DOCKER_REPOSITORY} ]; then
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:${VERSION}
+ $DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:latest
+ fi
+ cd -
+fi
# Final cleanup
-rm -Rf aaf_DBUILD
+rm -Rf ../aaf_DBUILD
-cd -
diff --git a/auth/docker/dclean.sh b/auth/docker/dclean.sh
index f27cc4ec..867f4c69 100644
--- a/auth/docker/dclean.sh
+++ b/auth/docker/dclean.sh
@@ -22,6 +22,10 @@
. ./d.props
DOCKER=${DOCKER:=docker}
+if [ "$1" == "all" ]; then
+ AAF_COMPONENTS=cass
+ shift
+fi
if [ "$1" == "" ]; then
AAF_COMPONENTS="$(cat components) config core agent base "
else
diff --git a/auth/docker/drun.sh b/auth/docker/drun.sh
index 57a61676..86fe5984 100644
--- a/auth/docker/drun.sh
+++ b/auth/docker/drun.sh
@@ -34,6 +34,14 @@ else
AAF_COMPONENTS="$@"
fi
+# All the NORMAL services use common directory
+# remove this for Hello, which we want non shared
+CONFIG="-v aaf_config:$CONF_ROOT_DIR"
+if [ -n "${DUSER}" ]; then
+ THE_USER="--user $DUSER"
+fi
+IMAGE="${PREFIX}${ORG}/${PROJECT}/aaf_core:${VERSION}"
+
for AAF_COMPONENT in ${AAF_COMPONENTS}; do
LINKS=""
CMD_LINE=""
@@ -75,17 +83,40 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do
CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs"
;;
"hello")
- PUBLISH="--publish 8130:8130"
LINKS="--link aaf-service --link aaf-locate --link aaf-oauth --link aaf-cm"
- CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-hello aaf-locate && exec bin/hello"
+ CONFIG="-v aaf_hello_config:/opt/app/osaaf/local"
+
+ # Since Helm based element have init-containers, take the same approach here.
+ if [ -z "$(docker volume ls | grep aaf_hello_config)" ]; then
+ echo Init Hello Config Container
+
+ echo -n "Creating Volume: "
+ $DOCKER volume create -d local aaf_hello_config
+
+ $DOCKER run --rm --name aaf_hello_config ${LINKS} \
+ $CONFIG \
+ --env AAF_FQDN=$HOSTNAME \
+ --env DEPLOY_FQI=deployer@people.osaaf.org \
+ --env DEPLOY_PASSWORD=demo123456! \
+ --env APP_FQI=aaf@aaf.osaaf.org \
+ --env APP_FQDN=aaf-hello \
+ --env LATITUDE=$LATITUDE \
+ --env LONGITUDE=$LONGITUDE \
+ --env aaf_locator_container_ns=onap \
+ --env aaf_locator_container=docker \
+ $LINKS \
+ "${PREFIX}${ORG}/${PROJECT}/aaf_agent:${VERSION}" \
+ bash -c "bash /opt/app/aaf_config/bin/agent.sh && chown -R ${DUSER}:${DUSER} /opt/app/osaaf/local"
+ fi
+
+ PUBLISH="--publish 8130:8130"
+ #CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-hello aaf-locate aaf-cm && sleep 240"
+ CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-hello aaf-locate aaf-cm && exec bin/hello"
+ IMAGE="${PREFIX}${ORG}/${PROJECT}/aaf_hello:${VERSION}"
;;
esac
echo Starting aaf-$AAF_COMPONENT...
- if [ -n "${DUSER}" ]; then
- THE_USER="--user $DUSER"
- fi
-
$DOCKER run \
-d \
@@ -104,9 +135,10 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do
--env CASSANDRA_USER=${CASSANDRA_USER} \
--env CASSANDRA_PASSWORD=${CASSANDRA_PASSWORD} \
--env CASSANDRA_PORT=${CASSANDRA_PORT} \
- $PUBLISH \
- -v "aaf_config:$CONF_ROOT_DIR" \
-v "aaf_status:/opt/app/aaf/status" \
- ${PREFIX}${ORG}/${PROJECT}/aaf_core:${VERSION} \
+ $PUBLISH \
+ $CONFIG \
+ $IMAGE \
/bin/bash -c "$CMD_LINE"
+
done
diff --git a/auth/docker/dstop.sh b/auth/docker/dstop.sh
index fce79226..6549f3cf 100644
--- a/auth/docker/dstop.sh
+++ b/auth/docker/dstop.sh
@@ -22,7 +22,11 @@
. ./d.props
DOCKER=${DOCKER:=docker}
-if [ "$1" == "" ]; then
+if [ "$1" = "all" ]; then
+ AAF_COMPONENTS="cass"
+ shift
+fi
+if [ -z "$1" ]; then
for C in $(cat components); do
AAF_COMPONENTS="$C $AAF_COMPONENTS"
done
@@ -33,3 +37,4 @@ fi
for AAF_COMPONENT in ${AAF_COMPONENTS}; do
$DOCKER stop aaf-$AAF_COMPONENT
done
+
diff --git a/auth/helm/aaf-hello/templates/aaf-hello.yaml b/auth/helm/aaf-hello/templates/aaf-hello.yaml
index a79f39ed..37127c73 100644
--- a/auth/helm/aaf-hello/templates/aaf-hello.yaml
+++ b/auth/helm/aaf-hello/templates/aaf-hello.yaml
@@ -56,23 +56,11 @@ spec:
persistentVolumeClaim:
claimName: aaf-hello-pvc
initContainers:
- - command:
- - /bin/sh
- - -c
- - |
- chmod -R 775 /opt/app/osaaf
- chown -R 1000:1000 /opt/app/osaaf
- image: busybox:1.28
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: init-sysctl
- volumeMounts:
- - mountPath: /opt/app/osaaf
- name: aaf-hello-vol
- name: aaf-hello-config
image: "{{ .Values.image.repository }}{{ .Values.service.agentImage }}"
imagePullPolicy: IfNotPresent
volumeMounts:
- - mountPath: "/opt/app/osaaf"
+ - mountPath: "/opt/app/osaaf/local"
name: aaf-hello-vol
command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
env:
@@ -106,7 +94,7 @@ spec:
imagePullPolicy: IfNotPresent
command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"]
volumeMounts:
- - mountPath: "/opt/app/osaaf"
+ - mountPath: "/opt/app/osaaf/local"
name: aaf-hello-vol
ports:
- name: aaf-hello
diff --git a/auth/helm/aaf/aaf.sh b/auth/helm/aaf/aaf.sh
index 2b94c2ff..51a81da5 100644
--- a/auth/helm/aaf/aaf.sh
+++ b/auth/helm/aaf/aaf.sh
@@ -1,5 +1,5 @@
-. ../../docker/aaf.props
-IMAGE=onap/aaf/aaf_config:$VERSION
+. ../../docker/d.props
+IMAGE=$DOCKER_REPOSITORY/onap/aaf/aaf_config:$VERSION
kubectl -n onap run -it --rm aaf-config-$USER --image=$IMAGE --overrides='
{
diff --git a/auth/helm/aaf/templates/aaf-service.yaml b/auth/helm/aaf/templates/aaf-service.yaml
index f4772d67..da1134ac 100644
--- a/auth/helm/aaf/templates/aaf-service.yaml
+++ b/auth/helm/aaf/templates/aaf-service.yaml
@@ -77,7 +77,7 @@ spec:
- name: aaf-config-container
image: {{ .Values.image.repository }}onap/aaf/aaf_config:{{ .Values.image.version }}
imagePullPolicy: IfNotPresent
- command: ["bash","/opt/app/aaf_config/bin/agent.sh"]
+ command: ["bash","-c","/opt/app/aaf_config/bin/agent.sh"]
volumeMounts:
- mountPath: "/opt/app/osaaf"
name: aaf-config-vol
diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh
index 4132e6ca..97a1262f 100755
--- a/auth/sample/bin/client.sh
+++ b/auth/sample/bin/client.sh
@@ -55,12 +55,13 @@ function sso_encrypt() {
$JAVA_AGENT cadi digest ${1} $DOT_AAF/keyfile
}
-# Setup Bash, first time only
-if [ ! -e "$HOME/.bashrc" ] || [ -z "$(grep agent $HOME/.bashrc)" ]; then
- echo "alias agent='$CONFIG_BIN/agent.sh agent \$*'" >>$HOME/.bashrc
+# Setup Bash, first time only, Agent only
+if [ -n "$HOME/.bashrc" ] || [ -z "$(grep agent $HOME/.bashrc)" ]; then
+ echo "alias agent='$CONFIG_BIN/agent.sh agent \$*'" > $HOME/.bashrc
chmod a+x $CONFIG_BIN/agent.sh
. $HOME/.bashrc
fi
+
if [ ! -e "$DOT_AAF/truststoreONAPall.jks" ]; then
mkdir -p $DOT_AAF
base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
@@ -133,13 +134,22 @@ if [ "${VERSION}" != "$(cat ${LOCAL}/VERSION 2> /dev/null)" ]; then
echo "Clean up directory ${LOCAL}"
rm -Rf ${LOCAL}/*
fi
+
+# update client info
echo "${VERSION}" > $LOCAL/VERSION
+cp $AGENT_JAR $LOCAL
+echo "#!/bin/bash" > $LOCAL/agent
+ echo 'java -jar aaf-cadi-aaf-*-full.jar $*' >> $LOCAL/agent
+echo "#!/bin/bash" > $LOCAL/cadi
+ echo 'java -jar aaf-cadi-aaf-*-full.jar cadi $*' >> $LOCAL/cadi
+chmod 755 $LOCAL/agent $LOCAL/cadi
echo "Namespace is ${NS}"
# Only initialize once, automatically...
-if [ ! -e $LOCAL/${NS}.props ]; then
+if [ -n $LOCAL/${NS}.props ]; then
echo "#### Create Configuration files "
- $JAVA_AGENT config $APP_FQI $APP_FQDN
+ > $LOCAL/$NS
+ $JAVA_AGENT config $APP_FQI $APP_FQDN --nopasswd
cat $LOCAL/$NS.props
echo
@@ -153,7 +163,7 @@ if [ ! -e $LOCAL/${NS}.props ]; then
$JAVA_AGENT place $APP_FQI $APP_FQDN
if [ -z "$(grep cadi_alias $NS.cred.props)" ]; then
- echo "FAILED to get Certificate"
+ echo "FAILED to get Certificate"
INITIALIZED="false"
else
echo "Obtained Certificates"
@@ -284,7 +294,7 @@ else
;;
testConnectivity|testconnectivity)
echo "--- Test Connectivity ---"
- $JAVA -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.aaf.TestConnectivity $LOCAL/org.osaaf.aaf.props
+ $JAVA -cp $AGENT_JAR org.onap.aaf.cadi.aaf.TestConnectivity $LOCAL/org.osaaf.aaf.props
;;
--help | -?)
case "$1" in
@@ -320,7 +330,7 @@ else
### Possible Dublin
# sample)
# echo "--- run Sample Servlet App ---"
- # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG_BIN/aaf-auth-cmd-*-full.jar:$CONFIG_BIN/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
+ # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $AGENT_JAR:$CONFIG_BIN/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
# ;;
*)
$JAVA_AGENT "$CMD" "$@"
diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh
index 10a3e15e..2fd49cac 100644
--- a/auth/sample/bin/service.sh
+++ b/auth/sample/bin/service.sh
@@ -193,6 +193,10 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
fi
echo "Created AAF Initial Configurations"
INITIALIZED="true"
+ if [ -n ${DUSER} ]; then
+ mkdir -p /opt/app/osaaf/logs
+ chown -R 1000:1000 /opt/app/aaf /opt/app/osaaf
+ fi
fi
diff --git a/cadi/aaf/src/assemble/cadi-aaf.xml b/cadi/aaf/src/assemble/cadi-aaf.xml
index 63741ffa..64bc8eec 100644
--- a/cadi/aaf/src/assemble/cadi-aaf.xml
+++ b/cadi/aaf/src/assemble/cadi-aaf.xml
@@ -12,16 +12,6 @@
<dependencySet>
<unpack>true</unpack>
<scope>compile</scope>
- <includes>
- <include>org.onap.aaf.authz:aaf-auth-client</include>
- <include>org.onap.aaf.authz:aaf-cadi-aaf</include>
- <include>org.onap.aaf.authz:aaf-cadi-core</include>
- <include>org.onap.aaf.authz:aaf-cadi-client</include>
- <include>org.onap.aaf.authz:aaf-misc-env</include>
- <include>org.onap.aaf.authz:aaf-misc-rosetta</include>
- <include>javax.xml.bind:jaxb-api</include>
- <include>org.glassfish.jaxb:jaxb-runtime</include>
- </includes>
</dependencySet>
</dependencySets>
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
index f6808a90..db606a50 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
@@ -190,11 +190,16 @@ public class Agent {
}
if(access==null) {
+ boolean createOutsideForLoop = false;
for(Entry<Object, Object> es : System.getProperties().entrySet()) {
if(Config.CADI_PROP_FILES.equals(es.getKey())) {
- access = new PropAccess();
+ createOutsideForLoop = true;
+ break;
}
}
+ if(createOutsideForLoop) {
+ access = new PropAccess();
+ }
}
// When using Config file, check if Cred Exists, and if not, work with Deployer.
@@ -762,7 +767,12 @@ public class Agent {
machine = fqdns[1];
} else {
key = machine;
- fqdns = machines(cmds);
+ if(cmds.size()>0) {
+ fqdns = machines(cmds);
+ } else {
+ // make sure machine is also in SANS
+ fqdns = new String[] {machine};
+ }
}
TimeTaken tt = transitiveInfo.start("Place Artifact", Env.REMOTE);