diff options
Diffstat (limited to 'auth/docker')
-rw-r--r-- | auth/docker/.gitignore | 1 | ||||
-rw-r--r-- | auth/docker/Dockerfile.agent | 3 | ||||
-rw-r--r-- | auth/docker/Dockerfile.config | 4 | ||||
-rw-r--r-- | auth/docker/Dockerfile.core | 2 | ||||
-rw-r--r-- | auth/docker/Dockerfile.hello | 3 | ||||
-rw-r--r-- | auth/docker/aaf.sh | 4 | ||||
-rw-r--r-- | auth/docker/agent.sh | 3 | ||||
-rw-r--r-- | auth/docker/d.props.csit | 2 | ||||
-rw-r--r-- | auth/docker/d.props.init | 2 | ||||
-rw-r--r--[-rwxr-xr-x] | auth/docker/dbuild.sh | 108 | ||||
-rw-r--r-- | auth/docker/drun.sh | 15 | ||||
-rw-r--r-- | auth/docker/dstage.sh | 31 | ||||
-rw-r--r-- | auth/docker/pom.xml | 65 |
13 files changed, 199 insertions, 44 deletions
diff --git a/auth/docker/.gitignore b/auth/docker/.gitignore index fb1f79ea..51bfecd8 100644 --- a/auth/docker/.gitignore +++ b/auth/docker/.gitignore @@ -13,3 +13,4 @@ /*.jks /sdnc /working +/target diff --git a/auth/docker/Dockerfile.agent b/auth/docker/Dockerfile.agent index 669665cc..ec5f24ea 100644 --- a/auth/docker/Dockerfile.agent +++ b/auth/docker/Dockerfile.agent @@ -26,9 +26,8 @@ LABEL version=${AAF_VERSION} COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh -COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-cadi-aaf-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/ COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ -COPY logs /opt/app/aaf_config/logs COPY cert/*trust*.b64 /opt/app/aaf_config/cert/ RUN chmod 755 /opt/app/aaf_config/bin/* &&\ if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config index 7b159d7c..4bb7a940 100644 --- a/auth/docker/Dockerfile.config +++ b/auth/docker/Dockerfile.config @@ -33,8 +33,8 @@ COPY public /opt/app/aaf_config/public COPY CA /opt/app/aaf_config/CA COPY bin/service.sh /opt/app/aaf_config/bin/agent.sh COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh -COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ -COPY bin/aaf-auth-batch-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-auth-cmd-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-auth-batch-${JAR_VERSION}-full.jar /opt/app/aaf_config/bin/ RUN mkdir -p /opt/app/osaaf &&\ chmod 755 /opt/app/aaf_config/bin/*.sh &&\ diff --git a/auth/docker/Dockerfile.core b/auth/docker/Dockerfile.core index a8aa543b..5c66c8ca 100644 --- a/auth/docker/Dockerfile.core +++ b/auth/docker/Dockerfile.core @@ -28,7 +28,7 @@ LABEL version=${AAF_VERSION} COPY lib /opt/app/aaf/lib COPY bin /opt/app/aaf/bin -COPY theme /opt/app/aaf/theme +COPY theme/ /opt/app/aaf/theme/ RUN mkdir -p /opt/app/osaaf &&\ mkdir -p /opt/app/aaf/status &&\ diff --git a/auth/docker/Dockerfile.hello b/auth/docker/Dockerfile.hello index 2378bae0..4b12a6f1 100644 --- a/auth/docker/Dockerfile.hello +++ b/auth/docker/Dockerfile.hello @@ -26,8 +26,9 @@ LABEL version=${AAF_VERSION} COPY bin/pod_wait.sh /opt/app/aaf/bin/ COPY lib /opt/app/aaf/lib -COPY etc /opt/app/osaaf/etc COPY bin/hello /opt/app/aaf/bin/ +COPY etc /opt/app/aaf/etc +COPY logs /opt/app/aaf/logs RUN mkdir -p /opt/app/osaaf &&\ mkdir -p /opt/app/aaf/status &&\ diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh index 23822e52..b498428b 100644 --- a/auth/docker/aaf.sh +++ b/auth/docker/aaf.sh @@ -25,6 +25,9 @@ DOCKER=${DOCKER:=docker} # if something, may not want CASS attached all the tim #LINKS="--link $CASSANDRA_DOCKER" +# DOCKER doesn't have DNS out of the box, only links. +# so we add cm_always_ignore_ips in --env + function run_it() { if [ -n "${DUSER}" ]; then USER_LINE="--user ${DUSER}" @@ -39,6 +42,7 @@ function run_it() { --env aaf_locator_fqdn=${HOSTNAME} \ --env aaf_locate_url=https://aaf-locate:8095 \ --env aaf_locator_public_fqdn=${HOSTNAME} \ + --env cm_always_ignore_ips=true \ --env AAF_ENV=${AAF_ENV} \ --env LATITUDE=${LATITUDE} \ --env LONGITUDE=${LONGITUDE} \ diff --git a/auth/docker/agent.sh b/auth/docker/agent.sh index 0538b70d..575e21f9 100644 --- a/auth/docker/agent.sh +++ b/auth/docker/agent.sh @@ -28,7 +28,7 @@ fi . ./aaf.props DOCKER=${DOCKER:=docker} -CADI_VERSION=${CADI_VERSION:=2.1.14-SNAPSHOT} +CADI_VERSION=${CADI_VERSION:=2.1.16} for V in VERSION DOCKER_REPOSITORY HOSTNAME CONTAINER_NS AAF_FQDN AAF_FQDN_IP DEPLOY_FQI APP_FQDN APP_FQI VOLUME DRIVER LATITUDE LONGITUDE; do if [ "$(grep $V ./aaf.props)" = "" ]; then @@ -121,6 +121,7 @@ function run_it() { --env LONGITUDE=${LONGITUDE} \ --env aaf_locator_container_ns=${CONTAINER_NS} \ --env aaf_locator_container=docker \ + --link aaf-service --link aaf-locate --link aaf-oauth --link aaf-cm \ --name aaf-agent-$USER \ "$PREFIX"onap/aaf/aaf_agent:$VERSION \ bash -c "bash /opt/app/aaf_config/bin/agent.sh $PARAMS" diff --git a/auth/docker/d.props.csit b/auth/docker/d.props.csit index 59fa7465..4363663e 100644 --- a/auth/docker/d.props.csit +++ b/auth/docker/d.props.csit @@ -28,7 +28,7 @@ ORG=onap PROJECT=aaf DOCKER_PULL_REGISTRY=nexus3.onap.org:10001 DOCKER_REPOSITORY=nexus3.onap.org:10003 -VERSION=2.1.11 +VERSION=2.1.15-SNAPSHOT CONF_ROOT_DIR=/opt/app/osaaf # For local builds, set PREFIX= PREFIX="$DOCKER_REPOSITORY/" diff --git a/auth/docker/d.props.init b/auth/docker/d.props.init index d1293874..b107e67d 100644 --- a/auth/docker/d.props.init +++ b/auth/docker/d.props.init @@ -23,7 +23,7 @@ PROJECT=aaf # Note: Override can happen on dbuild.sh Commandline, -r <registry> DOCKER_PULL_REGISTRY=nexus3.onap.org:10001 DOCKER_REPOSITORY=nexus3.onap.org:10003 -VERSION=2.1.14-SNAPSHOT +VERSION=2.1.15-SNAPSHOT CONF_ROOT_DIR=/opt/app/osaaf # For local builds, set PREFIX= PREFIX="$DOCKER_REPOSITORY/" diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh index 3b764547..0a816461 100755..100644 --- a/auth/docker/dbuild.sh +++ b/auth/docker/dbuild.sh @@ -1,4 +1,4 @@ -#!/bin/bash + ######### # ============LICENSE_START==================================================== # org.onap.aaf @@ -28,6 +28,9 @@ fi . ./d.props +# Remove "SNAPSHOT" from AAF Jars in Containers +JAR_VERSION=${VERSION/-SNAPSHOT/} + # process input. originally, an optional positional parameter is used to designate a component. # A flagged parameter has been added to optionally indicate docker pull registry. Ideally, options # would be flagged but we're avoiding ripple effect of changing original usage @@ -47,20 +50,23 @@ if [ $# -gt 0 ]; then fi fi -echo "$0: AAF_COMPONENTS=$AAF_COMPONENTS DOCKER_PULL_REGISTRY=$DOCKER_PULL_REGISTRY" +grep -v '#' d.props | grep '=' | grep -v -e "=$" DOCKER=${DOCKER:=docker} echo "Building Containers for aaf components, version $VERSION" - # AAF_cass now needs a version... +echo "### Build Cass" cd ../auth-cass/docker +pwd bash ./dbuild.sh $DOCKER_PULL_REGISTRY cd - ######## # First, build a AAF Base version - set the core image, etc +echo "### Build Base" sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ -e 's/${REGISTRY}/'${DOCKER_PULL_REGISTRY}'/g' \ Dockerfile.base > Dockerfile @@ -69,15 +75,33 @@ $DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${ $DOCKER tag ${ORG}/${PROJECT}/aaf_base:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_base:latest rm Dockerfile +function SCP() { + SANS=${1/-SNAPSHOT/} + echo $1 = $SANS + if [ -e $SANS ]; then + cp $SANS $2 + else + + ln $1 $SANS + cp $SANS $2 + rm $SANS + fi +} + ######## # Second, Create the AAF Config (Security) Images cd .. -cp auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin -cp auth-batch/target/aaf-auth-batch-$VERSION-full.jar sample/bin +# Note: only 2 jars each in Agent/Config +SCP auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin +SCP auth-batch/target/aaf-auth-batch-$VERSION-full.jar sample/bin +SCP ../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar sample/bin +SCP ../cadi/servlet-sample/target/aaf-cadi-servlet-sample-${VERSION}-sample.jar sample/bin cp -Rf ../conf/CA sample # AAF Config image (for AAF itself) +echo "### Build Config" sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ @@ -86,9 +110,11 @@ $DOCKER build -t ${ORG}/${PROJECT}/aaf_config:${VERSION} sample $DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_config:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_config:latest -cp ../cadi/servlet-sample/target/aaf-cadi-servlet-sample-${VERSION}-sample.jar sample/bin + # AAF Agent Image (for Clients) +echo "### Build Agent" sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ @@ -98,48 +124,84 @@ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/$ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest # Clean up -rm sample/Dockerfile sample/bin/aaf-*-${VERSION}-full.jar sample/bin/aaf-cadi-servlet-sample-${VERSION}-sample.jar +rm sample/Dockerfile sample/bin/aaf-*-*.jar rm -Rf sample/CA cd - + +######## +# Third Copy AAF Executables to a BUILD Directory, for easy Cleanup +echo "### Copy to aaf_DBUILD" +if [ -e "../aaf_$VERSION" ]; then + cp -Rf ../aaf_$VERSION ../aaf_DBUILD +elif [ -e "../aaf_$JAR_VERSION" ]; then + cp -Rf ../aaf_$JAR_VERSION ../aaf_DBUILD +else + echo "ERROR: No AAF Built. use Maven" + exit +fi +if [ ! "$VERSION" = "$JAR_VERSION" ]; then + START_DIR=$(pwd) + # Convert SNAPSHOT issues + cp -Rf ../aaf_$VERSION ../aaf_DBUILD + cd ../aaf_DBUILD/lib + # If Built Jars are "SNAPSHOT", convert to NON SNAPSHOT + for J in $(ls *-SNAPSHOT*); do mv $J ${J/-SNAPSHOT/}; done + cd ../bin + rm *.bat + for S in $(ls); do + sed -e "/$VERSION/s/$VERSION/$JAR_VERSION/g" $S > tmp + mv tmp $S + done + cd ${START_DIR} +fi + ######## # Third, build a core Docker Image to be used for all AAF Components -echo Building aaf_$AAF_COMPONENT... -cp ../sample/bin/pod_wait.sh ../aaf_${VERSION}/bin +cp ../sample/bin/pod_wait.sh ../aaf_DBUILD/bin # Apply currrent Properties to Docker file, and put in place. sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' \ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ - Dockerfile.core >../aaf_${VERSION}/Dockerfile + Dockerfile.core >../aaf_DBUILD/Dockerfile cd .. -echo "#######" -pwd -echo "#######" -$DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_${VERSION} + +echo "### Building Core" +# Don't need "Hello" App in core +mv aaf_DBUILD/lib/aaf-auth-hello-${JAR_VERSION}* /tmp + +$DOCKER build -t ${ORG}/${PROJECT}/aaf_core:${VERSION} aaf_DBUILD $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_core:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_core:latest -rm aaf_${VERSION}/Dockerfile +rm aaf_DBUILD/Dockerfile +mv /tmp/aaf-auth-hello-${JAR_VERSION}* aaf_DBUILD/lib ######## # Fourth, do Hello # Apply currrent Properties to Docker file, and put in place. +echo "### Building Hello" cd - sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ + -e 's/${JAR_VERSION}/'${JAR_VERSION}'/g' \ -e 's/${DOCKER_REPOSITORY}/'${DOCKER_REPOSITORY}'/g' \ -e 's/${DUSER}/'${DUSER}'/g' \ - Dockerfile.hello >../aaf_${VERSION}/Dockerfile + Dockerfile.hello >../aaf_DBUILD/Dockerfile cd .. -echo "#######" -pwd -echo "#######" -cp -Rf sample/etc aaf_${VERSION} -$DOCKER build -t ${ORG}/${PROJECT}/aaf_hello:${VERSION} aaf_${VERSION} + +cp -Rf sample/etc aaf_DBUILD +cp -Rf sample/logs aaf_DBUILD + +for C in cass certman cmd deforg fs gui locate oauth service; do + rm aaf_DBUILD/lib/aaf-auth-$C-* +done + +$DOCKER build -t ${ORG}/${PROJECT}/aaf_hello:${VERSION} aaf_DBUILD $DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:${VERSION} $DOCKER tag ${ORG}/${PROJECT}/aaf_hello:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_hello:latest -rm -Rf aaf_${VERSION}/Dockerfile aaf_${VERSION}/etc # Final cleanup -rm aaf_${VERSION}/bin/pod_wait.sh +rm -Rf aaf_DBUILD cd - diff --git a/auth/docker/drun.sh b/auth/docker/drun.sh index 03d8e9cd..57a61676 100644 --- a/auth/docker/drun.sh +++ b/auth/docker/drun.sh @@ -61,7 +61,7 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do ;; "cm") PUBLISH="--publish 8150:8150" - LINKS="--link aaf-cass --link aaf-service --link aaf-locate" + LINKS="--link aaf-cass --link aaf-service --link aaf-locate --link aaf-oauth" CMD_LINE="cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm" ;; "gui") @@ -82,20 +82,11 @@ for AAF_COMPONENT in ${AAF_COMPONENTS}; do esac echo Starting aaf-$AAF_COMPONENT... - - #for A in aaf.osaaf.org $AH_ROOT; do - #ADD_HOST="$ADD_HOST --add-host=$A:$HOST_IP" - #done - - #if [ ! -z "$LINKS" ] && [[ "$CASS_HOST" =~ ":" ]]; then - #ADD_HOST="$ADD_HOST --add-host=$CASS_HOST" - #fi - #--hostname="${AAF_COMPONENT}.${NAMESPACE}" \ - # --env aaf_locate_url=https://aaf-locate:8095 \ - # $ADD_HOST \ if [ -n "${DUSER}" ]; then THE_USER="--user $DUSER" fi + + $DOCKER run \ -d \ ${THE_USER} \ diff --git a/auth/docker/dstage.sh b/auth/docker/dstage.sh new file mode 100644 index 00000000..b57a2cec --- /dev/null +++ b/auth/docker/dstage.sh @@ -0,0 +1,31 @@ +#!/bin/bash +######### +# ============LICENSE_START==================================================== +# org.onap.aaf +# =========================================================================== +# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +# =========================================================================== +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END==================================================== +# +# Docker push Script. Reads all the components generated by install, on per-version basis +# +# Pull in Variables from d.props +. ./d.props +DOCKER=${DOCKER:=docker} + +AAF_COMPONENTS="config agent base core cass hello " + +for AAF_COMPONENT in ${AAF_COMPONENTS}; do + $DOCKER push ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_${AAF_COMPONENT}:${VERSION} +done diff --git a/auth/docker/pom.xml b/auth/docker/pom.xml new file mode 100644 index 00000000..b4d3545c --- /dev/null +++ b/auth/docker/pom.xml @@ -0,0 +1,65 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * +--> +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.onap.aaf.authz</groupId> + <artifactId>authparent</artifactId> + <version>2.1.16</version> + <relativePath>../pom.xml</relativePath> + </parent> + + <artifactId>aaf-auth-docker</artifactId> + <name>AAF Docker Build</name> + <description>Docker Build</description> + + <profiles> + <profile> + <id>build-docker</id> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>exec-maven-plugin</artifactId> + <version>1.6.0</version> + <executions> + <execution> + <id>Docker Build</id> + <goals> + <goal>exec</goal> + </goals> + </execution> + </executions> + <configuration> + <skip>false</skip> + <executable>bash</executable> + <commandlineArgs>-c "pwd; bash dbuild.sh;bash dstage.sh"</commandlineArgs> + </configuration> + </plugin> + </plugins> + </build> + </profile> + </profiles> +</project> + + |