summaryrefslogtreecommitdiffstats
path: root/auth/sample/bin
diff options
context:
space:
mode:
Diffstat (limited to 'auth/sample/bin')
-rw-r--r--auth/sample/bin/client.sh76
-rw-r--r--auth/sample/bin/pod_wait.sh50
-rw-r--r--auth/sample/bin/service.sh131
3 files changed, 198 insertions, 59 deletions
diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh
index a8b8b9a6..ded8c409 100644
--- a/auth/sample/bin/client.sh
+++ b/auth/sample/bin/client.sh
@@ -15,18 +15,29 @@ for (( i=( ${#FQIA_E[@]} -1 ); i>0; i-- )); do
NS=${NS}${FQIA_E[i]}'.'
done
NS=${NS}${FQIA_E[0]}
-
+CONFIG="/opt/app/aaf_config"
+LOCAL="/opt/app/osaaf/local"
+DOT_AAF="$HOME/.aaf"
+SSO="$DOT_AAF/sso.props"
+
+# Setup Bash, first time only
+if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
+ echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
+ echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
+ chmod a+x $CONFIG/bin/agent.sh
+ . $HOME/.bash_aliases
+fi
# Setup SSO info for Deploy ID
function sso_encrypt() {
- $JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} ~/.aaf/keyfile
+ $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} $DOT_AAF/keyfile
}
-if [ ! -e " ~/.aaf/keyfile" ]; then
- mkdir -p ~/.aaf
- SSO=~/.aaf/sso.props
- $JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen ~/.aaf/keyfile
- chmod 400 ~/.aaf/keyfile
+
+if [ ! -e "$DOT_AAF/keyfile" ]; then
+ mkdir -p $DOT_AAF
+ $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen $DOT_AAF/keyfile
+ chmod 400 $DOT_AAF/keyfile
echo cadi_latitude=${LATITUDE} > ${SSO}
echo cadi_longitude=${LONGITUDE} >> ${SSO}
echo aaf_id=${DEPLOY_FQI} >> ${SSO}
@@ -35,26 +46,29 @@ if [ ! -e " ~/.aaf/keyfile" ]; then
fi
echo aaf_locate_url=https://${AAF_FQDN}:8095 >> ${SSO}
echo aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:${AAF_INTERFACE_VERSION} >> ${SSO}
- echo cadi_truststore=$(ls /opt/app/aaf_config/public/*trust*) >> ${SSO}
+
+ base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
+ echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO}
echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO}
fi
# Only initialize once, automatically...
-if [ ! -e /opt/app/osaaf/local/${NS}.props ]; then
+if [ ! -e $LOCAL/${NS}.props ]; then
+ mkdir -p $LOCAL
for D in bin logs; do
- rsync -avzh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+ rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
done
# setup Configs
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \
- cadi_etc_dir=/opt/app/osaaf/local
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \
+ cadi_etc_dir=$LOCAL cadi_prop_files=$SSO
# Place Certificates
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN}
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN}
# Validate
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate \
- cadi_prop_files=/opt/app/osaaf/local/${NS}.props
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate \
+ cadi_prop_files=$LOCAL/${NS}.props
fi
# Now run a command
@@ -84,31 +98,31 @@ if [ ! "$CMD" = "" ]; then
;;
update)
for D in bin logs; do
- rsync -uh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+ rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
done
;;
showpass)
echo "## Show Passwords"
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN}
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN}
;;
check)
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN}
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN}
;;
validate)
echo "## validate requested"
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate /opt/app/osaaf/local/${NS}.props
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate $LOCAL/${NS}.props
;;
bash)
- if [ ! -e ~/.bash_aliases ]; then
- echo "alias cadi='$JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >~/.bash_aliases
- echo "alias agent='$JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.configure.Agent \$*'" >>~/.bash_aliases
- fi
+ #if [ ! -e $HOME/bash_aliases ]; then
+ # echo "alias cadi='$JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >$HOME/bash_aliases
+ # echo "alias agent='/bin/bash $CONFIG/bin/agent.sh no-op \$*'" >>$HOME/bash_aliases
+ #fi
shift
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
/bin/bash "$@"
;;
setProp)
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
FILES=$(grep -l "$1" ./*.props)
if [ "$FILES" = "" ]; then
FILES="$3"
@@ -125,11 +139,11 @@ if [ ! "$CMD" = "" ]; then
done
;;
encrypt)
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
echo $1
FILES=$(grep -l "$1" ./*.props)
if [ "$FILES" = "" ]; then
- FILES=/opt/app/osaaf/local/${NS}.cred.props
+ FILES=$LOCAL/${NS}.cred.props
ADD=Y
fi
for F in $FILES; do
@@ -144,7 +158,7 @@ if [ ! "$CMD" = "" ]; then
else
ORIG_PW="$2"
fi
- PWD=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" /opt/app/osaaf/local/${NS}.keyfile)
+ PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
if [ "$ADD" = "Y" ]; then
echo "$1=enc:$PWD" >> $F
else
@@ -174,17 +188,17 @@ if [ ! "$CMD" = "" ]; then
;;
cadi)
echo "--- cadi Tool Comands ---"
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
;;
agent)
echo "--- agent Tool Comands ---"
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
;;
esac
echo ""
;;
*)
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
;;
esac
fi
diff --git a/auth/sample/bin/pod_wait.sh b/auth/sample/bin/pod_wait.sh
new file mode 100644
index 00000000..71773be7
--- /dev/null
+++ b/auth/sample/bin/pod_wait.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+#
+# A Script for use in Pods... Check for status files, and validate before moving on.
+#
+DIR="/opt/app/aaf/status"
+APP=$1
+shift
+OTHER=$1
+shift
+
+function status {
+ if [ -d "$DIR" ]; then
+ echo "$@" > $DIR/$APP
+ fi
+}
+
+echo $APP $OTHER
+
+function check {
+ if [ -d "$DIR" ]; then
+ if [ -e "$DIR/$OTHER" ]; then
+ echo "$(cat $DIR/$OTHER)"
+ else
+ echo "$DIR/$OTHER does not exist"
+ fi
+ else
+ echo "$DIR does not exist"
+ fi
+}
+
+echo "App $APP is waiting to start until $OTHER is ready"
+status "waiting for $OTHER"
+
+n=0
+while [ $n -lt 40 ]; do
+ rv="$(check)"
+ echo "$OTHER is $rv"
+ if [ "$rv" = "ready" ]; then
+ # This is critical. Until status is literally "ready" in the status directory, no processes will start
+ status ready
+ echo "Starting $@"
+ n=10000
+ else
+ (( ++n ))
+ echo "Sleep 10 (iteration $n)"
+ sleep 10
+ fi
+done
+
+eval "$@"
diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh
index 33dca67f..da2eb855 100644
--- a/auth/sample/bin/service.sh
+++ b/auth/sample/bin/service.sh
@@ -3,36 +3,114 @@
# It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
#
JAVA=/usr/bin/java
+LOCAL=/opt/app/osaaf/local
+DATA=/opt/app/osaaf/data
+PUBLIC=/opt/app/osaaf/public
+CONFIG=/opt/app/aaf_config
+# Temp use for clarity of code
+FILE=
+
+# Setup Bash, first time only
+if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
+ echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
+ echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
+ chmod a+x $CONFIG/bin/agent.sh
+ . $HOME/.bash_aliases
+fi
# Only load Identities once
-if [ ! -e /opt/app/osaaf/data/identities.dat ]; then
- mkdir -p /opt/app/osaaf/data
- cp /opt/app/aaf_config/data/sample.identities.dat /opt/app/osaaf/data/identities.dat
+# echo "Check Identities"
+FILE="$DATA/identities.dat"
+if [ ! -e $FILE ]; then
+ mkdir -p $DATA
+ cp $CONFIG/data/sample.identities.dat $FILE
+fi
+
+# Load up Cert/X509 Artifacts
+# echo "Check Signer Keyfile"
+FILE="$LOCAL/org.osaaf.aaf.signer.p12"
+if [ ! -e $FILE ]; then
+ mkdir -p $LOCAL
+ mkdir -p $PUBLIC
+ if [ -e $CONFIG/cert/org.osaaf.aaf.signer.p12 ]; then
+ cp $CONFIG/cert/org.osaaf.aaf.signer.p12 $FILE
+ else
+ echo "Decode"
+ base64 -d $CONFIG/cert/demoONAPsigner.p12.b64 > $FILE
+ base64 -d $CONFIG/cert/truststoreONAP.p12.b64 > $PUBLIC/truststoreONAP.p12
+ base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $PUBLIC/truststoreONAPall.jks
+ ln -s $PUBLIC/truststoreONAPall.jks $LOCAL
+ cp $CONFIG/cert/AAF_RootCA.cer $PUBLIC
+ CM_TRUST_CAS="$PUBLIC/AAF_RootCA.cer"
+ echo "cadi_keystore_password=something easy" >> $CONFIG/local/aaf.props
+ fi
+fi
+
+# echo "Check keyfile"
+FILE="$LOCAL/org.osaaf.aaf.p12"
+if [ ! -e $FILE ]; then
+ if [ -e $CONFIG/cert/org.osaaf.aaf.p12 ]; then
+ cp $CONFIG/cert/org.osaaf.aaf.p12 $FILE
+ else
+ echo "Bootstrap Creation of Keystore from Signer"
+ cd $CONFIG/CA
+
+ # Remove this after Casablanca
+ CADI_X509_ISSUERS="CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
+ bash bootstrap.sh $LOCAL/org.osaaf.aaf.signer.p12 'something easy'
+ cp aaf.bootstrap.p12 $FILE
+ if [ -n "$CADI_X509_ISSUERS" ]; then
+ CADI_X509_ISSUERS="$CADI_X509_ISSUERS:"
+ fi
+ BOOT_ISSUER="$(cat aaf.bootstrap.issuer)"
+ CADI_X509_ISSUERS="$CADI_X509_ISSUERS$BOOT_ISSUER"
+
+ I=${BOOT_ISSUER##CN=};I=${I%%,*}
+ CM_CA_PASS="something easy"
+ CM_CA_LOCAL="org.onap.aaf.auth.cm.ca.LocalCA,$LOCAL/org.osaaf.aaf.signer.p12;aaf_intermediate_9;enc:"
+ CM_TRUST_CAS="$PUBLIC/AAF_RootCA.cer"
+ fi
fi
# Only initialize once, automatically...
-if [ ! -e /opt/app/osaaf/local/org.osaaf.aaf.props ]; then
- rsync -avzh --exclude=.gitignore /opt/app/aaf_config/local/org.osaaf.aaf* /opt/app/osaaf/local
+if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
+ rsync -avzh --exclude=.gitignore $CONFIG/local/org.osaaf.aaf* $LOCAL
for D in public etc logs; do
- rsync -avzh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+ rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
done
TMP=$(mktemp)
echo aaf_env=${AAF_ENV} >> ${TMP}
echo cadi_latitude=${LATITUDE} >> ${TMP}
echo cadi_longitude=${LONGITUDE} >> ${TMP}
+ echo cadi_x509_issuers=${CADI_X509_ISSUERS} >> ${TMP}
echo aaf_register_as=${AAF_REGISTER_AS} >> ${TMP}
echo aaf_locate_url=https://${AAF_REGISTER_AS}:8095 >> ${TMP}
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \
- cadi_etc_dir=/opt/app/osaaf/local \
- cadi_prop_files=/opt/app/aaf_config/local/initialConfig.props:/opt/app/aaf_config/local/aaf.props:${TMP}
+ cat $TMP
+
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \
+ cadi_etc_dir=$LOCAL \
+ cadi_prop_files=$CONFIG/local/initialConfig.props:$CONFIG/local/aaf.props:${TMP}
rm ${TMP}
# Default Password for Default Cass
- CASS_PASS=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "cassandra" /opt/app/osaaf/local/org.osaaf.aaf.keyfile)
- sed -i.backup -e "s/\\(cassandra.clusters.password=enc:\\)/\\1$CASS_PASS/" /opt/app/osaaf/local/org.osaaf.aaf.cassandra.props
+ CASS_PASS=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "cassandra" $LOCAL/org.osaaf.aaf.keyfile)
+ sed -i.backup -e "s/\\(cassandra.clusters.password=enc:\\)/\\1$CASS_PASS/" $LOCAL/org.osaaf.aaf.cassandra.props
+
+ if [ -n "$CM_CA_LOCAL" ]; then
+ if [ -n "$CM_CA_PASS" ]; then
+ CM_CA_LOCAL=$CM_CA_LOCAL$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile)
+ fi
+ # Move and copy method, rather than sed, because of slashes in CM_CA_LOCAL makes too complex
+ FILE=$LOCAL/org.osaaf.aaf.cm.ca.props
+ mv $FILE $FILE.backup
+ grep -v "cm_ca.local=" $FILE.backup > $FILE
+ echo "cm_ca.local=$CM_CA_LOCAL" >> $FILE
+ echo "cm_trust_cas=$CM_TRUST_CAS" >> $FILE
+ fi
fi
+
# Now run a command
CMD=$2
if [ ! "$CMD" = "" ]; then
@@ -59,28 +137,25 @@ if [ ! "$CMD" = "" ]; then
fi
;;
update)
- rsync -uh --exclude=.gitignore /opt/app/aaf_config/local/org.osaaf.aaf* /opt/app/osaaf/local
+ rsync -uh --exclude=.gitignore $CONFIG/local/org.osaaf.aaf* $LOCAL
for D in public data etc logs; do
- rsync -uh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+ rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
done
;;
validate)
echo "## validate requested"
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=$LOCAL/org.osaaf.aaf.props
;;
+ onap)
+ echo Initializing ONAP configurations.
+ ;;
bash)
- echo "alias agent='/bin/bash /opt/app/aaf_config/bin/agent.sh EMPTY \$*'" >>~/.bashrc
- if [ ! "$(grep aaf_config ~/.bashrc)" = "" ]; then
- echo "alias cadi='/bin/bash /opt/app/aaf_config/bin/agent.sh EMPTY cadi \$*'" >>~/.bashrc
- echo "alias agent='/bin/bash /opt/app/aaf_config/bin/agent.sh EMPTY \$*'" >>~/.bashrc
- #. ~/.bashrc
- fi
shift
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
/bin/bash "$@"
;;
setProp)
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
FILES=$(grep -l "$1" ./*.props)
if [ "$FILES" = "" ]; then
FILES="$3"
@@ -98,11 +173,11 @@ if [ ! "$CMD" = "" ]; then
done
;;
encrypt)
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
echo $1
FILES=$(grep -l "$1" ./*.props)
if [ "$FILES" = "" ]; then
- FILES=/opt/app/osaaf/local/org.osaaf.aaf.cred.props
+ FILES=$LOCAL/org.osaaf.aaf.cred.props
ADD=Y
fi
for F in $FILES; do
@@ -117,7 +192,7 @@ if [ ! "$CMD" = "" ]; then
else
ORIG_PW="$2"
fi
- PWD=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" /opt/app/osaaf/local/org.osaaf.aaf.keyfile)
+ PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile)
if [ "$ADD" = "Y" ]; then
echo "$1=enc:$PWD" >> $F
else
@@ -147,17 +222,17 @@ if [ ! "$CMD" = "" ]; then
;;
cadi)
echo "--- cadi Tool Comands ---"
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+ $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
;;
agent)
echo "--- agent Tool Comands ---"
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar
+ $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
;;
esac
echo ""
;;
*)
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+ $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
;;
esac
fi