diff options
Diffstat (limited to 'auth')
-rw-r--r-- | auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java | 2 | ||||
-rw-r--r-- | auth/docker/Dockerfile.agent | 5 | ||||
-rw-r--r-- | auth/docker/Dockerfile.base | 8 | ||||
-rw-r--r-- | auth/docker/Dockerfile.config | 7 | ||||
-rw-r--r-- | auth/docker/Dockerfile.hello | 9 | ||||
-rw-r--r-- | auth/docker/Dockerfile.ms | 7 | ||||
-rw-r--r-- | auth/helm/aaf/templates/aaf-cass.yaml | 4 | ||||
-rw-r--r-- | auth/helm/aaf/templates/aaf-cm.yaml | 4 | ||||
-rw-r--r-- | auth/helm/aaf/templates/aaf-fs.yaml | 2 | ||||
-rw-r--r-- | auth/helm/aaf/templates/aaf-gui.yaml | 2 | ||||
-rw-r--r-- | auth/helm/aaf/templates/aaf-locate.yaml | 8 | ||||
-rw-r--r-- | auth/helm/aaf/templates/aaf-oauth.yaml | 4 | ||||
-rw-r--r-- | auth/helm/aaf/templates/aaf-service.yaml | 4 | ||||
-rw-r--r-- | auth/helm/aaf/values.yaml | 1 | ||||
-rwxr-xr-x | auth/sample/bin/client.sh | 4 | ||||
-rw-r--r-- | auth/sample/bin/pod_wait.sh | 90 | ||||
-rw-r--r-- | auth/sample/bin/service.sh | 29 |
17 files changed, 123 insertions, 67 deletions
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java index d704e1a8..943b92f5 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java @@ -71,7 +71,7 @@ public class OrganizationFactory { String realm = env.getProperty(Config.AAF_DEFAULT_REALM,"people.osaaf.org"); defaultOrg = cnst.newInstance(env,realm); } catch (ClassNotFoundException | InstantiationException | IllegalAccessException | NoSuchMethodException | SecurityException | IllegalArgumentException | InvocationTargetException e) { - env.warn().log("Not Organization Moduled linked in",e); + env.warn().log("Default Organization Module not linked in",e); } } if (defaultOrg == null) { diff --git a/auth/docker/Dockerfile.agent b/auth/docker/Dockerfile.agent index b62f7b4f..669665cc 100644 --- a/auth/docker/Dockerfile.agent +++ b/auth/docker/Dockerfile.agent @@ -25,11 +25,12 @@ LABEL description="aaf_agent" LABEL version=${AAF_VERSION} COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh +COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ COPY logs /opt/app/aaf_config/logs COPY cert/*trust*.b64 /opt/app/aaf_config/cert/ - -RUN if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi +RUN chmod 755 /opt/app/aaf_config/bin/* &&\ + if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi CMD [] diff --git a/auth/docker/Dockerfile.base b/auth/docker/Dockerfile.base index 35ade62b..e7ae6432 100644 --- a/auth/docker/Dockerfile.base +++ b/auth/docker/Dockerfile.base @@ -22,8 +22,8 @@ FROM ${REGISTRY}/openjdk:8-jre-alpine MAINTAINER AAF Team, AT&T 2018 LABEL description="aaf_base" -RUN apk add --no-cache bash -RUN apk add --no-cache openssl -RUN apk add --no-cache curl -RUN if [ -n "${DUSER}" ]; then addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; fi +RUN apk add --no-cache bash &&\ + apk add --no-cache openssl &&\ + apk add --no-cache curl &&\ + if [ -n "${DUSER}" ]; then addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; fi diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config index 27b2ffff..7b159d7c 100644 --- a/auth/docker/Dockerfile.config +++ b/auth/docker/Dockerfile.config @@ -32,11 +32,12 @@ COPY cert /opt/app/aaf_config/cert COPY public /opt/app/aaf_config/public COPY CA /opt/app/aaf_config/CA COPY bin/service.sh /opt/app/aaf_config/bin/agent.sh -COPY bin/pod_wait.sh /opt/app/aaf_config/bin/ +COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ COPY bin/aaf-auth-batch-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ -RUN mkdir -p /opt/app/osaaf -RUN if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/osaaf && chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi +RUN mkdir -p /opt/app/osaaf &&\ + chmod 755 /opt/app/aaf_config/bin/*.sh &&\ + if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/osaaf && chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi CMD ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"] diff --git a/auth/docker/Dockerfile.hello b/auth/docker/Dockerfile.hello index 0d2a062c..2002822a 100644 --- a/auth/docker/Dockerfile.hello +++ b/auth/docker/Dockerfile.hello @@ -26,9 +26,10 @@ LABEL version=${AAF_VERSION} COPY bin/pod_wait.sh /opt/app/aaf/bin/ COPY etc /opt/app/osaaf/etc -RUN mkdir -p /opt/app/aaf/status -RUN if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \ - && chown ${DUSER}:${DUSER} /opt/app/osaaf \ - && chown -R ${DUSER}:${DUSER} /opt/app/aaf; fi +RUN mkdir -p /opt/app/aaf/status && chmod 755 /opt/app/aaf/bin/* &&\ + if [ -n "${DUSER}" ]; then \ + chown ${DUSER}:${DUSER} /opt/app/aaf/status &&\ + chown ${DUSER}:${DUSER} /opt/app/osaaf &&\ + chown -R ${DUSER}:${DUSER} /opt/app/aaf; fi CMD [] diff --git a/auth/docker/Dockerfile.ms b/auth/docker/Dockerfile.ms index ead958b3..351c3798 100644 --- a/auth/docker/Dockerfile.ms +++ b/auth/docker/Dockerfile.ms @@ -25,9 +25,10 @@ LABEL description="aaf_${AAF_COMPONENT}" LABEL version=${AAF_VERSION} COPY bin/pod_wait.sh /opt/app/aaf/bin/ -RUN mkdir -p /opt/app/osaaf -RUN mkdir -p /opt/app/aaf/status -RUN if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \ +RUN mkdir -p /opt/app/osaaf &&\ + mkdir -p /opt/app/aaf/status &&\ + chmod 755 /opt/app/aaf/bin/* &&\ + if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \ && chown ${DUSER}:${DUSER} /opt/app/osaaf \ && chown -R ${DUSER}:${DUSER} /opt/app/aaf; fi diff --git a/auth/helm/aaf/templates/aaf-cass.yaml b/auth/helm/aaf/templates/aaf-cass.yaml index 552303ca..cab7134b 100644 --- a/auth/helm/aaf/templates/aaf-cass.yaml +++ b/auth/helm/aaf/templates/aaf-cass.yaml @@ -40,6 +40,10 @@ spec: protocol: TCP port: {{.Values.services.cass.native_trans_port}} containerPort: {{.Values.services.cass.native_trans_port}} + - name: rpc + protocol: TCP + port: {{.Values.services.cass.rpc_port}} + containerPort: {{.Values.services.cass.rpc_port}} --- apiVersion: apps/v1 kind: Deployment diff --git a/auth/helm/aaf/templates/aaf-cm.yaml b/auth/helm/aaf/templates/aaf-cm.yaml index 51b0043d..ccc2e559 100644 --- a/auth/helm/aaf/templates/aaf-cm.yaml +++ b/auth/helm/aaf/templates/aaf-cm.yaml @@ -80,7 +80,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: aaf_locate_url - value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}" + value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}" - name: aaf_locator_public_fqdn value: "{{.Values.services.public_fqdn}}" - name: aaf_locator_name @@ -102,7 +102,7 @@ spec: - name: aaf-cm image: {{ .Values.image.repository }}onap/aaf/aaf_cm:{{ .Values.image.version }} imagePullPolicy: IfNotPresent - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"] + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-locate && exec bin/cm"] volumeMounts: - mountPath: "/opt/app/osaaf" name: aaf-config-vol diff --git a/auth/helm/aaf/templates/aaf-fs.yaml b/auth/helm/aaf/templates/aaf-fs.yaml index f0c6e8e5..7677b269 100644 --- a/auth/helm/aaf/templates/aaf-fs.yaml +++ b/auth/helm/aaf/templates/aaf-fs.yaml @@ -80,7 +80,7 @@ spec: fieldRef: fieldPath: status.podIP - name: aaf_locate_url - value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}" + value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}" - name: CASSANDRA_CLUSTER value: "{{.Values.services.cass.fqdn}}.{{.Values.services.ns}}" # - name: CASSANDRA_USER diff --git a/auth/helm/aaf/templates/aaf-gui.yaml b/auth/helm/aaf/templates/aaf-gui.yaml index a977a9b3..c7fb2a20 100644 --- a/auth/helm/aaf/templates/aaf-gui.yaml +++ b/auth/helm/aaf/templates/aaf-gui.yaml @@ -81,7 +81,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: aaf_locate_url - value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}" + value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}" - name: aaf_locator_public_fqdn value: "{{.Values.services.public_fqdn}}" - name: aaf_locator_name diff --git a/auth/helm/aaf/templates/aaf-locate.yaml b/auth/helm/aaf/templates/aaf-locate.yaml index 1f9bdc40..b48c072b 100644 --- a/auth/helm/aaf/templates/aaf-locate.yaml +++ b/auth/helm/aaf/templates/aaf-locate.yaml @@ -66,6 +66,8 @@ spec: volumeMounts: - mountPath: "/opt/app/osaaf" name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol env: - name: AAF_ENV value: "{{ .Values.services.aaf_env }}" @@ -80,7 +82,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: aaf_locate_url - value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}" + value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}" - name: aaf_locator_public_fqdn value: "{{.Values.services.public_fqdn}}" - name: aaf_locator_name @@ -88,7 +90,7 @@ spec: - name: aaf_locator_name_helm value: "{{.Values.services.aaf_locator_name_helm}}" - name: CASSANDRA_CLUSTER - value: "{{.Values.services.cass.fqdn}}.{{.Values.services.ns}}" + value: "{{.Values.services.cass.fqdn}}.{{.Release.Namespace}}" # - name: CASSANDRA_USER # value: "" # - name: CASSANDRA_PASSWORD @@ -102,7 +104,7 @@ spec: - name: aaf-locate image: {{ .Values.image.repository }}onap/aaf/aaf_locate:{{ .Values.image.version }} imagePullPolicy: IfNotPresent - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"] + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-service && exec bin/locate"] volumeMounts: - mountPath: "/opt/app/osaaf" name: aaf-config-vol diff --git a/auth/helm/aaf/templates/aaf-oauth.yaml b/auth/helm/aaf/templates/aaf-oauth.yaml index ff9a18dd..3e36d29c 100644 --- a/auth/helm/aaf/templates/aaf-oauth.yaml +++ b/auth/helm/aaf/templates/aaf-oauth.yaml @@ -80,7 +80,7 @@ spec: fieldRef: fieldPath: metadata.namespace - name: aaf_locate_url - value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}" + value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}" - name: aaf_locator_public_fqdn value: "{{.Values.services.public_fqdn}}" - name: aaf_locator_name @@ -102,7 +102,7 @@ spec: - name: aaf-oauth image: {{ .Values.image.repository }}onap/aaf/aaf_oauth:{{ .Values.image.version }} imagePullPolicy: IfNotPresent - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"] + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-service && exec bin/oauth"] volumeMounts: - mountPath: "/opt/app/osaaf" name: aaf-config-vol diff --git a/auth/helm/aaf/templates/aaf-service.yaml b/auth/helm/aaf/templates/aaf-service.yaml index be6e1c8b..5b9fe186 100644 --- a/auth/helm/aaf/templates/aaf-service.yaml +++ b/auth/helm/aaf/templates/aaf-service.yaml @@ -77,7 +77,7 @@ spec: - name: aaf_locator_container_ns value: "{{ .Release.Namespace }}" - name: aaf_locate_url - value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}" + value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}" - name: aaf_locator_public_fqdn value: "{{.Values.services.public_fqdn}}" - name: aaf_locator_name @@ -99,7 +99,7 @@ spec: - name: aaf-service image: {{ .Values.image.repository }}onap/aaf/aaf_service:{{ .Values.image.version }} imagePullPolicy: IfNotPresent - command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"] + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-service nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-cass && exec bin/service"] volumeMounts: - mountPath: "/opt/app/osaaf" name: aaf-config-vol diff --git a/auth/helm/aaf/values.yaml b/auth/helm/aaf/values.yaml index c38bbdb5..79194601 100644 --- a/auth/helm/aaf/values.yaml +++ b/auth/helm/aaf/values.yaml @@ -40,6 +40,7 @@ services: cadi_longitude: "-72.0" cass: replicas: 1 + fqdn: "aaf-cass" cluster_name: "osaaf" heap_new_size: "512M" max_heap_size: "1024M" diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh index 0dff8037..dbf08622 100755 --- a/auth/sample/bin/client.sh +++ b/auth/sample/bin/client.sh @@ -174,7 +174,7 @@ if [ -z "$CMD" ]; then if [ -n "$INITIALIZED" ]; then echo "Initialization complete" else - $JAVA_AGENT + $JAVA_AGENT_SELF validate $FQI $FQDN fi else shift @@ -209,7 +209,7 @@ else ;; validate) echo "## validate requested" - $JAVA_AGENT_SELF validate + $JAVA_AGENT_SELF validate $FQI $FQDN ;; renew) echo "## Renew Certificate" diff --git a/auth/sample/bin/pod_wait.sh b/auth/sample/bin/pod_wait.sh index 3d6a1b9e..5a10476a 100644 --- a/auth/sample/bin/pod_wait.sh +++ b/auth/sample/bin/pod_wait.sh @@ -24,8 +24,6 @@ DIR="/opt/app/aaf/status" APP=$1 shift -OTHER=$1 -shift function status { if [ -d "$DIR" ]; then @@ -62,6 +60,25 @@ function wait { done } +function wait_nc { + n=0 + while [ $n -lt 40 ]; do + echo "Waiting for Network Access to $@" + status "Waiting for Network Access to $1 $2" + rv="$(nc -zvw 5 $1 $2 2>&1 | grep -e "[open|succeed]")" + echo $rv + + if [[ "$rv" == *open* ]] || [[ "$rv" == *succeeded* ]]; then + status "Network Connectable to $1 $2" + n=10000 + else + (( ++n )) + echo "Sleep 10 (iteration $n)" + sleep 10 + fi + done +} + function start { n=0 while [ $n -lt 40 ]; do @@ -80,30 +97,47 @@ function start { done } -case "$OTHER" in - sleep) - echo "Sleeping $1" - status "Sleeping $1" - sleep $1 - shift - status "ready" - echo "Done" +while [ ! -z "$1" ]; do + OTHER=$1 + shift + case "$OTHER" in + nc) + H=$1 + shift + P=$1 + shift + wait_nc "$H" "$P" + if [ -z "$@" ]; then + echo "ready" + status "ready" + fi + ;; + sleep) + echo "Sleeping $1" + status "Sleeping $1" + sleep $1 + shift + if [ -z "$@" ]; then + echo "ready" + status "ready" + fi + echo "Done" + ;; + remove) + echo "Removing $DIR/$APP-$HOSTNAME" + rm -f $DIR/$APP-$HOSTNAME + ;; + wait) + OTHER="$1" + shift + wait + ;; + *) + echo "App $APP is waiting to start until $OTHER is ready" + status "waiting for $OTHER" + + start + break ;; - stop) - echo "Removing $DIR/$APP-$HOSTNAME" - rm $DIR/$APP-$HOSTNAME - ;; - wait) - OTHER="$1" - shift - wait - ;; - *) - echo "App $APP is waiting to start until $OTHER is ready" - status "waiting for $OTHER" - - start - ;; -esac - -eval "$@" + esac +done diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh index 54a1cc58..1a289d35 100644 --- a/auth/sample/bin/service.sh +++ b/auth/sample/bin/service.sh @@ -21,6 +21,24 @@ # This script is run when starting aaf_config Container. # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # + +echo "# Properties passed in" + for P in `env`; do + if [[ "$P" == cadi* ]] || [[ "$P" == aaf* ]] || [[ "$P" == HOSTNAME* ]]; then + S="${P/_helm/.helm}" + S="${S/_oom/.oom}" + echo "$S" + fi + done + +# Set from CAP Based PROPS, if necessary +aaf_env=${aaf_env:-"${AAF_ENV}"} +aaf_release=${aaf_release:-"${VERSION}"} +cadi_latitude=${cadi_latitude:-"${LATITUDE}"} +cadi_longitude=${cadi_longitude:-"${LONGITUDE}"} +cadi_x509_issuers=${cadi_x509_issuers:-"${CADI_X509_ISSUERS}"} +aaf_locate_url=${aaf_locate_url:-"https://${HOSTNAME}:8095"} + JAVA=/usr/bin/java OSAAF=/opt/app/osaaf @@ -126,15 +144,8 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then done TMP=$(mktemp) - echo aaf_env=${AAF_ENV} >> ${TMP} - echo aaf_release=${VERSION} >> ${TMP} - echo cadi_latitude=${LATITUDE} >> ${TMP} - echo cadi_longitude=${LONGITUDE} >> ${TMP} - echo cadi_x509_issuers=${CADI_X509_ISSUERS} >> ${TMP} - AAF_LOCATE_URL=${aaf_locate_url:="https://${HOSTNAME}:8095"} - echo aaf_locate_url=${AAF_LOCATE_URL} >> ${TMP} for P in `env`; do - if [[ "$P" == aaf_locator* ]]; then + if [[ "$P" == aaf_* ]] || [[ "$P" == cadi_* ]]; then S="${P/_helm/.helm}" S="${S/_oom/.oom}" echo "$S" >> ${TMP} @@ -154,7 +165,7 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then CASS_HOST=${CASS_HOST:="aaf-cass"} CASS_PASS=$($JAVA_CADI digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile) CASS_NAME=${CASS_HOST/:*/} - sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTERS:=$CASS_HOST}/" \ + sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTER:=$CASS_HOST}/" \ -e "s/\\(cassandra.clusters.user=\\).*/\\1${CASSANDRA_USER:=cassandra}/" \ -e "s/\\(cassandra.clusters.password=enc:\\).*/\\1$CASS_PASS/" \ -e "s/\\(cassandra.clusters.port=\\).*/\\1${CASSANDRA_PORT:=9042}/" \ |