From 4ad4763d8c9191998cc671a884d1af5da6ba8bb9 Mon Sep 17 00:00:00 2001
From: Instrumental <jonathan.gathman@att.com>
Date: Fri, 13 Jul 2018 15:49:26 -0500
Subject: Make Container Config Strategy

Issue-ID: AAF-378
Change-Id: I57186f66b9713262643e0f440f5b9eb78154c155
Signed-off-by: Instrumental <jonathan.gathman@att.com>
---
 auth/sample/.gitignore                          |   1 +
 auth/sample/bin/agent.sh                        | 181 +++++++++++++++---------
 auth/sample/etc/org.osaaf.aaf.cm.props          |   2 +-
 auth/sample/local/.dockerignore                 |   1 +
 auth/sample/local/.gitignore                    |   2 -
 auth/sample/local/aaf.props                     |   6 +-
 auth/sample/local/org.osaaf.aaf.cassandra.props |   2 +-
 auth/sample/local/org.osaaf.aaf.cm.ca.props     |   6 +-
 8 files changed, 123 insertions(+), 78 deletions(-)
 create mode 100644 auth/sample/.gitignore
 create mode 100644 auth/sample/local/.dockerignore

(limited to 'auth/sample')

diff --git a/auth/sample/.gitignore b/auth/sample/.gitignore
new file mode 100644
index 00000000..62fd177d
--- /dev/null
+++ b/auth/sample/.gitignore
@@ -0,0 +1 @@
+theme
diff --git a/auth/sample/bin/agent.sh b/auth/sample/bin/agent.sh
index b4ea272e..5d34a8a9 100644
--- a/auth/sample/bin/agent.sh
+++ b/auth/sample/bin/agent.sh
@@ -1,3 +1,4 @@
+#!/bin/bash
 # This script is run when starting aaf_config Container.
 #  It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
 #
@@ -5,81 +6,121 @@ JAVA=/usr/bin/java
 
 # Only load Identities once
 if [ ! -e /opt/app/osaaf/data/identities.dat ]; then
-  mkdir -p /opt/app/osaaf/data
-  cp /opt/app/aaf_config/data/sample.identities.dat /opt/app/osaaf/data/identities.dat
+    mkdir -p /opt/app/osaaf/data
+    cp /opt/app/aaf_config/data/sample.identities.dat /opt/app/osaaf/data/identities.dat
 fi
 
 # Only initialize once, automatically...
 if [ ! -e /opt/app/osaaf/local/org.osaaf.aaf.props ]; then
-  for D in local; do
-    rsync -avzh /opt/app/aaf_config/$D/org.osaaf.aaf* /opt/app/osaaf/$D
-  done
-  for D in public etc logs; do 
-     rsync -avzh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
-  done
-  $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config osaaf@aaf.osaaf.org \
-    cadi_etc_dir=/opt/app/osaaf/local \
-    cadi_prop_files=/opt/app/aaf_config/local/initialConfig.props:/opt/app/aaf_config/local/aaf.props \
-    cadi_latitude=38.4329 \
-    cadi_longitude=-90.43248
-  #cp /opt/app/aaf_config/
-else
-  CMD=$2
-  shift
-  if [ "$CMD" = "" ]; then
-    echo "AAF already configured for this Volume"
-  else
+    rsync -avzh --exclude=.gitignore /opt/app/aaf_config/local/org.osaaf.aaf* /opt/app/osaaf/local
+    for D in public etc logs; do
+        rsync -avzh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+    done
+    $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config osaaf@aaf.osaaf.org \
+        cadi_etc_dir=/opt/app/osaaf/local \
+        cadi_prop_files=/opt/app/aaf_config/local/initialConfig.props:/opt/app/aaf_config/local/aaf.props \
+        cadi_latitude=38.4329 \
+        cadi_longitude=-90.43248
+fi
+
+# Now run a command
+CMD=$2
+if [ ! "$CMD" = "" ]; then
+    shift
+    shift
     case "$CMD" in
-      ls)
-	echo ls requested
-	find /opt/app/osaaf -depth
-	;;
-      cat) 
-	if [ "$1" = "" ]; then
-	  echo "usage: cat <file... ONLY files ending in .props>"
-        else 
-	  if [[ $1 == *.props ]]; then
-	    echo 
-            echo "## CONTENTS OF $3"
-            echo
-            cat $1
- 	  else
-	    echo "### ERROR ####"
-	    echo "   \"cat\" may only be used with files ending with \".props\""
-	  fi
+    ls)
+        echo ls requested
+        find /opt/app/osaaf -depth
+        ;;
+    cat)
+        if [ "$1" = "" ]; then
+            echo "usage: cat <file... ONLY files ending in .props>"
+        else
+            if [[ $1 == *.props ]]; then
+                echo
+                echo "## CONTENTS OF $3"
+                echo
+                cat "$1"
+            else
+                echo "### ERROR ####"
+                echo "   \"cat\" may only be used with files ending with \".props\""
+            fi
         fi
-	;;	
-      update)
-        for D in public data etc local logs; do 
-          rsync -uh --exclude=.gitignore /opt/app/aaf_config/$D /opt/app/osaaf
+        ;;
+    update)
+        rsync -uh --exclude=.gitignore /opt/app/aaf_config/local/org.osaaf.aaf* /opt/app/osaaf/local
+        for D in public data etc logs; do
+            rsync -uh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
         done
-	;;
-      validate)
-	echo "## validate requested"
-	$JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props
-	;;
-      bash)
-	if [ ! "grep aaf_config ~/.bashrc" == "" ]; then 
-		echo "alias cadi='/bin/bash /opt/app/aaf_config/bin/agent.sh $*'" >> ~/.bashrc
-		. ~/.bashrc
-	fi
-	shift
-	/bin/bash $*
-	;;
-       encrypt)
-	echo $1 $2 $3
-	cd /opt/app/osaaf/local
-	
-	for F in `grep -l $2 *.props`; do 
-	  echo "Changing $F"
-	  PWD=`$JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest $3 /opt/app/osaaf/local/org.osaaf.aaf.keyfile`
-	  sed -i.old -e "s/\($2=\).*/\1enc=$PWD/" /opt/app/osaaf/local/org.osaaf.aaf.cred.props
-	  cat $F
-	done  
-	;;
-       *)
-	$JAVA -Dcadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar $*
+        ;;
+    validate)
+        echo "## validate requested"
+        $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props
+        ;;
+    bash)
+        echo "alias agent='/bin/bash /opt/app/aaf_config/bin/agent.sh EMPTY \$*'" >>~/.bashrc
+        if [ ! "$(grep aaf_config ~/.bashrc)" = "" ]; then
+            echo "alias cadi='/bin/bash /opt/app/aaf_config/bin/agent.sh EMPTY cadi \$*'" >>~/.bashrc
+            echo "alias agent='/bin/bash /opt/app/aaf_config/bin/agent.sh EMPTY \$*'" >>~/.bashrc
+            #. ~/.bashrc
+        fi
+        shift
+        cd /opt/app/osaaf/local || exit
+        /bin/bash "$@"
+        ;;
+    encrypt)
+        cd /opt/app/osaaf/local || exit
+        FILES=$(grep -l "$1" ./*.props)
+        if [ "$FILES" = "" ]; then
+            FILES=/opt/app/osaaf/local/org.osaaf.aaf.cred.props
+            echo "$1=enc:" >>FILES
+        fi
+        for F in $FILES; do
+            echo "Changing $1 in $F"
+            if [ "$2" = "" ]; then
+                read -r -p "Password (leave blank to cancel): " -s ORIG_PW
+                echo " "
+                if [ "$ORIG_PW" = "" ]; then
+                    echo canceling...
+                    break
+                fi
+            else
+                ORIG_PW="$2"
+            fi
+            PWD=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" /opt/app/osaaf/local/org.osaaf.aaf.keyfile)
+            sed -i.backup -e "s/\\($1.*enc:\\).*/\\1$PWD/" $F
+            cat $F
+        done
+        ;;
+    --help | -?)
+        case "$1" in
+        "")
+            echo "--- Agent Container Comands ---"
+            echo "  ls                      - Lists all files in Configuration"
+            echo "  cat <file.props>>       - Shows the contents (Prop files only)"
+            echo "  validate                - Runs a test using Configuration"
+            echo "  encrypt <tag> [<pass>]  - set passwords on Configuration (if no pass, it will be queried)"
+            echo "  bash                    - run bash in Container"
+            echo "     Note: the following aliases are preset"
+            echo "       cadi               - CADI CmdLine tool"
+            echo "       agent              - Agent Java tool (see above help)"
+            echo ""
+            echo " --help|-? [cadi|agent]   - This help, cadi help or agent help"
+            ;;
+        cadi)
+            echo "--- cadi Tool Comands ---"
+            $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+            ;;
+        agent)
+            echo "--- agent Tool Comands ---"
+            $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar
+            ;;
+        esac
+        echo ""
+        ;;
+    *)
+        $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+        ;;
     esac
-  fi
-fi  
-
+fi
diff --git a/auth/sample/etc/org.osaaf.aaf.cm.props b/auth/sample/etc/org.osaaf.aaf.cm.props
index 1fa13fe3..628b5fd3 100644
--- a/auth/sample/etc/org.osaaf.aaf.cm.props
+++ b/auth/sample/etc/org.osaaf.aaf.cm.props
@@ -3,7 +3,7 @@
 ## AAF Certificate Manager properties
 ## Note: Link to CA Properties in "local" dir
 ##
-cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org.osaaf.aaf.log4j.props:/opt/app/osaaf/local/org.osaaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.cm.ca.props
+cadi_prop_files=/opt/app/osaaf/local/org.osaaf.aaf.props:/opt/app/osaaf/etc/org.osaaf.aaf.log4j.props:/opt/app/osaaf/local/org.osaaf.aaf.cassandra.props:/opt/app/osaaf/local/org.osaaf.aaf.cm.ca.props
 aaf_component=AAF_NS.cm:2.1.0.0
 port=8150
 
diff --git a/auth/sample/local/.dockerignore b/auth/sample/local/.dockerignore
new file mode 100644
index 00000000..6c7b69a0
--- /dev/null
+++ b/auth/sample/local/.dockerignore
@@ -0,0 +1 @@
+.gitignore
diff --git a/auth/sample/local/.gitignore b/auth/sample/local/.gitignore
index 362863ac..e69de29b 100644
--- a/auth/sample/local/.gitignore
+++ b/auth/sample/local/.gitignore
@@ -1,2 +0,0 @@
-truststoreONAPall.jks
-org.osaaf.aaf.signer.p12
diff --git a/auth/sample/local/aaf.props b/auth/sample/local/aaf.props
index 6b08d9a0..8237c4e9 100644
--- a/auth/sample/local/aaf.props
+++ b/auth/sample/local/aaf.props
@@ -10,9 +10,13 @@ aaf_domain_support=.com:.org
 aaf_default_realm=people.osaaf.org
 
 # Initial Passwords and such
-aaf_password=osaaf_admin
+aaf_password=startup
+cadi_alias=osaaf@aaf.osaaf.org
+cadi_keystore=/opt/app/osaaf/local/org.osaaf.aaf.p12
+cadi_keystore_password=kumquat
 cadi_truststore=/opt/app/osaaf/public/truststoreONAPall.jks
 cadi_truststore_password=changeit
 
 # Other
 aaf_data_dir=/opt/app/osaaf/data
+cadi_registration_hostname=meriadoc.mithril.sbc.com
diff --git a/auth/sample/local/org.osaaf.aaf.cassandra.props b/auth/sample/local/org.osaaf.aaf.cassandra.props
index 692e57f9..9e29d834 100644
--- a/auth/sample/local/org.osaaf.aaf.cassandra.props
+++ b/auth/sample/local/org.osaaf.aaf.cassandra.props
@@ -7,7 +7,7 @@ cassandra.clusters=cass.aaf.osaaf.org
 cassandra.clusters.port=9042
 #need this to be fully qualified name when REAL AAF integration
 cassandra.clusters.user=cassandra
-cassandra.clusters.password=enc:<Encrypted Password>
+cassandra.clusters.password=enc:
 
 # Name for exception that has happened in the past
 cassandra.reset.exceptions=com.datastax.driver.core.exceptions.NoHostAvailableException:"no host was tried":"Connection has been closed"
diff --git a/auth/sample/local/org.osaaf.aaf.cm.ca.props b/auth/sample/local/org.osaaf.aaf.cm.ca.props
index 59242995..92d55f92 100644
--- a/auth/sample/local/org.osaaf.aaf.cm.ca.props
+++ b/auth/sample/local/org.osaaf.aaf.cm.ca.props
@@ -1,10 +1,10 @@
 ##
-## org.osaaf.aaf.cm.ca.props
-## Properties to access Certificate Authority
+## org.osaaf.cm.ca.props
+## Properties to access Certifiate Authority
 ##
 
 #Certman
-cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/org.osaaf.aaf.cm.p12;aaf_cm_ca;enc:<Encrypted Password>
+cm_ca.local=org.onap.aaf.auth.cm.ca.LocalCA,/opt/app/osaaf/local/aaf_intermediate_1.p12;aaf_intermediate_1;enc:
 cm_ca.local.idDomains=org.osaaf
 cm_ca.local.baseSubject=/OU=OSAAF/O=ONAP/C=US
 cm_ca.local.perm_type=org.osaaf.aaf.ca
-- 
cgit 1.2.3-korg