summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPatrick Brady <patrick.brady@att.com>2019-03-20 15:36:50 -0700
committerTakamune Cho <takamune.cho@att.com>2019-03-21 00:01:38 +0000
commit365efba8eed6ba3dbc7f7c50c2bd93312da2a162 (patch)
treedc760c51f72f7654c12ecf62b39efe112cf88c73
parent78e9b949505245ad8efcdc319107039e333da573 (diff)
Changes for cdt over https
Change cdt to run on nginx image Configure nginx to use https Add sample certificates for https Change-Id: Ie93cf7e5b0e6a287753ffd54edace5492ad667b3 Signed-off-by: Patrick Brady <patrick.brady@att.com> Issue-ID: APPC-1551
-rw-r--r--cdt/pom.xml38
-rw-r--r--cdt/src/main/docker/Dockerfile17
-rw-r--r--cdt/src/main/resources/cert/cdt-cert.pem32
-rw-r--r--cdt/src/main/resources/cert/cdt-key.pem52
-rw-r--r--cdt/src/main/resources/nginx.conf27
-rw-r--r--cdt/src/main/scripts/startCdt.sh6
6 files changed, 157 insertions, 15 deletions
diff --git a/cdt/pom.xml b/cdt/pom.xml
index 3d592a0..bd408b5 100644
--- a/cdt/pom.xml
+++ b/cdt/pom.xml
@@ -96,6 +96,44 @@ limitations under the License.
</resources>
</configuration>
</execution>
+ <execution>
+ <id>copy-resources</id>
+ <goals>
+ <goal>copy-resources</goal>
+ </goals>
+ <phase>validate</phase>
+ <configuration>
+ <outputDirectory>${basedir}/target/docker-stage</outputDirectory>
+ <resources>
+ <resource>
+ <directory>src/main/resources</directory>
+ <includes>
+ <include>nginx.conf</include>
+ </includes>
+ <filtering>false</filtering>
+ </resource>
+ </resources>
+ </configuration>
+ </execution>
+ <execution>
+ <id>copy-certs</id>
+ <goals>
+ <goal>copy-resources</goal>
+ </goals>
+ <phase>validate</phase>
+ <configuration>
+ <outputDirectory>${basedir}/target/docker-stage/cert</outputDirectory>
+ <resources>
+ <resource>
+ <directory>src/main/resources/cert</directory>
+ <includes>
+ <include>*.pem</include>
+ </includes>
+ <filtering>false</filtering>
+ </resource>
+ </resources>
+ </configuration>
+ </execution>
</executions>
</plugin>
<plugin>
diff --git a/cdt/src/main/docker/Dockerfile b/cdt/src/main/docker/Dockerfile
index 4fe3d4f..514ddba 100644
--- a/cdt/src/main/docker/Dockerfile
+++ b/cdt/src/main/docker/Dockerfile
@@ -20,17 +20,10 @@
# ============LICENSE_END============================================
# Base Alpine with added packages needed for ONAP
-FROM httpd:2.4-alpine
+FROM nginx:1.15.9-alpine
MAINTAINER APP-C Team (appc@lists.openecomp.org)
-RUN sed -i -e "s/80/18080/" /usr/local/apache2/conf/httpd.conf; \
-addgroup -S cdt && adduser -S cdt -G cdt
-
-COPY --chown=cdt:cdt config-design-tool /usr/local/apache2/htdocs/
-
-COPY --chown=cdt:cdt startCdt.sh /opt/startCdt.sh
-
-RUN chown -R cdt:cdt /opt; \
-chown -R cdt:cdt /usr/local/apache2
-
-USER cdt:cdt
+COPY config-design-tool /opt/cdt
+COPY startCdt.sh /opt/startCdt.sh
+COPY cert /opt/cert
+COPY nginx.conf /etc/nginx/nginx.conf
diff --git a/cdt/src/main/resources/cert/cdt-cert.pem b/cdt/src/main/resources/cert/cdt-cert.pem
new file mode 100644
index 0000000..a85760b
--- /dev/null
+++ b/cdt/src/main/resources/cert/cdt-cert.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFczCCA1ugAwIBAgIJAKCleZSr2IiCMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNV
+BAYTAlVTMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxDTALBgNVBAoMBE9OQVAxDTAL
+BgNVBAsMBEFQUEMxDDAKBgNVBAMMA2NkdDAeFw0xOTAzMTkyMTMwNTNaFw0yMjAz
+MTgyMTMwNTNaMFAxCzAJBgNVBAYTAlVTMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkx
+DTALBgNVBAoMBE9OQVAxDTALBgNVBAsMBEFQUEMxDDAKBgNVBAMMA2NkdDCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKClqKr6xS0B7N4GJDZHShquYPbl
+m09LH45uQ00MCgaMWCJdnCSLPggwBrDzfuRC3xZIvUZamZjGUya7/clQMORUoh9m
++FDnwzbyjjtZ/VZlRjqz/JydWXCSxR/DxgmO2EbCOjNlRA3b6nQhGo9MUB+++EiG
+EGwBlrit2ru7efgQiTofPWfVk2SMQzmXpQffajKnGicTPjtZVgF1zyBOOwpyTPUN
+zJVrxcUizTqbQ/aVapozu7anRGbqwrkMaSvU4pRUqCcy+ZPOCktLsDTVMLJR/yVo
+e15r1MD65RS8122mGW55J/frbbX0NncJ4PA/D2a1VXwPVSmousmsYU6rjXdZG3vY
+nQWPP34g4F7p7Zc0VrFQbJr5rquaddpkNoHbQN0H2uy84qU3ITZoAu9aw5D4sek8
+6eQ7a2B1QSnSm7vYd/3aakSOJb8KPFJ0ZGRJYUIHtFQevqQlgpR13q+lWqaHMWnu
+9dP8WRx5Wcg+MotGbifuCbKekVe/ubUAhtj5UjvAZxltr25FBJ/AlwgU0HFglHcJ
+dgN3YdP9sNSSyKO44Joi1nBYQAr59nj2D5o7zOYr6kh/b8eCzSC1U0cYia8OHwZw
+mEpwkIOOyQhnin06oG4zNm7O5LnUGRfrPDCU8eID3qWJN5VeJFA1i/ucdLSjCX1I
+nNVx9+olfG9YltnjAgMBAAGjUDBOMB0GA1UdDgQWBBRiKsbS2rOn4toAVQCRYlgw
+Oz4vCjAfBgNVHSMEGDAWgBRiKsbS2rOn4toAVQCRYlgwOz4vCjAMBgNVHRMEBTAD
+AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQAKvum2v/eDxeYsfg+DR/DFfRMxyW70RRKB
+/KZWXce/fG8lKlAtLIoCfyh8T/gVG87IQx7N3aSEZuSRZOFWbY6xPC36nJrTUc6Q
+ZuL1gg9k6ze5Nlt9bjJqFZ/HIhpKwHmTt6ORDbbXeXnH6KXU7YrFxH0zZKmERF5b
+luvX494YwgJ8LMYQM8WeSDKZPfGDGwNh9eOocXbwlhOAwVjcAxQpVLdyjFqk9Ylf
+FzlUPv/Kt1voPPI5s1FaF1AHLgzkCWuW7nGL2Zmxna9tfPwHE00UHoQ4nzk3gtFw
+YFKzq2f04B7NA9JaX7A2qbtX69U21wcCE8FKGKNXeQSKLZRgv5d8ZLOFNaUy4zWD
+bI/U/vSfxa0gUzcEykgmVKjpsKaMgBtx3gdytcaTEZv3yzqcaKbghDwbSqL4a8x5
+tOey+kIzStcyKNmwd1SCJ80pUrraEt73AelP/IjradBSJQiWi1VOhDWDtk7pJEXq
+zJR2SBnKsirzo5hbAs+thzqbjw/DoyPb7+TXVPFaWhfSDK+iT4slQZWUntPxG/sv
+8IPnk9F10sn+czdcpuFA6lFE9yphUYj6ezFz/lIQkcnhbCfTVJQd26d+G3xsbMw7
+98GTvwUGzDbEqnBjI1SN2Hm/ze3Ox8WLqius1dU1hSd8L6kqhgm4se92NQc4fubZ
+mYiaY7xIxw==
+-----END CERTIFICATE-----
diff --git a/cdt/src/main/resources/cert/cdt-key.pem b/cdt/src/main/resources/cert/cdt-key.pem
new file mode 100644
index 0000000..95b36c3
--- /dev/null
+++ b/cdt/src/main/resources/cert/cdt-key.pem
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQQIBADANBgkqhkiG9w0BAQEFAASCCSswggknAgEAAoICAQCgpaiq+sUtAeze
+BiQ2R0oarmD25ZtPSx+ObkNNDAoGjFgiXZwkiz4IMAaw837kQt8WSL1GWpmYxlMm
+u/3JUDDkVKIfZvhQ58M28o47Wf1WZUY6s/ycnVlwksUfw8YJjthGwjozZUQN2+p0
+IRqPTFAfvvhIhhBsAZa4rdq7u3n4EIk6Hz1n1ZNkjEM5l6UH32oypxonEz47WVYB
+dc8gTjsKckz1DcyVa8XFIs06m0P2lWqaM7u2p0Rm6sK5DGkr1OKUVKgnMvmTzgpL
+S7A01TCyUf8laHtea9TA+uUUvNdtphlueSf362219DZ3CeDwPw9mtVV8D1UpqLrJ
+rGFOq413WRt72J0Fjz9+IOBe6e2XNFaxUGya+a6rmnXaZDaB20DdB9rsvOKlNyE2
+aALvWsOQ+LHpPOnkO2tgdUEp0pu72Hf92mpEjiW/CjxSdGRkSWFCB7RUHr6kJYKU
+dd6vpVqmhzFp7vXT/FkceVnIPjKLRm4n7gmynpFXv7m1AIbY+VI7wGcZba9uRQSf
+wJcIFNBxYJR3CXYDd2HT/bDUksijuOCaItZwWEAK+fZ49g+aO8zmK+pIf2/Hgs0g
+tVNHGImvDh8GcJhKcJCDjskIZ4p9OqBuMzZuzuS51BkX6zwwlPHiA96liTeVXiRQ
+NYv7nHS0owl9SJzVcffqJXxvWJbZ4wIDAQABAoICAGp9RbCJaPkrxItswMZmPV4w
+Z8BidbB7WOC+gMhrCZ5LnASzztR+pNEinNzhnCTNmzoXX7hqSFT4aphLl7DCApbo
+70sno8VlzIb5BIWdYozJt2MkeniK6YXxFNC4ouclFILbL19waktRkzoF06hX6ukQ
+W18f13TxHKsxO8SkQvbIZ17q5HaXIgxN2iYsOs5cL/aBxJlQbTlEP/nZ0UJV+Vc0
+a4Up74rBFSlXp3mJAOVNKIwtbOpoOLSMPCYUbwcKKGQxNgI+DSkINNSyyIxNIemi
+5yIx/02Y50BBUGeNwrRBnawYjgEOw/wQdaY1GzHGa3wnChKhy09BNQiIxzwyBiSg
+8KltUZl8C6TMntn8O/KUabU+9fHQ7YnFBSR3/1i1waEUZsCg2M5ZWToq4yaC9fUQ
+1ccX/uxE0XcJPo4Icvwj+lLwjf4edMepmPG50hSZ4GguQr5i/KB6+IxSb3mzubm/
+pLbt/45k3je9UhkeWpwFWC9ZcFIlVgmjPhyphGRKAFLhDM1t8cyr9VIPpo2uNpMy
+uCOtHPoZFo067kgq0TNByyVALE/MlBfnAccSsZL3XIM/Vaw2FBHujYAXIi5TbX2m
+1tw9Jt2JjbSot1/QkrNDn52nY1w15R6TAL/SkSgFnDVJQAECKYYFyM8oPAQvZ6yA
+N0+K4AcMGYbkBIt5me6BAoIBAQDVICHC+3l9DNio/Ix7SIwau77osOfVeSuTJ0Yu
+GWDN8DM1Jd16MsgiiWbPH/bifpVaZUP6+2Dk0/ToGSdc+A+1YdbNmCzltO1Djriv
+ZBBEsCYJOW7W5v17MRPkFkUZOmqO+D2nrSehqMs+3MzwMjBp0KRxjhwxCoJHiZng
+OSFPMwLvG/bmFG6et+4Us7GXZ8u26SQPdTfUH1mn7YrDIUOrYSwuP9GMtKMNMNyL
+Eik4tqoRo7jlFBctdubzIv+33ywOKyp/X73x0IzGR6CnnrjUinMCDqeSZz71f9Jo
+lxC39SUyEeIhQCBRne/8IqB37Njuk9WS/oY/zPTrLPfSlOKjAoIBAQDA9umXadgH
+9hlWI128q9/Kt4jnIMkrXdsLjN5fBcWYcQ0RrzO3MMddWQa2MgaYGXhvPZcEGsQp
+DDpHFnEMnj3fINYtpNN1TEEJEYjOPIU8LZ4XRXxNZ7QCSR11eyY2qRFTydrglmoU
+4RgZx0Hu0SJGELslUZebwSSgIvQu2L2zy1bEslURUwJBcdkPFt/H/f9HRogdvSyx
+APLDTPp54Fidtxww9OGgMSe7+EVQYVsDwv7lLqIPhEi6jfYtKhy9YNPz7yZ94wXZ
+OeVoqMQSecvARQiOi0e7k+k3jF4LxqgkGZbYANSTooeG4K7c9vB5mwcqMUncJd4H
+wQwMG8RCJN/BAoIBADC0fCK0F4p1YhoURQJzjNkbKMDClOibHVMuuYIVeKL3jqxJ
+r/iaHFSQM/eHpYMTTIxw8f0sb3M74Q8dmHpNkkFwT4eCjFgeZc53kks6weEApGCd
+SHBCL5F0oMgSMs5WJD3yCx0DnDf8fB4slYUa4yd7b+kngdfPQACbOJgeVjdkP/pm
+2KCx8KnC/NysSByCsvJlC0GhFxYZ6AJRbdG0C2Ph/BfBq+DM8yozjWMWzmbQj8Mi
+OEHZuoZAUv0jdW8OyGGgicC8H4tgjptNiTBlPHYOAcRplvAFOkUeZfZS95YiptJv
+dc8FeZ1NS6fCPgvKC7VSAY/rLMDt1Nbd2vC756MCggEABDRdGqN/xYyjOLFElZvZ
+IH2nSgH44C0HXNUQ81kY2R19f2kl41P4xBvwfX/RjPbhHOtmovxCUfKmQm5GwFOi
+XX5FrHDu+ptSv3PWW0gOTyVfUHp/HuCnl3UoYyrvxjkg24aGcmZUoWfWMpmY4i9E
+Y+pxaXrBpu8qcSLR10N5vrUritWn7Ny2K97jL+T7s0vhiBgNVziMBL9UitTekFFH
+HQikYJy1Xdw0VXAvcnTsmsRg8XV2qofjXc1CE/Ha9nVpqOMJH60Wr4kHaqRiwVRO
+ED5w1UpLodazOjagxfjqKP81vjcmaqEb+uBibwYib0PlgBHa3iUlFV4reQgR2q8b
+AQKCAQBjpj1Uy7wpeb1L3zkViE9VI00y3Kw7Ze5JXn+HNBlDy3FVDUJjNth9EQGJ
+ZjSyqt96x0zi1Pz0DxSPqXsdLsUt+cX1uB6IPdJOVqaYDXeKqr/oit/iCwekysfd
+R4HUWhx0EqCB9ufzNzP+P3MEGVA1d18c66OcG9OXKTheUkVByBQ/mdSTiZ2SVAhP
+ZTPc53CjPYW4PZConIvwpmiTAnLo+wgMPYB9LD+J/fsddH8DTftxCnEPXgEQZKbx
+u0z11D9B10Fac0iarN9QqApQ+OuIse2pEfnU8KF78NM8NDAP0/LxOdb8+sKj/8ER
+YnR5Iq/jROkc0TOAMA+9oEs7hqSQ
+-----END PRIVATE KEY-----
diff --git a/cdt/src/main/resources/nginx.conf b/cdt/src/main/resources/nginx.conf
new file mode 100644
index 0000000..61b5da8
--- /dev/null
+++ b/cdt/src/main/resources/nginx.conf
@@ -0,0 +1,27 @@
+# For more information on configuration, see:
+# * Official English Documentation: http://nginx.org/en/docs/
+# * Official Russian Documentation: http://nginx.org/ru/docs/
+
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /run/nginx.pid;
+
+# Load dynamic modules. See /usr/share/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ server {
+ listen 18080 ssl;
+ server_name cdt;
+ ssl_certificate /opt/cert/cdt-cert.pem;
+ ssl_certificate_key /opt/cert/cdt-key.pem;
+ location / {
+ root /opt/cdt;
+ }
+ }
+} \ No newline at end of file
diff --git a/cdt/src/main/scripts/startCdt.sh b/cdt/src/main/scripts/startCdt.sh
index 1f7f38d..d371799 100644
--- a/cdt/src/main/scripts/startCdt.sh
+++ b/cdt/src/main/scripts/startCdt.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
###
# ============LICENSE_START=======================================================
@@ -22,6 +22,6 @@
CDT_PORT=${CDT_PORT:-30232}
echo "Setting CDT port to $CDT_PORT"
-sed -i -e "s/30290/$CDT_PORT/" /usr/local/apache2/htdocs/main.bundle.js
+sed -i -e "s/30290/$CDT_PORT/" /opt/cdt/main.bundle.js
-exec /usr/local/bin/httpd-foreground \ No newline at end of file
+exec /usr/sbin/nginx -g 'daemon off;'