From c21d9d873cf0ad1de571f2c24e8619866c4296a9 Mon Sep 17 00:00:00 2001 From: Remigiusz Janeczek Date: Tue, 29 Sep 2020 16:17:59 +0200 Subject: Move Cloudify's password update and plugins upload to start-persistent.sh script Move logic for changing cloudify's admin password and plugin upload to main script for debug purposes, so that output of those scripts is printed to stdout (can be accessed by 'docker/kubernetes logs') Issue-ID: DCAEGEN2-2457 Signed-off-by: Remigiusz Janeczek Change-Id: I69fb0b428efbfb3d85eba286ed6816151e03a0f1 --- cm-container/Dockerfile-template | 7 ++----- cm-container/pom.xml | 2 +- cm-container/reset_admin.py | 2 +- cm-container/scripts/init-cloudify.sh | 28 ++++++++++++++++++++++++++++ cm-container/scripts/set-admin-password.sh | 8 ++++++-- cm-container/scripts/start-persistent.sh | 3 +++ 6 files changed, 41 insertions(+), 9 deletions(-) create mode 100644 cm-container/scripts/init-cloudify.sh diff --git a/cm-container/Dockerfile-template b/cm-container/Dockerfile-template index e79099d..0beaa5f 100644 --- a/cm-container/Dockerfile-template +++ b/cm-container/Dockerfile-template @@ -26,11 +26,8 @@ COPY reset_admin.py /opt/manager/ RUN chmod +x /opt/manager/reset_admin.py\ && chmod +x scripts/*.sh\ && scripts/get-plugins.sh ${PLUGIN_REPO} \ - && /scripts/configure-tls.sh\ - && echo "/scripts/setup-secret.sh" >> /etc/rc.d/rc.local\ - && echo "/scripts/set-admin-password.sh" >> /etc/rc.d/rc.local\ - && echo "/scripts/load-plugins.sh >/load-plugins.log 2>&1" >> /etc/rc.d/rc.local\ - && chmod +x /etc/rc.d/rc.local + && /scripts/configure-tls.sh + # Create mount point for CM config file RUN mkdir -p /opt/onap && chown cfyuser:cfyuser /opt/onap diff --git a/cm-container/pom.xml b/cm-container/pom.xml index b828b91..b37a5ce 100644 --- a/cm-container/pom.xml +++ b/cm-container/pom.xml @@ -27,7 +27,7 @@ limitations under the License. org.onap.dcaegen2.deployments cm-container dcaegen2-deployments-cm-container - 3.3.2 + 3.3.3 http://maven.apache.org UTF-8 diff --git a/cm-container/reset_admin.py b/cm-container/reset_admin.py index c7a7672..2253341 100644 --- a/cm-container/reset_admin.py +++ b/cm-container/reset_admin.py @@ -51,4 +51,4 @@ if __name__ == '__main__': args = parser.parse_args() db_update_password(args.password) - print 'Done!\n' + print 'Password updated in DB!\n' diff --git a/cm-container/scripts/init-cloudify.sh b/cm-container/scripts/init-cloudify.sh new file mode 100644 index 0000000..8e74c8a --- /dev/null +++ b/cm-container/scripts/init-cloudify.sh @@ -0,0 +1,28 @@ +#!/bin/bash +# ============LICENSE_START======================================================= +# org.onap.dcae +# ================================================================================ +# Copyright (c) Nokia. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +set -ex + +/scripts/setup-secret.sh +/scripts/set-admin-password.sh +/scripts/load-plugins.sh + +set +x + +echo "Cloudify ready" diff --git a/cm-container/scripts/set-admin-password.sh b/cm-container/scripts/set-admin-password.sh index 5b9ca27..d8c4121 100755 --- a/cm-container/scripts/set-admin-password.sh +++ b/cm-container/scripts/set-admin-password.sh @@ -16,6 +16,8 @@ # ============LICENSE_END========================================================= # Runs at deployment time to set cloudify's admin password +set -x + # Wait for Cloudify Manager to come up while ! /scripts/cloudify-ready.sh do @@ -23,17 +25,19 @@ do sleep 15 done +set +x + # Expect Cloudify password to be in file mounted from Kubernetes secret, # but allow overriding by CMPASS environment variable, # and if not provided, use the default CMPASS=${CMPASS:-$(cat /opt/onap/cm-secrets/password 2>/dev/null)} CMPASS=${CMPASS:-admin} -# Set Cloudify's admin password +echo "Set Cloudify's admin password" cd /opt/manager cfy_manager --reset_admin_password $CMPASS || ./env/bin/python reset_admin.py -p $CMPASS -# Set the password used by the cfy client +echo "Set the password used by the cfy client" cfy profile set -p $CMPASS echo "Cloudify password set" diff --git a/cm-container/scripts/start-persistent.sh b/cm-container/scripts/start-persistent.sh index bf55da0..354d634 100755 --- a/cm-container/scripts/start-persistent.sh +++ b/cm-container/scripts/start-persistent.sh @@ -48,6 +48,9 @@ then else echo "No persistent storage available" fi + +# start background script that updates CM password and uploads plugins +/scripts/init-cloudify.sh & # start up init, which brings up CM and supporting software exec /sbin/init --log-target=journal 3>&1 -- cgit 1.2.3-korg