summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSchmalzried, Terry (ts862m) <ts862m@att.com>2020-07-24 16:40:28 -0400
committerSchmalzried, Terry (ts862m) <ts862m@att.com>2020-07-24 16:40:47 -0400
commit7b307d309bc01b2c13527342dae623231ea5d9ad (patch)
treea9a1223550710de72a1099cc5a420f3d8cba0d95
parent77248eb6d83ac2a124b273874a6c036ff6332721 (diff)
Fix cacert
Change baseimage to permit chmod keystore to allow adding onap cacert Issue-ID: DCAEGEN2-2330 Change-Id: Ida2b70466d306afdd686d3b321e952169ee1b229 Signed-off-by: Schmalzried, Terry (ts862m) <ts862m@att.com>
-rw-r--r--pom.xml9
-rwxr-xr-xresources/sch.sh5
-rw-r--r--startSCH.sh4
3 files changed, 10 insertions, 8 deletions
diff --git a/pom.xml b/pom.xml
index 9f218fc..155cf42 100644
--- a/pom.xml
+++ b/pom.xml
@@ -220,13 +220,16 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property.
<imageTag>${project.version}</imageTag>
<imageTag>latest</imageTag>
</imageTags>
- <baseImage>onap/integration-java11:7.0.0</baseImage>
+ <baseImage>openjdk:11.0.6-jre-slim</baseImage>
<runs>
+ <run>chmod 666 /usr/local/openjdk-11/lib/security/cacerts</run>
+ <run>groupadd -r sch</run>
+ <run>useradd -ms /bin/bash sch -g sch</run>
</runs>
- <user>onap</user>
+ <user>sch</user>
<!-- NOTE: Couldn't figure out how to package the jar to be named: ${project.build.finalName}. This might be
because of the clojure maven plugin -->
- <entryPoint>["/bin/sh", "-c", "/opt/sch.sh"]</entryPoint>
+ <entryPoint>["/opt/sch.sh"]</entryPoint>
<!-- copy the service's jar file from target into the root directory of the image -->
<resources>
<resource>
diff --git a/resources/sch.sh b/resources/sch.sh
index c4e4dab..52fb8d6 100755
--- a/resources/sch.sh
+++ b/resources/sch.sh
@@ -1,6 +1,6 @@
#!/bin/bash
# ================================================================================
-# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2017-2020 AT&T Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -40,8 +40,7 @@ fi
# Add the cacert to validate inventory's cert to support TLS. This command is
# allowed to fail when there is no need for https.
# NOTE: This user must have permission to write to /usr/local/openjdk-11/lib/security/cacerts
-keytool -importcert -file $PATH_TO_CACERT -keystore /usr/local/openjdk-11/lib/security/cacerts -alias "inventory" -noprompt -storepass changeit
+keytool -importcert -file $PATH_TO_CACERT -cacerts -alias "inventory" -noprompt -storepass changeit
# Now launch SCH
java -jar /opt/servicechange-handler.jar $SCH_ARGS
-
diff --git a/startSCH.sh b/startSCH.sh
index 3e74b3c..951b1eb 100644
--- a/startSCH.sh
+++ b/startSCH.sh
@@ -1,8 +1,8 @@
#!/bin/bash
-grep "^nameserver" /opt/onap/etc/resolv.conf >> /etc/resolv.conf
+grep "^nameserver" /opt/sch/etc/resolv.conf >> /etc/resolv.conf
service sendmail start
-java -Dlogback.configurationFile=logback.xml -jar /opt/onap/target/dcae-service-change-handler.jar prod http://consul:8500/v1/kv/service-change-handler?raw=true
+java -Dlogback.configurationFile=logback.xml -jar /opt/sch/target/dcae-service-change-handler.jar prod http://consul:8500/v1/kv/service-change-handler?raw=true