diff options
author | Michael Hwang <mhwang@research.att.com> | 2019-07-17 23:24:36 -0400 |
---|---|---|
committer | Michael Hwang <mhwang@research.att.com> | 2019-07-22 10:27:06 -0400 |
commit | f14264024fc0d3103922360d2e7bb6dce114bf09 (patch) | |
tree | 8bd8b80c62ad86ec70191b3e89d06292b5091226 /resources/sch.sh | |
parent | 8762e960c9df97fe93f0a996a5e8870e6059c7f8 (diff) |
Support calling inventory using HTTPS5.0.0-ONAP
Issue-ID: DCAEGEN2-1597
Change-Id: Ie1dc18ad753e5f43223ce699dfbceb1649dc6235
Signed-off-by: Michael Hwang <mhwang@research.att.com>
Diffstat (limited to 'resources/sch.sh')
-rwxr-xr-x | resources/sch.sh | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/resources/sch.sh b/resources/sch.sh new file mode 100755 index 0000000..0a68858 --- /dev/null +++ b/resources/sch.sh @@ -0,0 +1,47 @@ +#!/bin/bash +# ================================================================================ +# Copyright (c) 2017-2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +# +# ECOMP is a trademark and service mark of AT&T Intellectual Property. + +# The following variables are checked if set, if not set then an error is raised +# PATH_TO_CACERT is the full file path to the cacert that must be added to the +# existing keystore +if [ -z "$PATH_TO_CACERT" ]; then + # TODO: Make this variable not required and thus not do the keytool call + echo "Missing required environment variable: PATH_TO_CACERT" + echo "Please set this variable to the full local path of the CA cert pem file that is to be added" + echo "Example: PATH_TO_CACERT=/opt/cert/cacert.pem" + exit 1 +fi + +# SCH_ARGS are all the args to be passed into the SCH java run command +if [ -z "$SCH_ARGS" ]; then + echo "Missing required environment variable: SCH_ARGS" + echo "Please set this variable to the command-line args to be used to run service change handler" + echo "Example: SCH_ARGS=prod /opt/config.json" + echo "Example: SCH_ARGS=prod http://consul:8500/v1/kv/service-change-handler?raw=true" + exit 1 +fi + +# Add the cacert to validate inventory's cert to support TLS. This command is +# allowed to fail when there is no need for https. +# NOTE: This user must have permission to write to /etc/ssl/certs/java/cacerts +keytool -importcert -file $PATH_TO_CACERT -keystore /etc/ssl/certs/java/cacerts -alias "inventory" -noprompt -storepass changeit + +# Now launch SCH +java -jar /opt/servicechange-handler.jar $SCH_ARGS + |