aboutsummaryrefslogtreecommitdiffstats
path: root/heat
diff options
context:
space:
mode:
Diffstat (limited to 'heat')
-rw-r--r--heat/ONAP/cloud-config/aaf_install.sh18
-rw-r--r--heat/ONAP/cloud-config/aaf_vm_init.sh40
-rw-r--r--heat/ONAP/cloud-config/sample_ca/.gitignore1
-rw-r--r--heat/ONAP/cloud-config/sample_ca/aaf.signer.b6450
-rw-r--r--heat/ONAP/cloud-config/sample_ca/aaf.signer.p12bin2850 -> 0 bytes
-rw-r--r--heat/ONAP/cloud-config/so_install.sh6
-rw-r--r--heat/ONAP/cloud-config/so_vm_init.sh3
-rw-r--r--heat/ONAP/onap_openstack.env8
-rw-r--r--heat/ONAP/onap_openstack.yaml12
-rw-r--r--heat/ONAP/onap_openstack_template.env4
-rwxr-xr-xheat/ONAP/openstack_encrypted_key.sh17
11 files changed, 116 insertions, 43 deletions
diff --git a/heat/ONAP/cloud-config/aaf_install.sh b/heat/ONAP/cloud-config/aaf_install.sh
index c2389d03..d358364e 100644
--- a/heat/ONAP/cloud-config/aaf_install.sh
+++ b/heat/ONAP/cloud-config/aaf_install.sh
@@ -6,6 +6,7 @@ export MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort
NEXUS_USERNAME=$(cat /opt/config/nexus_username.txt)
NEXUS_PASSWD=$(cat /opt/config/nexus_password.txt)
NEXUS_DOCKER_REPO=$(cat /opt/config/nexus_docker_repo.txt)
+AAF_DOCKER_VERSION=$(cat /opt/config/docker_version.txt)
HOSTNAME=`hostname -f`
FQDN=aaf.api.simpledemo.onap.org
HOST_IP=$(cat /opt/config/local_ip.txt)
@@ -31,15 +32,14 @@ fi
CASS_IP=`docker inspect aaf_cass | grep '"IPAddress' | head -1 | cut -d '"' -f 4`
CASS_HOST="cass.aaf.osaaf.org:"$CASS_IP
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_config:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_core:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_cm:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_fs:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_gui:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_hello:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_locate:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_oauth:latest
-docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_service:latest
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_config:$AAF_DOCKER_VERSION
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_cm:$AAF_DOCKER_VERSION
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_fs:$AAF_DOCKER_VERSION
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_gui:$AAF_DOCKER_VERSION
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_hello:$AAF_DOCKER_VERSION
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_locate:$AAF_DOCKER_VERSION
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_oauth:$AAF_DOCKER_VERSION
+docker pull $NEXUS_DOCKER_REPO/onap/aaf/aaf_service:$AAF_DOCKER_VERSION
cd $CURRENT_DIR
/bin/bash ./aaf_vm_init.sh
diff --git a/heat/ONAP/cloud-config/aaf_vm_init.sh b/heat/ONAP/cloud-config/aaf_vm_init.sh
index 59486e94..f2dd8781 100644
--- a/heat/ONAP/cloud-config/aaf_vm_init.sh
+++ b/heat/ONAP/cloud-config/aaf_vm_init.sh
@@ -2,6 +2,12 @@
CURRENT_DIR=$(pwd)
+if [ ! -e /opt/authz/auth/docker/d.props ]; then
+ cp /opt/authz/auth/docker/d.props.init /opt/authz/auth/docker/d.props
+fi
+. /opt/authz/auth/docker/d.props
+
+
NEXUS_USERNAME=$(cat /opt/config/nexus_username.txt)
NEXUS_PASSWD=$(cat /opt/config/nexus_password.txt)
if [ -e /opt/authz/auth/docker/d.props ]; then
@@ -19,7 +25,7 @@ fi
echo $NEXUS_DOCKER_REPO
HOSTNAME=`hostname -f`
FQDN=aaf.api.simpledemo.onap.org
-HOST_IP=$(cat /opt/config/local_ip.txt)
+HOST_IP=$(cat /opt/config/public_ip.txt)
cd /opt/authz/auth/auth-cass/docker
if [ "`docker container ls | grep aaf_cass`" = "" ]; then
@@ -28,12 +34,6 @@ if [ "`docker container ls | grep aaf_cass`" = "" ]; then
bash ./dinstall.sh
fi
-if [ ! -e /opt/authz/auth/docker/d.props ]; then
- cp /opt/authz/auth/docker/d.props.init /opt/authz/auth/docker/d.props
-fi
-
-VERSION=$(grep VERSION /opt/authz/auth/docker/d.props)
-VERSION=${VERSION#VERSION=}
CASS_IP=`docker inspect aaf_cass | grep '"IPAddress' | head -1 | cut -d '"' -f 4`
CASS_HOST="cass.aaf.osaaf.org:"$CASS_IP
if [ ! -e /opt/authz/auth/docker/cass.props ]; then
@@ -42,20 +42,28 @@ fi
sed -i "s/CASS_HOST=.*/CASS_HOST="$CASS_HOST"/g" /opt/authz/auth/docker/cass.props
# TODO Pull from Config Dir
-CADI_LATITUDE=37.781
-CADI_LONGITUDE=-122.261
+if [ "$LATITUDE" = "" ]; then
+ LATITUDE=37.781
+ LONGITUDE=-122.261
+ sed -i "s/LATITUDE=.*/LATITUDE=$LATITUDE/g" /opt/authz/auth/docker/d.props
+ sed -i "s/LONGITUDE=.*/LONGITUDE=$LONGITUDE/g" /opt/authz/auth/docker/d.props
+fi
sed -i "s/DOCKER_REPOSITORY=.*/DOCKER_REPOSITORY=$NEXUS_DOCKER_REPO/g" /opt/authz/auth/docker/d.props
sed -i "s/VERSION=.*/VERSION=$VERSION/g" /opt/authz/auth/docker/d.props
sed -i "s/HOSTNAME=.*/HOSTNAME=$HOSTNAME/g" /opt/authz/auth/docker/d.props
sed -i "s/HOST_IP=.*/HOST_IP=$HOST_IP/g" /opt/authz/auth/docker/d.props
-sed -i "s/LATITUDE=.*/LATITUDE=$CADI_LATITUDE/g" /opt/authz/auth/docker/d.props
-sed -i "s/LONGITUDE=.*/LONGITUDE=$CADI_LONGITUDE/g" /opt/authz/auth/docker/d.props
-SIGNER_P12="$CURRENT_DIR/sample_ca/aaf.signer.p12"
-AAF_P12="$CURRENT_DIR/sample_ca/aaf.bootstrap.p12"
+SIGNER_B64="$CURRENT_DIR/config/sample_ca/aaf.signer.b64"
+SIGNER_P12="$CURRENT_DIR/config/sample_ca/aaf.signer.p12"
+AAF_P12="$CURRENT_DIR/config/sample_ca/aaf.bootstrap.p12"
P12_PASSWORD="something easy"
+if [ ! -e "$SIGNER_P12" ]; then
+ mkdir -p "$CURRENT_DIR/config/sample_ca"
+ base64 -d $SIGNER_B64 > $SIGNER_P12
+fi
+
if [ ! -e "$AAF_P12" ]; then
mkdir -p $CURRENT_DIR/sample_ca
cd /opt/authz/conf/CA
@@ -75,8 +83,8 @@ if [ -e "$AAF_P12" ]; then
fi
if [ -e "$SIGNER_P12" ]; then
- if [ -e "/opt/config/cadi_x509_issuers.txt" ]; then
- ISSUERS=$(cat "/opt/config/cadi_x509_issuers.txt")":"
+ if [ "$CADI_X509_ISSUERS" != "" ]; then
+ CADI_X509_ISSUERS="$CADI_X509_ISSUERS:"
fi
# Pick the REAL subject off the P12
SUBJECT=$(echo "$P12_PASSWORD" | openssl pkcs12 -info -clcerts -in $SIGNER_P12 -nokeys -passin stdin | grep subject)
@@ -90,7 +98,7 @@ if [ -e "$SIGNER_P12" ]; then
RSUBJECT="$S, $RSUBJECT"
fi
done
- ISSUERS="$ISSUERS$RSUBJECT"
+ ISSUERS="$CADI_X509_ISSUERS$RSUBJECT"
sed -i "s/CADI_X509_ISSUERS=.*/CADI_X509_ISSUERS=\"$ISSUERS\"/g" /opt/authz/auth/docker/d.props
sed -i "s/AAF_SIGNER_P12=.*/AAF_SIGNER_P12=${SIGNER_P12//\//\\/}/g" /opt/authz/auth/docker/d.props
sed -i "s/AAF_SIGNER_PASSWORD=.*/AAF_SIGNER_PASSWORD=\"$P12_PASSWORD\"/g" /opt/authz/auth/docker/d.props
diff --git a/heat/ONAP/cloud-config/sample_ca/.gitignore b/heat/ONAP/cloud-config/sample_ca/.gitignore
index 5f8bc015..cabb364e 100644
--- a/heat/ONAP/cloud-config/sample_ca/.gitignore
+++ b/heat/ONAP/cloud-config/sample_ca/.gitignore
@@ -1 +1,2 @@
+aaf.signer.p12
aaf.bootstrap.p12
diff --git a/heat/ONAP/cloud-config/sample_ca/aaf.signer.b64 b/heat/ONAP/cloud-config/sample_ca/aaf.signer.b64
new file mode 100644
index 00000000..e561a79a
--- /dev/null
+++ b/heat/ONAP/cloud-config/sample_ca/aaf.signer.b64
@@ -0,0 +1,50 @@
+MIILHgIBAzCCCuQGCSqGSIb3DQEHAaCCCtUEggrRMIIKzTCCBU8GCSqGSIb3DQEHBqCCBUAwggU8
+AgEAMIIFNQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIFm99wNswitsCAggAgIIFCL9ry6qG
+pcnYFQfHR0RaQhZswgrJOslFbI69lZcb8kNpnpl+o8BMkB+WYPGd1I3Nvxg9bBcCstyHaGdKcT3H
+9VKukKq1lJ1cJdGyHgMFVAN/wDk63xOb6bLj0PdrMpwOnRGmZwVwzR2Kx+5qYolXTggdJ0vrsu2n
+O68w7jzAKswP2JnSqZzR4kjccRdoBRBzGHwdEo1KJPGWYMabk/Pu1utU3PmPaWYucIJxpPWG8/3S
+8smGPj8KxFLFs7UJZvVuIVFwTWpW1SMR2dfA5d6i/+M3UrskIeRFUHhTE+dEMduZQ7VsriHROsfc
+vmuks3LdhfQpOcF/ZMUqqiHsCuy42tCEYKbvWzayWrr2jsNXTGHgI64wd8RSEHQKJxAUpSORLwIA
+8lK0pwcHl5I4NChkdd4Pb3bpoDaKnlX3T6KoPy61Yu8VUtCtN8xaYA2LGrQJGVEO+3TKiYy27ISq
+cDwDZfqvZC34GUfp7n5eMny0TSIyCKm+jZCpKenvESWmQZiWjL8Psj3KEr9PlAQ+cEslJ3tC0oQ9
+jn7WCc8JR+n0c6EckyFYqMcHIhvbheEwLSF7aQ29I4SmQR6WQJgTRJOBGzEHejmXgUTYaBtjoicj
+4/BctsMrYoe/qgJwSK7kz+GFqxzzINgxYB/vXihHYvwx/PEzoIOH1ONH39d9OfH7TLyUKCB/SMlR
+2dPTwlOgEjunqsS4rhjF0s2Ru/r1WgpJLefIAtAwJqDJ7J0nZFoQyNamC7qIzYlAxcNoqXnysrhE
+PQrMvNa8PFhE1nq+fb06ZFzz/VDqvadYTPuI6CPeGtClZNbIFsgFfkFYUTVdxLns82Fe2lRprIr4
+FJfVGa6IkLxNEgb4TaZQSYyxx0Kb5IXfIzB9Z3h7cWBC529u5T2gs2wEU2HJVVueRiziXdPGc4Lm
+0A0ThDVHQ9NR0ukhjQUfAdxCtUCtODXNr0jNyHlvtCrgAI2xMsdTzfoTCXPAGc8xcm7f6Q81ijRA
+DDCRe3kp+PA2npg5Gaffp6IuMMQBCHPcoNrlWvBOtI4RomwEfcyJWGaSV6fezctzWBvYyMnS/QJo
+C0bPkCiS9awkdc2OBEtN5B7srkJk2p1WsjZGStNbcv/LPpCiko7oOyn3YgZXtTVsQVGypKQYnoTQ
+Lwd0+u5nvx38tfBL8Gd9psZbHz+2nBF3aZ7XDx/OGo45WHinb8t4DVoxBctMNRRbT7CfMVabAIm/
+Blw00NMSy3zzBNMXLJkWzJrbigLRiQUWEabDNxf60OhbTIuQ/4hUTnaYN8/vNaqbfqzN7bj6FEyO
+l8gurmHtHMFVLCl29tmLkKJa1se7m/Zt8fHmzHOla5OTsoZmte+p3NO7v+tTry75c4xobmEweKS0
+bwaMqi/NlZ5Sd64bveJQv67U4qc/b6mCEyhcFrqHfXpTga/3Hh/oScZw60Uf6O0MDVJhjkClVQMd
+8B1eyK8B1m0wNUtdtzGeFj02rIzfNQoZxo5iyMDuLy+d0JUEE0eDDEBYsDtE0t5oaDLe1IgVLYuo
++0r50bqK0NJ5QlNAygerEMuxisiYbRhVB/Fw4LgNNCO3E8YdNFOn09b5inafw0ISRkuqnn4jZC5Q
+E2CDHUOEkdGwSit5uumhqqmJRJjOazNWq0eG0I0soUNQ1GOkbo7H7mqRsHEJ73MGfd3PD09dXdsl
+HNTEZ9+UDa6BxbV4c1purAOpISMUi78tmaBXRdswggV2BgkqhkiG9w0BBwGgggVnBIIFYzCCBV8w
+ggVbBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIUzKuwMkahNMCAggABIIE
+yD3YEvqVSqXcIeZq/mv04CzaG922gC7uaS7DSWkVCqRHQlAXFD5T2FiAON205sPRaoX6/J0d6YQ7
+plrYQgf1uNy0aV+3fF0UNyBvceCWZI1wvDUliTmsWIIDFaKEXBtCyZZEWNldn++PXoeCN0ARFiGD
+TC8BukruKiFnGNWTbnVqnoRLTeuPd24OfhjaZUJJv0U8/4mGguZGLeUxQwzSH9u3kXrF5Dq5rT8d
+PTi4R+fkTlRnINn3p95zkkBvoNANO1v3P6XR4Lzmj6o7+nOMEjQtdAmspefQWirtjnMYQqjihgjY
+cVpY2UCFRO5NRs8ZGwqbWEskrkPqDS27HrIqlCp1Pm24YiH7jztXXm/9wEr7cbqHcGhMYFGUpnZD
+SulX+VXB3mKBqtCkgmXdCWbEy/iDHXdGCcQSZrp8gqSO/Zz4hNl4QB8hmOtF0kj3tAFQMVvqXpCf
+XZQ9F64/AxeMLDPZlTb4v4eWzllwb8lo1cxLT6dD94Galae4Tfx30OdT8n1nnw2el9eNNXTQq+i5
+Tlqu5idJ5+JB4Sk7iQ5B81cEqlOfInke3tkKVzUtH46+oPr6dplR8fqYnBBdttOG6/8fcOttzs54
+RUqny8WKcGwUK2f2T88HwzmsiaRJzkFmzeOXXUy/z4/y1V4qbXBiZ0ADcRCIVkmzLZYBRSK0rm+P
+Fqx3xlwkUBnsr1ebreNiz2UUbFKNsWLfDzsjb0zwenz73SpGcJzE7Rfdyizy7aibn5FAmlM7sgqy
+cwNJ5JaMk88qW+jMD86jZypMVrINNQerNP82+VZmKzaH/XuEslSn4Vpjwlh1vqfGxkXTG4QyN0Jr
+dCyDqOY+gfPr92AjMHgQ6cmSqXRWro6C3v0AGfiTHGxXWQ4w6hH1GtNj+t3yuIeiu4Woqn0IF5Fe
+cP/pgN27UMlrAoNU5racJgUWIENBBiPmQ7wwyEPVcG7quudkTXr52Ob8R153YmRn5OMrzomP4wnA
+BvVlbXn4hiea02tOCP66vZmb3L+S1ZNm/Hw+DBJA7PSDkv8gJTb1YB6EJHHT1ArlQ37KHRth9NA+
+kYz1X0nnSFKU0HeegXnwA6vGHRZTJC4/+VwsEa/Js0T7/Z0kAPifLse+bRH8MrKKJgzm+FwMvZvl
+TvbkYqG2/wsfRmA1Uzvsgfs6vgww5MZnH5875BS7HuHKeGhzkeh42D1vLmzw5Y/es8/3MysQoqc/
+za12D6J0fDT1gLnK2pe/+NgEihLE3YGd1cc4ZHp60++L1vcl34kX60D8xS52zlItIkGDk10H9Bn8
+KtH11EZ+5tcN9o20qDMrLGPGRpwrNK47EipEb7xWrm4j6sK+CT2THxam4mkoPWxQPykzC3Iu/6ma
+f37YGaX/rbDK4X7KPI3UhsciChIoCiQuAd5AT+0jON2c4zS796kZb/cxSSjx4o8DLHaw49TvqnGw
+XN9+5Xf2hZtn86x6kd2WJ+RhtoglPMfZxuzVY4OffwqNBqocahCdGNuOMbFA+s/GA5rOyhtwuT5T
+Gfo8W1hPMW1F18AA0ITRwVNLrrvophWnRMX8r2em0P9C8kWBxB9bu+r7LRxg6pm2dCkrUVq4VK+3
+1qFvB2GJ6rrk5Z4eiXrnuNNUN5cYKdw5A3xNKzFaMCMGCSqGSIb3DQEJFTEWBBQCiRlcVsnA4fcn
+3jYAcvafhe14+jAzBgkqhkiG9w0BCRQxJh4kAGEAYQBmAF8AaQBuAHQAZQByAG0AZQBkAGkAYQB0
+AGUAXwA5MDEwITAJBgUrDgMCGgUABBSfSZRY3B152JG+O3Z9fUP7J9d4JwQIvPsWr/bYXtoCAggA
diff --git a/heat/ONAP/cloud-config/sample_ca/aaf.signer.p12 b/heat/ONAP/cloud-config/sample_ca/aaf.signer.p12
deleted file mode 100644
index 8de21238..00000000
--- a/heat/ONAP/cloud-config/sample_ca/aaf.signer.p12
+++ /dev/null
Binary files differ
diff --git a/heat/ONAP/cloud-config/so_install.sh b/heat/ONAP/cloud-config/so_install.sh
index 3a8f3fc2..36c7c8cb 100644
--- a/heat/ONAP/cloud-config/so_install.sh
+++ b/heat/ONAP/cloud-config/so_install.sh
@@ -1,7 +1,7 @@
#!/bin/bash
# Read configuration files
-OPENSTACK_API_KEY=$(cat /opt/config/openstack_api_key.txt)
+#OPENSTACK_API_KEY=$(cat /opt/config/openstack_api_key.txt)
GERRIT_BRANCH=$(cat /opt/config/gerrit_branch.txt)
CODE_REPO=$(cat /opt/config/remote_repo.txt)
HTTP_PROXY=$(cat /opt/config/http_proxy.txt)
@@ -16,7 +16,7 @@ fi
# Clone Gerrit repository and run docker containers.
cd /opt
git clone -b $GERRIT_BRANCH --single-branch $CODE_REPO test_lab
-SO_ENCRYPTION_KEY=$(cat /opt/test_lab/encryption.key)
-echo -n "$OPENSTACK_API_KEY" | openssl aes-128-ecb -e -K $SO_ENCRYPTION_KEY -nosalt | xxd -c 256 -p > /opt/config/api_key.txt
+#SO_ENCRYPTION_KEY=$(cat /opt/test_lab/encryption.key)
+#echo -n "$OPENSTACK_API_KEY" | openssl aes-128-ecb -e -K $SO_ENCRYPTION_KEY -nosalt | xxd -c 256 -p > /opt/config/api_key.txt
./so_vm_init.sh
diff --git a/heat/ONAP/cloud-config/so_vm_init.sh b/heat/ONAP/cloud-config/so_vm_init.sh
index fb19d1a3..1acf2eb0 100644
--- a/heat/ONAP/cloud-config/so_vm_init.sh
+++ b/heat/ONAP/cloud-config/so_vm_init.sh
@@ -5,7 +5,8 @@ NEXUS_PASSWD=$(cat /opt/config/nexus_password.txt)
NEXUS_DOCKER_REPO=$(cat /opt/config/nexus_docker_repo.txt)
DMAAP_TOPIC=$(cat /opt/config/dmaap_topic.txt)
OPENSTACK_USERNAME=$(cat /opt/config/openstack_username.txt)
-OPENSTACK_APIKEY=$(cat /opt/config/api_key.txt)
+#OPENSTACK_APIKEY=$(cat /opt/config/api_key.txt)
+OPENSTACK_APIKEY=$(cat /opt/config/openstack_api_key.txt)
export MSO_DOCKER_IMAGE_VERSION=$(cat /opt/config/docker_version.txt)
export MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
diff --git a/heat/ONAP/onap_openstack.env b/heat/ONAP/onap_openstack.env
index b9fc2e6c..41c5e2e6 100644
--- a/heat/ONAP/onap_openstack.env
+++ b/heat/ONAP/onap_openstack.env
@@ -44,9 +44,7 @@ parameters:
openstack_username: PUT YOUR OPENSTACK USERNAME HERE
- openstack_api_key: PUT YOUR OPENSTACK PASSWORD HERE
-
- openstack_auth_method: password
+ openstack_api_key: PUT YOUR ENCRYPTED OPENSTACK PASSWORD HERE
openstack_region: RegionOne
@@ -146,8 +144,8 @@ parameters:
cli_docker: "2.0.2"
music_docker: "2.5.3"
cassandra_music_docker: "3.0.0"
- optf_has_docker: "1.1.1"
- optf_osdf_docker: "1.1.1"
+ optf_has_docker: "1.2.1"
+ optf_osdf_docker: "1.2.1"
aaf_docker: "2.1.2-SNAPSHOT"
sms_docker: "2.0.0"
nbi_docker: "2.0.0"
diff --git a/heat/ONAP/onap_openstack.yaml b/heat/ONAP/onap_openstack.yaml
index d258d71d..fba9bfb4 100644
--- a/heat/ONAP/onap_openstack.yaml
+++ b/heat/ONAP/onap_openstack.yaml
@@ -3,7 +3,7 @@
#==================LICENSE_START==========================================
#
#
-# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -121,13 +121,9 @@ parameters:
type: string
description: OpenStack username
- openstack_auth_method:
- type: string
- description: OpenStack authentication method (password VS. api-key)
-
openstack_api_key:
type: string
- description: OpenStack password or API Key
+ description: Encrypted OpenStack password
keystone_url:
type: string
@@ -2447,6 +2443,9 @@ resources:
- path: /opt/aaf_vm_init.sh
permissions: '0755'
content: { get_file: cloud-config/aaf_vm_init.sh }
+ - path: /opt/config/sample_ca/aaf.signer.b64
+ permissions: '0600'
+ content: { get_file: cloud-config/sample_ca/aaf.signer.b64 }
- path: /etc/init.d/serv.sh
permissions: '0755'
content:
@@ -2474,6 +2473,7 @@ resources:
#!/bin/bash
# Create configuration files
+ mkdir -p /opt/config/sample_ca
echo "__docker_version__" > /opt/config/docker_version.txt
echo "__aaf_repo__" > /opt/config/remote_repo.txt
echo "__gerrit_branch__" > /opt/config/gerrit_branch.txt
diff --git a/heat/ONAP/onap_openstack_template.env b/heat/ONAP/onap_openstack_template.env
index af560124..13ed5071 100644
--- a/heat/ONAP/onap_openstack_template.env
+++ b/heat/ONAP/onap_openstack_template.env
@@ -44,9 +44,7 @@ parameters:
openstack_username: PUT YOUR OPENSTACK USERNAME HERE
- openstack_api_key: PUT YOUR OPENSTACK PASSWORD HERE
-
- openstack_auth_method: password
+ openstack_api_key: PUT YOUR ENCRYPTED OPENSTACK PASSWORD HERE
openstack_region: RegionOne
diff --git a/heat/ONAP/openstack_encrypted_key.sh b/heat/ONAP/openstack_encrypted_key.sh
new file mode 100755
index 00000000..20910fa3
--- /dev/null
+++ b/heat/ONAP/openstack_encrypted_key.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+usage () {
+ echo "Usage:"
+ echo " ./$(basename $0) your_openstack_password"
+ exit 1
+}
+
+if [ "$#" -ne 1 ]; then
+ echo "Wrong number of input parameters"
+ usage
+fi
+
+SO_ENCRYPTION_KEY=aa3871669d893c7fb8abbcda31b88b4f
+OPENSTACK_API_KEY=$1
+
+echo -n "$OPENSTACK_API_KEY" | openssl aes-128-ecb -e -K $SO_ENCRYPTION_KEY -nosalt | xxd -c 256 -p