diff options
| author |   dglFromAtt <dgl@research.att.com> | 2019-04-03 23:16:06 +0000 |
|---|---|---|
| committer | dglFromAtt <dgl@research.att.com> | 2019-04-03 23:16:15 +0000 |
| commit | a4aeefb08d2ed5fb10a94fe3df63910db7827d33 (patch) | |
| tree | f8c9f5db3d13dc34eafc1680d3bc0eeeb007165f /dbc-client | |
| parent | e6de2cef6c35390335df07f868d2484adc3949c3 (diff) | |
Add client cert PEM files for authenticated requests
Note also relocated AAF cert artifacts since they are used by
both docker images created in this repo.
Change-Id: I539c0062ab9bc573e610bc7669d78e9528e2aace
Signed-off-by: dglFromAtt <dgl@research.att.com>
Issue-ID: DMAAP-1142
Diffstat (limited to 'dbc-client')
| -rw-r--r-- | dbc-client/misc/dbc-client | 31 | ||||
| -rw-r--r-- | dbc-client/pom.xml | 23 | ||||
| -rw-r--r-- | dbc-client/src/main/resources/Dockerfile | 8 | ||||
| -rw-r--r-- | dbc-client/version.properties | 2 |
4 files changed, 55 insertions, 9 deletions
diff --git a/dbc-client/misc/dbc-client b/dbc-client/misc/dbc-client index 8df970c..775f719 100644 --- a/dbc-client/misc/dbc-client +++ b/dbc-client/misc/dbc-client @@ -35,6 +35,12 @@ REQUESTID=${REQUESTID:-dbc-client} DBC=${DBC:-dmaap-bc} PROTO=${PROTO:-https} PORT=${PORT:-8443} +WAIT_TO_EXIT=${WAIT_TO_EXIT:-N} +PEMDIR=${PEMDIR:-/opt/app/osaaf/local} +CAPEM=${CAPEM:-ca.pem} +CLIENTPEM=${CLIENTPEM:-client.pem} +KEYPEM=${KEYPEM:-key.pem} +CERTPWD=${CERTPWD:-"2U[iOZzMHI:.#tdCwlBqc;}S"} @@ -47,6 +53,18 @@ config() { echo "Expected app root directory $APP_ROOT does not exist" exit 1 fi + cd $PEMDIR + pwd + ls -l + if [ -f $CAPEM -a -f $CLIENTPEM -a -f $KEYPEM ] + then + echo "--key $PEMDIR/$KEYPEM --cacert $PEMDIR/$CAPEM --cert $PEMDIR/${CLIENTPEM}:${CERTPWD}" > $PEMDIR/curl.cred + CURLCRED="-K $PEMDIR/curl.cred" + else + echo "Warning: PEM files for authorization not found!" + CURLCRED="" + fi + echo "CURLCRED=$CURLCRED" cd $APP_ROOT find . -type f -exec ls -l {} \; find $CONFIGMAP_ROOT -type f -exec ls -l {} \; @@ -57,7 +75,7 @@ config() { source $CONTAINER_CONFIG fi - if [ "$DMAAPBC_WAIT_TO_EXIT" != "Y" ] + if [ "$WAIT_TO_EXIT" != "Y" ] then echo "Creating $APP_ROOT/ok_to_exit so no waiting..." > $APP_ROOT/ok_to_exit @@ -70,6 +88,7 @@ config() { init() { + set -x echo "ENTER init" if [ ! -d $CONFIGMAP_ROOT ] then @@ -82,18 +101,20 @@ init() { while [ $rc != "200" ] do sleep 10 - rc=`curl -s -o /dev/null -I -w "%{http_code}" -X GET -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" ${PROTO}://${DBC}:${PORT}/webapi/dmaap` + rc=`curl $CURLCRED -s -o /dev/null -I -w "%{http_code}" -X GET -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" ${PROTO}://${DBC}:${PORT}/webapi/dmaap` echo "get dmaap response=${rc}" done + set +x } dopost() { + set -x RETRY_TIME=60 loop=true while [ $loop = true ] do - rc=`curl -s -X POST -w "%{http_code}" -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" -d @${1} ${PROTO}://${DBC}:${PORT}/webapi/${2} -o /dev/null` + rc=`curl $CURLCRED -s -X POST -w "%{http_code}" -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" -d @${1} ${PROTO}://${DBC}:${PORT}/webapi/${2} -o /dev/null` case $rc in 200 | 201 | 409 ) echo "response=$rc" @@ -105,10 +126,12 @@ dopost() { ;; esac done + set +x } doprov() { + set -x cd $CONFIGMAP_ROOT pwd # order is important in this next list @@ -123,6 +146,7 @@ doprov() { done fi done + set +x } delay() { echo "DELAY=$DELAY" @@ -132,7 +156,6 @@ delay() { fi } -set -x delay config init diff --git a/dbc-client/pom.xml b/dbc-client/pom.xml index 9257263..83c1d05 100644 --- a/dbc-client/pom.xml +++ b/dbc-client/pom.xml @@ -113,6 +113,25 @@ </includes> </resource> <resource> + <targetPath>${basedir}/target/docker-stage/opt/app/dbc-client/etc</targetPath> + <directory>${multiproject.basedir}/certs</directory> + <includes> + <include>org.onap.dmaap-bc.cred.props</include> + <include>org.onap.dmaap-bc.crontab.sh</include> + <include>org.onap.dmaap-bc.jks</include> + <include>org.onap.dmaap-bc.keyfile</include> + <include>org.onap.dmaap-bc.location.props</include> + <include>org.onap.dmaap-bc.p12</include> + <include>org.onap.dmaap-bc.props</include> + <include>org.onap.dmaap-bc.showpass</include> + <include>org.onap.dmaap-bc.trust.jks</include> + <include>ca.pem</include> + <include>client.pem</include> + <include>key.pem</include> + </includes> + </resource> + + <resource> <targetPath>${basedir}/target/docker-stage/opt/app/dbc-client/bin</targetPath> <directory>${basedir}/misc</directory> <includes> @@ -120,7 +139,7 @@ </includes> </resource> <resource> - <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/etc</targetPath> + <targetPath>${basedir}/target/docker-stage/opt/app/dbc-client/etc</targetPath> <directory>${basedir}</directory> <includes> <include>version.properties</include> @@ -251,7 +270,7 @@ <jettyVersion>9.4.12.RC2</jettyVersion> <eelf.version>1.0.0</eelf.version> <swagger.version>1.5.19</swagger.version> - <artifact.version>1.0.5</artifact.version> + <artifact.version>1.0.6</artifact.version> <!-- SONAR --> <jacoco.version>0.7.7.201606060606</jacoco.version> <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version> diff --git a/dbc-client/src/main/resources/Dockerfile b/dbc-client/src/main/resources/Dockerfile index 90cd7f9..9baa481 100644 --- a/dbc-client/src/main/resources/Dockerfile +++ b/dbc-client/src/main/resources/Dockerfile @@ -35,11 +35,15 @@ RUN update-ca-certificates # Install curl RUN apk add --no-cache curl -RUN apk add --no-cache curl +# Install client certs for curl and openssl +RUN apk add --no-cache openssl +RUN mkdir -p /opt/app/osaaf/local && \ + mv etc/org.onap.dmaap-bc.p12 /opt/app/osaaf/local && \ + mv etc/*.pem /opt/app/osaaf/local RUN chmod +x /opt/app/dbc-client/bin/* && \ mkdir /opt/app/dbc-client/logs VOLUME /opt/app/dbc-client/log -ENTRYPOINT ["sh", "./bin/dbc-client", "deploy"] +ENTRYPOINT ["sh", "./bin/dbc-client" ] diff --git a/dbc-client/version.properties b/dbc-client/version.properties index 3de14e0..dadd8a9 100644 --- a/dbc-client/version.properties +++ b/dbc-client/version.properties @@ -27,7 +27,7 @@ major=1 minor=0 -patch=5 +patch=6 base_version=${major}.${minor}.${patch} # Release must be completed with git revision # in Jenkins |