diff options
author | Ubuntu <dgl@research.att.com> | 2020-03-09 14:11:52 +0000 |
---|---|---|
committer | Ubuntu <dgl@research.att.com> | 2020-03-09 14:12:06 +0000 |
commit | 6725f93b143b262249635130e44ff8cc7fccdc30 (patch) | |
tree | 082788a538cbcbe20fdd6594c792d77bf26f9d65 /dmaap-bc | |
parent | b4dc85f82a74ac45ec1661d207740409b3d97238 (diff) |
Remove baked in certs and use downloaded certs
Issue-ID: DMAAP-1401
Signed-off-by: Ubuntu <dgl@research.att.com>
Change-Id: I4da88a80a79711d2173fb7814adb9f86e7af8739
Diffstat (limited to 'dmaap-bc')
-rw-r--r-- | dmaap-bc/misc/dmaapbc | 24 | ||||
-rw-r--r-- | dmaap-bc/misc/doaction | 63 | ||||
-rw-r--r-- | dmaap-bc/misc/havecert.tmpl | 12 | ||||
-rw-r--r-- | dmaap-bc/pom.xml | 20 | ||||
-rw-r--r-- | dmaap-bc/src/main/resources/Dockerfile | 8 |
5 files changed, 34 insertions, 93 deletions
diff --git a/dmaap-bc/misc/dmaapbc b/dmaap-bc/misc/dmaapbc index 51aa93a..15f2fd2 100644 --- a/dmaap-bc/misc/dmaapbc +++ b/dmaap-bc/misc/dmaapbc @@ -76,7 +76,7 @@ config() { echo "WARNING: Expected env file $CONTAINER_CONFIG not found. Default behaviors in effect" find $CONTAINER_ROOT -type f else - source $CONTAINER_CONFIG + . $CONTAINER_CONFIG fi if [ "$DMAAPBC_WAIT_TO_EXIT" != "Y" ] @@ -87,8 +87,24 @@ config() { echo "Not creating $APP_ROOT/ok_to_exit" fi - . misc/havecert.tmpl > etc/havecert - chmod +x etc/havecert + #. misc/havecert.tmpl > etc/havecert + #chmod +x etc/havecert + echo Check for certificate + TZ=GMT0 + cd /opt/app/dmaapbc; + KEYSTORE=${DMAAPBC_KSTOREFILE:-etc/keystore} + echo "KEYSTORE=$KEYSTORE" + d=`dirname $KEYSTORE` + ls -l $d + if [ -f ${KEYSTORE} ] + then + echo "Goodness: Found ${KEYSTORE}" + else + EMSG="`date '+%F %T,000'` WARN Certificate file $KEYSTORE is missing" + echo $EMSG + echo $EMSG >>${DMAAPBC_LOGS:-logs}/dmaapbc.log + fi + # These files might be better provided in kubernetes configmaps # so if they are there, use them @@ -113,7 +129,7 @@ start() { cd $APP_ROOT pwd - if etc/havecert + if [ -f "$KEYSTORE" ] then echo >/dev/null else diff --git a/dmaap-bc/misc/doaction b/dmaap-bc/misc/doaction deleted file mode 100644 index 7fee592..0000000 --- a/dmaap-bc/misc/doaction +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/bash -# -# ============LICENSE_START========================================== -# org.onap.dmaap -# =================================================================== -# Copyright © 2018 AT&T Intellectual Property. All rights reserved. -# =================================================================== -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END============================================ -# ECOMP is a trademark and service mark of AT&T Intellectual Property. -# -# - -cd /opt/app/dmaapbc/etc -for action in "$@" -do -case "$action" in -'backup') - cp log4j.properties log4j.properties.save 2>/dev/null - cp dmaapbc.properties dmaapbc.properties.save 2>/dev/null - cp havecert havecert.save 2>/dev/null - ;; -'stop') - /opt/app/platform/init.d/dmaapbc stop - ;; -'start') - /opt/app/platform/init.d/dmaapbc start || exit 1 - ;; -'config') - /bin/bash log4j.properties.tmpl >log4j.properties - /bin/bash dmaapbc.properties.tmpl >dmaapbc.properties - /bin/bash havecert.tmpl >havecert - /bin/bash PolicyEngineApi.properties.tmpl > ../config/PolicyEngineApi.properties - chmod +x havecert - rm -f /opt/app/platform/rc.d/K90dmaapbc /opt/app/platform/rc.d/S10dmaapbc - ln -s ../init.d/dmaapbc /opt/app/platform/rc.d/K90dmaapbc - ln -s ../init.d/dmaapbc /opt/app/platform/rc.d/S10dmaapbc - ;; -'restore') - cp log4j.properties.save log4j.properties 2>/dev/null - cp dmaapbc.properties.save dmaapbc.properties 2>/dev/null - cp havecert.save havecert 2>/dev/null - ;; -'clean') - rm -f log4j.properties dmaapbc.properties havecert log4j.properties.save dmaapbc.properties.save havecert.save SHUTDOWN redirections.dat VERSION.dmaapbc - rm -f /opt/app/platform/rc.d/K90dmaapbc /opt/app/platform/rc.d/S10dmaapbc - ;; -*) - exit 1 - ;; -esac -done -exit 0 diff --git a/dmaap-bc/misc/havecert.tmpl b/dmaap-bc/misc/havecert.tmpl index a3a5ff8..3d23c7b 100644 --- a/dmaap-bc/misc/havecert.tmpl +++ b/dmaap-bc/misc/havecert.tmpl @@ -21,12 +21,20 @@ # # cat <<!EOF +echo Check for certificate TZ=GMT0 cd /opt/app/dmaapbc; -if [ -f ${DMAAPBC_KSTOREFILE:-etc/keystore} ] +KEYSTORE=${DMAAPBC_KSTOREFILE:-etc/keystore} +echo "KEYSTORE=$KEYSTORE" +d=`dirname $KEYSTORE` +ls -l $d +if [ -f ${KEYSTORE} ] then + echo "Goodness: Found ${KEYSTORE}" exit 0 fi -echo `date '+%F %T,000'` WARN Certificate file "${DMAAPBC_KSTOREFILE:-etc/keystore}" is missing >>${DMAAPBC_LOGS:-logs}/dmaapbc.log +EMSG="`date '+%F %T,000'` WARN Certificate file $KEYSTORE is missing" +echo $EMSG +echo $EMSG >>${DMAAPBC_LOGS:-logs}/dmaapbc.log exit 1 !EOF diff --git a/dmaap-bc/pom.xml b/dmaap-bc/pom.xml index 175f300..6881541 100644 --- a/dmaap-bc/pom.xml +++ b/dmaap-bc/pom.xml @@ -177,21 +177,6 @@ </includes> </resource> <resource> - <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/etc</targetPath> - <directory>${multiproject.basedir}/certs</directory> - <includes> - <include>org.onap.dmaap-bc.cred.props</include> - <include>org.onap.dmaap-bc.crontab.sh</include> - <include>org.onap.dmaap-bc.jks</include> - <include>org.onap.dmaap-bc.keyfile</include> - <include>org.onap.dmaap-bc.location.props</include> - <include>org.onap.dmaap-bc.p12</include> - <include>org.onap.dmaap-bc.props</include> - <include>org.onap.dmaap-bc.showpass</include> - <include>org.onap.dmaap-bc.trust.jks</include> - </includes> - </resource> - <resource> <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/misc</targetPath> <directory>${multiproject.basedir}/misc</directory> <includes> @@ -228,7 +213,6 @@ <directory>${basedir}/misc</directory> <includes> <include>dmaapbc</include> - <include>doaction</include> </includes> </resource> </resources> @@ -428,7 +412,7 @@ <dependency> <groupId>org.onap.dmaap.dbcapi</groupId> <artifactId>dbcapi</artifactId> - <version>2.0.1</version> + <version>2.0.2</version> </dependency> </dependencies> <reporting> @@ -466,7 +450,7 @@ <jettyVersion>9.4.24.v20191120</jettyVersion> <eelf.version>1.0.0</eelf.version> <swagger.version>1.5.19</swagger.version> - <artifact.version>2.0.3-SNAPSHOT</artifact.version> + <artifact.version>2.0.4-SNAPSHOT</artifact.version> <timestamp>${maven.build.timestamp}</timestamp> <maven.build.timestamp.format>yyyy-MM-dd HH:mm</maven.build.timestamp.format> <!-- SONAR --> diff --git a/dmaap-bc/src/main/resources/Dockerfile b/dmaap-bc/src/main/resources/Dockerfile index 64bd689..fef7fae 100644 --- a/dmaap-bc/src/main/resources/Dockerfile +++ b/dmaap-bc/src/main/resources/Dockerfile @@ -44,13 +44,9 @@ RUN update-ca-certificates #prepare certificate location for cadi -RUN mkdir -p /opt/app/osaaf && \ - ln -s /opt/app/dmaapbc/etc /opt/app/osaaf/local +RUN mkdir -p /opt/app/osaaf -RUN mv etc/org.onap.dmaap-bc.jks etc/keystore && \ - chmod 600 etc/keystore && \ - chmod 600 etc/org.onap.dmaap-bc.trust.jks && \ - chmod +x bin/* && \ +RUN chmod +x bin/* && \ mkdir logs && \ mkdir www && \ mkdir doc && \ |