From b1961a04c191ebbc726de507d98c85966b7a6a71 Mon Sep 17 00:00:00 2001 From: Krzysztof Gajewski Date: Wed, 24 Feb 2021 14:46:37 +0100 Subject: Add JWT support in HTTP/HTTPS based locations - pnf-simulator - update containers to version 1.0.5 Issue-ID: DCAEGEN2-2536 Signed-off-by: Krzysztof Gajewski Change-Id: If6b938db03fc8b5e5a5a6435ad0559061fa5b4ad --- Changelog.md | 6 + deployment/pom.xml | 2 +- httpserver/.gitignore | 1 + httpserver/Dockerfile | 23 +++- httpserver/README.md | 6 + httpserver/docker-compose.yml | 9 +- httpserver/pom.xml | 4 +- httpserver/resources/.htaccess | 5 - httpserver/resources/.htpasswd | 1 - httpserver/resources/apache-config.conf | 49 -------- httpserver/resources/apache2.conf | 2 +- httpserver/resources/lib/libjwt.so.1.7.0 | Bin 0 -> 133400 bytes httpserver/resources/local/.htpasswd | 1 + httpserver/resources/local/upload.php | 18 +++ httpserver/resources/mods-enabled/auth_jwt.load | 1 + httpserver/resources/modules/mod_authnz_jwt.so | Bin 0 -> 146696 bytes httpserver/resources/ports.conf | 14 +++ .../resources/sites-enabled/000-default.conf | 132 +++++++++++++++++++++ httpserver/resources/upload.php | 18 --- netconfsimulator/pom.xml | 4 +- pnfsimulator/integration/pom.xml | 4 +- pnfsimulator/pom.xml | 4 +- pnfsimulator/templates/notificationHttpServer.json | 6 +- pom.xml | 2 +- sanitycheck/Makefile | 2 +- sanitycheck/events/eventToVesWithHttpServer.json | 2 +- .../docker-compose-certservice-clients.yml | 6 +- .../docker-compose-certservice-ejbca.yml | 2 +- .../certservice/docker-compose-pnfsim.yml | 9 +- .../certservice/resources/certs/.gitignore | 3 + .../resources/certservice-client/.gitignore | 3 + 31 files changed, 234 insertions(+), 105 deletions(-) create mode 100644 httpserver/.gitignore delete mode 100644 httpserver/resources/.htaccess delete mode 100644 httpserver/resources/.htpasswd delete mode 100644 httpserver/resources/apache-config.conf create mode 100755 httpserver/resources/lib/libjwt.so.1.7.0 create mode 100644 httpserver/resources/local/.htpasswd create mode 100644 httpserver/resources/local/upload.php create mode 100644 httpserver/resources/mods-enabled/auth_jwt.load create mode 100644 httpserver/resources/modules/mod_authnz_jwt.so create mode 100644 httpserver/resources/ports.conf create mode 100644 httpserver/resources/sites-enabled/000-default.conf delete mode 100644 httpserver/resources/upload.php create mode 100644 sanitycheck/pnfsimulator-secured/certservice/resources/certs/.gitignore create mode 100644 sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/.gitignore diff --git a/Changelog.md b/Changelog.md index 15d9de0..6fc918f 100644 --- a/Changelog.md +++ b/Changelog.md @@ -28,3 +28,9 @@ All notable changes to this project will be documented in this file. ### Fix - Fix integration test - https://jira.onap.org/browse/INT-1844 + +## [1.0.5] + +### Changed + - httpserver to be consistent with DFC csit/integration test cases + - https://jira.onap.org/browse/DCAEGEN2-2536 diff --git a/deployment/pom.xml b/deployment/pom.xml index 354e80c..1fc91fc 100644 --- a/deployment/pom.xml +++ b/deployment/pom.xml @@ -25,7 +25,7 @@ org.onap.integration.simulators.pnf-simulator integration-pnf-simulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT onboarding-package diff --git a/httpserver/.gitignore b/httpserver/.gitignore new file mode 100644 index 0000000..98d8a5a --- /dev/null +++ b/httpserver/.gitignore @@ -0,0 +1 @@ +logs diff --git a/httpserver/Dockerfile b/httpserver/Dockerfile index 893b5ba..99acb9a 100644 --- a/httpserver/Dockerfile +++ b/httpserver/Dockerfile @@ -11,9 +11,20 @@ ENV APACHE_LOG_DIR /var/log/apache2 ENV APACHE_LOCK_DIR /var/lock/apache2 ENV APACHE_PID_FILE /var/run/apache2.pid -ADD resources/.htpasswd /usr/local/apache2/passwd/.htpasswd -ADD resources/.htaccess /usr/local/apache2/htdocs/.htaccess -ADD resources/upload.php /usr/local/apache2/conf/upload.php -ADD resources/apache-config.conf /etc/apache2/sites-enabled/000-default.conf -ADD resources/apache2.conf /etc/apache2/apache2.conf -ADD resources/cert/ /etc/apache2/certs/ +COPY --chown=root:root resources/local/.htpasswd /usr/local/apache2/passwd/.htpasswd +COPY --chown=root:root resources/local/upload.php /usr/local/apache2/conf/upload.php +COPY --chown=root:root resources/sites-enabled/000-default.conf /etc/apache2/sites-enabled/000-default.conf +COPY --chown=root:root resources/ports.conf /etc/apache2/ports.conf +COPY --chown=root:root resources/apache2.conf /etc/apache2/apache2.conf +COPY --chown=root:root resources/cert/ /etc/apache2/certs/ + +COPY --chown=root:root resources/lib/libjwt.so.1.7.0 /usr/lib/x86_64-linux-gnu/libjwt.so.1 +COPY --chown=root:root resources/modules/mod_authnz_jwt.so /usr/local/apache2/modules/mod_authnz_jwt.so +COPY --chown=root:root resources/mods-enabled/auth_jwt.load /etc/apache2/mods-enabled/auth_jwt.load + +RUN chmod 644 /usr/local/apache2/passwd/.htpasswd +RUN chmod 644 /usr/local/apache2/conf/httpd.conf +RUN chmod 644 /usr/lib/x86_64-linux-gnu/libjwt.so.1 +RUN chmod 644 /usr/local/apache2/modules/mod_authnz_jwt.so +RUN touch /usr/local/apache2/htdocs/index.html +CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"] diff --git a/httpserver/README.md b/httpserver/README.md index 3b6fda4..0d6bcc0 100644 --- a/httpserver/README.md +++ b/httpserver/README.md @@ -15,3 +15,9 @@ make start-http-server ``` make stop-http-server ``` + +### mod_authnz_jwt.so + +External library `mod_authnz_jwt.so` was added to the Apache server. This library wasn't changed in any way. +This library is supplied under the Apache License, Version 2.0 (the "License"). More info is available at +https://github.com/AnthonyDeroche/mod_authnz_jwt . diff --git a/httpserver/docker-compose.yml b/httpserver/docker-compose.yml index db1ee4b..0b80465 100644 --- a/httpserver/docker-compose.yml +++ b/httpserver/docker-compose.yml @@ -4,17 +4,20 @@ services: http-server: image: onap/org.onap.integration.simulators.httpserver ports: - - "7080:80" - - "7443:443" + - "32080:80" + - "8080:8080" + - "32443:443" + - "32000:32000" + - "32100:32100" volumes: - ~/httpservervolumes/:/usr/local/apache2/htdocs - - ./resources/.htaccess:/usr/local/apache2/htdocs/.htaccess - ./logs:/var/log/apache2 command: bash -c " echo 'Http Server start'; while [[ $$(ls -1 /etc/apache2/certs/ | wc -l) != '3' ]]; do echo 'Waiting for certs...'; sleep 3; done; chmod 777 /usr/local/apache2/htdocs; cp /usr/local/apache2/conf/upload.php /usr/local/apache2/htdocs/upload.php; + touch /usr/local/apache2/htdocs/index.html; /usr/sbin/apache2ctl -D FOREGROUND; " restart: on-failure diff --git a/httpserver/pom.xml b/httpserver/pom.xml index b0468f4..b775a83 100644 --- a/httpserver/pom.xml +++ b/httpserver/pom.xml @@ -27,11 +27,11 @@ org.onap.integration.simulators.pnf-simulator integration-pnf-simulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT httpserver - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT UTF-8 diff --git a/httpserver/resources/.htaccess b/httpserver/resources/.htaccess deleted file mode 100644 index f8ba228..0000000 --- a/httpserver/resources/.htaccess +++ /dev/null @@ -1,5 +0,0 @@ - AuthType Basic - AuthName "Secure file" - AuthBasicProvider file - AuthUserFile "/usr/local/apache2/passwd/.htpasswd" - Require valid-user diff --git a/httpserver/resources/.htpasswd b/httpserver/resources/.htpasswd deleted file mode 100644 index e991d18..0000000 --- a/httpserver/resources/.htpasswd +++ /dev/null @@ -1 +0,0 @@ -demo:$apr1$UhwaUkTW$lTHMzOU2TyNn6qM8P/zS3. diff --git a/httpserver/resources/apache-config.conf b/httpserver/resources/apache-config.conf deleted file mode 100644 index 910e20f..0000000 --- a/httpserver/resources/apache-config.conf +++ /dev/null @@ -1,49 +0,0 @@ - - ServerAdmin httpserver-onap.org - ServerName httpserver-onap.org - - DocumentRoot /usr/local/apache2/htdocs - - Options Indexes FollowSymLinks MultiViews - AllowOverride AuthConfig - Require all granted - - - ErrorLog ${APACHE_LOG_DIR}/error.log - CustomLog ${APACHE_LOG_DIR}/access.log combined - - - - - ServerAdmin httpserver-onap.org - ServerName httpserver-onap.org - - DocumentRoot /usr/local/apache2/htdocs - - SSLVerifyClient optional - SSLVerifyDepth 2 - SSLOptions +FakeBasicAuth +StrictRequire - - Require ssl-verify-client - - Options Indexes FollowSymLinks MultiViews - AuthType Basic - AuthName "Secure file" - AuthBasicProvider file - AuthUserFile "/usr/local/apache2/passwd/.htpasswd" - Require valid-user - - - SSLCACertificateFile /etc/apache2/certs/truststore.pem - SSLCertificateFile /etc/apache2/certs/keystore.pem - SSLCertificateKeyFile /etc/apache2/certs/key.pem - SSLEngine on - SSLProtocol -all +TLSv1.2 - SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 - SSLHonorCipherOrder off - SSLSessionTickets off - - ErrorLog ${APACHE_LOG_DIR}/error.log - CustomLog ${APACHE_LOG_DIR}/access.log combined - - diff --git a/httpserver/resources/apache2.conf b/httpserver/resources/apache2.conf index e43e3f6..13c805f 100644 --- a/httpserver/resources/apache2.conf +++ b/httpserver/resources/apache2.conf @@ -186,7 +186,7 @@ Include ports.conf # for additional configuration directives. See also the AllowOverride # directive. # -AccessFileName .htaccess +#AccessFileName .htaccess # # The following lines prevent .htaccess and .htpasswd files from being diff --git a/httpserver/resources/lib/libjwt.so.1.7.0 b/httpserver/resources/lib/libjwt.so.1.7.0 new file mode 100755 index 0000000..b22c527 Binary files /dev/null and b/httpserver/resources/lib/libjwt.so.1.7.0 differ diff --git a/httpserver/resources/local/.htpasswd b/httpserver/resources/local/.htpasswd new file mode 100644 index 0000000..e991d18 --- /dev/null +++ b/httpserver/resources/local/.htpasswd @@ -0,0 +1 @@ +demo:$apr1$UhwaUkTW$lTHMzOU2TyNn6qM8P/zS3. diff --git a/httpserver/resources/local/upload.php b/httpserver/resources/local/upload.php new file mode 100644 index 0000000..31dbaa3 --- /dev/null +++ b/httpserver/resources/local/upload.php @@ -0,0 +1,18 @@ + diff --git a/httpserver/resources/mods-enabled/auth_jwt.load b/httpserver/resources/mods-enabled/auth_jwt.load new file mode 100644 index 0000000..72eb3af --- /dev/null +++ b/httpserver/resources/mods-enabled/auth_jwt.load @@ -0,0 +1 @@ +LoadModule auth_jwt_module /usr/local/apache2/modules/mod_authnz_jwt.so diff --git a/httpserver/resources/modules/mod_authnz_jwt.so b/httpserver/resources/modules/mod_authnz_jwt.so new file mode 100644 index 0000000..2e2e834 Binary files /dev/null and b/httpserver/resources/modules/mod_authnz_jwt.so differ diff --git a/httpserver/resources/ports.conf b/httpserver/resources/ports.conf new file mode 100644 index 0000000..b7a16cd --- /dev/null +++ b/httpserver/resources/ports.conf @@ -0,0 +1,14 @@ +Listen 80 http +Listen 32000 http + + + Listen 443 https + Listen 8080 https + Listen 32100 https + + + + Listen 443 https + Listen 8080 https + Listen 32100 https + diff --git a/httpserver/resources/sites-enabled/000-default.conf b/httpserver/resources/sites-enabled/000-default.conf new file mode 100644 index 0000000..58e95ce --- /dev/null +++ b/httpserver/resources/sites-enabled/000-default.conf @@ -0,0 +1,132 @@ + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + Options Indexes FollowSymLinks MultiViews + AllowOverride None + AuthType Basic + AuthName "Secure file" + AuthBasicProvider file + AuthUserFile "/usr/local/apache2/passwd/.htpasswd" + Require valid-user + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerAdmin httpserver-onap.org + DocumentRoot "/usr/local/apache2/htdocs" + + AuthJWTSignatureAlgorithm HS256 + AuthJWTSignatureSharedSecret Q0hBTkdFTUU= + AuthJWTIss onap + + AllowOverride None + Options Indexes FollowSymLinks MultiViews + AuthType jwt + AuthName "Restricted Content" + Require valid-user + RewriteEngine On + RewriteCond %{HTTP:Authorization} ^(.*) + RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + SSLVerifyClient optional + SSLVerifyDepth 2 + SSLOptions +FakeBasicAuth +StrictRequire + + Require ssl-verify-client + + Options Indexes FollowSymLinks MultiViews + AuthType Basic + AuthName "Secure file" + AuthBasicProvider file + AuthUserFile "/usr/local/apache2/passwd/.htpasswd" + Require valid-user + + + SSLCACertificateFile /etc/apache2/certs/truststore.pem + SSLCertificateFile /etc/apache2/certs/keystore.pem + SSLCertificateKeyFile /etc/apache2/certs/key.pem + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + Require all granted + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /etc/apache2/certs/truststore.pem + SSLCertificateFile /etc/apache2/certs/keystore.pem + SSLCertificateKeyFile /etc/apache2/certs/key.pem + + + + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + AuthJWTSignatureAlgorithm HS256 + AuthJWTSignatureSharedSecret Q0hBTkdFTUU= + AuthJWTIss onap + + AllowOverride None + Options Indexes FollowSymLinks MultiViews + AuthType jwt + AuthName "Restricted Content" + Require valid-user + RewriteEngine On + RewriteCond %{HTTP:Authorization} ^(.*) + RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + SSLCACertificateFile /etc/apache2/certs/truststore.pem + SSLCertificateFile /etc/apache2/certs/keystore.pem + SSLCertificateKeyFile /etc/apache2/certs/key.pem + + diff --git a/httpserver/resources/upload.php b/httpserver/resources/upload.php deleted file mode 100644 index 31dbaa3..0000000 --- a/httpserver/resources/upload.php +++ /dev/null @@ -1,18 +0,0 @@ - diff --git a/netconfsimulator/pom.xml b/netconfsimulator/pom.xml index c173343..3dcb3c1 100644 --- a/netconfsimulator/pom.xml +++ b/netconfsimulator/pom.xml @@ -27,11 +27,11 @@ org.onap.integration.simulators.pnf-simulator integration-pnf-simulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT netconfsimulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT UTF-8 diff --git a/pnfsimulator/integration/pom.xml b/pnfsimulator/integration/pom.xml index e732525..8790a98 100644 --- a/pnfsimulator/integration/pom.xml +++ b/pnfsimulator/integration/pom.xml @@ -27,12 +27,12 @@ org.onap.integration.simulators.pnf-simulator integration-pnf-simulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT ../../pom.xml pnf-simulator-integration - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT pnf-simulator-integration diff --git a/pnfsimulator/pom.xml b/pnfsimulator/pom.xml index 15112e4..d31a8b8 100644 --- a/pnfsimulator/pom.xml +++ b/pnfsimulator/pom.xml @@ -27,11 +27,11 @@ org.onap.integration.simulators.pnf-simulator integration-pnf-simulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT pnfsimulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT pnfsimulator diff --git a/pnfsimulator/templates/notificationHttpServer.json b/pnfsimulator/templates/notificationHttpServer.json index f1bac68..f4fcc76 100644 --- a/pnfsimulator/templates/notificationHttpServer.json +++ b/pnfsimulator/templates/notificationHttpServer.json @@ -22,7 +22,7 @@ { "name": "C_28532_measData_pm_98.xml", "hashMap": { - "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "location": "http://demo:demo123456!@localhost:32080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", "compression": "gzip", "fileFormatType": "org.3GPP.32.435#measCollec", "fileFormatVersion": "V10" @@ -31,7 +31,7 @@ { "name": "C_28532_measData_pm_99.xml", "hashMap": { - "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "location": "http://demo:demo123456!@localhost:32080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", "compression": "gzip", "fileFormatType": "org.3GPP.32.435#measCollec", "fileFormatVersion": "V10" @@ -40,7 +40,7 @@ { "name": "C_28532_measData_pm_100.xml", "hashMap": { - "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "location": "http://demo:demo123456!@localhost:32080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", "compression": "gzip", "fileFormatType": "org.3GPP.32.435#measCollec", "fileFormatVersion": "V10" diff --git a/pom.xml b/pom.xml index dc8e4af..cfc23e7 100644 --- a/pom.xml +++ b/pom.xml @@ -33,7 +33,7 @@ org.onap.integration.simulators.pnf-simulator integration-pnf-simulator - 1.0.4-SNAPSHOT + 1.0.5-SNAPSHOT pnfsimulator httpserver diff --git a/sanitycheck/Makefile b/sanitycheck/Makefile index 3602875..896ac45 100644 --- a/sanitycheck/Makefile +++ b/sanitycheck/Makefile @@ -21,7 +21,7 @@ stop: upload-file-http-server: @echo "##### Upload file to Http server #####" - curl -F "uploaded_file=@./resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz" -u demo:demo123456! http://localhost:7080/upload.php + curl -F "uploaded_file=@./resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz" -u demo:demo123456! http://localhost:32080/upload.php @echo "\n##### DONE #####" generate-event: diff --git a/sanitycheck/events/eventToVesWithHttpServer.json b/sanitycheck/events/eventToVesWithHttpServer.json index 3d128e6..a5e0a27 100644 --- a/sanitycheck/events/eventToVesWithHttpServer.json +++ b/sanitycheck/events/eventToVesWithHttpServer.json @@ -23,7 +23,7 @@ { "name": "C_28532_measData_pm_98.xml", "hashMap": { - "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "location": "http://demo:demo123456!@localhost:32080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", "compression": "gzip", "fileFormatType": "org.3GPP.32.435#measCollec", "fileFormatVersion": "V10" diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml index a7b19e4..60cc553 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml +++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml @@ -6,7 +6,7 @@ networks: services: oom-cert-client-ves: - image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 + image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.1 container_name: oomcert-client-for-ves env_file: ./resources/certservice-client/client-configuration-for-ves.env networks: @@ -17,7 +17,7 @@ services: - ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks oom-cert-client-pnfsim: - image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 + image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.1 container_name: oomcert-client env_file: ./resources/certservice-client/client-configuration-for-pnfsim.env networks: @@ -28,7 +28,7 @@ services: - ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks oom-cert-client-httpserver: - image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 + image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.1 container_name: oomcert-client-for-httpserver env_file: ./resources/certservice-client/client-configuration-for-httpserver.env networks: diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-ejbca.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-ejbca.yml index 38b130f..a400eb9 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-ejbca.yml +++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-ejbca.yml @@ -27,7 +27,7 @@ services: - onap oom-cert-service: - image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.1.0 + image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.1.1 volumes: - ./resources/certservice/cmpServers.json:/etc/onap/oom/certservice/cmpServers.json - ./resources/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml index b52523e..1875598 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml +++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml @@ -38,14 +38,16 @@ services: http-server: image: nexus3.onap.org:10003/onap/org.onap.integration.simulators.httpserver ports: - - "7080:80" - - "7443:443" + - "8080:8080" + - "32000:32000" + - "32080:80" + - "32100:32100" + - "32443:443" networks: - pnfsimulator - public volumes: - ~/httpservervolumes/:/usr/local/apache2/htdocs - - ../../../httpserver/resources/.htaccess:/usr/local/apache2/htdocs/.htaccess - ../../../httpserver/logs:/var/log/apache2 - ./resources/certservice-client/client-volume-for-httpserver/:/etc/apache2/certs/ command: bash -c " @@ -53,6 +55,7 @@ services: while [[ $$(ls -1 /etc/apache2/certs/ | wc -l) != '3' ]]; do echo 'Waiting for certs...'; sleep 3; done; chmod 777 /usr/local/apache2/htdocs; cp /usr/local/apache2/conf/upload.php /usr/local/apache2/htdocs/upload.php; + touch /usr/local/apache2/htdocs/index.html; /usr/sbin/apache2ctl -D FOREGROUND; " restart: on-failure diff --git a/sanitycheck/pnfsimulator-secured/certservice/resources/certs/.gitignore b/sanitycheck/pnfsimulator-secured/certservice/resources/certs/.gitignore new file mode 100644 index 0000000..385dcde --- /dev/null +++ b/sanitycheck/pnfsimulator-secured/certservice/resources/certs/.gitignore @@ -0,0 +1,3 @@ +*.jks +*.p12 +*.crt diff --git a/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/.gitignore b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/.gitignore new file mode 100644 index 0000000..d7424ab --- /dev/null +++ b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/.gitignore @@ -0,0 +1,3 @@ +client-volume-for-httpserver +client-volume-for-pnfsim +client-volume-for-ves -- cgit 1.2.3-korg