[DMAAP][MR] Retrieve certs automatically

Instead of hardcoding certificates inside the container, use cert initializer in order to retrieve them automatically at start. Issue-ID: DMAAP-1547 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I7fcb8831539d8d9d5d25bcaae44a3c66672f7b1a
author: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2021-02-10 12:11:53 +0100
committer: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2021-03-26 12:32:37 +0000
commit: e5b6ffc663a2314fd545aa540cbdee6380adf00b (patch)
tree: 9c83d29d65814e1efeeb65096bd03bb3c547b5d9 /kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml
parent: a81ab13a27971888892bee0d4326746ac89a5e8f (diff)
1 files changed, 138 insertions, 0 deletions
diff --git a/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml b/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml
new file mode 100644
index 0000000000..49196e441b
--- /dev/null
+++ b/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml
@@ -0,0 +1,138 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- {{/*
+    ============LICENSE_START=======================================================
+    org.onap.dmaap
+    ================================================================================
+    Copyright © 2017-2021 AT&T Intellectual Property. All rights reserved.
+    Copyright © 2021 Orange Intellectual Property. All rights reserved.
+    ================================================================================
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+          http://www.apache.org/licenses/LICENSE-2.0
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+    ============LICENSE_END=========================================================
+    ECOMP is a trademark and service mark of AT&T Intellectual Property.
+*/}}
+-->
+
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd">
+<Configure id="ajsc-server" class="org.eclipse.jetty.server.Server">
+  <!-- DO NOT REMOVE!!!! This is setting up the AJSC Context -->
+  <New id="ajscContext" class="org.eclipse.jetty.webapp.WebAppContext">
+    <Set name="contextPath"><SystemProperty name="AJSC_CONTEXT_PATH" /></Set>
+    <Set name="extractWAR">true</Set>
+    <Set name="tempDirectory"><SystemProperty name="AJSC_TEMP_DIR" /></Set>
+    <Set name="war"><SystemProperty name="AJSC_WAR_PATH" /></Set>
+    <Set name="descriptor"><SystemProperty name="AJSC_HOME" />/etc/runner-web.xml</Set>
+    <Set name="overrideDescriptor"><SystemProperty name="AJSC_HOME" />/etc/ajsc-override-web.xml</Set>
+    <Set name="throwUnavailableOnStartupException">true</Set>
+    <Set name="extraClasspath"><SystemProperty name="AJSC_HOME" />/extJars/json-20131018.jar</Set>
+    <Set name="servletHandler">
+      <New class="org.eclipse.jetty.servlet.ServletHandler">
+        <Set name="startWithUnavailable">false</Set>
+      </New>
+    </Set>
+  </New>
+
+  <Set name="handler">
+    <New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection">
+      <Set name="Handlers">
+        <Array type="org.eclipse.jetty.webapp.WebAppContext">
+          <Item>
+            <Ref refid="ajscContext" />
+          </Item>
+        </Array>
+      </Set>
+    </New>
+  </Set>
+
+  <Call name="addBean">
+    <Arg>
+      <New id="DeploymentManager" class="org.eclipse.jetty.deploy.DeploymentManager">
+        <Set name="contexts">
+          <Ref refid="Contexts" />
+        </Set>
+        <Call id="extAppHotDeployProvider" name="addAppProvider">
+          <Arg>
+            <New class="org.eclipse.jetty.deploy.providers.WebAppProvider">
+              <Set name="monitoredDirName"><SystemProperty name="AJSC_HOME" />/extApps</Set>
+              <Set name="scanInterval">10</Set>
+              <Set name="extractWars">true</Set>
+            </New>
+          </Arg>
+        </Call>
+      </New>
+    </Arg>
+  </Call>
+
+  <Call name="addConnector">
+    <Arg>
+      <New class="org.eclipse.jetty.server.ServerConnector">
+        <Arg name="server">
+          <Ref refid="ajsc-server" />
+        </Arg>
+        <Set name="port"><SystemProperty name="AJSC_HTTP_PORT" default="8080" /></Set>
+      </New>
+    </Arg>
+  </Call>
+
+
+  <!-- SSL Keystore configuration -->
+
+  <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
+    <Set name="KeyStorePath">{{.Values.certInitializer.appMountPath}}/local/{{.Values.certInitializer.fqi_namespace}}.jks</Set>
+    <Set name="KeyStorePassword">${KEYSTORE_PASSWORD}</Set>
+    <Set name="KeyManagerPassword">${KEYSTORE_PASSWORD}</Set>
+    <Set name="WantClientAuth">true</Set>
+  </New>
+  <Call id="sslConnector" name="addConnector">
+    <Arg>
+      <New class="org.eclipse.jetty.server.ServerConnector">
+        <Arg name="server">
+          <Ref refid="ajsc-server" />
+        </Arg>
+        <Arg name="factories">
+          <Array type="org.eclipse.jetty.server.ConnectionFactory">
+            <Item>
+              <New class="org.eclipse.jetty.server.SslConnectionFactory">
+                <Arg name="next">http/1.1</Arg>
+                <Arg name="sslContextFactory">
+                  <Ref refid="sslContextFactory" />
+                </Arg>
+              </New>
+            </Item>
+            <Item>
+              <New class="org.eclipse.jetty.server.HttpConnectionFactory">
+                <Arg name="config">
+                  <New class="org.eclipse.jetty.server.HttpConfiguration">
+                    <Call name="addCustomizer">
+                      <Arg>
+                        <New class="org.eclipse.jetty.server.SecureRequestCustomizer" />
+                      </Arg>
+                    </Call>
+                  </New>
+                </Arg>
+              </New>
+            </Item>
+          </Array>
+        </Arg>
+        <Set name="port"><SystemProperty name="AJSC_HTTPS_PORT" default="0" /></Set>
+        <Set name="idleTimeout">30000</Set>
+      </New>
+    </Arg>
+  </Call>
+
+
+  <Get name="ThreadPool">
+    <Set name="minThreads"><SystemProperty name="AJSC_JETTY_ThreadCount_MIN" /></Set>
+    <Set name="maxThreads"><SystemProperty name="AJSC_JETTY_ThreadCount_MAX" /></Set>
+    <Set name="idleTimeout"><SystemProperty name="AJSC_JETTY_IDLETIME_MAX" /></Set>
+    <Set name="detailedDump">false</Set>
+  </Get>
+
+</Configure>
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2021-02-10 12:11:53 +0100
committer	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2021-03-26 12:32:37 +0000
commit	e5b6ffc663a2314fd545aa540cbdee6380adf00b (patch)
tree	9c83d29d65814e1efeeb65096bd03bb3c547b5d9 /kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml
parent	a81ab13a27971888892bee0d4326746ac89a5e8f (diff)