diff options
Diffstat (limited to 'kubernetes/portal/components')
8 files changed, 673 insertions, 673 deletions
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties index 3dbf434322..7020a40bb4 100755 --- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties +++ b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties @@ -44,7 +44,7 @@ account_admin_role_id = 999 restricted_app_role_id = 900 # Home Page index html -home_page = /index.html +home_page = /index.html authentication_mechanism =DBAUTH diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml index e707e259ca..325da8e9e3 100644 --- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml +++ b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml @@ -4,7 +4,7 @@ ONAP Portal
===================================================================
Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- Modifications Copyright © 2018 Amdocs, Bell Canada
+ Modifications Copyright © 2018 Amdocs, Bell Canada
====================================================================
Unless otherwise specified, all software contained herein is licensed
under the Apache License, Version 2.0 (the “License”);
@@ -37,264 +37,264 @@ <!DOCTYPE xml>
<configuration scan="true" scanPeriod="3 seconds" debug="true">
- <!-- specify the component name -->
- <property name="componentName" value="onapportal"></property>
+ <!-- specify the component name -->
+ <property name="componentName" value="onapportal"></property>
- <!-- specify the application name -->
+ <!-- specify the application name -->
<property name="application_name" value="Portal"></property>
- <!-- specify the base path of the log directory -->
- <property name="logDirPrefix" value="/var/log/onap"></property>
-
- <!-- The directories where logs are written -->
- <property name="logDirectory" value="${logDirPrefix}/${componentName}" />
- <!-- Can easily relocate debug logs by modifying this path. -->
- <property name="debugLogDirectory" value="${logDirPrefix}/${componentName}" />
-
- <!-- log file names -->
- <property name="generalLogName" value="application" />
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <!-- These loggers are not used in code (yet). <property name="securityLogName"
- value="security" /> <property name="policyLogName" value="policy" /> <property
- name="performanceLogName" value="performance" /> <property name="serverLogName"
- value="server" /> -->
-
- <!-- ServerFQDN=Server, -->
- <property name="auditLoggerPattern"
- value="%X{AuditLogBeginTimestamp}|%X{AuditLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
-
- <property name="metricsLoggerPattern"
- value="%X{MetricsLogBeginTimestamp}|%X{MetricsLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVisualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
-
- <property name="errorLoggerPattern"
- value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{ErrorCategory}|%X{ErrorCode}|%X{ErrorDescription}| %msg%n" />
-
- <property name="defaultLoggerPattern"
- value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ClassName}| %msg%n" />
-
- <!-- use %class so library logging calls yield their class name -->
- <property name="applicationLoggerPattern"
- value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%class{36}| %msg%n" />
-
- <!--
- <property name="defaultPattern"
- value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
- <property name="debugLoggerPattern"
- value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
- -->
- <!-- <property name="debugLoggerPattern" value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n"
- /> -->
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>${applicationLoggerPattern}</pattern>
- </encoder>
- </appender>
-
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
-
- <!-- The EELFAppender is used to record events to the general application
- log -->
-
-
- <appender name="EELF"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${generalLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${generalLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${applicationLoggerPattern}</pattern>
- </encoder>
- <filter class="org.openecomp.portalapp.portal.utils.CustomLoggingFilter" />
- </appender>
-
- <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <!-- Class name is part of caller data -->
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="EELF" />
- </appender>
-
- <!-- EELF Security Appender. This appender is used to record security events
- to the security log file. Security events are separate from other loggers
- in EELF so that security log records can be captured and managed in a secure
- way separate from the other logs. This appender is set to never discard any
- events. -->
- <!-- <appender name="EELFSecurity" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${securityLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
- </appender> <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize> <discardingThreshold>0</discardingThreshold> <appender-ref
- ref="EELFSecurity" /> </appender> -->
-
- <!-- EELF Performance Appender. This appender is used to record performance
- records. -->
- <!-- <appender name="EELFPerformance" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${performanceLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <outputPatternAsHeader>true</outputPatternAsHeader>
- <pattern>${defaultPattern}</pattern> </encoder> </appender> <appender name="asyncEELFPerformance"
- class="ch.qos.logback.classic.AsyncAppender"> <queueSize>256</queueSize>
- <appender-ref ref="EELFPerformance" /> </appender> -->
-
- <!-- EELF Server Appender. This appender is used to record Server related
- logging events. The Server logger and appender are specializations of the
- EELF application root logger and appender. This can be used to segregate
- Server events from other components, or it can be eliminated to record these
- events as part of the application root log. -->
- <!-- <appender name="EELFServer" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${serverLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
- </appender> <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize> <appender-ref ref="EELFServer" /> </appender> -->
-
- <!-- EELF Policy Appender. This appender is used to record Policy engine
- related logging events. The Policy logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <!-- <appender name="EELFPolicy" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${policyLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip </fileNamePattern>
- <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
- </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
- </appender> <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize> <appender-ref ref="EELFPolicy" /> </appender> -->
-
- <!-- EELF Audit Appender. This appender is used to record audit engine related
- logging events. The audit logger and appender are specializations of the
- EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
-
- <appender name="EELFAudit"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${auditLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${auditLoggerPattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
-
- <appender name="EELFMetrics"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${metricsLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${metricsLoggerPattern}</pattern>
- </encoder>
- </appender>
-
-
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
-
- <appender name="EELFError"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${errorLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${errorLoggerPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFError" />
- </appender>
-
- <appender name="EELFDebug"
- class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${debugLogDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily roll over -->
- <fileNamePattern>${logDirectory}/${debugLogName}.log.%d{yyyy-MM-dd}.zip
- </fileNamePattern>
- <maxHistory>30</maxHistory>
- </rollingPolicy>
- <encoder>
- <pattern>${defaultLoggerPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>256</queueSize>
- <appender-ref ref="EELFDebug" />
- <includeCallerData>true</includeCallerData>
- </appender>
-
-
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf" level="info" additivity="false">
- <appender-ref ref="asyncEELF" />
- </logger>
-
- <!-- <logger name="com.att.eelf.security" level="info" additivity="false">
- <appender-ref ref="asyncEELFSecurity" /> </logger> <logger name="com.att.eelf.perf"
- level="info" additivity="false"> <appender-ref ref="asyncEELFPerformance"
- /> </logger> <logger name="com.att.eelf.server" level="info" additivity="false">
- <appender-ref ref="asyncEELFServer" /> </logger> <logger name="com.att.eelf.policy"
- level="info" additivity="false"> <appender-ref ref="asyncEELFPolicy" /> </logger> -->
-
- <logger name="EELFAudit" level="info" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
-
- <logger name="EELFMetrics" level="info" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
-
- <logger name="EELFError" level="info" additivity="false">
- <appender-ref ref="asyncEELFError" />
- </logger>
-
- <logger name="com.att.eelf.debug" level="debug" additivity="false">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="asyncEELF" />
- <appender-ref ref="STDOUT" />
- </root>
+ <!-- specify the base path of the log directory -->
+ <property name="logDirPrefix" value="/var/log/onap"></property>
+
+ <!-- The directories where logs are written -->
+ <property name="logDirectory" value="${logDirPrefix}/${componentName}" />
+ <!-- Can easily relocate debug logs by modifying this path. -->
+ <property name="debugLogDirectory" value="${logDirPrefix}/${componentName}" />
+
+ <!-- log file names -->
+ <property name="generalLogName" value="application" />
+ <property name="errorLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+ <!-- These loggers are not used in code (yet). <property name="securityLogName"
+ value="security" /> <property name="policyLogName" value="policy" /> <property
+ name="performanceLogName" value="performance" /> <property name="serverLogName"
+ value="server" /> -->
+
+ <!-- ServerFQDN=Server, -->
+ <property name="auditLoggerPattern"
+ value="%X{AuditLogBeginTimestamp}|%X{AuditLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
+
+ <property name="metricsLoggerPattern"
+ value="%X{MetricsLogBeginTimestamp}|%X{MetricsLogEndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{Timer}|%X{ServerFQDN}|%X{ClientIPAddress}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{TargetVisualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| %msg%n" />
+
+ <property name="errorLoggerPattern"
+ value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{ErrorCategory}|%X{ErrorCode}|%X{ErrorDescription}| %msg%n" />
+
+ <property name="defaultLoggerPattern"
+ value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%X{ClassName}| %msg%n" />
+
+ <!-- use %class so library logging calls yield their class name -->
+ <property name="applicationLoggerPattern"
+ value="%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%thread|%class{36}| %msg%n" />
+
+ <!--
+ <property name="defaultPattern"
+ value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
+ <property name="debugLoggerPattern"
+ value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}| %msg%n" />
+ -->
+ <!-- <property name="debugLoggerPattern" value="%date{ISO8601}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n"
+ /> -->
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${applicationLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+
+
+ <appender name="EELF"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${generalLogName}.log.%d{yyyy-MM-dd}.zip
+ </fileNamePattern>
+ <maxHistory>30</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${applicationLoggerPattern}</pattern>
+ </encoder>
+ <filter class="org.openecomp.portalapp.portal.utils.CustomLoggingFilter" />
+ </appender>
+
+ <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <!-- Class name is part of caller data -->
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="EELF" />
+ </appender>
+
+ <!-- EELF Security Appender. This appender is used to record security events
+ to the security log file. Security events are separate from other loggers
+ in EELF so that security log records can be captured and managed in a secure
+ way separate from the other logs. This appender is set to never discard any
+ events. -->
+ <!-- <appender name="EELFSecurity" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${securityLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${securityLogName}.%i.log.zip </fileNamePattern>
+ <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
+ </appender> <appender name="asyncEELFSecurity" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize> <discardingThreshold>0</discardingThreshold> <appender-ref
+ ref="EELFSecurity" /> </appender> -->
+
+ <!-- EELF Performance Appender. This appender is used to record performance
+ records. -->
+ <!-- <appender name="EELFPerformance" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${performanceLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${performanceLogName}.%i.log.zip </fileNamePattern>
+ <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy> <encoder> <outputPatternAsHeader>true</outputPatternAsHeader>
+ <pattern>${defaultPattern}</pattern> </encoder> </appender> <appender name="asyncEELFPerformance"
+ class="ch.qos.logback.classic.AsyncAppender"> <queueSize>256</queueSize>
+ <appender-ref ref="EELFPerformance" /> </appender> -->
+
+ <!-- EELF Server Appender. This appender is used to record Server related
+ logging events. The Server logger and appender are specializations of the
+ EELF application root logger and appender. This can be used to segregate
+ Server events from other components, or it can be eliminated to record these
+ events as part of the application root log. -->
+ <!-- <appender name="EELFServer" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${serverLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${serverLogName}.%i.log.zip </fileNamePattern>
+ <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
+ </appender> <appender name="asyncEELFServer" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize> <appender-ref ref="EELFServer" /> </appender> -->
+
+ <!-- EELF Policy Appender. This appender is used to record Policy engine
+ related logging events. The Policy logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <!-- <appender name="EELFPolicy" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${policyLogName}.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDirectory}/${policyLogName}.%i.log.zip </fileNamePattern>
+ <minIndex>1</minIndex> <maxIndex>9</maxIndex> </rollingPolicy> <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> <maxFileSize>5MB</maxFileSize>
+ </triggeringPolicy> <encoder> <pattern>${defaultPattern}</pattern> </encoder>
+ </appender> <appender name="asyncEELFPolicy" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize> <appender-ref ref="EELFPolicy" /> </appender> -->
+
+ <!-- EELF Audit Appender. This appender is used to record audit engine related
+ logging events. The audit logger and appender are specializations of the
+ EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+
+ <appender name="EELFAudit"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily roll over -->
+ <fileNamePattern>${logDirectory}/${auditLogName}.log.%d{yyyy-MM-dd}.zip
+ </fileNamePattern>
+ <maxHistory>30</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${auditLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+
+ <appender name="EELFMetrics"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily roll over -->
+ <fileNamePattern>${logDirectory}/${metricsLogName}.log.%d{yyyy-MM-dd}.zip
+ </fileNamePattern>
+ <maxHistory>30</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${metricsLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ </appender>
+
+ <appender name="EELFError"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily roll over -->
+ <fileNamePattern>${logDirectory}/${errorLogName}.log.%d{yyyy-MM-dd}.zip
+ </fileNamePattern>
+ <maxHistory>30</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${errorLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFError" />
+ </appender>
+
+ <appender name="EELFDebug"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${debugLogDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily roll over -->
+ <fileNamePattern>${logDirectory}/${debugLogName}.log.%d{yyyy-MM-dd}.zip
+ </fileNamePattern>
+ <maxHistory>30</maxHistory>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${defaultLoggerPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>256</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+
+
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf" level="info" additivity="false">
+ <appender-ref ref="asyncEELF" />
+ </logger>
+
+ <!-- <logger name="com.att.eelf.security" level="info" additivity="false">
+ <appender-ref ref="asyncEELFSecurity" /> </logger> <logger name="com.att.eelf.perf"
+ level="info" additivity="false"> <appender-ref ref="asyncEELFPerformance"
+ /> </logger> <logger name="com.att.eelf.server" level="info" additivity="false">
+ <appender-ref ref="asyncEELFServer" /> </logger> <logger name="com.att.eelf.policy"
+ level="info" additivity="false"> <appender-ref ref="asyncEELFPolicy" /> </logger> -->
+
+ <logger name="EELFAudit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+
+ <logger name="EELFMetrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+
+ <logger name="EELFError" level="info" additivity="false">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+
+ <logger name="com.att.eelf.debug" level="debug" additivity="false">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+
+ <root level="INFO">
+ <appender-ref ref="asyncEELF" />
+ <appender-ref ref="STDOUT" />
+ </root>
</configuration>
diff --git a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties index d246a6b0b1..34c7f1dee0 100755 --- a/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties +++ b/kubernetes/portal/components/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties @@ -45,20 +45,20 @@ application_user_id = 30000 post_default_role_id = 1 #Enable Fusion Mobile capabilities for the application -mobile_enable = false +mobile_enable = false cache_config_file_path = /WEB-INF/conf/cache.ccf cache_switch = 1 cache_load_on_startup = false -user_name = fullName -decryption_key = AGLDdG4D04BKm2IxIWEr8o== +user_name = fullName +decryption_key = AGLDdG4D04BKm2IxIWEr8o== #Cron Schedules cron_site_name = one log_cron = 0 * * * * ? * -sessiontimeout_feed_cron = 0 0/5 * * * ? * +sessiontimeout_feed_cron = 0 0/5 * * * ? * #Front end URL frontend_url = https://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/applicationsHome @@ -69,22 +69,22 @@ frontend_url = https://{{.Values.global.portalHostName}}:{{.Val # This value must be generated and updated at the time of # the deployment. # Online Unique UUID generator - https://www.uuidgenerator.net/ -instance_uuid = 90bc9497-10e6-49fe-916b-dcdfaa972383 +instance_uuid = 90bc9497-10e6-49fe-916b-dcdfaa972383 -elastic_search_url = http:// -contact_us_link = http:// -user_guide_link = http:// +elastic_search_url = http:// +contact_us_link = http:// +user_guide_link = http:// # Contact Us page properties -ush_ticket_url = http:// -feedback_email_address = portal@lists.onap.org -portal_info_url = https:// +ush_ticket_url = http:// +feedback_email_address = portal@lists.onap.org +portal_info_url = https:// #Online user bar refresh interval, in seconds -online_user_update_rate = 30 +online_user_update_rate = 30 #Online user bar refresh total duration, in seconds -online_user_update_duration = 300 +online_user_update_duration = 300 #authenticate user server authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/allUsers diff --git a/kubernetes/portal/components/portal-app/resources/server/web.xml b/kubernetes/portal/components/portal-app/resources/server/web.xml index 8f88e12666..7c4f2a7275 100644 --- a/kubernetes/portal/components/portal-app/resources/server/web.xml +++ b/kubernetes/portal/components/portal-app/resources/server/web.xml @@ -5,151 +5,151 @@ =================================================================== Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. =================================================================== - + Unless otherwise specified, all software contained herein is licensed under the Apache License, Version 2.0 (the "License"); you may not use this software except in compliance with the License. You may obtain a copy of the License at - + http://www.apache.org/licenses/LICENSE-2.0 - + Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - + Unless otherwise specified, all documentation contained herein is licensed under the Creative Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except in compliance with the License. You may obtain a copy of the License at - + https://creativecommons.org/licenses/by/4.0/ - + Unless required by applicable law or agreed to in writing, documentation distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - + ============LICENSE_END============================================ - - + + --> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> - <display-name>fusion</display-name> - - <!-- - <context-param> - <param-name>log4jConfigLocation</param-name> - <param-value>/WEB-INF/conf/log4j.properties</param-value> - </context-param> - - <listener> - <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> - </listener> - --> - - <!-- The Portal app can function on a HA cluster --> - <distributable/> - - <!-- <context-param> - <param-name>contextConfigLocation</param-name> - <param-value>/WEB-INF/oid-context.xml</param-value> - </context-param> - - <listener> - <listener-class> - org.springframework.web.context.ContextLoaderListener - </listener-class> - </listener> --> - - - <listener> - <listener-class>org.onap.portalapp.portal.listener.UserSessionListener</listener-class> - </listener> - <!-- - <filter> - <filter-name>springSessionRepositoryFilter</filter-name> - <filter-class>org.onap.portalapp.music.filter.MusicSessionRepositoryFilter</filter-class> - </filter> - <filter-mapping> - <filter-name>springSessionRepositoryFilter</filter-name> - <url-pattern>/*</url-pattern> - <dispatcher>REQUEST</dispatcher> - <dispatcher>ERROR</dispatcher> - </filter-mapping> - --> - <filter> - <filter-name>CorsFilter</filter-name> - <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> - <init-param> - <param-name>cors.allowed.origins</param-name> - <param-value>http://www.portal.onap.org:9200,http://www.portal.onap.org:9000</param-value> - </init-param> - <init-param> - <param-name>cors.allowed.methods</param-name> - <param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value> - </init-param> - <init-param> - <param-name>cors.allowed.headers</param-name> - <param-value>EPService,JSESSIONID,X-ECOMP-RequestID,X-Widgets-Type,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value> - </init-param> - <init-param> - <param-name>cors.exposed.headers</param-name> - <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value> - </init-param> - <init-param> - <param-name>cors.support.credentials</param-name> - <param-value>true</param-value> - </init-param> - <init-param> - <param-name>cors.preflight.maxage</param-name> - <param-value>10</param-value> - </init-param> - </filter> - + <display-name>fusion</display-name> + + <!-- + <context-param> + <param-name>log4jConfigLocation</param-name> + <param-value>/WEB-INF/conf/log4j.properties</param-value> + </context-param> + + <listener> + <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class> + </listener> + --> + + <!-- The Portal app can function on a HA cluster --> + <distributable/> + + <!-- <context-param> + <param-name>contextConfigLocation</param-name> + <param-value>/WEB-INF/oid-context.xml</param-value> + </context-param> + + <listener> + <listener-class> + org.springframework.web.context.ContextLoaderListener + </listener-class> + </listener> --> + + + <listener> + <listener-class>org.onap.portalapp.portal.listener.UserSessionListener</listener-class> + </listener> + <!-- + <filter> + <filter-name>springSessionRepositoryFilter</filter-name> + <filter-class>org.onap.portalapp.music.filter.MusicSessionRepositoryFilter</filter-class> + </filter> + <filter-mapping> + <filter-name>springSessionRepositoryFilter</filter-name> + <url-pattern>/*</url-pattern> + <dispatcher>REQUEST</dispatcher> + <dispatcher>ERROR</dispatcher> + </filter-mapping> + --> + <filter> + <filter-name>CorsFilter</filter-name> + <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> + <init-param> + <param-name>cors.allowed.origins</param-name> + <param-value>http://www.portal.onap.org:9200,http://www.portal.onap.org:9000</param-value> + </init-param> + <init-param> + <param-name>cors.allowed.methods</param-name> + <param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value> + </init-param> + <init-param> + <param-name>cors.allowed.headers</param-name> + <param-value>EPService,JSESSIONID,X-ECOMP-RequestID,X-Widgets-Type,Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value> + </init-param> + <init-param> + <param-name>cors.exposed.headers</param-name> + <param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value> + </init-param> + <init-param> + <param-name>cors.support.credentials</param-name> + <param-value>true</param-value> + </init-param> + <init-param> + <param-name>cors.preflight.maxage</param-name> + <param-value>10</param-value> + </init-param> + </filter> + <filter-mapping> <filter-name>CorsFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> - - <filter> - <filter-name>SecurityXssFilter</filter-name> - <filter-class>org.onap.portalapp.filter.SecurityXssFilter</filter-class> - </filter> - - <filter-mapping> - <filter-name>SecurityXssFilter</filter-name> - <url-pattern>/*</url-pattern> - </filter-mapping> -<!-- <filter> --> -<!-- <filter-name>CadiAuthFilter</filter-name> --> -<!-- <filter-class>org.onap.portalsdk.core.onboarding.crossapi.CadiAuthFilter</filter-class> --> -<!-- <init-param> --> -<!-- <param-name>cadi_prop_files</param-name> --> + + <filter> + <filter-name>SecurityXssFilter</filter-name> + <filter-class>org.onap.portalapp.filter.SecurityXssFilter</filter-class> + </filter> + + <filter-mapping> + <filter-name>SecurityXssFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> +<!-- <filter> --> +<!-- <filter-name>CadiAuthFilter</filter-name> --> +<!-- <filter-class>org.onap.portalsdk.core.onboarding.crossapi.CadiAuthFilter</filter-class> --> +<!-- <init-param> --> +<!-- <param-name>cadi_prop_files</param-name> --> <!-- Add Absolute path of cadi.properties --> -<!-- <param-value>{Path}/cadi.properties --> -<!-- </param-value> --> -<!-- </init-param> --> +<!-- <param-value>{Path}/cadi.properties --> +<!-- </param-value> --> +<!-- </init-param> --> <!-- Add param values with comma delimited values --> -<!-- <init-param> --> -<!-- <param-name>include_url_endpoints</param-name> --> -<!-- <param-value>/auxapi/*</param-value> --> -<!-- </init-param> --> -<!-- <init-param> --> -<!-- <param-name>exclude_url_endpoints</param-name> --> -<!-- <param-value>/api/v3/analytics,/api/v3/storeAnalytics</param-value> --> -<!-- </init-param> --> -<!-- </filter> --> -<!-- <filter-mapping> --> -<!-- <filter-name>CadiAuthFilter</filter-name> --> -<!-- <url-pattern>/auxapi/v3/*</url-pattern> --> -<!-- </filter-mapping> --> -<!-- <filter-mapping> --> -<!-- <filter-name>CadiAuthFilter</filter-name> --> -<!-- <url-pattern>/auxapi/v4/*</url-pattern> --> - -<!-- </filter-mapping> --> +<!-- <init-param> --> +<!-- <param-name>include_url_endpoints</param-name> --> +<!-- <param-value>/auxapi/*</param-value> --> +<!-- </init-param> --> +<!-- <init-param> --> +<!-- <param-name>exclude_url_endpoints</param-name> --> +<!-- <param-value>/api/v3/analytics,/api/v3/storeAnalytics</param-value> --> +<!-- </init-param> --> +<!-- </filter> --> +<!-- <filter-mapping> --> +<!-- <filter-name>CadiAuthFilter</filter-name> --> +<!-- <url-pattern>/auxapi/v3/*</url-pattern> --> +<!-- </filter-mapping> --> +<!-- <filter-mapping> --> +<!-- <filter-name>CadiAuthFilter</filter-name> --> +<!-- <url-pattern>/auxapi/v4/*</url-pattern> --> + +<!-- </filter-mapping> --> </web-app> diff --git a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql b/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql index 7827727ebc..a9771bfa5d 100644 --- a/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql +++ b/kubernetes/portal/components/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql @@ -19,7 +19,7 @@ CREATE KEYSPACE IF NOT EXISTS admin 'replication_factor': 1
}
AND DURABLE_WRITES = true;
-
+
CREATE TABLE IF NOT EXISTS admin.keyspace_master (
uuid uuid,
keyspace_name text,
@@ -86,7 +86,7 @@ CREATE TABLE portal.spring_session_attributes ( AND min_index_interval = 128
AND read_repair_chance = 0.0
AND speculative_retry = '99PERCENTILE';
-
+
CREATE KEYSPACE IF NOT EXISTS portalsdk
diff --git a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh index f5dcbff6bf..a363ab3bb0 100644 --- a/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh +++ b/kubernetes/portal/components/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -5,18 +5,18 @@ shopt -s nullglob # logging functions mysql_log() { - local type="$1"; shift - printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*" + local type="$1"; shift + printf '%s [%s] [Entrypoint]: %s\n' "$(date --rfc-3339=seconds)" "$type" "$*" } mysql_note() { - mysql_log Note "$@" + mysql_log Note "$@" } mysql_warn() { - mysql_log Warn "$@" >&2 + mysql_log Warn "$@" >&2 } mysql_error() { - mysql_log ERROR "$@" >&2 - exit 1 + mysql_log ERROR "$@" >&2 + exit 1 } # usage: file_env VAR [DEFAULT] @@ -24,170 +24,170 @@ mysql_error() { # (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of # "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - mysql_error "Both $var and $fileVar are set (but are exclusive)" - fi - local val="$def" - # val="${!var}" - # val="$(< "${!fileVar}")" - # eval replacement of the bashism equivalents above presents no security issue here - # since var and fileVar variables contents are derived from the file_env() function arguments. - # This method is only called inside this script with a limited number of possible values. - if [ "${!var:-}" ]; then - eval val=\$$var - elif [ "${!fileVar:-}" ]; then - val="$(< "$(eval echo "\$$fileVar")")" - fi - export "$var"="$val" - unset "$fileVar" + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + mysql_error "Both $var and $fileVar are set (but are exclusive)" + fi + local val="$def" + # val="${!var}" + # val="$(< "${!fileVar}")" + # eval replacement of the bashism equivalents above presents no security issue here + # since var and fileVar variables contents are derived from the file_env() function arguments. + # This method is only called inside this script with a limited number of possible values. + if [ "${!var:-}" ]; then + eval val=\$$var + elif [ "${!fileVar:-}" ]; then + val="$(< "$(eval echo "\$$fileVar")")" + fi + export "$var"="$val" + unset "$fileVar" } # check to see if this file is being run or sourced from another script _is_sourced() { - # https://unix.stackexchange.com/a/215279 - [ "${#FUNCNAME[@]}" -ge 2 ] \ - && [ "${FUNCNAME[0]}" = '_is_sourced' ] \ - && [ "${FUNCNAME[1]}" = 'source' ] + # https://unix.stackexchange.com/a/215279 + [ "${#FUNCNAME[@]}" -ge 2 ] \ + && [ "${FUNCNAME[0]}" = '_is_sourced' ] \ + && [ "${FUNCNAME[1]}" = 'source' ] } # usage: docker_process_init_files [file [file [...]]] # ie: docker_process_init_files /always-initdb.d/* # process initializer files, based on file extensions docker_process_init_files() { - # mysql here for backwards compatibility "${mysql[@]}" - mysql=( docker_process_sql ) - - echo - local f - for f; do - case "$f" in - *.sh) - # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936 - # https://github.com/docker-library/postgres/pull/452 - if [ -x "$f" ]; then - mysql_note "$0: running $f" - "$f" - else - mysql_note "$0: sourcing $f" - . "$f" - fi - ;; - *.sql) mysql_note "$0: running $f"; docker_process_sql < "$f"; echo ;; - *.sql.gz) mysql_note "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;; - *.sql.xz) mysql_note "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;; - *) mysql_warn "$0: ignoring $f" ;; - esac - echo - done + # mysql here for backwards compatibility "${mysql[@]}" + mysql=( docker_process_sql ) + + echo + local f + for f; do + case "$f" in + *.sh) + # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936 + # https://github.com/docker-library/postgres/pull/452 + if [ -x "$f" ]; then + mysql_note "$0: running $f" + "$f" + else + mysql_note "$0: sourcing $f" + . "$f" + fi + ;; + *.sql) mysql_note "$0: running $f"; docker_process_sql < "$f"; echo ;; + *.sql.gz) mysql_note "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;; + *.sql.xz) mysql_note "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;; + *) mysql_warn "$0: ignoring $f" ;; + esac + echo + done } mysql_check_config() { - local toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) errors - if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then - mysql_error "$(printf 'mysqld failed while attempting to check config\n\tcommand was: ')${toRun[*]}$(printf'\n\t')$errors" - fi + local toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) errors + if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then + mysql_error "$(printf 'mysqld failed while attempting to check config\n\tcommand was: ')${toRun[*]}$(printf'\n\t')$errors" + fi } # Fetch value from server config # We use mysqld --verbose --help instead of my_print_defaults because the # latter only show values present in config files, and not server defaults mysql_get_config() { - local conf="$1"; shift - "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \ - | awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }' - # match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)" + local conf="$1"; shift + "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \ + | awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }' + # match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)" } # Do a temporary startup of the MySQL server, for init purposes docker_temp_server_start() { - "$@" --skip-networking --socket="${SOCKET}" & - mysql_note "Waiting for server startup" - local i - for i in $(seq 30 -1 0); do - # only use the root password if the database has already been initializaed - # so that it won't try to fill in a password file when it hasn't been set yet - extraArgs="" - if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - extraArgs=${extraArgs}" --dont-use-mysql-root-password" - fi - if echo 'SELECT 1' |docker_process_sql ${extraArgs} --database=mysql >/dev/null 2>&1; then - break - fi - sleep 1 - done - if [ "$i" = 0 ]; then - mysql_error "Unable to start server." - fi + "$@" --skip-networking --socket="${SOCKET}" & + mysql_note "Waiting for server startup" + local i + for i in $(seq 30 -1 0); do + # only use the root password if the database has already been initializaed + # so that it won't try to fill in a password file when it hasn't been set yet + extraArgs="" + if [ -z "$DATABASE_ALREADY_EXISTS" ]; then + extraArgs=${extraArgs}" --dont-use-mysql-root-password" + fi + if echo 'SELECT 1' |docker_process_sql ${extraArgs} --database=mysql >/dev/null 2>&1; then + break + fi + sleep 1 + done + if [ "$i" = 0 ]; then + mysql_error "Unable to start server." + fi } # Stop the server. When using a local socket file mysqladmin will block until # the shutdown is complete. docker_temp_server_stop() { - if ! mysqladmin --defaults-extra-file=<( _mysql_passfile ) shutdown -uroot --socket="${SOCKET}"; then - mysql_error "Unable to shut down server." - fi + if ! mysqladmin --defaults-extra-file=<( _mysql_passfile ) shutdown -uroot --socket="${SOCKET}"; then + mysql_error "Unable to shut down server." + fi } # Verify that the minimally required password settings are set for new databases. docker_verify_minimum_env() { - if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then - mysql_error "$(printf'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD')" - fi + if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then + mysql_error "$(printf'Database is uninitialized and password option is not specified\n\tYou need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD')" + fi } # creates folders for the database # also ensures permission for user mysql of run as root docker_create_db_directories() { - local user; user="$(id -u)" + local user; user="$(id -u)" - # TODO other directories that are used by default? like /var/lib/mysql-files - # see https://github.com/docker-library/mysql/issues/562 - mkdir -p "$DATADIR" + # TODO other directories that are used by default? like /var/lib/mysql-files + # see https://github.com/docker-library/mysql/issues/562 + mkdir -p "$DATADIR" - if [ "$user" = "0" ]; then - # this will cause less disk access than `chown -R` - find "$DATADIR" \! -user mysql -exec chown mysql '{}' + - fi + if [ "$user" = "0" ]; then + # this will cause less disk access than `chown -R` + find "$DATADIR" \! -user mysql -exec chown mysql '{}' + + fi } # initializes the database directory docker_init_database_dir() { - mysql_note "Initializing database files" - installArgs=" --datadir=$DATADIR --rpm " - if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then - # beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password - # see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3 - # (this flag doesn't exist in 10.0 and below) - installArgs=${installArgs}" --auth-root-authentication-method=normal" - fi - # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here) - mysql_install_db ${installArgs} "$(echo ${@} | sed 's/^ *[^ ]* *//')" - mysql_note "Database files initialized" + mysql_note "Initializing database files" + installArgs=" --datadir=$DATADIR --rpm " + if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then + # beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password + # see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3 + # (this flag doesn't exist in 10.0 and below) + installArgs=${installArgs}" --auth-root-authentication-method=normal" + fi + # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here) + mysql_install_db ${installArgs} "$(echo ${@} | sed 's/^ *[^ ]* *//')" + mysql_note "Database files initialized" } # Loads various settings that are used elsewhere in the script # This should be called after mysql_check_config, but before any other functions docker_setup_env() { - # Get config - declare -g DATADIR SOCKET - DATADIR="$(mysql_get_config 'datadir' "$@")" - SOCKET="$(mysql_get_config 'socket' "$@")" - - # Initialize values that might be stored in a file - file_env 'MYSQL_ROOT_HOST' '%' - file_env 'MYSQL_DATABASE' - file_env 'MYSQL_USER' - file_env 'MYSQL_PASSWORD' - file_env 'MYSQL_ROOT_PASSWORD' - file_env 'PORTAL_DB_TABLES' - - declare -g DATABASE_ALREADY_EXISTS - if [ -d "$DATADIR/mysql" ]; then - DATABASE_ALREADY_EXISTS='true' - fi + # Get config + declare -g DATADIR SOCKET + DATADIR="$(mysql_get_config 'datadir' "$@")" + SOCKET="$(mysql_get_config 'socket' "$@")" + + # Initialize values that might be stored in a file + file_env 'MYSQL_ROOT_HOST' '%' + file_env 'MYSQL_DATABASE' + file_env 'MYSQL_USER' + file_env 'MYSQL_PASSWORD' + file_env 'MYSQL_ROOT_PASSWORD' + file_env 'PORTAL_DB_TABLES' + + declare -g DATABASE_ALREADY_EXISTS + if [ -d "$DATADIR/mysql" ]; then + DATABASE_ALREADY_EXISTS='true' + fi } # Execute sql script, passed via stdin @@ -195,178 +195,178 @@ docker_setup_env() { # ie: docker_process_sql --database=mydb <<<'INSERT ...' # ie: docker_process_sql --dont-use-mysql-root-password --database=mydb <my-file.sql docker_process_sql() { - passfileArgs="" - if [ '--dont-use-mysql-root-password' = "$1" ]; then - passfileArgs=${passfileArgs}" $1" - shift - fi - # args sent in can override this db, since they will be later in the command - if [ -n "$MYSQL_DATABASE" ]; then - set -- --database="$MYSQL_DATABASE" "$@" - fi - - mysql --defaults-extra-file=<( _mysql_passfile ${passfileArgs}) --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@" + passfileArgs="" + if [ '--dont-use-mysql-root-password' = "$1" ]; then + passfileArgs=${passfileArgs}" $1" + shift + fi + # args sent in can override this db, since they will be later in the command + if [ -n "$MYSQL_DATABASE" ]; then + set -- --database="$MYSQL_DATABASE" "$@" + fi + + mysql --defaults-extra-file=<( _mysql_passfile ${passfileArgs}) --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" "$@" } # Initializes database with timezone info and root password, plus optional extra db/user docker_setup_db() { - # Load timezone info into database - if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then - { - # Aria in 10.4+ is slow due to "transactional" (crash safety) - # https://jira.mariadb.org/browse/MDEV-23326 - # https://github.com/docker-library/mariadb/issues/262 - local tztables=( time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type ) - for table in "${tztables[@]}"; do - echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=0 */;" - done - - # sed is for https://bugs.mysql.com/bug.php?id=20545 - mysql_tzinfo_to_sql /usr/share/zoneinfo \ - | sed 's/Local time zone must be set--see zic manual page/FCTY/' - - for table in "${tztables[@]}"; do - echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=1 */;" - done - } | docker_process_sql --dont-use-mysql-root-password --database=mysql - # tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is not set yet - fi - # Generate random root password - if [ -n "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then - export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)" - mysql_note "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD" - fi - # Sets root password and creates root users for non-localhost hosts - local rootCreate= - # default root to listen for connections from anywhere - if [ -n "$MYSQL_ROOT_HOST" ] && [ "$MYSQL_ROOT_HOST" != 'localhost' ]; then - # no, we don't care if read finds a terminating character in this heredoc - # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151 - read -r -d '' rootCreate <<-EOSQL || true - CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ; - GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ; - EOSQL - fi - - # tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is just now being set - docker_process_sql --dont-use-mysql-root-password --database=mysql <<-EOSQL - -- What's done in this file shouldn't be replicated - -- or products like mysql-fabric won't work - SET @@SESSION.SQL_LOG_BIN=0; - - DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mariadb.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ; - SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; - -- 10.1: https://github.com/MariaDB/server/blob/d925aec1c10cebf6c34825a7de50afe4e630aff4/scripts/mysql_secure_installation.sh#L347-L365 - -- 10.5: https://github.com/MariaDB/server/blob/00c3a28820c67c37ebbca72691f4897b57f2eed5/scripts/mysql_secure_installation.sh#L351-L369 - DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%' ; - - GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ; - FLUSH PRIVILEGES ; - ${rootCreate} - DROP DATABASE IF EXISTS test ; - EOSQL - - # Creates a custom database and user if specified - if [ -n "$MYSQL_DATABASE" ]; then - mysql_note "Creating database ${MYSQL_DATABASE}" - echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" |docker_process_sql --database=mysql - fi - - if [ -n "$MYSQL_USER" ] && [ -n "$MYSQL_PASSWORD" ]; then - mysql_note "Creating user ${MYSQL_USER}" - echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" |docker_process_sql --database=mysql - - if [ -n "$MYSQL_DATABASE" ]; then - mysql_note "Giving user ${MYSQL_USER} access to schema ${MYSQL_DATABASE}" - echo "GRANT ALL ON \`$(echo $MYSQL_DATABASE | sed 's@_@\\_@g')\`.* TO '$MYSQL_USER'@'%' ;" | docker_process_sql --database=mysql - fi - - echo "FLUSH PRIVILEGES ;" | docker_process_sql --database=mysql - fi + # Load timezone info into database + if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then + { + # Aria in 10.4+ is slow due to "transactional" (crash safety) + # https://jira.mariadb.org/browse/MDEV-23326 + # https://github.com/docker-library/mariadb/issues/262 + local tztables=( time_zone time_zone_leap_second time_zone_name time_zone_transition time_zone_transition_type ) + for table in "${tztables[@]}"; do + echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=0 */;" + done + + # sed is for https://bugs.mysql.com/bug.php?id=20545 + mysql_tzinfo_to_sql /usr/share/zoneinfo \ + | sed 's/Local time zone must be set--see zic manual page/FCTY/' + + for table in "${tztables[@]}"; do + echo "/*!100400 ALTER TABLE $table TRANSACTIONAL=1 */;" + done + } | docker_process_sql --dont-use-mysql-root-password --database=mysql + # tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is not set yet + fi + # Generate random root password + if [ -n "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then + export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)" + mysql_note "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD" + fi + # Sets root password and creates root users for non-localhost hosts + local rootCreate= + # default root to listen for connections from anywhere + if [ -n "$MYSQL_ROOT_HOST" ] && [ "$MYSQL_ROOT_HOST" != 'localhost' ]; then + # no, we don't care if read finds a terminating character in this heredoc + # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151 + read -r -d '' rootCreate <<-EOSQL || true + CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ; + GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ; +EOSQL + fi + + # tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is just now being set + docker_process_sql --dont-use-mysql-root-password --database=mysql <<-EOSQL + -- What's done in this file shouldn't be replicated + -- or products like mysql-fabric won't work + SET @@SESSION.SQL_LOG_BIN=0; + + DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mariadb.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ; + SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; + -- 10.1: https://github.com/MariaDB/server/blob/d925aec1c10cebf6c34825a7de50afe4e630aff4/scripts/mysql_secure_installation.sh#L347-L365 + -- 10.5: https://github.com/MariaDB/server/blob/00c3a28820c67c37ebbca72691f4897b57f2eed5/scripts/mysql_secure_installation.sh#L351-L369 + DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%' ; + + GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ; + FLUSH PRIVILEGES ; + ${rootCreate} + DROP DATABASE IF EXISTS test ; +EOSQL + + # Creates a custom database and user if specified + if [ -n "$MYSQL_DATABASE" ]; then + mysql_note "Creating database ${MYSQL_DATABASE}" + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" |docker_process_sql --database=mysql + fi + + if [ -n "$MYSQL_USER" ] && [ -n "$MYSQL_PASSWORD" ]; then + mysql_note "Creating user ${MYSQL_USER}" + echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" |docker_process_sql --database=mysql + + if [ -n "$MYSQL_DATABASE" ]; then + mysql_note "Giving user ${MYSQL_USER} access to schema ${MYSQL_DATABASE}" + echo "GRANT ALL ON \`$(echo $MYSQL_DATABASE | sed 's@_@\\_@g')\`.* TO '$MYSQL_USER'@'%' ;" | docker_process_sql --database=mysql + fi + + echo "FLUSH PRIVILEGES ;" | docker_process_sql --database=mysql + fi } _mysql_passfile() { - # echo the password to the "file" the client uses - # the client command will use process substitution to create a file on the fly - # ie: --defaults-extra-file=<( _mysql_passfile ) - if [ '--dont-use-mysql-root-password' != "$1" ] && [ -n "$MYSQL_ROOT_PASSWORD" ]; then - cat <<-EOF - [client] - password="${MYSQL_ROOT_PASSWORD}" - EOF - fi + # echo the password to the "file" the client uses + # the client command will use process substitution to create a file on the fly + # ie: --defaults-extra-file=<( _mysql_passfile ) + if [ '--dont-use-mysql-root-password' != "$1" ] && [ -n "$MYSQL_ROOT_PASSWORD" ]; then + cat <<-EOF + [client] + password="${MYSQL_ROOT_PASSWORD}" +EOF + fi } # check arguments for an option that would cause mysqld to stop # return true if there is one _mysql_want_help() { - local arg - for arg; do - case "$arg" in - -'?'|--help|--print-defaults|-V|--version) - return 0 - ;; - esac - done - return 1 + local arg + for arg; do + case "$arg" in + -'?'|--help|--print-defaults|-V|--version) + return 0 + ;; + esac + done + return 1 } _main() { - # if command starts with an option, prepend mysqld - if echo "$1" | grep '^-' >/dev/null; then - set -- mysqld "$@" - fi - - # skip setup if they aren't running mysqld or want an option that stops mysqld - if [ "$1" = 'mysqld' ] && ! _mysql_want_help "$@"; then - mysql_note "Entrypoint script for MySQL Server ${MARIADB_VERSION} started." - - mysql_check_config "$@" - # Load various environment variables - docker_setup_env "$@" - docker_create_db_directories - - # If container is started as root user, restart as dedicated mysql user - if [ "$(id -u)" = "0" ]; then - mysql_note "Switching to dedicated user 'mysql'" - exec gosu mysql "$0" "$@" - fi - - # there's no database, so it needs to be initialized - if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - docker_verify_minimum_env - - # check dir permissions to reduce likelihood of half-initialized database - ls /docker-entrypoint-initdb.d/ > /dev/null - - docker_init_database_dir "$@" - - mysql_note "Starting temporary server" - docker_temp_server_start "$@" - mysql_note "Temporary server started." - - docker_setup_db - docker_process_init_files /docker-entrypoint-initdb.d/* - - for i in $(echo $PORTAL_DB_TABLES | sed "s/,/ /g") - do - echo "Granting portal user ALL PRIVILEGES for table $i" - echo "GRANT ALL ON \`$i\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}" - done - - mysql_note "Stopping temporary server" - docker_temp_server_stop - mysql_note "Temporary server stopped" - - echo - mysql_note "MySQL init process done. Ready for start up." - echo - fi - fi - exec "$@" + # if command starts with an option, prepend mysqld + if echo "$1" | grep '^-' >/dev/null; then + set -- mysqld "$@" + fi + + # skip setup if they aren't running mysqld or want an option that stops mysqld + if [ "$1" = 'mysqld' ] && ! _mysql_want_help "$@"; then + mysql_note "Entrypoint script for MySQL Server ${MARIADB_VERSION} started." + + mysql_check_config "$@" + # Load various environment variables + docker_setup_env "$@" + docker_create_db_directories + + # If container is started as root user, restart as dedicated mysql user + if [ "$(id -u)" = "0" ]; then + mysql_note "Switching to dedicated user 'mysql'" + exec gosu mysql "$0" "$@" + fi + + # there's no database, so it needs to be initialized + if [ -z "$DATABASE_ALREADY_EXISTS" ]; then + docker_verify_minimum_env + + # check dir permissions to reduce likelihood of half-initialized database + ls /docker-entrypoint-initdb.d/ > /dev/null + + docker_init_database_dir "$@" + + mysql_note "Starting temporary server" + docker_temp_server_start "$@" + mysql_note "Temporary server started." + + docker_setup_db + docker_process_init_files /docker-entrypoint-initdb.d/* + + for i in $(echo $PORTAL_DB_TABLES | sed "s/,/ /g") + do + echo "Granting portal user ALL PRIVILEGES for table $i" + echo "GRANT ALL ON \`$i\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}" + done + + mysql_note "Stopping temporary server" + docker_temp_server_stop + mysql_note "Temporary server stopped" + + echo + mysql_note "MySQL init process done. Ready for start up." + echo + fi + fi + exec "$@" } # If we are sourced from elsewhere, don't perform any further actions if ! _is_sourced; then - _main "$@" + _main "$@" fi diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties index 4bb51c1a8a..4d26240be4 100755 --- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties +++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties @@ -59,4 +59,4 @@ ueb_app_mailbox_name = ECOMP-PORTAL-OUTBOX-APP1 # Use the special tag '{UUID}' to generate a unique one for each sdk-app server. ueb_app_consumer_group_name = {UUID} -decryption_key = AGLDdG4D04BKm2IxIWEr8o== +decryption_key = AGLDdG4D04BKm2IxIWEr8o== diff --git a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties index aad5044fbf..3873da13a9 100755 --- a/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties +++ b/kubernetes/portal/components/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties @@ -26,15 +26,15 @@ post_default_role_id = 16 clustered = true #Enable Fusion Mobile capabilities for the application -mobile_enable = false +mobile_enable = false # Cache config file is needed on the classpath cache_config_file_path = /WEB-INF/classes/cache.ccf cache_switch = 199 cache_load_on_startup = false -user_name = fullName -decryption_key = AGLDdG4D04BKm2IxIWEr8o== +user_name = fullName +decryption_key = AGLDdG4D04BKm2IxIWEr8o== ########################################################################## # The following properties MAY require changes by partner applications. @@ -61,7 +61,7 @@ element_map_icon_path = app/fusionapp/icons/ #Cron Schedules log_cron = 0 0/1 * * * ?; mylogins_feed_cron = 0 0/60 * * * ?; -#sessiontimeout_feed_cron = 0 * * * * ? * +#sessiontimeout_feed_cron = 0 * * * * ? * my_login_feed_output_dir = /tmp/MyLogins # Link shown in Help menu |