diff options
author | Bogumil Zebek <bogumil.zebek@nokia.com> | 2020-03-20 08:16:09 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-03-20 08:16:09 +0000 |
commit | 4b65b3c32da416ebfecb7eac808d76d89ae4b2a8 (patch) | |
tree | f03cd1392043d474a27765eca4d02b48eb925c44 /certService | |
parent | 7186c63f4d7e0ffea202f793c5c5d769e0e08af2 (diff) | |
parent | f404a66530eac7b072014af437deb1771977b1f4 (diff) |
Merge "Add certservice client to Makefile (local run)"
Diffstat (limited to 'certService')
-rw-r--r-- | certService/Makefile | 31 | ||||
-rw-r--r-- | certService/README.md | 61 | ||||
-rw-r--r-- | certService/docker-compose.yml | 40 | ||||
-rwxr-xr-x | certService/src/main/resources/scripts/ejbca-configuration.sh | 19 |
4 files changed, 1 insertions, 150 deletions
diff --git a/certService/Makefile b/certService/Makefile deleted file mode 100644 index b1b63b4d..00000000 --- a/certService/Makefile +++ /dev/null @@ -1,31 +0,0 @@ -all: build start stop -.PHONY: build - -build: - @echo "##### Build Cert Service images locally #####" - mvn clean install -P docker - @echo "##### DONE #####" -start: - @echo "##### Start Cert Service #####" - docker-compose up -d - @echo "## Configure ejbca ##" - docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh - @echo "##### DONE #####" -stop: - @echo "##### Stop Cert Service #####" - docker-compose down - @echo "##### DONE #####" - - - - - - - - - - - - - - diff --git a/certService/README.md b/certService/README.md index 9f23504e..8e7fccc4 100644 --- a/certService/README.md +++ b/certService/README.md @@ -48,8 +48,6 @@ mvn clean install ### Building Docker image and install the package into local repository ``` mvn clean install -P docker -or -make build ``` ### Running Docker container local @@ -61,25 +59,7 @@ docker run -p 8080:8080 --name aaf-certservice-api --mount type=bind,source=/<ab ``` docker run -p 8080:8080 --name aaf-certservice-api --mount type=bind,source=/<absolute_path>/cmpServers.json,target=/etc/onap/aaf/certservice/cmpServers.json nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:1.0.0 ``` - -### Running Docker container from docker-compose with EJBCA -Docker-compose uses a local image of certservice. -Build a docker image locally before run docker compose command. -``` -1. Build local image -make build -2. Start Cert Service with configured EJBCA -make start -3. Stop containers -make stop -``` -### Running with Helm -1. Use environment/server with installed kubernetes and helm. -2. Copy helm/aaf-cert-service directory to that environment. -3. Enter that environment -4. Run ```helm install ./aaf-cert-service``` - ### Health Check Browser: ``` @@ -92,23 +72,6 @@ curl localhost:8080/actuator/health ``` Should return {"status":"UP"} -### AAF CertService CSITs -#### CSIT repository -``` -https://gerrit.onap.org/r/admin/repos/integration/csit -``` - -####How to run tests locally -1. Checkout CSIT repository -2. Configure CSIT local environment -3. Inside CSIT directory execute -``` -sudo ./run-csit.sh plans/aaf/certservice -``` - -####Jenkins build -https://jenkins.onap.org/view/CSIT/job/aaf-master-csit-certservice/ - ### Logs locally path: @@ -127,31 +90,9 @@ cd /var/log/onap/aaf/certservice You should see: audit.log error.log trace.log -### Sonar results -``` -https://sonarcloud.io/dashboard?id=onap_aaf-certservice -``` - -### Maven artifacts -All maven artifacts are deployed under nexus uri: -``` -https://nexus.onap.org/content/repositories/snapshots/org/onap/aaf/certservice/ -``` - -### Docker artifacts -All docker images are hosted under nexus3 uri: -``` -https://nexus3.onap.org/repository/docker.snapshot/v2/onap/org.onap.aaf.certservice.aaf-certservice-api/ -``` - ### RestAPI API is described by Swagger ( OpenAPI 3.0 ) on endpoint /docs ( endpoint is defined in properties as springdoc.swagger-ui.path ) ``` http://localchost:8080/docs -``` - -### Sonar results -``` -https://sonarcloud.io/dashboard?id=onap_aaf-certservice -``` +```
\ No newline at end of file diff --git a/certService/docker-compose.yml b/certService/docker-compose.yml deleted file mode 100644 index 2f4f4b4a..00000000 --- a/certService/docker-compose.yml +++ /dev/null @@ -1,40 +0,0 @@ -version: "2.1" - -services: - ejbca: - image: primekey/ejbca-ce:6.15.2.5 - hostname: cahostname - container_name: aafcert-ejbca - ports: - - "80:8080" - - "443:8443" - volumes: - - ./src/main/resources/scripts/:/opt/primekey/scripts - command: bash -c " - /opt/primekey/bin/start.sh - " - healthcheck: - test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"] - interval: 10s - timeout: 3s - retries: 9 - networks: - - certservice - - certservice: - image: onap/org.onap.aaf.certservice.aaf-certservice-api:latest - volumes: - - ./helm/aaf-cert-service/resources/cmpServers.json:/etc/onap/aaf/certservice/cmpServers.json - container_name: aafcert-service - ports: - - "8080:8080" - depends_on: - ejbca: - condition: service_healthy - networks: - - certservice - - -networks: - certservice: - driver: bridge diff --git a/certService/src/main/resources/scripts/ejbca-configuration.sh b/certService/src/main/resources/scripts/ejbca-configuration.sh deleted file mode 100755 index 77f5c555..00000000 --- a/certService/src/main/resources/scripts/ejbca-configuration.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -configureEjbca() { - ejbca.sh config cmp addalias --alias cmpRA - ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra - ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value mypassword - ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value pbe - ejbca.sh config cmp dumpalias --alias cmpRA - ejbca.sh config cmp addalias --alias cmp - ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true - ejbca.sh config cmp updatealias --alias cmp --key responseprotection --value pbe - ejbca.sh ra addendentity --username Node123 --dn "CN=Node123" --caname ManagementCA --password mypassword --type 1 --token USERGENERATED - ejbca.sh ra setclearpwd --username Node123 --password mypassword - ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN - ejbca.sh config cmp dumpalias --alias cmp - ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem -} - -configureEjbca |