diff options
| author |   sebdet <sebastien.determe@intl.att.com> | 2019-08-27 17:56:04 -0700 |
|---|---|---|
| committer | sebdet <sebastien.determe@intl.att.com> | 2019-08-28 15:59:05 +0200 |
| commit | 1e86592650fc695615e0fa34c947b32693d03466 (patch) | |
| tree | e970e02d2cb56c94276971a271f028db9471f0ac /src | |
| parent | 56f5c144cfff229235817feda9baf4036b22156a (diff) | |
Fix frontend docker
Fix the frontend docker in Nginx with https for backend in https as well
Issue-ID: CLAMP-486
Change-Id: I33fd89289618affa5e734c80991aaefece31309e
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/main/docker/backend/backend-files.xml | 2 | ||||
| -rw-r--r-- | src/main/docker/frontend/Dockerfile | 6 | ||||
| -rw-r--r-- | src/main/docker/frontend/frontend-files.xml | 11 | ||||
| -rw-r--r-- | src/main/docker/frontend/nginx/nginx.conf | 23 | ||||
| -rw-r--r-- | src/main/resources/clds/aaf/ssl/clamp.key | 32 | ||||
| -rw-r--r-- | src/main/resources/clds/aaf/ssl/clamp.pem | 64 | ||||
| -rwxr-xr-x | src/test/resources/http-cache/third_party_proxy.py | 2 |
7 files changed, 133 insertions, 7 deletions
diff --git a/src/main/docker/backend/backend-files.xml b/src/main/docker/backend/backend-files.xml index 7a9c6f530..c73c47f64 100644 --- a/src/main/docker/backend/backend-files.xml +++ b/src/main/docker/backend/backend-files.xml @@ -36,7 +36,7 @@ <include>${project.build.finalName}.jar</include> </includes> <directory>${project.build.directory}</directory> - <outputDirectory>/</outputDirectory> + <outputDirectory></outputDirectory> </fileSet> </fileSets> diff --git a/src/main/docker/frontend/Dockerfile b/src/main/docker/frontend/Dockerfile index 8c755b039..8cdad3088 100644 --- a/src/main/docker/frontend/Dockerfile +++ b/src/main/docker/frontend/Dockerfile @@ -46,7 +46,9 @@ RUN mkdir /var/log/onap RUN chmod a+rwx /var/log/onap
COPY --from=build /app/build /usr/share/nginx/html
+COPY --from=build /app/ssl /etc/ssl
RUN rm /etc/nginx/conf.d/default.conf
-COPY onap-clamp-frontend/nginx/nginx.conf /etc/nginx/conf.d
-EXPOSE 80
+#COPY onap-clamp-frontend/nginx/nginx.conf /etc/nginx/conf.d
+COPY nginx/nginx.conf /etc/nginx/conf.d
+EXPOSE 443
CMD ["nginx", "-g", "daemon off;"]
\ No newline at end of file diff --git a/src/main/docker/frontend/frontend-files.xml b/src/main/docker/frontend/frontend-files.xml index 2610e828e..aaf32be81 100644 --- a/src/main/docker/frontend/frontend-files.xml +++ b/src/main/docker/frontend/frontend-files.xml @@ -17,7 +17,7 @@ limitations under the License. ============LICENSE_END========================================================= --> - + <assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" @@ -35,8 +35,13 @@ <excludes> <exclude>node_modules</exclude> </excludes> - <directory>${project.basedir}/ui-react</directory> - <outputDirectory>/</outputDirectory> + <directory>${project.build.directory}/${ui.react.src}</directory> + <outputDirectory></outputDirectory> + </fileSet> + <!-- include ssl certificates files obtain from aaf p12 --> + <fileSet> + <directory>${project.basedir}/src/main/resources/clds/aaf/ssl</directory> + <outputDirectory>ssl</outputDirectory> </fileSet> </fileSets> diff --git a/src/main/docker/frontend/nginx/nginx.conf b/src/main/docker/frontend/nginx/nginx.conf new file mode 100644 index 000000000..5bcac5cfc --- /dev/null +++ b/src/main/docker/frontend/nginx/nginx.conf @@ -0,0 +1,23 @@ +server { + + listen 443 default ssl; + ssl_protocols TLSv1.2; + ssl_certificate /etc/ssl/clamp.pem; + ssl_certificate_key /etc/ssl/clamp.key; + location /restservices/clds/ { + proxy_pass https://clamp-backend:8443; + } + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /usr/share/nginx/html; + } + +}
\ No newline at end of file diff --git a/src/main/resources/clds/aaf/ssl/clamp.key b/src/main/resources/clds/aaf/ssl/clamp.key new file mode 100644 index 000000000..fcf68bfa2 --- /dev/null +++ b/src/main/resources/clds/aaf/ssl/clamp.key @@ -0,0 +1,32 @@ +Bag Attributes + friendlyName: clamp@clamp.onap.org + localKeyID: 54 69 6D 65 20 31 35 35 33 37 38 37 35 31 38 33 30 33 +Key Attributes: <No Attributes> +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC4nLg3HAYzgJTr +C9WdZypwz0UzcQcCFXwEUUA8StwtMwx0OahJiEJRdFY6fmydq4MzFgZ6HQt/M7dY +0l8phLHpGTVdrFMgW8yZer8bwNcSSiPVRy8j0s8lBHdR+KofG+yA19xg6lCYDX78 +yfeA2jZ52FhVWavyGHS4whWlw8T1EGbZZqXZCFgc7zHjUXuG1mo2ropppJkouf9g +WEH2Vx16YiosgZzftRW1N3KJ7JozcEtS/j4w/pNyS7HOQDWWGTDk6Us4bt8Zg4gd +1FeID0FmnEEGRKP+XscsGNwMd06MBsCAOutHkpFtS+UT3cr8xIKewL7uPq24X3ke +W148togFAgMBAAECggEATncV+R5pKFS7dteV2IvzxvTh1cZxkxoslu0t3zJ2OKPc +5D1pYK+QeGx5Be2cHru6TOlMoXRc4ZjKke8AUXY74/Y573GB91vtL0KznYkuIHDw +oALcb153eqVWTbniHMzSjcSxv2N4E9iQo8L39oVI6CrjCIvPgFuSqMCdUNJPkVTI +4nsarTfLK4fzi7IbWzi9JdE1QRNIxcCMcYJRnLZMdneMLBleR0UL82Xc2KOy5SEt +zyKYCQ8zS247FKolnOrDkhKxXI5fzdDpRK5AQSsAykUPWlYq7pzKjY/dU9rMRohx +YSltFjPZ3sQ3UKqqIqhZS+GoVuZoc925WyhViPsqtQKBgQDsL4LFfPWN8nnsusQp +VR3T7HvvwXuEVAydlaJMwZU0cRYN+L7RHHjDoXZZrNJDIDzNoWnBLKRGx3mtLmgJ +9Pa6SxN6Oc8oo6jzv2D59g1PVjNOMOYTCTb/2Xum4LMLaeeF57HkWxzeA3Ws47++ +gXwzQpbE90tp1Ys4uXD3JoivvwKBgQDIGZTwLGhLSegdAjG83WEgmdtzT1kjvx0Q +A8IR2jkgkTJHdKiuslJ8Z3/XufHEwWMWwfs1XLwxYluoo1y9eNvNeHZXjLqjL62c +I3034F9IvvTUqFcxam2WdoklXbAiSvLUo/9exPgOuVxok6Zv1imRgGb/vYV9vyG7 +86MRuQu5OwKBgQC9E3fcA6JMpY3H3uhEsngzfMDm+fyYvfRvfyezzNFWbyWZv8V6 +gBGJg0vMlFarGDa044BW/hbw9qXI5zqwpeOS1aFdGsRlo0cRAuduk/Spy7c85FZ7 +bMgT4BZmTMHo5DpNb2NxDSO59AkThCuvJde47ZjnS5WavzI6EfKGWNnZ3wKBgQCF +QiwjCp/mS/DtqLFxAsmVSYGROG231aXILYiIFRloa+ndFn7j4NP4D4FfLHErRFL2 +K/ddIUYfaU57b1fqwts26ht90LXWyYDH9AaHOMCcFLe+C+INgcA7rPNG1C7hl6JC +JHmEJo7AV4eICZSU9D44rRdrB08oYCpaHjYiLmb1UwKBgQCWCDJ4p2DrNL9hzj3K +kzvM5saXrfI4aVBXVt9rw9s1d/WG8JOpnmHcnLPb6Tj59rDktrLCLv0sVstMwNVJ +sOO+qsgn1VoZalcVhhjdONm5YvhJQgz0F7Y2xkr6g/AuMPz2YigGfm7fe/z7rc+L +q9Ua2HmUS8DDBy7W89MNZJNkDQ== +-----END PRIVATE KEY----- diff --git a/src/main/resources/clds/aaf/ssl/clamp.pem b/src/main/resources/clds/aaf/ssl/clamp.pem new file mode 100644 index 000000000..ccb0097df --- /dev/null +++ b/src/main/resources/clds/aaf/ssl/clamp.pem @@ -0,0 +1,64 @@ +Bag Attributes + friendlyName: clamp@clamp.onap.org + localKeyID: 54 69 6D 65 20 31 35 35 33 37 38 37 35 31 38 33 30 33 +subject=CN = clamp, emailAddress = , OU = clamp@clamp.onap.org, OU = OSAAF, O = ONAP, C = US + +issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9 + +-----BEGIN CERTIFICATE----- +MIIEKDCCAxCgAwIBAgIIWY+5kgf/UG4wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE +BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp +bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyMTE2MTY1OFoXDTIwMDMyMTE2MTY1OFow +bDEOMAwGA1UEAwwFY2xhbXAxDzANBgkqhkiG9w0BCQEWADEdMBsGA1UECwwUY2xh +bXBAY2xhbXAub25hcC5vcmcxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQ +MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALic +uDccBjOAlOsL1Z1nKnDPRTNxBwIVfARRQDxK3C0zDHQ5qEmIQlF0Vjp+bJ2rgzMW +BnodC38zt1jSXymEsekZNV2sUyBbzJl6vxvA1xJKI9VHLyPSzyUEd1H4qh8b7IDX +3GDqUJgNfvzJ94DaNnnYWFVZq/IYdLjCFaXDxPUQZtlmpdkIWBzvMeNRe4bWajau +immkmSi5/2BYQfZXHXpiKiyBnN+1FbU3consmjNwS1L+PjD+k3JLsc5ANZYZMOTp +Szhu3xmDiB3UV4gPQWacQQZEo/5exywY3Ax3TowGwIA660eSkW1L5RPdyvzEgp7A +vu4+rbhfeR5bXjy2iAUCAwEAAaOB8jCB7zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQE +AwIF4DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVAYDVR0jBE0w +S4AUgfeZWxC5yIze81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsMBU9TQUFGMQ0w +CwYDVQQKDARPTkFQMQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQU+GZ6wmWDPrmq +Wd1/NtMYiCQ8Dg4wOwYDVR0RBDQwMoIFY2xhbXCCHWNsYW1wLmFwaS5zaW1wbGVk +ZW1vLm9uYXAub3JnggpjbGFtcC5vbmFwMA0GCSqGSIb3DQEBCwUAA4IBAQCFZdhB +U6xm6l0vj4q89onLx4opTPvwGNRc0n402lifkPYXseFtphZSHIf2Sg0mFTH4KHb4 +FdMyBzq1+f5WLU+xRC1nT4eGJ0FvRR6204/fGVrzJTS67phnRnxr2WZzLPW0wPJe +K8SzN6tkUgE7/a/s0T/htE/blDxWh75+tA2jQlgj1Ri0y9A1J8wx++REKjGlHjFN +53aiipsB+wC/oEMzYL4qEPiYPI0Lr3Lsay1F7f6cvDT4+EYzBLMFuwCvpcnHgSMS +4fFj2ROmUG2+CC23B88Q0WNxjLPq/CrmHZZBsqwruPJ0cSuCQxfshTQ6uZhcjtu8 +6TRYkIcL0x9r/AHP +-----END CERTIFICATE----- +Bag Attributes + friendlyName: CN=intermediateCA_9,OU=OSAAF,O=ONAP,C=US +subject=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9 + +issuer=OU = OSAAF, O = ONAP, C = US + +-----BEGIN CERTIFICATE----- +MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB +RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN +MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG +A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL +neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d +o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3 +nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV +v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO +15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw +gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV +M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B +AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q +ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl +u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+ ++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/ +QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht +8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX +kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3 +aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky +uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w +tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep +BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k= +-----END CERTIFICATE----- diff --git a/src/test/resources/http-cache/third_party_proxy.py b/src/test/resources/http-cache/third_party_proxy.py index 0381ab18f..5ec9f46c1 100755 --- a/src/test/resources/http-cache/third_party_proxy.py +++ b/src/test/resources/http-cache/third_party_proxy.py @@ -43,7 +43,7 @@ parser.add_argument("--temp", "-t", default=tempfile.mkdtemp(), type=str, he parser.add_argument("--proxy" , type=str, help="Url of the Act as a proxy. If not set, this script only uses the cache and will return a 404 if files aren't found") parser.add_argument("--port", "-P", type=int, default="8081", help="Port on which the proxy should listen to") parser.add_argument("--verbose", "-v", type=bool, help="Print more information in case of error") -parser.add_argument("--proxyaddress","-a", type=str, help="Address of this proxy, generally either third_party_proxy:8085 or localhost:8085 depending if started with docker-compose or not") +parser.add_argument("--proxyaddress","-a", type=str, help="Address of this proxy, generally either third-party-proxy:8085 or localhost:8085 depending if started with docker-compose or not") options = parser.parse_args() |