From 8040c95590bca9d7a5e4ac48d72c1198ca66e107 Mon Sep 17 00:00:00 2001 From: liamfallon Date: Tue, 31 May 2022 11:22:10 +0100 Subject: Fix HTTP handling in CLAMP ACM HTTPS is turned on using a Java property in the startup scripts in all the CLAMP ACM docker images. This means that HTTP cannot be enabled or HTTPS disabled in configuration. THis commit fixes that bug. The building of the CLAMP docker images calls each jar app.jar. If all images are being built locally together, the names collide and the last image's jar is used for all jars. This commit fixes that bug as well. Issue-ID: POLICY-4224 Change-Id: If4ba8cdef36f7a8a3665fe60eee31e42159e909b Signed-off-by: liamfallon --- .../policy-clamp-docker/src/main/docker/AcmRuntimeDockerfile | 2 +- .../src/main/docker/HttpParticipantDockerfile | 2 +- .../src/main/docker/KubernetesParticipantDockerfile | 2 +- .../src/main/docker/PolicyParticipantDockerfile | 2 +- packages/policy-clamp-docker/src/main/docker/acm-runtime.sh | 12 +++--------- .../policy-clamp-docker/src/main/docker/http-participant.sh | 11 +++-------- .../src/main/docker/kubernetes-participant.sh | 11 +++-------- .../src/main/docker/policy-participant.sh | 12 +++--------- 8 files changed, 16 insertions(+), 38 deletions(-) (limited to 'packages/policy-clamp-docker/src/main/docker') diff --git a/packages/policy-clamp-docker/src/main/docker/AcmRuntimeDockerfile b/packages/policy-clamp-docker/src/main/docker/AcmRuntimeDockerfile index b5b6de32f..b4dad4e43 100644 --- a/packages/policy-clamp-docker/src/main/docker/AcmRuntimeDockerfile +++ b/packages/policy-clamp-docker/src/main/docker/AcmRuntimeDockerfile @@ -40,7 +40,7 @@ RUN tar xvfz /packages/policy-clamp-runtime-acm.tar.gz --directory $POLICY_HOME WORKDIR $POLICY_HOME COPY acm-runtime.sh bin/. -COPY /maven/app.jar /app +COPY /maven/policy-clamp-runtime-acm.jar /app/app.jar RUN chown -R policy:policy * && \ chmod 755 bin/*.sh && \ diff --git a/packages/policy-clamp-docker/src/main/docker/HttpParticipantDockerfile b/packages/policy-clamp-docker/src/main/docker/HttpParticipantDockerfile index 4311f6c87..970f8aaca 100644 --- a/packages/policy-clamp-docker/src/main/docker/HttpParticipantDockerfile +++ b/packages/policy-clamp-docker/src/main/docker/HttpParticipantDockerfile @@ -41,7 +41,7 @@ RUN tar xvfz /packages/http-participant.tar.gz --directory $POLICY_HOME && \ WORKDIR $POLICY_HOME COPY http-participant.sh bin/. -COPY /maven/app.jar /app +COPY /maven/policy-clamp-participant-impl-http.jar /app/app.jar RUN chown -R policy:policy * && \ chmod 755 bin/*.sh && \ diff --git a/packages/policy-clamp-docker/src/main/docker/KubernetesParticipantDockerfile b/packages/policy-clamp-docker/src/main/docker/KubernetesParticipantDockerfile index bed957c37..4d3303ec1 100644 --- a/packages/policy-clamp-docker/src/main/docker/KubernetesParticipantDockerfile +++ b/packages/policy-clamp-docker/src/main/docker/KubernetesParticipantDockerfile @@ -40,7 +40,7 @@ RUN tar xvfz /packages/kubernetes-participant.tar.gz --directory $POLICY_HOME && WORKDIR $POLICY_HOME COPY kubernetes-participant.sh bin/. -COPY /maven/app.jar /app +COPY /maven/policy-clamp-participant-impl-kubernetes.jar /app/app.jar RUN chown -R policy:policy * && \ chmod 755 bin/*.sh && \ diff --git a/packages/policy-clamp-docker/src/main/docker/PolicyParticipantDockerfile b/packages/policy-clamp-docker/src/main/docker/PolicyParticipantDockerfile index f70e07e20..ceb4776cd 100644 --- a/packages/policy-clamp-docker/src/main/docker/PolicyParticipantDockerfile +++ b/packages/policy-clamp-docker/src/main/docker/PolicyParticipantDockerfile @@ -40,7 +40,7 @@ RUN tar xvfz /packages/policy-participant.tar.gz --directory $POLICY_HOME && \ WORKDIR $POLICY_HOME COPY policy-participant.sh bin/. -COPY /maven/app.jar /app +COPY /maven/policy-clamp-participant-impl-policy.jar /app/app.jar RUN chown -R policy:policy * && \ chmod 755 bin/*.sh && \ diff --git a/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh b/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh index 84550de82..8b3fd8437 100644 --- a/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh +++ b/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh @@ -27,15 +27,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/AcRuntimeParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp runtime acm config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,11 +50,7 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -touch /app/app.jar -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/AcRuntimeParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ @@ -68,4 +62,4 @@ $JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ -Dcom.sun.management.jmxremote.authenticate=false \ -Dcom.sun.management.jmxremote.local.only=false \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/AcRuntimeParameters.yaml" + --spring.config.location="${CONFIG_FILE}" diff --git a/packages/policy-clamp-docker/src/main/docker/http-participant.sh b/packages/policy-clamp-docker/src/main/docker/http-participant.sh index 17daa18f9..27e909546 100644 --- a/packages/policy-clamp-docker/src/main/docker/http-participant.sh +++ b/packages/policy-clamp-docker/src/main/docker/http-participant.sh @@ -27,15 +27,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/HttpParticipantParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp HTTP participant config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,13 +50,10 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/HttpParticipantParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ -Djavax.net.ssl.trustStorePassword="${TRUSTSTORE_PASSWD}" \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/HttpParticipantParameters.yaml" + --spring.config.location="${CONFIG_FILE}" diff --git a/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh b/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh index 3c5fe5c63..c9bde11db 100644 --- a/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh +++ b/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh @@ -27,15 +27,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/KubernetesParticipantParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp Kubernetes participant config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,13 +50,10 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/KubernetesParticipantParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ -Djavax.net.ssl.trustStorePassword="${TRUSTSTORE_PASSWD}" \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/KubernetesParticipantParameters.yaml" + --spring.config.location="${CONFIG_FILE}" diff --git a/packages/policy-clamp-docker/src/main/docker/policy-participant.sh b/packages/policy-clamp-docker/src/main/docker/policy-participant.sh index 77cd0c02b..5a1aeda99 100644 --- a/packages/policy-clamp-docker/src/main/docker/policy-participant.sh +++ b/packages/policy-clamp-docker/src/main/docker/policy-participant.sh @@ -27,15 +27,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/PolicyParticipantParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp policy participant config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,14 +50,10 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -touch /app/app.jar -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/PolicyParticipantParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ -Djavax.net.ssl.trustStorePassword="${TRUSTSTORE_PASSWD}" \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/PolicyParticipantParameters.yaml" + --spring.config.location="${CONFIG_FILE}" -- cgit 1.2.3-korg