From 8795d058043fc97e2375f3fa3ecd183bd5fcb36a Mon Sep 17 00:00:00 2001 From: liamfallon Date: Fri, 9 Sep 2022 10:43:49 +0100 Subject: Allow HTTPS to be configured in ACM HTTPS is hard-coded in the ACM startup scripts in Jakarta. Issue-ID: POLICY-4338 Change-Id: I9dfc93d5b951f5a08b0d1aa5e70b9a206d802f58 Signed-off-by: liamfallon --- .../policy-clamp-docker/src/main/docker/acm-runtime.sh | 16 +++++----------- .../src/main/docker/http-participant.sh | 15 +++++---------- .../src/main/docker/kubernetes-participant.sh | 15 +++++---------- .../src/main/docker/policy-participant.sh | 16 +++++----------- 4 files changed, 20 insertions(+), 42 deletions(-) (limited to 'packages/policy-clamp-docker/src') diff --git a/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh b/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh index 84550de82..e16220105 100644 --- a/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh +++ b/packages/policy-clamp-docker/src/main/docker/acm-runtime.sh @@ -1,7 +1,7 @@ #!/usr/bin/env sh # # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,6 @@ # ============LICENSE_END========================================================= # -JAVA_HOME=/usr/lib/jvm/java-11-openjdk/ KEYSTORE="${KEYSTORE:-$POLICY_HOME/etc/ssl/policy-keystore}" TRUSTSTORE="${TRUSTSTORE:-$POLICY_HOME/etc/ssl/policy-truststore}" KEYSTORE_PASSWD="${KEYSTORE_PASSWD:-Pol1cy_0nap}" @@ -27,15 +26,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/AcRuntimeParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp runtime acm config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,11 +49,8 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -touch /app/app.jar -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/AcRuntimeParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ + -Dlogging.config="${POLICY_HOME}/etc/logback.xml" \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ @@ -68,4 +62,4 @@ $JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ -Dcom.sun.management.jmxremote.authenticate=false \ -Dcom.sun.management.jmxremote.local.only=false \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/AcRuntimeParameters.yaml" + --spring.config.location="${CONFIG_FILE}" diff --git a/packages/policy-clamp-docker/src/main/docker/http-participant.sh b/packages/policy-clamp-docker/src/main/docker/http-participant.sh index 17daa18f9..3e33b1aa9 100644 --- a/packages/policy-clamp-docker/src/main/docker/http-participant.sh +++ b/packages/policy-clamp-docker/src/main/docker/http-participant.sh @@ -1,7 +1,7 @@ #!/usr/bin/env sh # # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,6 @@ # ============LICENSE_END========================================================= # -JAVA_HOME=/usr/lib/jvm/java-11-openjdk/ KEYSTORE="${KEYSTORE:-$POLICY_HOME/etc/ssl/policy-keystore}" TRUSTSTORE="${TRUSTSTORE:-$POLICY_HOME/etc/ssl/policy-truststore}" KEYSTORE_PASSWD="${KEYSTORE_PASSWD:-Pol1cy_0nap}" @@ -27,15 +26,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/HttpParticipantParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp HTTP participant config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,13 +49,11 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/HttpParticipantParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ + -Dlogging.config="${POLICY_HOME}/etc/logback.xml" \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ -Djavax.net.ssl.trustStorePassword="${TRUSTSTORE_PASSWD}" \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/HttpParticipantParameters.yaml" + --spring.config.location="${CONFIG_FILE}" diff --git a/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh b/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh index 3c5fe5c63..95a9b15ae 100644 --- a/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh +++ b/packages/policy-clamp-docker/src/main/docker/kubernetes-participant.sh @@ -1,7 +1,7 @@ #!/usr/bin/env sh # # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,6 @@ # ============LICENSE_END========================================================= # -JAVA_HOME=/usr/lib/jvm/java-11-openjdk/ KEYSTORE="${KEYSTORE:-$POLICY_HOME/etc/ssl/policy-keystore}" TRUSTSTORE="${TRUSTSTORE:-$POLICY_HOME/etc/ssl/policy-truststore}" KEYSTORE_PASSWD="${KEYSTORE_PASSWD:-Pol1cy_0nap}" @@ -27,15 +26,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/KubernetesParticipantParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp Kubernetes participant config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,13 +49,11 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/KubernetesParticipantParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ + -Dlogging.config="${POLICY_HOME}/etc/logback.xml" \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ -Djavax.net.ssl.trustStorePassword="${TRUSTSTORE_PASSWD}" \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/KubernetesParticipantParameters.yaml" + --spring.config.location="${CONFIG_FILE}" diff --git a/packages/policy-clamp-docker/src/main/docker/policy-participant.sh b/packages/policy-clamp-docker/src/main/docker/policy-participant.sh index 77cd0c02b..fe9cf69fe 100644 --- a/packages/policy-clamp-docker/src/main/docker/policy-participant.sh +++ b/packages/policy-clamp-docker/src/main/docker/policy-participant.sh @@ -1,7 +1,7 @@ #!/usr/bin/env sh # # ============LICENSE_START======================================================= -# Copyright (C) 2021 Nordix Foundation. +# Copyright (C) 2021-2022 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +19,6 @@ # ============LICENSE_END========================================================= # -JAVA_HOME=/usr/lib/jvm/java-11-openjdk/ KEYSTORE="${KEYSTORE:-$POLICY_HOME/etc/ssl/policy-keystore}" TRUSTSTORE="${TRUSTSTORE:-$POLICY_HOME/etc/ssl/policy-truststore}" KEYSTORE_PASSWD="${KEYSTORE_PASSWD:-Pol1cy_0nap}" @@ -27,15 +26,13 @@ TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}" if [ "$#" -eq 1 ]; then CONFIG_FILE=$1 -else - CONFIG_FILE=${CONFIG_FILE} fi if [ -z "$CONFIG_FILE" ]; then CONFIG_FILE="${POLICY_HOME}/etc/PolicyParticipantParameters.yaml" fi -echo "Policy clamp config file: $CONFIG_FILE" +echo "Policy clamp policy participant config file: $CONFIG_FILE" if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then echo "overriding policy-truststore" @@ -52,14 +49,11 @@ if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/ fi -touch /app/app.jar -mkdir -p "${POLICY_HOME}"/config/ -cp -f "${CONFIG_FILE}" "${POLICY_HOME}"/config/PolicyParticipantParameters.yaml - -$JAVA_HOME/bin/java -Dserver.ssl.enabled="true" \ +$JAVA_HOME/bin/java \ + -Dlogging.config="${POLICY_HOME}/etc/logback.xml" \ -Dserver.ssl.keyStore="${KEYSTORE}" \ -Dserver.ssl.keyStorePassword="${KEYSTORE_PASSWD}" \ -Djavax.net.ssl.trustStore="${TRUSTSTORE}" \ -Djavax.net.ssl.trustStorePassword="${TRUSTSTORE_PASSWD}" \ -jar /app/app.jar \ - --spring.config.location="${POLICY_HOME}/config/PolicyParticipantParameters.yaml" + --spring.config.location="${CONFIG_FILE}" -- cgit 1.2.3-korg