diff options
46 files changed, 458 insertions, 2469 deletions
diff --git a/LICENSE.txt b/LICENSE.txt index 3ce0584e..84b2aa05 100644 --- a/LICENSE.txt +++ b/LICENSE.txt @@ -12,5 +12,3 @@ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - -ECOMP and OpenECOMP are trademarks and service marks of AT&T Intellectual Property. @@ -1,28 +1,10 @@ -This source repository contains the files for building the ONAP Policy Engine Docker images. +Copyright 2018 AT&T Intellectual Property. All rights reserved. +This file is licensed under the CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE +Full license text at https://creativecommons.org/licenses/by/4.0/legalcode -To build it using Maven 3, first build 'policy/common', 'policy/engine', 'policy/drools-pdp', and 'policy/drools-applications' repositories, and then run: mvn prepare-package. This will pull the installation zip files needed for building the policy-pe and policy-drools Docker images into the target directory. It will not actually build the docker images; the following additional steps are needed to accomplish this: +This source repository contains the files for the ONAP Policy docker-compose configuration -- Copy the files under policy-pe to target/policy-pe -- Copy the files under policy-drools to target/policy-drools -- Run the 'docker build' command on the following directories, in order: - policy-os - policy-db - policy-nexus - policy-base - target/policy-pe - target/policy-drools - -For example: -docker build -t onap/policy/policy-os policy-os -docker build -t onap/policy/policy-db policy-db -docker build -t onap/policy/policy-nexus policy-nexus -docker build -t onap/policy/policy-base policy-base -docker build -t onap/policy/policy-pe target/policy-pe -docker build -t onap/policy/policy-drools target/policy-drools - -In addition, the 'config' directory contains configuration files that are read during the startup of the containers; this directory is referenced by the docker-compose.yml file. - -If you want to call the docker-compose, the following needs to be setup before doing so: +The following needs to be setup before using docker-compose: chmod +x config/drools/drools-tweaks.sh IP_ADDRESS=$(ifconfig eth0 | grep "inet addr" | tr -s ' ' | cut -d' ' -f3 | cut -d':' -f2) diff --git a/config/db/db.conf b/config/db/db.conf new file mode 100644 index 00000000..d6cc2efc --- /dev/null +++ b/config/db/db.conf @@ -0,0 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +MYSQL_ROOT_PASSWORD=secret +MYSQL_USER=policy_user +MYSQL_PASSWORD=policy_user diff --git a/config/db/db.sh b/config/db/db.sh new file mode 100644 index 00000000..4b183730 --- /dev/null +++ b/config/db/db.sh @@ -0,0 +1,22 @@ +#!/bin/bash -xv +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +for db in support onap_sdk log +do + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" +done + +mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;" diff --git a/config/drools/apps-install.sh b/config/drools/apps-install.sh new file mode 100644 index 00000000..72f7a746 --- /dev/null +++ b/config/drools/apps-install.sh @@ -0,0 +1,124 @@ +#!/bin/bash +# +# ============LICENSE_START======================================================= +# ONAP +# ================================================================================ +# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +# + +# ################################# +# Usage +# ################################# + +function usage { + echo + echo "Usage: $(basename $0) <application-name> <zipped-application-version> <download-directory>" + echo "Example: $(basename $0) controlloop 1.2.0 /opt/policy/config/drools" + echo +} + +# ################################# +# snapshot url computation +# ################################# + +function url_snapshot { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + APP_URL="${APP_URL}/snapshots/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}" + + local APP_METADATA_URL="${APP_URL}/maven-metadata.xml" + local APP_SNAPSHOT_VERSION=$(curl --silent "${APP_METADATA_URL}" | grep -Po "(?<=<value>).*(?=</value>)" | sort -V | tail -1) + + if [[ -z ${APP_SNAPSHOT_VERSION} ]]; then + echo "ERROR: cannot compute SNAPSHOT version" + usage + exit 1 + fi + + APP_URL="${APP_URL}/apps-${APP_NAME}-${APP_SNAPSHOT_VERSION}.zip" +} + +# ################################# +# release url computation +# ################################# + +function url_release { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + APP_URL="${APP_URL}/releases/org/onap/policy/drools-applications/${APP_NAME}/packages/apps-${APP_NAME}/${APP_VERSION}/apps-${APP_NAME}-${APP_VERSION}.zip" +} + +# ################################# +# Main +# ################################# + +if [[ $DEBUG == y ]]; then + set -x +fi + +APP_NAME=$1 +if [[ -z ${APP_NAME} ]]; then + echo "ERROR: no APPLICATION NAME provided (ie. controlloop)" + usage + exit 1 +fi + +APP_VERSION=$2 +if [[ -z ${APP_VERSION} ]]; then + echo "ERROR: no APPLICATION VERSION provided" + usage + exit 1 +fi + +DOWNLOAD_DIR=$3 +if [[ -z ${DOWNLOAD_DIR} ]]; then + echo "ERROR: no DOWNLOAD DIRECTORY provided" + usage + exit 1 +fi + +if [[ ! -d ${DOWNLOAD_DIR} ]]; then + echo "ERROR: ${DOWNLOAD_DIR} is not a directory" + usage + exit 1 +fi + +APP_GROUP_ID="org.onap.policy.drools-applications.${APP_NAME}.packages" +APP_ARTIFACT_ID="apps-${APP_NAME}" +APP_BASE_URL="https://nexus.onap.org/content/repositories" + +APP_URL="${APP_BASE_URL}" + +if [[ ${APP_VERSION} =~ \-SNAPSHOT$ ]]; then + url_snapshot +else + url_release +fi + +wget "${APP_URL}" -O "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip +if [[ $? != 0 ]]; then + echo "ERROR: cannot download ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" + exit 1 +fi + +echo "APP ${APP_NAME} stored at ${DOWNLOAD_DIR}/apps-${APP_NAME}.zip" +ls -l "${DOWNLOAD_DIR}"/apps-"${APP_NAME}".zip diff --git a/config/drools/base.conf b/config/drools/base.conf index f3dfcc06..139a62d1 100644 --- a/config/drools/base.conf +++ b/config/drools/base.conf @@ -19,11 +19,12 @@ ### -# SYSTEM software configuration +# SYSTEM software configuration POLICY_HOME=/opt/app/policy +POLICY_LOGS=/var/log/onap/policy/pdpd JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 -KEYSTORE_PASSWD=PolicyR0ck$ +KEYSTORE_PASSWD=Pol1cy_0nap # Telemetry credentials @@ -41,7 +42,7 @@ releaseRepositoryUrl=http://nexus:8081/nexus/content/repositories/releases/ repositoryUsername=admin repositoryPassword=admin123 -# Relational (SQL) DB access +# Relational (SQL) DB access SQL_HOST=mariadb SQL_USER=policy_user diff --git a/config/drools/feature-healthcheck.conf b/config/drools/feature-healthcheck.conf index 31baed21..c2f89001 100644 --- a/config/drools/feature-healthcheck.conf +++ b/config/drools/feature-healthcheck.conf @@ -1,2 +1,15 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. HEALTHCHECK_USER=healthcheck HEALTHCHECK_PASSWORD=zb!XztG34 diff --git a/config/drools/policy-keystore b/config/drools/policy-keystore Binary files differdeleted file mode 100644 index ab25c3a3..00000000 --- a/config/drools/policy-keystore +++ /dev/null diff --git a/config/drools/policy-management.conf b/config/drools/policy-management.conf index 843b832e..757cb8ea 100644 --- a/config/drools/policy-management.conf +++ b/config/drools/policy-management.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. CONTROLLER_ARTIFACT_ID=policy-management CONTROLLER_NAME=policy-management-controller CONTROLLER_PORT=9696 diff --git a/config/pe/base.conf b/config/pe/base.conf index f1c25e15..e5aec35f 100644 --- a/config/pe/base.conf +++ b/config/pe/base.conf @@ -1,6 +1,20 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 POLICY_HOME=/opt/app/policy -KEYSTORE_PASSWD=PolicyR0ck$ +POLICY_LOGS=/var/log/onap +KEYSTORE_PASSWD=Pol1cy_0nap JDBC_DRIVER=org.mariadb.jdbc.Driver JDBC_URL=jdbc:mariadb://mariadb:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true @@ -21,4 +35,4 @@ ENVIRONMENT=TEST #Micro Service Model Properties policy_msOnapName= -policy_msPolicyName=
\ No newline at end of file +policy_msPolicyName= diff --git a/config/pe/brmsgw-tweaks.sh b/config/pe/brmsgw-tweaks.sh index daa3596e..426db9dd 100755 --- a/config/pe/brmsgw-tweaks.sh +++ b/config/pe/brmsgw-tweaks.sh @@ -1,4 +1,17 @@ #! /bin/bash +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. PROPS_BUILD="${POLICY_HOME}/etc/build.info" diff --git a/config/pe/brmsgw.conf b/config/pe/brmsgw.conf index a84128ed..a976da7d 100644 --- a/config/pe/brmsgw.conf +++ b/config/pe/brmsgw.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # BRMSpep component installation configuration parameters BRMSGW_JMX_PORT=9989 @@ -49,5 +62,5 @@ BRMS_UEB_API_KEY= BRMS_UEB_API_SECRET= #Dependency.json file version -BRMS_DEPENDENCY_VERSION=1.1.0 +BRMS_DEPENDENCY_VERSION=1.2.0 diff --git a/config/pe/console.conf b/config/pe/console.conf index 45ae3492..f07b93f1 100644 --- a/config/pe/console.conf +++ b/config/pe/console.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # configs component installation configuration parameters # tomcat specific parameters diff --git a/config/pe/elk.conf b/config/pe/elk.conf index 938954ce..cd7b1a21 100644 --- a/config/pe/elk.conf +++ b/config/pe/elk.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # elasticsearch ELK_JMX_PORT=9995
\ No newline at end of file diff --git a/config/pe/mysql.conf b/config/pe/mysql.conf index 28b9e3ca..eb0be01c 100644 --- a/config/pe/mysql.conf +++ b/config/pe/mysql.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # mysql scripts component installation configuration parameters # Path to mysql bin diff --git a/config/pe/pap-tweaks.sh b/config/pe/pap-tweaks.sh index 36ac3689..7c85010b 100755 --- a/config/pe/pap-tweaks.sh +++ b/config/pe/pap-tweaks.sh @@ -1 +1,14 @@ #! /bin/bash +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. diff --git a/config/pe/pap.conf b/config/pe/pap.conf index 084f127f..3ff5038d 100644 --- a/config/pe/pap.conf +++ b/config/pe/pap.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # pap component installation configuration parameters # tomcat specific parameters diff --git a/config/pe/paplp.conf b/config/pe/paplp.conf index 9fdd643b..17a3407d 100644 --- a/config/pe/paplp.conf +++ b/config/pe/paplp.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # JVM specific parameters LOGPARSER_JMX_PORT=9996 LOGPARSER_X_MS_MB=1024 diff --git a/config/pe/pdp-tweaks.sh b/config/pe/pdp-tweaks.sh index f6825363..7c85010b 100755 --- a/config/pe/pdp-tweaks.sh +++ b/config/pe/pdp-tweaks.sh @@ -1,2 +1,14 @@ #! /bin/bash - +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. diff --git a/config/pe/pdp.conf b/config/pe/pdp.conf index c82c01a5..0759dcd7 100644 --- a/config/pe/pdp.conf +++ b/config/pe/pdp.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # pdp component installation configuration parameters # tomcat specific parameters diff --git a/config/pe/pdplp.conf b/config/pe/pdplp.conf index 789d2b01..e51999f5 100644 --- a/config/pe/pdplp.conf +++ b/config/pe/pdplp.conf @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. # JVM specific parameters LOGPARSER_JMX_PORT=9997 LOGPARSER_X_MS_MB=1024 diff --git a/config/pe/push-policies.sh b/config/pe/push-policies.sh index 20e0bfaa..90c60e79 100755 --- a/config/pe/push-policies.sh +++ b/config/pe/push-policies.sh @@ -1,4 +1,17 @@ #! /bin/bash +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. #########################################Upload BRMS Param Template########################################## @@ -229,7 +242,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyType": "MicroService" }' 'http://pdp:8081/pdp/api/pushPolicy' -sleep 2 +sleep 10 echo "pushPolicy : PUT : com.MicroServicevDNS" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ @@ -238,7 +251,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyType": "MicroService" }' 'http://pdp:8081/pdp/api/pushPolicy' -sleep 2 +sleep 10 echo "pushPolicy : PUT : com.MicroServicevCPE" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ diff --git a/docker-compose-integration.yml b/docker-compose-integration.yml index 5cbd401b..53b592a3 100644 --- a/docker-compose-integration.yml +++ b/docker-compose-integration.yml @@ -1,17 +1,34 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. version: '2' services: mariadb: - image: onap/policy/policy-db + image: mariadb:10.0.34 container_name: mariadb hostname: mariadb + command: ['--lower-case-table-names=1'] + env_file: config/db/db.conf + volumes: + - ./config/db:/docker-entrypoint-initdb.d expose: - 3306 nexus: - image: onap/policy/policy-nexus + image: sonatype/nexus:2.14.8-01 container_name: nexus hostname: nexus pap: - image: onap/policy/policy-pe + image: onap/policy-pe environment: - PRELOAD_POLICIES=${PRELOAD_POLICIES} container_name: pap @@ -25,7 +42,7 @@ services: volumes: - ./config/pe:/tmp/policy-install/config pdp: - image: onap/policy/policy-pe + image: onap/policy-pe container_name: pdp depends_on: - pap @@ -36,7 +53,7 @@ services: volumes: - ./config/pe:/tmp/policy-install/config brmsgw: - image: onap/policy/policy-pe + image: onap/policy-pe container_name: brmsgw depends_on: - pap @@ -45,7 +62,7 @@ services: volumes: - ./config/pe:/tmp/policy-install/config drools: - image: onap/policy/policy-drools + image: onap/policy-drools container_name: drools depends_on: - mariadb diff --git a/docker-compose.yml b/docker-compose.yml index 96fd5073..18e0ebd3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. version: '2' networks: default: @@ -6,17 +19,24 @@ networks: com.docker.network.driver.mtu: ${MTU} services: mariadb: - image: onap/policy/policy-db + image: mariadb:10.0.34 container_name: mariadb hostname: mariadb + command: ['--lower-case-table-names=1'] + env_file: config/db/db.conf + volumes: + - ./config/db:/docker-entrypoint-initdb.d ports: - "3306:3306" nexus: - image: onap/policy/policy-nexus + image: sonatype/nexus:2.14.8-01 container_name: nexus hostname: nexus + restart: always + ports: + - "9081:8081" pap: - image: onap/policy/policy-pe + image: onap/policy-pe environment: - PRELOAD_POLICIES=${PRELOAD_POLICIES} container_name: pap @@ -30,7 +50,7 @@ services: volumes: - ./config/pe:/tmp/policy-install/config pdp: - image: onap/policy/policy-pe + image: onap/policy-pe container_name: pdp depends_on: - pap @@ -41,7 +61,7 @@ services: volumes: - ./config/pe:/tmp/policy-install/config brmsgw: - image: onap/policy/policy-pe + image: onap/policy-pe container_name: brmsgw depends_on: - pap @@ -50,12 +70,13 @@ services: volumes: - ./config/pe:/tmp/policy-install/config drools: - image: onap/policy/policy-drools + image: onap/policy-drools container_name: drools depends_on: - mariadb - nexus hostname: drools + restart: always ports: - "6969:6969" - "9696:9696" diff --git a/docker_build.sh b/docker_build.sh deleted file mode 100755 index 4a8c416f..00000000 --- a/docker_build.sh +++ /dev/null @@ -1,110 +0,0 @@ -#!/bin/bash -# -echo '============== STARTING SCRIPT TO BUILD DOCKER IMAGES =================' -DOCKER_REPOSITORY=nexus3.onap.org:10003 -MVN_VERSION=$(cat target/version) -MVN_MAJMIN_VERSION=$(cut -f 1,2 -d . target/version) -TIMESTAMP=$(date -u +%Y%m%dT%H%M%S) -PROXY_ARGS="" - -if [ $HTTP_PROXY ]; then - PROXY_ARGS+="--build-arg HTTP_PROXY=${HTTP_PROXY}" -fi -if [ $HTTPS_PROXY ]; then - PROXY_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" -fi - -echo $DOCKER_REPOSITORY -echo $MVN_VERSION -echo $MVN_MAJMIN_VERSION -echo $TIMESTAMP - -if [[ -z $MVN_VERSION ]] -then - echo "MVN_VERSION is empty" - exit 1 -fi - -if [[ -z $MVN_MAJMIN_VERSION ]] -then - echo "MVN_MAJMIN_VERSION is empty" - exit 1 -fi - -if [[ $MVN_VERSION == *"SNAPSHOT"* ]] -then - MVN_MAJMIN_VERSION="${MVN_MAJMIN_VERSION}-SNAPSHOT" -else - MVN_MAJMIN_VERSION="${MVN_MAJMIN_VERSION}-STAGING" -fi - -echo $MVN_MAJMIN_VERSION - -cp policy-pe/* target/policy-pe/ -cp policy-drools/* target/policy-drools/ - -for image in policy-os policy-nexus policy-db policy-base policy-drools policy-pe ; do - echo "Building $image" - mkdir -p target/$image - cp $image/* target/$image - - # - # This is the local latest tagged image. The Dockerfile's need this to build images - # - TAGS="--tag onap/policy/${image}:latest" - # - # This is the nexus repo prepended for latest tagged image. - # - TAGS="${TAGS} --tag ${DOCKER_REPOSITORY}/onap/policy/${image}:latest" - # - # This has the nexus repo prepended and only major/minor version with latest - # - TAGS="${TAGS} --tag ${DOCKER_REPOSITORY}/onap/policy/${image}:${MVN_MAJMIN_VERSION}-latest" - # - # This has the nexus repo prepended and major/minor/patch version with timestamp - # - TAGS="${TAGS} --tag ${DOCKER_REPOSITORY}/onap/policy/${image}:${MVN_VERSION}-STAGING-${TIMESTAMP}" - - echo $TAGS - - docker build --quiet ${PROXY_ARGS} $TAGS target/$image - - if [ $? -ne 0 ] - then - echo "Docker build failed" - docker images - exit 1 - fi -done - -docker images - -for image in policy-nexus policy-db policy-drools policy-pe; do - echo "Pushing $image" - - docker push ${DOCKER_REPOSITORY}/onap/policy/$image:latest - - if [ $? -ne 0 ] - then - echo "Docker push failed" - exit 1 - - fi - - docker push ${DOCKER_REPOSITORY}/onap/policy/$image:${MVN_MAJMIN_VERSION}-latest - - if [ $? -ne 0 ] - then - echo "Docker push failed" - exit 1 - - fi - docker push ${DOCKER_REPOSITORY}/onap/policy/$image:${MVN_VERSION}-STAGING-${TIMESTAMP} - - if [ $? -ne 0 ] - then - echo "Docker push failed" - exit 1 - - fi -done diff --git a/docker_merge.sh b/docker_merge.sh deleted file mode 100755 index 83fd239d..00000000 --- a/docker_merge.sh +++ /dev/null @@ -1,98 +0,0 @@ -#!/bin/bash -# -echo '============== STARTING SCRIPT TO BUILD DOCKER IMAGES =================' -DOCKER_REPOSITORY=nexus3.onap.org:10003 -MVN_VERSION=$(cat target/version) -MVN_MAJMIN_VERSION=$(cut -f 1,2 -d . target/version) -TIMESTAMP=$(date -u +%Y%m%dT%H%M%S) -PROXY_ARGS="" - -if [ $HTTP_PROXY ]; then - PROXY_ARGS+="--build-arg HTTP_PROXY=${HTTP_PROXY}" -fi -if [ $HTTPS_PROXY ]; then - PROXY_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" -fi - -echo $DOCKER_REPOSITORY -echo $MVN_VERSION -echo $MVN_MAJMIN_VERSION -echo $TIMESTAMP - -if [[ -z $MVN_VERSION ]] -then - echo "MVN_VERSION is empty" - exit 1 -fi - -if [[ -z $MVN_MAJMIN_VERSION ]] -then - echo "MVN_MAJMIN_VERSION is empty" - exit 1 -fi - -if [[ $MVN_VERSION == *"SNAPSHOT"* ]] -then - MVN_MAJMIN_VERSION="${MVN_MAJMIN_VERSION}-SNAPSHOT" -else - MVN_MAJMIN_VERSION="${MVN_MAJMIN_VERSION}-STAGING" -fi - -echo $MVN_MAJMIN_VERSION - -cp policy-pe/* target/policy-pe/ -cp policy-drools/* target/policy-drools/ - -for image in policy-os policy-nexus policy-db policy-base policy-drools policy-pe ; do - echo "Building $image" - mkdir -p target/$image - cp $image/* target/$image - - # - # This is the local latest tagged image. The Dockerfile's need this to build images - # - TAGS="--tag onap/policy/${image}:latest" - # - # This has the nexus repo prepended and only major/minor version with latest - # - TAGS="${TAGS} --tag ${DOCKER_REPOSITORY}/onap/policy/${image}:${MVN_MAJMIN_VERSION}-latest" - # - # This has the nexus repo prepended and major/minor/patch version with timestamp - # - TAGS="${TAGS} --tag ${DOCKER_REPOSITORY}/onap/policy/${image}:${MVN_VERSION}-${TIMESTAMP}" - - echo $TAGS - - docker build --quiet ${PROXY_ARGS} $TAGS target/$image - - if [ $? -ne 0 ] - then - echo "Docker build failed" - docker images - exit 1 - fi -done - -docker images - -# -# Push images -# -for image in policy-nexus policy-db policy-drools policy-pe; do - echo "Pushing $image" - docker push ${DOCKER_REPOSITORY}/onap/policy/$image:${MVN_MAJMIN_VERSION}-latest - - if [ $? -ne 0 ] - then - echo "Docker push failed" - exit 1 - fi - - docker push ${DOCKER_REPOSITORY}/onap/policy/$image:${MVN_VERSION}-${TIMESTAMP} - - if [ $? -ne 0 ] - then - echo "Docker push failed" - exit 1 - fi -done diff --git a/docker_verify.sh b/docker_verify.sh deleted file mode 100755 index 17eff0a1..00000000 --- a/docker_verify.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash -# -echo '============== STARTING SCRIPT TO BUILD DOCKER IMAGES =================' -# -# JUST VERIFY ONLY - NO PUSHING -# -DOCKER_REPOSITORY=nexus3.onap.org:10003 -MVN_VERSION=$(cat target/version) -MVN_MAJMIN_VERSION=$(cut -f 1,2 -d . target/version) -TIMESTAMP=$(date -u +%Y%m%dT%H%M%S) -PROXY_ARGS="" - -if [ $HTTP_PROXY ]; then - PROXY_ARGS+="--build-arg HTTP_PROXY=${HTTP_PROXY}" -fi -if [ $HTTPS_PROXY ]; then - PROXY_ARGS+=" --build-arg HTTPS_PROXY=${HTTPS_PROXY}" -fi - -echo $DOCKER_REPOSITORY -echo $MVN_VERSION -echo $MVN_MAJMIN_VERSION -echo $TIMESTAMP - -if [[ -z $MVN_VERSION ]] -then - echo "MVN_VERSION is empty" - exit 1 -fi - -if [[ -z $MVN_MAJMIN_VERSION ]] -then - echo "MVN_MAJMIN_VERSION is empty" - exit 1 -fi - -if [[ $MVN_VERSION == *"SNAPSHOT"* ]] -then - MVN_MAJMIN_VERSION="${MVN_MAJMIN_VERSION}-SNAPSHOT" -else - MVN_MAJMIN_VERSION="${MVN_MAJMIN_VERSION}-STAGING" -fi - -echo $MVN_MAJMIN_VERSION - -cp policy-pe/* target/policy-pe/ -cp policy-drools/* target/policy-drools/ - -for image in policy-os policy-nexus policy-db policy-base policy-drools policy-pe ; do - echo "Building $image" - mkdir -p target/$image - cp $image/* target/$image - - # - # This is the local latest tagged image. The Dockerfile's need this to build images - # - TAGS="--tag onap/policy/${image}:latest" - # - # This has the nexus repo prepended and only major/minor version with latest - # - TAGS="${TAGS} --tag ${DOCKER_REPOSITORY}/onap/policy/${image}:${MVN_MAJMIN_VERSION}-latest" - # - # This has the nexus repo prepended and major/minor/patch version with timestamp - # - TAGS="${TAGS} --tag ${DOCKER_REPOSITORY}/onap/policy/${image}:${MVN_VERSION}-${TIMESTAMP}" - - echo $TAGS - - docker build --quiet ${PROXY_ARGS} $TAGS target/$image - - if [ $? -ne 0 ] - then - echo "Docker build failed" - docker images - exit 1 - fi -done - -docker images - diff --git a/policy-base/Dockerfile b/policy-base/Dockerfile deleted file mode 100644 index e6c4b1f5..00000000 --- a/policy-base/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM onap/policy/policy-os - - -# install MariaDB client -RUN \ - apt-get install -y apt-transport-https && \ - apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ - add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu trusty main' && \ - apt-get clean && \ - apt-get update && \ - apt-get install -y mariadb-client - - diff --git a/policy-db/Dockerfile b/policy-db/Dockerfile deleted file mode 100644 index 002313cd..00000000 --- a/policy-db/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM onap/policy/policy-os - -RUN \ - apt-get clean && \ - apt-get install -y apt-transport-https && \ - apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db && \ - add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://ftp.osuosl.org/pub/mariadb/repo/10.0/ubuntu trusty main' && \ - apt-get clean && \ - apt-get update && \ - apt-get install -y mariadb-server && \ - touch /var/lib/mysql/firstrun - -COPY dbinit.sh do-start.sh /tmp/ -RUN bash /tmp/dbinit.sh - -# mount volumes to persist the data -VOLUME /etc/mysql /var/lib/mysql - -CMD exec bash /tmp/do-start.sh diff --git a/policy-db/dbinit.sh b/policy-db/dbinit.sh deleted file mode 100644 index 19f4a5bd..00000000 --- a/policy-db/dbinit.sh +++ /dev/null @@ -1,38 +0,0 @@ -#sed -i '/^bind-address/s/127\.0\.0\.1/0.0.0.0/' /etc/mysql/my.cnf -cat >/etc/mysql/conf.d/policy.cnf <<-'EOF' - [mysqld] - lower_case_table_names = 1 - bind-address = 0.0.0.0 -EOF - -echo "Starting mysqld" -service mysql start - -echo "Run mysql_secure_installation" -/usr/bin/mysql_secure_installation <<-EOF - - y - secret - secret - y - y - y - y -EOF - -echo "Creating db schemas and user" -mysql -uroot -psecret <<-EOF - create database xacml; - create database log; - create database support; - create table support.db_version(the_key varchar(20) not null, version varchar(20), primary key(the_key)); - insert into support.db_version values('VERSION', '00'); - insert into support.db_version values('DROOLS_VERSION', '00'); - create user 'policy_user'@'localhost' identified by 'policy_user'; - grant all privileges on *.* to 'policy_user'@'localhost' with grant option; - flush privileges; - select * from support.db_version; -EOF - -echo "Stopping mysqld" -service mysql stop diff --git a/policy-db/do-start.sh b/policy-db/do-start.sh deleted file mode 100755 index 49dbe0fe..00000000 --- a/policy-db/do-start.sh +++ /dev/null @@ -1,12 +0,0 @@ -#! /bin/bash - -# determine IP pattern associated with 'eth0' (assume net mask = 255.255.0.0) -ipPattern=$(ifconfig eth0|sed -n -e 's/^.*inet addr:\([^\.]*.[^\.]*\)\..*$/\1.%.%/p') - -# start MySQL, and grant all privileges to the local network -# (it doesn't hurt to do the 'grant' multiple times) -service mysql start -mysql -uroot -psecret \ - -e "grant all privileges on *.* to 'policy_user'@'${ipPattern}' identified by 'policy_user' with grant option;" - -exec sleep 1000d diff --git a/policy-drools/Dockerfile b/policy-drools/Dockerfile deleted file mode 100644 index d4cd77b8..00000000 --- a/policy-drools/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -FROM onap/policy/policy-base - -RUN pip install http-prompt -RUN mkdir -p /opt/app/policy/opt /tmp/policy-install && \ - chown -R policy /opt/app/policy /tmp/policy-install - -WORKDIR /tmp/policy-install - -COPY install-drools.zip apps.zip docker-install.sh do-start.sh wait-for-port.sh ./ - -RUN unzip -o install-drools.zip && \ - unzip -o apps.zip && \ - rm install-drools.zip apps.zip && \ - chown -R policy * && \ - chmod +x *.sh - -USER policy -CMD ./do-start.sh diff --git a/policy-drools/do-start.sh b/policy-drools/do-start.sh deleted file mode 100644 index e1857441..00000000 --- a/policy-drools/do-start.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash - -# skip installation if build.info file is present (restarting an existing container) -if [[ -f /opt/app/policy/etc/build.info ]]; then - echo "Found existing installation, will not reinstall" - . /opt/app/policy/etc/profile.d/env.sh -else - # replace conf files from installer with environment-specific files - # mounted from the hosting VM - if [[ -d config ]]; then - cp config/*.conf . - fi - - # wait for nexus up before installing, since installation - # needs to deploy some artifacts to the repo - ./wait-for-port.sh nexus 8081 - - ./docker-install.sh - - . /opt/app/policy/etc/profile.d/env.sh - - # install policy keystore - mkdir -p $POLICY_HOME/etc/ssl - cp config/policy-keystore $POLICY_HOME/etc/ssl - - if [[ -x config/drools-tweaks.sh ]] ; then - echo "Executing tweaks" - # file may not be executable; running it as an - # argument to bash avoids needing execute perms. - bash config/drools-tweaks.sh - fi - - # wait for DB up - ./wait-for-port.sh mariadb 3306 - - # now that DB is up, invoke database upgrade: - # sql provisioning scripts should be invoked here. -fi - -echo "Starting processes" - -policy start - -sleep 1000d diff --git a/policy-drools/docker-install.sh b/policy-drools/docker-install.sh deleted file mode 100644 index e65329da..00000000 --- a/policy-drools/docker-install.sh +++ /dev/null @@ -1,910 +0,0 @@ -#!/bin/bash - -### -# ============LICENSE_START======================================================= -# Installation Package -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -### - - -function JAVA_HOME() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - if [[ -z ${JAVA_HOME} ]]; then - echo "error: aborting installation: JAVA_HOME variable must be present in base.conf" - exit 1; - fi - - echo "JAVA_HOME is ${JAVA_HOME}" -} - -function POLICY_HOME() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local POLICY_HOME_ABS - - if [[ -z ${POLICY_HOME} ]]; then - echo "error: aborting installation: the installation directory POLICY_HOME must be set" - exit 1 - fi - - POLICY_HOME_ABS=$(readlink -f "${POLICY_HOME}") - if [[ -n ${POLICY_HOME_ABS} ]]; then - export POLICY_HOME=${POLICY_HOME_ABS} - fi - - echo "POLICY_HOME is ${POLICY_HOME}" - - # Do not allow installations from within POLICY_HOME dir or sub-dirs - if [[ "$(pwd)/" == ${POLICY_HOME}/* ]]; then - echo "error: aborting installation: cannot be executed from '${POLICY_HOME}' or sub-directories. " - exit 1 - fi -} - -function check_java() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local TARGET_JAVA_VERSION INSTALLED_JAVA_VERSION - - TARGET_JAVA_VERSION=$1 - - if [[ -z ${JAVA_HOME} ]]; then - echo "error: ${JAVA_HOME} is not set" - return 1 - fi - - if ! check_x_file "${JAVA_HOME}/bin/java"; then - echo "error: ${JAVA_HOME}/bin/java is not accessible" - return 1 - fi - - INSTALLED_JAVA_VERSION=$("${JAVA_HOME}/bin/java" -version 2>&1 | awk -F '"' '/version/ {print $2}') - if [[ -z $INSTALLED_JAVA_VERSION ]]; then - echo "error: ${JAVA_HOME}/bin/java is invalid" - return 1 - fi - - if [[ "${INSTALLED_JAVA_VERSION}" != ${TARGET_JAVA_VERSION}* ]]; then - echo "error: java version (${INSTALLED_JAVA_VERSION}) does not"\ - "march desired version ${TARGET_JAVA_VERSION}" - return 1 - fi - - echo "OK: java ${INSTALLED_JAVA_VERSION} installed" - - if ! type -p "${JAVA_HOME}/bin/keytool" > /dev/null 2>&1; then - echo "error: {JAVA_HOME}/bin/keytool is not installed" - return 1 - fi -} - -function process_configuration() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local CONF_FILE name value - - CONF_FILE=$1 - while read line || [ -n "${line}" ]; do - if [[ -n ${line} ]] && [[ ${line} != *#* ]]; then - name=$(echo "${line%%=*}") - value=$(echo "${line#*=}") - # escape ampersand so that sed does not replace it with the search string - value=${value//&/\\&} - if [[ -z ${name} ]] || [[ -z $value ]]; then - echo "WARNING: ${line} missing name or value" - fi - export ${name}="${value}" - eval "${name}" "${value}" 2> /dev/null - fi - done < "${CONF_FILE}" - return 0 -} - -function component_preinstall() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - /bin/sed -i -e 's!${{POLICY_HOME}}!'"${POLICY_HOME}!g" \ - -e 's!${{FQDN}}!'"${FQDN}!g" \ - *.conf > /dev/null 2>&1 -} - -function configure_component() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local CONF_FILE COMPONENT_ROOT_DIR SED_LINE SED_FILES name value - - CONF_FILE=$1 - COMPONENT_ROOT_DIR=$2 - - SED_LINE="sed -i" - SED_LINE+=" -e 's!\${{POLICY_HOME}}!${POLICY_HOME}!g' " - SED_LINE+=" -e 's!\${{POLICY_USER}}!${POLICY_USER}!g' " - SED_LINE+=" -e 's!\${{POLICY_GROUP}}!${POLICY_GROUP}!g' " - SED_LINE+=" -e 's!\${{KEYSTORE_PASSWD}}!${KEYSTORE_PASSWD}!g' " - SED_LINE+=" -e 's!\${{JAVA_HOME}}!${JAVA_HOME}!g' " - - while read line || [ -n "${line}" ]; do - if [[ -n ${line} ]] && [[ ${line:0:1} != \# ]]; then - name=$(echo "${line%%=*}") - value=$(echo "${line#*=}") - # escape ampersand so that sed does not replace it with the search string - value=$(echo "${value}" | sed -e 's/[\/&]/\\&/g') - if [[ -z ${name} ]] || [[ -z ${value} ]]; then - echo "WARNING: ${line} missing name or value" - fi - SED_LINE+=" -e 's/\${{${name}}}/${value}/g' " - fi - done < "$CONF_FILE" - - SED_FILES="" - for sed_file in $(find "${COMPONENT_ROOT_DIR}" -type f -exec grep -Iq . {} \; -print 2> /dev/null); do - if fgrep -l '${{' ${sed_file} > /dev/null 2>&1; then - SED_FILES+="${sed_file} " - fi - done - - if [[ -z ${SED_FILES} ]]; then - echo "WARNING: no files to perform variable expansion" - else - SED_LINE+=${SED_FILES} - eval "${SED_LINE}" - fi -} - -function configure_settings() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - # The goal is to have repositories for both 'release' and 'snapshot' - # artifacts. These may either be remote (e.g. Nexus) repositories, or - # a local file-based repository. - local fileRepoID=file-repository - local fileRepoUrl=file:$HOME_M2/file-repository - mkdir -p "${fileRepoUrl#file:}" - - # The following parameters are also used outside of this function. - # if snapshotRepositoryUrl and/or releaseRepositoryUrl is defined, - # the corresponding ID and url will be updated below - releaseRepoID=${fileRepoID} - releaseRepoUrl=${fileRepoUrl} - snapshotRepoID=${fileRepoID} - snapshotRepoUrl=${fileRepoUrl} - - # if both snapshotRepositoryUrl and releaseRepositoryUrl are null, - # use standalone-settings.xml that just defines the file-based repo. - # if only one of them is specified, use file-based repo for the other. - if [[ -z "$snapshotRepositoryUrl" && -z $releaseRepositoryUrl ]]; then - echo "snapshotRepositoryUrl and releaseRepositoryUrl properties not set, configuring settings.xml for standalone operation" - mv $HOME_M2/standalone-settings.xml $HOME_M2/settings.xml - else - rm $HOME_M2/standalone-settings.xml - - if [[ -n "${snapshotRepositoryUrl}" ]] ; then - snapshotRepoID=${snapshotRepositoryID} - snapshotRepoUrl=${snapshotRepositoryUrl} - fi - if [[ -n "${releaseRepositoryUrl}" ]] ; then - releaseRepoID=${releaseRepositoryID} - releaseRepoUrl=${releaseRepositoryUrl} - fi - fi - - SED_LINE="sed -i" - SED_LINE+=" -e 's!\${{snapshotRepositoryID}}!${snapshotRepoID}!g' " - SED_LINE+=" -e 's!\${{snapshotRepositoryUrl}}!${snapshotRepoUrl}!g' " - SED_LINE+=" -e 's!\${{releaseRepositoryID}}!${releaseRepoID}!g' " - SED_LINE+=" -e 's!\${{releaseRepositoryUrl}}!${releaseRepoUrl}!g' " - SED_LINE+=" -e 's!\${{repositoryUsername}}!${repositoryUsername}!g' " - SED_LINE+=" -e 's!\${{repositoryPassword}}!${repositoryPassword}!g' " - SED_LINE+=" -e 's!\${{fileRepoID}}!${fileRepoID}!g' " - SED_LINE+=" -e 's!\${{fileRepoUrl}}!${fileRepoUrl}!g' " - - SED_LINE+="$HOME_M2/settings.xml" - eval "${SED_LINE}" - -} - - -function check_r_file() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - FILE=$1 - if [[ ! -f ${FILE} || ! -r ${FILE} ]]; then - return 1 - fi - - return 0 -} - -function check_x_file() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - FILE=$1 - if [[ ! -f ${FILE} || ! -x ${FILE} ]]; then - return 1 - fi - - return 0 -} - -function install_prereqs() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local CONF_FILE HOME_OWNER - - CONF_FILE=$1 - - if ! check_r_file "${CONF_FILE}"; then - echo "error: aborting ${COMPONENT_TYPE} installation: ${CONF_FILE} is not accessible" - exit 1 - fi - - if ! process_configuration "${CONF_FILE}"; then - echo "error: aborting ${COMPONENT_TYPE} installation: cannot process configuration ${CONF_FILE}" - exit 1 - fi - - if ! check_java "1.8"; then - echo "error: aborting ${COMPONENT_TYPE} installation: invalid java version" - exit 1 - fi - - - if [[ -z ${POLICY_HOME} ]]; then - echo "error: aborting ${COMPONENT_TYPE} installation: ${POLICY_HOME} is not set" - exit 1 - fi - - HOME_OWNER=$(ls -ld "${POLICY_HOME}" | awk '{print $3}') - if [[ ${HOME_OWNER} != ${POLICY_USER} ]]; then - echo "error: aborting ${COMPONENT_TYPE} installation: ${POLICY_USER} does not own ${POLICY_HOME} directory" - exit 1 - fi - - echo -n "Starting ${OPERATION} of ${COMPONENT_TYPE} under ${POLICY_USER}:${POLICY_GROUP} " - echo "ownership with umask $(umask)." -} - -function configure_base() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local BASH_PROFILE_LINE PROFILE_LINE - - # check if fqdn is set in base.conf and use that value if set - if [[ -z ${INSTALL_FQDN} ]] - then - echo "FQDN not set in config...using the default FQDN ${FQDN}" - else - echo "Using FQDN ${INSTALL_FQDN} from config" - FQDN=${INSTALL_FQDN} - fi - - configure_component "${BASE_CONF}" "${POLICY_HOME}" - - configure_settings - - BASH_PROFILE_LINE=". ${POLICY_HOME}/etc/profile.d/env.sh" - PROFILE_LINE="ps -p \$\$ | grep -q bash || . ${POLICY_HOME}/etc/profile.d/env.sh" - - # Note: adding to .bashrc instead of .bash_profile - if ! fgrep -x "${BASH_PROFILE_LINE}" "${HOME}/.bashrc" >/dev/null 2>&1; then - echo "${BASH_PROFILE_LINE}" >> "${HOME}/.bashrc" - fi - - if ! fgrep -x "${PROFILE_LINE}" "${HOME}/.profile" >/dev/null 2>&1; then - echo "${PROFILE_LINE}" >> "${HOME}/.profile" - fi - - . "${POLICY_HOME}/etc/profile.d/env.sh" - - cat "${POLICY_HOME}"/etc/cron.d/* | crontab -} - -function install_base() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local POLICY_HOME_CONTENTS BASE_TGZ BASEX_TGZ BASH_PROFILE_LINE - - install_prereqs "${BASE_CONF}" - - # following properties must be set: - # POLICY_HOME - installation directory, must exist and be writable - - # test that all required properties are set - for var in POLICY_HOME JAVA_HOME - do - if [[ -z $(eval echo \$$var) ]]; then - echo "ERROR: $var must be set in $BASE_CONF" - exit 1 - fi - done - - if [[ ! ( -d "$POLICY_HOME" && -w "$POLICY_HOME" ) ]]; then - echo "ERROR: Installation directory $POLICY_HOME does not exist or not writable" - exit 1 - fi - - if ! /bin/rm -fr "${POLICY_HOME}"/* > /dev/null 2>&1; then - echo "error: aborting base installation: cannot delete the underlying ${POLICY_HOME} files" - exit 1 - fi - - POLICY_HOME_CONTENTS=$(ls -A "${POLICY_HOME}" 2> /dev/null) - if [[ -n ${POLICY_HOME_CONTENTS} ]]; then - echo "error: aborting base installation: ${POLICY_HOME} directory is not empty" - exit 1 - fi - - if ! /bin/mkdir -p "${POLICY_HOME}/logs/" > /dev/null 2>&1; then - echo "error: aborting base installation: cannot create ${POLICY_HOME}/logs/" - exit 1 - fi - - BASE_TGZ=$(ls base-*.tar.gz) - if [ ! -r ${BASE_TGZ} ]; then - echo "error: aborting: base package is not accessible" - exit 1 - fi - - tar -tzf ${BASE_TGZ} > /dev/null 2>&1 - if [[ $? != 0 ]]; then - echo >&2 "error: aborting installation: invalid base package file: ${BASE_TGZ}" - exit 1 - fi - - BASEX_TGZ=$(ls basex-*.tar.gz 2> /dev/null) - if [ -z ${BASEX_TGZ} ]; then - echo "warning: no basex application package present" - BASEX_TGZ= - else - tar -tzf ${BASEX_TGZ} > /dev/null 2>&1 - if [[ $? != 0 ]]; then - echo >&2 "warning: invalid basex application package tar file: ${BASEX_TGZ}" - BASEX_TGZ= - fi - fi - - # Undo any changes in the $HOME directory if any - - BASH_PROFILE_LINE=". ${POLICY_HOME}/etc/profile.d/env.sh" -# PROFILE_LINE="ps -p \$\$ | grep -q bash || . ${POLICY_HOME}/etc/profile.d/env.sh" - - # Note: using .bashrc instead of .bash_profile - if [[ -f ${HOME}/.bashrc ]]; then - /bin/sed -i.bak "\:${BASH_PROFILE_LINE}:d" "${HOME}/.bashrc" - fi - -# if [[ -f ${HOME}/.profile ]]; then -# /bin/sed -i.bak "\:${PROFILE_LINE}:d" "${HOME}/.profile" -# fi - - tar -C ${POLICY_HOME} -xf ${BASE_TGZ} --no-same-owner - if [[ $? != 0 ]]; then - # this should not happened - echo "error: aborting base installation: base package cannot be unpacked: ${BASE_TGZ}" - exit 1 - fi - - if [ ! -z ${BASEX_TGZ} ]; then - tar -C ${POLICY_HOME} -xf ${BASEX_TGZ} --no-same-owner - if [[ $? != 0 ]]; then - # this should not happened - echo "warning: basex package cannot be unpacked: ${BASEX_TGZ}" - fi - fi - -# /bin/mkdir -p ${POLICY_HOME}/etc/ssl > /dev/null 2>&1 -# /bin/mkdir -p ${POLICY_HOME}/etc/init.d > /dev/null 2>&1 -# /bin/mkdir -p ${POLICY_HOME}/nagios/tmp > /dev/null 2>&1 -# /bin/mkdir -p ${POLICY_HOME}/tmp > /dev/null 2>&1 -# /bin/mkdir -p ${POLICY_HOME}/var > /dev/null 2>&1 - -# chmod -R 755 ${POLICY_HOME}/nagios > /dev/null 2>&1 - - if [[ -d $HOME_M2 ]]; then - echo "Renaming existing $HOME_M2 to $HOME/m2.$TIMESTAMP" - mv $HOME_M2 $HOME/m2.$TIMESTAMP - if [[ $? != 0 ]]; then - echo "WARNING: Failed to rename $HOME_M2 directory; will use old directory" - fi - fi - if [[ ! -d $HOME_M2 ]]; then - echo "Moving m2 directory to $HOME_M2" - mv $POLICY_HOME/m2 $HOME_M2 - if [[ $? != 0 ]]; then - echo "ERROR: Error in moving m2 directory" - exit 1 - fi - fi - - configure_base - - # save ${BASE_CONF} in PDP-D installation - cp "${BASE_CONF}" "${POLICY_HOME}"/etc/profile.d - -# if ! create_keystore; then -# echo "error: aborting base installation: creating keystore" -# exit 1 -# fi - -# list_unexpanded_files ${POLICY_HOME} - -} - -function install_controller() -{ - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - if [[ -f "${HOME}/.bashrc" ]]; then - source "${HOME}/.bashrc" - fi - - if [[ -z ${POLICY_HOME} ]]; then - echo "error: aborting installation: POLICY_HOME environment variable is not set." - exit 1 - fi - - if ! check_r_file ${POLICY_HOME}/etc/profile.d/env.sh; then - echo "error: aborting installation: ${POLICY_HOME}/etc/profile.d/env.sh is not accessible" - exit 1 - fi - - local CONTROLLER_CONF CONTROLLER_ZIP RULES_JAR SOURCE_DIR CONTROLLER_DIR AAAA BBBB PORT UTOPIC ARTIFACT_VERSION - - CONTROLLER_CONF=$COMPONENT_TYPE.conf - install_prereqs "${CONTROLLER_CONF}" - - # following properties must be set in conf file: - # CONTROLLER_ARTIFACT_ID - Maven artifactId for controller - # CONTROLLER_NAME - directory name for the controller; controller will be installed to - # $POLICY_HOME/controllers/$CONTROLLER_NAME - # CONTROLLER_PORT - port number for the controller REST interface - # RULES_ARTIFACT - rules artifact specifier: groupId:artifactId:version - - # test that all required properties are set - for var in CONTROLLER_ARTIFACT_ID CONTROLLER_NAME CONTROLLER_PORT RULES_ARTIFACT UEB_TOPIC - do - if [[ -z $(eval echo \$$var) ]]; then - echo "ERROR: $var must be set in $CONTROLLER_CONF" - exit 1 - fi - done - - CONTROLLER_ZIP=$(ls $CONTROLLER_ARTIFACT_ID*.zip 2>&-) - if [[ -z $CONTROLLER_ZIP ]]; then - echo "ERROR: Cannot find controller zip file ($CONTROLLER_ARTIFACT_ID*.zip)" - exit 1 - fi - - if [[ ! "$CONTROLLER_NAME" =~ ^[A-Za-z0-9_-]+$ ]]; then - echo "ERROR: CONTROLLER_NAME may only contain alphanumeric, underscore, and dash characters" - exit 1 - fi - - if [[ ! "$CONTROLLER_PORT" =~ ^[0-9]+$ ]]; then - echo "ERROR: CONTROLLER_PORT is not a valid integer" - exit 1 - fi - - # split artifact string into parts - IFS=: read RULES_GROUPID RULES_ARTIFACTID RULES_VERSION <<<$RULES_ARTIFACT - if [[ -z $RULES_GROUPID || -z $RULES_ARTIFACTID || -z $RULES_VERSION ]]; then - echo "ERROR: Invalid setting for RULES_ARTIFACT property" - exit 1 - fi - - #RULES_JAR=$RULES_ARTIFACTID-$RULES_VERSION.jar - RULES_JAR=$(echo ${RULES_ARTIFACTID}-*.jar) - if ! check_r_file $RULES_JAR; then - echo "WARNING: Rules jar file $RULES_JAR not found in installer package, must be installed manually" - RULES_JAR= - fi - - - SOURCE_DIR=$PWD - CONTROLLER_DIR=$POLICY_HOME - - cd $CONTROLLER_DIR - - echo "Unpacking controller zip file" - # use jar command in case unzip not present on system - jar xf $SOURCE_DIR/$CONTROLLER_ZIP - if [[ $? != 0 ]]; then - echo "ERROR: unpack of controller zip file failed, install aborted" - exit 1 - fi - - chmod +x bin/* - - # Perform base variable replacement in controller config file - configure_component "${SOURCE_DIR}/${BASE_CONF}" "${CONTROLLER_DIR}" - - # Perform variable replacements in config files. - # config files may contain the following strings that need to be replaced with - # real values: - # AAAA - artifactId - # BBBB - Substring of AAAA after first dash (stripping initial "ncomp-" or "policy-") - # PORT - Port number for REST server - - echo "Performing variable replacement in config files" - AAAA=$CONTROLLER_ARTIFACT_ID - BBBB=${AAAA#[a-z]*-} - PORT=$CONTROLLER_PORT - UTOPIC=${UEB_TOPIC} - - for file in config/* - do - sed -i -e "s/AAAA/$AAAA/" -e "s/BBBB/$BBBB/" -e "s/PORT/$PORT/" -e "s!\${{UEB_TOPIC}}!${UTOPIC}!" $file - if [[ $? != 0 ]]; then - echo "ERROR: variable replacement failed for file $file, install aborted" - exit 1 - fi - done - - # append properties for rules artifact to server properties - cat >>config/server.properties <<EOF - -rules.groupId=$RULES_GROUPID -rules.artifactId=$RULES_ARTIFACTID -rules.version=$RULES_VERSION -EOF - - # TODO: run pw.sh script to set passwords - - # return to directory where we started - cd $SOURCE_DIR - - # install rules jar into repository if present - if [[ -n $RULES_JAR ]]; then - # can't use RULES_VERSION because may be set to "LATEST", - # so extract version from the jar filename - ARTIFACT_VERSION=$(sed -e "s/${RULES_ARTIFACTID}-//" -e "s/\.jar//" <<<${RULES_JAR}) - if [[ -n $repositoryUrl ]]; then - echo "Deploying rules artifact to Policy Repository" - mvn deploy:deploy-file -Dfile=$RULES_JAR \ - -DgroupId=$RULES_GROUPID -DartifactId=$RULES_ARTIFACTID -Dversion=$ARTIFACT_VERSION \ - -DrepositoryId=${repositoryID} -Durl=${repositoryUrl} \ - -DgeneratePom=true -DupdateReleaseInfo=true - else - echo "Installing rules artifact into local .m2 repository" - mvn --offline org.apache.maven.plugins:maven-install-plugin:2.5.2:install-file \ - -Dfile=$RULES_JAR -DgeneratePom=true -DupdateReleaseInfo=true - fi - fi - - update_monitor $CONTROLLER_NAME - - # save install configuration as an environment file - ln -s -f "${POLICY_HOME}/etc/profile.d/${BASE_CONF}" "${POLICY_HOME}/config/${BASE_CONF}.environment" -} - - -function update_monitor() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local NAME lastline - - NAME=$1 - - if [[ -f ${POLICY_HOME}/etc/monitor/monitor.cfg ]]; then - if grep -q "^${NAME}=" ${POLICY_HOME}/etc/monitor/monitor.cfg; then - echo "OK: updating monitoring entry for ${NAME}" - /bin/sed -i.bak \ - -e "s/^${NAME}=.*/${NAME}=off/g" \ - ${POLICY_HOME}/etc/monitor/monitor.cfg - else - # make sure file ends with newline - lastline=$(tail -n 1 ${POLICY_HOME}/etc/monitor/monitor.cfg; echo x) - lastline=${lastline%x} - if [ "${lastline: -1}" = $'\n' ]; then - echo "OK: adding an entry for ${NAME} in ${POLICY_HOME}/etc/monitor/monitor.cfg" - else - echo "OK: adding an entry for ${NAME} in ${POLICY_HOME}/etc/monitor/monitor.cfg (with newline)" - echo "" >> ${POLICY_HOME}/etc/monitor/monitor.cfg - fi - - - echo "${NAME}=off" >> ${POLICY_HOME}/etc/monitor/monitor.cfg - fi - else - echo "WARNING: ${POLICY_HOME}/etc/monitor/monitor.cfg does not exist. No monitoring enabled." - fi -} - -# Usage: getPomAttributes <pom-file> <attribute> ... -# -# This function performs simplistic parsing of a 'pom.xml' file, extracting -# the specified attributes (e.g. 'groupId', 'artifactId', 'version'). The -# attributes are returned as environment variables with the associated name. - -function getPomAttributes -{ - local tab=$'\t' - local rval=0 - local file="$1" - local attr - local value - shift - for attr in "$@" ; do - # Try to fetch the parameter associated with the 'pom.xml' file. - # Initially, the 'parent' element is excluded. If the desired - # parameter is not found, the 'parent' element is included in the - # second attempt. - value=$(sed -n \ - -e '/<parent>/,/<\/parent>/d' \ - -e '/<dependencies>/,/<\/dependencies>/d' \ - -e '/<build>/,/<\/build>/d' \ - -e "/^[ ${tab}]*<${attr}>\([^<]*\)<\/${attr}>.*/{s//\1/p;}" \ - <"${file}") - - if [[ "${value}" == "" ]] ; then - # need to check parent for parameter - value=$(sed -n \ - -e '/<dependencies>/,/<\/dependencies>/d' \ - -e '/<build>/,/<\/build>/d' \ - -e "/^[ ${tab}]*<${attr}>\([^<]*\)<\/${attr}>.*/{s//\1/p;}" \ - <"${file}") - if [[ "${value}" == "" ]] ; then - echo "${file}: Can't determine ${attr}" >&2 - rval=1 - fi - fi - # the following sets an environment variable with the name referred - # to by ${attr} - read ${attr} <<<"${value}" - done - return ${rval} -} - - -# Usage: installPom <pom-file> -# -# This function installs a 'pom.xml' file in the local repository - -function installPom -{ - # need to extract attributes from POM file - if getPomAttributes "${1}" artifactId groupId version ; then - local repoID repoUrl - if [[ "${version}" =~ SNAPSHOT ]] ; then - repoID=${snapshotRepoID} - repoUrl=${snapshotRepoUrl} - else - repoID=${releaseRepoID} - repoUrl=${releaseRepoUrl} - fi - echo "${1}: Deploying POM artifact to remote repository" - mvn deploy:deploy-file -Dfile="$1" \ - -Dpackaging=pom -DgeneratePom=false \ - -DgroupId=${groupId} \ - -DartifactId=${artifactId} \ - -Dversion=${version} \ - -DrepositoryId=${repoID} -Durl=${repoUrl} \ - -DupdateReleaseInfo=true - else - echo "${1}: Can't install pom due to missing attributes" >&2 - return 1 - fi -} - -# Usage: installJar <jar-file> -# -# This function installs a JAR file in the local repository, as well as -# the 'pom.xml' member it contains. - -function installJar -{ - local dir=$(mktemp -d) - local jar="${1##*/}" - cp -p "${1}" "${dir}/${jar}" - - ( - local rval=0 - cd "${dir}" - # determine name of 'pom' file within JAR - local pom=$(jar tf ${jar} META-INF | grep '/pom\.xml$' | head -1) - if [[ "${pom}" ]] ; then - # extract pom file - jar xf ${jar} "${pom}" - - # determine version from pom file - if getPomAttributes "${pom}" version ; then - local repoID repoUrl - if [[ "${version}" =~ SNAPSHOT ]] ; then - repoID=${snapshotRepoID} - repoUrl=${snapshotRepoUrl} - else - repoID=${releaseRepoID} - repoUrl=${releaseRepoUrl} - fi - echo "${1}: Deploying JAR artifact to remote repository" - mvn deploy:deploy-file \ - -Dfile=${jar} \ - -Dversion=${version} \ - -Dpackaging=jar -DgeneratePom=false -DpomFile=${pom} \ - -DrepositoryId=${repoID} -Durl=${repoUrl} \ - -DupdateReleaseInfo=true - else - echo "${1}: Can't determine version from 'pom.xml'" >&2 - rval=1 - fi - else - echo "${1}: Can't find 'pom.xml'" >&2 - rval=1 - fi - rm -rf ${dir} - return ${rval} - ) -} - -# Unzip the 'artifacts-*.zip' file, and install all of the associated -# artifacts into the local repository. - -function installArtifacts -{ - local file - if [[ -f $(echo artifacts-*.zip) ]] ; then - # use jar command in case unzip not present on system - jar xf artifacts-*.zip - for file in artifacts/* ; do - case "${file}" in - *pom.xml|*.pom) installPom "${file}";; - *.jar) installJar "${file}";; - *) echo "${file}: Don't know how to install artifact" >&2;; - esac - done - fi -} - -function installFeatures -{ - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - local name featureConf - export FEATURES_HOME="${POLICY_HOME}/${FEATURES_DIR}" - echo "FEATURES_HOME is ${FEATURES_HOME}" - - mkdir -p "${FEATURES_HOME}" > /dev/null 2>&1 - if [[ -d "${FEATURES_HOME}" && -x "${FEATURES_HOME}" ]]; then - SOURCE_DIR=$PWD - for feature in feature-*.zip ; do - name="${feature#feature-}" - name="${name%-[0-9]*\.zip}" - mkdir -p "${FEATURES_HOME}/${name}" > /dev/null 2>&1 - (cd "${FEATURES_HOME}/${name}"; jar xf ${SOURCE_DIR}/${feature}) - featureConf="feature-${name}.conf" - if [[ -r "${featureConf}" ]]; then - configure_component "${featureConf}" "${FEATURES_HOME}" - cp "${featureConf}" "${POLICY_HOME}"/etc/profile.d - echo "feature ${name} has been installed (configuration present)" - else - echo "feature ${name} has been installed (no configuration present)" - fi - done - - echo "applying base configuration to features" - configure_component "${BASE_CONF}" "${FEATURES_HOME}" - else - echo "error: aborting ${FEATURES_HOME} is not accessible" - exit 1 - fi -} - -function do_install() -{ - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - echo "Starting installation at $(date)" - echo - - COMPONENT_TYPE=base - BASE_CONF=base.conf - install_base - component_preinstall - - COMPONENT_TYPE=policy-management - install_controller - - installFeatures - installArtifacts - - - if [[ -f apps-installer ]]; then - # if exists, any customizations to the - # base drools installation from the drools apps - # is executed here - - ./apps-installer - fi - - echo - echo "Installation complete" - echo "Please logoff and login again to update shell environment" - -} - -export POLICY_USER=$(/usr/bin/id -un) -export POLICY_GROUP=$POLICY_USER - -FQDN=$(hostname -f 2> /dev/null) -if [[ $? != 0 || -z ${FQDN} ]]; then - echo "error: cannot determine the FQDN for this host $(hostname)." - exit 1 -fi - -TIMESTAMP=$(date "+%Y%m%d-%H%M%S") -LOGFILE=$PWD/install.log.$TIMESTAMP - -OPERATION=install -BASE_CONF=base.conf -HOME_M2=$HOME/.m2 -FEATURES_DIR="features" - -do_install 2>&1 | tee $LOGFILE diff --git a/policy-drools/wait-for-port.sh b/policy-drools/wait-for-port.sh deleted file mode 100644 index 10f08ded..00000000 --- a/policy-drools/wait-for-port.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -if [[ $# -ne 2 ]]; then - echo "Usage: wait-for-port hostname port" >&2 - exit 1 -fi - -host=$1 -port=$2 - -echo "Waiting for $host port $port open" -until telnet $host $port </dev/null 2>/dev/null | grep -q '^Connected'; do - sleep 1 -done - -echo "$host port $port is open" - -exit 0 diff --git a/policy-nexus/Dockerfile b/policy-nexus/Dockerfile deleted file mode 100644 index ab3e345f..00000000 --- a/policy-nexus/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM onap/policy/policy-os - - -# note that in following command sequence, wget exit status is 1 even on success, -# so can't use && for conditional execution of next command -RUN \ - cd /tmp && \ - wget https://sonatype-download.global.ssl.fastly.net/nexus/oss/nexus-2.14.2-01-bundle.tar.gz ; \ - mkdir /opt/nexus && cd /opt/nexus && \ - tar xfz /tmp/nexus-2.14.2-01-bundle.tar.gz && \ - useradd --create-home --shell /bin/bash nexus && \ - chown -R nexus * - -# make the sonatype-work directory persistent -VOLUME /opt/nexus/sonatype-work - -USER nexus -CMD bash -c "/opt/nexus/nexus-2.14.2-01/bin/nexus start && sleep 1000d" - diff --git a/policy-os/Dockerfile b/policy-os/Dockerfile deleted file mode 100644 index 30d52772..00000000 --- a/policy-os/Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM ubuntu:14.04 - -ARG HTTP_PROXY=${HTTP_PROXY} -ARG HTTPS_PROXY=${HTTPS_PROXY} - -ENV http_proxy $HTTP_PROXY -ENV https_proxy $HTTPS_PROXY - -RUN \ - apt-get clean && \ - apt-get update && \ - apt-get install -y zip unzip curl wget ssh telnet maven && \ - apt-get install -y software-properties-common && \ - apt-get install -y jq httpie && \ - apt-get install -y python-pip && \ - add-apt-repository ppa:openjdk-r/ppa && \ - apt-get clean && \ - apt-get update && \ - apt-get install -y openjdk-8-jdk - -RUN useradd --create-home --shell /bin/bash policy diff --git a/policy-pe/Dockerfile b/policy-pe/Dockerfile deleted file mode 100644 index fe568082..00000000 --- a/policy-pe/Dockerfile +++ /dev/null @@ -1,13 +0,0 @@ -FROM onap/policy/policy-base - -RUN mkdir -p /opt/app/policy /tmp/policy-install && chown policy /opt/app/policy /tmp/policy-install - -WORKDIR /tmp/policy-install - -COPY install.zip docker-install.sh do-start.sh wait-for-port.sh ./ -RUN unzip install.zip && rm install.zip && chown policy * && chmod +x *.sh - -USER policy - -ENTRYPOINT [ "bash", "./do-start.sh" ] - diff --git a/policy-pe/do-start.sh b/policy-pe/do-start.sh deleted file mode 100644 index ab8e5a19..00000000 --- a/policy-pe/do-start.sh +++ /dev/null @@ -1,94 +0,0 @@ -#!/bin/bash - -# Script to configure and start the Policy components that are to run in the designated container, -# It is intended to be used as the entrypoint in the Dockerfile, so the last statement of the -# script just goes into a long sleep so that the script does not exit (which would cause the -# container to be torn down). - -container=$1 - -case $container in -pap) - comps="base pap paplp console mysql elk" - ;; -pdp) - comps="base pdp pdplp" - ;; -brmsgw) - comps="base brmsgw" - ;; -*) - echo "Usage: do-start.sh pap|pdp|brmsgw" >&2 - exit 1 -esac - - -# skip installation if build.info file is present (restarting an existing container) -if [[ -f /opt/app/policy/etc/build.info ]]; then - echo "Found existing installation, will not reinstall" - . /opt/app/policy/etc/profile.d/env.sh - -else - if [[ -d config ]]; then - cp config/*.conf . - fi - - for comp in $comps; do - echo "Installing component: $comp" - ./docker-install.sh --install $comp - done - for comp in $comps; do - echo "Configuring component: $comp" - ./docker-install.sh --configure $comp - done - - . /opt/app/policy/etc/profile.d/env.sh - - # install keystore - #changed to use http instead of http, so keystore no longer needed - #cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore - - if [[ -f config/$container-tweaks.sh ]] ; then - # file may not be executable; running it as an - # argument to bash avoids needing execute perms. - bash config/$container-tweaks.sh - fi - - if [[ $container == pap ]]; then - # wait for DB up - ./wait-for-port.sh mariadb 3306 - # now that DB is up, invoke database upgrade - # (which does nothing if the db is already up-to-date) - dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) - dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) - db_upgrade_remote.sh $dbuser $dbpw mariadb - fi - -fi - -# pap needs to wait for mariadb up before starting; -# others need to wait for pap up (in case it had to do db upgrade) -if [[ $container == pap ]]; then - # we may have already done this above, but doesn't hurt to repeat - ./wait-for-port.sh mariadb 3306 -else - ./wait-for-port.sh pap 9091 -fi - -policy.sh start - -# on pap, wait for pap, pdp, brmsgw, nexus and drools up, -# then push the initial default policies -if [[ $container == pap ]]; then - ./wait-for-port.sh pap 9091 - ./wait-for-port.sh pdp 8081 - # brmsgw doesn't have a REST API, so check for JMX port instead - ./wait-for-port.sh brmsgw 9989 - ./wait-for-port.sh nexus 8081 - ./wait-for-port.sh drools 6969 - # wait addional 1 minute for all processes to get fully initialized and synched up - sleep 60 - bash -xv config/push-policies.sh -fi - -sleep 1000d diff --git a/policy-pe/docker-install.sh b/policy-pe/docker-install.sh deleted file mode 100644 index e8b9aaf1..00000000 --- a/policy-pe/docker-install.sh +++ /dev/null @@ -1,740 +0,0 @@ -#!/bin/bash - -######################################################################### -## -## Functions -## -######################################################################### - -function usage() { - echo -n "syntax: $(basename $0) " - echo -n "--debug (" - echo -n "[--install base|pap|pdp|console|mysql|elk|brmsgw|paplp|pdplp] | " - echo -n "[--configure base|pap|pdp|console|mysql|elk|brmsgw|paplp|pdplp] | " -} - -function check_java() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - TARGET_JAVA_VERSION=$1 - - if [[ -z ${JAVA_HOME} ]]; then - echo "error: ${JAVA_HOME} is not set" - return 1 - fi - - if ! check_x_file "${JAVA_HOME}/bin/java"; then - echo "error: ${JAVA_HOME}/bin/java is not accessible" - return 1 - fi - - INSTALLED_JAVA_VERSION=$("${JAVA_HOME}/bin/java" -version 2>&1 | awk -F '"' '/version/ {print $2}') - if [[ -z $INSTALLED_JAVA_VERSION ]]; then - echo "error: ${JAVA_HOME}/bin/java is invalid" - return 1 - fi - - if [[ "${INSTALLED_JAVA_VERSION}" != ${TARGET_JAVA_VERSION}* ]]; then - echo "error: java version (${INSTALLED_JAVA_VERSION}) does not"\ - "march desired version ${TARGET_JAVA_VERSION}" - return 1 - fi - - echo "OK: java ${INSTALLED_JAVA_VERSION} installed" - -} - -function process_configuration() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - CONF_FILE=$1 - while read line || [ -n "${line}" ]; do - if [[ -n ${line} ]] && [[ ${line} != \#* ]]; then - name=$(echo "${line%%=*}") - value=$(echo "${line#*=}") - # escape ampersand so that sed does not replace it with the search string - value=${value//&/\\&} - if [[ -z ${name} ]] || [[ -z $value ]]; then - echo "WARNING: ${line} missing name or value" - fi - export ${name}="${value}" - eval "${name}" "${value}" 2> /dev/null - fi - done < "${CONF_FILE}" - return 0 -} - -function component_preconfigure() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - /bin/sed -i -e 's!${{POLICY_HOME}}!'"${POLICY_HOME}!g" \ - -e 's!${{FQDN}}!'"${FQDN}!g" \ - *.conf > /dev/null 2>&1 -} - -function tomcat_component() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - TOMCAT_TARGET_INSTALL_DIR=${POLICY_HOME}/servers/${COMPONENT_TYPE} - if [[ -d ${TOMCAT_TARGET_INSTALL_DIR} ]]; then - echo "error: ${TOMCAT_TARGET_INSTALL_DIR} exists." - return 1 - fi - - TOMCAT_INSTALL_DIR=${POLICY_HOME}/install/3rdparty/${TOMCAT_PACKAGE_NAME}/ - if [[ -d ${TOMCAT_INSTALL_DIR} ]]; then - echo "error: ${TOMCAT_INSTALL_DIR} exists." - return 1 - fi - - tar -C "${POLICY_HOME}/servers" -xf "${POLICY_HOME}/install/3rdparty/${TOMCAT_PACKAGE_NAME}.tar.gz" - - mv "${POLICY_HOME}/servers/${TOMCAT_PACKAGE_NAME}" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" - /bin/cp "${POLICY_HOME}"/install/servers/common/tomcat/bin/* "${POLICY_HOME}/servers/${COMPONENT_TYPE}/bin" - /bin/cp "${POLICY_HOME}"/install/servers/common/tomcat/conf/* "${POLICY_HOME}/servers/${COMPONENT_TYPE}/conf" - - /bin/cp "${POLICY_HOME}/install/servers/common/tomcat/init.d/tomcatd" "${POLICY_HOME}/etc/init.d/${COMPONENT_TYPE}" - /bin/sed -i -e "s!\${{COMPONENT_TYPE}}!${COMPONENT_TYPE}!g" "${POLICY_HOME}/etc/init.d/${COMPONENT_TYPE}" >/dev/null 2>&1 - - - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/webapps/* "${POLICY_HOME}/servers/${COMPONENT_TYPE}/webapps" - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/bin/* "${POLICY_HOME}/servers/${COMPONENT_TYPE}/bin" >/dev/null 2>&1 - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/conf/* "${POLICY_HOME}/servers/${COMPONENT_TYPE}/conf" >/dev/null 2>&1 - - /bin/rm -fr "${POLICY_HOME}/servers/${COMPONENT_TYPE}/webapps/docs" \ - "${POLICY_HOME}/servers/${COMPONENT_TYPE}/webapps/examples" \ - "${POLICY_HOME}/servers/${COMPONENT_TYPE}/webapps/ROOT" \ - "${POLICY_HOME}/servers/${COMPONENT_TYPE}/webapps/manager" \ - "${POLICY_HOME}/servers/${COMPONENT_TYPE}/webapps/host-manager" - - if [[ ${COMPONENT_TYPE} == console ]]; then - install_onap_portal_settings - fi - - return 0 -} - -function configure_tomcat_component() { - configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" -} - -function configure_component() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - if ! process_configuration "${COMPONENT_TYPE}.conf"; then - echo "error: aborting ${COMPONENT_TYPE} installation: cannot process configuration ${COMPONENT_TYPE}.conf" - exit 1 - fi - - CONF_FILE=$1 - COMPONENT_ROOT_DIR=$2 - - SED_LINE="sed -i" - SED_LINE+=" -e 's!\${{POLICY_HOME}}!${POLICY_HOME}!g' " - SED_LINE+=" -e 's!\${{POLICY_USER}}!${POLICY_USER}!g' " - SED_LINE+=" -e 's!\${{POLICY_GROUP}}!${POLICY_GROUP}!g' " - SED_LINE+=" -e 's!\${{KEYSTORE_PASSWD}}!${KEYSTORE_PASSWD}!g' " - SED_LINE+=" -e 's!\${{JAVA_HOME}}!${JAVA_HOME}!g' " - SED_LINE+=" -e 's!\${{COMPONENT_TYPE}}!${COMPONENT_TYPE}!g' " - - while read line || [ -n "${line}" ]; do - if [[ -n $line ]] && [[ $line != \#* ]]; then - name=$(echo "${line%%=*}") - value=$(echo "${line#*=}") - # escape ampersand so that sed does not replace it with the search string - value=${value//&/\\&} - if [[ -z ${name} ]] || [[ -z ${value} ]]; then - echo "WARNING: ${line} missing name or value" - fi - SED_LINE+=" -e 's!\${{${name}}}!${value}!g' " - - fi - done < "$CONF_FILE" - - SED_FILES="" - for sed_file in $(find "${COMPONENT_ROOT_DIR}" -name '*.xml' -o -name '*.sh' -o -name '*.properties' -o -name '*.conf' -o -name '*.cfg' -o -name '*.template' -o -name '*.conf' -o -name '*.cron' -o -name '*.json' | grep -v /backup/); do - if fgrep -l '${{' ${sed_file} > /dev/null 2>&1; then - SED_FILES+="${sed_file} " - fi - done - - if [[ -f $HOME/.m2/settings.xml ]]; then - SED_FILES+="$HOME/.m2/settings.xml " - fi - - - if [[ -z ${SED_FILES} ]]; then - echo "WARNING: no xml, sh, properties, or conf files to perform configuration expansion" - else - SED_LINE+=${SED_FILES} - eval "${SED_LINE}" - fi - - list_unexpanded_files ${POLICY_HOME} -} - -function install_onap_portal_settings() { - echo "Install onap portal settings" - - # unpack onap war file - mkdir -p "${POLICY_HOME}"/servers/console/webapps/onap - cd "${POLICY_HOME}"/servers/console/webapps/onap - unzip -q ../onap.war - cd ${INSTALL_DIR} - - # copy over the configured settings - /bin/cp -fr "${POLICY_HOME}"/install/servers/onap/* "${POLICY_HOME}/servers/console/webapps/onap" -} - -function check_r_file() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - FILE=$1 - if [[ ! -f ${FILE} || ! -r ${FILE} ]]; then - return 1 - fi - - return 0 -} - -function check_x_file() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - FILE=$1 - if [[ ! -f ${FILE} || ! -x ${FILE} ]]; then - return 1 - fi - - return 0 -} - -function install_prereqs() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - CONF_FILE=$1 - - if ! check_r_file "${CONF_FILE}"; then - echo "error: aborting ${COMPONENT_TYPE} installation: ${CONF_FILE} is not accessible" - exit 1 - fi - - if ! process_configuration "${CONF_FILE}"; then - echo "error: aborting ${COMPONENT_TYPE} installation: cannot process configuration ${CONF_FILE}" - exit 1 - fi - -# if ! check_java "1.8"; then -# echo "error: aborting ${COMPONENT_TYPE} installation: invalid java version" -# exit 1 -# fi - - if [[ -z ${POLICY_HOME} ]]; then - echo "error: aborting ${COMPONENT_TYPE} installation: ${POLICY_HOME} is not set" - exit 1 - fi - - HOME_OWNER=$(ls -ld "${POLICY_HOME}" | awk '{print $3}') - if [[ ${HOME_OWNER} != ${POLICY_USER} ]]; then - echo "error: aborting ${COMPONENT_TYPE} installation: ${POLICY_USER} does not own ${POLICY_HOME} directory" - exit 1 - fi - - echo -n "Starting ${OPERATION} of ${COMPONENT_TYPE} under ${POLICY_USER}:${POLICY_GROUP} " - echo "ownership with umask $(umask)." -} - -function list_unexpanded_files() { - ROOT_DIR=$1 - SEARCH_LIST=$(find ${ROOT_DIR} -type f -name '*.properties' -o -name '*.sh' -o -name '*.conf' -o -name '*.yml' -o -name '*.template' -o -name '*.xml' -o -name '*.cfg' -o -name '*.json' -o -path "${ROOT_DIR}/etc/init.d/*" | egrep -v '/m2/|/install/|/logs/') - NOT_EXPANDED_BASE_FILES=$(grep -l '${{' ${SEARCH_LIST} 2> /dev/null) - if [[ -n ${NOT_EXPANDED_BASE_FILES} ]]; then - echo "error: component installation has completed but some base files have not been expanded:" - echo "${NOT_EXPANDED_BASE_FILES}" - return 1 - fi - return 0 -} - -function install_base() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - install_prereqs "${BASE_CONF}" - - if [[ -z ${POLICY_HOME} ]]; then - echo "error: ${POLICY_HOME} is not set" - exit 1 - fi - - POLICY_HOME_CONTENTS=$(ls -A "${POLICY_HOME}" 2> /dev/null) - if [[ -n ${POLICY_HOME_CONTENTS} ]]; then - echo "error: aborting base installation: ${POLICY_HOME} directory is not empty" - exit 1 - fi - - if [[ ! -d ${POLICY_HOME} ]]; then - echo "error: aborting base installation: ${POLICY_HOME} is not a directory." - exit 1 - fi - - if ! /bin/mkdir -p "${POLICY_HOME}/servers/" > /dev/null 2>&1; then - echo "error: aborting base installation: cannot create ${POLICY_HOME}/servers/" - exit 1 - fi - - if ! /bin/mkdir -p "${POLICY_HOME}/logs/" > /dev/null 2>&1; then - echo "error: aborting base installation: cannot create ${POLICY_HOME}/logs/" - exit 1 - fi - - BASE_TGZ=$(ls base-*.tar.gz) - if [ ! -r ${BASE_TGZ} ]; then - echo "error: aborting base installation: ${POLICY_USER} cannot access tar file: ${BASE_TGZ}" - exit 1 - fi - - tar -tzf ${BASE_TGZ} > /dev/null 2>&1 - if [[ $? != 0 ]]; then - echo >&2 "error: aborting base installation: invalid base package tar file: ${BASE_TGZ}" - exit 1 - fi - - BASH_PROFILE_LINE=". ${POLICY_HOME}/etc/profile.d/env.sh" - PROFILE_LINE="ps -p \$\$ | grep -q bash || . ${POLICY_HOME}/etc/profile.d/env.sh" - - tar -C ${POLICY_HOME} -xf ${BASE_TGZ} --no-same-owner - if [[ $? != 0 ]]; then - # this should not happened - echo "error: aborting base installation: base package cannot be unpacked: ${BASE_TGZ}" - exit 1 - fi - - /bin/mkdir -p ${POLICY_HOME}/etc/ssl > /dev/null 2>&1 - /bin/mkdir -p ${POLICY_HOME}/etc/init.d > /dev/null 2>&1 - /bin/mkdir -p ${POLICY_HOME}/tmp > /dev/null 2>&1 - /bin/mkdir -p ${POLICY_HOME}/var > /dev/null 2>&1 - - #list_unexpanded_files ${POLICY_HOME} -} - - -function configure_base() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - # check if fqdn is set in base.conf and use that value if set - if [[ -z ${INSTALL_FQDN} ]] - then - echo "FQDN not set in config...using the default FQDN ${FQDN}" - else - echo "Using FQDN ${INSTALL_FQDN} from config" - FQDN=${INSTALL_FQDN} - fi - - configure_component "${BASE_CONF}" "${POLICY_HOME}" - - BASH_PROFILE_LINE=". ${POLICY_HOME}/etc/profile.d/env.sh" - PROFILE_LINE="ps -p \$\$ | grep -q bash || . ${POLICY_HOME}/etc/profile.d/env.sh" - - if ! fgrep -x "${BASH_PROFILE_LINE}" "${HOME}/.bash_profile" >/dev/null 2>&1; then - echo "${BASH_PROFILE_LINE}" >> "${HOME}/.bash_profile" - fi - - if ! fgrep -x "${PROFILE_LINE}" "${HOME}/.profile" >/dev/null 2>&1; then - echo "${PROFILE_LINE}" >> "${HOME}/.profile" - fi -} - -function install_tomcat_component() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - install_prereqs "${BASE_CONF}" - - if ! process_configuration "${COMPONENT_TYPE}.conf"; then - echo "error: aborting ${COMPONENT_TYPE} installation: cannot process configuration ${COMPONENT_TYPE}.conf" - exit 1 - fi - - if ! tomcat_component; then - echo "error: aborting ${COMPONENT_TYPE} installation: tomcat installation failed." - exit 1 - fi - -} - -# This function installs mysql related shell scripts and sql files in the proper locations -# under $POLICY_HOME. It also adds the MySQL client bin to the PATH based on configuration. -# -function install_mysql() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - install_prereqs "${BASE_CONF}" - - if ! process_configuration "${COMPONENT_TYPE}.conf"; then - echo "error: aborting ${COMPONENT_TYPE} installation: cannot process configuration ${COMPONENT_TYPE}.conf" - exit 1 - fi - - MYSQL_DATA_PATH=${POLICY_HOME}/data/mysql - /bin/mkdir -p ${MYSQL_DATA_PATH} > /dev/null 2>&1 - - /bin/cp -f "${POLICY_HOME}"/install/mysql/data/* "${MYSQL_DATA_PATH}" - /bin/chmod 555 "${MYSQL_DATA_PATH}"/* - - MYSQL_BIN_SOURCE=${POLICY_HOME}/install/mysql/bin - /bin/mkdir -p ${POLICY_HOME}/bin > /dev/null 2>&1 - for script in $(/bin/ls "${MYSQL_BIN_SOURCE}"); do - /bin/cp ${MYSQL_BIN_SOURCE}/${script} ${POLICY_HOME}/bin - /bin/chmod 555 "${POLICY_HOME}/bin/${script}" - done -} - -function configure_mysql() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - # nothing to do -} - -# This function installs elk related shell scripts and sql files in the proper locations -# under $POLICY_HOME. It also adds the Elk to the PATH based on configuration. -# -function configure_elk() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - # nothing to do -} - -function install_elk() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - if [[ -f "${HOME}/.bash_profile" ]]; then - source "${HOME}/.bash_profile" - fi - - if [[ -f "${HOME}/.profile" ]]; then - source "${HOME}/.profile" - fi - - ELK_TARGET_INSTALL_DIR="${POLICY_HOME}"/elk - - if [[ -d ${ELK_TARGET_INSTALL_DIR} ]]; then - echo "WARNING: ${ELK_TARGET_INSTALL_DIR} exists." - return 1 - fi - - /bin/mkdir -p "${ELK_TARGET_INSTALL_DIR}" > /dev/null 2>&1 - - if [[ ! -d ${ELK_TARGET_INSTALL_DIR} ]]; then - echo "WARNING: ${ELK_TARGET_INSTALL_DIR} doesn't exist." - return 1 - fi - - cd ${ELK_TARGET_INSTALL_DIR} - curl -L -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.4.0.tar.gz - - tar xvzf elasticsearch-5.4.0.tar.gz -C . - /bin/rm -fr elasticsearch-5.4.0.tar.gz - /bin/mv ${ELK_TARGET_INSTALL_DIR}/elasticsearch-5.4.0/* . - /bin/rm -fr ${ELK_TARGET_INSTALL_DIR}/elasticsearch-5.4.0 - - /bin/cp "${POLICY_HOME}"/install/elk/bin/* "${POLICY_HOME}/bin" - /bin/cp -f "${POLICY_HOME}"/install/elk/config/* "${ELK_TARGET_INSTALL_DIR}/config" - /bin/cp -f "${POLICY_HOME}/install/elk/init.d/elkd" "${POLICY_HOME}/etc/init.d/elk" - - install_prereqs "${COMPONENT_TYPE}.conf" - - /bin/sed -i -e "s!\${{POLICY_HOME}}!${POLICY_HOME}!g" \ - -e "s!\${{FQDN}}!${FQDN}!g" \ - -e "s!\${{ELK_JMX_PORT}}!${ELK_JMX_PORT}!g" \ - "${ELK_TARGET_INSTALL_DIR}"/config/* "${POLICY_HOME}/etc/init.d/elk" > /dev/null 2>&1 - - - list_unexpanded_files ${POLICY_HOME} - - return $? -} - -# This function installs brmsgw related shell scripts and config files in the proper -# locations under $POLICY_HOME. -# - -function install_brmsgw() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - install_prereqs "${BASE_CONF}" - - if ! process_configuration "${COMPONENT_TYPE}.conf"; then - echo "error: aborting ${COMPONENT_TYPE} installation: cannot process configuration ${COMPONENT_TYPE}.conf" - exit 1 - fi - - if [ -z "$M2_HOME" ]; then - echo "error: aborting ${COMPONENT_TYPE} installation: M2_HOME must be set in brmsgw.conf" - exit 1 - fi - - echo "export M2_HOME=$M2_HOME" >>$POLICY_HOME/etc/profile.d/env.sh - - /bin/cp -f "${POLICY_HOME}/install/servers/brmsgw/init.d/brmsgw" "${POLICY_HOME}/etc/init.d/brmsgw" - - if ! /bin/mkdir -p "${POLICY_HOME}/servers/${COMPONENT_TYPE}" > /dev/null 2>&1; then - echo "error: aborting base installation: cannot create ${POLICY_HOME}/servers/${COMPONENT_TYPE}" - exit 1 - fi - - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/BRMSGateway.jar "${POLICY_HOME}/servers/${COMPONENT_TYPE}" - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/*.properties "${POLICY_HOME}/servers/${COMPONENT_TYPE}" - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/config "${POLICY_HOME}/servers/${COMPONENT_TYPE}" - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/dependency.json "${POLICY_HOME}/servers/${COMPONENT_TYPE}" - - /bin/mv $POLICY_HOME/m2 $HOME/.m2 - - return 0 -} - - -function install_logparser() { - if [[ $DEBUG == y ]]; then - echo "-- ${FUNCNAME[0]} $@ --" - set -x - fi - - install_prereqs "${BASE_CONF}" - - if ! process_configuration "${COMPONENT_TYPE}.conf"; then - echo "error: aborting ${COMPONENT_TYPE} installation: cannot process configuration ${COMPONENT_TYPE}.conf" - exit 1 - fi - - LP_TARGET_DIR=${POLICY_HOME}/servers/${COMPONENT_TYPE} - /bin/mkdir -p ${LP_TARGET_DIR}/bin > /dev/null 2>&1 - /bin/mkdir -p ${LP_TARGET_DIR}/logs > /dev/null 2>&1 - - # copy binaries, initialization script and configuration - /bin/cp "${POLICY_HOME}"/install/servers/common/logparser/bin/*jar "${LP_TARGET_DIR}/bin" - /bin/cp "${POLICY_HOME}/install/servers/common/logparser/init.d/logparserd" "${POLICY_HOME}/etc/init.d/${COMPONENT_TYPE}" - /bin/cp "${POLICY_HOME}/install/servers/${COMPONENT_TYPE}/bin/parserlog.properties" "${LP_TARGET_DIR}/bin" - /bin/cp -fr "${POLICY_HOME}"/install/servers/${COMPONENT_TYPE}/bin/config "${POLICY_HOME}/servers/${COMPONENT_TYPE}/bin" - -} - -######################################################################### -## -## script execution body -## -######################################################################### - - -OPERATION=none -COMPONENT_TYPE=none -DEBUG=n - -BASE_CONF=base.conf - -TOMCAT_PACKAGE_NAME=apache-tomcat-8.0.23 - -INSTALL_DIR="$(pwd)" - -export POLICY_USER=$(/usr/bin/id -un) - -# command line options parsing -until [[ -z "$1" ]]; do - case $1 in - -d|--debug) DEBUG=y - set -x - ;; - -i|--install) OPERATION=install - shift - COMPONENT_TYPE=$1 - ;; - -c|--configure) OPERATION=configure - shift - COMPONENT_TYPE=$1 - ;; - *) usage - exit 1 - ;; - esac - shift -done - -# component-type validation -case $COMPONENT_TYPE in - base) ;; - pdp) ;; - pap) ;; - console) ;; - mysql) ;; - elk) ;; - brmsgw) ;; - paplp) ;; - pdplp) ;; - skip) ;; - *) echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|elk|brmsgw|paplp|pdplp}"; - usage - exit 1 - ;; -esac - -# operation validation -case $OPERATION in - install|configure) ;; - *) echo "invalid operation (${OPERATION}): must be in {install|configure}"; - usage - exit 1 - ;; -esac - -if [[ -n ${POLICY_GROUP} ]]; then - groups=$(groups) - if ! echo ${groups} | grep -qP "\b${POLICY_GROUP}"; then - echo "error: ${POLICY_GROUP} is not a valid group for account ${POLICY_USER}" - exit 1 - fi -fi - -if [[ -z ${POLICY_GROUP} ]]; then - numGroups=$(groups | sed "s/^.*: *//g" | wc -w) - if [ ${numGroups} -eq 1 ]; then - export POLICY_GROUP=$(groups ${POLICY_USER} | sed "s/^.*: *//g") - else - echo "error: ${POLICY_USER} belongs to multiple groups, one group \ - must be provided for the installation" - usage - exit 1 - fi -fi - -if [[ -z ${POLICY_GROUP} ]]; then - echo "error: installation of root section must not provide the \ - installation group owner argument." - usage - exit 1 -fi - -FQDN=$(hostname -f 2> /dev/null) -if [[ $? != 0 || -z ${FQDN} ]]; then - echo "error: cannot determine the FQDN for this host $(hostname)." - exit 1 -fi - -if [[ ${OPERATION} == install ]]; then - case $COMPONENT_TYPE in - base) - install_base - ;; - pdp) - install_tomcat_component - ;; - pap) - install_tomcat_component - ;; - console) - install_tomcat_component - ;; - mysql) - install_mysql - ;; - elk) - install_elk - ;; - brmsgw) - install_brmsgw - ;; - paplp|pdplp) - install_logparser - ;; - *) - echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|elk|brmsgw|paplp|pdplp}"; - usage - exit 1 - ;; - esac -fi -if [[ ${OPERATION} == configure ]]; then - - install_prereqs "${BASE_CONF}" - - case $COMPONENT_TYPE in - base) - configure_base - component_preconfigure - ;; - pdp) - configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" - ;; - pap) - configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" - ;; - console) - configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" - ;; - mysql) - configure_mysql - ;; - elk) - configure_elk - ;; - brmsgw) - configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" - ;; - paplp|pdplp) - configure_component "${COMPONENT_TYPE}.conf" "${POLICY_HOME}/servers/${COMPONENT_TYPE}/" - ;; - *) - echo "invalid component type (${COMPONENT_TYPE}): must be in {base|pdp|pap|console|mysql|elk|brmsgw|paplp|pdplp}"; - usage - exit 1 - ;; - esac -fi - - -echo -n "Successful ${OPERATION} of ${COMPONENT_TYPE} under ${POLICY_USER}:${POLICY_GROUP} " -echo "ownership with umask $(umask)." diff --git a/policy-pe/wait-for-port.sh b/policy-pe/wait-for-port.sh deleted file mode 100644 index 10f08ded..00000000 --- a/policy-pe/wait-for-port.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -if [[ $# -ne 2 ]]; then - echo "Usage: wait-for-port hostname port" >&2 - exit 1 -fi - -host=$1 -port=$2 - -echo "Waiting for $host port $port open" -until telnet $host $port </dev/null 2>/dev/null | grep -q '^Connected'; do - sleep 1 -done - -echo "$host port $port is open" - -exit 0 diff --git a/pom.xml b/pom.xml deleted file mode 100644 index 89ea3925..00000000 --- a/pom.xml +++ /dev/null @@ -1,137 +0,0 @@ -<!-- - ============LICENSE_START======================================================= - ONAP Policy Engine - Docker files - ================================================================================ - Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= - --> - -<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - - <modelVersion>4.0.0</modelVersion> - - <parent> - <groupId>org.onap.oparent</groupId> - <artifactId>oparent</artifactId> - <version>0.1.1</version> - <relativePath/> - </parent> - - <groupId>org.onap.policy.docker</groupId> - <artifactId>docker</artifactId> - <version>1.1.0-SNAPSHOT</version> - <packaging>pom</packaging> - <name>Policy Engine - Docker build</name> - <description>ONAP Policy Docker Build</description> - - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>copy-pe-zip</id> - <phase>prepare-package</phase> - <goals> - <goal>copy</goal> - </goals> - <configuration> - <outputDirectory>${project.build.directory}/policy-pe</outputDirectory> - <overWriteReleases>false</overWriteReleases> - <overWriteSnapshots>true</overWriteSnapshots> - <artifactItems> - <artifactItem> - <groupId>org.onap.policy.engine</groupId> - <artifactId>install</artifactId> - <version>${project.version}</version> - <type>zip</type> - <destFileName>install.zip</destFileName> - </artifactItem> - </artifactItems> - </configuration> - </execution> - <execution> - <id>copy-drools-zip</id> - <phase>prepare-package</phase> - <goals> - <goal>copy</goal> - </goals> - <configuration> - <outputDirectory>${project.build.directory}/policy-drools</outputDirectory> - <overWriteReleases>false</overWriteReleases> - <overWriteSnapshots>true</overWriteSnapshots> - <artifactItems> - <artifactItem> - <groupId>org.onap.policy.drools-pdp</groupId> - <artifactId>install-drools</artifactId> - <version>${project.version}</version> - <type>zip</type> - <destFileName>install-drools.zip</destFileName> - </artifactItem> - </artifactItems> - </configuration> - </execution> - <execution> - <id>copy-apps-zip</id> - <phase>prepare-package</phase> - <goals> - <goal>copy</goal> - </goals> - <configuration> - <outputDirectory>${project.build.directory}/policy-drools</outputDirectory> - <overWriteReleases>false</overWriteReleases> - <overWriteSnapshots>true</overWriteSnapshots> - <artifactItems> - <artifactItem> - <groupId>org.onap.policy.drools-applications</groupId> - <artifactId>apps</artifactId> - <version>${project.version}</version> - <type>zip</type> - <destFileName>apps.zip</destFileName> - </artifactItem> - </artifactItems> - </configuration> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>exec-maven-plugin</artifactId> - <version>1.6.0</version> - <executions> - <execution> - <id>get-target-version</id> - <phase>prepare-package</phase> - <goals> - <goal>exec</goal> - </goals> - </execution> - </executions> - <configuration> - <executable>echo</executable> - <workingDirectory>${project.build.directory}</workingDirectory> - <arguments> - <argument>${project.version}</argument> - </arguments> - <outputFile>${project.build.directory}/version</outputFile> - </configuration> - </plugin> - - </plugins> - </build> - -</project> diff --git a/vagrant/README.md b/vagrant/README.md index 33ad8306..837d62ce 100644 --- a/vagrant/README.md +++ b/vagrant/README.md @@ -1,3 +1,7 @@ +Copyright 2018 AT&T Intellectual Property. All rights reserved. +This file is licensed under the CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE +Full license text at https://creativecommons.org/licenses/by/4.0/legalcode + This directory is to build & setup policy by vagrant. It is verified to work in Ubuntu 16.04 64bit. diff --git a/vagrant/Vagrantfile b/vagrant/Vagrantfile index 73d4ba3c..35c022b0 100644 --- a/vagrant/Vagrantfile +++ b/vagrant/Vagrantfile @@ -1,3 +1,16 @@ +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. Vagrant.require_version ">= 1.8.6" Vagrant.configure("2") do |config| diff --git a/vagrant/setup_policy.sh b/vagrant/setup_policy.sh index b1eda7c6..18bb3284 100755 --- a/vagrant/setup_policy.sh +++ b/vagrant/setup_policy.sh @@ -1,4 +1,17 @@ #!/usr/bin/env bash +# Copyright 2018 AT&T Intellectual Property. All rights reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. set -ex @@ -18,17 +31,15 @@ do mvn clean install done +for comp in policy-pe policy-drools +do + cd $HOME/$comp + sudo docker build -t onap/$comp packages/docker/target/$comp +done + cd $HOME git clone http://gerrit.onap.org/r/policy/docker cd docker -mvn prepare-package -cp -r target/policy-pe/* policy-pe/ -cp -r target/policy-drools/* policy-drools - -for comp in policy-os policy-db policy-nexus policy-base policy-pe policy-drools -do - sudo docker build -t onap/policy/$comp $HOME/docker/$comp -done cd $HOME/docker chmod +x config/drools/drools-tweaks.sh diff --git a/version.properties b/version.properties deleted file mode 100644 index 7f86aa15..00000000 --- a/version.properties +++ /dev/null @@ -1,13 +0,0 @@ -# Versioning variables -# Note that these variables cannot be structured (e.g. : version.release or version.snapshot etc... ) -# because they are used in Jenkins, whose plug-in doesn't support - -major=1 -minor=1 -patch=0 - -base_version=${major}.${minor}.${patch} - -# Release must be completed with git revision # in Jenkins -release_version=${base_version} -snapshot_version=${base_version}-SNAPSHOT |