summaryrefslogtreecommitdiffstats
path: root/policy-pe/do-start.sh
diff options
context:
space:
mode:
Diffstat (limited to 'policy-pe/do-start.sh')
-rw-r--r--policy-pe/do-start.sh97
1 files changed, 97 insertions, 0 deletions
diff --git a/policy-pe/do-start.sh b/policy-pe/do-start.sh
new file mode 100644
index 00000000..8bdb8bc9
--- /dev/null
+++ b/policy-pe/do-start.sh
@@ -0,0 +1,97 @@
+#!/bin/bash
+
+# Script to configure and start the Policy components that are to run in the designated container,
+# It is intended to be used as the entrypoint in the Dockerfile, so the last statement of the
+# script just goes into a long sleep so that the script does not exit (which would cause the
+# container to be torn down).
+
+container=$1
+
+case $container in
+pap)
+ comps="base pap paplp console mysql"
+ ;;
+pdp)
+ comps="base pdp pdplp"
+ ;;
+pypdp)
+ comps="base pypdp"
+ ;;
+brmsgw)
+ comps="base brmsgw"
+ ;;
+*)
+ echo "Usage: do-start.sh pap|pdp|pypdp|brmsgw" >&2
+ exit 1
+esac
+
+
+# skip installation if build.info file is present (restarting an existing container)
+if [[ -f /opt/app/policy/etc/build.info ]]; then
+ echo "Found existing installation, will not reinstall"
+ . /opt/app/policy/etc/profile.d/env.sh
+
+else
+ if [[ -d config ]]; then
+ cp config/*.conf .
+ fi
+
+ for comp in $comps; do
+ echo "Installing component: $comp"
+ ./docker-install.sh --install $comp
+ done
+ for comp in $comps; do
+ echo "Configuring component: $comp"
+ ./docker-install.sh --configure $comp
+ done
+
+ . /opt/app/policy/etc/profile.d/env.sh
+
+ # install keystore
+ #changed to use http instead of http, so keystore no longer needed
+ #cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore
+
+ if [[ -f config/$container-tweaks.sh ]] ; then
+ # file may not be executable; running it as an
+ # argument to bash avoids needing execute perms.
+ bash config/$container-tweaks.sh
+ fi
+
+ if [[ $container == pap ]]; then
+ # wait for DB up
+ ./wait-for-port.sh mariadb 3306
+ # now that DB is up, invoke database upgrade
+ # (which does nothing if the db is already up-to-date)
+ dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=))
+ dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=))
+ db_upgrade_remote.sh $dbuser $dbpw mariadb
+ fi
+
+fi
+
+# pap needs to wait for mariadb up before starting;
+# others need to wait for pap up (in case it had to do db upgrade)
+if [[ $container == pap ]]; then
+ # we may have already done this above, but doesn't hurt to repeat
+ ./wait-for-port.sh mariadb 3306
+else
+ ./wait-for-port.sh pap 9091
+fi
+
+policy.sh start
+
+# on pap, wait for pap, pdp, pypdp, brmsgw, and nexus up,
+# then push the initial default policies
+if [[ $container == pap ]]; then
+ ./wait-for-port.sh pap 9091
+ ./wait-for-port.sh pdp 8081
+ ./wait-for-port.sh pypdp 8480
+ # brmsgw doesn't have a REST API, so check for JMX port instead
+ ./wait-for-port.sh brmsgw 9989
+ ./wait-for-port.sh nexus 8081
+ # wait addional 1 minute for all processes to get fully initialized and synched up
+ sleep 60
+ bash config/push-policies.sh
+fi
+
+sleep 1000d