diff options
Diffstat (limited to 'policy-pe/do-start.sh')
-rw-r--r-- | policy-pe/do-start.sh | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/policy-pe/do-start.sh b/policy-pe/do-start.sh new file mode 100644 index 00000000..8bdb8bc9 --- /dev/null +++ b/policy-pe/do-start.sh @@ -0,0 +1,97 @@ +#!/bin/bash + +# Script to configure and start the Policy components that are to run in the designated container, +# It is intended to be used as the entrypoint in the Dockerfile, so the last statement of the +# script just goes into a long sleep so that the script does not exit (which would cause the +# container to be torn down). + +container=$1 + +case $container in +pap) + comps="base pap paplp console mysql" + ;; +pdp) + comps="base pdp pdplp" + ;; +pypdp) + comps="base pypdp" + ;; +brmsgw) + comps="base brmsgw" + ;; +*) + echo "Usage: do-start.sh pap|pdp|pypdp|brmsgw" >&2 + exit 1 +esac + + +# skip installation if build.info file is present (restarting an existing container) +if [[ -f /opt/app/policy/etc/build.info ]]; then + echo "Found existing installation, will not reinstall" + . /opt/app/policy/etc/profile.d/env.sh + +else + if [[ -d config ]]; then + cp config/*.conf . + fi + + for comp in $comps; do + echo "Installing component: $comp" + ./docker-install.sh --install $comp + done + for comp in $comps; do + echo "Configuring component: $comp" + ./docker-install.sh --configure $comp + done + + . /opt/app/policy/etc/profile.d/env.sh + + # install keystore + #changed to use http instead of http, so keystore no longer needed + #cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore + + if [[ -f config/$container-tweaks.sh ]] ; then + # file may not be executable; running it as an + # argument to bash avoids needing execute perms. + bash config/$container-tweaks.sh + fi + + if [[ $container == pap ]]; then + # wait for DB up + ./wait-for-port.sh mariadb 3306 + # now that DB is up, invoke database upgrade + # (which does nothing if the db is already up-to-date) + dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) + dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) + db_upgrade_remote.sh $dbuser $dbpw mariadb + fi + +fi + +# pap needs to wait for mariadb up before starting; +# others need to wait for pap up (in case it had to do db upgrade) +if [[ $container == pap ]]; then + # we may have already done this above, but doesn't hurt to repeat + ./wait-for-port.sh mariadb 3306 +else + ./wait-for-port.sh pap 9091 +fi + +policy.sh start + +# on pap, wait for pap, pdp, pypdp, brmsgw, and nexus up, +# then push the initial default policies +if [[ $container == pap ]]; then + ./wait-for-port.sh pap 9091 + ./wait-for-port.sh pdp 8081 + ./wait-for-port.sh pypdp 8480 + # brmsgw doesn't have a REST API, so check for JMX port instead + ./wait-for-port.sh brmsgw 9989 + ./wait-for-port.sh nexus 8081 + # wait addional 1 minute for all processes to get fully initialized and synched up + sleep 60 + bash config/push-policies.sh +fi + +sleep 1000d |