Run policy GUIs in a single JAR

Create gui-server module serving clamp and apex GUIs using Spring
Add Spring filter to pass client SSL cert to clamp backend
Remove nginx from docker image
Add logback.xml to docker image
Add helper scripts for running gui-server jar and docker

Issue-ID: POLICY-3638
Signed-off-by: danielhanrahan <daniel.hanrahan@est.tech>
Change-Id: Ie857f5755015c522b8cf781de255f7a1d567e263

7 files changed, 232 insertions, 0 deletions

diff --git a/gui-server/extra/bin-for-dev/README.md b/gui-server/extra/bin-for-dev/README.md
new file mode 100644
index 0000000..b12bcff
--- /dev/null
+++ b/gui-server/extra/bin-for-dev/README.md
@@ -0,0 +1,10 @@
+# gui-server helper scripts
+This directory contains helper scripts for running gui-server.
+
+- start-gui-server-jar.sh starts the JAR.
+
+- start-gui-server-docker.sh starts the docker image.
+To ensure the latest development snapshot is run, first build the run `mvn clean install -P docker` from the gui repo.
+
+If you wish to test client cert authentication, you may import the certificate demo-clamp.keystore.p12 into your browser
+(password is 'changeit').
diff --git a/gui-server/extra/bin-for-dev/config/dev/application.yml b/gui-server/extra/bin-for-dev/config/dev/application.yml
new file mode 100644
index 0000000..efc2dcd
--- /dev/null
+++ b/gui-server/extra/bin-for-dev/config/dev/application.yml
@@ -0,0 +1,27 @@
+server:
+  port: 2443
+  ssl:
+    enabled: true
+    client-auth: want
+    key-store: file:demo-clamp-keystore.p12
+    key-store-password: changeit
+    trust-store: file:demo-clamp-truststore.jks
+    trust-store-password: changeit
+
+clamp:
+  # URL to the clamp backend
+  url: https://localhost:8443/
+  # Disabling SSL validation is useful for local testing, but should not be disabled in production.
+  disable-ssl-validation: true
+  # Disabling SSL hostname check is needed if cert name does not match hostname.
+  disable-ssl-hostname-check: true
+
+apex-editor:
+  upload-url:
+  upload-userid:
+
+management:
+  endpoints:
+    web:
+      exposure:
+        include: health, metrics, prometheus
diff --git a/gui-server/extra/bin-for-dev/config/dev/logback.xml b/gui-server/extra/bin-for-dev/config/dev/logback.xml
new file mode 100644
index 0000000..a8f8357
--- /dev/null
+++ b/gui-server/extra/bin-for-dev/config/dev/logback.xml
@@ -0,0 +1,130 @@
+<!--
+  ============LICENSE_START=======================================================
+  policy-gui
+  ================================================================================
+  Copyright (C) 2021-2022 Nordix Foundation.
+  ================================================================================
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+  ============LICENSE_END=========================================================
+  -->
+
+<configuration scan="true" scanPeriod="30 seconds" debug="false">
+
+    <property name="logDir" value="${POLICY_LOGS}" />
+
+    <property name="errorLog" value="error" />
+    <property name="debugLog" value="debug" />
+    <property name="networkLog" value="network" />
+
+    <property name="debugPattern"
+              value="[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n" />
+    <property name="errorPattern" value="${debugPattern}" />
+    <property name="networkPattern" value="[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n" />
+
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+            <level>INFO</level>
+        </filter>
+        <encoder>
+            <pattern>%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n
+            </pattern>
+        </encoder>
+    </appender>
+
+    <appender name="ERROR" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${logDir}/${errorLog}.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <fileNamePattern>${logDir}/${errorLog}.%d{yyyy-MM-dd}.%i.log.zip
+            </fileNamePattern>
+            <maxFileSize>50MB</maxFileSize>
+            <maxHistory>30</maxHistory>
+            <totalSizeCap>10GB</totalSizeCap>
+        </rollingPolicy>
+        <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+            <level>WARN</level>
+        </filter>
+        <encoder>
+            <pattern>${errorPattern}</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="asyncError" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="ERROR" />
+    </appender>
+
+    <appender name="DEBUG" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${logDir}/${debugLog}.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <fileNamePattern>${logDir}/${debugLog}.%d{yyyy-MM-dd}.%i.log.zip
+            </fileNamePattern>
+            <maxFileSize>50MB</maxFileSize>
+            <maxHistory>30</maxHistory>
+            <totalSizeCap>10GB</totalSizeCap>
+        </rollingPolicy>
+        <encoder>
+            <pattern>${debugPattern}</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="asyncDebug" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="DEBUG" />
+    </appender>
+
+    <appender name="NETWORK" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>${logDir}/${networkLog}.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <fileNamePattern>${logDir}/${networkLog}.%d{yyyy-MM-dd}.%i.log.zip
+            </fileNamePattern>
+            <maxFileSize>50MB</maxFileSize>
+            <maxHistory>30</maxHistory>
+            <totalSizeCap>10GB</totalSizeCap>
+        </rollingPolicy>
+        <encoder>
+            <pattern>${networkPattern}</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="asyncNetwork" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="NETWORK" />
+    </appender>
+
+    <logger name="network" level="INFO" additivity="false">
+        <appender-ref ref="asyncNetwork" />
+    </logger>
+
+    <logger name="org.apache" level="INFO">
+        <appender-ref ref="DEBUG" />
+    </logger>
+
+    <!-- Spring related loggers -->
+    <logger name="org.springframework" level="INFO">
+        <appender-ref ref="DEBUG" />
+    </logger>
+
+    <!-- GUI related loggers -->
+    <logger name="org.onap.policy.gui" level="DEBUG">
+        <appender-ref ref="ERROR" />
+        <appender-ref ref="DEBUG" />
+    </logger>
+
+    <!-- logback internals logging -->
+    <logger name="ch.qos.logback.classic" level="INFO" />
+    <logger name="ch.qos.logback.core" level="INFO" />
+
+    <root level="DEBUG">
+        <appender-ref ref="asyncDebug" />
+        <appender-ref ref="asyncError" />
+        <appender-ref ref="asyncNetwork" />
+        <appender-ref ref="STDOUT" />
+    </root>
+</configuration>
diff --git a/gui-server/extra/bin-for-dev/demo-clamp-keystore.p12 b/gui-server/extra/bin-for-dev/demo-clamp-keystore.p12
new file mode 100644
index 0000000..e034eeb
--- /dev/null
+++ b/gui-server/extra/bin-for-dev/demo-clamp-keystore.p12
diff --git a/gui-server/extra/bin-for-dev/demo-clamp-truststore.jks b/gui-server/extra/bin-for-dev/demo-clamp-truststore.jks
new file mode 100644
index 0000000..2af1adc
--- /dev/null
+++ b/gui-server/extra/bin-for-dev/demo-clamp-truststore.jks
diff --git a/gui-server/extra/bin-for-dev/start-gui-server-docker.sh b/gui-server/extra/bin-for-dev/start-gui-server-docker.sh
new file mode 100755
index 0000000..78748cd
--- /dev/null
+++ b/gui-server/extra/bin-for-dev/start-gui-server-docker.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+#
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2022 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+SCRIPT_DIR=$(dirname "${BASH_SOURCE[0]}")
+KEYSTORE_PATH=$(realpath "$SCRIPT_DIR/demo-clamp-keystore.p12")
+TRUSTSTORE_PATH=$(realpath "$SCRIPT_DIR/demo-clamp-truststore.jks")
+LOGBACK_PATH=$(realpath "$SCRIPT_DIR/config/dev/logback.xml")
+
+# Note hostname 'policy-clamp-be' is mapped to host-gateway (i.e. host's localhost)
+docker run \
+  --publish 2443:2443 \
+  --add-host policy-clamp-be:host-gateway \
+  --env "CLAMP_URL=https://policy-clamp-be:8443" \
+  --env "CLAMP_DISABLE_SSL_VALIDATION=true" \
+  --env "SERVER_SSL_CLIENT_AUTH=want" \
+  --env "KEYSTORE_PASSWD=changeit" \
+  --env "TRUSTSTORE_PASSWD=changeit" \
+  --volume "$KEYSTORE_PATH:/opt/app/policy/gui/etc/mounted/policy-keystore" \
+  --volume "$TRUSTSTORE_PATH:/opt/app/policy/gui/etc/mounted/policy-truststore" \
+  --volume "$LOGBACK_PATH:/opt/app/policy/gui/etc/mounted/logback.xml" \
+  --rm \
+  onap/policy-gui:latest
diff --git a/gui-server/extra/bin-for-dev/start-gui-server-jar.sh b/gui-server/extra/bin-for-dev/start-gui-server-jar.sh
new file mode 100755
index 0000000..5484356
--- /dev/null
+++ b/gui-server/extra/bin-for-dev/start-gui-server-jar.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+#
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2022 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+# This script changes directory so that application.yml, keystore,
+# and truststore will be in current directory before running jar.
+SCRIPTDIR=$(dirname ${BASH_SOURCE[0]})
+pushd "$SCRIPTDIR" || exit
+java -Dspring.profiles.active=dev -jar ../../target/gui-server-*.jar
+popd || exit