aboutsummaryrefslogtreecommitdiffstats
path: root/packages/policy-gui-docker/src/main/docker
diff options
context:
space:
mode:
Diffstat (limited to 'packages/policy-gui-docker/src/main/docker')
-rw-r--r--packages/policy-gui-docker/src/main/docker/Dockerfile19
-rw-r--r--packages/policy-gui-docker/src/main/docker/config/application.yml24
-rw-r--r--packages/policy-gui-docker/src/main/docker/config/logback.xml119
-rw-r--r--packages/policy-gui-docker/src/main/docker/etc/nginx/http.d/default.conf23
-rw-r--r--packages/policy-gui-docker/src/main/docker/etc/nginx/nginx.conf18
-rw-r--r--packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.key32
-rw-r--r--packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.pem33
-rw-r--r--packages/policy-gui-docker/src/main/docker/index.html12
-rw-r--r--packages/policy-gui-docker/src/main/docker/policy-gui.sh28
9 files changed, 176 insertions, 132 deletions
diff --git a/packages/policy-gui-docker/src/main/docker/Dockerfile b/packages/policy-gui-docker/src/main/docker/Dockerfile
index b19deb9..bc9ce03 100644
--- a/packages/policy-gui-docker/src/main/docker/Dockerfile
+++ b/packages/policy-gui-docker/src/main/docker/Dockerfile
@@ -1,6 +1,6 @@
#-------------------------------------------------------------------------------
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation.
+# Copyright (C) 2021-2022 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -27,19 +27,14 @@ ARG POLICY_LOGS=/var/log/onap/policy/gui
ENV POLICY_LOGS=$POLICY_LOGS
ENV POLICY_HOME=$POLICY_HOME/gui
-RUN mkdir -p $POLICY_HOME $POLICY_LOGS $POLICY_HOME/bin $POLICY_HOME/lib && \
- chown -R policy:policy $POLICY_HOME $POLICY_LOGS && \
- apk update && \
- apk add --no-cache nginx
+RUN mkdir -p $POLICY_HOME $POLICY_LOGS $POLICY_HOME/bin $POLICY_HOME/etc/ssl && \
+ chown -R policy:policy $POLICY_HOME $POLICY_LOGS
-COPY --chown=policy:policy etc/ /etc/
+COPY --chown=policy:policy /maven/app.jar /app/
COPY --chown=policy:policy policy-gui.sh $POLICY_HOME/bin/
-ADD --chown=policy:policy index.html /maven/gui-clamp-html.tar.gz /usr/share/nginx/html/
-RUN ln -sf /dev/stdout /var/log/nginx/access.log && \
- ln -sf /dev/stderr /var/log/nginx/error.log && \
- touch /var/run/nginx.pid && \
- chown -R policy:policy /etc/nginx /usr/share/nginx /var/lib/nginx /var/log/nginx /var/run/nginx.pid && \
- chmod 755 $POLICY_HOME/bin/*.sh
+COPY --chown=policy:policy config/application.yml $POLICY_HOME/etc/
+COPY --chown=policy:policy config/logback.xml $POLICY_HOME/etc/
+RUN chmod 755 $POLICY_HOME/bin/*.sh
USER policy
WORKDIR $POLICY_HOME/bin
diff --git a/packages/policy-gui-docker/src/main/docker/config/application.yml b/packages/policy-gui-docker/src/main/docker/config/application.yml
new file mode 100644
index 0000000..7b20d02
--- /dev/null
+++ b/packages/policy-gui-docker/src/main/docker/config/application.yml
@@ -0,0 +1,24 @@
+server:
+ port: 2443
+ ssl:
+ enabled: true
+ client-auth: need
+ key-store: file:${KEYSTORE}
+ key-store-password: ${KEYSTORE_PASSWD}
+ trust-store: file:${TRUSTSTORE}
+ trust-store-password: ${TRUSTSTORE_PASSWD}
+
+clamp:
+ url: https://policy-clamp-be:8443
+ disable-ssl-validation: false
+ disable-ssl-hostname-check: true
+
+apex-editor:
+ upload-url:
+ upload-userid:
+
+management:
+ endpoints:
+ web:
+ exposure:
+ include: health, metrics, prometheus
diff --git a/packages/policy-gui-docker/src/main/docker/config/logback.xml b/packages/policy-gui-docker/src/main/docker/config/logback.xml
new file mode 100644
index 0000000..019ae50
--- /dev/null
+++ b/packages/policy-gui-docker/src/main/docker/config/logback.xml
@@ -0,0 +1,119 @@
+<!--
+ ============LICENSE_START=======================================================
+ policy-gui
+ ================================================================================
+ Copyright (C) 2021-2022 Nordix Foundation.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+
+<configuration scan="true" scanPeriod="30 seconds" debug="false">
+
+ <property name="logDir" value="${POLICY_LOGS}" />
+
+ <property name="errorLog" value="error" />
+ <property name="debugLog" value="debug" />
+ <property name="networkLog" value="network" />
+
+ <property name="debugPattern"
+ value="[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%level|%logger{0}|%thread] %msg%n" />
+ <property name="errorPattern" value="${debugPattern}" />
+ <property name="networkPattern" value="[%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%t]%m%n" />
+
+ <appender name="ERROR" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDir}/${errorLog}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${logDir}/${errorLog}.%d{yyyy-MM-dd}.%i.log.zip
+ </fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <encoder>
+ <pattern>${errorPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncError" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="ERROR" />
+ </appender>
+
+ <appender name="DEBUG" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDir}/${debugLog}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${logDir}/${debugLog}.%d{yyyy-MM-dd}.%i.log.zip
+ </fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="DEBUG" />
+ </appender>
+
+ <appender name="NETWORK" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDir}/${networkLog}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+ <fileNamePattern>${logDir}/${networkLog}.%d{yyyy-MM-dd}.%i.log.zip
+ </fileNamePattern>
+ <maxFileSize>50MB</maxFileSize>
+ <maxHistory>30</maxHistory>
+ <totalSizeCap>10GB</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${networkPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="asyncNetwork" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="NETWORK" />
+ </appender>
+
+ <logger name="network" level="INFO" additivity="false">
+ <appender-ref ref="asyncNetwork" />
+ </logger>
+
+ <logger name="org.apache" level="INFO">
+ <appender-ref ref="DEBUG" />
+ </logger>
+
+ <!-- Spring related loggers -->
+ <logger name="org.springframework" level="INFO">
+ <appender-ref ref="DEBUG" />
+ </logger>
+
+ <!-- GUI related loggers -->
+ <logger name="org.onap.policy.gui" level="DEBUG">
+ <appender-ref ref="ERROR" />
+ <appender-ref ref="DEBUG" />
+ </logger>
+
+ <!-- logback internals logging -->
+ <logger name="ch.qos.logback.classic" level="INFO" />
+ <logger name="ch.qos.logback.core" level="INFO" />
+
+ <root level="INFO">
+ <appender-ref ref="asyncDebug" />
+ <appender-ref ref="asyncError" />
+ <appender-ref ref="asyncNetwork" />
+ </root>
+</configuration>
diff --git a/packages/policy-gui-docker/src/main/docker/etc/nginx/http.d/default.conf b/packages/policy-gui-docker/src/main/docker/etc/nginx/http.d/default.conf
deleted file mode 100644
index c03894d..0000000
--- a/packages/policy-gui-docker/src/main/docker/etc/nginx/http.d/default.conf
+++ /dev/null
@@ -1,23 +0,0 @@
-server {
- listen 2443 default ssl;
- ssl_protocols TLSv1.2;
- ssl_certificate /etc/ssl/clamp.pem;
- ssl_certificate_key /etc/ssl/clamp.key;
- ssl_verify_client optional_no_ca;
-
- location / {
- root /usr/share/nginx/html;
- index index.html index.htm;
- try_files $uri $uri/ =404;
- }
-
- location /clamp/restservices/clds/ {
- proxy_pass https://policy-clamp-backend:8443/restservices/clds/;
- proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
- }
-
- location = /50x.html {
- root /var/lib/nginx/html;
- }
- error_page 500 502 503 504 /50x.html;
-}
diff --git a/packages/policy-gui-docker/src/main/docker/etc/nginx/nginx.conf b/packages/policy-gui-docker/src/main/docker/etc/nginx/nginx.conf
deleted file mode 100644
index bb31a60..0000000
--- a/packages/policy-gui-docker/src/main/docker/etc/nginx/nginx.conf
+++ /dev/null
@@ -1,18 +0,0 @@
-worker_processes 1;
-pid /var/run/nginx.pid;
-error_log /dev/stdout warn;
-events {
-}
-http {
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
- log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- '$status $body_bytes_sent "$http_referer" '
- '"$http_user_agent" "$http_x_forwarded_for"';
- access_log /var/log/nginx/access.log main;
- sendfile on;
- #tcp_nopush on;
- keepalive_timeout 65;
- #gzip on;
- include /etc/nginx/conf.d/*.conf;
-}
diff --git a/packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.key b/packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.key
deleted file mode 100644
index bcbb9f1..0000000
--- a/packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.key
+++ /dev/null
@@ -1,32 +0,0 @@
-Bag Attributes
- friendlyName: clamp@clamp.onap.org
- localKeyID: 54 69 6D 65 20 31 35 38 30 38 32 39 30 36 35 34 37 39
-Key Attributes: <No Attributes>
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCTB30nMh0hczIk
-vWJo7Omg7cAHhz50NBhLB7u+60oXRGCya4SqssqqxNnNqNQQP9MmflW2q/bZepWn
-8Rk23X6CLmoIUlrj8BMPkUCRqzgvlaWPSNAK5QcOp6GUvXTuX4EsaWxJhbs9Ujz2
-+qi137iNOqfAx1sUygah1kjALrqHkXDqJGvIfxU5ES0akBi/lB7A3WpE52KTioSF
-JS5Kbnpj1ogffGNKyAiNqU61LcF1FjWmINat2z3ZMk/3Xm+HCDg/GLPnbh4E1KoE
-10O22AMys6YGEyPvgRfrTF13DsDX52PmmUHbkSB6kwS/CeV5Uu++8b6T2IWpPyZ2
-+5ptmL+tAgMBAAECggEBAIUplzRUswWEq7mSvPqC9+YE7pLi7rGYLRhnXKdBuszv
-5RQzROjFHcEkoI8fhVFiPP70FPVpMh0uZTTBrDCA0v9cwjPfQuqGmPzUdUJ5bF3M
-jzICpEn5vDaNpE5ueOUcIoXyxVyhfj+/p++YfgybHy7qHN0AsYFWqEMTLLjCmbYF
-pZozbAcGQoAR8PSfwuvgusuEezrhYertHsdFwlfZhDtJvnm/4YKRUVEBzuaaA7B9
-sUhnQFS8ScqiUbkAGdjfY9wOYRHnQgjtqiP8poIzLkqCNSoVctgh5Pdv4jp4HO90
-J5QC+f7m7rOoWUw8EYbRo/4C4Mckh0GQQ+oP4xzrtZECgYEA3DYALFgOEY+0RR1K
-61HAKqdNy1YbeuidpCBEJEwmIbzdgO1DcJdNznbfdRlmS7VB9orwRfNbf7Hxm2w/
-/xn9USENXWx7fvDoISqSDegvEsBSq5hSEMVl3f7CfQZrYl1f6gxfe7L/jtmbn0eQ
-avsr9RaUCWP794DEXKuA9pC8hVsCgYEAquy5I4hO4jNBQ6v5+omjsEgk4513/RNs
-f47Md8bsDHKJMbCMKCdqM1D3J1xbgV3DgSv0yNlKdU2wenWdgQAyBtz18NBgno85
-YNanFhp1CymgLFHdLJHSOqAkzutSuCNnGTT6AKspOQvy+cuj7XsnbsxtYK3Cgw5h
-Mom3RnUy9ZcCgYAnForHVEYDBgAYuI9g39z9dT8Q1dMA6SN6S6Ps0Xt/R5gF15e9
-941/FYiqr3yB+cWgrp7hu8XFD9/0F63waTuW2AgYSjZNnROHN5g/UbRxXqQOA3al
-tXRUiHEbYjVTe4GX+ORF/8rvH19JUZmn87ekxII4fH/wOfIhBOxaV+yuuwKBgHtz
-5Tizz/3y9TWSdkgtt6uwP+yipLKGn/v1wNrWM1G+PDdGg8TQyxTrasfkHjdu6LFY
-dUHIJ85X4ZphbvRolrl8SKq5Zr+/RLsb7qy5SUZZt1Wrfysc25H6bvuA3ksfTuzW
-5acr+Oc6KTGgkvMI229cebe1aONNtIhTDav3JGpbAoGAX5DQvNreqnP8qSAvUN2I
-TAHXIzawR3f6vgGgVIdkHkiS2eKzs/fgP3VAK80TbrGSR8HvBcPEcR/icOn1u/e6
-tDp0j6mGt5aPKK9VQkBn94bW35T12FUbdB+L8FWWTUrfiVWJtEW8tEsKil5ac8U4
-Bn3vC5WUeKhW6v6kD4AigqE=
------END PRIVATE KEY-----
diff --git a/packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.pem b/packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.pem
deleted file mode 100644
index a01b587..0000000
--- a/packages/policy-gui-docker/src/main/docker/etc/ssl/clamp.pem
+++ /dev/null
@@ -1,33 +0,0 @@
-Bag Attributes
- friendlyName: clamp@clamp.onap.org
- localKeyID: 54 69 6D 65 20 31 35 38 30 38 32 39 30 36 35 34 37 39
-subject=CN = clamp, emailAddress = mark.d.manager@people.osaaf.com, OU = clamp@clamp.onap.org:DEV, OU = OSAAF, O = ONAP, C = US
-
-issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9
-
------BEGIN CERTIFICATE-----
-MIIEWDCCA0CgAwIBAgIILw1zyDGqB5IwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
-BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
-bnRlcm1lZGlhdGVDQV85MB4XDTIwMDIwNDEyMjM1MloXDTIxMDIwNDEyMjM1Mlow
-gY8xDjAMBgNVBAMMBWNsYW1wMS4wLAYJKoZIhvcNAQkBFh9tYXJrLmQubWFuYWdl
-ckBwZW9wbGUub3NhYWYuY29tMSEwHwYDVQQLDBhjbGFtcEBjbGFtcC5vbmFwLm9y
-ZzpERVYxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJV
-UzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJMHfScyHSFzMiS9Ymjs
-6aDtwAeHPnQ0GEsHu77rShdEYLJrhKqyyqrE2c2o1BA/0yZ+Vbar9tl6lafxGTbd
-foIuaghSWuPwEw+RQJGrOC+VpY9I0ArlBw6noZS9dO5fgSxpbEmFuz1SPPb6qLXf
-uI06p8DHWxTKBqHWSMAuuoeRcOoka8h/FTkRLRqQGL+UHsDdakTnYpOKhIUlLkpu
-emPWiB98Y0rICI2pTrUtwXUWNaYg1q3bPdkyT/deb4cIOD8Ys+duHgTUqgTXQ7bY
-AzKzpgYTI++BF+tMXXcOwNfnY+aZQduRIHqTBL8J5XlS777xvpPYhak/Jnb7mm2Y
-v60CAwEAAaOB/jCB+zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIF4DAgBgNVHSUB
-Af8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVAYDVR0jBE0wS4AUgfeZWxC5yIze
-81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQ
-MQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQUzfIed+18wgFs7E6q0b6BbMICtfsw
-RwYDVR0RBEAwPoIFY2xhbXCCCmNsYW1wLW9uYXCCHWNsYW1wLmFwaS5zaW1wbGVk
-ZW1vLm9uYXAub3JnggpjbGFtcC5vbmFwMA0GCSqGSIb3DQEBCwUAA4IBAQBizhsW
-XrJ9wQy3PrBxgh90sOF15tayXPRZSFYPoQb5LhRh3IY/PvXLaSHlkgPHlCLLx36S
-0/DiVf86/83ABvyaq9gJIyg/m4ntNae23OKH1AkA1aN+JCKA8yhsAzDBcRF6Aj7E
-VJ+vQlSzz5oh+efP1e/8DUMd1/WwbTXvRd0Iqv/fyZunbjb82qNMrsK1mQ2q+87A
-0jx9u1EdeMihP6vWiuKzlwy4mKoNT573SPpvaOkjX3yDlmf2CTQZ9vdAvjmFmVsH
-1wyrNZOIgW4VjluiZfAk3mOEskrZiP/7aUXnxmNnYTpgZMbhiouLbRrTc4lLEyhx
-G7A61/KGTsLZlvxb
------END CERTIFICATE-----
diff --git a/packages/policy-gui-docker/src/main/docker/index.html b/packages/policy-gui-docker/src/main/docker/index.html
deleted file mode 100644
index 54b07f1..0000000
--- a/packages/policy-gui-docker/src/main/docker/index.html
+++ /dev/null
@@ -1,12 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
- <meta charset="utf-8">
- <title>ONAP Policy GUI</title>
-</head>
-<body>
- <ul>
- <li><a href="/clamp">CLAMP Designer UI</a></li>
- </ul>
-</body>
-</html>
diff --git a/packages/policy-gui-docker/src/main/docker/policy-gui.sh b/packages/policy-gui-docker/src/main/docker/policy-gui.sh
index 7cdefba..02d44af 100644
--- a/packages/policy-gui-docker/src/main/docker/policy-gui.sh
+++ b/packages/policy-gui-docker/src/main/docker/policy-gui.sh
@@ -1,7 +1,7 @@
#!/usr/bin/env sh
#
# ============LICENSE_START=======================================================
-# Copyright (C) 2021 Nordix Foundation.
+# Copyright (C) 2021-2022 Nordix Foundation.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -19,4 +19,28 @@
# ============LICENSE_END=========================================================
#
-nginx -g "daemon off;"
+JAVA_HOME=/usr/lib/jvm/java-11-openjdk/
+export KEYSTORE="${KEYSTORE:-$POLICY_HOME/etc/ssl/policy-keystore}"
+export TRUSTSTORE="${TRUSTSTORE:-$POLICY_HOME/etc/ssl/policy-truststore}"
+export KEYSTORE_PASSWD="${KEYSTORE_PASSWD:-Pol1cy_0nap}"
+export TRUSTSTORE_PASSWD="${TRUSTSTORE_PASSWD:-Pol1cy_0nap}"
+
+if [ -f "${POLICY_HOME}/etc/mounted/policy-truststore" ]; then
+ echo "overriding policy-truststore"
+ cp -f "${POLICY_HOME}"/etc/mounted/policy-truststore "${TRUSTSTORE}"
+fi
+
+if [ -f "${POLICY_HOME}/etc/mounted/policy-keystore" ]; then
+ echo "overriding policy-keystore"
+ cp -f "${POLICY_HOME}"/etc/mounted/policy-keystore "${KEYSTORE}"
+fi
+
+if [ -f "${POLICY_HOME}/etc/mounted/logback.xml" ]; then
+ echo "overriding logback xml files"
+ cp -f "${POLICY_HOME}"/etc/mounted/logback*.xml "${POLICY_HOME}"/etc/
+fi
+
+$JAVA_HOME/bin/java \
+ -Dlogging.config="${POLICY_HOME}/etc/logback.xml" \
+ -jar /app/app.jar \
+ --spring.config.location="${POLICY_HOME}/etc/application.yml"