diff options
| author |   Michael Lando <ml636r@att.com> | 2018-02-20 16:14:11 +0200 |
|---|---|---|
| committer | Michael Lando <ml636r@att.com> | 2018-02-20 22:10:39 +0000 |
| commit | a1ceb60843508b0ef23f3f8ec29d8808722fada3 (patch) | |
| tree | bdc636b290a7f86f62699b158e7e21e250976abe | |
| parent | 4631543642bc3b7047a3d5045dcc0cc71d61af5a (diff) | |
add https support to simulato
Change-Id: I16f68532a7e7a09fbf96c09dff19d857c03fedd8
Issue-ID: SDC-832
Signed-off-by: Michael Lando <ml636r@att.com>
15 files changed, 119 insertions, 2260 deletions
diff --git a/sdc-os-chef/sdc-backend/Dockerfile.template b/sdc-os-chef/sdc-backend/Dockerfile.template deleted file mode 100644 index 88a0ad6597..0000000000 --- a/sdc-os-chef/sdc-backend/Dockerfile.template +++ /dev/null @@ -1,30 +0,0 @@ -FROM jetty - -RUN apt-get -y update -RUN apt-get -y install apt-utils -RUN apt-get -y install curl -RUN apt-get -y install vim -RUN apt-get -y install jq -RUN apt-get -y install python libssl-dev libcurl4-openssl-dev python-dev gcc - -COPY chef-solo /root/chef-solo/ -COPY chef-repo/cookbooks/. /root/chef-solo/cookbooks/ - -RUN python /root/chef-solo/cookbooks/sdc-normatives/files/default/get-pip.py -RUN pip install pycurl - -ENV BASE_NEXUS zl999y:ChangeMe@10.208.197.75:8443/repository/maven-public/org/openecomp/sdc - -# install chef-solo -RUN curl -L https://www.opscode.com/chef/install.sh | bash - -#ADD https://${BASE_NEXUS}/api-docs/1610.0.0-SNAPSHOT/api-docs-1610.0.0-20161211.143739-1.war /var/lib/jetty/webapps/ -ADD onboarding-be-__SDC-RELEASE__.war /var/lib/jetty/webapps/ -ADD catalog-be-__SDC-RELEASE__.war /var/lib/jetty/webapps/ -RUN chown -R jetty:jetty /var/lib/jetty/webapps - -COPY startup.sh /root/ - -RUN chmod 770 /root/startup.sh - -ENTRYPOINT [ "/root/startup.sh" ] diff --git a/sdc-os-chef/sdc-backend/chef-install.sh b/sdc-os-chef/sdc-backend/chef-install.sh deleted file mode 100644 index 5a4be8ba18..0000000000 --- a/sdc-os-chef/sdc-backend/chef-install.sh +++ /dev/null @@ -1,707 +0,0 @@ -#!/bin/sh -# WARNING: REQUIRES /bin/sh -# -# - must run on /bin/sh on solaris 9 -# - must run on /bin/sh on AIX 6.x -# -# Copyright:: Copyright (c) 2010-2015 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# helpers.sh -############ -# This section has some helper functions to make life easier. -# -# Outputs: -# $tmp_dir: secure-ish temp directory that can be used during installation. -############ - -# Check whether a command exists - returns 0 if it does, 1 if it does not -exists() { - if command -v $1 >/dev/null 2>&1 - then - return 0 - else - return 1 - fi -} - -# Output the instructions to report bug about this script -report_bug() { - echo "Version: $version" - echo "" - echo "Please file a Bug Report at https://github.com/chef/omnitruck/issues/new" - echo "Alternatively, feel free to open a Support Ticket at https://www.chef.io/support/tickets" - echo "More Chef support resources can be found at https://www.chef.io/support" - echo "" - echo "Please include as many details about the problem as possible i.e., how to reproduce" - echo "the problem (if possible), type of the Operating System and its version, etc.," - echo "and any other relevant details that might help us with troubleshooting." - echo "" -} - -checksum_mismatch() { - echo "Package checksum mismatch!" - report_bug - exit 1 -} - -unable_to_retrieve_package() { - echo "Unable to retrieve a valid package!" - report_bug - echo "Metadata URL: $metadata_url" - if test "x$download_url" != "x"; then - echo "Download URL: $download_url" - fi - if test "x$stderr_results" != "x"; then - echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results" - fi - exit 1 -} - -http_404_error() { - echo "Omnitruck artifact does not exist for version $version on platform $platform" - echo "" - echo "Either this means:" - echo " - We do not support $platform" - echo " - We do not have an artifact for $version" - echo "" - echo "This is often the latter case due to running a prerelease or RC version of chef" - echo "or a gem version which was only pushed to rubygems and not omnitruck." - echo "" - echo "You may be able to set your knife[:bootstrap_version] to the most recent stable" - echo "release of Chef to fix this problem (or the most recent stable major version number)." - echo "" - echo "In order to test the version parameter, adventurous users may take the Metadata URL" - echo "below and modify the '&v=<number>' parameter until you successfully get a URL that" - echo "does not 404 (e.g. via curl or wget). You should be able to use '&v=11' or '&v=12'" - echo "succesfully." - echo "" - echo "If you cannot fix this problem by setting the bootstrap_version, it probably means" - echo "that $platform is not supported." - echo "" - # deliberately do not call report_bug to suppress bug report noise. - echo "Metadata URL: $metadata_url" - if test "x$download_url" != "x"; then - echo "Download URL: $download_url" - fi - if test "x$stderr_results" != "x"; then - echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results" - fi - exit 1 -} - -capture_tmp_stderr() { - # spool up /tmp/stderr from all the commands we called - if test -f "$tmp_dir/stderr"; then - output=`cat $tmp_dir/stderr` - stderr_results="${stderr_results}\nSTDERR from $1:\n\n$output\n" - rm $tmp_dir/stderr - fi -} - -# do_wget URL FILENAME -do_wget() { - echo "trying wget..." - wget --user-agent="User-Agent: mixlib-install/2.1.8" -O "$2" "$1" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "ERROR 404" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "wget" - return 1 - fi - - return 0 -} - -# do_curl URL FILENAME -do_curl() { - echo "trying curl..." - curl -A "User-Agent: mixlib-install/2.1.8" --retry 5 -sL -D $tmp_dir/stderr "$1" > "$2" - rc=$? - # check for 404 - grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "curl" - return 1 - fi - - return 0 -} - -# do_fetch URL FILENAME -do_fetch() { - echo "trying fetch..." - fetch --user-agent="User-Agent: mixlib-install/2.1.8" -o "$2" "$1" 2>$tmp_dir/stderr - # check for bad return status - test $? -ne 0 && return 1 - return 0 -} - -# do_perl URL FILENAME -do_perl() { - echo "trying perl..." - perl -e 'use LWP::Simple; getprint($ARGV[0]);' "$1" > "$2" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "perl" - return 1 - fi - - return 0 -} - -# do_python URL FILENAME -do_python() { - echo "trying python..." - python -c "import sys,urllib2; sys.stdout.write(urllib2.urlopen(urllib2.Request(sys.argv[1], headers={ 'User-Agent': 'mixlib-install/2.1.8' })).read())" "$1" > "$2" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "HTTP Error 404" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "python" - return 1 - fi - return 0 -} - -# returns 0 if checksums match -do_checksum() { - if exists sha256sum; then - echo "Comparing checksum with sha256sum..." - checksum=`sha256sum $1 | awk '{ print $1 }'` - return `test "x$checksum" = "x$2"` - elif exists shasum; then - echo "Comparing checksum with shasum..." - checksum=`shasum -a 256 $1 | awk '{ print $1 }'` - return `test "x$checksum" = "x$2"` - else - echo "WARNING: could not find a valid checksum program, pre-install shasum or sha256sum in your O/S image to get valdation..." - return 0 - fi -} - -# do_download URL FILENAME -do_download() { - echo "downloading $1" - echo " to file $2" - - url=`echo $1` - if test "x$platform" = "xsolaris2"; then - if test "x$platform_version" = "x5.9" -o "x$platform_version" = "x5.10"; then - # solaris 9 lacks openssl, solaris 10 lacks recent enough credentials - your base O/S is completely insecure, please upgrade - url=`echo $url | sed -e 's/https/http/'` - fi - fi - - # we try all of these until we get success. - # perl, in particular may be present but LWP::Simple may not be installed - - if exists wget; then - do_wget $url $2 && return 0 - fi - - if exists curl; then - do_curl $url $2 && return 0 - fi - - if exists fetch; then - do_fetch $url $2 && return 0 - fi - - if exists perl; then - do_perl $url $2 && return 0 - fi - - if exists python; then - do_python $url $2 && return 0 - fi - - unable_to_retrieve_package -} - -# install_file TYPE FILENAME -# TYPE is "rpm", "deb", "solaris", "sh", etc. -install_file() { - echo "Installing $project $version" - case "$1" in - "rpm") - if test "x$platform" = "xnexus" || test "x$platform" = "xios_xr"; then - echo "installing with yum..." - yum install -yv "$2" - else - echo "installing with rpm..." - rpm -Uvh --oldpackage --replacepkgs "$2" - fi - ;; - "deb") - echo "installing with dpkg..." - dpkg -i "$2" - ;; - "bff") - echo "installing with installp..." - installp -aXYgd "$2" all - ;; - "solaris") - echo "installing with pkgadd..." - echo "conflict=nocheck" > $tmp_dir/nocheck - echo "action=nocheck" >> $tmp_dir/nocheck - echo "mail=" >> $tmp_dir/nocheck - pkgrm -a $tmp_dir/nocheck -n $project >/dev/null 2>&1 || true - pkgadd -G -n -d "$2" -a $tmp_dir/nocheck $project - ;; - "pkg") - echo "installing with installer..." - cd / && /usr/sbin/installer -pkg "$2" -target / - ;; - "dmg") - echo "installing dmg file..." - hdiutil detach "/Volumes/chef_software" >/dev/null 2>&1 || true - hdiutil attach "$2" -mountpoint "/Volumes/chef_software" - cd / && /usr/sbin/installer -pkg `find "/Volumes/chef_software" -name \*.pkg` -target / - hdiutil detach "/Volumes/chef_software" - ;; - "sh" ) - echo "installing with sh..." - sh "$2" - ;; - "p5p" ) - echo "installing p5p package..." - pkg install -g "$2" $project - ;; - *) - echo "Unknown filetype: $1" - report_bug - exit 1 - ;; - esac - if test $? -ne 0; then - echo "Installation failed" - report_bug - exit 1 - fi -} - -if test "x$TMPDIR" = "x"; then - tmp="/tmp" -else - tmp=$TMPDIR -fi -# secure-ish temp dir creation without having mktemp available (DDoS-able but not expliotable) -tmp_dir="$tmp/install.sh.$$" -(umask 077 && mkdir $tmp_dir) || exit 1 - -############ -# end of helpers.sh -############ - - -# script_cli_parameters.sh -############ -# This section reads the CLI parameters for the install script and translates -# them to the local parameters to be used later by the script. -# -# Outputs: -# $version: Requested version to be installed. -# $channel: Channel to install the product from -# $project: Project to be installed -# $cmdline_filename: Name of the package downloaded on local disk. -# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk. -############ - -# Defaults -channel="stable" -project="chef" - -while getopts pnv:c:f:P:d: opt -do - case "$opt" in - - v) version="$OPTARG";; - c) channel="$OPTARG";; - p) channel="current";; # compat for prerelease option - n) channel="current";; # compat for nightlies option - f) cmdline_filename="$OPTARG";; - P) project="$OPTARG";; - d) cmdline_dl_dir="$OPTARG";; - \?) # unknown flag - echo >&2 \ - "usage: $0 [-P project] [-c release_channel] [-v version] [-f filename | -d download_dir]" - exit 1;; - esac -done - -shift `expr $OPTIND - 1` - - -# platform_detection.sh -############ -# This section makes platform detection compatible with omnitruck on the system -# it runs. -# -# Outputs: -# $platform: Name of the platform. -# $platform_version: Version of the platform. -# $machine: System's architecture. -############ - -# -# Platform and Platform Version detection -# -# NOTE: This should now match ohai platform and platform_version matching. -# do not invented new platform and platform_version schemas, just make this behave -# like what ohai returns as platform and platform_version for the server. -# -# ALSO NOTE: Do not mangle platform or platform_version here. It is less error -# prone and more future-proof to do that in the server, and then all omnitruck clients -# will 'inherit' the changes (install.sh is not the only client of the omnitruck -# endpoint out there). -# - -machine=`uname -m` -os=`uname -s` - -if test -f "/etc/lsb-release" && grep -q DISTRIB_ID /etc/lsb-release && ! grep -q wrlinux /etc/lsb-release; then - platform=`grep DISTRIB_ID /etc/lsb-release | cut -d "=" -f 2 | tr '[A-Z]' '[a-z]'` - platform_version=`grep DISTRIB_RELEASE /etc/lsb-release | cut -d "=" -f 2` - - if test "$platform" = "\"cumulus linux\""; then - platform="cumulus_linux" - elif test "$platform" = "\"cumulus networks\""; then - platform="cumulus_networks" - fi - -elif test -f "/etc/debian_version"; then - platform="debian" - platform_version=`cat /etc/debian_version` -elif test -f "/etc/Eos-release"; then - # EOS may also contain /etc/redhat-release so this check must come first. - platform=arista_eos - platform_version=`awk '{print $4}' /etc/Eos-release` - machine="i386" -elif test -f "/etc/redhat-release"; then - platform=`sed 's/^\(.\+\) release.*/\1/' /etc/redhat-release | tr '[A-Z]' '[a-z]'` - platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/redhat-release` - - # If /etc/redhat-release exists, we act like RHEL by default - if test "$platform" = "fedora"; then - # FIXME: stop remapping fedora to el - # FIXME: remove client side platform_version mangling and hard coded yolo - # Change platform version for use below. - platform_version="6.0" - fi - - if test "$platform" = "xenserver"; then - # Current XenServer 6.2 is based on CentOS 5, platform is not reset to "el" server should hanlde response - platform="xenserver" - else - # FIXME: use "redhat" - platform="el" - fi - -elif test -f "/etc/system-release"; then - platform=`sed 's/^\(.\+\) release.\+/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'` - platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'` - # amazon is built off of fedora, so act like RHEL - if test "$platform" = "amazon linux ami"; then - # FIXME: remove client side platform_version mangling and hard coded yolo, and remapping to deprecated "el" - platform="el" - platform_version="6.0" - fi -# Apple OS X -elif test -f "/usr/bin/sw_vers"; then - platform="mac_os_x" - # Matching the tab-space with sed is error-prone - platform_version=`sw_vers | awk '/^ProductVersion:/ { print $2 }' | cut -d. -f1,2` - - # x86_64 Apple hardware often runs 32-bit kernels (see OHAI-63) - x86_64=`sysctl -n hw.optional.x86_64` - if test $x86_64 -eq 1; then - machine="x86_64" - fi -elif test -f "/etc/release"; then - machine=`/usr/bin/uname -p` - if grep -q SmartOS /etc/release; then - platform="smartos" - platform_version=`grep ^Image /etc/product | awk '{ print $3 }'` - else - platform="solaris2" - platform_version=`/usr/bin/uname -r` - fi -elif test -f "/etc/SuSE-release"; then - if grep -q 'Enterprise' /etc/SuSE-release; - then - platform="sles" - platform_version=`awk '/^VERSION/ {V = $3}; /^PATCHLEVEL/ {P = $3}; END {print V "." P}' /etc/SuSE-release` - else - platform="suse" - platform_version=`awk '/^VERSION =/ { print $3 }' /etc/SuSE-release` - fi -elif test "x$os" = "xFreeBSD"; then - platform="freebsd" - platform_version=`uname -r | sed 's/-.*//'` -elif test "x$os" = "xAIX"; then - platform="aix" - platform_version="`uname -v`.`uname -r`" - machine="powerpc" -elif test -f "/etc/os-release"; then - . /etc/os-release - if test "x$CISCO_RELEASE_INFO" != "x"; then - . $CISCO_RELEASE_INFO - fi - - platform=$ID - platform_version=$VERSION -fi - -if test "x$platform" = "x"; then - echo "Unable to determine platform version!" - report_bug - exit 1 -fi - -# -# NOTE: platform manging in the install.sh is DEPRECATED -# -# - install.sh should be true to ohai and should not remap -# platform or platform versions. -# -# - remapping platform and mangling platform version numbers is -# now the complete responsibility of the server-side endpoints -# - -major_version=`echo $platform_version | cut -d. -f1` -case $platform in - # FIXME: should remove this case statement completely - "el") - # FIXME: "el" is deprecated, should use "redhat" - platform_version=$major_version - ;; - "debian") - if test "x$major_version" = "x5"; then - # This is here for potential back-compat. - # We do not have 5 in versions we publish for anymore but we - # might have it for earlier versions. - platform_version="6" - else - platform_version=$major_version - fi - ;; - "freebsd") - platform_version=$major_version - ;; - "sles") - platform_version=$major_version - ;; - "suse") - platform_version=$major_version - ;; -esac - -# normalize the architecture we detected -case $machine in - "x86_64"|"amd64"|"x64") - machine="x86_64" - ;; - "i386"|"i86pc"|"x86"|"i686") - machine="i386" - ;; - "sparc"|"sun4u"|"sun4v") - machine="sparc" - ;; -esac - -if test "x$platform_version" = "x"; then - echo "Unable to determine platform version!" - report_bug - exit 1 -fi - -if test "x$platform" = "xsolaris2"; then - # hack up the path on Solaris to find wget, pkgadd - PATH=/usr/sfw/bin:/usr/sbin:$PATH - export PATH -fi - -echo "$platform $platform_version $machine" - -############ -# end of platform_detection.sh -############ - - -# fetch_metadata.sh -############ -# This section calls omnitruck to get the information about the build to be -# installed. -# -# Inputs: -# $channel: -# $project: -# $version: -# $platform: -# $platform_version: -# $machine: -# $tmp_dir: -# -# Outputs: -# $download_url: -# $sha256: -############ - -echo "Getting information for $project $channel $version for $platform..." - -metadata_filename="$tmp_dir/metadata.txt" -metadata_url="https://omnitruck-direct.chef.io/$channel/$project/metadata?v=$version&p=$platform&pv=$platform_version&m=$machine" - -do_download "$metadata_url" "$metadata_filename" - -cat "$metadata_filename" - -echo "" -# check that all the mandatory fields in the downloaded metadata are there -if grep '^url' $metadata_filename > /dev/null && grep '^sha256' $metadata_filename > /dev/null; then - echo "downloaded metadata file looks valid..." -else - echo "downloaded metadata file is corrupted or an uncaught error was encountered in downloading the file..." - # this generally means one of the download methods downloaded a 404 or something like that and then reported a successful exit code, - # and this should be fixed in the function that was doing the download. - report_bug - exit 1 -fi - -download_url=`awk '$1 == "url" { print $2 }' "$metadata_filename"` -sha256=`awk '$1 == "sha256" { print $2 }' "$metadata_filename"` - -############ -# end of fetch_metadata.sh -############ - - -# fetch_package.sh -############ -# This section fetchs a package from $download_url and verifies its metadata. -# -# Inputs: -# $download_url: -# $tmp_dir: -# Optional Inputs: -# $cmdline_filename: Name of the package downloaded on local disk. -# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk. -# -# Outputs: -# $download_filename: Name of the downloaded file on local disk. -# $filetype: Type of the file downloaded. -############ - -filename=`echo $download_url | sed -e 's/^.*\///'` -filetype=`echo $filename | sed -e 's/^.*\.//'` - -# use either $tmp_dir, the provided directory (-d) or the provided filename (-f) -if test "x$cmdline_filename" != "x"; then - download_filename="$cmdline_filename" -elif test "x$cmdline_dl_dir" != "x"; then - download_filename="$cmdline_dl_dir/$filename" -else - download_filename="$tmp_dir/$filename" -fi - -# ensure the parent directory where to download the installer always exists -download_dir=`dirname $download_filename` -(umask 077 && mkdir -p $download_dir) || exit 1 - -# check if we have that file locally available and if so verify the checksum -cached_file_available="false" -if test -f $download_filename; then - echo "$download_filename already exists, verifiying checksum..." - if do_checksum "$download_filename" "$sha256"; then - echo "checksum compare succeeded, using existing file!" - cached_file_available="true" - else - echo "checksum mismatch, downloading latest version of the file" - fi -fi - -# download if no local version of the file available -if test "x$cached_file_available" != "xtrue"; then - do_download "$download_url" "$download_filename" - do_checksum "$download_filename" "$sha256" || checksum_mismatch -fi - -############ -# end of fetch_package.sh -############ - - -# install_package.sh -############ -# Installs a package and removed the temp directory. -# -# Inputs: -# $download_filename: Name of the file to be installed. -# $filetype: Type of the file to be installed. -# $version: The version requested. Used only for warning user if not set. -############ - -if test "x$version" = "x"; then - echo - echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" - echo - echo "You are installing an omnibus package without a version pin. If you are installing" - echo "on production servers via an automated process this is DANGEROUS and you will" - echo "be upgraded without warning on new releases, even to new major releases." - echo "Letting the version float is only appropriate in desktop, test, development or" - echo "CI/CD environments." - echo - echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" - echo -fi - -install_file $filetype "$download_filename" - -if test "x$tmp_dir" != "x"; then - rm -r "$tmp_dir" -fi - -############ -# end of install_package.sh -############ diff --git a/sdc-os-chef/sdc-frontend/Dockerfile.template b/sdc-os-chef/sdc-frontend/Dockerfile.template deleted file mode 100644 index 66ce1467b0..0000000000 --- a/sdc-os-chef/sdc-frontend/Dockerfile.template +++ /dev/null @@ -1,26 +0,0 @@ -FROM jetty - -RUN apt-get -y update -RUN apt-get -y install apt-utils -RUN apt-get -y install curl -RUN apt-get -y install vim - -COPY chef-solo /root/chef-solo/ -COPY chef-repo/cookbooks /root/chef-solo/cookbooks/ - -ENV BASE_NEXUS zl999y:ChangeMe@10.208.197.75:8443/repository/maven-public/org/openecomp/sdc - -# install chef-solo -RUN curl -L https://www.opscode.com/chef/install.sh | bash - -RUN cp /usr/local/jetty/resources/log4j.properties /var/lib/jetty/resources/log4j.properties - -ADD onboarding-fe-__SDC-RELEASE__.war /var/lib/jetty/webapps/ -ADD catalog-fe-__SDC-RELEASE__.war /var/lib/jetty/webapps/ -RUN chown -R jetty:jetty /var/lib/jetty/webapps - -COPY startup.sh /root/ - -RUN chmod 770 /root/startup.sh - -ENTRYPOINT [ "/root/startup.sh" ] diff --git a/sdc-os-chef/sdc-frontend/chef-install.sh b/sdc-os-chef/sdc-frontend/chef-install.sh deleted file mode 100644 index 5a4be8ba18..0000000000 --- a/sdc-os-chef/sdc-frontend/chef-install.sh +++ /dev/null @@ -1,707 +0,0 @@ -#!/bin/sh -# WARNING: REQUIRES /bin/sh -# -# - must run on /bin/sh on solaris 9 -# - must run on /bin/sh on AIX 6.x -# -# Copyright:: Copyright (c) 2010-2015 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# helpers.sh -############ -# This section has some helper functions to make life easier. -# -# Outputs: -# $tmp_dir: secure-ish temp directory that can be used during installation. -############ - -# Check whether a command exists - returns 0 if it does, 1 if it does not -exists() { - if command -v $1 >/dev/null 2>&1 - then - return 0 - else - return 1 - fi -} - -# Output the instructions to report bug about this script -report_bug() { - echo "Version: $version" - echo "" - echo "Please file a Bug Report at https://github.com/chef/omnitruck/issues/new" - echo "Alternatively, feel free to open a Support Ticket at https://www.chef.io/support/tickets" - echo "More Chef support resources can be found at https://www.chef.io/support" - echo "" - echo "Please include as many details about the problem as possible i.e., how to reproduce" - echo "the problem (if possible), type of the Operating System and its version, etc.," - echo "and any other relevant details that might help us with troubleshooting." - echo "" -} - -checksum_mismatch() { - echo "Package checksum mismatch!" - report_bug - exit 1 -} - -unable_to_retrieve_package() { - echo "Unable to retrieve a valid package!" - report_bug - echo "Metadata URL: $metadata_url" - if test "x$download_url" != "x"; then - echo "Download URL: $download_url" - fi - if test "x$stderr_results" != "x"; then - echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results" - fi - exit 1 -} - -http_404_error() { - echo "Omnitruck artifact does not exist for version $version on platform $platform" - echo "" - echo "Either this means:" - echo " - We do not support $platform" - echo " - We do not have an artifact for $version" - echo "" - echo "This is often the latter case due to running a prerelease or RC version of chef" - echo "or a gem version which was only pushed to rubygems and not omnitruck." - echo "" - echo "You may be able to set your knife[:bootstrap_version] to the most recent stable" - echo "release of Chef to fix this problem (or the most recent stable major version number)." - echo "" - echo "In order to test the version parameter, adventurous users may take the Metadata URL" - echo "below and modify the '&v=<number>' parameter until you successfully get a URL that" - echo "does not 404 (e.g. via curl or wget). You should be able to use '&v=11' or '&v=12'" - echo "succesfully." - echo "" - echo "If you cannot fix this problem by setting the bootstrap_version, it probably means" - echo "that $platform is not supported." - echo "" - # deliberately do not call report_bug to suppress bug report noise. - echo "Metadata URL: $metadata_url" - if test "x$download_url" != "x"; then - echo "Download URL: $download_url" - fi - if test "x$stderr_results" != "x"; then - echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results" - fi - exit 1 -} - -capture_tmp_stderr() { - # spool up /tmp/stderr from all the commands we called - if test -f "$tmp_dir/stderr"; then - output=`cat $tmp_dir/stderr` - stderr_results="${stderr_results}\nSTDERR from $1:\n\n$output\n" - rm $tmp_dir/stderr - fi -} - -# do_wget URL FILENAME -do_wget() { - echo "trying wget..." - wget --user-agent="User-Agent: mixlib-install/2.1.8" -O "$2" "$1" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "ERROR 404" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "wget" - return 1 - fi - - return 0 -} - -# do_curl URL FILENAME -do_curl() { - echo "trying curl..." - curl -A "User-Agent: mixlib-install/2.1.8" --retry 5 -sL -D $tmp_dir/stderr "$1" > "$2" - rc=$? - # check for 404 - grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "curl" - return 1 - fi - - return 0 -} - -# do_fetch URL FILENAME -do_fetch() { - echo "trying fetch..." - fetch --user-agent="User-Agent: mixlib-install/2.1.8" -o "$2" "$1" 2>$tmp_dir/stderr - # check for bad return status - test $? -ne 0 && return 1 - return 0 -} - -# do_perl URL FILENAME -do_perl() { - echo "trying perl..." - perl -e 'use LWP::Simple; getprint($ARGV[0]);' "$1" > "$2" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "perl" - return 1 - fi - - return 0 -} - -# do_python URL FILENAME -do_python() { - echo "trying python..." - python -c "import sys,urllib2; sys.stdout.write(urllib2.urlopen(urllib2.Request(sys.argv[1], headers={ 'User-Agent': 'mixlib-install/2.1.8' })).read())" "$1" > "$2" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "HTTP Error 404" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "python" - return 1 - fi - return 0 -} - -# returns 0 if checksums match -do_checksum() { - if exists sha256sum; then - echo "Comparing checksum with sha256sum..." - checksum=`sha256sum $1 | awk '{ print $1 }'` - return `test "x$checksum" = "x$2"` - elif exists shasum; then - echo "Comparing checksum with shasum..." - checksum=`shasum -a 256 $1 | awk '{ print $1 }'` - return `test "x$checksum" = "x$2"` - else - echo "WARNING: could not find a valid checksum program, pre-install shasum or sha256sum in your O/S image to get valdation..." - return 0 - fi -} - -# do_download URL FILENAME -do_download() { - echo "downloading $1" - echo " to file $2" - - url=`echo $1` - if test "x$platform" = "xsolaris2"; then - if test "x$platform_version" = "x5.9" -o "x$platform_version" = "x5.10"; then - # solaris 9 lacks openssl, solaris 10 lacks recent enough credentials - your base O/S is completely insecure, please upgrade - url=`echo $url | sed -e 's/https/http/'` - fi - fi - - # we try all of these until we get success. - # perl, in particular may be present but LWP::Simple may not be installed - - if exists wget; then - do_wget $url $2 && return 0 - fi - - if exists curl; then - do_curl $url $2 && return 0 - fi - - if exists fetch; then - do_fetch $url $2 && return 0 - fi - - if exists perl; then - do_perl $url $2 && return 0 - fi - - if exists python; then - do_python $url $2 && return 0 - fi - - unable_to_retrieve_package -} - -# install_file TYPE FILENAME -# TYPE is "rpm", "deb", "solaris", "sh", etc. -install_file() { - echo "Installing $project $version" - case "$1" in - "rpm") - if test "x$platform" = "xnexus" || test "x$platform" = "xios_xr"; then - echo "installing with yum..." - yum install -yv "$2" - else - echo "installing with rpm..." - rpm -Uvh --oldpackage --replacepkgs "$2" - fi - ;; - "deb") - echo "installing with dpkg..." - dpkg -i "$2" - ;; - "bff") - echo "installing with installp..." - installp -aXYgd "$2" all - ;; - "solaris") - echo "installing with pkgadd..." - echo "conflict=nocheck" > $tmp_dir/nocheck - echo "action=nocheck" >> $tmp_dir/nocheck - echo "mail=" >> $tmp_dir/nocheck - pkgrm -a $tmp_dir/nocheck -n $project >/dev/null 2>&1 || true - pkgadd -G -n -d "$2" -a $tmp_dir/nocheck $project - ;; - "pkg") - echo "installing with installer..." - cd / && /usr/sbin/installer -pkg "$2" -target / - ;; - "dmg") - echo "installing dmg file..." - hdiutil detach "/Volumes/chef_software" >/dev/null 2>&1 || true - hdiutil attach "$2" -mountpoint "/Volumes/chef_software" - cd / && /usr/sbin/installer -pkg `find "/Volumes/chef_software" -name \*.pkg` -target / - hdiutil detach "/Volumes/chef_software" - ;; - "sh" ) - echo "installing with sh..." - sh "$2" - ;; - "p5p" ) - echo "installing p5p package..." - pkg install -g "$2" $project - ;; - *) - echo "Unknown filetype: $1" - report_bug - exit 1 - ;; - esac - if test $? -ne 0; then - echo "Installation failed" - report_bug - exit 1 - fi -} - -if test "x$TMPDIR" = "x"; then - tmp="/tmp" -else - tmp=$TMPDIR -fi -# secure-ish temp dir creation without having mktemp available (DDoS-able but not expliotable) -tmp_dir="$tmp/install.sh.$$" -(umask 077 && mkdir $tmp_dir) || exit 1 - -############ -# end of helpers.sh -############ - - -# script_cli_parameters.sh -############ -# This section reads the CLI parameters for the install script and translates -# them to the local parameters to be used later by the script. -# -# Outputs: -# $version: Requested version to be installed. -# $channel: Channel to install the product from -# $project: Project to be installed -# $cmdline_filename: Name of the package downloaded on local disk. -# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk. -############ - -# Defaults -channel="stable" -project="chef" - -while getopts pnv:c:f:P:d: opt -do - case "$opt" in - - v) version="$OPTARG";; - c) channel="$OPTARG";; - p) channel="current";; # compat for prerelease option - n) channel="current";; # compat for nightlies option - f) cmdline_filename="$OPTARG";; - P) project="$OPTARG";; - d) cmdline_dl_dir="$OPTARG";; - \?) # unknown flag - echo >&2 \ - "usage: $0 [-P project] [-c release_channel] [-v version] [-f filename | -d download_dir]" - exit 1;; - esac -done - -shift `expr $OPTIND - 1` - - -# platform_detection.sh -############ -# This section makes platform detection compatible with omnitruck on the system -# it runs. -# -# Outputs: -# $platform: Name of the platform. -# $platform_version: Version of the platform. -# $machine: System's architecture. -############ - -# -# Platform and Platform Version detection -# -# NOTE: This should now match ohai platform and platform_version matching. -# do not invented new platform and platform_version schemas, just make this behave -# like what ohai returns as platform and platform_version for the server. -# -# ALSO NOTE: Do not mangle platform or platform_version here. It is less error -# prone and more future-proof to do that in the server, and then all omnitruck clients -# will 'inherit' the changes (install.sh is not the only client of the omnitruck -# endpoint out there). -# - -machine=`uname -m` -os=`uname -s` - -if test -f "/etc/lsb-release" && grep -q DISTRIB_ID /etc/lsb-release && ! grep -q wrlinux /etc/lsb-release; then - platform=`grep DISTRIB_ID /etc/lsb-release | cut -d "=" -f 2 | tr '[A-Z]' '[a-z]'` - platform_version=`grep DISTRIB_RELEASE /etc/lsb-release | cut -d "=" -f 2` - - if test "$platform" = "\"cumulus linux\""; then - platform="cumulus_linux" - elif test "$platform" = "\"cumulus networks\""; then - platform="cumulus_networks" - fi - -elif test -f "/etc/debian_version"; then - platform="debian" - platform_version=`cat /etc/debian_version` -elif test -f "/etc/Eos-release"; then - # EOS may also contain /etc/redhat-release so this check must come first. - platform=arista_eos - platform_version=`awk '{print $4}' /etc/Eos-release` - machine="i386" -elif test -f "/etc/redhat-release"; then - platform=`sed 's/^\(.\+\) release.*/\1/' /etc/redhat-release | tr '[A-Z]' '[a-z]'` - platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/redhat-release` - - # If /etc/redhat-release exists, we act like RHEL by default - if test "$platform" = "fedora"; then - # FIXME: stop remapping fedora to el - # FIXME: remove client side platform_version mangling and hard coded yolo - # Change platform version for use below. - platform_version="6.0" - fi - - if test "$platform" = "xenserver"; then - # Current XenServer 6.2 is based on CentOS 5, platform is not reset to "el" server should hanlde response - platform="xenserver" - else - # FIXME: use "redhat" - platform="el" - fi - -elif test -f "/etc/system-release"; then - platform=`sed 's/^\(.\+\) release.\+/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'` - platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'` - # amazon is built off of fedora, so act like RHEL - if test "$platform" = "amazon linux ami"; then - # FIXME: remove client side platform_version mangling and hard coded yolo, and remapping to deprecated "el" - platform="el" - platform_version="6.0" - fi -# Apple OS X -elif test -f "/usr/bin/sw_vers"; then - platform="mac_os_x" - # Matching the tab-space with sed is error-prone - platform_version=`sw_vers | awk '/^ProductVersion:/ { print $2 }' | cut -d. -f1,2` - - # x86_64 Apple hardware often runs 32-bit kernels (see OHAI-63) - x86_64=`sysctl -n hw.optional.x86_64` - if test $x86_64 -eq 1; then - machine="x86_64" - fi -elif test -f "/etc/release"; then - machine=`/usr/bin/uname -p` - if grep -q SmartOS /etc/release; then - platform="smartos" - platform_version=`grep ^Image /etc/product | awk '{ print $3 }'` - else - platform="solaris2" - platform_version=`/usr/bin/uname -r` - fi -elif test -f "/etc/SuSE-release"; then - if grep -q 'Enterprise' /etc/SuSE-release; - then - platform="sles" - platform_version=`awk '/^VERSION/ {V = $3}; /^PATCHLEVEL/ {P = $3}; END {print V "." P}' /etc/SuSE-release` - else - platform="suse" - platform_version=`awk '/^VERSION =/ { print $3 }' /etc/SuSE-release` - fi -elif test "x$os" = "xFreeBSD"; then - platform="freebsd" - platform_version=`uname -r | sed 's/-.*//'` -elif test "x$os" = "xAIX"; then - platform="aix" - platform_version="`uname -v`.`uname -r`" - machine="powerpc" -elif test -f "/etc/os-release"; then - . /etc/os-release - if test "x$CISCO_RELEASE_INFO" != "x"; then - . $CISCO_RELEASE_INFO - fi - - platform=$ID - platform_version=$VERSION -fi - -if test "x$platform" = "x"; then - echo "Unable to determine platform version!" - report_bug - exit 1 -fi - -# -# NOTE: platform manging in the install.sh is DEPRECATED -# -# - install.sh should be true to ohai and should not remap -# platform or platform versions. -# -# - remapping platform and mangling platform version numbers is -# now the complete responsibility of the server-side endpoints -# - -major_version=`echo $platform_version | cut -d. -f1` -case $platform in - # FIXME: should remove this case statement completely - "el") - # FIXME: "el" is deprecated, should use "redhat" - platform_version=$major_version - ;; - "debian") - if test "x$major_version" = "x5"; then - # This is here for potential back-compat. - # We do not have 5 in versions we publish for anymore but we - # might have it for earlier versions. - platform_version="6" - else - platform_version=$major_version - fi - ;; - "freebsd") - platform_version=$major_version - ;; - "sles") - platform_version=$major_version - ;; - "suse") - platform_version=$major_version - ;; -esac - -# normalize the architecture we detected -case $machine in - "x86_64"|"amd64"|"x64") - machine="x86_64" - ;; - "i386"|"i86pc"|"x86"|"i686") - machine="i386" - ;; - "sparc"|"sun4u"|"sun4v") - machine="sparc" - ;; -esac - -if test "x$platform_version" = "x"; then - echo "Unable to determine platform version!" - report_bug - exit 1 -fi - -if test "x$platform" = "xsolaris2"; then - # hack up the path on Solaris to find wget, pkgadd - PATH=/usr/sfw/bin:/usr/sbin:$PATH - export PATH -fi - -echo "$platform $platform_version $machine" - -############ -# end of platform_detection.sh -############ - - -# fetch_metadata.sh -############ -# This section calls omnitruck to get the information about the build to be -# installed. -# -# Inputs: -# $channel: -# $project: -# $version: -# $platform: -# $platform_version: -# $machine: -# $tmp_dir: -# -# Outputs: -# $download_url: -# $sha256: -############ - -echo "Getting information for $project $channel $version for $platform..." - -metadata_filename="$tmp_dir/metadata.txt" -metadata_url="https://omnitruck-direct.chef.io/$channel/$project/metadata?v=$version&p=$platform&pv=$platform_version&m=$machine" - -do_download "$metadata_url" "$metadata_filename" - -cat "$metadata_filename" - -echo "" -# check that all the mandatory fields in the downloaded metadata are there -if grep '^url' $metadata_filename > /dev/null && grep '^sha256' $metadata_filename > /dev/null; then - echo "downloaded metadata file looks valid..." -else - echo "downloaded metadata file is corrupted or an uncaught error was encountered in downloading the file..." - # this generally means one of the download methods downloaded a 404 or something like that and then reported a successful exit code, - # and this should be fixed in the function that was doing the download. - report_bug - exit 1 -fi - -download_url=`awk '$1 == "url" { print $2 }' "$metadata_filename"` -sha256=`awk '$1 == "sha256" { print $2 }' "$metadata_filename"` - -############ -# end of fetch_metadata.sh -############ - - -# fetch_package.sh -############ -# This section fetchs a package from $download_url and verifies its metadata. -# -# Inputs: -# $download_url: -# $tmp_dir: -# Optional Inputs: -# $cmdline_filename: Name of the package downloaded on local disk. -# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk. -# -# Outputs: -# $download_filename: Name of the downloaded file on local disk. -# $filetype: Type of the file downloaded. -############ - -filename=`echo $download_url | sed -e 's/^.*\///'` -filetype=`echo $filename | sed -e 's/^.*\.//'` - -# use either $tmp_dir, the provided directory (-d) or the provided filename (-f) -if test "x$cmdline_filename" != "x"; then - download_filename="$cmdline_filename" -elif test "x$cmdline_dl_dir" != "x"; then - download_filename="$cmdline_dl_dir/$filename" -else - download_filename="$tmp_dir/$filename" -fi - -# ensure the parent directory where to download the installer always exists -download_dir=`dirname $download_filename` -(umask 077 && mkdir -p $download_dir) || exit 1 - -# check if we have that file locally available and if so verify the checksum -cached_file_available="false" -if test -f $download_filename; then - echo "$download_filename already exists, verifiying checksum..." - if do_checksum "$download_filename" "$sha256"; then - echo "checksum compare succeeded, using existing file!" - cached_file_available="true" - else - echo "checksum mismatch, downloading latest version of the file" - fi -fi - -# download if no local version of the file available -if test "x$cached_file_available" != "xtrue"; then - do_download "$download_url" "$download_filename" - do_checksum "$download_filename" "$sha256" || checksum_mismatch -fi - -############ -# end of fetch_package.sh -############ - - -# install_package.sh -############ -# Installs a package and removed the temp directory. -# -# Inputs: -# $download_filename: Name of the file to be installed. -# $filetype: Type of the file to be installed. -# $version: The version requested. Used only for warning user if not set. -############ - -if test "x$version" = "x"; then - echo - echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" - echo - echo "You are installing an omnibus package without a version pin. If you are installing" - echo "on production servers via an automated process this is DANGEROUS and you will" - echo "be upgraded without warning on new releases, even to new major releases." - echo "Letting the version float is only appropriate in desktop, test, development or" - echo "CI/CD environments." - echo - echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" - echo -fi - -install_file $filetype "$download_filename" - -if test "x$tmp_dir" != "x"; then - rm -r "$tmp_dir" -fi - -############ -# end of install_package.sh -############ diff --git a/sdc-os-chef/sdc-kibana/chef-install.sh b/sdc-os-chef/sdc-kibana/chef-install.sh deleted file mode 100644 index 5a4be8ba18..0000000000 --- a/sdc-os-chef/sdc-kibana/chef-install.sh +++ /dev/null @@ -1,707 +0,0 @@ -#!/bin/sh -# WARNING: REQUIRES /bin/sh -# -# - must run on /bin/sh on solaris 9 -# - must run on /bin/sh on AIX 6.x -# -# Copyright:: Copyright (c) 2010-2015 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# helpers.sh -############ -# This section has some helper functions to make life easier. -# -# Outputs: -# $tmp_dir: secure-ish temp directory that can be used during installation. -############ - -# Check whether a command exists - returns 0 if it does, 1 if it does not -exists() { - if command -v $1 >/dev/null 2>&1 - then - return 0 - else - return 1 - fi -} - -# Output the instructions to report bug about this script -report_bug() { - echo "Version: $version" - echo "" - echo "Please file a Bug Report at https://github.com/chef/omnitruck/issues/new" - echo "Alternatively, feel free to open a Support Ticket at https://www.chef.io/support/tickets" - echo "More Chef support resources can be found at https://www.chef.io/support" - echo "" - echo "Please include as many details about the problem as possible i.e., how to reproduce" - echo "the problem (if possible), type of the Operating System and its version, etc.," - echo "and any other relevant details that might help us with troubleshooting." - echo "" -} - -checksum_mismatch() { - echo "Package checksum mismatch!" - report_bug - exit 1 -} - -unable_to_retrieve_package() { - echo "Unable to retrieve a valid package!" - report_bug - echo "Metadata URL: $metadata_url" - if test "x$download_url" != "x"; then - echo "Download URL: $download_url" - fi - if test "x$stderr_results" != "x"; then - echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results" - fi - exit 1 -} - -http_404_error() { - echo "Omnitruck artifact does not exist for version $version on platform $platform" - echo "" - echo "Either this means:" - echo " - We do not support $platform" - echo " - We do not have an artifact for $version" - echo "" - echo "This is often the latter case due to running a prerelease or RC version of chef" - echo "or a gem version which was only pushed to rubygems and not omnitruck." - echo "" - echo "You may be able to set your knife[:bootstrap_version] to the most recent stable" - echo "release of Chef to fix this problem (or the most recent stable major version number)." - echo "" - echo "In order to test the version parameter, adventurous users may take the Metadata URL" - echo "below and modify the '&v=<number>' parameter until you successfully get a URL that" - echo "does not 404 (e.g. via curl or wget). You should be able to use '&v=11' or '&v=12'" - echo "succesfully." - echo "" - echo "If you cannot fix this problem by setting the bootstrap_version, it probably means" - echo "that $platform is not supported." - echo "" - # deliberately do not call report_bug to suppress bug report noise. - echo "Metadata URL: $metadata_url" - if test "x$download_url" != "x"; then - echo "Download URL: $download_url" - fi - if test "x$stderr_results" != "x"; then - echo "\nDEBUG OUTPUT FOLLOWS:\n$stderr_results" - fi - exit 1 -} - -capture_tmp_stderr() { - # spool up /tmp/stderr from all the commands we called - if test -f "$tmp_dir/stderr"; then - output=`cat $tmp_dir/stderr` - stderr_results="${stderr_results}\nSTDERR from $1:\n\n$output\n" - rm $tmp_dir/stderr - fi -} - -# do_wget URL FILENAME -do_wget() { - echo "trying wget..." - wget --user-agent="User-Agent: mixlib-install/2.1.8" -O "$2" "$1" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "ERROR 404" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "wget" - return 1 - fi - - return 0 -} - -# do_curl URL FILENAME -do_curl() { - echo "trying curl..." - curl -A "User-Agent: mixlib-install/2.1.8" --retry 5 -sL -D $tmp_dir/stderr "$1" > "$2" - rc=$? - # check for 404 - grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "curl" - return 1 - fi - - return 0 -} - -# do_fetch URL FILENAME -do_fetch() { - echo "trying fetch..." - fetch --user-agent="User-Agent: mixlib-install/2.1.8" -o "$2" "$1" 2>$tmp_dir/stderr - # check for bad return status - test $? -ne 0 && return 1 - return 0 -} - -# do_perl URL FILENAME -do_perl() { - echo "trying perl..." - perl -e 'use LWP::Simple; getprint($ARGV[0]);' "$1" > "$2" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "404 Not Found" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "perl" - return 1 - fi - - return 0 -} - -# do_python URL FILENAME -do_python() { - echo "trying python..." - python -c "import sys,urllib2; sys.stdout.write(urllib2.urlopen(urllib2.Request(sys.argv[1], headers={ 'User-Agent': 'mixlib-install/2.1.8' })).read())" "$1" > "$2" 2>$tmp_dir/stderr - rc=$? - # check for 404 - grep "HTTP Error 404" $tmp_dir/stderr 2>&1 >/dev/null - if test $? -eq 0; then - echo "ERROR 404" - http_404_error - fi - - # check for bad return status or empty output - if test $rc -ne 0 || test ! -s "$2"; then - capture_tmp_stderr "python" - return 1 - fi - return 0 -} - -# returns 0 if checksums match -do_checksum() { - if exists sha256sum; then - echo "Comparing checksum with sha256sum..." - checksum=`sha256sum $1 | awk '{ print $1 }'` - return `test "x$checksum" = "x$2"` - elif exists shasum; then - echo "Comparing checksum with shasum..." - checksum=`shasum -a 256 $1 | awk '{ print $1 }'` - return `test "x$checksum" = "x$2"` - else - echo "WARNING: could not find a valid checksum program, pre-install shasum or sha256sum in your O/S image to get valdation..." - return 0 - fi -} - -# do_download URL FILENAME -do_download() { - echo "downloading $1" - echo " to file $2" - - url=`echo $1` - if test "x$platform" = "xsolaris2"; then - if test "x$platform_version" = "x5.9" -o "x$platform_version" = "x5.10"; then - # solaris 9 lacks openssl, solaris 10 lacks recent enough credentials - your base O/S is completely insecure, please upgrade - url=`echo $url | sed -e 's/https/http/'` - fi - fi - - # we try all of these until we get success. - # perl, in particular may be present but LWP::Simple may not be installed - - if exists wget; then - do_wget $url $2 && return 0 - fi - - if exists curl; then - do_curl $url $2 && return 0 - fi - - if exists fetch; then - do_fetch $url $2 && return 0 - fi - - if exists perl; then - do_perl $url $2 && return 0 - fi - - if exists python; then - do_python $url $2 && return 0 - fi - - unable_to_retrieve_package -} - -# install_file TYPE FILENAME -# TYPE is "rpm", "deb", "solaris", "sh", etc. -install_file() { - echo "Installing $project $version" - case "$1" in - "rpm") - if test "x$platform" = "xnexus" || test "x$platform" = "xios_xr"; then - echo "installing with yum..." - yum install -yv "$2" - else - echo "installing with rpm..." - rpm -Uvh --oldpackage --replacepkgs "$2" - fi - ;; - "deb") - echo "installing with dpkg..." - dpkg -i "$2" - ;; - "bff") - echo "installing with installp..." - installp -aXYgd "$2" all - ;; - "solaris") - echo "installing with pkgadd..." - echo "conflict=nocheck" > $tmp_dir/nocheck - echo "action=nocheck" >> $tmp_dir/nocheck - echo "mail=" >> $tmp_dir/nocheck - pkgrm -a $tmp_dir/nocheck -n $project >/dev/null 2>&1 || true - pkgadd -G -n -d "$2" -a $tmp_dir/nocheck $project - ;; - "pkg") - echo "installing with installer..." - cd / && /usr/sbin/installer -pkg "$2" -target / - ;; - "dmg") - echo "installing dmg file..." - hdiutil detach "/Volumes/chef_software" >/dev/null 2>&1 || true - hdiutil attach "$2" -mountpoint "/Volumes/chef_software" - cd / && /usr/sbin/installer -pkg `find "/Volumes/chef_software" -name \*.pkg` -target / - hdiutil detach "/Volumes/chef_software" - ;; - "sh" ) - echo "installing with sh..." - sh "$2" - ;; - "p5p" ) - echo "installing p5p package..." - pkg install -g "$2" $project - ;; - *) - echo "Unknown filetype: $1" - report_bug - exit 1 - ;; - esac - if test $? -ne 0; then - echo "Installation failed" - report_bug - exit 1 - fi -} - -if test "x$TMPDIR" = "x"; then - tmp="/tmp" -else - tmp=$TMPDIR -fi -# secure-ish temp dir creation without having mktemp available (DDoS-able but not expliotable) -tmp_dir="$tmp/install.sh.$$" -(umask 077 && mkdir $tmp_dir) || exit 1 - -############ -# end of helpers.sh -############ - - -# script_cli_parameters.sh -############ -# This section reads the CLI parameters for the install script and translates -# them to the local parameters to be used later by the script. -# -# Outputs: -# $version: Requested version to be installed. -# $channel: Channel to install the product from -# $project: Project to be installed -# $cmdline_filename: Name of the package downloaded on local disk. -# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk. -############ - -# Defaults -channel="stable" -project="chef" - -while getopts pnv:c:f:P:d: opt -do - case "$opt" in - - v) version="$OPTARG";; - c) channel="$OPTARG";; - p) channel="current";; # compat for prerelease option - n) channel="current";; # compat for nightlies option - f) cmdline_filename="$OPTARG";; - P) project="$OPTARG";; - d) cmdline_dl_dir="$OPTARG";; - \?) # unknown flag - echo >&2 \ - "usage: $0 [-P project] [-c release_channel] [-v version] [-f filename | -d download_dir]" - exit 1;; - esac -done - -shift `expr $OPTIND - 1` - - -# platform_detection.sh -############ -# This section makes platform detection compatible with omnitruck on the system -# it runs. -# -# Outputs: -# $platform: Name of the platform. -# $platform_version: Version of the platform. -# $machine: System's architecture. -############ - -# -# Platform and Platform Version detection -# -# NOTE: This should now match ohai platform and platform_version matching. -# do not invented new platform and platform_version schemas, just make this behave -# like what ohai returns as platform and platform_version for the server. -# -# ALSO NOTE: Do not mangle platform or platform_version here. It is less error -# prone and more future-proof to do that in the server, and then all omnitruck clients -# will 'inherit' the changes (install.sh is not the only client of the omnitruck -# endpoint out there). -# - -machine=`uname -m` -os=`uname -s` - -if test -f "/etc/lsb-release" && grep -q DISTRIB_ID /etc/lsb-release && ! grep -q wrlinux /etc/lsb-release; then - platform=`grep DISTRIB_ID /etc/lsb-release | cut -d "=" -f 2 | tr '[A-Z]' '[a-z]'` - platform_version=`grep DISTRIB_RELEASE /etc/lsb-release | cut -d "=" -f 2` - - if test "$platform" = "\"cumulus linux\""; then - platform="cumulus_linux" - elif test "$platform" = "\"cumulus networks\""; then - platform="cumulus_networks" - fi - -elif test -f "/etc/debian_version"; then - platform="debian" - platform_version=`cat /etc/debian_version` -elif test -f "/etc/Eos-release"; then - # EOS may also contain /etc/redhat-release so this check must come first. - platform=arista_eos - platform_version=`awk '{print $4}' /etc/Eos-release` - machine="i386" -elif test -f "/etc/redhat-release"; then - platform=`sed 's/^\(.\+\) release.*/\1/' /etc/redhat-release | tr '[A-Z]' '[a-z]'` - platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/redhat-release` - - # If /etc/redhat-release exists, we act like RHEL by default - if test "$platform" = "fedora"; then - # FIXME: stop remapping fedora to el - # FIXME: remove client side platform_version mangling and hard coded yolo - # Change platform version for use below. - platform_version="6.0" - fi - - if test "$platform" = "xenserver"; then - # Current XenServer 6.2 is based on CentOS 5, platform is not reset to "el" server should hanlde response - platform="xenserver" - else - # FIXME: use "redhat" - platform="el" - fi - -elif test -f "/etc/system-release"; then - platform=`sed 's/^\(.\+\) release.\+/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'` - platform_version=`sed 's/^.\+ release \([.0-9]\+\).*/\1/' /etc/system-release | tr '[A-Z]' '[a-z]'` - # amazon is built off of fedora, so act like RHEL - if test "$platform" = "amazon linux ami"; then - # FIXME: remove client side platform_version mangling and hard coded yolo, and remapping to deprecated "el" - platform="el" - platform_version="6.0" - fi -# Apple OS X -elif test -f "/usr/bin/sw_vers"; then - platform="mac_os_x" - # Matching the tab-space with sed is error-prone - platform_version=`sw_vers | awk '/^ProductVersion:/ { print $2 }' | cut -d. -f1,2` - - # x86_64 Apple hardware often runs 32-bit kernels (see OHAI-63) - x86_64=`sysctl -n hw.optional.x86_64` - if test $x86_64 -eq 1; then - machine="x86_64" - fi -elif test -f "/etc/release"; then - machine=`/usr/bin/uname -p` - if grep -q SmartOS /etc/release; then - platform="smartos" - platform_version=`grep ^Image /etc/product | awk '{ print $3 }'` - else - platform="solaris2" - platform_version=`/usr/bin/uname -r` - fi -elif test -f "/etc/SuSE-release"; then - if grep -q 'Enterprise' /etc/SuSE-release; - then - platform="sles" - platform_version=`awk '/^VERSION/ {V = $3}; /^PATCHLEVEL/ {P = $3}; END {print V "." P}' /etc/SuSE-release` - else - platform="suse" - platform_version=`awk '/^VERSION =/ { print $3 }' /etc/SuSE-release` - fi -elif test "x$os" = "xFreeBSD"; then - platform="freebsd" - platform_version=`uname -r | sed 's/-.*//'` -elif test "x$os" = "xAIX"; then - platform="aix" - platform_version="`uname -v`.`uname -r`" - machine="powerpc" -elif test -f "/etc/os-release"; then - . /etc/os-release - if test "x$CISCO_RELEASE_INFO" != "x"; then - . $CISCO_RELEASE_INFO - fi - - platform=$ID - platform_version=$VERSION -fi - -if test "x$platform" = "x"; then - echo "Unable to determine platform version!" - report_bug - exit 1 -fi - -# -# NOTE: platform manging in the install.sh is DEPRECATED -# -# - install.sh should be true to ohai and should not remap -# platform or platform versions. -# -# - remapping platform and mangling platform version numbers is -# now the complete responsibility of the server-side endpoints -# - -major_version=`echo $platform_version | cut -d. -f1` -case $platform in - # FIXME: should remove this case statement completely - "el") - # FIXME: "el" is deprecated, should use "redhat" - platform_version=$major_version - ;; - "debian") - if test "x$major_version" = "x5"; then - # This is here for potential back-compat. - # We do not have 5 in versions we publish for anymore but we - # might have it for earlier versions. - platform_version="6" - else - platform_version=$major_version - fi - ;; - "freebsd") - platform_version=$major_version - ;; - "sles") - platform_version=$major_version - ;; - "suse") - platform_version=$major_version - ;; -esac - -# normalize the architecture we detected -case $machine in - "x86_64"|"amd64"|"x64") - machine="x86_64" - ;; - "i386"|"i86pc"|"x86"|"i686") - machine="i386" - ;; - "sparc"|"sun4u"|"sun4v") - machine="sparc" - ;; -esac - -if test "x$platform_version" = "x"; then - echo "Unable to determine platform version!" - report_bug - exit 1 -fi - -if test "x$platform" = "xsolaris2"; then - # hack up the path on Solaris to find wget, pkgadd - PATH=/usr/sfw/bin:/usr/sbin:$PATH - export PATH -fi - -echo "$platform $platform_version $machine" - -############ -# end of platform_detection.sh -############ - - -# fetch_metadata.sh -############ -# This section calls omnitruck to get the information about the build to be -# installed. -# -# Inputs: -# $channel: -# $project: -# $version: -# $platform: -# $platform_version: -# $machine: -# $tmp_dir: -# -# Outputs: -# $download_url: -# $sha256: -############ - -echo "Getting information for $project $channel $version for $platform..." - -metadata_filename="$tmp_dir/metadata.txt" -metadata_url="https://omnitruck-direct.chef.io/$channel/$project/metadata?v=$version&p=$platform&pv=$platform_version&m=$machine" - -do_download "$metadata_url" "$metadata_filename" - -cat "$metadata_filename" - -echo "" -# check that all the mandatory fields in the downloaded metadata are there -if grep '^url' $metadata_filename > /dev/null && grep '^sha256' $metadata_filename > /dev/null; then - echo "downloaded metadata file looks valid..." -else - echo "downloaded metadata file is corrupted or an uncaught error was encountered in downloading the file..." - # this generally means one of the download methods downloaded a 404 or something like that and then reported a successful exit code, - # and this should be fixed in the function that was doing the download. - report_bug - exit 1 -fi - -download_url=`awk '$1 == "url" { print $2 }' "$metadata_filename"` -sha256=`awk '$1 == "sha256" { print $2 }' "$metadata_filename"` - -############ -# end of fetch_metadata.sh -############ - - -# fetch_package.sh -############ -# This section fetchs a package from $download_url and verifies its metadata. -# -# Inputs: -# $download_url: -# $tmp_dir: -# Optional Inputs: -# $cmdline_filename: Name of the package downloaded on local disk. -# $cmdline_dl_dir: Name of the directory downloaded package will be saved to on local disk. -# -# Outputs: -# $download_filename: Name of the downloaded file on local disk. -# $filetype: Type of the file downloaded. -############ - -filename=`echo $download_url | sed -e 's/^.*\///'` -filetype=`echo $filename | sed -e 's/^.*\.//'` - -# use either $tmp_dir, the provided directory (-d) or the provided filename (-f) -if test "x$cmdline_filename" != "x"; then - download_filename="$cmdline_filename" -elif test "x$cmdline_dl_dir" != "x"; then - download_filename="$cmdline_dl_dir/$filename" -else - download_filename="$tmp_dir/$filename" -fi - -# ensure the parent directory where to download the installer always exists -download_dir=`dirname $download_filename` -(umask 077 && mkdir -p $download_dir) || exit 1 - -# check if we have that file locally available and if so verify the checksum -cached_file_available="false" -if test -f $download_filename; then - echo "$download_filename already exists, verifiying checksum..." - if do_checksum "$download_filename" "$sha256"; then - echo "checksum compare succeeded, using existing file!" - cached_file_available="true" - else - echo "checksum mismatch, downloading latest version of the file" - fi -fi - -# download if no local version of the file available -if test "x$cached_file_available" != "xtrue"; then - do_download "$download_url" "$download_filename" - do_checksum "$download_filename" "$sha256" || checksum_mismatch -fi - -############ -# end of fetch_package.sh -############ - - -# install_package.sh -############ -# Installs a package and removed the temp directory. -# -# Inputs: -# $download_filename: Name of the file to be installed. -# $filetype: Type of the file to be installed. -# $version: The version requested. Used only for warning user if not set. -############ - -if test "x$version" = "x"; then - echo - echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" - echo - echo "You are installing an omnibus package without a version pin. If you are installing" - echo "on production servers via an automated process this is DANGEROUS and you will" - echo "be upgraded without warning on new releases, even to new major releases." - echo "Letting the version float is only appropriate in desktop, test, development or" - echo "CI/CD environments." - echo - echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" - echo -fi - -install_file $filetype "$download_filename" - -if test "x$tmp_dir" != "x"; then - rm -r "$tmp_dir" -fi - -############ -# end of install_package.sh -############ diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml index 18e5b32bb9..c0e9fe6327 100644 --- a/utils/webseal-simulator/pom.xml +++ b/utils/webseal-simulator/pom.xml @@ -5,13 +5,10 @@ <groupId>org.openecomp.sdc</groupId> <artifactId>webseal-simulator</artifactId> <packaging>war</packaging> - <version>0.0.1-SNAPSHOT</version> + <version>0.1.0-SNAPSHOT</version> <properties> <jetty-version>9.2.10.v20150310</jetty-version> - <docker.tag>${project.version}-${maven.build.timestamp}</docker.tag> - <docker.latest.tag>${project.version}-latest</docker.latest.tag> - <!--maven--> <maven.build.timestamp.format>yyyyMMdd'T'HHmm</maven.build.timestamp.format> <nexus.proxy>https://nexus.onap.org</nexus.proxy> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> @@ -83,7 +80,7 @@ </dependencies> <build> - <finalName>WSSimulator</finalName> + <finalName>WSSimulator-${project.version}</finalName> <plugins> <!-- ================================================== --> <!-- Set the JDK compiler version. --> @@ -99,20 +96,6 @@ </configuration> </plugin> - <plugin> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-maven-plugin</artifactId> - <version>${jetty-version}</version> - <configuration> - <contextPath>/</contextPath> - <webApp> - <contextPath>/</contextPath> - <webInfIncludeJarPattern>.*/.*jersey-[^/]\.jar$</webInfIncludeJarPattern> - </webApp> - <war>WSSimulator.war</war> - </configuration> - </plugin> - </plugins> </build> @@ -124,11 +107,6 @@ <url>${nexus.proxy}/content/repositories/releases/</url> </repository> <repository> - <id>ecomp-staging</id> - <name>Staging Repository</name> - <url>${nexus.proxy}/content/repositories/staging/</url> - </repository> - <repository> <id>ecomp-snapshots</id> <name>Snapshots Repository</name> <url>${nexus.proxy}/content/repositories/snapshots/</url> @@ -143,14 +121,6 @@ <profiles> <profile> - <id>docker-staging</id> - <properties> - <docker.tag>${project.version}-STAGING-${maven.build.timestamp}</docker.tag> - <docker.latest.tag>${project.version}-STAGING-latest</docker.latest.tag> - </properties> - </profile> - - <profile> <id>docker</id> <activation> <activeByDefault>false</activeByDefault> @@ -204,7 +174,7 @@ <resource> <directory>${project.basedir}/target</directory> <includes> - <include>WSSimulator.war</include> + <include>WSSimulator*.war</include> </includes> </resource> </resources> @@ -236,7 +206,7 @@ <plugin> <groupId>io.fabric8</groupId> <artifactId>docker-maven-plugin</artifactId> - <version>0.23.0</version> + <version>0.24.0</version> <configuration> <verbose>true</verbose> @@ -256,11 +226,10 @@ <alias>sdc-simulator</alias> <build> <cleanup>try</cleanup> - <dockerFileDir>${basedir}\sdc-simulator</dockerFileDir> + <dockerFileDir>${basedir}/sdc-simulator</dockerFileDir> <tags> <tag>${docker.tag}</tag> <tag>${docker.latest.tag}</tag> - <tag>1.1-STAGING-latest</tag> </tags> </build> </image> @@ -273,12 +242,7 @@ <goals> <goal>remove</goal> </goals> - <configuration> - <removeAll>true</removeAll> - <image>openecomp/sdc-simulator</image> - </configuration> </execution> - <execution> <id>generate-images</id> <phase>install</phase> @@ -286,17 +250,12 @@ <goal>build</goal> </goals> </execution> - <execution> <id>push-images</id> <phase>deploy</phase> <goals> - <goal>build</goal> <goal>push</goal> </goals> - <configuration> - <image>openecomp/sdc-simulator</image> - </configuration> </execution> </executions> </plugin> diff --git a/utils/webseal-simulator/scripts/simulator_docker_run.sh b/utils/webseal-simulator/scripts/simulator_docker_run.sh index c7ded8d116..079dc1e578 100644 --- a/utils/webseal-simulator/scripts/simulator_docker_run.sh +++ b/utils/webseal-simulator/scripts/simulator_docker_run.sh @@ -70,8 +70,10 @@ echo "${PREFIX}" dir_perms +JAVA_OPTIONS=" -Xmx128m -Xms128m -Xss1m" + # SDC-Simulator -docker run --detach --name sdc-sim --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --env http_proxy=${http_proxy} --env https_proxy=${https_proxy} --env no_proxy=${no_proxy} --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 256m --memory-swap=256m --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/WS/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 8285:8080 ${PREFIX}/sdc-simulator:${RELEASE} +docker run --detach --name sdc-sim --env JAVA_OPTIONS="${JAVA_OPTIONS}" --env ENVNAME="${DEP_ENV}" --env http_proxy=${http_proxy} --env https_proxy=${https_proxy} --env no_proxy=${no_proxy} --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/WS/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 8285:8080 --publish 8286:8443 ${PREFIX}/sdc-simulator:${RELEASE} if [ $? -ne 0 ]; then diff --git a/utils/webseal-simulator/scripts/ws-compose.yaml b/utils/webseal-simulator/scripts/ws-compose.yaml new file mode 100644 index 0000000000..7c07f62c79 --- /dev/null +++ b/utils/webseal-simulator/scripts/ws-compose.yaml @@ -0,0 +1,21 @@ +version: '3' + +services: + WS: + container_name: sdc-sim + image: onap/sdc-simulator:latest + volumes: + - "/etc/localtime:/etc/localtime:ro" + - "/data/logs/WS/:/var/lib/jetty/logs" + - "/data/environments:/root/chef-solo/environments" + ports: + - "8286:8443" + - "8285:8080" + restart: always + environment: + HOST_IP: "10.0.2.15" + ENVNAME: "AUTO" + http_proxy: http://one.proxy.att.com:8080 + https_proxy: http://one.proxy.att.com:8080 + no_proxy: "localhost,127.0.0.1" + JAVA_OPTIONS: "-Xmx128m -Xms128m -Xss1m" diff --git a/utils/webseal-simulator/sdc-simulator/Dockerfile.template b/utils/webseal-simulator/sdc-simulator/Dockerfile.template deleted file mode 100644 index 673b56fd07..0000000000 --- a/utils/webseal-simulator/sdc-simulator/Dockerfile.template +++ /dev/null @@ -1,25 +0,0 @@ -FROM jetty - -RUN apt-get -y update -RUN apt-get -y install apt-utils -RUN apt-get -y install curl -RUN apt-get -y install vim - -COPY chef-solo /root/chef-solo/ -COPY chef-repo/cookbooks /root/chef-solo/cookbooks/ - -ENV BASE_NEXUS zl999y:ChangeMe@10.208.197.75:8443/repository/maven-public/org/openecomp/sdc - -# install chef-solo -RUN curl -L https://www.opscode.com/chef/install.sh | bash - -RUN cp /usr/local/jetty/resources/log4j.properties /var/lib/jetty/resources/log4j.properties - -ADD sdc-simulator-__SDC-RELEASE__.war /var/lib/jetty/webapps/ -RUN chown -R jetty:jetty /var/lib/jetty/webapps - -COPY startup.sh /root/ - -RUN chmod 770 /root/startup.sh - -ENTRYPOINT [ "/root/startup.sh" ] diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb index 85fedfd9e5..6c081d685d 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb @@ -1,5 +1,13 @@ jetty_base="/var/lib/jetty" +if !ENV['FE_URL'].nil? + fe_url="#{ENV['FE_URL']}" +elsif node['disableHttp'] + fe_url="https://#{node['Nodes']['FE']}:#{node['FE'][:https_port]}" +else + fe_url="http://#{node['Nodes']['FE']}:#{node['FE'][:http_port]}" +end + template "webseal.conf" do path "#{jetty_base}/config/sdc-simulator/webseal.conf" @@ -8,7 +16,6 @@ template "webseal.conf" do group "jetty" mode "0755" variables({ - :fe_host_ip => node['HOST_IP'], - :fe_http_port => "#{node['FE'][:http_port]}" + :fe_url =>"#{fe_url}" }) end diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb index 38b87fa65d..3dde6ee38f 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb @@ -1,7 +1,6 @@ jetty_base="/var/lib/jetty" jetty_home="/usr/local/jetty" -###### create Jetty modules bash "create-jetty-modules" do cwd "#{jetty_base}" code <<-EOH @@ -9,6 +8,29 @@ code <<-EOH java -jar "/#{jetty_home}"/start.jar --add-to-start=deploy java -jar "/#{jetty_home}"/start.jar --add-to-startd=http,https,logging,setuid EOH -not_if "ls /#{jetty_base}/start.d/https.ini" +end + +template "ssl-ini" do + path "/#{jetty_base}/start.d/ssl.ini" + source "SDC-Simulator-ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :https_port => "8443", + :jetty_keystore_pwd => "OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4", + :jetty_keymanager_pwd => "OBF:1u2u1wml1z7s1z7a1wnl1u2g" + }) +end + +template "https-ini" do + path "/#{jetty_base}/start.d/https.ini" + source "SDC-Simulator-https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables ({ + :https_port => "8443" + }) end diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb new file mode 100644 index 0000000000..9999a4109b --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb index 426e0e44b5..86848bf282 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb @@ -8,7 +8,7 @@ # jetty.ssl.host=0.0.0.0 ## Connector port to listen on -jetty.ssl.port=<%= @FE_https_port %> +jetty.ssl.port=<%= @https_port %> ## Connector idle timeout in milliseconds # jetty.ssl.idleTimeout=30000 @@ -49,6 +49,7 @@ jetty.ssl.port=<%= @FE_https_port %> ## Keystore password # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %> ## Keystore type and provider # jetty.sslContext.keyStoreType=JKS @@ -56,9 +57,11 @@ jetty.ssl.port=<%= @FE_https_port %> ## KeyManager password # jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g +jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %> ## Truststore password # jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +#jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %> ## Truststore type and provider # jetty.sslContext.trustStoreType=JKS @@ -81,3 +84,7 @@ jetty.ssl.port=<%= @FE_https_port %> ## Set the timeout (in seconds) of the SslSession cache timeout # jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb index d5e2cbeaac..e4c5d753fa 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb @@ -1,6 +1,6 @@ { webseal { - fe="http://<%= @fe_host_ip %>:<%= @fe_http_port %>" + fe="<%= @fe_url %>" users = [ { userId="cs0008" diff --git a/utils/webseal-simulator/sdc-simulator/startup.sh b/utils/webseal-simulator/sdc-simulator/startup.sh index aca8b5e984..48b6a0d505 100644 --- a/utils/webseal-simulator/sdc-simulator/startup.sh +++ b/utils/webseal-simulator/sdc-simulator/startup.sh @@ -1,12 +1,26 @@ #!/bin/sh -export CHEFNAME=${ENVNAME} + + cd /root/chef-solo -echo "normal['HOST_IP'] = \"${HOST_IP}\"" > /root/chef-solo/cookbooks/sdc-simulator/attributes/default.rb -chef-solo -c solo.rb -E ${CHEFNAME} +chef-solo -c solo.rb -E ${ENVNAME} +rc=$? +if [[ $rc != 0 ]]; then + echo "Chef exaction failed." + exit $rc; +fi + +JAVA_OPTIONS=" ${JAVA_OPTIONS} \ + -Dconfig.home=${JETTY_BASE}/config/sdc-simulator \ + -Dlog.home=${JETTY_BASE}/logs \ + -Dlogback.configurationFile=${JETTY_BASE}/config/sdc-simulator/logback.xml \ + -Djetty.logging.dir=${JETTY_BASE}/logs" -sed -i '/^set -e/aJAVA_OPTIONS=\"-Xdebug -Xmx128m -Xms128m -Xss1m -Dconfig.home=${JETTY_BASE}/config/sdc-simulator -Dlog.home=${JETTY_BASE}/logs -Dlogback.configurationFile=${JETTY_BASE}/config/sdc-simulator/logback.xml -Djetty.logging.dir=${JETTY_BASE}/logs -Djetty.base=${JETTY_BASE} \"' /docker-entrypoint.sh -sed -i '/^set -e/aTMPDIR=${JETTY_BASE}\/temp' /docker-entrypoint.sh +echo "---------------------------------------------" +echo $TMPDIR +echo $JAVA_OPTIONS +echo $JETTY_BASE +echo "---------------------------------------------" cd /var/lib/jetty /docker-entrypoint.sh |