aboutsummaryrefslogtreecommitdiffstats
path: root/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup
diff options
context:
space:
mode:
authork.kedron <k.kedron@partner.samsung.com>2019-08-27 18:10:09 +0200
committerOfir Sonsino <ofir.sonsino@intl.att.com>2019-08-30 07:22:26 +0000
commit68830a739232e31feadc5b10c1e537197d86269f (patch)
tree3c66e6091ddbfc061b7b25555955fe158ae7a0c8 /catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup
parent0a65bd7d842fb8617b3c6a7b2d4a16af583dc8be (diff)
Fully HTTPS support in the catalog-be
Fully HTTPS support: -Updated jvm configuration to support call to the SDC components using HTTPS. -Checkstyle in the recipes -Add support for disableHttp flag in the chef script -Add support for change the http to https in the python script -Fixed the --schema param in the importONAPNormativeALL and upgradeONAPNormative python scripts -Checkstyle in the importX python script -Disabled pycurl.SSL_VERIFYHOST to fix communication with the be component Issue-ID: SDC-2501 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com> Change-Id: I588ba21638083694932a1af272f3bcbaa98268a7
Diffstat (limited to 'catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup')
-rw-r--r--catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb27
-rw-r--r--catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb17
-rw-r--r--catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb33
-rw-r--r--catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb3
-rw-r--r--catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb7
-rw-r--r--catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb7
6 files changed, 63 insertions, 31 deletions
diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb
index 14085bd0cb..97d140ab1f 100644
--- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb
+++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb
@@ -1,34 +1,45 @@
-template "/tmp/user.py" do
+if node['disableHttp']
+ protocol = "https"
+ be_port = node['BE']['https_port']
+else
+ protocol = "http"
+ be_port = node['BE']['http_port']
+end
+
+
+template "/var/tmp/user.py" do
source "user.py.erb"
sensitive true
mode 0755
variables({
+ :protocol => protocol,
:be_ip => node['Nodes']['BE'],
- :be_port => node['BE']['http_port']
+ :be_port => be_port
})
end
-bash "excuting-create_user" do
+bash "executing-create_user" do
code <<-EOH
- python /tmp/user.py
+ python /var/tmp/user.py
rc=$?
if [[ $rc != 0 ]]; then exit $rc; fi
EOH
end
-template "/tmp/consumers.py" do
+template "/var/tmp/consumers.py" do
source "consumers.py.erb"
sensitive true
mode 0755
variables({
+ :protocol => protocol,
:be_ip => node['Nodes']['BE'],
- :be_port => node['BE']['http_port']
+ :be_port => be_port
})
end
-bash "excuting-consumers" do
+bash "executing-consumers" do
code <<-EOH
- python /tmp/consumers.py
+ python /var/tmp/consumers.py
rc=$?
if [[ $rc != 0 ]]; then exit $rc; fi
EOH
diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb
index b929637b1a..0a551f2a52 100644
--- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb
+++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb
@@ -1,16 +1,25 @@
-template "/tmp/check_Backend_Health.py" do
+if node['disableHttp']
+ protocol = "https"
+ be_port = node['BE']['https_port']
+else
+ protocol = "http"
+ be_port = node['BE']['http_port']
+end
+
+template "/var/tmp/check_Backend_Health.py" do
source "check_Backend_Health.py.erb"
sensitive true
mode 0755
variables({
+ :protocol => protocol,
:be_ip => node['Nodes']['BE'],
- :be_port => node['BE']['http_port']
+ :be_port => be_port
})
end
-bash "excuting-check_Backend_Health" do
+bash "executing-check_Backend_Health" do
code <<-EOH
- python /tmp/check_Backend_Health.py
+ python /var/tmp/check_Backend_Health.py
rc=$?
if [[ $rc != 0 ]]; then exit $rc; fi
EOH
diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb
index e8dc9675d1..b640b3afe9 100644
--- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb
+++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb
@@ -1,37 +1,46 @@
-cookbook_file "/tmp/normatives.tar.gz" do
+be_ip=node['Nodes'][:BE]
+
+if node['disableHttp']
+ protocol = "https"
+ be_port = node['BE']['https_port']
+ param="-i #{be_ip} -p #{be_port} --scheme #{protocol}"
+else
+ protocol = "http"
+ be_port = node['BE']['http_port']
+ param="-i #{be_ip} -p #{be_port}"
+end
+
+cookbook_file "/var/tmp/normatives.tar.gz" do
source "normatives.tar.gz"
end
-be_ip=node['Nodes'][:BE]
-be_port=node['BE']['http_port']
-
-bash "excuting-import_Normatives" do
+bash "executing-import_Normatives" do
code <<-EOH
set -x
- cd /tmp
- tar xvfz /tmp/normatives.tar.gz
- cd /tmp/normatives/scripts/import/tosca/
+ cd /var/tmp
+ tar xvfz /var/tmp/normatives.tar.gz
+ cd /var/tmp/normatives/scripts/import/tosca/
/bin/chmod +x *.py
# executing the normatives
# add --debug=true to the importNormativeAll.py arguments to enable debug
check_normative="/tmp/check_normative.out"
- status_code=$(curl -s -o ${check_normative} -w "%{http_code}\\n" -X GET -H 'Content-Type: application/json;charset=UTF-8' -H 'USER_ID: jh0003' -H 'X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090' "http://#{be_ip}:#{be_port}/sdc2/rest/v1/screen")
+ status_code=$(curl -k -s -o ${check_normative} -w "%{http_code}\\n" -X GET -H 'Content-Type: application/json;charset=UTF-8' -H 'USER_ID: jh0003' -H 'X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090' "#{protocol}://#{be_ip}:#{be_port}/sdc2/rest/v1/screen")
if [ "$status_code" != 200 ] ; then
exit "$status_code"
fi
- #curl -s -X GET -H "Content-Type: application/json;charset=UTF-8" -H "USER_ID: jh0003" -H "X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090" "http://#{be_ip}:#{be_port}/sdc2/rest/v1/screen" > ${check_normative}
+ #curl -s -X GET -H "Content-Type: application/json;charset=UTF-8" -H "USER_ID: jh0003" -H "X-ECOMP-RequestID: cbe744a0-037b-458f-aab5-df6e543c4090" "#{protocol}://#{be_ip}:#{be_port}/sdc2/rest/v1/screen" > ${check_normative}
resources_len=`cat ${check_normative}| jq '.["resources"]|length'`
mkdir -p /var/lib/jetty/logs
if [ $resources_len -eq 0 ] ; then
- python importONAPNormativeAll.py -i #{be_ip} -p #{be_port} > /var/lib/jetty/logs/importNormativeAll.log
+ python importONAPNormativeAll.py #{param} > /var/lib/jetty/logs/importNormativeAll.log
rc=$?
if [[ $rc != 0 ]]; then exit $rc; fi
else
- python upgradeONAPNormative.py -i #{be_ip} -p #{be_port} > /var/lib/jetty/logs/upgradeNormative.log
+ python upgradeONAPNormative.py #{param} > /var/lib/jetty/logs/upgradeNormative.log
rc=$?
if [[ $rc != 0 ]]; then exit $rc; fi
fi
diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb
index 60e2da16e7..eb77f93c33 100644
--- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb
+++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/check_Backend_Health.py.erb
@@ -7,6 +7,7 @@ from datetime import datetime
beStat=0
BE_IP="<%= @be_ip %>"
BE_PORT="<%= @be_port %>"
+PROTOCOL="<%= @protocol %>"
class bcolors:
HEADER = '\033[95m'
@@ -23,7 +24,7 @@ class bcolors:
# Functions
##############################
def checkBackend():
- command="curl -s -o /dev/null -I -w \"%{http_code}\" -i http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003"
+ command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003"
proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE )
(out, err) = proc.communicate()
diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb
index c5933201c1..798d79337c 100644
--- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb
+++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/consumers.py.erb
@@ -6,6 +6,7 @@ from datetime import datetime
BE_IP="<%= @be_ip %>"
BE_PORT="<%= @be_port %>"
+PROTOCOL="<%= @protocol %>"
class bcolors:
HEADER = '\033[95m'
@@ -22,7 +23,7 @@ class bcolors:
# Functions
##############################
def checkBackend():
- command="curl -s -o /dev/null -I -w \"%{http_code}\" -i http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003"
+ command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003"
proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE )
(out, err) = proc.communicate()
@@ -31,7 +32,7 @@ def checkBackend():
def checkConsumer(consumerName):
- command="curl -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/" + consumerName
+ command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/" + consumerName
proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE )
(out, err) = proc.communicate()
@@ -41,7 +42,7 @@ def checkConsumer(consumerName):
def createConsumer( consumerName, consumerSalt, consumerPass ):
print '[INFO] ' + consumerName
- command="curl -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/ -d '{\"consumerName\": '" + consumerName + "', \"consumerSalt\": '" + consumerSalt + "',\"consumerPassword\": '" + consumerPass + "'}'"
+ command="curl -k -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/consumers/ -d '{\"consumerName\": '" + consumerName + "', \"consumerSalt\": '" + consumerSalt + "',\"consumerPassword\": '" + consumerPass + "'}'"
proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE)
diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb
index a97e451a84..f17ac8a22e 100644
--- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb
+++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/templates/default/user.py.erb
@@ -6,6 +6,7 @@ from datetime import datetime
BE_IP="<%= @be_ip %>"
BE_PORT="<%= @be_port %>"
+PROTOCOL="<%= @protocol %>"
class bcolors:
HEADER = '\033[95m'
@@ -22,7 +23,7 @@ class bcolors:
# Functions
##############################
def checkBackend():
- command="curl -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003"
+ command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/jh0003"
proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE )
(out, err) = proc.communicate()
@@ -31,7 +32,7 @@ def checkBackend():
def checkUser(userName):
- command="curl -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/" + userName
+ command="curl -k -s -o /dev/null -I -w \"%{http_code}\" -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/" + userName
proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE )
(out, err) = proc.communicate()
@@ -43,7 +44,7 @@ def checkUser(userName):
def createUser( firstName, lastName, userId , email_dom , role ):
print '[INFO] create first:[' + firstName + '], last:[' + lastName + '], Id:[' + userId + '], email:[' + userId + '@' + email_dom + '], role:[' + role +']'
- command="curl -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" http://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/ -d '{\"firstName\": '" + firstName + "', \"lastName\": '" + lastName + "',\"userId\": '" + userId + "',\"email\": '" + userId + "@" + email_dom + "',\"role\": '" + role + "'}'"
+ command="curl -k -s -o /dev/null -w \"%{http_code}\" -X POST -i -H \"Accept: application/json; charset=UTF-8\" -H \"Content-Type: application/json\" -H \"USER_ID: jh0003\" "+PROTOCOL+"://" + BE_IP + ":" + BE_PORT + "/sdc2/rest/v1/user/ -d '{\"firstName\": '" + firstName + "', \"lastName\": '" + lastName + "',\"userId\": '" + userId + "',\"email\": '" + userId + "@" + email_dom + "',\"role\": '" + role + "'}'"
proc = subprocess.Popen( command , shell=True , stdout=subprocess.PIPE)
(out, err) = proc.communicate()