diff options
author | k.kedron <k.kedron@partner.samsung.com> | 2019-08-23 16:46:49 +0200 |
---|---|---|
committer | Ofir Sonsino <ofir.sonsino@intl.att.com> | 2019-08-26 12:48:57 +0000 |
commit | e9e5777db6edcbf34d3315a034ca9be2262fd61d (patch) | |
tree | fc54cf643e388b5e363f750c5c2451899c1a87b5 /catalog-fe/sdc-frontend | |
parent | 003f42a1295b85ae209a8e4f58fc87e05b8c2074 (diff) |
Fully HTTPS support in the catalog-fe
Fully HTTPS support:
-Updated jvm configuration to support call to
the SDC components using HTTPS.
-Checkstyle in the recipes
-Added buildRestClient method to create the CloseableHttpClient
supporting the SSL connection
-Sonar fixes in the PluginStatusBL class
Issue-ID: SDC-2516
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Change-Id: I35b9e22026898d2cc67a4b2d86d9d508a33fcb59
Diffstat (limited to 'catalog-fe/sdc-frontend')
4 files changed, 13 insertions, 5 deletions
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb index eb30eba01c..a7c9ce1d90 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb @@ -6,6 +6,8 @@ default['FE'][:https_port] = 9443 default['disableHttp'] = true default['jetty'][:keystore_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" default['jetty'][:keymanager_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" +# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION +# MUST BE ALSO CHANGE IN THE startup.sh FILE default['jetty'][:truststore_pwd] = "Y,f975ZNJfVZhV*{+Y[}pA?0" #Onboard diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb index 67c511408c..f26418372b 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb @@ -4,4 +4,3 @@ cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-fe/logback.xml" do owner "jetty" group "jetty" end - diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb index b1c32b9506..bf756fb1c6 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb @@ -23,7 +23,7 @@ template "http-ini" do owner "jetty" group "jetty" mode "0755" - variables ({ + variables({ :http_option => http_option , :http_port => "#{node['FE'][:http_port]}" }) @@ -46,7 +46,7 @@ template "ssl-ini" do owner "jetty" group "jetty" mode "0755" - variables ({ + variables({ :https_port => "#{node['FE'][:https_port]}" , :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , diff --git a/catalog-fe/sdc-frontend/startup.sh b/catalog-fe/sdc-frontend/startup.sh index d8f522d3e1..99cdaf0f48 100644 --- a/catalog-fe/sdc-frontend/startup.sh +++ b/catalog-fe/sdc-frontend/startup.sh @@ -1,6 +1,14 @@ #!/bin/sh -JAVA_OPTIONS=" ${JAVA_OPTIONS} -Dconfig.home=${JETTY_BASE}/config -Dlog.home=${JETTY_BASE}/logs -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-fe/logback.xml -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-fe/configuration.yaml -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-fe/onboarding_configuration.yaml" +JAVA_OPTIONS=" ${JAVA_OPTIONS} \ + -Dconfig.home=${JETTY_BASE}/config \ + -Dlog.home=${JETTY_BASE}/logs \ + -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-fe/logback.xml \ + -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-fe/configuration.yaml \ + -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-fe/onboarding_configuration.yaml \ + -Djavax.net.ssl.trustStore=${JETTY_BASE}/etc/org.onap.sdc.trust.jks \ + -Djavax.net.ssl.trustStorePassword=Y,f975ZNJfVZhV*{+Y[}pA?0 \ + -Djetty.console-capture.dir=${JETTY_BASE}/logs " cd /root/chef-solo chef-solo -c solo.rb -E ${ENVNAME} @@ -9,4 +17,3 @@ cd /var/lib/jetty /docker-entrypoint.sh & while true; do sleep 2; done - |