Implement HTTPS calls into DCAE-DS DT

Implemented HTTPS calls into dcaedt_be -Added p12 keystore certificate. -Updated application configuration. -Added trust-store. -Updated the onap/base_sdc-jetty docker image version -Updated the chef script to properly used of new docker image version Issue-ID: SDC-2522 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com> Change-Id: I90a7dfb4d32ed661e632b79ce5b55d349177edce
author: k.kedron <k.kedron@partner.samsung.com> 2019-08-22 12:42:39 +0200
committer: k.kedron <k.kedron@partner.samsung.com> 2019-08-27 18:14:54 +0200
commit: ffbc80af2272b8a7651e264b4259ae2a7f400835 (patch)
tree: b2f67e50a9e885d247c661c7681a0e6b0d83c4be /docker/chef-repo/cookbooks/dcae-dt/recipes
parent: 23b74265af6cca5f85fefd445a5f397b76808501 (diff)
2 files changed, 146 insertions, 0 deletions
diff --git a/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb b/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb
new file mode 100644
index 0000000..69d5a03
--- /dev/null
+++ b/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb
@@ -0,0 +1,63 @@
+dcae_fe_vip = node['DCAE_FE_VIP']
+
+if node['disableHttp']
+  protocol = "https"
+  dcae_fe_port = node['DCAE']['FE'][:https_port]
+  dcae_dt_port = node['DCAE']['DT'][:https_port]
+else
+  protocol = "http"
+  dcae_fe_port = node['DCAE']['FE'][:http_port]
+  dcae_dt_port = node['DCAE']['DT'][:http_port]
+end
+
+printf("DEBUG: [%s]:[%s] disableHttp=[%s], protocol=[%s], dcae_dt_port=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], protocol, dcae_dt_port )
+
+
+directory "DT_tempdir_creation" do
+    path "#{ENV['JETTY_BASE']}/temp"
+    owner 'jetty'
+    group 'jetty'
+    mode '0755'
+    action :create
+end
+
+directory "#{ENV['JETTY_BASE']}/config" do
+  owner "jetty"
+  group "jetty"
+  mode '0755'
+  recursive true
+  action :create
+end
+
+directory "#{ENV['JETTY_BASE']}/config/dcae-dt" do
+  owner "jetty"
+  group "jetty"
+  mode '0755'
+  recursive true
+  action :create
+end
+
+template "dcae-dt-config" do
+  sensitive true
+  path "#{ENV['JETTY_BASE']}/config/dcae-dt/application.properties"
+  source "dcae-application.properties.erb"
+  owner "jetty"
+  group "jetty"
+  mode "0755"
+  variables({
+    :dcae_fe_vip => dcae_fe_vip,
+    :dcae_fe_port => dcae_fe_port,
+    :protocol => protocol,
+    :dcae_dt_port => dcae_dt_port
+  })
+end
+
+
+template "dcae-logback-spring-config" do
+  sensitive true
+  path "#{ENV['JETTY_BASE']}/config/dcae-dt/logback-spring.xml"
+  source "dcae-logback-spring.erb"
+  owner "jetty"
+  group "jetty"
+  mode "0755"
+end
diff --git a/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb b/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb
new file mode 100644
index 0000000..28bbf3c
--- /dev/null
+++ b/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb
@@ -0,0 +1,83 @@
+#Set the http module option
+if node['disableHttp']
+  http_option = "#--module=http"
+else
+  http_option = "--module=http"
+end
+
+
+printf("DEBUG: [%s]:[%s] disableHttp=[%s], http_option=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], http_option )
+
+
+directory "Jetty_etcdir_creation" do
+    path "#{ENV['JETTY_BASE']}/etc"
+    owner 'jetty'
+    group 'jetty'
+    mode '0755'
+    action :create
+end
+
+
+# Create Keystore
+cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do
+   source "org.onap.sdc.p12"
+   owner "jetty"
+   group "jetty"
+   mode 0755
+end
+
+# Create Trustore
+cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do
+   source "org.onap.sdc.trust.jks"
+   owner "jetty"
+   group "jetty"
+   mode 0755
+end
+
+bash "create-jetty-modules" do
+  cwd "#{ENV['JETTY_BASE']}"
+  code <<-EOH
+    cd "#{ENV['JETTY_BASE']}"
+    java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy
+    java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,console-capture,setuid
+  EOH
+end
+
+# configure Jetty modules
+template "http-ini" do
+   path "#{ENV['JETTY_BASE']}/start.d/http.ini"
+   source "http-ini.erb"
+   owner "jetty"
+   group "jetty"
+   mode "0755"
+   variables({
+     :http_option => http_option ,
+     :http_port => "#{node['DCAE']['DT'][:http_port]}"
+    })
+end
+
+template "https-ini" do
+   path "#{ENV['JETTY_BASE']}/start.d/https.ini"
+   source "https-ini.erb"
+   owner "jetty"
+   group "jetty"
+   mode "0755"
+   variables({
+     :https_port => "#{node['DCAE']['DT'][:https_port]}"
+   })
+end
+
+template "ssl-ini" do
+   path "#{ENV['JETTY_BASE']}/start.d/ssl.ini"
+   source "ssl-ini.erb"
+   owner "jetty"
+   group "jetty"
+   mode "0755"
+   variables({
+     :https_port => "#{node['DCAE']['DT'][:https_port]}" ,
+     :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
+     :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
+     :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}"
+   })
+end
+
author	k.kedron <k.kedron@partner.samsung.com>	2019-08-22 12:42:39 +0200
committer	k.kedron <k.kedron@partner.samsung.com>	2019-08-27 18:14:54 +0200
commit	ffbc80af2272b8a7651e264b4259ae2a7f400835 (patch)
tree	b2f67e50a9e885d247c661c7681a0e6b0d83c4be /docker/chef-repo/cookbooks/dcae-dt/recipes
parent	23b74265af6cca5f85fefd445a5f397b76808501 (diff)