diff options
author | k.kedron <k.kedron@partner.samsung.com> | 2019-08-22 12:42:39 +0200 |
---|---|---|
committer | k.kedron <k.kedron@partner.samsung.com> | 2019-08-27 18:14:54 +0200 |
commit | ffbc80af2272b8a7651e264b4259ae2a7f400835 (patch) | |
tree | b2f67e50a9e885d247c661c7681a0e6b0d83c4be /docker/chef-repo/cookbooks/dcae-dt/recipes | |
parent | 23b74265af6cca5f85fefd445a5f397b76808501 (diff) |
Implement HTTPS calls into DCAE-DS DT
Implemented HTTPS calls into dcaedt_be
-Added p12 keystore certificate.
-Updated application configuration.
-Added trust-store.
-Updated the onap/base_sdc-jetty docker image version
-Updated the chef script to properly used of new docker image version
Issue-ID: SDC-2522
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Change-Id: I90a7dfb4d32ed661e632b79ce5b55d349177edce
Diffstat (limited to 'docker/chef-repo/cookbooks/dcae-dt/recipes')
-rw-r--r-- | docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb | 63 | ||||
-rw-r--r-- | docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb | 83 |
2 files changed, 146 insertions, 0 deletions
diff --git a/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb b/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb new file mode 100644 index 0000000..69d5a03 --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/recipes/dcae_dt_setup.rb @@ -0,0 +1,63 @@ +dcae_fe_vip = node['DCAE_FE_VIP'] + +if node['disableHttp'] + protocol = "https" + dcae_fe_port = node['DCAE']['FE'][:https_port] + dcae_dt_port = node['DCAE']['DT'][:https_port] +else + protocol = "http" + dcae_fe_port = node['DCAE']['FE'][:http_port] + dcae_dt_port = node['DCAE']['DT'][:http_port] +end + +printf("DEBUG: [%s]:[%s] disableHttp=[%s], protocol=[%s], dcae_dt_port=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], protocol, dcae_dt_port ) + + +directory "DT_tempdir_creation" do + path "#{ENV['JETTY_BASE']}/temp" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +directory "#{ENV['JETTY_BASE']}/config" do + owner "jetty" + group "jetty" + mode '0755' + recursive true + action :create +end + +directory "#{ENV['JETTY_BASE']}/config/dcae-dt" do + owner "jetty" + group "jetty" + mode '0755' + recursive true + action :create +end + +template "dcae-dt-config" do + sensitive true + path "#{ENV['JETTY_BASE']}/config/dcae-dt/application.properties" + source "dcae-application.properties.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :dcae_fe_vip => dcae_fe_vip, + :dcae_fe_port => dcae_fe_port, + :protocol => protocol, + :dcae_dt_port => dcae_dt_port + }) +end + + +template "dcae-logback-spring-config" do + sensitive true + path "#{ENV['JETTY_BASE']}/config/dcae-dt/logback-spring.xml" + source "dcae-logback-spring.erb" + owner "jetty" + group "jetty" + mode "0755" +end diff --git a/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb b/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb new file mode 100644 index 0000000..28bbf3c --- /dev/null +++ b/docker/chef-repo/cookbooks/dcae-dt/recipes/jetty_setup.rb @@ -0,0 +1,83 @@ +#Set the http module option +if node['disableHttp'] + http_option = "#--module=http" +else + http_option = "--module=http" +end + + +printf("DEBUG: [%s]:[%s] disableHttp=[%s], http_option=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], http_option ) + + +directory "Jetty_etcdir_creation" do + path "#{ENV['JETTY_BASE']}/etc" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + + +# Create Keystore +cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do + source "org.onap.sdc.p12" + owner "jetty" + group "jetty" + mode 0755 +end + +# Create Trustore +cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do + source "org.onap.sdc.trust.jks" + owner "jetty" + group "jetty" + mode 0755 +end + +bash "create-jetty-modules" do + cwd "#{ENV['JETTY_BASE']}" + code <<-EOH + cd "#{ENV['JETTY_BASE']}" + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,console-capture,setuid + EOH +end + +# configure Jetty modules +template "http-ini" do + path "#{ENV['JETTY_BASE']}/start.d/http.ini" + source "http-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :http_option => http_option , + :http_port => "#{node['DCAE']['DT'][:http_port]}" + }) +end + +template "https-ini" do + path "#{ENV['JETTY_BASE']}/start.d/https.ini" + source "https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :https_port => "#{node['DCAE']['DT'][:https_port]}" + }) +end + +template "ssl-ini" do + path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" + source "ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :https_port => "#{node['DCAE']['DT'][:https_port]}" , + :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , + :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , + :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}" + }) +end + |