Implement HTTPS calls into DCAE-DS FE

Implemented HTTPS calls into dcae-ds fe: -Added p12 keystore certificate. -Updated application configuration. -Added trust-store. -Updated the onap/base_sdc-jetty docker image version -Updated the chef script to properly used of the new docker image Issue-ID: SDC-2533 Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com> Change-Id: I1bac50ff08aa4f703de458661c9d52f985c4a75d
author: k.kedron <k.kedron@partner.samsung.com> 2019-08-23 17:11:51 +0200
committer: k.kedron <k.kedron@partner.samsung.com> 2019-08-27 17:57:22 +0200
commit: 6fd60f573407abcd258ca4463836328ba039f50e (patch)
tree: 871d5531c0a137d24d28af643edb65ed4ca47625
parent: c69e72cb78fb8e6d7a4f3698f6598f418fdcb727 (diff)
20 files changed, 52 insertions, 129 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile
index e6b9a36..ed54b2b 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,26 +1,15 @@
-FROM onap/base_sdc-jetty:1.2.0-SNAPSHOT-latest
+FROM onap/base_sdc-jetty:1.4.1
 
-COPY chef-solo /var/opt/dcae-fe/chef-solo/
+COPY chef-solo /root/chef-solo/
 
-COPY startup.sh /var/opt/dcae-fe/
+COPY chef-repo/cookbooks /root/chef-solo/cookbooks/
 
-ADD target/dcae_*.war ${JETTY_BASE}/webapps/
+ADD --chown=jetty:jetty target/dcae_*.war ${JETTY_BASE}/webapps/
 
 USER root
 
-RUN mkdir -p /opt/logs/fe
+COPY startup.sh /root/
 
-COPY set_user.sh /tmp/set_user.sh
-
-RUN sh -x /tmp/set_user.sh && rm -f /tmp/set_user.sh
-
-RUN chown -R jetty:jetty ${JETTY_BASE}/webapps  /var/opt/dcae-fe  /opt/logs  /var/lib/jetty
-
-RUN chmod 770 /var/opt/dcae-fe/startup.sh
-
-EXPOSE 8082 8444
-
-USER jetty
-
-ENTRYPOINT [ "/var/opt/dcae-fe/startup.sh" ]
+RUN chmod 770 /root/startup.sh
 
+ENTRYPOINT [ "/root/startup.sh" ]
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/README.md b/docker/chef-repo/cookbooks/Deploy-DCAE/README.md
index 27aba53..ba9ee43 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/README.md
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/README.md
@@ -1,4 +1,3 @@
 # Deploy-DCAE
 
 TODO: Enter the cookbook description here.
-
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/attributes/default.rb b/docker/chef-repo/cookbooks/Deploy-DCAE/attributes/default.rb
index 0ea50da..f566bdc 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/attributes/default.rb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/attributes/default.rb
@@ -8,9 +8,9 @@ default['DCAE']['BE'][:https_port] = 8444
 default['DCAE']['FE'][:http_port] = 8183
 default['DCAE']['FE'][:https_port] = 9444
 
-default['jetty'][:keystore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
-default['jetty'][:keymanager_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
-default['jetty'][:truststore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
+default['jetty']['keystore_pwd'] = "rTIS;B4kM]2GHcNK2c3B4&Ng"
+default['jetty']['keymanager_pwd'] = "rTIS;B4kM]2GHcNK2c3B4&Ng"
+default['jetty']['truststore_pwd'] = "Y,f975ZNJfVZhV*{+Y[}pA?0"
 
 default['disableHttp'] = true
 
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/logback-spring.xml b/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/logback-spring.xml
index 7c0bfb6..7c0bfb6 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/logback-spring.xml
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/logback-spring.xml
diff --git a/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12 b/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12
new file mode 100644
index 0000000..ee000dc
--- /dev/null
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12
diff --git a/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks b/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks
new file mode 100644
index 0000000..342c4f2
--- /dev/null
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/recipes/dcae_setup.rb b/docker/chef-repo/cookbooks/Deploy-DCAE/recipes/dcae_setup.rb
index 068e7c1..0f8ca09 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/recipes/dcae_setup.rb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/recipes/dcae_setup.rb
@@ -1,8 +1,6 @@
-jetty_base = "#{node['JETTY_BASE']}"
-dcae_logs = "#{node['APP_LOG_DIR']}"
-
 dcae_be_vip = node['DCAE_BE_VIP']
 
+
 if node['disableHttp']
   protocol = "https"
   dcae_be_port = node['DCAE']['BE'][:https_port]
@@ -13,11 +11,20 @@ else
   dcae_fe_port = node['DCAE']['FE'][:http_port]
 end
 
-printf("DEBUG: [%s]:[%s] disableHttp=[%s], protocol=[%s], dcae_be_vip=[%s], dcae_be_port=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], protocol, dcae_be_vip ,dcae_be_port )
 
+printf("DEBUG: [%s]:[%s] disableHttp=[%s], protocol=[%s], dcae_be_vip=[%s], dcae_be_port=[%s] !!! \n", cookbook_name, recipe_name, node['disableHttp'], protocol, dcae_be_vip ,dcae_be_port )
 raise "[ERROR] 'DCAE_BE_FQDN' is not defined" if dcae_be_vip.nil? || dcae_be_vip == ""
 
-directory "#{jetty_base}/config" do
+directory "DCAE FE_tempdir_creation" do
+  path "#{ENV['JETTY_BASE']}/temp"
+  owner 'jetty'
+  group 'jetty'
+  mode '0755'
+  action :create
+end
+
+
+directory "#{ENV['JETTY_BASE']}/config" do
   owner "jetty"
   group "jetty"
   mode '0755'
@@ -25,7 +32,8 @@ directory "#{jetty_base}/config" do
   action :create
 end
 
-directory "#{jetty_base}/config/dcae-fe" do
+
+directory "#{ENV['JETTY_BASE']}/config/dcae-fe" do
   owner "jetty"
   group "jetty"
   mode '0755'
@@ -33,14 +41,15 @@ directory "#{jetty_base}/config/dcae-fe" do
   action :create
 end
 
+
 template "dcae-fe-config" do
   sensitive true
-  path "#{jetty_base}/config/dcae-fe/application.properties"
+  path "#{ENV['JETTY_BASE']}/config/dcae-fe/application.properties"
   source "dcae-application.properties.erb"
   owner "jetty"
   group "jetty"
   mode "0755"
-  variables ({
+  variables({
     :dcae_be_vip => dcae_be_vip,
     :dcae_be_port => dcae_be_port,
     :protocol => protocol,
@@ -51,18 +60,9 @@ end
 
 template "dcae-logback-spring-config" do
   sensitive true
-  path "#{jetty_base}/config/dcae-fe/logback-spring.xml"
+  path "#{ENV['JETTY_BASE']}/config/dcae-fe/logback-spring.xml"
   source "dcae-logback-spring.erb"
   owner "jetty"
   group "jetty"
   mode "0755"
 end
-
-
-directory "#{dcae_logs}" do
-  owner "jetty"
-  group "jetty"
-  mode '0755'
-  recursive true
-  action :create
-end
-\ No newline at end of file
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/recipes/jetty_setup.rb b/docker/chef-repo/cookbooks/Deploy-DCAE/recipes/jetty_setup.rb
index 74c384e..64eb214 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/recipes/jetty_setup.rb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/recipes/jetty_setup.rb
@@ -1,6 +1,3 @@
-jetty_base = "#{node['JETTY_BASE']}"
-jetty_home = "#{node['JETTY_HOME']}"
-
 #Set the http module option
 if node['disableHttp']
   http_option = "#--module=http"
@@ -13,7 +10,7 @@ printf("DEBUG: [%s]:[%s] disableHttp=[%s], http_option=[%s] !!! \n", cookbook_na
 
 
 directory "Jetty_etcdir_creation" do
-    path "/#{jetty_base}/etc"
+    path "/#{ENV['JETTY_BASE']}/etc"
     owner 'jetty'
     group 'jetty'
     mode '0755'
@@ -22,61 +19,61 @@ end
 
 
 # Create Keystore
-cookbook_file "#{jetty_base}/etc/keystore" do
-   source "keystore"
+cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do
+   source "org.onap.sdc.p12"
    owner "jetty"
    group "jetty"
    mode 0755
 end
 
 # Create Trustore
-cookbook_file "#{jetty_base}/etc/truststore" do
-   source "truststore"
+cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do
+   source "org.onap.sdc.trust.jks"
    owner "jetty"
    group "jetty"
    mode 0755
 end
 
 bash "create-jetty-modules" do
-  cwd "#{jetty_base}"
+  cwd "#{ENV['JETTY_BASE']}"
   code <<-EOH
-    cd "#{jetty_base}"
-    java -jar "#{jetty_home}"/start.jar --add-to-start=deploy
-    java -jar "#{jetty_home}"/start.jar --add-to-startd=http,https,logging,setuid
+    cd "#{ENV['JETTY_BASE']}"
+    java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy
+    java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,console-capture,setuid
   EOH
 end
 
 # configure Jetty modules
 template "http-ini" do
-   path "#{jetty_base}/start.d/http.ini"
+   path "#{ENV['JETTY_BASE']}/start.d/http.ini"
    source "http-ini.erb"
    owner "jetty"
    group "jetty"
    mode "0755"
-   variables ({
+   variables({
      :http_option => http_option ,
      :http_port => "#{node['DCAE']['FE'][:http_port]}"
     })
 end
 
 template "https-ini" do
-   path "#{jetty_base}/start.d/https.ini"
+   path "#{ENV['JETTY_BASE']}/start.d/https.ini"
    source "https-ini.erb"
    owner "jetty"
    group "jetty"
    mode "0755"
-   variables ({
+   variables({
      :https_port => "#{node['DCAE']['FE'][:https_port]}"
    })
 end
 
 template "ssl-ini" do
-   path "#{jetty_base}/start.d/ssl.ini"
+   path "#{ENV['JETTY_BASE']}/start.d/ssl.ini"
    source "ssl-ini.erb"
    owner "jetty"
    group "jetty"
    mode "0755"
-   variables ({ 
+   variables({
      :https_port => "#{node['DCAE']['FE'][:https_port]}" ,
      :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
      :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/dcae-application.properties.erb b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/dcae-application.properties.erb
index c8b6747..c8b6747 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/dcae-application.properties.erb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/dcae-application.properties.erb
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/dcae-logback-spring.erb b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/dcae-logback-spring.erb
index 7c0bfb6..7c0bfb6 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/dcae-logback-spring.erb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/dcae-logback-spring.erb
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/http-ini.erb b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/http-ini.erb
index 8f26690..8f26690 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/http-ini.erb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/http-ini.erb
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/https-ini.erb b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/https-ini.erb
index 9999a41..9999a41 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/https-ini.erb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/https-ini.erb
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/ssl-ini.erb b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/ssl-ini.erb
index 9abac51..278fdea 100644
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/templates/default/ssl-ini.erb
+++ b/docker/chef-repo/cookbooks/Deploy-DCAE/templates/default/ssl-ini.erb
@@ -42,10 +42,10 @@ jetty.ssl.port=<%= @https_port %>
 ## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
 
 ## Keystore file path (relative to $jetty.base)
-#jetty.sslContext.keyStorePath=etc/keystore
+jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12
 
 ## Truststore file path (relative to $jetty.base)
-#jetty.sslContext.trustStorePath=etc/truststore
+jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks
 
 ## Keystore password
 # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/.gitignore b/docker/chef-solo/cookbooks/Deploy-DCAE/.gitignore
deleted file mode 100644
index b31c0d3..0000000
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/.gitignore
+++ /dev/null
@@ -1,20 +0,0 @@
-.vagrant
-Berksfile.lock
-*~
-*#
-.#*
-\#*#
-.*.sw[a-z]
-*.un~
-
-# Bundler
-Gemfile.lock
-bin/*
-.bundle/*
-
-.kitchen/
-.kitchen.local.yml
-
-######### Private
-run.me
-DCAE-CI01.json
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/.kitchen.yml b/docker/chef-solo/cookbooks/Deploy-DCAE/.kitchen.yml
deleted file mode 100644
index 37d2844..0000000
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/.kitchen.yml
+++ /dev/null
@@ -1,16 +0,0 @@
----
-driver:
-  name: vagrant
-
-provisioner:
-  name: chef_zero
-
-platforms:
-  - name: ubuntu-16.04
-  - name: centos-7.1
-
-suites:
-  - name: default
-    run_list:
-      - recipe[Deploy-DCAE::default]
-    attributes:
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/keystore b/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/keystore
deleted file mode 100644
index c408393..0000000
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/keystore
+++ /dev/null
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/truststore b/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/truststore
deleted file mode 100644
index c408393..0000000
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/files/default/truststore
+++ /dev/null
diff --git a/docker/chef-solo/cookbooks/Deploy-DCAE/metadata.rb b/docker/chef-solo/cookbooks/Deploy-DCAE/metadata.rb
deleted file mode 100644
index 7935c22..0000000
--- a/docker/chef-solo/cookbooks/Deploy-DCAE/metadata.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-name 'Deploy-DCAE'
-maintainer 'The Authors'
-maintainer_email 'you@example.com'
-license 'all_rights'
-description 'Installs/Configures Deploy-DCAE'
-long_description 'Installs/Configures Deploy-DCAE'
-version '1.0.0'
diff --git a/docker/set_user.sh b/docker/set_user.sh
deleted file mode 100755
index 539a200..0000000
--- a/docker/set_user.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-# Create user
-
-USER="jetty"
-GROUP="jetty"
-UID="352070"
-GID="35953"
-
-# Remove user:
-deluser ${USER}
-
-##delgroup ${GROUP}
-
-echo "${USER}:x:${UID}:${GID}::/home/${USER}:Linux User,,,:/home/jetty:/bin/false" >> /etc/passwd
-
-echo "${GROUP}:x:${GID}:${USER}" >> /etc/group
-
-echo "${USER}:!:17501:0:99999:7:::" >> /etc/shadow
-
-mkdir /home/${USER} && chown ${USER}:${GROUP} /home/${USER}
diff --git a/docker/startup.sh b/docker/startup.sh
index 46925ae..8b7d914 100644
--- a/docker/startup.sh
+++ b/docker/startup.sh
@@ -1,17 +1,18 @@
 #!/bin/sh
-#set -x
 
-# Run chef-solo for configuration
-cd /var/opt/dcae-fe/chef-solo
-chef-solo -c solo.rb -E ${ENVNAME} --log_level "debug" --logfile "/tmp/Chef-Solo.log"
+JAVA_OPTIONS=" ${JAVA_OPTIONS} -Dconfig.home=${JETTY_BASE}/config
+                               -Dlog.home=${JETTY_BASE}/logs
+                               -Dlogback.configurationFile=${JETTY_BASE}/dcae-fe/logback-spring.xml"
+
+cd /root/chef-solo
+chef-solo -c solo.rb -E ${ENVNAME}
 
 status=$?
-if [ $status != 0 ]; then
+if [[ ${status} != 0 ]]; then
   echo "[ERROR] Problem detected while running chef. Aborting !"
   exit 1
 fi
 
-# Execute Jetty
 cd /var/lib/jetty
 /docker-entrypoint.sh &
author	k.kedron <k.kedron@partner.samsung.com>	2019-08-23 17:11:51 +0200
committer	k.kedron <k.kedron@partner.samsung.com>	2019-08-27 17:57:22 +0200
commit	6fd60f573407abcd258ca4463836328ba039f50e (patch)
tree	871d5531c0a137d24d28af643edb65ed4ca47625
parent	c69e72cb78fb8e6d7a4f3698f6598f418fdcb727 (diff)