aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--build-tools/pom.xml35
-rw-r--r--build-tools/src/main/resources/build-pmd-ruleset.xml42
-rw-r--r--onboarding/pom.xml56
-rw-r--r--pom.xml1
-rwxr-xr-xsdc-os-chef/scripts/docker_run.sh46
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keystorebin1416 -> 4255 bytes
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_import_Normatives.rb (renamed from sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_import_Normatives.rb)0
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb15
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb16
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_create_DMaaP_keys.rb (renamed from sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_create_DMaaP_keys.rb)0
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_jetty_Modules.rb (renamed from sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb)9
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_elasticsearch.rb (renamed from sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb)0
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_setup_portal_properties.rb (renamed from sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_portal_properties.rb)0
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_logback.rb (renamed from sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_logback.rb)0
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_errors_config.rb (renamed from sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_errors_config.rb)0
-rw-r--r--sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb (renamed from sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-ssl-ini.erb)9
-rw-r--r--sdc-os-chef/sdc-backend/chef-solo/roles/catalog-be.json11
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystorebin1416 -> 4255 bytes
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb6
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb90
-rw-r--r--utils/webseal-simulator/pom.xml28
21 files changed, 325 insertions, 39 deletions
diff --git a/build-tools/pom.xml b/build-tools/pom.xml
new file mode 100644
index 0000000000..952ebef380
--- /dev/null
+++ b/build-tools/pom.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <!-- This dependency must be referenced from a plugin configuration only -->
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <artifactId>build-tools</artifactId>
+
+ <parent>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>sdc-main</artifactId>
+ <version>1.1.0-SNAPSHOT</version>
+ </parent>
+
+ <properties>
+ <pmd.version>5.8.1</pmd.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>net.sourceforge.pmd</groupId>
+ <artifactId>pmd-core</artifactId>
+ <version>${pmd.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>net.sourceforge.pmd</groupId>
+ <artifactId>pmd-java</artifactId>
+ <version>${pmd.version}</version>
+ </dependency>
+ </dependencies>
+
+</project> \ No newline at end of file
diff --git a/build-tools/src/main/resources/build-pmd-ruleset.xml b/build-tools/src/main/resources/build-pmd-ruleset.xml
new file mode 100644
index 0000000000..dd8984a970
--- /dev/null
+++ b/build-tools/src/main/resources/build-pmd-ruleset.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0"?>
+<ruleset name="SDC Essential Rule-set"
+ xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd http://pmd.sourceforge.net/ruleset/2.0.0 ">
+
+ <description>
+ Essential rules according to SonarQube. Note that it is impossible to make PMD rules exactly match the
+ SonarQube ones, but they will probably catch about 90% of violations before they get into the source control.
+ The advantage is that PMD can be ran locally on any development setup and does not require a license.
+ </description>
+
+ <!--
+ All available Java rule-sets: https://pmd.github.io/pmd-5.6.1/pmd-java/rules/index.html
+ -->
+
+ <!-- Blocker severity in SonarQube -->
+ <rule ref="rulesets/java/strictexception.xml/AvoidCatchingThrowable"/>
+ <rule ref="rulesets/java/empty.xml/EmptyCatchBlock">
+ <properties>
+ <property name="allowCommentedBlocks" value="true"/>
+ </properties>
+ </rule>
+
+ <!-- THERE IS NO GOOD RULE TO CATCH NULL DEREFERENCING IN PMD -->
+ <rule ref="rulesets/java/basic.xml/MisplacedNullCheck"/>
+ <rule ref="rulesets/java/basic.xml/BrokenNullCheck"/>
+
+
+ <rule ref="rulesets/java/design.xml/CloseResource">
+ <properties>
+ <property name="types"
+ value="java.sql.Connection,java.sql.Statement,java.sql.ResultSet,java.io.OutputStream,java.net.URLConnection,java.io.InputStream,java.io.FileInputStream,java.io.FileOutputStream,java.util.zip.ZipOutputStream,java.util.zip.ZipInputStream,java.util.jar.JarInputStream,java.util.jar.JarOutputStream,java.io.BufferedReader,java.io.BufferedWriter"/>
+ </properties>
+ </rule>
+ <rule ref="rulesets/java/basic.xml/OverrideBothEqualsAndHashcode"/>
+
+ <!--
+ Critical severity in SonarQube. Should be empty until all Critical have been fixed.
+ -->
+
+</ruleset> \ No newline at end of file
diff --git a/onboarding/pom.xml b/onboarding/pom.xml
index 0e600287bf..36a36ee325 100644
--- a/onboarding/pom.xml
+++ b/onboarding/pom.xml
@@ -93,5 +93,61 @@
<ws.rs.version>2.0.1</ws.rs.version> <!-- New version 2.0.1 to fix blackduck violation Failing with comiplation issues-->
<zusammen.version>0.2.0</zusammen.version>
<zusammen-state-store.version>0.2.1</zusammen-state-store.version>
+ <skipSA>true</skipSA>
+ <build.tools.version>1.1.0-SNAPSHOT</build.tools.version>
</properties>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jxr-plugin</artifactId>
+ <version>2.5</version>
+ <configuration>
+ <skip>${skipSA}</skip>
+ </configuration>
+ <executions>
+ <execution>
+ <id>jxr-generation</id>
+ <phase>validate</phase>
+ <goals>
+ <goal>jxr</goal>
+ <goal>test-jxr</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-pmd-plugin</artifactId>
+ <version>3.8</version>
+ <configuration>
+ <skip>${skipSA}</skip>
+ <aggregate>false</aggregate>
+ <targetJdk>${maven.compiler.target}</targetJdk>
+ <rulesets>
+ <ruleset>build-pmd-ruleset.xml</ruleset>
+ </rulesets>
+ </configuration>
+ <executions>
+ <execution>
+ <id>pmd-check</id>
+ <phase>validate</phase>
+ <goals>
+ <!-- violations fail build -->
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ <dependencies>
+ <dependency>
+ <groupId>org.openecomp.sdc</groupId>
+ <artifactId>build-tools</artifactId>
+ <version>${build.tools.version}</version>
+ </dependency>
+ </dependencies>
+ </plugin>
+ </plugins>
+ </build>
+
</project>
diff --git a/pom.xml b/pom.xml
index e6e4d9282f..17bf79aba3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -340,6 +340,7 @@
<activeByDefault>true</activeByDefault>
</activation>
<modules>
+ <module>build-tools</module>
<module>onboarding</module>
<module>security-utils</module>
<module>common-app-api</module>
diff --git a/sdc-os-chef/scripts/docker_run.sh b/sdc-os-chef/scripts/docker_run.sh
index 23c443e22d..c4afd0c79c 100755
--- a/sdc-os-chef/scripts/docker_run.sh
+++ b/sdc-os-chef/scripts/docker_run.sh
@@ -2,13 +2,13 @@
function usage {
- echo "usage: docker_run.sh [ -r|--release <RELEASE-NAME> ] [ -e|--environment <ENV-NAME> ] [ -p|--port <Docker-hub-port>] [ -h|--help ]"
+ echo "usage: docker_run.sh [ -r|--release <RELEASE-NAME> ] [ -e|--environment <ENV-NAME> ] [ -p|--port <Docker-hub-port>] [ -l|--local <Run-without-pull>] [ -h|--help ]"
}
function cleanup {
echo "performing old dockers cleanup"
- docker_ids=`docker ps -a | egrep "ecomp-nexus:${PORT}/sdc|sdc|Exit" | awk '{print $1}'`
+ docker_ids=`docker ps -a | egrep -v "openecomp/sdc-simulator" | egrep "ecomp-nexus:${PORT}/sdc|sdc|Exit" | awk '{print $1}'`
for X in ${docker_ids}
do
docker rm -f ${X}
@@ -24,6 +24,7 @@ function dir_perms {
RELEASE=latest
+LOCAL=false
[ -f /opt/config/env_name.txt ] && DEP_ENV=$(cat /opt/config/env_name.txt) || DEP_ENV=__ENV-NAME__
[ -f /opt/config/nexus_username.txt ] && NEXUS_USERNAME=$(cat /opt/config/nexus_username.txt) || NEXUS_USERNAME=release
[ -f /opt/config/nexus_password.txt ] && NEXUS_PASSWD=$(cat /opt/config/nexus_password.txt) || NEXUS_PASSWD=sfWU3DFVdBr7GVxB85mTYgAW
@@ -43,6 +44,10 @@ while [ "$1" != "" ]; do
shift
PORT=${1}
;;
+ -l | --local )
+ shift
+ LOCAL=true
+ ;;
-h | --help )
usage
exit
@@ -61,19 +66,29 @@ cleanup
export IP=`ifconfig eth0 | awk -F: '/inet addr/ {gsub(/ .*/,"",$2); print $2}'`
+export PREFIX=${NEXUS_DOCKER_REPO}'/openecomp'
+
+if [ ${LOCAL} = true ]; then
+ PREFIX='openecomp'
+fi
echo ""
# Elastic-Search
echo "docker run sdc-elasticsearch..."
-docker pull ${NEXUS_DOCKER_REPO}/openecomp/sdc-elasticsearch:${RELEASE}
-docker run --detach --name sdc-es --env ENVNAME="${DEP_ENV}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --memory 1g --memory-swap=1g --ulimit memlock=-1:-1 --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro -e ES_HEAP_SIZE=1024M --volume /data/ES:/usr/share/elasticsearch/data --volume /data/environments:/root/chef-solo/environments --publish 9200:9200 --publish 9300:9300 ${NEXUS_DOCKER_REPO}/openecomp/sdc-elasticsearch:${RELEASE}
+if [ ${LOCAL} = false ]; then
+ echo "pulling code"
+ docker pull ${PREFIX}/sdc-elasticsearch:${RELEASE}
+fi
+docker run --detach --name sdc-es --env ENVNAME="${DEP_ENV}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --memory 1g --memory-swap=1g --ulimit memlock=-1:-1 --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro -e ES_HEAP_SIZE=1024M --volume /data/ES:/usr/share/elasticsearch/data --volume /data/environments:/root/chef-solo/environments --publish 9200:9200 --publish 9300:9300 ${PREFIX}/sdc-elasticsearch:${RELEASE}
# cassandra
echo "docker run sdc-cassandra..."
-docker pull ${NEXUS_DOCKER_REPO}/openecomp/sdc-cassandra:${RELEASE}
-docker run --detach --name sdc-cs --env RELEASE="${RELEASE}" --env ENVNAME="${DEP_ENV}" --env HOST_IP=${IP} --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/CS:/var/lib/cassandra --volume /data/environments:/root/chef-solo/environments --publish 9042:9042 --publish 9160:9160 ${NEXUS_DOCKER_REPO}/openecomp/sdc-cassandra:${RELEASE}
+if [ ${LOCAL} = false ]; then
+ docker pull ${PREFIX}/sdc-cassandra:${RELEASE}
+fi
+docker run --detach --name sdc-cs --env RELEASE="${RELEASE}" --env ENVNAME="${DEP_ENV}" --env HOST_IP=${IP} --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/CS:/var/lib/cassandra --volume /data/environments:/root/chef-solo/environments --publish 9042:9042 --publish 9160:9160 openecomp/sdc-cassandra:${RELEASE}
echo "please wait while CS is starting..."
@@ -87,18 +102,21 @@ while [ $c -gt 0 ]; do
done
echo -e ""
-
# kibana
echo "docker run sdc-kibana..."
-docker pull ${NEXUS_DOCKER_REPO}/openecomp/sdc-kibana:${RELEASE}
-docker run --detach --name sdc-kbn --env ENVNAME="${DEP_ENV}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 2g --memory-swap=2g --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/environments:/root/chef-solo/environments --publish 5601:5601 ${NEXUS_DOCKER_REPO}/openecomp/sdc-kibana:${RELEASE}
+if [ ${LOCAL} = false ]; then
+ docker pull ${PREFIX}/sdc-kibana:${RELEASE}
+fi
+docker run --detach --name sdc-kbn --env ENVNAME="${DEP_ENV}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 2g --memory-swap=2g --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/environments:/root/chef-solo/environments --publish 5601:5601 ${PREFIX}/sdc-kibana:${RELEASE}
dir_perms
# Back-End
echo "docker run sdc-backend..."
-docker pull ${NEXUS_DOCKER_REPO}/openecomp/sdc-backend:${RELEASE}
-docker run --detach --name sdc-BE --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 4g --memory-swap=4g --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/BE/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 8443:8443 --publish 8080:8080 ${NEXUS_DOCKER_REPO}/openecomp/sdc-backend:${RELEASE}
+if [ ${LOCAL} = false ]; then
+ docker pull ${PREFIX}/sdc-backend:${RELEASE}
+fi
+docker run --detach --name sdc-BE --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --env http_proxy=${http_proxy} --env https_proxy=${https_proxy} --env no_proxy=${no_proxy} --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 4g --memory-swap=4g --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/BE/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 8443:8443 --publish 8080:8080 ${PREFIX}/sdc-backend:${RELEASE}
echo "please wait while BE is starting..."
echo ""
@@ -114,8 +132,10 @@ echo -e ""
# Front-End
echo "docker run sdc-frontend..."
-docker pull ${NEXUS_DOCKER_REPO}/openecomp/sdc-frontend:${RELEASE}
-docker run --detach --name sdc-FE --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 2g --memory-swap=2g --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/FE/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 9443:9443 --publish 8181:8181 ${NEXUS_DOCKER_REPO}/openecomp/sdc-frontend:${RELEASE}
+if [ ${LOCAL} = false ]; then
+ docker pull ${PREFIX}/sdc-frontend:${RELEASE}
+fi
+docker run --detach --name sdc-FE --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --env http_proxy=${http_proxy} --env https_proxy=${https_proxy} --env no_proxy=${no_proxy} --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 2g --memory-swap=2g --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/FE/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 9443:9443 --publish 8181:8181 ${PREFIX}/sdc-frontend:${RELEASE}
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keystore b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keystore
index 08f6cda8a7..c4083931dc 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keystore
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keystore
Binary files differ
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_import_Normatives.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_import_Normatives.rb
index 6e9b24133d..6e9b24133d 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_import_Normatives.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_import_Normatives.rb
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb
index ac1614a253..067642fed9 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb
@@ -51,18 +51,3 @@ cookbook_file "ArtifactGenerator" do
group "jetty"
mode "0755"
end
-
-directory "Jetty_etcdir_creation" do
- path "/#{jetty_base}/etc"
- owner 'jetty'
- group 'jetty'
- mode '0755'
- action :create
-end
-
-cookbook_file "/#{jetty_base}/etc/keystore" do
- source "keystore"
- owner "jetty"
- group "jetty"
- mode 0755
-end
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb
new file mode 100644
index 0000000000..148eaaf4d3
--- /dev/null
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb
@@ -0,0 +1,16 @@
+jetty_base="/var/lib/jetty"
+
+directory "Jetty_etcdir_creation" do
+ path "/#{jetty_base}/etc"
+ owner 'jetty'
+ group 'jetty'
+ mode '0755'
+ action :create
+end
+
+cookbook_file "/#{jetty_base}/etc/keystore" do
+ source "keystore"
+ owner "jetty"
+ group "jetty"
+ mode 0755
+end
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_create_DMaaP_keys.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_create_DMaaP_keys.rb
index 583dfff7b2..583dfff7b2 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_create_DMaaP_keys.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_create_DMaaP_keys.rb
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_jetty_Modules.rb
index 3ec16e8924..046e3c6919 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_jetty_Modules.rb
@@ -12,4 +12,11 @@ EOH
not_if "ls /#{jetty_base}/start.d/https.ini"
end
-
+template "ssl-ini" do
+ path "/#{jetty_base}/start.d/ssl.ini"
+ source "ssl-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables :https_port => "#{node['BE'][:https_port]}"
+end
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_elasticsearch.rb
index 39fc5af883..39fc5af883 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_elasticsearch.rb
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_portal_properties.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_setup_portal_properties.rb
index 8c57de6caf..8c57de6caf 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_portal_properties.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_setup_portal_properties.rb
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_logback.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_logback.rb
index 2dfc4f1089..2dfc4f1089 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_logback.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_logback.rb
diff --git a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_errors_config.rb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_errors_config.rb
index 684d730709..684d730709 100644
--- a/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_errors_config.rb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_errors_config.rb
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-ssl-ini.erb b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
index 426e0e44b5..effbfa7918 100644
--- a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-ssl-ini.erb
+++ b/sdc-os-chef/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
@@ -8,7 +8,7 @@
# jetty.ssl.host=0.0.0.0
## Connector port to listen on
-jetty.ssl.port=<%= @FE_https_port %>
+jetty.ssl.port=<%= @https_port %>
## Connector idle timeout in milliseconds
# jetty.ssl.idleTimeout=30000
@@ -49,6 +49,7 @@ jetty.ssl.port=<%= @FE_https_port %>
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
## Keystore type and provider
# jetty.sslContext.keyStoreType=JKS
@@ -56,9 +57,11 @@ jetty.ssl.port=<%= @FE_https_port %>
## KeyManager password
# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g
+jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok
## Truststore password
# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
## Truststore type and provider
# jetty.sslContext.trustStoreType=JKS
@@ -81,3 +84,7 @@ jetty.ssl.port=<%= @FE_https_port %>
## Set the timeout (in seconds) of the SslSession cache timeout
# jetty.sslContext.sslSessionTimeout=-1
+
+## Allow SSL renegotiation
+# jetty.sslContext.renegotiationAllowed=true
+# jetty.sslContext.renegotiationLimit=5
diff --git a/sdc-os-chef/sdc-backend/chef-solo/roles/catalog-be.json b/sdc-os-chef/sdc-backend/chef-solo/roles/catalog-be.json
index 9fc7b8d1dc..a05a2830eb 100644
--- a/sdc-os-chef/sdc-backend/chef-solo/roles/catalog-be.json
+++ b/sdc-os-chef/sdc-backend/chef-solo/roles/catalog-be.json
@@ -12,11 +12,12 @@
"run_list": [
"recipe[sdc-catalog-be::BE_1_cleanup_jettydir]",
"recipe[sdc-catalog-be::BE_2_setup_configuration]",
- "recipe[sdc-catalog-be::BE_4_jetty_Modules]",
- "recipe[sdc-catalog-be::BE_5_setup_elasticsearch]",
- "recipe[sdc-catalog-be::BE_6_setup_portal_properties]",
- "recipe[sdc-catalog-be::BE_7_logback]",
- "recipe[sdc-catalog-be::BE_8_errors_config]"
+ "recipe[sdc-catalog-be::BE_3_locate_keystore]",
+ "recipe[sdc-catalog-be::BE_5_jetty_Modules]",
+ "recipe[sdc-catalog-be::BE_6_setup_elasticsearch]",
+ "recipe[sdc-catalog-be::BE_7_setup_portal_properties]",
+ "recipe[sdc-catalog-be::BE_8_logback]",
+ "recipe[sdc-catalog-be::BE_9_errors_config]"
],
"env_run_lists": {
}
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore
index 08f6cda8a7..c4083931dc 100644
--- a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore
Binary files differ
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
index 2800fd1808..fc9dd86f40 100644
--- a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
@@ -34,12 +34,12 @@ template "FE-https-ini" do
end
-template "FE-ssl-ini" do
+template "ssl-ini" do
path "/#{jetty_base}/start.d/ssl.ini"
- source "FE-ssl-ini.erb"
+ source "ssl-ini.erb"
owner "jetty"
group "jetty"
mode "0755"
- variables :FE_https_port => "#{node['FE'][:https_port]}"
+ variables :https_port => "#{node['FE'][:https_port]}"
end
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
new file mode 100644
index 0000000000..effbfa7918
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
@@ -0,0 +1,90 @@
+# ---------------------------------------
+# Module: ssl
+--module=ssl
+
+### TLS(SSL) Connector Configuration
+
+## Connector host/address to bind to
+# jetty.ssl.host=0.0.0.0
+
+## Connector port to listen on
+jetty.ssl.port=<%= @https_port %>
+
+## Connector idle timeout in milliseconds
+# jetty.ssl.idleTimeout=30000
+
+## Connector socket linger time in seconds (-1 to disable)
+# jetty.ssl.soLingerTime=-1
+
+## Number of acceptors (-1 picks default based on number of cores)
+# jetty.ssl.acceptors=-1
+
+## Number of selectors (-1 picks default based on number of cores)
+# jetty.ssl.selectors=-1
+
+## ServerSocketChannel backlog (0 picks platform default)
+# jetty.ssl.acceptorQueueSize=0
+
+## Thread priority delta to give to acceptor threads
+# jetty.ssl.acceptorPriorityDelta=0
+
+## Whether request host names are checked to match any SNI names
+# jetty.ssl.sniHostCheck=true
+
+## max age in seconds for a Strict-Transport-Security response header (default -1)
+# jetty.ssl.stsMaxAgeSeconds=31536000
+
+## include subdomain property in any Strict-Transport-Security header (default false)
+# jetty.ssl.stsIncludeSubdomains=true
+
+### SslContextFactory Configuration
+## Note that OBF passwords are not secure, just protected from casual observation
+## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
+
+## Keystore file path (relative to $jetty.base)
+# jetty.sslContext.keyStorePath=etc/keystore
+
+## Truststore file path (relative to $jetty.base)
+# jetty.sslContext.trustStorePath=etc/keystore
+
+## Keystore password
+# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
+
+## Keystore type and provider
+# jetty.sslContext.keyStoreType=JKS
+# jetty.sslContext.keyStoreProvider=
+
+## KeyManager password
+# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g
+jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok
+
+## Truststore password
+# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
+
+## Truststore type and provider
+# jetty.sslContext.trustStoreType=JKS
+# jetty.sslContext.trustStoreProvider=
+
+## whether client certificate authentication is required
+# jetty.sslContext.needClientAuth=false
+
+## Whether client certificate authentication is desired
+# jetty.sslContext.wantClientAuth=false
+
+## Whether cipher order is significant (since java 8 only)
+# jetty.sslContext.useCipherSuitesOrder=true
+
+## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at
+## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites
+
+## Set the size of the SslSession cache
+# jetty.sslContext.sslSessionCacheSize=-1
+
+## Set the timeout (in seconds) of the SslSession cache timeout
+# jetty.sslContext.sslSessionTimeout=-1
+
+## Allow SSL renegotiation
+# jetty.sslContext.renegotiationAllowed=true
+# jetty.sslContext.renegotiationLimit=5
diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml
index 7bee699dab..ea620f6844 100644
--- a/utils/webseal-simulator/pom.xml
+++ b/utils/webseal-simulator/pom.xml
@@ -13,6 +13,7 @@
<docker.latest.tag>${project.version}-latest</docker.latest.tag>
<!--maven-->
<maven.build.timestamp.format>yyyyMMdd'T'HHmm</maven.build.timestamp.format>
+ <nexus.proxy>https://nexus.onap.org</nexus.proxy>
</properties>
<dependencies>
@@ -51,7 +52,7 @@
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
- <version>2.0-SNAPSHOT</version>
+ <version>1.9</version>
<scope>compile</scope>
</dependency>
@@ -112,6 +113,31 @@
</plugins>
</build>
+ <repositories>
+ <!-- LF repositories -->
+ <repository>
+ <id>ecomp-releases</id>
+ <name>Release Repository</name>
+ <url>${nexus.proxy}/content/repositories/releases/</url>
+ </repository>
+ <repository>
+ <id>ecomp-staging</id>
+ <name>Staging Repository</name>
+ <url>${nexus.proxy}/content/repositories/staging/</url>
+ </repository>
+ <repository>
+ <id>ecomp-snapshots</id>
+ <name>Snapshots Repository</name>
+ <url>${nexus.proxy}/content/repositories/snapshots/</url>
+ </repository>
+ <repository>
+ <id>ecomp-public</id>
+ <name>Public Repository</name>
+ <url>${nexus.proxy}/content/repositories/public/</url>
+ </repository>
+ <!-- LF repositories END-->
+ </repositories>
+
<profiles>
<profile>
<id>docker-staging</id>