diff options
Diffstat (limited to 'catalog-be')
-rw-r--r-- | catalog-be/pom.xml | 20 | ||||
-rw-r--r-- | catalog-be/sdc-backend/Dockerfile | 54 | ||||
-rw-r--r-- | catalog-be/sdc-backend/startup.sh | 6 | ||||
-rw-r--r-- | catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java | 26 |
4 files changed, 80 insertions, 26 deletions
diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml index eef3d7c7dc..89be979b65 100644 --- a/catalog-be/pom.xml +++ b/catalog-be/pom.xml @@ -749,10 +749,10 @@ <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-surefire-plugin</artifactId> - <configuration> - <forkCount>1</forkCount> - </configuration> + <artifactId>maven-surefire-plugin</artifactId> + <configuration> + <forkCount>1</forkCount> + </configuration> </plugin> <plugin> <!-- Download Swagger UI webjar. --> @@ -870,6 +870,18 @@ <groupId>com.jcabi</groupId> <artifactId>jcabi-maven-plugin</artifactId> <version>${jcabi.maven.plugin.version}</version> + <dependencies> + <dependency> + <groupId>org.aspectj</groupId> + <artifactId>aspectjtools</artifactId> + <version>1.9.2</version> + </dependency> + <dependency> + <groupId>org.aspectj</groupId> + <artifactId>aspectjweaver</artifactId> + <version>1.9.2</version> + </dependency> + </dependencies> <executions> <execution> <goals> diff --git a/catalog-be/sdc-backend/Dockerfile b/catalog-be/sdc-backend/Dockerfile index 2a60ce77ad..bc4f27a79a 100644 --- a/catalog-be/sdc-backend/Dockerfile +++ b/catalog-be/sdc-backend/Dockerfile @@ -1,13 +1,55 @@ -FROM onap/base_sdc-jetty:1.7.0 - +FROM jetty:9.4.31-jre11-slim + +USER root + +# Install Chef +RUN set -ex && \ + apt-get update -y && \ + apt-get install -y \ + jq \ + curl \ + curl \ + vim \ + make \ + gcc \ + ruby \ + ruby-dev \ + libffi-dev \ + libxml2-dev && \ + gem install \ + chef:13.8.5 \ + berkshelf:6.3.1 \ + io-console:0.4.6 \ + etc webrick \ + --no-document && \ + gem cleanup && \ + apt-get update -y && \ + apt-get install -y binutils jq && \ + apt-get clean + +# Replace Jetty user ID +ENV USER_JETTY="jetty" +ENV GROUP_JETTY="jetty" +ENV UID_JETTY="352070" +ENV GID_JETTY="35953" + +# Remove user: +RUN deluser ${USER_JETTY} +#RUN delgroup ${GROUP_JETTY} +RUN echo "${USER_JETTY}:x:${UID_JETTY}:${GID_JETTY}::/home/${USER_JETTY}:Linux User,,,:/home/jetty:/bin/false" >> /etc/passwd +RUN echo "${GROUP_JETTY}:x:${GID_JETTY}:${USER_JETTY}" >> /etc/group +RUN echo "${USER_JETTY}:!:17501:0:99999:7:::" >> /etc/shadow +RUN mkdir /home/${USER_JETTY} && chown ${USER_JETTY}:${GROUP_JETTY} /home/${USER_JETTY} +RUN chown -R jetty:jetty ${JETTY_BASE}/webapps /var/lib/jetty + +USER jetty + COPY --chown=jetty:jetty chef-solo ${JETTY_BASE}/chef-solo/ COPY --chown=jetty:jetty chef-repo/cookbooks/. ${JETTY_BASE}/chef-solo/cookbooks/ - ADD --chown=jetty:jetty catalog-be-*.war ${JETTY_BASE}/webappwar/ ADD --chown=jetty:jetty context.xml ${JETTY_BASE}/webapps/ - -COPY --chown=jetty:jetty startup.sh ${JETTY_BASE}/ +COPY --chown=jetty:jetty startup.sh ${JETTY_BASE}/ RUN chmod 770 ${JETTY_BASE}/startup.sh -ENTRYPOINT ${JETTY_BASE}/startup.sh +ENTRYPOINT [ "sh", "-c", "${JETTY_BASE}/startup.sh"]
\ No newline at end of file diff --git a/catalog-be/sdc-backend/startup.sh b/catalog-be/sdc-backend/startup.sh index 4f5ef8ca2e..0dc54a8849 100644 --- a/catalog-be/sdc-backend/startup.sh +++ b/catalog-be/sdc-backend/startup.sh @@ -15,18 +15,16 @@ cd /var/lib/jetty/chef-solo chef-solo -c solo.rb -E ${ENVNAME} status=$? -if [ $status != 0 ]; then +if [ $status -ne 0 ]; then echo "[ERROR] Problem detected while running chef. Aborting !" exit 1 fi # Execute Jetty cd /var/lib/jetty -/docker-entrypoint.sh & -exec "$@"; +java $JAVA_OPTIONS -jar "$JETTY_HOME/start.jar" -while true; do sleep 2; done diff --git a/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java b/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java index c488a9a6ca..30a123dcad 100644 --- a/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java +++ b/catalog-be/src/test/java/org/openecomp/sdc/be/impl/aaf/RoleAuthorizationHandlerTest.java @@ -22,8 +22,9 @@ package org.openecomp.sdc.be.impl.aaf; import org.aspectj.lang.JoinPoint; import org.aspectj.lang.Signature; +import org.hibernate.validator.internal.util.annotationfactory.AnnotationDescriptor; +import org.hibernate.validator.internal.util.annotationfactory.AnnotationFactory; import org.junit.Before; -import org.junit.BeforeClass; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mock; @@ -36,15 +37,12 @@ import org.openecomp.sdc.be.components.impl.exceptions.ComponentException; import org.openecomp.sdc.be.config.ConfigurationManager; import org.openecomp.sdc.be.dao.api.ActionStatus; import org.openecomp.sdc.be.servlets.BeGenericServlet; -import org.openecomp.sdc.common.api.ConfigurationSource; import org.openecomp.sdc.common.api.FilterDecisionEnum; import org.openecomp.sdc.common.impl.ExternalConfiguration; import org.openecomp.sdc.common.impl.FSConfigurationSource; import org.openecomp.sdc.common.util.ThreadLocalsHolder; -import sun.reflect.annotation.AnnotationParser; import javax.servlet.http.HttpServletRequest; -import java.util.Collections; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.catchThrowable; @@ -78,8 +76,9 @@ public class RoleAuthorizationHandlerTest { @Test public void testAuthorizeRoleOnePermittedRole() { String[] permsAllowed = {AafPermission.PermNames.WRITE_VALUE}; - PermissionAllowed rolesAllowed = - (PermissionAllowed) AnnotationParser.annotationForMap(PermissionAllowed.class, Collections.singletonMap("value", permsAllowed)); + AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class); + permissionDescriptor.setValue("value", permsAllowed); + PermissionAllowed rolesAllowed = (PermissionAllowed) AnnotationFactory.create(permissionDescriptor); when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())) .thenReturn(true); roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed); @@ -88,8 +87,9 @@ public class RoleAuthorizationHandlerTest { @Test public void testAuthorizeRoleTwoPermittedRole() { String[] permsAllowed = {AafPermission.PermNames.WRITE_VALUE, AafPermission.PermNames.READ_VALUE}; - PermissionAllowed rolesAllowed = - (PermissionAllowed) AnnotationParser.annotationForMap(PermissionAllowed.class, Collections.singletonMap("value", permsAllowed)); + AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class); + permissionDescriptor.setValue("value", permsAllowed); + PermissionAllowed rolesAllowed = (PermissionAllowed)AnnotationFactory.create(permissionDescriptor); when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())) .thenReturn(true); roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed); @@ -98,8 +98,9 @@ public class RoleAuthorizationHandlerTest { @Test public void testAuthorizeRoleNonPermittedRole() { String[] permsAllowed = {AafPermission.PermNames.WRITE_VALUE, AafPermission.PermNames.READ_VALUE}; - PermissionAllowed rolesAllowed = - (PermissionAllowed) AnnotationParser.annotationForMap(PermissionAllowed.class, Collections.singletonMap("value", permsAllowed)); + AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class); + permissionDescriptor.setValue("value", permsAllowed); + PermissionAllowed rolesAllowed = (PermissionAllowed)AnnotationFactory.create(permissionDescriptor); when(httpServletRequest.isUserInRole(AafPermission.getEnumByString(permsAllowed[0]).getFullPermission())) .thenReturn(false); @@ -110,8 +111,9 @@ public class RoleAuthorizationHandlerTest { @Test public void testAuthorizeRoleEmptyRole() { String[] permsAllowed = {}; - PermissionAllowed rolesAllowed = - (PermissionAllowed) AnnotationParser.annotationForMap(PermissionAllowed.class, Collections.singletonMap("value", permsAllowed)); + AnnotationDescriptor<PermissionAllowed> permissionDescriptor = new AnnotationDescriptor<PermissionAllowed>(PermissionAllowed.class); + permissionDescriptor.setValue("value", permsAllowed); + PermissionAllowed rolesAllowed = (PermissionAllowed)AnnotationFactory.create(permissionDescriptor); ComponentException thrown = (ComponentException) catchThrowable(()->roleAuthorizationHandler.authorizeRole(joinPoint, rolesAllowed)); assertThat(thrown.getActionStatus()).isEqualTo(ActionStatus.AUTH_FAILED); |