From 68830a739232e31feadc5b10c1e537197d86269f Mon Sep 17 00:00:00 2001 From: "k.kedron" Date: Tue, 27 Aug 2019 18:10:09 +0200 Subject: Fully HTTPS support in the catalog-be Fully HTTPS support: -Updated jvm configuration to support call to the SDC components using HTTPS. -Checkstyle in the recipes -Add support for disableHttp flag in the chef script -Add support for change the http to https in the python script -Fixed the --schema param in the importONAPNormativeALL and upgradeONAPNormative python scripts -Checkstyle in the importX python script -Disabled pycurl.SSL_VERIFYHOST to fix communication with the be component Issue-ID: SDC-2501 Signed-off-by: Krystian Kedron Change-Id: I588ba21638083694932a1af272f3bcbaa98268a7 --- .../chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb | 2 ++ .../cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb | 8 ++++---- catalog-be/sdc-backend/startup.sh | 9 ++++++++- 3 files changed, 14 insertions(+), 5 deletions(-) (limited to 'catalog-be/sdc-backend') diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb index af1726a977..d919088f1d 100644 --- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb @@ -5,6 +5,8 @@ default['FE'][:http_port] = 8181 default['FE'][:https_port] = 9443 default['disableHttp'] = true default['cassandra'][:truststore_password] = "Aa123456" +# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION +# MUST BE ALSO CHANGE IN THE startup.sh FILE default['jetty'][:keystore_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" default['jetty'][:keymanager_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" default['jetty'][:truststore_pwd] = "Y,f975ZNJfVZhV*{+Y[}pA?0" diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb index 20c144c056..6f455fc6f3 100644 --- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb @@ -2,11 +2,11 @@ replication_factor=node['cassandra']['replication_factor'] if node['Pair_EnvName'] == "" - janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s - conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s + janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s + conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s else - janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s + "," + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "," + replication_factor.to_s - conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s + "','" + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "','" + replication_factor.to_s + janusgraph_dcname_with_rep = node['cassandra']['datacenter_name'] + "," + replication_factor.to_s + "," + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "," + replication_factor.to_s + conf_dcname_with_rep = node['cassandra']['datacenter_name'] + "','" + replication_factor.to_s + "','" + node['cassandra']['cluster_name'] + node['Pair_EnvName'] + "','" + replication_factor.to_s end diff --git a/catalog-be/sdc-backend/startup.sh b/catalog-be/sdc-backend/startup.sh index b2941372f3..1797c75c50 100644 --- a/catalog-be/sdc-backend/startup.sh +++ b/catalog-be/sdc-backend/startup.sh @@ -1,6 +1,13 @@ #!/bin/sh -JAVA_OPTIONS=" ${JAVA_OPTIONS} -Dconfig.home=${JETTY_BASE}/config -Dlog.home=${JETTY_BASE}/logs -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-be/logback.xml -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-be/configuration.yaml -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-be/onboarding_configuration.yaml" +JAVA_OPTIONS=" ${JAVA_OPTIONS} \ + -Dconfig.home=${JETTY_BASE}/config -Dlog.home=${JETTY_BASE}/logs \ + -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-be/logback.xml \ + -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-be/configuration.yaml \ + -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-be/onboarding_configuration.yaml \ + -Djavax.net.ssl.trustStore=${JETTY_BASE}/etc/org.onap.sdc.trust.jks \ + -Djavax.net.ssl.trustStorePassword=Y,f975ZNJfVZhV*{+Y[}pA?0 \ + -Djetty.console-capture.dir=${JETTY_BASE}/logs" cd /root/chef-solo chef-solo -c solo.rb -E ${ENVNAME} -- cgit 1.2.3-korg