From df353be353e1ec25ac2a0e64a9eb617dcbc87703 Mon Sep 17 00:00:00 2001 From: sebdet Date: Mon, 21 Sep 2020 22:13:05 +0200 Subject: Use integration-java11 Dockerfile Use onap/integration-java11:7.1.0 as a source for the images requiring JDK 11 in SDC Issue-ID: SDC-3298 Change-Id: Ifee3d2942dcb9c078f2ebb686bdabc0ecca857b3 Signed-off-by: xuegao --- catalog-be/pom.xml | 1 + catalog-be/sdc-backend-init/Dockerfile | 57 ++++++++++++++--- .../recipes/1_create_consumer_and_user.rb | 21 ++----- .../recipes/2_check_Backend.rb | 10 +-- .../recipes/3_import_Normatives.rb | 21 ++----- catalog-be/sdc-backend-init/startup.sh | 4 +- catalog-be/src/main/docker/backend/Dockerfile | 71 ++++++++++------------ .../cookbooks/sdc-catalog-be/attributes/default.rb | 12 ++-- .../sdc-catalog-be/recipes/BE_10_setup_cadi.rb | 16 ++--- .../recipes/BE_1_cleanup_jettydir.rb | 12 ++-- .../recipes/BE_2_setup_configuration.rb | 14 ++--- .../sdc-catalog-be/recipes/BE_3_locate_keystore.rb | 12 ++-- .../sdc-catalog-be/recipes/BE_4_jetty_Modules.rb | 25 +++----- .../recipes/BE_5_setup_elasticsearch.rb | 4 +- .../BE_6_setup_portal_and_key_properties.rb | 8 +-- .../sdc-catalog-be/recipes/BE_7_logback.rb | 4 +- .../sdc-catalog-be/recipes/BE_8_errors_config.rb | 8 +-- .../recipes/BE_9_prepareProbeFile.rb | 2 +- .../templates/default/BE-configuration.yaml.erb | 8 +-- .../BE-distribution-engine-configuration.yaml.erb | 2 +- .../templates/default/ready-probe.sh.erb | 4 +- catalog-be/src/main/docker/backend/startup.sh | 28 ++++----- .../config/distribution-engine-configuration.yaml | 2 +- 23 files changed, 170 insertions(+), 176 deletions(-) (limited to 'catalog-be') diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml index 00cbc8b51f..002e3fc3b1 100644 --- a/catalog-be/pom.xml +++ b/catalog-be/pom.xml @@ -1216,6 +1216,7 @@ io.fabric8 docker-maven-plugin + ${verbose} ${docker.api.version} nexus3.onap.org:10001 diff --git a/catalog-be/sdc-backend-init/Dockerfile b/catalog-be/sdc-backend-init/Dockerfile index 3ffcbe691a..35e485b197 100644 --- a/catalog-be/sdc-backend-init/Dockerfile +++ b/catalog-be/sdc-backend-init/Dockerfile @@ -1,22 +1,59 @@ -FROM onap/base_sdc-python:1.7.0 +FROM onap/integration-python:8.0.0 + +USER root + +# Needed for pycurl +ENV PYCURL_SSL_LIBRARY=openssl + +# Install packages only needed for building +RUN apk update && \ + apk add binutils jq libpng && \ + apk add --no-cache \ + libcurl \ + ruby && \ + apk add --no-cache --virtual .build-dependencies \ + libressl-dev \ + ruby-dev \ + libffi-dev \ + libxml2-dev \ + build-base \ + curl-dev && \ + # needed libcurl to install correctly + pip install 'pycurl==7.43.0.1' && \ + set -ex && \ + gem install \ + chef:13.8.5 \ + berkshelf:6.3.1 \ + io-console:0.4.6 \ + etc webrick \ + --no-document && \ + apk del .build-dependencies + +ENV ONAP_LOG=/home/onap/logs +RUN mkdir $ONAP_LOG && chown onap:onap $ONAP_LOG + +# user/group are the same as in integration/docker/onap-python base image +ENV user=onap group=onap + +USER onap # user/group args are inherited from base_sdc-python base image -COPY --chown=$user:$group scripts /home/$user/scripts +COPY --chown=onap:onap scripts /home/onap/scripts -RUN chmod 770 -R /home/$user/scripts && \ - cd /home/$user/scripts && \ +RUN chmod 770 -R /home/onap/scripts && \ + cd /home/onap/scripts && \ python setup.py install --user -ENV PATH=$PATH:/home/$user/.local/bin +ENV PATH=$PATH:/home/onap/.local/bin -COPY --chown=$user:$group chef-solo /home/$user/chef-solo/ +COPY --chown=onap:onap chef-solo /home/onap/chef-solo/ -COPY --chown=$user:$group chef-repo/cookbooks /home/$user/chef-solo/cookbooks/ +COPY --chown=onap:onap chef-repo/cookbooks /home/onap/chef-solo/cookbooks/ -COPY --chown=$user:$group startup.sh /home/$user/ +COPY --chown=onap:onap startup.sh /home/onap/ -RUN chmod 770 /home/$user/startup.sh +RUN chmod 770 /home/onap/startup.sh -WORKDIR /home/$user/ +WORKDIR /home/onap/ ENTRYPOINT /home/${user}/startup.sh diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb index dcf963fc29..3aabb0a10e 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/1_create_consumer_and_user.rb @@ -28,20 +28,11 @@ if node['basic_auth'] end end -bash "executing-create_users" do - code <<-EOH - sdcuserinit -i #{node['Nodes']['BE']} -p #{be_port} #{basic_auth_config} #{user_conf_dir} #{https_flag} - rc=$? - if [[ $rc != 0 ]]; then exit $rc; fi - EOH - returns [0] +execute "executing-create_users" do + command "sdcuserinit -i #{node['Nodes']['BE']} -p #{be_port} #{basic_auth_config} #{user_conf_dir} #{https_flag}" + action :run end - -bash "executing-create_consumers" do - code <<-EOH - sdcconsumerinit -i #{node['Nodes']['BE']} -p #{be_port} #{basic_auth_config} #{https_flag} - rc=$? - if [[ $rc != 0 ]]; then exit $rc; fi - EOH - returns [0] +execute "executing-create_consumers" do + command "sdcconsumerinit -i #{node['Nodes']['BE']} -p #{be_port} #{basic_auth_config} #{https_flag}" + action :run end diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb index 27b1a7d5b9..2e479e0848 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/2_check_Backend.rb @@ -21,11 +21,7 @@ if node['basic_auth'] end end -bash "executing-check_backend_health" do - code <<-EOH - sdccheckbackend -i #{node['Nodes']['BE']} -p #{be_port} #{basic_auth_config} #{https_flag} - rc=$? - if [[ $rc != 0 ]]; then exit $rc; fi - EOH - returns [0] +execute "executing-check_backend_health" do + command "sdccheckbackend -i #{node['Nodes']['BE']} -p #{be_port} #{basic_auth_config} #{https_flag}" + action :run end \ No newline at end of file diff --git a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb index 0abda0d07a..be32e98f2b 100644 --- a/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb +++ b/catalog-be/sdc-backend-init/chef-repo/cookbooks/sdc-catalog-be-setup/recipes/3_import_Normatives.rb @@ -26,21 +26,8 @@ cookbook_file "/var/tmp/normatives.tar.gz" do source "normatives.tar.gz" end -bash "executing-import_Normatives" do - code <<-EOH - set -ex - - cd /var/tmp/ - tar -xvf normatives.tar.gz - - # executing the normatives - # add --debug to the sdcinit command to enable debug - - cd /var/tmp/normatives/import/tosca - sdcinit #{param} #{basic_auth_config} > /var/lib/jetty/logs/init.log - rc=$? - if [[ $rc != 0 ]]; then exit $rc; fi - - EOH - returns [0] +execute "create-jetty-modules" do + command "set -ex && tar -xvf normatives.tar.gz && cd /var/tmp/normatives/import/tosca && sdcinit #{param} #{basic_auth_config} > #{ENV['ONAP_LOG']}/init.log" + cwd "/var/tmp/" + action :run end diff --git a/catalog-be/sdc-backend-init/startup.sh b/catalog-be/sdc-backend-init/startup.sh index 83bfbf23de..e216341882 100644 --- a/catalog-be/sdc-backend-init/startup.sh +++ b/catalog-be/sdc-backend-init/startup.sh @@ -1,6 +1,4 @@ #!/bin/sh cd /home/"${user}"/chef-solo || exit $? -chef-solo -c solo.rb -E "${ENVNAME}" -rc=$? -if [ $rc != 0 ]; then exit $rc; fi +chef-solo -c solo.rb -E "${ENVNAME}" \ No newline at end of file diff --git a/catalog-be/src/main/docker/backend/Dockerfile b/catalog-be/src/main/docker/backend/Dockerfile index 2772e62f99..30daaf46dd 100644 --- a/catalog-be/src/main/docker/backend/Dockerfile +++ b/catalog-be/src/main/docker/backend/Dockerfile @@ -1,17 +1,13 @@ -FROM jetty:9.4.31-jre11-slim +FROM onap/integration-java11:8.0.0 USER root +ARG JETTY_FOLDER=/app/jetty # Install Chef RUN set -ex && \ - apt-get update -y && \ - apt-get install -y \ - jq \ - curl \ - curl \ - vim \ - make \ - gcc \ + apk update && \ + apk add --no-cache \ + build-base \ ruby \ ruby-dev \ libffi-dev \ @@ -23,33 +19,30 @@ RUN set -ex && \ etc webrick \ --no-document && \ gem cleanup && \ - apt-get update -y && \ - apt-get install -y binutils jq && \ - apt-get clean - -# Replace Jetty user ID -ENV USER_JETTY="jetty" -ENV GROUP_JETTY="jetty" -ENV UID_JETTY="352070" -ENV GID_JETTY="35953" - -# Remove user: -RUN deluser ${USER_JETTY} -#RUN delgroup ${GROUP_JETTY} -RUN echo "${USER_JETTY}:x:${UID_JETTY}:${GID_JETTY}::/home/${USER_JETTY}:Linux User,,,:/home/jetty:/bin/false" >> /etc/passwd -RUN echo "${GROUP_JETTY}:x:${GID_JETTY}:${USER_JETTY}" >> /etc/group -RUN echo "${USER_JETTY}:!:17501:0:99999:7:::" >> /etc/shadow -RUN mkdir /home/${USER_JETTY} && chown ${USER_JETTY}:${GROUP_JETTY} /home/${USER_JETTY} -RUN chown -R jetty:jetty ${JETTY_BASE}/webapps /var/lib/jetty - -USER jetty - -COPY --chown=jetty:jetty chef-solo ${JETTY_BASE}/chef-solo/ -COPY --chown=jetty:jetty chef-repo/cookbooks ${JETTY_BASE}/chef-solo/cookbooks/ -COPY --chown=jetty:jetty onap-sdc-backend/catalog-be.war ${JETTY_BASE}/webappwar/ -COPY --chown=jetty:jetty context.xml ${JETTY_BASE}/webapps/ -COPY --chown=jetty:jetty startup.sh ${JETTY_BASE}/ - -RUN chmod 770 ${JETTY_BASE}/startup.sh - -ENTRYPOINT [ "sh", "-c", "${JETTY_BASE}/startup.sh"] \ No newline at end of file + apk update + +ENV JETTY_HOME=$JETTY_FOLDER +ENV JETTY_BASE=$JETTY_FOLDER +ENV JETTY_USER=onap +ENV JETTY_GROUP=onap + +RUN mkdir $JETTY_FOLDER && chown onap:onap $JETTY_FOLDER + +USER onap + +#Download jetty +RUN wget https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.31.v20200723/jetty-distribution-9.4.31.v20200723.tar.gz -O $JETTY_FOLDER/jetty.tar.gz && \ + tar xvz -C $JETTY_FOLDER -f $JETTY_FOLDER/jetty.tar.gz --strip 1 && \ + rm -rf $JETTY_FOLDER/jetty.tar.gz + +RUN sed -i 's/"jetty"/"onap"/g' $JETTY_FOLDER/etc/jetty-setuid.xml + +COPY --chown=onap:onap chef-solo $JETTY_FOLDER/chef-solo/ +COPY --chown=onap:onap chef-repo/cookbooks $JETTY_FOLDER/chef-solo/cookbooks/ +COPY --chown=onap:onap onap-sdc-backend/catalog-be.war $JETTY_FOLDER/webappwar/ +COPY --chown=onap:onap context.xml $JETTY_FOLDER/webapps/ +COPY --chown=onap:onap startup.sh $JETTY_FOLDER/ + +RUN chmod 770 $JETTY_FOLDER/startup.sh + +ENTRYPOINT [ "sh", "-c", "${JETTY_HOME}/startup.sh"] \ No newline at end of file diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb index 528ddae9ad..dc7d77b0ab 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb @@ -13,8 +13,9 @@ default['disableHttp'] = true #+----------------------------------+ default['jetty']['dmaap_truststore_pwd'] = "dmaap_truststore_pwd" -default['jetty'][:keystore_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31" -default['jetty'][:keymanager_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31" +default['jetty']['keystore_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31" +default['jetty']['keymanager_pwd'] = "?(kP!Yur![*!Y5!E^f(ZKc31" +default['jetty']['truststore_path'] = "#{ENV['JETTY_BASE']}/etc/truststore" # TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION # MUST BE ALSO CHANGE IN THE startup.sh FILE default['jetty'][:truststore_pwd] = "z+KEj;t+,KN^iimSiS89e#p0" @@ -33,6 +34,7 @@ default['cassandra']['socket_read_timeout'] = 20000 default['cassandra']['socket_connect_timeout'] = 20000 default['cassandra']['janusgraph_connection_timeout'] = 10000 default['cassandra'][:truststore_password] = "Aa123456" +default['cassandra']['janusgraph_config_file'] = "#{ENV['JETTY_BASE']}/config/catalog-be/janusgraph.properties" #Onboard @@ -86,10 +88,10 @@ default['DMAAP']['replicationcount'] = "3" #+----------------------------------+ # Cadi -default['access_restriction']['cadi_root_dir'] = "/var/lib/jetty/etc" -default['access_restriction']['cadi_keyfile'] = "/var/lib/jetty/etc/org.onap.sdc.p12" +default['access_restriction']['cadi_root_dir'] = "#{ENV['JETTY_BASE']}/etc" +default['access_restriction']['cadi_keyfile'] = "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" default['access_restriction']['cadi_loglevel'] = "DEBUG" -default['access_restriction']['cadi_truststore'] = "/var/lib/jetty/etc/org.onap.sdc.trust.jks" +default['access_restriction']['cadi_truststore'] = "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" default['access_restriction']['cadi_truststore_password'] = "changeit" default['access_restriction']['cadiX509Issuers'] = "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US" default['access_restriction']['encrypted_password'] = "enc:AccessRestrictionEncryptedPassword" diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb index 3a79cfc874..e7d11c9f2d 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb @@ -3,8 +3,8 @@ jetty_base = "#{ENV['JETTY_BASE']}" directory "Jetty_etc_dir_creation" do path "#{jetty_base}/etc" - owner 'jetty' - group 'jetty' + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode '0755' action :create not_if { ::File.directory?("#{jetty_base}/etc") } @@ -13,16 +13,16 @@ end cookbook_file "#{jetty_base}/etc/keyfile" do source "keyfile" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode 0755 end cookbook_file "#{jetty_base}/etc/cadi_truststore.jks" do source "cadi_truststore.jks" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode 0755 end @@ -30,8 +30,8 @@ end template "#{jetty_base}/etc/cadi.properties" do path "#{jetty_base}/etc/cadi.properties" source "cadi.properties.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode "0755" end diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_1_cleanup_jettydir.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_1_cleanup_jettydir.rb index 7ca3db813f..620fa2ec4d 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_1_cleanup_jettydir.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_1_cleanup_jettydir.rb @@ -1,8 +1,8 @@ unless Dir.exist? "#{ENV['JETTY_BASE']}/temp" directory "BE_tempdir_creation" do path "#{ENV['JETTY_BASE']}/temp" - owner 'jetty' - group 'jetty' + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode '0755' action :create end @@ -11,8 +11,8 @@ end unless Dir.exist? "#{ENV['JETTY_BASE']}/config" directory "BE_create_config_dir" do path "#{ENV['JETTY_BASE']}/config" - owner 'jetty' - group 'jetty' + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode '0755' action :create end @@ -21,8 +21,8 @@ end unless Dir.exist? "#{ENV['JETTY_BASE']}/config/catalog-be" directory "BE_create_catalog-be" do path "#{ENV['JETTY_BASE']}/config/catalog-be" - owner 'jetty' - group 'jetty' + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode '0755' action :create end diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb index 51a943fa68..6522577881 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb @@ -17,8 +17,8 @@ end template "janusgraph.properties" do path "#{ENV['JETTY_BASE']}/config/catalog-be/janusgraph.properties" source "BE-janusgraph.properties.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0644" action :create_if_missing variables({ @@ -38,8 +38,8 @@ end template "catalog-be-config" do path "#{ENV['JETTY_BASE']}/config/catalog-be/configuration.yaml" source "BE-configuration.yaml.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0644" action :create_if_missing variables({ @@ -54,7 +54,7 @@ template "catalog-be-config" do :rep_factor => replication_factor, :DC_NAME => node['cassandra']['datacenter_name'], :REP_STRING => conf_dcname_with_rep, - :janusgraph_Path => "/var/lib/jetty/config/catalog-be/", + :janusgraph_Path => "#{ENV['JETTY_BASE']}/config/catalog-be/", :socket_connect_timeout => node['cassandra']['socket_connect_timeout'], :socket_read_timeout => node['cassandra']['socket_read_timeout'], :cassandra_pwd => node['cassandra'][:cassandra_password], @@ -68,8 +68,8 @@ end template "distribution-engine-configuration" do path "#{ENV['JETTY_BASE']}/config/catalog-be/distribution-engine-configuration.yaml" source "BE-distribution-engine-configuration.yaml.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0644" action :create_if_missing end diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb index cb2ffc7154..176edcf71c 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_3_locate_keystore.rb @@ -1,23 +1,23 @@ directory "Jetty_etcdir_creation" do path "#{ENV['JETTY_BASE']}/etc" - owner 'jetty' - group 'jetty' + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode '0755' action :create end cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do source "org.onap.sdc.p12" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode 0755 end cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do source "org.onap.sdc.trust.jks" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + owner "#{ENV['JETTY_GROUP']}" mode 0755 end diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb index 34934a44af..772e0d40c0 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb @@ -5,22 +5,17 @@ else http_option = "--module=http" end - -bash "create-jetty-modules" do -cwd "#{ENV['JETTY_BASE']}" -code <<-EOH - cd "#{ENV['JETTY_BASE']}" - java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy - java -jar "#{ENV['JETTY_HOME']}"/start.jar --create-startd --add-to-start=http,https,console-capture,setuid -EOH +execute "create-jetty-modules" do + command "java -jar #{ENV['JETTY_HOME']}/start.jar --add-to-start=deploy && java -jar #{ENV['JETTY_HOME']}/start.jar --create-startd --add-to-start=http,https,console-capture,setuid" + cwd "#{ENV['JETTY_BASE']}" + action :run end - template "http-ini" do path "#{ENV['JETTY_BASE']}/start.d/http.ini" source "http-ini.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0755" variables ({ :http_option => http_option , @@ -33,8 +28,8 @@ end template "https-ini" do path "#{ENV['JETTY_BASE']}/start.d/https.ini" source "https-ini.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0755" variables :https_port => "#{node['BE'][:https_port]}" end @@ -43,8 +38,8 @@ end template "ssl-ini" do path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" source "ssl-ini.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0755" variables ({ :https_port => "#{node['BE'][:https_port]}" , diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb index 7a2f24e57a..44e96f3477 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb @@ -11,8 +11,8 @@ end template "elasticsearch.yml-config" do path "#{ENV['JETTY_BASE']}/config/elasticsearch.yml" source "BE-elasticsearch.yml.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0755" variables ({ :cluster_name => "#{clusterName}", diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_portal_and_key_properties.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_portal_and_key_properties.rb index 4f9993848a..5e37c29bf8 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_portal_and_key_properties.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_6_setup_portal_and_key_properties.rb @@ -1,8 +1,8 @@ template "template portal.properties" do path "#{ENV['JETTY_BASE']}/resources/portal.properties" source "BE-portal.properties.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0755" variables ({ :ecomp_rest_url => node['ECompP']['ecomp_rest_url'], @@ -16,8 +16,8 @@ end template "template key.properties" do path "#{ENV['JETTY_BASE']}/resources/key.properties" source "BE-key.properties.erb" - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" mode "0755" variables ({ :cipher_key => node['ECompP']['cipher_key'] diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_logback.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_logback.rb index 7d95d7448e..8dbebbb633 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_logback.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_7_logback.rb @@ -1,8 +1,8 @@ cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-be/logback.xml" do source "logback.xml" mode 0644 - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" action :create_if_missing end diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_errors_config.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_errors_config.rb index b100356d98..cc059b4e06 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_errors_config.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_8_errors_config.rb @@ -1,16 +1,16 @@ cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-be/ecomp-error-configuration.yaml" do source "ecomp-error-configuration.yaml" mode 0644 - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" action :create_if_missing end cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-be/error-configuration.yaml" do source "error-configuration.yaml" mode 0644 - owner "jetty" - group "jetty" + owner "#{ENV['JETTY_USER']}" + group "#{ENV['JETTY_GROUP']}" action :create_if_missing end diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb index 81e1a855f4..51e69ae7a9 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb @@ -6,7 +6,7 @@ else port = "#{node['BE'][:http_port]}" end -template "/var/lib/jetty/ready-probe.sh" do +template "#{ENV['JETTY_BASE']}/ready-probe.sh" do source "ready-probe.sh.erb" sensitive true mode 0755 diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb index 5a059aae7d..9f49bc52e1 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb @@ -28,7 +28,7 @@ released: 2012-11-30 toscaConformanceLevel: 11.0 minToscaConformanceLevel: 3.0 -janusGraphCfgFile: /var/lib/jetty/config/catalog-be/janusgraph.properties +janusGraphCfgFile: <%= node['cassandra']['janusgraph_config_file'] %> janusGraphInMemoryGraph: false janusGraphLockTimeout: 1800 # The interval to try and reconnect to JanusGraph DB when it is down during ASDC startup: @@ -112,7 +112,7 @@ cassandraConfig: username: <%= @cassandra_usr %> password: <%= @cassandra_pwd %> ssl: <%= @cassandra_ssl_enabled %> - truststorePath : /var/lib/jetty/etc/truststore + truststorePath : <%= node['jetty']['truststore_path'] %> truststorePassword : <%= @cassandra_truststore_password %> keySpaces: - { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['<%= @REP_STRING %>']} @@ -1120,7 +1120,7 @@ dmaapConsumerConfiguration: username: user password: aftDme2SslEnable: true - aftDme2ClientKeystore: /var/lib/jetty/etc/truststore + aftDme2ClientKeystore: <%= node['jetty']['truststore_path'] %> aftDme2ClientKeystorePassword: "" aftDme2ClientSslCertAlias: certman @@ -1153,7 +1153,7 @@ dmaapProducerConfiguration: username: <%= node['DMAAP']['producer']['username'] %> password: <%= node['DMAAP']['producer']['password'] %> aftDme2SslEnable: true - aftDme2ClientKeystore: /var/lib/jetty/etc/truststore + aftDme2ClientKeystore: <%= node['jetty']['truststore_path'] %> aftDme2ClientKeystorePassword: <%= node['jetty']['dmaap_truststore_pwd'] %> aftDme2ClientSslCertAlias: certman diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-distribution-engine-configuration.yaml.erb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-distribution-engine-configuration.yaml.erb index 0fa6936f74..7eeb7a8ff8 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-distribution-engine-configuration.yaml.erb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-distribution-engine-configuration.yaml.erb @@ -58,7 +58,7 @@ aaiConfig: readTimeoutMs: 5000 connectTimeoutMs: 1000 clientCertificate: - keyStore: /var/lib/jetty/base/be/etc/non-prod.jks + keyStore: /app/jetty/base/be/etc/non-prod.jks keyStorePassword: hmXYcznAljMSisdy8zgcag== headers: X-FromAppId: asdc diff --git a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ready-probe.sh.erb b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ready-probe.sh.erb index 9f6646d63d..6592943b8f 100644 --- a/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ready-probe.sh.erb +++ b/catalog-be/src/main/docker/backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ready-probe.sh.erb @@ -1,7 +1,7 @@ -#!/bin/bash +#!/bin/sh health_check_http_code=$(curl -k --max-time 5 -o /dev/null -w '%{http_code}' <%= @protocol %>://127.0.0.1:<%= @port %>/sdc2/rest/healthCheck) -if [[ "$health_check_http_code" -eq 200 ]]; then +if [ "$health_check_http_code" -eq 200 ]; then exit 0 else echo "Health check http status: $health_check_http_code" diff --git a/catalog-be/src/main/docker/backend/startup.sh b/catalog-be/src/main/docker/backend/startup.sh index 0dc54a8849..50f2e3d370 100644 --- a/catalog-be/src/main/docker/backend/startup.sh +++ b/catalog-be/src/main/docker/backend/startup.sh @@ -1,27 +1,21 @@ #!/bin/sh -export JAVA_OPTIONS=" -Dconfig.home=${JETTY_BASE}/config \ - -Dlog.home=${JETTY_BASE}/logs \ - -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-be/logback.xml \ - -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-be/configuration.yaml \ - -Dartifactgenerator.config=${JETTY_BASE}/config/catalog-be/Artifact-Generator.properties \ - -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-be/onboarding_configuration.yaml \ - -Djavax.net.ssl.trustStore=${JETTY_BASE}/etc/org.onap.sdc.trust.jks \ +export JAVA_OPTIONS="$JAVA_OPTIONS -Dconfig.home=$JETTY_BASE/config \ + -Dcom.datastax.driver.USE_NATIVE_CLOCK=false \ + -Dlog.home=$JETTY_BASE/logs \ + -Dlogback.configurationFile=$JETTY_BASE/config/catalog-be/logback.xml \ + -Dconfiguration.yaml=$JETTY_BASE/config/catalog-be/configuration.yaml \ + -Dartifactgenerator.config=$JETTY_BASE/config/catalog-be/Artifact-Generator.properties \ + -Donboarding_configuration.yaml=$JETTY_BASE/config/onboarding-be/onboarding_configuration.yaml \ + -Djavax.net.ssl.trustStore=$JETTY_BASE/etc/org.onap.sdc.trust.jks \ -Djavax.net.ssl.trustStorePassword=z+KEj;t+,KN^iimSiS89e#p0 \ - -Djetty.console-capture.dir=${JETTY_BASE}/logs \ - ${JAVA_OPTIONS} " + -Djetty.console-capture.dir=$JETTY_BASE/logs" -cd /var/lib/jetty/chef-solo +cd $JETTY_BASE/chef-solo chef-solo -c solo.rb -E ${ENVNAME} -status=$? -if [ $status -ne 0 ]; then - echo "[ERROR] Problem detected while running chef. Aborting !" - exit 1 -fi - # Execute Jetty -cd /var/lib/jetty +cd $JETTY_HOME java $JAVA_OPTIONS -jar "$JETTY_HOME/start.jar" diff --git a/catalog-be/src/main/resources/config/distribution-engine-configuration.yaml b/catalog-be/src/main/resources/config/distribution-engine-configuration.yaml index 65a41e448e..1f8d59bfcb 100644 --- a/catalog-be/src/main/resources/config/distribution-engine-configuration.yaml +++ b/catalog-be/src/main/resources/config/distribution-engine-configuration.yaml @@ -61,7 +61,7 @@ aaiConfig: readTimeoutMs: 5000 connectTimeoutMs: 1000 clientCertificate: - keyStore: /var/lib/jetty/opt/base/be/etc/non-prod.jks + keyStore: /app/jetty/opt/base/be/etc/non-prod.jks keyStorePassword: hmXYcznAljMSisdy8zgcag== headers: X-FromAppId: asdc -- cgit 1.2.3-korg