From e9e5777db6edcbf34d3315a034ca9be2262fd61d Mon Sep 17 00:00:00 2001 From: "k.kedron" Date: Fri, 23 Aug 2019 16:46:49 +0200 Subject: Fully HTTPS support in the catalog-fe Fully HTTPS support: -Updated jvm configuration to support call to the SDC components using HTTPS. -Checkstyle in the recipes -Added buildRestClient method to create the CloseableHttpClient supporting the SSL connection -Sonar fixes in the PluginStatusBL class Issue-ID: SDC-2516 Signed-off-by: Krystian Kedron Change-Id: I35b9e22026898d2cc67a4b2d86d9d508a33fcb59 --- .../chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb | 2 ++ .../cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb | 1 - .../sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb | 4 ++-- catalog-fe/sdc-frontend/startup.sh | 11 +++++++++-- 4 files changed, 13 insertions(+), 5 deletions(-) (limited to 'catalog-fe/sdc-frontend') diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb index eb30eba01c..a7c9ce1d90 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb @@ -6,6 +6,8 @@ default['FE'][:https_port] = 9443 default['disableHttp'] = true default['jetty'][:keystore_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" default['jetty'][:keymanager_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng" +# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION +# MUST BE ALSO CHANGE IN THE startup.sh FILE default['jetty'][:truststore_pwd] = "Y,f975ZNJfVZhV*{+Y[}pA?0" #Onboard diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb index 67c511408c..f26418372b 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb @@ -4,4 +4,3 @@ cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-fe/logback.xml" do owner "jetty" group "jetty" end - diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb index b1c32b9506..bf756fb1c6 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb @@ -23,7 +23,7 @@ template "http-ini" do owner "jetty" group "jetty" mode "0755" - variables ({ + variables({ :http_option => http_option , :http_port => "#{node['FE'][:http_port]}" }) @@ -46,7 +46,7 @@ template "ssl-ini" do owner "jetty" group "jetty" mode "0755" - variables ({ + variables({ :https_port => "#{node['FE'][:https_port]}" , :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , diff --git a/catalog-fe/sdc-frontend/startup.sh b/catalog-fe/sdc-frontend/startup.sh index d8f522d3e1..99cdaf0f48 100644 --- a/catalog-fe/sdc-frontend/startup.sh +++ b/catalog-fe/sdc-frontend/startup.sh @@ -1,6 +1,14 @@ #!/bin/sh -JAVA_OPTIONS=" ${JAVA_OPTIONS} -Dconfig.home=${JETTY_BASE}/config -Dlog.home=${JETTY_BASE}/logs -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-fe/logback.xml -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-fe/configuration.yaml -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-fe/onboarding_configuration.yaml" +JAVA_OPTIONS=" ${JAVA_OPTIONS} \ + -Dconfig.home=${JETTY_BASE}/config \ + -Dlog.home=${JETTY_BASE}/logs \ + -Dlogback.configurationFile=${JETTY_BASE}/config/catalog-fe/logback.xml \ + -Dconfiguration.yaml=${JETTY_BASE}/config/catalog-fe/configuration.yaml \ + -Donboarding_configuration.yaml=${JETTY_BASE}/config/onboarding-fe/onboarding_configuration.yaml \ + -Djavax.net.ssl.trustStore=${JETTY_BASE}/etc/org.onap.sdc.trust.jks \ + -Djavax.net.ssl.trustStorePassword=Y,f975ZNJfVZhV*{+Y[}pA?0 \ + -Djetty.console-capture.dir=${JETTY_BASE}/logs " cd /root/chef-solo chef-solo -c solo.rb -E ${ENVNAME} @@ -9,4 +17,3 @@ cd /var/lib/jetty /docker-entrypoint.sh & while true; do sleep 2; done - -- cgit 1.2.3-korg