From 222555c7995645416a47bc52ed8837e3afde8e21 Mon Sep 17 00:00:00 2001 From: MichaelMorris Date: Fri, 2 Jun 2023 11:38:36 +0000 Subject: Revert "Support SIP TLS" This reverts commit a2feaf9b65cbba66181fb560b5815a62427d65cc. Reason for revert: deployment issue Change-Id: Ic21e213493f51d0c11778187ab054881bba7c21e Issue-ID: SDC-4483 Signed-off-by: MichaelMorris --- .../dist/sdc-onboard-backend-docker/artifacts/Dockerfile | 2 +- .../cookbooks/sdc-onboard-backend/attributes/default.rb | 12 ++++-------- .../recipes/ON_4_setup_jetty_modules.rb | 16 ++++++++-------- .../sdc-onboard-backend/templates/default/ssl-ini.erb | 8 ++++---- .../dist/sdc-onboard-backend-docker/artifacts/startup.sh | 4 +--- 5 files changed, 18 insertions(+), 24 deletions(-) (limited to 'openecomp-be/dist/sdc-onboard-backend-docker/artifacts') diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile index 6f2e68ec0a..6eb57a625e 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile @@ -1,4 +1,4 @@ -FROM onap/integration-java11:10.0.0 +FROM onap/integration-java11:9.0.0 USER root ARG JETTY_FOLDER=/app/jetty diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb index d2a40942e8..074584a6e8 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb @@ -5,19 +5,15 @@ default['FE'][:http_port] = 8181 default['FE'][:https_port] = 9443 default['disableHttp'] = true default['cassandra'][:truststore_password] = "Aa123456" - -default['jetty']['keystore_path'] = "etc/org.onap.sdc.p12" default['jetty'][:keystore_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31" default['jetty'][:keymanager_pwd] = "?(kP!Yur![*!Y5!E^f(ZKc31" -default['jetty']['truststore_path'] = "etc/org.onap.sdc.trust.jks" -# TO CHANGE THE TRUSTSTORE CERT THE JVM CONFIGURATION -# MUST BE ALSO CHANGE IN THE startup.sh FILE default['jetty'][:truststore_pwd] = "z+KEj;t+,KN^iimSiS89e#p0" +default['jetty']['truststore_path'] = "#{ENV['JETTY_BASE']}/etc/truststore" default['VnfRepo']['vnfRepoPort'] = 8702 default['VnfRepo']['vnfRepoHost'] = "refrepo" -# Cassandra +#Cassandra default['cassandra']['cassandra_port'] = 9042 default['cassandra']['datacenter_name'] = "DC-" default['cassandra']['cluster_name'] = "SDC-CS-" @@ -25,12 +21,12 @@ default['cassandra']['socket_read_timeout'] = 20000 default['cassandra']['socket_connect_timeout'] = 20000 default['cassandra']['janusgraph_connection_timeout'] = 10000 -# Basicauth +#Basicauth default['basic_auth']['enabled'] = true default['basic_auth'][:user_name] = "testName" default['basic_auth'][:user_pass] = "testPass" default['basic_auth']['excludedUrls'] = "/v1.0/healthcheck" -# ExternalTesting +#ExternalTesting default['EXTTEST']['ep1_config'] = "vtp,VTP,true,http://refrepo:8702/onapapi/vnfsdk-marketplace,onap.*" default['EXTTEST']['ep2_config'] = "repository,Repository,false,,.*" diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb index 2e51402016..6b2b79b49c 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb @@ -1,4 +1,4 @@ -# Set the http module option +#Set the http module option if node['disableHttp'] http_option = "#--module=http" else @@ -18,12 +18,13 @@ template "http-ini" do group "#{ENV['JETTY_GROUP']}" mode "0755" variables ({ - :http_option => http_option, + :http_option => http_option , :http_port => "#{node['ONBOARDING_BE'][:http_port]}" }) - + end + template "https-ini" do path "#{ENV['JETTY_BASE']}/start.d/https.ini" source "https-ini.erb" @@ -33,6 +34,7 @@ template "https-ini" do variables :https_port => "#{node['ONBOARDING_BE'][:https_port]}" end + template "ssl-ini" do path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" source "ssl-ini.erb" @@ -40,11 +42,9 @@ template "ssl-ini" do group "#{ENV['JETTY_GROUP']}" mode "0755" variables ({ - :https_port => "#{node['ONBOARDING_BE'][:https_port]}", - :jetty_keystore_path => "#{node['jetty'][:keystore_path]}", - :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}", - :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}", - :jetty_truststore_path => "#{node['jetty'][:truststore_path]}", + :https_port => "#{node['ONBOARDING_BE'][:https_port]}" , + :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , + :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}" }) end diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb index c489825c7b..278fdea2ae 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb @@ -42,17 +42,17 @@ jetty.ssl.port=<%= @https_port %> ## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html ## Keystore file path (relative to $jetty.base) -jetty.sslContext.keyStorePath=<%= @jetty_keystore_path %> +jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12 ## Truststore file path (relative to $jetty.base) -jetty.sslContext.trustStorePath=<%= @jetty_truststore_path %> +jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks ## Keystore password # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %> ## Keystore type and provider -jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreType=JKS # jetty.sslContext.keyStoreProvider= ## KeyManager password @@ -64,7 +64,7 @@ jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %> jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %> ## Truststore type and provider -jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreType=JKS # jetty.sslContext.trustStoreProvider= ## whether client certificate authentication is required diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh index 6ee1b7b344..43aad8726a 100644 --- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh @@ -8,8 +8,6 @@ JAVA_OPTIONS="$JAVA_OPTIONS \ -Dconfiguration.yaml=$JETTY_BASE/config/onboarding-be/onboarding_configuration.yaml \ -Dfeatures.properties=$JETTY_BASE/config/onboarding-be/features.properties \ -XX:+HeapDumpOnOutOfMemoryError \ - -Djavax.net.ssl.trustStore=$JETTY_BASE/etc/org.onap.sdc.trust.jks \ - -Djavax.net.ssl.trustStorePassword=z+KEj;t+,KN^iimSiS89e#p0 \ -Dconfig.location=$JETTY_BASE/config/onboarding-be/." cd $JETTY_BASE @@ -18,6 +16,6 @@ cd $JETTY_BASE/chef-solo chef-solo -c solo.rb -E ${ENVNAME} cd $JETTY_HOME -echo "jetty.httpConfig.sendServerVersion=false" >>$JETTY_HOME/start.d/start.ini +echo "jetty.httpConfig.sendServerVersion=false" >> $JETTY_HOME/start.d/start.ini java $JAVA_OPTIONS -jar "${JETTY_HOME}/start.jar" -- cgit 1.2.3-korg