diff options
| author |   r.bogacki <r.bogacki@samsung.com> | 2019-10-10 08:48:03 +0200 |
|---|---|---|
| committer |   Ofir Sonsino <ofir.sonsino@intl.att.com> | 2019-10-15 08:10:32 +0000 |
| commit | 9c48e6785455a58d69fcbb4651fbd15575fe2747 (patch) | |
| tree | d53f9ad42ff99693982a016bb9b640c0fdf1ef05 /workflow-designer-ui/docker | |
| parent | 73d85da66a89bed17b0792002f7f9a525c0f78a5 (diff) | |
Enabled HTTPS for sdc-workflow-designer
-Fixes for frontend and backend communication
Change-Id: Ic8e27e1e8f116ccef23e032fbb02a99af56fa516
Issue-ID: SDC-2479
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Diffstat (limited to 'workflow-designer-ui/docker')
| -rw-r--r-- | workflow-designer-ui/docker/Dockerfile | 6 | ||||
| -rw-r--r-- | workflow-designer-ui/docker/startup.sh | 33 |
2 files changed, 20 insertions, 19 deletions
diff --git a/workflow-designer-ui/docker/Dockerfile b/workflow-designer-ui/docker/Dockerfile index 2a0ef24c..58130888 100644 --- a/workflow-designer-ui/docker/Dockerfile +++ b/workflow-designer-ui/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM jetty:9.4.9-alpine +FROM jetty:9.4-jre8-alpine EXPOSE 8080 EXPOSE 8443 @@ -7,10 +7,10 @@ USER root ARG ARTIFACT -COPY org.onap.sdc.p12 org.onap.sdc.trust.jks /etc/sdc-cert/ +COPY org.onap.sdc.p12 org.onap.sdc.trust.jks ${JETTY_BASE}/etc/ ADD ${ARTIFACT} ${JETTY_BASE}/webapps/ -RUN chown -R jetty:jetty ${JETTY_BASE}/webapps /etc/sdc-cert +RUN chown -R jetty:jetty ${JETTY_BASE}/webapps ${JETTY_BASE}/etc/ COPY startup.sh . RUN chmod 744 startup.sh diff --git a/workflow-designer-ui/docker/startup.sh b/workflow-designer-ui/docker/startup.sh index 297be0de..b2f2d516 100644 --- a/workflow-designer-ui/docker/startup.sh +++ b/workflow-designer-ui/docker/startup.sh @@ -1,26 +1,27 @@ #!/bin/sh + # adding support for https HTTPS_ENABLED=${IS_HTTPS:-"false"} - -if [ "$HTTPS_ENABLED" = "true" ]; then +CLIENT_AUTH=${IS_CLIENT_AUTH:-"false"} +if [ "$HTTPS_ENABLED" = "true" ] +then echo "enable ssl" - if [ -n "$KEYSTORE_PATH" ]; then - keystore_pass="!ppJ.JvWn0hGh)oVF]([Kv)^" - truststore_pass="].][xgtze]hBhz*wy]}m#lf*" + java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \ + jetty.sslContext.keyStorePath=$KEYSTORE_PATH \ + jetty.sslContext.keyStorePassword=$KEYSTORE_PASS \ + jetty.sslContext.keyManagerPassword=$KEYSTORE_PASS \ + jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \ + jetty.sslContext.trustStorePassword=$TRUSTSTORE_PASS + + echo "setting SSL environment variable" + + SSL_JAVA_OPTS=" -DkeystorePath=$JETTY_BASE/$KEYSTORE_PATH -DkeystorePassword=$KEYSTORE_PASS -DkeyManagerPassword=$KEYSTORE_PASS -DtruststorePath=$JETTY_BASE/$KEYSTORE_PATH -DtruststorePassword=$TRUSTSTORE_PASS -DsslTrustAll=$TRUST_ALL" + + echo $SSL_JAVA_OPTS - java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \ - jetty.sslContext.keyStorePath=$KEYSTORE_PATH \ - jetty.sslContext.keyStorePassword=${KEYSTORE_PASS:-$keystore_pass} \ - jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \ - jetty.sslContext.trustStorePassword=${TRUSTSTORE_PASS:-$truststore_pass} - else - echo "Using jetty default SSL" - java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl - fi else echo "no ssl required" fi - -java -DproxyTo=$BACKEND $JAVA_OPTIONS -jar $JETTY_HOME/start.jar +java $JAVA_OPTIONS -DproxyTo=$BACKEND $SSL_JAVA_OPTS -jar $JETTY_HOME/start.jar |