diff options
Diffstat (limited to 'workflow-designer-ui/docker')
-rw-r--r-- | workflow-designer-ui/docker/Dockerfile | 6 | ||||
-rw-r--r-- | workflow-designer-ui/docker/startup.sh | 33 |
2 files changed, 20 insertions, 19 deletions
diff --git a/workflow-designer-ui/docker/Dockerfile b/workflow-designer-ui/docker/Dockerfile index 2a0ef24c..58130888 100644 --- a/workflow-designer-ui/docker/Dockerfile +++ b/workflow-designer-ui/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM jetty:9.4.9-alpine +FROM jetty:9.4-jre8-alpine EXPOSE 8080 EXPOSE 8443 @@ -7,10 +7,10 @@ USER root ARG ARTIFACT -COPY org.onap.sdc.p12 org.onap.sdc.trust.jks /etc/sdc-cert/ +COPY org.onap.sdc.p12 org.onap.sdc.trust.jks ${JETTY_BASE}/etc/ ADD ${ARTIFACT} ${JETTY_BASE}/webapps/ -RUN chown -R jetty:jetty ${JETTY_BASE}/webapps /etc/sdc-cert +RUN chown -R jetty:jetty ${JETTY_BASE}/webapps ${JETTY_BASE}/etc/ COPY startup.sh . RUN chmod 744 startup.sh diff --git a/workflow-designer-ui/docker/startup.sh b/workflow-designer-ui/docker/startup.sh index 297be0de..b2f2d516 100644 --- a/workflow-designer-ui/docker/startup.sh +++ b/workflow-designer-ui/docker/startup.sh @@ -1,26 +1,27 @@ #!/bin/sh + # adding support for https HTTPS_ENABLED=${IS_HTTPS:-"false"} - -if [ "$HTTPS_ENABLED" = "true" ]; then +CLIENT_AUTH=${IS_CLIENT_AUTH:-"false"} +if [ "$HTTPS_ENABLED" = "true" ] +then echo "enable ssl" - if [ -n "$KEYSTORE_PATH" ]; then - keystore_pass="!ppJ.JvWn0hGh)oVF]([Kv)^" - truststore_pass="].][xgtze]hBhz*wy]}m#lf*" + java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \ + jetty.sslContext.keyStorePath=$KEYSTORE_PATH \ + jetty.sslContext.keyStorePassword=$KEYSTORE_PASS \ + jetty.sslContext.keyManagerPassword=$KEYSTORE_PASS \ + jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \ + jetty.sslContext.trustStorePassword=$TRUSTSTORE_PASS + + echo "setting SSL environment variable" + + SSL_JAVA_OPTS=" -DkeystorePath=$JETTY_BASE/$KEYSTORE_PATH -DkeystorePassword=$KEYSTORE_PASS -DkeyManagerPassword=$KEYSTORE_PASS -DtruststorePath=$JETTY_BASE/$KEYSTORE_PATH -DtruststorePassword=$TRUSTSTORE_PASS -DsslTrustAll=$TRUST_ALL" + + echo $SSL_JAVA_OPTS - java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl \ - jetty.sslContext.keyStorePath=$KEYSTORE_PATH \ - jetty.sslContext.keyStorePassword=${KEYSTORE_PASS:-$keystore_pass} \ - jetty.sslContext.trustStorePath=$TRUSTSTORE_PATH \ - jetty.sslContext.trustStorePassword=${TRUSTSTORE_PASS:-$truststore_pass} - else - echo "Using jetty default SSL" - java -jar "${JETTY_HOME}/start.jar" --add-to-start=https,ssl - fi else echo "no ssl required" fi - -java -DproxyTo=$BACKEND $JAVA_OPTIONS -jar $JETTY_HOME/start.jar +java $JAVA_OPTIONS -DproxyTo=$BACKEND $SSL_JAVA_OPTS -jar $JETTY_HOME/start.jar |