diff options
| -rwxr-xr-x | Dockerfile | 31 | ||||
| -rw-r--r-- | ca-certificates/onap-ca.crt | 31 | ||||
| -rw-r--r-- | configs/logging/logback-spring.xml | 203 | ||||
| -rwxr-xr-x | pom.xml | 31 | ||||
| -rw-r--r-- | scripts/.gitattributes | 5 | ||||
| -rwxr-xr-x | scripts/start-app.sh | 89 | ||||
| -rwxr-xr-x | scripts/wait-for.sh | 85 |
7 files changed, 474 insertions, 1 deletions
diff --git a/Dockerfile b/Dockerfile new file mode 100755 index 0000000..751e08c --- /dev/null +++ b/Dockerfile @@ -0,0 +1,31 @@ +FROM adoptopenjdk/openjdk11:jre-11.0.8_10-alpine + +ARG JAR_FILE=*.jar +ARG http_proxy +ENV HTTP_PROXY=$http_proxy +ENV http_proxy=$HTTP_PROXY +ARG https_proxy +ENV HTTPS_PROXY=$https_proxy +ENV https_proxy=$HTTPS_PROXY +USER root +RUN mkdir -p /app/config +RUN mkdir -p /app/certificates +RUN mkdir -p /app/logs +RUN mkdir -p /app/ca-certificates +RUN apk update && apk add apache2-utils + +COPY target/${JAR_FILE} /app/app.jar + +COPY configs/logging/logback-spring.xml /app +COPY scripts/start-app.sh /app +COPY scripts/wait-for.sh /app +COPY ca-certificates/onap-ca.crt /app/ca-certificates/onap-ca.crt +#RUN chown -R so:so /app +#USER so +# Springboot configuration (required) +VOLUME /app/config +# Root certificates (optional) +VOLUME /app/ca-certificates +WORKDIR /app +ENTRYPOINT ["/app/start-app.sh"] + diff --git a/ca-certificates/onap-ca.crt b/ca-certificates/onap-ca.crt new file mode 100644 index 0000000..e9a50d7 --- /dev/null +++ b/ca-certificates/onap-ca.crt @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV +BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx +NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK +DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7 +XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn +H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM +pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7 +NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg +2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY +wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd +ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM +P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6 +aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY +PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G +A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ +UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN +BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz +L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9 +7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx +c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf +jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2 +RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h +PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF +CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+ +Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A +cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR +ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX +dYY= +-----END CERTIFICATE----- diff --git a/configs/logging/logback-spring.xml b/configs/logging/logback-spring.xml new file mode 100644 index 0000000..e4be709 --- /dev/null +++ b/configs/logging/logback-spring.xml @@ -0,0 +1,203 @@ +<!-- + ============LICENSE_START======================================================= + ONAP - SO + ================================================================================ + Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= +--> +<configuration scan="true" debug="false"> + <contextListener class="org.onap.so.logger.LoggerStartupListener" /> + <include resource="org/springframework/boot/logging/logback/defaults.xml" /> + + <property name="queueSize" value="256" /> + <property name="maxFileSize" value="200MB" /> + <property name="maxHistory" value="30" /> + <property name="totalSizeCap" value="10GB" /> + + <!-- log file names --> + <property name="errorLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + + <property name="currentTimeStamp" value="%d{"yyyy-MM-dd'T'HH:mm:ss.SSSXXX",UTC}" /> + + <property name="errorPattern" + value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%.-5level|%X{ErrorCode:-500}|%X{ErrorDesc}|%msg%n" /> + + <property name="debugPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestID}|%logger{50} - %msg%n" /> + + <property name="auditPattern" + value="%X{EntryTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%marker|%mdc|||%msg%n" /> + + <property name="metricPattern" + value="%X{InvokeTimestamp}|%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX,UTC}|%X{RequestID}|%X{ServiceInstanceId}|%thread||%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDesc}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}||||%X{TargetVirtualEntity}|%marker|%mdc|||%msg%n" /> + + <property name="defaultPattern" + value="%nopexception%logger + \t%date{yyyy-MM-dd'T'HH:mm:ss.SSSXXX,UTC} + \t%level + \t%replace(%replace(%message){'\t','\\\\t'}){'\n','\\\\n'} + \t%replace(%replace(%mdc){'\t','\\\\t'}){'\n','\\\\n'} + \t%replace(%replace(%rootException){'\t','\\\\t'}){'\n','\\\\n'} + \t%replace(%replace(%marker){'\t','\\\\t'}){'\n','\\\\n'} + \t%thread + \t%n" /> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> + </appender> + + <appender name="Audit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>EXIT</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + <file>${logs_dir:-.}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>${logs_dir:-.}/${auditLogName}.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>${maxFileSize}</maxFileSize> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${auditPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Audit" /> + </appender> + + <appender name="Metric" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>INVOKE-RETURN</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + <file>${logs_dir:-.}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>${logs_dir:-.}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>${maxFileSize}</maxFileSize> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${metricPattern}</pattern> + </encoder> + </appender> + + + <appender name="asyncMetric" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Metric" /> + </appender> + + <appender name="Error" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <file>${logs_dir:-.}/${errorLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>${logs_dir:-.}/${errorLogName}.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>${maxFileSize}</maxFileSize> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Error" /> + </appender> + + <appender name="Debug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>INVOKE</marker> + <marker>INVOKE-RETURN</marker> + <marker>ENTRY</marker> + <marker>EXIT</marker> + </evaluator> + <onMismatch>ACCEPT</onMismatch> + <onMatch>DENY</onMatch> + </filter> + <file>${logs_dir:-.}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> + <fileNamePattern>${logs_dir:-.}/${debugLogName}.%d{yyyy-MM-dd}.%i.log.zip + </fileNamePattern> + <maxFileSize>${maxFileSize}</maxFileSize> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="Debug" /> + <includeCallerData>true</includeCallerData> + </appender> + + <!-- Spring related loggers --> + <logger name="org.springframework" level="WARN" /> + <logger name="org.springframework.security.authentication.dao.DaoAuthenticationProvider" level="DEBUG" /> + + <!-- Camunda related loggers --> + <logger name="org.camunda.bpm.engine.jobexecutor.level" level="WARN" /> + <logger name="org.camunda.bpm.engine.impl.persistence.entity.JobEntity.level" level="WARN" /> + + <logger name="org.apache.wire" level="DEBUG" /> + <logger name="org.onap" level="DEBUG" /> + <logger name="com.att.ecomp" level="DEBUG" /> + <logger name="org.apache.cxf.interceptor" level="DEBUG" /> + <logger name="com.att.commons" level="DEBUG" /> + <logger name="org.reflections" level="ERROR" /> + + <logger name="AUDIT" level="INFO" additivity="false"> + <appender-ref ref="asyncAudit" /> + </logger> + + <logger name="METRIC" level="INFO" additivity="false"> + <appender-ref ref="asyncMetric" /> + </logger> + + <root level="INFO"> + <appender-ref ref="asyncDebug" /> + <appender-ref ref="asyncError" /> + <appender-ref ref="asyncAudit" /> + <appender-ref ref="asyncMetric" /> + <appender-ref ref="STDOUT" /> + </root> + +</configuration>
\ No newline at end of file @@ -5,7 +5,7 @@ <parent> <groupId>org.onap.so</groupId> <artifactId>adapters</artifactId> - <version>1.7.1-SNAPSHOT</version> + <version>1.8.0-SNAPSHOT</version> </parent> <groupId>org.onap.so.adapters</groupId> <artifactId>so-oof-adapter</artifactId> @@ -158,6 +158,35 @@ </dependency> </dependencies> </plugin> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>exec-maven-plugin</artifactId> + <version>1.6.0</version> + <executions> + <execution> + <id>docker-build</id> + <phase>install</phase> + <goals> + <goal>exec</goal> + </goals> + <configuration> + <dockerFile>Dockerfile.so-cnf-adapter</dockerFile> + <executable>docker</executable> + <workingDirectory>${project.basedir}</workingDirectory> + <arguments> + <argument>build</argument> + <argument>-t</argument> + <argument>onap/so/${project.artifactId}:${project.version}</argument> + <argument>.</argument> + </arguments> + <buildArgs> + <JAR_FILE>${project.artifactId}-${project.version}.jar</JAR_FILE> + <ARTIFACT_ID>${project.artifactId}</ARTIFACT_ID> + </buildArgs> + </configuration> + </execution> + </executions> + </plugin> </plugins> <resources> <resource> diff --git a/scripts/.gitattributes b/scripts/.gitattributes new file mode 100644 index 0000000..b905d1d --- /dev/null +++ b/scripts/.gitattributes @@ -0,0 +1,5 @@ +# Default behavior +* text=auto + +# Files to have unix style line endings on checkout +*.sh text eol=lf
\ No newline at end of file diff --git a/scripts/start-app.sh b/scripts/start-app.sh new file mode 100755 index 0000000..54ed9ed --- /dev/null +++ b/scripts/start-app.sh @@ -0,0 +1,89 @@ +#!/bin/sh +#temprary condition +if [ `id -u` = 0 ] +then + # Install certificates found in the /app/ca-certificates volume, if any. + + needUpdate=FALSE + + for certificate in `ls -1 /app/ca-certificates`; do + echo "Installing $certificate in /usr/local/share/ca-certificates" + # cp /app/ca-certificates/$certificate /usr/local/share/ca-certificates/$certificate + needUpdate=FALSE + done + + # Re-exec this script as the 'onap' user. + this=`readlink -f $0` + # exec su so -c "$this" +fi + +touch /app/app.jar + +if [ ! -z "$DB_HOST" -a -z "$DB_PORT" ]; then + export DB_PORT=3306 +fi + +if [ -z "${CONFIG_PATH}" ]; then + export CONFIG_PATH=/app/config/override.yaml +fi + +if [ "${SSL_DEBUG}" = "log" ]; then + export SSL_DEBUG="-Djavax.net.debug=all" +else + export SSL_DEBUG= +fi + +# Set java keystore and truststore options, if specified in the environment. + +jksargs= + +if [ ! -z "${KEYSTORE}" ]; then + jksargs="$jksargs -Dmso.load.ssl.client.keystore=true" + jksargs="$jksargs -Djavax.net.ssl.keyStore=$KEYSTORE" + jksargs="$jksargs -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASSWORD}" +fi + +if [ ! -z "${TRUSTSTORE}" ]; then + jksargs="$jksargs -Djavax.net.ssl.trustStore=${TRUSTSTORE}" + jksargs="$jksargs -Djavax.net.ssl.trustStorePassword=${TRUSTSTORE_PASSWORD}" +fi + +if [ -z "${ACTIVE_PROFILE}" ]; then + export ACTIVE_PROFILE="basic" +fi + +jvmargs="${JVM_ARGS} -Dspring.profiles.active=${ACTIVE_PROFILE} -Djava.security.egd=file:/dev/./urandom -Dlogs_dir=${LOG_PATH} -Dlogging.config=/app/logback-spring.xml $jksargs -Dspring.config.additional-location=$CONFIG_PATH ${SSL_DEBUG} ${DISABLE_SNI}" + + +read_properties(){ + while IFS="=" read -r key value; do + case "${key}" in + '#'*) ;; + *) + eKey=$(echo $key | tr '[:lower:]' '[:upper:]') + export "$eKey"="$value" + esac + done <<-EOF + $1 + EOF +} + + + +if [ -n "${AAF_SSL_CERTS_ENABLED}" ]; then +read_properties "$(head -n 4 /app/certs/.passphrases)" +fi + +echo "JVM Arguments: ${jvmargs}" + +java ${jvmargs} -jar app.jar +rc=$? + +echo "Application exiting with status code $rc" + +if [ ! -z "${EXIT_DELAY}" -a "${EXIT_DELAY}" != 0 ]; then + echo "Delaying $APP exit for $EXIT_DELAY seconds" + sleep $EXIT_DELAY +fi + +exit $rc diff --git a/scripts/wait-for.sh b/scripts/wait-for.sh new file mode 100755 index 0000000..2525821 --- /dev/null +++ b/scripts/wait-for.sh @@ -0,0 +1,85 @@ +#!/bin/sh +# https://github.com/Eficode/wait-for.git +# MIT License + +TIMEOUT=15 +QUIET=0 + +echoerr() { + if [ "$QUIET" -ne 1 ]; then printf "%s\n" "$*" 1>&2; fi +} + +usage() { + exitcode="$1" + cat << USAGE >&2 +Usage: + $cmdname host:port [-t timeout] [-- command args] + -q | --quiet Do not output any status messages + -t TIMEOUT | --timeout=timeout Timeout in seconds, zero for no timeout + -- COMMAND ARGS Execute command with args after the test finishes +USAGE + exit "$exitcode" +} + +wait_for() { + command="$*" + if [ "$QUIET" -ne 1 ]; then echo "$0: probing host $HOST port $PORT"; fi + for i in `seq $TIMEOUT` ; do + nc -z "$HOST" "$PORT" > /dev/null 2>&1 + result=$? + if [ $result -eq 0 ] ; then + if [ "$QUIET" -ne 1 ]; then echo "$0: operation succeeded on try $i"; fi + if [ -n "$command" ] ; then + if [ "$QUIET" -ne 1 ]; then echo "$0: exec-ing command $command"; fi + exec $command + fi + exit 0 + fi + if [ "$QUIET" -ne 1 ]; then echo "$0: sleeping after try $i"; fi + sleep 1 + done + echo "$0: Operation timed out" >&2 + exit 1 +} + +while [ $# -gt 0 ] +do + case "$1" in + *:* ) + HOST=$(printf "%s\n" "$1"| cut -d : -f 1) + PORT=$(printf "%s\n" "$1"| cut -d : -f 2) + shift 1 + ;; + -q | --quiet) + QUIET=1 + shift 1 + ;; + -t) + TIMEOUT="$2" + if [ "$TIMEOUT" = "" ]; then break; fi + shift 2 + ;; + --timeout=*) + TIMEOUT="${1#*=}" + shift 1 + ;; + --) + shift + break + ;; + --help) + usage 0 + ;; + *) + echoerr "Unknown argument: $1" + usage 1 + ;; + esac +done + +if [ "$HOST" = "" -o "$PORT" = "" ]; then + echoerr "Error: you need to provide a host and port to test." + usage 2 +fi + +wait_for "$@" |