diff options
Diffstat (limited to 'packages/docker/src')
19 files changed, 109 insertions, 1244 deletions
diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.aria b/packages/docker/src/main/docker/docker-files/Dockerfile.aria deleted file mode 100644 index 26f672e51d..0000000000 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.aria +++ /dev/null @@ -1,44 +0,0 @@ -# -# ============LICENSE_START=================================================== -# Copyright (c) 2017 Cloudify.co. All rights reserved. -# =================================================================== -# Licensed under the Apache License, Version 2.0 (the "License"); you may not -# use this file except in compliance with the License. You may obtain a copy -# of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations under -# the License. -# ============LICENSE_END==================================================== -# -FROM httpd:alpine -ARG aria_rest_url -ARG aria_rest_branch - -RUN apk update -RUN apk add python2 py2-pip gcc python2-dev linux-headers musl-dev git curl -WORKDIR /tmp -RUN git clone -b 0.1.1 https://github.com/cloudify-cosmo/aria-extension-cloudify -WORKDIR /tmp/aria-extension-cloudify -RUN pip install -U setuptools -RUN pip install . -RUN pip install apache-ariatosca==0.1.1 jinja2==2.8 -WORKDIR /tmp -RUN git clone -b ${aria_rest_branch} ${aria_rest_url} -WORKDIR /tmp/so/aria/aria-rest-server/src/main/python/aria-rest -RUN pip install . -WORKDIR /tmp -RUN git clone -b 2.0.1 https://github.com/cloudify-cosmo/cloudify-openstack-plugin -RUN wagon create ./cloudify-openstack-plugin -RUN aria plugins install cloudify_openstack_plugin-2.0.1-py27-none-linux_x86_64.wgn -RUN rm cloudify_openstack_plugin-2.0.1-py27-none-linux_x86_64.wgn -RUN git clone -b 1.4.10 https://github.com/cloudify-cosmo/cloudify-aws-plugin -RUN wagon create ./cloudify-aws-plugin -RUN aria plugins install cloudify_aws_plugin-1.4.10-py27-none-linux_x86_64.wgn -RUN rm cloudify_aws_plugin-1.4.10-py27-none-linux_x86_64.wgn - -CMD aria-rest diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.jacoco b/packages/docker/src/main/docker/docker-files/Dockerfile.jacoco deleted file mode 100644 index cd70b373f7..0000000000 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.jacoco +++ /dev/null @@ -1,33 +0,0 @@ -### Set the base image to Ubuntu -FROM ubuntu:14.04 - -### File Author / Maintainer -MAINTAINER "The ONAP Team" -LABEL Description="This image is used to get jacoco result from a jboss image" Version="1.0" - -ARG http_proxy -ARG https_proxy -ARG chef_repo_branch_name -ARG chef_repo_address -ARG chef_repo_git_name -ARG chef_repo_git_username -ENV HTTP_PROXY=$http_proxy -ENV HTTPS_PROXY=$https_proxy -ENV http_proxy=$HTTP_PROXY -ENV https_proxy=$HTTPS_PROXY -RUN echo "Acquire::http::Proxy \"$http_proxy\";" >> /etc/apt/apt.conf - -RUN apt-get update && apt-get install -y openssh-server -RUN mkdir /var/run/sshd -RUN echo 'root:screencast' | chpasswd -RUN sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config - -# SSH login fix. Otherwise user is kicked off after login -RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd - -ENV NOTVISIBLE "in users profile" -RUN echo "export VISIBLE=now" >> /etc/profile - -VOLUME /shared - -CMD ["/usr/sbin/sshd", "-D"] diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-arquillian b/packages/docker/src/main/docker/docker-files/Dockerfile.mso-arquillian deleted file mode 100644 index 6dfdfa3d1b..0000000000 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-arquillian +++ /dev/null @@ -1,90 +0,0 @@ -FROM openecomp/wildfly:1.0 - - -### File Author / Maintainer -MAINTAINER "The ONAP Team" -LABEL Description="This image contains the ONAP SO base for arquillian" Version="1.0" - -ENV CHEF_REPO_NAME="chef-repo" -ENV CHEF_CONFIG_NAME="mso-config" - -### Downloading dependencies - -USER root -RUN apt-get install -y curl && curl -LO https://packages.chef.io/stable/ubuntu/12.04/chefdk_0.17.17-1_amd64.deb && curl -LO http://central.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/1.5.4/mariadb-java-client-1.5.4.jar && curl -LO http://search.maven.org/remotecontent?filepath=org/jacoco/jacoco/0.7.7.201606060606/jacoco-0.7.7.201606060606.zip && apt-get remove --purge -y curl && apt-get autoremove -y -RUN apt-get install -y unzip && unzip jacoco-0.7.7.201606060606.zip -d /tmp/jacoco && apt-get remove --purge -y unzip && apt-get autoremove -y -RUN chown -R jboss:jboss /tmp/jacoco -### Install Chef -RUN dpkg -i chefdk_0.17.17-1_amd64.deb - -COPY scripts/start-jboss-server.sh /opt/mso/scripts/start-jboss-server.sh - -RUN chown jboss:jboss /opt/mso/scripts/* -RUN chmod u+rx /opt/mso/scripts/* - -RUN mkdir /etc/chef -RUN chown jboss:jboss /etc/chef -RUN chmod u+xrw /etc/chef - -RUN mkdir -p /etc/mso -RUN chown -R jboss:jboss /etc/mso -RUN chmod u+xrw /etc/mso - -# Setup shared folder -RUN mkdir /shared -RUN chown jboss:jboss /shared - -# Setup chef folders -RUN mkdir -p /var/chef/nodes -RUN chown jboss:jboss /var/chef/nodes -RUN mkdir /var/berks-cookbooks -RUN chown jboss:jboss /var/berks-cookbooks -RUN mkdir -p /home/jboss/.chef/nodes -RUN chown jboss:jboss /home/jboss/.chef/nodes - -COPY chef-configs/${CHEF_REPO_NAME} /var/berks-cookbooks/${CHEF_REPO_NAME} -COPY chef-configs/${CHEF_CONFIG_NAME} /var/berks-cookbooks/${CHEF_CONFIG_NAME} -COPY chef-configs/solo.rb /var/berks-cookbooks/${CHEF_REPO_NAME}/solo.rb - -# Start Chef config -RUN sed "s/CHEF_REPO_NAME_TO_REPLACE/${CHEF_REPO_NAME}/g" -i /var/berks-cookbooks/${CHEF_REPO_NAME}/solo.rb -RUN chef-solo -c /var/berks-cookbooks/${CHEF_REPO_NAME}/solo.rb -o recipe[mso-config::apih],recipe[mso-config::bpmn],recipe[mso-config::jra] - -RUN mv /var/berks-cookbooks/${CHEF_REPO_NAME}/environments/mso-docker.json /var/berks-cookbooks/${CHEF_REPO_NAME}/environments/mso-docker-init.json -RUN echo "" > /shared/mso-docker.json -RUN ln -s /shared/mso-docker.json /var/berks-cookbooks/${CHEF_REPO_NAME}/environments/mso-docker.json - -# Jacoco config -RUN echo "" > /shared/jacoco-it.exec -RUN ls -latr / -RUN ls -latr /shared -RUN chown jboss:jboss /shared/jacoco-it.exec - -## Create the log folder for MSO -RUN mkdir -p /var/log/ecomp/MSO/ -RUN chown jboss:jboss /var/log/ecomp/MSO - -### Configure Jboss WildFly -RUN mkdir -p $JBOSS_HOME/modules/mariadb/main -RUN cp mariadb-java-client-1.5.4.jar $JBOSS_HOME/modules/mariadb/main -COPY jboss-configs/modules/mariadb/main/module.xml $JBOSS_HOME/modules/mariadb/main -COPY jboss-configs/configuration/standalone-full-ha.xml $JBOSS_HOME/standalone/configuration/standalone-full-ha-mso.xml -COPY jboss-configs/configuration/mgmt-users.properties $JBOSS_HOME/standalone/configuration/mgmt-users.properties -COPY jboss-configs/configuration/mgmt-groups.properties $JBOSS_HOME/standalone/configuration/mgmt-groups.properties -COPY jboss-configs/configuration/application-users.properties $JBOSS_HOME/standalone/configuration/application-users.properties -COPY jboss-configs/configuration/application-roles.properties $JBOSS_HOME/standalone/configuration/application-roles.properties - -RUN echo "JAVA_OPTS=\"\$JAVA_OPTS -Xms64m -Xmx4g -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=1g -Djboss.bind.address=0.0.0.0 -Djboss.bind.address.management=0.0.0.0 -Dmso.db=MARIADB -Dmso.config.path=/etc/mso/config.d/ -javaagent:/tmp/jacoco/lib/jacocoagent.jar=destfile=/shared/jacoco-it.exec,dumponexit=true,append=false,includes=com.att.*:org.openecomp.*\"" >> $JBOSS_HOME/bin/standalone.conf -RUN echo "LAUNCH_JBOSS_IN_BACKGROUND=true" >> $JBOSS_HOME/bin/standalone.conf - -RUN mkdir -p /etc/mso/config.d/ASDC && chown -R jboss:jboss /etc/mso/config.d/ASDC && chmod u+xrw /etc/mso/config.d/ASDC - -### Open Ports -EXPOSE 8080 9990 - -VOLUME /shared - -### Start EAP -USER root -CMD ["/opt/mso/scripts/start-jboss-server.sh"] - diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final b/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final deleted file mode 100644 index bbb3d1e4bf..0000000000 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.mso-chef-final +++ /dev/null @@ -1,171 +0,0 @@ -FROM openecomp/wildfly:1.0 - - -### File Author / Maintainer -MAINTAINER "The ONAP Team" -LABEL Description="This image contains the ONAP SO" Version="1.0" - -ARG http_proxy -ARG https_proxy -ENV HTTP_PROXY=$http_proxy -ENV HTTPS_PROXY=$https_proxy -ENV http_proxy=$HTTP_PROXY -ENV https_proxy=$HTTPS_PROXY - -ENV CHEF_REPO_NAME="chef-repo" -ENV CHEF_CONFIG_NAME="mso-config" - -USER root - -### Downloading dependencies -# Install specific system libraries to fix CVE vulnerabilities -RUN echo "deb http://archive.ubuntu.com/ubuntu/ artful main restricted" >> /etc/apt/sources.list && \ - echo "deb http://security.ubuntu.com/ubuntu/ artful-security main restricted" >> /etc/apt/sources.list && \ - echo "deb http://archive.ubuntu.com/ubuntu/ bionic main restricted" >> /etc/apt/sources.list && \ - apt-get -y update - -# krb5 1.16-2build1 -# For CVE-2017-15088 CVE-2017-11462 -# libvorbis 1.3.5-4ubuntu0.2 -# For CVE-2017-14632 CVE-2017-14160 -# libx11 2:1.6.4-3 -# For CVE-2016-7943 CVE-2016-7942 -# libxtst 1.2.3-1 -# For CVE-2016-7951 -# ncurses 6.1-1ubuntu1 -# For CVE-2017-10685 CVE-2017-10684 -# libsqllite3-0 3.22.0-1 -# For CVE-2017-10989 -# libtiff5 4.0.8-5ubuntu0.1 -# For CVE-2017-9117 CVE-2016-9540 CVE-2016-9539 CVE-2016-9538 CVE-2016-9537 CVE-2016-9536 CVE-2016-9535 CVE-2016-9534 CVE-2016-9533 CVE-2015-8668 CVE-2015-7554 CVE-2016-6223 CVE-2017-5563 CVE-2016-3621 CVE-2016-8331 -# shadow 1:4.5-1ubuntu1 -# For CVE-2017-12424 -# perl-base 5.26.0-8ubuntu1.1 -# For CVE-2015-8608 CVE-2017-12883 -# openssl 1.1.0g-2ubuntu3 -# For CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 CVE-2016-2176 -# zlib1g 1:1.2.11.dfsg-0ubuntu2 -# For CVE-2016-9843 CVE-2016-9841 CVE-2016-9842 CVE-2016-9840 -# libexpat1 2.2.5-3 -# For CVE-2016-0718 CVE-2016-4472 -# libc-bin libc6 2.26-0ubuntu2.1 -# For CVE-2018-6485 -# openssl 1.1.0g-2ubuntu3 -# For CVE-2016-6303 CVE-2016-2182 CVE-2016-2177 -# libpcre3 2:8.39-5ubuntu3 -# For CVE-2016-3191 CVE-2016-1283 -# berkeleydb -# For CVE-2016-3418 CVE-2016-0694 CVE-2016-0689 CVE-2016-0682 -# jetty -# For CVE-2017-9735 -# libxi -# For CVE-2016-7946 CVE-2016-7945 -# xalan -# For CVE-2014-0107 -# git -# For CVE-2017-14867 -# - -USER root -RUN apt-get -y --only-upgrade install \ - libkrb5-3 krb5-locales \ - libvorbis0a \ - libx11-6 libx11-data libx11-doc libx11-xcb1 \ - libxtst6 \ - ncurses-base ncurses-bin libncurses5 libncursesw5 \ - libsqlite3-0 \ - libtiff5 \ - passwd \ - perl-base \ - openssl \ - zlib1g \ - libdb5.3 \ - libc-bin libc6 multiarch-support \ - libxi6 \ - libpcre3 \ - expat \ - jetty9 \ - xalan \ - git - - -RUN apt-get install -y netcat curl && curl -LO https://packages.chef.io/files/stable/chefdk/2.5.3/ubuntu/16.04/chefdk_2.5.3-1_amd64.deb && curl -LO http://central.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/1.5.4/mariadb-java-client-1.5.4.jar && apt-get remove --purge -y curl && apt-get autoremove -y - -### Install Chef -#RUN dpkg -i chefdk_0.17.17-1_amd64.deb -RUN dpkg -i chefdk_2.5.3-1_amd64.deb - -COPY scripts/start-jboss-server.sh /opt/mso/scripts/start-jboss-server.sh - -RUN chown jboss:jboss /opt/mso/scripts/* -RUN chmod u+rx /opt/mso/scripts/* - -RUN mkdir /etc/chef -RUN chown jboss:jboss /etc/chef -RUN chmod u+xrw /etc/chef - -RUN mkdir -p /etc/mso -RUN chown -R jboss:jboss /etc/mso -RUN chmod u+xrw /etc/mso - -# Setup shared folder -RUN mkdir /shared -RUN chown jboss:jboss /shared - -# Setup chef folders -RUN mkdir -p /var/chef/nodes -RUN chown jboss:jboss /var/chef/nodes -RUN mkdir /var/berks-cookbooks -RUN chown jboss:jboss /var/berks-cookbooks -RUN mkdir -p /home/jboss/.chef/nodes -RUN chown jboss:jboss /home/jboss/.chef/nodes - -COPY chef-configs/${CHEF_REPO_NAME} /var/berks-cookbooks/${CHEF_REPO_NAME} -COPY chef-configs/${CHEF_CONFIG_NAME} /var/berks-cookbooks/${CHEF_CONFIG_NAME} -COPY chef-configs/solo.rb /var/berks-cookbooks/${CHEF_REPO_NAME}/solo.rb - -# Start Chef config -RUN sed "s/CHEF_REPO_NAME_TO_REPLACE/${CHEF_REPO_NAME}/g" -i /var/berks-cookbooks/${CHEF_REPO_NAME}/solo.rb -RUN chef-solo -c /var/berks-cookbooks/${CHEF_REPO_NAME}/solo.rb -o recipe[mso-config::apih],recipe[mso-config::bpmn],recipe[mso-config::jra] - -RUN mv /var/berks-cookbooks/${CHEF_REPO_NAME}/environments/mso-docker.json /var/berks-cookbooks/${CHEF_REPO_NAME}/environments/mso-docker-init.json -RUN echo "" > /shared/mso-docker.json -RUN ln -s /shared/mso-docker.json /var/berks-cookbooks/${CHEF_REPO_NAME}/environments/mso-docker.json - -## Create the log folder for MSO -RUN mkdir -p /var/log/ecomp/MSO/ -RUN chown jboss:jboss /var/log/ecomp/MSO - -### Configure Jboss WildFly -RUN mkdir -p $JBOSS_HOME/modules/mariadb/main -RUN cp mariadb-java-client-1.5.4.jar $JBOSS_HOME/modules/mariadb/main -COPY jboss-configs/modules/mariadb/main/module.xml $JBOSS_HOME/modules/mariadb/main -COPY jboss-configs/configuration/standalone-full-ha.xml $JBOSS_HOME/standalone/configuration/standalone-full-ha-mso.xml -COPY jboss-configs/configuration/mgmt-users.properties $JBOSS_HOME/standalone/configuration/mgmt-users.properties -COPY jboss-configs/configuration/mgmt-groups.properties $JBOSS_HOME/standalone/configuration/mgmt-groups.properties -COPY jboss-configs/configuration/application-users.properties $JBOSS_HOME/standalone/configuration/application-users.properties -COPY jboss-configs/configuration/application-roles.properties $JBOSS_HOME/standalone/configuration/application-roles.properties - -RUN echo "JAVA_OPTS=\"\$JAVA_OPTS -Xms64m -Xmx4g -XX:MetaspaceSize=96M -XX:MaxMetaspaceSize=1g -Djboss.bind.address=0.0.0.0 -Djboss.bind.address.management=0.0.0.0 -Dmso.db=MARIADB -Dmso.config.path=/etc/mso/config.d/\"" >> $JBOSS_HOME/bin/standalone.conf -RUN echo "LAUNCH_JBOSS_IN_BACKGROUND=true" >> $JBOSS_HOME/bin/standalone.conf - -COPY ./maven/artifacts/* $JBOSS_HOME/standalone/deployments/ - -RUN mkdir -p /etc/mso/config.d/ASDC && chown -R jboss:jboss /etc/mso/config.d/ASDC && chmod u+xrw /etc/mso/config.d/ASDC - -COPY wait-for.sh / - -## Install heatbridge -#RUN apt-get install -y python && apt-get install -y python-pip && echo 'PIP Installed, doing upgrade' && pip install --upgrade pip -#RUN mkdir /opt/mso/heatbridge -#COPY heatbridge/heatbridge-0.3.0.dev0-py2-none-any.whl /opt/mso/heatbridge -#RUN pip install /opt/mso/heatbridge/heatbridge-0.3.0.dev0-py2-none-any.whl - -### Open Ports -EXPOSE 8080 - -VOLUME /shared - -### Start EAP -USER root -CMD ["/opt/mso/scripts/start-jboss-server.sh"] diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.so-app b/packages/docker/src/main/docker/docker-files/Dockerfile.so-app index 27c6b58cd2..69b88d8905 100644 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.so-app +++ b/packages/docker/src/main/docker/docker-files/Dockerfile.so-app @@ -7,16 +7,27 @@ ARG https_proxy ENV HTTPS_PROXY=$https_proxy ENV https_proxy=$HTTPS_PROXY -RUN mkdir /app +RUN mkdir /app && mkdir /app/config && mkdir /app/certificates && mkdir /app/logs COPY maven/app.jar /app COPY configs/logging/logback-spring.xml /app -COPY scripts/startService.sh /app +COPY scripts/start-app.sh /app +COPY scripts/wait-for.sh /app -RUN chown -R so:so /app && chmod 700 /app/startService.sh +RUN chown -R so:so /app && chmod 700 /app/*.sh -VOLUME /tmp +## TODO for Casablanca: install this in the openstack-adapter container +## Install heatbridge +#RUN apt-get install -y python && apt-get install -y python-pip && echo 'PIP Installed, doing upgrade' && pip install --upgrade pip +#RUN mkdir /opt/mso/heatbridge +#COPY heatbridge/heatbridge-0.3.0.dev0-py2-none-any.whl /opt/mso/heatbridge +#RUN pip install /opt/mso/heatbridge/heatbridge-0.3.0.dev0-py2-none-any.whl + +# Springboot configuration (required) +VOLUME /app/config + +# Root certificates (optional) +VOLUME /app/ca-certificates WORKDIR /app -USER so:so -ENTRYPOINT /app/startService.sh +CMD ["/app/start-app.sh"] diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.so-base-image b/packages/docker/src/main/docker/docker-files/Dockerfile.so-base-image index 9780018325..de446b734a 100644 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.so-base-image +++ b/packages/docker/src/main/docker/docker-files/Dockerfile.so-base-image @@ -11,7 +11,7 @@ ENV https_proxy=$HTTPS_PROXY RUN apk update && apk upgrade # Install commonly needed tools -RUN apk --no-cache add curl sudo bash +RUN apk --no-cache add curl netcat-openbsd sudo # Create 'so' user -RUN addgroup -g 1000 so && adduser -S -u 1000 -G so so +RUN addgroup -g 1000 so && adduser -S -u 1000 -G so -s /bin/sh so diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.ubuntu-16.04-update b/packages/docker/src/main/docker/docker-files/Dockerfile.ubuntu-16.04-update deleted file mode 100644 index 8ed710745a..0000000000 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.ubuntu-16.04-update +++ /dev/null @@ -1,22 +0,0 @@ -FROM ubuntu:16.04 - -### File Author / Maintainer -MAINTAINER "The ONAP Team" -LABEL Description="This image contains an updated version of ubuntu 16.04" Version="1.0" - -ARG http_proxy -ARG https_proxy -ARG chef_repo_branch_name -ARG chef_repo_address -ARG chef_repo_git_name -ARG chef_repo_git_username -ENV HTTP_PROXY=$http_proxy -ENV HTTPS_PROXY=$https_proxy -ENV http_proxy=$HTTP_PROXY -ENV https_proxy=$HTTPS_PROXY - -### update first the image to fix potential security issues -RUN apt-get update -RUN apt-get -y dist-upgrade - - diff --git a/packages/docker/src/main/docker/docker-files/Dockerfile.wildfly-10 b/packages/docker/src/main/docker/docker-files/Dockerfile.wildfly-10 deleted file mode 100644 index df39659efd..0000000000 --- a/packages/docker/src/main/docker/docker-files/Dockerfile.wildfly-10 +++ /dev/null @@ -1,32 +0,0 @@ -FROM openecomp/ubuntu-update:1.0 - -### File Author / Maintainer -MAINTAINER "The ONAP Team" -LABEL Description="This image contains ONAP SO ubuntu base" Version="1.0" - -ARG http_proxy -ARG https_proxy -ARG chef_repo_branch_name -ARG chef_repo_address -ARG chef_repo_git_name -ARG chef_repo_git_username -ENV HTTP_PROXY=$http_proxy -ENV HTTPS_PROXY=$https_proxy -ENV http_proxy=$HTTP_PROXY -ENV https_proxy=$HTTPS_PROXY - -### Install OpenJDK -RUN apt-get -y update; \ - apt-get -y install openjdk-8-jre-headless - -### Install Wildfly -ENV JBOSS_HOME=/opt/jboss - -RUN WILDFLY=wildfly-10.1.0.Final.tar.gz; apt-get -y install curl; curl -LO http://download.jboss.org/wildfly/10.1.0.Final/$WILDFLY ; tar xvfz $WILDFLY -C /opt/; mv /opt/${WILDFLY%.tar.gz} $JBOSS_HOME; rm $WILDFLY; apt-get remove -y --purge curl; apt-get autoremove -y -RUN adduser --system --group jboss -RUN chown -R jboss $JBOSS_HOME -RUN $JBOSS_HOME/bin/add-user.sh admin Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U --silent - -USER jboss -CMD ["/opt/jboss/bin/standalone.sh", "-b", "0.0.0.0", "-bmanagement", "0.0.0.0"] - diff --git a/packages/docker/src/main/docker/docker-files/chef-configs/solo.rb b/packages/docker/src/main/docker/docker-files/chef-configs/solo.rb deleted file mode 100644 index 5e8247503a..0000000000 --- a/packages/docker/src/main/docker/docker-files/chef-configs/solo.rb +++ /dev/null @@ -1,9 +0,0 @@ -current_dir = File.dirname(__FILE__) -log_level :info -log_location STDOUT -node_name "mso" -syntax_check_cache_path "#{current_dir}/syntaxcache" -cookbook_path ["/var/berks-cookbooks"] -environment_path "/var/berks-cookbooks/CHEF_REPO_NAME_TO_REPLACE/environments" -environment "mso-docker" - diff --git a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/application-roles.properties b/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/application-roles.properties deleted file mode 100644 index cff4865c3d..0000000000 --- a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/application-roles.properties +++ /dev/null @@ -1,33 +0,0 @@ -# -# Properties declaration of users roles for the realm 'ApplicationRealm' which is the default realm -# for application services on a new installation. -# -# This includes the following protocols: remote ejb, remote jndi, web, remote jms -# -# Users can be added to this properties file at any time, updates after the server has started -# will be automatically detected. -# -# The format of this file is as follows: - -# username=role1,role2,role3 -# -# A utility script is provided which can be executed from the bin folder to add the users: - -# - Linux -# bin/add-user.sh -# -# - Windows -# bin\add-user.bat -# -# The following illustrates how an admin user could be defined. -# -#admin=PowerUser,BillingAdmin, -#guest=guest -CSIClient=CSI-Client -CCDClient=CCD-Client -GUIClient=GUI-Client -BPMNClient=BPMN-Client -InfraPortalClient=InfraPortal-Client -MSOClient=MSO-Client -sitecontrol=SiteControl-Client -MSO=AAIEmul-Client -BPELClient=BPEL-Client -SDNCClient=SDNC-Client diff --git a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/application-users.properties b/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/application-users.properties deleted file mode 100644 index f7b44d4283..0000000000 --- a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/application-users.properties +++ /dev/null @@ -1,35 +0,0 @@ -# -# Properties declaration of users for the realm 'ApplicationRealm' which is the default realm -# for application services on a new installation. -# -# This includes the following protocols: remote ejb, remote jndi, web, remote jms -# -# Users can be added to this properties file at any time, updates after the server has started -# will be automatically detected. -# -# The format of this realm is as follows: - -# username=HEX( MD5( username ':' realm ':' password)) -# -# A utility script is provided which can be executed from the bin folder to add the users: - -# - Linux -# bin/add-user.sh -# -# - Windows -# bin\add-user.bat -# -#$REALM_NAME=ApplicationRealm$ This line is used by the add-user utility to identify the realm name already used in this file. -# -# The following illustrates how an admin user could be defined, this -# is for illustration only and does not correspond to a usable password. -# -#admin=2a0923285184943425d1f53ddd58ec7a -CSIClient=0024f53a4ec012c22d9575a3710ed362 -CCDClient=c5e97286d4251605d8ef72f727ac1da6 -GUIClient=583075cf28c7c69c3a8b08356830b856 -BPMNClient=42b98ca2e0cc976d91a26c1495ecd529 -InfraPortalClient=e5077b432685a94babe332893337f6fc -MSOClient=72bc85031ae67afe67014c7663ae1033 -sitecontrol=9a3a360d86758f69ec9508725c017335 -MSO=a05cb60a04f41f750ce1fc60a2633534 -BPELClient=f2b4ce8ae1964050c0ad7e69bd88fd62 -SDNCClient=3c98dfba582d79948496b319e3edcb4b diff --git a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/mgmt-groups.properties b/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/mgmt-groups.properties deleted file mode 100644 index 44742a83c4..0000000000 --- a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/mgmt-groups.properties +++ /dev/null @@ -1,22 +0,0 @@ -# -# Properties declaration of users groups for the realm 'ManagementRealm'. -# -# This is used for domain management, users groups membership information is used to assign the user -# specific management roles. -# -# Users can be added to this properties file at any time, updates after the server has started -# will be automatically detected. -# -# The format of this file is as follows: - -# username=role1,role2,role3 -# -# A utility script is provided which can be executed from the bin folder to add the users: - -# - Linux -# bin/add-user.sh -# -# - Windows -# bin\add-user.bat -# -# The following illustrates how an admin user could be defined. -# -#admin=PowerUser,BillingAdmin,
\ No newline at end of file diff --git a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/mgmt-users.properties b/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/mgmt-users.properties deleted file mode 100644 index 1576e76f4e..0000000000 --- a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/mgmt-users.properties +++ /dev/null @@ -1,27 +0,0 @@ -# -# Properties declaration of users for the realm 'ManagementRealm' which is the default realm -# for new installations. Further authentication mechanism can be configured -# as part of the <management /> in standalone.xml. -# -# Users can be added to this properties file at any time, updates after the server has started -# will be automatically detected. -# -# By default the properties realm expects the entries to be in the format: - -# username=HEX( MD5( username ':' realm ':' password)) -# -# A utility script is provided which can be executed from the bin folder to add the users: - -# - Linux -# bin/add-user.sh -# -# - Windows -# bin\add-user.bat -# On start-up the server will also automatically add a user $local - this user is specifically -# for local tools running against this AS installation. -# -# The following illustrates how an admin user could be defined, this -# is for illustration only and does not correspond to a usable password. -# -admin=281905e1b4420050a7f07eecba66ee68 -# -#$REALM_NAME=ManagementRealm$ This line is used by the add-user utility to identify the realm name already used in this file. -# diff --git a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/standalone-full-ha.xml b/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/standalone-full-ha.xml deleted file mode 100644 index 5a1b52200f..0000000000 --- a/packages/docker/src/main/docker/docker-files/jboss-configs/configuration/standalone-full-ha.xml +++ /dev/null @@ -1,609 +0,0 @@ -<?xml version='1.0' encoding='UTF-8'?> - -<server xmlns="urn:jboss:domain:4.2"> - - <extensions> - <extension module="org.jboss.as.clustering.infinispan"/> - <extension module="org.jboss.as.clustering.jgroups"/> - <extension module="org.jboss.as.connector"/> - <extension module="org.jboss.as.deployment-scanner"/> - <extension module="org.jboss.as.ee"/> - <extension module="org.jboss.as.ejb3"/> - <extension module="org.jboss.as.jaxrs"/> - <extension module="org.jboss.as.jdr"/> - <extension module="org.jboss.as.jmx"/> - <extension module="org.jboss.as.jpa"/> - <extension module="org.jboss.as.jsf"/> - <extension module="org.jboss.as.jsr77"/> - <extension module="org.jboss.as.logging"/> - <extension module="org.jboss.as.mail"/> - <extension module="org.jboss.as.modcluster"/> - <extension module="org.jboss.as.naming"/> - <extension module="org.jboss.as.pojo"/> - <extension module="org.jboss.as.remoting"/> - <extension module="org.jboss.as.sar"/> - <extension module="org.jboss.as.security"/> - <extension module="org.jboss.as.transactions"/> - <extension module="org.jboss.as.webservices"/> - <extension module="org.jboss.as.weld"/> - <extension module="org.wildfly.extension.batch.jberet"/> - <extension module="org.wildfly.extension.bean-validation"/> - <extension module="org.wildfly.extension.clustering.singleton"/> - <extension module="org.wildfly.extension.io"/> - <extension module="org.wildfly.extension.messaging-activemq"/> - <extension module="org.wildfly.extension.request-controller"/> - <extension module="org.wildfly.extension.security.manager"/> - <extension module="org.wildfly.extension.undertow"/> - <extension module="org.wildfly.iiop-openjdk"/> - </extensions> - - - <management> - <security-realms> - <security-realm name="ManagementRealm"> - <authentication> - <local default-user="$local" skip-group-loading="true"/> - <properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/> - </authentication> - <authorization map-groups-to-roles="false"> - <properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/> - </authorization> - </security-realm> - <security-realm name="ApplicationRealm"> - <server-identities> - <ssl> - <keystore path="application.keystore" relative-to="jboss.server.config.dir" keystore-password="password" alias="server" key-password="password" generate-self-signed-certificate-host="localhost"/> - </ssl> - </server-identities> - <authentication> - <local default-user="$local" allowed-users="*" skip-group-loading="true"/> - <properties path="application-users.properties" relative-to="jboss.server.config.dir"/> - </authentication> - <authorization> - <properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> - </authorization> - </security-realm> - </security-realms> - <audit-log> - <formatters> - <json-formatter name="json-formatter"/> - </formatters> - <handlers> - <file-handler name="file" formatter="json-formatter" path="audit-log.log" relative-to="jboss.server.data.dir"/> - </handlers> - <logger log-boot="true" log-read-only="false" enabled="false"> - <handlers> - <handler name="file"/> - </handlers> - </logger> - </audit-log> - <management-interfaces> - <http-interface security-realm="ManagementRealm" http-upgrade-enabled="true"> - <socket-binding http="management-http"/> - </http-interface> - </management-interfaces> - <access-control provider="simple"> - <role-mapping> - <role name="SuperUser"> - <include> - <user name="$local"/> - </include> - </role> - </role-mapping> - </access-control> - </management> - - <profile> - <subsystem xmlns="urn:jboss:domain:logging:3.0"> - <console-handler name="CONSOLE"> - <level name="INFO"/> - <formatter> - <named-formatter name="COLOR-PATTERN"/> - </formatter> - </console-handler> - <periodic-rotating-file-handler name="FILE" autoflush="true"> - <formatter> - <named-formatter name="PATTERN"/> - </formatter> - <file relative-to="jboss.server.log.dir" path="server.log"/> - <suffix value=".yyyy-MM-dd"/> - <append value="true"/> - </periodic-rotating-file-handler> - <logger category="com.arjuna"> - <level name="WARN"/> - </logger> - <logger category="org.jboss.as.config"> - <level name="DEBUG"/> - </logger> - <logger category="sun.rmi"> - <level name="WARN"/> - </logger> - <root-logger> - <level name="INFO"/> - <handlers> - <handler name="CONSOLE"/> - <handler name="FILE"/> - </handlers> - </root-logger> - <formatter name="PATTERN"> - <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/> - </formatter> - <formatter name="COLOR-PATTERN"> - <pattern-formatter pattern="%K{level}%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%e%n"/> - </formatter> - </subsystem> - <subsystem xmlns="urn:jboss:domain:batch-jberet:1.0"> - <default-job-repository name="in-memory"/> - <default-thread-pool name="batch"/> - <job-repository name="in-memory"> - <in-memory/> - </job-repository> - <thread-pool name="batch"> - <max-threads count="10"/> - <keepalive-time time="30" unit="seconds"/> - </thread-pool> - </subsystem> - <subsystem xmlns="urn:jboss:domain:bean-validation:1.0"/> - <subsystem xmlns="urn:jboss:domain:datasources:4.0"> - <datasources> - <datasource jndi-name="java:jboss/datasources/mso-requests" pool-name="mso-requests" enabled="true" use-ccm="true"> - <connection-url>jdbc:mariadb://mariadb:3306/mso_requests?autoReconnect=true&connectTimeout=60000&socketTimeout=60000</connection-url> - <driver>mariadb</driver> - <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation> - <pool> - <min-pool-size>10</min-pool-size> - <max-pool-size>100</max-pool-size> - <prefill>true</prefill> - <use-strict-min>false</use-strict-min> - <flush-strategy>FailingConnectionOnly</flush-strategy> - </pool> - <security> - <user-name>mso</user-name> - <password>mso123</password> - </security> - <validation> - <valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLValidConnectionChecker"/> - <validate-on-match>false</validate-on-match> - <background-validation>true</background-validation> - <background-validation-millis>20000</background-validation-millis> - <use-fast-fail>true</use-fast-fail> - <exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter"/> - </validation> - <timeout> - <idle-timeout-minutes>15</idle-timeout-minutes> - <query-timeout>30</query-timeout> - <allocation-retry>1</allocation-retry> - <allocation-retry-wait-millis>3000</allocation-retry-wait-millis> - </timeout> - </datasource> - <datasource jndi-name="java:jboss/datasources/mso-catalog" pool-name="mso-catalog" enabled="true" use-ccm="true"> - <connection-url>jdbc:mariadb://mariadb:3306/mso_catalog?autoReconnect=true&connectTimeout=60000&socketTimeout=60000</connection-url> - <driver>mariadb</driver> - <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation> - <pool> - <min-pool-size>10</min-pool-size> - <max-pool-size>100</max-pool-size> - <prefill>true</prefill> - <use-strict-min>false</use-strict-min> - <flush-strategy>FailingConnectionOnly</flush-strategy> - </pool> - <security> - <user-name>catalog</user-name> - <password>catalog123</password> - </security> - <validation> - <valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLValidConnectionChecker"/> - <validate-on-match>false</validate-on-match> - <background-validation>true</background-validation> - <background-validation-millis>20000</background-validation-millis> - <use-fast-fail>true</use-fast-fail> - <exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter"/> - </validation> - <timeout> - <idle-timeout-minutes>15</idle-timeout-minutes> - <query-timeout>30</query-timeout> - <allocation-retry>1</allocation-retry> - <allocation-retry-wait-millis>3000</allocation-retry-wait-millis> - </timeout> - </datasource> - <datasource jta="true" jndi-name="java:jboss/datasources/ProcessEngine" pool-name="ProcessEngine" enabled="true" use-java-context="true" use-ccm="true"> - <connection-url>jdbc:mariadb://mariadb:3306/camundabpmn?autoReconnect=true&connectTimeout=60000&socketTimeout=60000</connection-url> - <driver>mariadb</driver> - <new-connection-sql>set autocommit=1</new-connection-sql> - <transaction-isolation>TRANSACTION_READ_COMMITTED</transaction-isolation> - <pool> - <min-pool-size>10</min-pool-size> - <max-pool-size>100</max-pool-size> - <prefill>true</prefill> - <use-strict-min>false</use-strict-min> - <flush-strategy>FailingConnectionOnly</flush-strategy> - </pool> - <security> - <user-name>camunda</user-name> - <password>camunda123</password> - </security> - <validation> - <valid-connection-checker class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLValidConnectionChecker"/> - <exception-sorter class-name="org.jboss.jca.adapters.jdbc.extensions.mysql.MySQLExceptionSorter"/> - </validation> - <statement> - <prepared-statement-cache-size>32</prepared-statement-cache-size> - <share-prepared-statements>true</share-prepared-statements> - </statement> - </datasource> - <datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true"> - <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE</connection-url> - <driver>h2</driver> - <security> - <user-name>sa</user-name> - <password>sa</password> - </security> - </datasource> - <drivers> - <driver name="h2" module="com.h2database.h2"> - <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class> - </driver> - <driver name="mariadb" module="mariadb"> - <xa-datasource-class>org.mariadb.jdbc.MySQLDataSource</xa-datasource-class> - </driver> - </drivers> - </datasources> - </subsystem> - <subsystem xmlns="urn:jboss:domain:deployment-scanner:2.0"> - <deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000" runtime-failure-causes-rollback="${jboss.deployment.scanner.rollback.on.failure:false}"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:ee:4.0"> - <spec-descriptor-property-replacement>false</spec-descriptor-property-replacement> - <concurrent> - <context-services> - <context-service name="default" jndi-name="java:jboss/ee/concurrency/context/default" use-transaction-setup-provider="true"/> - </context-services> - <managed-thread-factories> - <managed-thread-factory name="default" jndi-name="java:jboss/ee/concurrency/factory/default" context-service="default"/> - </managed-thread-factories> - <managed-executor-services> - <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/> - </managed-executor-services> - <managed-scheduled-executor-services> - <managed-scheduled-executor-service name="default" jndi-name="java:jboss/ee/concurrency/scheduler/default" context-service="default" hung-task-threshold="60000" keepalive-time="3000"/> - </managed-scheduled-executor-services> - </concurrent> - <default-bindings context-service="java:jboss/ee/concurrency/context/default" datasource="java:jboss/datasources/ExampleDS" jms-connection-factory="java:jboss/DefaultJMSConnectionFactory" managed-executor-service="java:jboss/ee/concurrency/executor/default" managed-scheduled-executor-service="java:jboss/ee/concurrency/scheduler/default" managed-thread-factory="java:jboss/ee/concurrency/factory/default"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:ejb3:4.0"> - <session-bean> - <stateless> - <bean-instance-pool-ref pool-name="slsb-strict-max-pool"/> - </stateless> - <stateful default-access-timeout="5000" cache-ref="distributable" passivation-disabled-cache-ref="simple"/> - <singleton default-access-timeout="5000"/> - </session-bean> - <mdb> - <resource-adapter-ref resource-adapter-name="${ejb.resource-adapter-name:activemq-ra.rar}"/> - <bean-instance-pool-ref pool-name="mdb-strict-max-pool"/> - </mdb> - <pools> - <bean-instance-pools> - <strict-max-pool name="slsb-strict-max-pool" derive-size="from-worker-pools" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> - <strict-max-pool name="mdb-strict-max-pool" derive-size="from-cpu-count" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/> - </bean-instance-pools> - </pools> - <caches> - <cache name="simple"/> - <cache name="distributable" passivation-store-ref="infinispan" aliases="passivating clustered"/> - </caches> - <passivation-stores> - <passivation-store name="infinispan" cache-container="ejb" max-size="10000"/> - </passivation-stores> - <async thread-pool-name="default"/> - <timer-service thread-pool-name="default" default-data-store="default-file-store"> - <data-stores> - <file-data-store name="default-file-store" path="timer-service-data" relative-to="jboss.server.data.dir"/> - </data-stores> - </timer-service> - <remote connector-ref="http-remoting-connector" thread-pool-name="default"/> - <thread-pools> - <thread-pool name="default"> - <max-threads count="10"/> - <keepalive-time time="100" unit="milliseconds"/> - </thread-pool> - </thread-pools> - <iiop enable-by-default="false" use-qualified-name="false"/> - <default-security-domain value="other"/> - <default-missing-method-permissions-deny-access value="true"/> - <log-system-exceptions value="true"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:io:1.1"> - <worker name="default"/> - <buffer-pool name="default"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:infinispan:4.0"> - <cache-container name="server" aliases="singleton cluster" default-cache="default" module="org.wildfly.clustering.server"> - <transport lock-timeout="60000"/> - <replicated-cache name="default" mode="SYNC"> - <transaction mode="BATCH"/> - </replicated-cache> - </cache-container> - <cache-container name="web" default-cache="dist" module="org.wildfly.clustering.web.infinispan"> - <transport lock-timeout="60000"/> - <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2"> - <locking isolation="REPEATABLE_READ"/> - <transaction mode="BATCH"/> - <file-store/> - </distributed-cache> - <distributed-cache name="concurrent" mode="SYNC" l1-lifespan="0" owners="2"> - <file-store/> - </distributed-cache> - </cache-container> - <cache-container name="ejb" aliases="sfsb" default-cache="dist" module="org.wildfly.clustering.ejb.infinispan"> - <transport lock-timeout="60000"/> - <distributed-cache name="dist" mode="ASYNC" l1-lifespan="0" owners="2"> - <locking isolation="REPEATABLE_READ"/> - <transaction mode="BATCH"/> - <file-store/> - </distributed-cache> - </cache-container> - <cache-container name="hibernate" default-cache="local-query" module="org.hibernate.infinispan"> - <transport lock-timeout="60000"/> - <local-cache name="local-query"> - <eviction strategy="LRU" max-entries="10000"/> - <expiration max-idle="100000"/> - </local-cache> - <invalidation-cache name="entity" mode="SYNC"> - <transaction mode="NON_XA"/> - <eviction strategy="LRU" max-entries="10000"/> - <expiration max-idle="100000"/> - </invalidation-cache> - <replicated-cache name="timestamps" mode="ASYNC"/> - </cache-container> - </subsystem> - <subsystem xmlns="urn:jboss:domain:iiop-openjdk:1.0"> - <orb socket-binding="iiop" ssl-socket-binding="iiop-ssl"/> - <initializers security="identity" transactions="spec"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/> - <subsystem xmlns="urn:jboss:domain:jca:4.0"> - <archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/> - <bean-validation enabled="true"/> - <default-workmanager> - <short-running-threads> - <core-threads count="50"/> - <queue-length count="50"/> - <max-threads count="50"/> - <keepalive-time time="10" unit="seconds"/> - </short-running-threads> - <long-running-threads> - <core-threads count="50"/> - <queue-length count="50"/> - <max-threads count="50"/> - <keepalive-time time="10" unit="seconds"/> - </long-running-threads> - </default-workmanager> - <cached-connection-manager/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:jdr:1.0"/> - <subsystem xmlns="urn:jboss:domain:jgroups:4.0"> - <channels default="ee"> - <channel name="ee" stack="udp"/> - </channels> - <stacks> - <stack name="udp"> - <transport type="UDP" socket-binding="jgroups-udp"/> - <protocol type="PING"/> - <protocol type="MERGE3"/> - <protocol type="FD_SOCK" socket-binding="jgroups-udp-fd"/> - <protocol type="FD_ALL"/> - <protocol type="VERIFY_SUSPECT"/> - <protocol type="pbcast.NAKACK2"/> - <protocol type="UNICAST3"/> - <protocol type="pbcast.STABLE"/> - <protocol type="pbcast.GMS"/> - <protocol type="UFC"/> - <protocol type="MFC"/> - <protocol type="FRAG2"/> - </stack> - <stack name="tcp"> - <transport type="TCP" socket-binding="jgroups-tcp"/> - <protocol type="MPING" socket-binding="jgroups-mping"/> - <protocol type="MERGE3"/> - <protocol type="FD_SOCK" socket-binding="jgroups-tcp-fd"/> - <protocol type="FD"/> - <protocol type="VERIFY_SUSPECT"/> - <protocol type="pbcast.NAKACK2"/> - <protocol type="UNICAST3"/> - <protocol type="pbcast.STABLE"/> - <protocol type="pbcast.GMS"/> - <protocol type="MFC"/> - <protocol type="FRAG2"/> - </stack> - </stacks> - </subsystem> - <subsystem xmlns="urn:jboss:domain:jmx:1.3"> - <expose-resolved-model/> - <expose-expression-model/> - <remoting-connector/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:jpa:1.1"> - <jpa default-datasource="" default-extended-persistence-inheritance="DEEP"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:jsf:1.0"/> - <subsystem xmlns="urn:jboss:domain:jsr77:1.0"/> - <subsystem xmlns="urn:jboss:domain:mail:2.0"> - <mail-session name="default" jndi-name="java:jboss/mail/Default"> - <smtp-server outbound-socket-binding-ref="mail-smtp"/> - </mail-session> - </subsystem> - <subsystem xmlns="urn:jboss:domain:messaging-activemq:1.0"> - <server name="default"> - <cluster password="${jboss.messaging.cluster.password:CHANGE ME!!}"/> - <security-setting name="#"> - <role name="guest" send="true" consume="true" create-non-durable-queue="true" delete-non-durable-queue="true"/> - </security-setting> - <address-setting name="#" dead-letter-address="jms.queue.DLQ" expiry-address="jms.queue.ExpiryQueue" max-size-bytes="10485760" page-size-bytes="2097152" message-counter-history-day-limit="10" redistribution-delay="1000"/> - <http-connector name="http-connector" socket-binding="http" endpoint="http-acceptor"/> - <http-connector name="http-connector-throughput" socket-binding="http" endpoint="http-acceptor-throughput"> - <param name="batch-delay" value="50"/> - </http-connector> - <in-vm-connector name="in-vm" server-id="0"/> - <http-acceptor name="http-acceptor" http-listener="default"/> - <http-acceptor name="http-acceptor-throughput" http-listener="default"> - <param name="batch-delay" value="50"/> - <param name="direct-deliver" value="false"/> - </http-acceptor> - <in-vm-acceptor name="in-vm" server-id="0"/> - <broadcast-group name="bg-group1" jgroups-channel="activemq-cluster" connectors="http-connector"/> - <discovery-group name="dg-group1" jgroups-channel="activemq-cluster"/> - <cluster-connection name="my-cluster" address="jms" connector-name="http-connector" discovery-group="dg-group1"/> - <jms-queue name="ExpiryQueue" entries="java:/jms/queue/ExpiryQueue"/> - <jms-queue name="DLQ" entries="java:/jms/queue/DLQ"/> - <connection-factory name="InVmConnectionFactory" entries="java:/ConnectionFactory" connectors="in-vm"/> - <connection-factory name="RemoteConnectionFactory" entries="java:jboss/exported/jms/RemoteConnectionFactory" connectors="http-connector" ha="true" block-on-acknowledge="true" reconnect-attempts="-1"/> - <pooled-connection-factory name="activemq-ra" entries="java:/JmsXA java:jboss/DefaultJMSConnectionFactory" connectors="in-vm" transaction="xa"/> - </server> - </subsystem> - <subsystem xmlns="urn:jboss:domain:modcluster:2.0"> - <mod-cluster-config advertise-socket="modcluster" connector="ajp"> - <dynamic-load-provider> - <load-metric type="cpu"/> - </dynamic-load-provider> - </mod-cluster-config> - </subsystem> - <subsystem xmlns="urn:jboss:domain:naming:2.0"> - <remote-naming/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:pojo:1.0"/> - <subsystem xmlns="urn:jboss:domain:remoting:3.0"> - <endpoint/> - <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:resource-adapters:4.0"/> - <subsystem xmlns="urn:jboss:domain:request-controller:1.0"/> - <subsystem xmlns="urn:jboss:domain:sar:1.0"/> - <subsystem xmlns="urn:jboss:domain:security-manager:1.0"> - <deployment-permissions> - <maximum-set> - <permission class="java.security.AllPermission"/> - </maximum-set> - </deployment-permissions> - </subsystem> - <subsystem xmlns="urn:jboss:domain:security:1.2"> - <security-domains> - <security-domain name="other" cache-type="default"> - <authentication> - <login-module code="Remoting" flag="optional"> - <module-option name="password-stacking" value="useFirstPass"/> - </login-module> - <login-module code="RealmDirect" flag="required"> - <module-option name="password-stacking" value="useFirstPass"/> - </login-module> - </authentication> - </security-domain> - <security-domain name="jboss-web-policy" cache-type="default"> - <authorization> - <policy-module code="Delegating" flag="required"/> - </authorization> - </security-domain> - <security-domain name="jboss-ejb-policy" cache-type="default"> - <authorization> - <policy-module code="Delegating" flag="required"/> - </authorization> - </security-domain> - <security-domain name="jaspitest" cache-type="default"> - <authentication-jaspi> - <login-module-stack name="dummy"> - <login-module code="Dummy" flag="optional"/> - </login-module-stack> - <auth-module code="Dummy"/> - </authentication-jaspi> - </security-domain> - </security-domains> - </subsystem> - <subsystem xmlns="urn:jboss:domain:singleton:1.0"> - <singleton-policies default="default"> - <singleton-policy name="default" cache-container="server"> - <simple-election-policy/> - </singleton-policy> - </singleton-policies> - </subsystem> - <subsystem xmlns="urn:jboss:domain:transactions:3.0"> - <core-environment> - <process-id> - <uuid/> - </process-id> - </core-environment> - <recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:undertow:3.1"> - <buffer-cache name="default"/> - <server name="default-server"> - <ajp-listener name="ajp" socket-binding="ajp"/> - <http-listener name="default" socket-binding="http" enable-http2="true"/> - <https-listener name="https" socket-binding="https" security-realm="ApplicationRealm" enable-http2="true"/> - <host name="default-host" alias="localhost"> - <location name="/" handler="welcome-content"/> - <filter-ref name="server-header"/> - <filter-ref name="x-powered-by-header"/> - </host> - </server> - <servlet-container name="default"> - <jsp-config/> - <websockets/> - </servlet-container> - <handlers> - <file name="welcome-content" path="${jboss.home.dir}/welcome-content"/> - </handlers> - <filters> - <response-header name="server-header" header-name="Server" header-value="WildFly/10"/> - <response-header name="x-powered-by-header" header-name="X-Powered-By" header-value="Undertow/1"/> - </filters> - </subsystem> - <subsystem xmlns="urn:jboss:domain:webservices:2.0"> - <wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host> - <endpoint-config name="Standard-Endpoint-Config"/> - <endpoint-config name="Recording-Endpoint-Config"> - <pre-handler-chain name="recording-handlers" protocol-bindings="##SOAP11_HTTP ##SOAP11_HTTP_MTOM ##SOAP12_HTTP ##SOAP12_HTTP_MTOM"> - <handler name="RecordingHandler" class="org.jboss.ws.common.invocation.RecordingServerHandler"/> - </pre-handler-chain> - </endpoint-config> - <client-config name="Standard-Client-Config"/> - </subsystem> - <subsystem xmlns="urn:jboss:domain:weld:3.0"/> - </profile> - - <interfaces> - <interface name="management"> - <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> - </interface> - <interface name="public"> - <inet-address value="${jboss.bind.address:127.0.0.1}"/> - </interface> - <interface name="private"> - <inet-address value="${jboss.bind.address.private:127.0.0.1}"/> - </interface> - <interface name="unsecure"> - <inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/> - </interface> - </interfaces> - - <socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}"> - <socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/> - <socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9993}"/> - <socket-binding name="ajp" port="${jboss.ajp.port:8009}"/> - <socket-binding name="http" port="${jboss.http.port:8080}"/> - <socket-binding name="https" port="${jboss.https.port:8443}"/> - <socket-binding name="iiop" interface="unsecure" port="3528"/> - <socket-binding name="iiop-ssl" interface="unsecure" port="3529"/> - <socket-binding name="jgroups-mping" interface="private" port="0" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45700"/> - <socket-binding name="jgroups-tcp" interface="private" port="7600"/> - <socket-binding name="jgroups-tcp-fd" interface="private" port="57600"/> - <socket-binding name="jgroups-udp" interface="private" port="55200" multicast-address="${jboss.default.multicast.address:230.0.0.4}" multicast-port="45688"/> - <socket-binding name="jgroups-udp-fd" interface="private" port="54200"/> - <socket-binding name="modcluster" port="0" multicast-address="192.168.1.105" multicast-port="23364"/> - <socket-binding name="txn-recovery-environment" port="4712"/> - <socket-binding name="txn-status-manager" port="4713"/> - <outbound-socket-binding name="mail-smtp"> - <remote-destination host="localhost" port="25"/> - </outbound-socket-binding> - </socket-binding-group> - -</server>
\ No newline at end of file diff --git a/packages/docker/src/main/docker/docker-files/jboss-configs/modules/mariadb/main/module.xml b/packages/docker/src/main/docker/docker-files/jboss-configs/modules/mariadb/main/module.xml deleted file mode 100644 index 1b127358ed..0000000000 --- a/packages/docker/src/main/docker/docker-files/jboss-configs/modules/mariadb/main/module.xml +++ /dev/null @@ -1,11 +0,0 @@ -<?xmlversion="1.0"encoding="UTF-8"?> - -<module xmlns="urn:jboss:module:1.0" name="mariadb"> - <resources> - <resource-root path="mariadb-java-client-1.5.4.jar"/> - </resources> - <dependencies> - <module name="javax.api"/> - <module name="javax.transaction.api"/> - </dependencies> -</module>
\ No newline at end of file diff --git a/packages/docker/src/main/docker/docker-files/scripts/start-app.sh b/packages/docker/src/main/docker/docker-files/scripts/start-app.sh new file mode 100644 index 0000000000..df2e646138 --- /dev/null +++ b/packages/docker/src/main/docker/docker-files/scripts/start-app.sh @@ -0,0 +1,90 @@ +#!/bin/sh + +if [ `id -u` = 0 ] +then + # Install certificates found in the /app/ca-certificates volume, if any. + + needUpdate=FALSE + + for certificate in `ls -1 /app/ca-certificates`; do + echo "Installing $certificate in /usr/local/share/ca-certificates" + cp /app/ca-certificates/$certificate /usr/local/share/ca-certificates/$certificate + needUpdate=TRUE + done + + if [ $needUpdate = TRUE ]; then + update-ca-certificates --fresh + fi + + # Re-exec this script as the 'so' user. + this=`readlink -f $0` + exec su so -c "$this" +fi + +touch /app/app.jar + +if [ -z "$APP" ]; then + echo "CONFIG ERROR: APP environment variable not set" + exit 1 +fi + +if [ ! -z "$DB_HOST" -a -z "$DB_PORT" ]; then + export DB_PORT=3306 +fi + +if [ -z "${CONFIG_PATH}" ]; then + export CONFIG_PATH=/app/config/override.yaml +fi + +if [ -z "${LOG_PATH}" ]; then + export LOG_PATH="logs/${APP}" +fi + +if [ ${APP} = "asdc-controller" ]; then + ln -s ${LOG_PATH} ASDC +fi + +if [ ${APP} = "bpmn-infra" ]; then + ln -s ${LOG_PATH} BPMN +fi + +if [ ${APP} = "openstack-adapter" ]; then + export DISABLE_SNI="-Djsse.enableSNIExtension=false" +fi + +if [ "${SSL_DEBUG}" = "log" ]; then + export SSL_DEBUG="-Djavax.net.debug=all" +else + export SSL_DEBUG= +fi + +# Set java keystore and truststore options, if specified in the environment. + +jksargs= + +if [ ! -z "${KEYSTORE}" ]; then + jksargs="$jksargs -Dmso.load.ssl.client.keystore=true" + jksargs="$jksargs -Djavax.net.ssl.keyStore=$KEYSTORE" + jksargs="$jksargs -Djavax.net.ssl.keyStorePassword=${KEYSTORE_PASSWORD}" +fi + +if [ ! -z "${TRUSTSTORE}" ]; then + jksargs="$jksargs -Djavax.net.ssl.trustStore=${TRUSTSTORE}" + jksargs="$jksargs -Djavax.net.ssl.trustStorePassword=${TRUSTSTORE_PASSWORD}" +fi + +jvmargs="${JVM_ARGS} -Dlogs_dir=${LOG_PATH} -Dlogging.config=/app/logback-spring.xml $jksargs -Dspring.config.location=$CONFIG_PATH ${SSL_DEBUG} ${DISABLE_SNI}" + +echo "JVM Arguments: ${jvmargs}" + +java ${jvmargs} -jar app.jar +rc=$? + +echo "Application exiting with status code $rc" + +if [ ! -z "${EXIT_DELAY}" -a "${EXIT_DELAY}" != 0 ]; then + echo "Delaying $APP exit for $EXIT_DELAY seconds" + sleep $EXIT_DELAY +fi + +exit $rc diff --git a/packages/docker/src/main/docker/docker-files/scripts/startService.sh b/packages/docker/src/main/docker/docker-files/scripts/startService.sh deleted file mode 100644 index 67e575b334..0000000000 --- a/packages/docker/src/main/docker/docker-files/scripts/startService.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh -touch /app/app.jar -if [ -z "${TARGET_ENV}" ]; then - export TARGET_ENV="dev" -fi -export CONFIG_PATH=/app/config/override.yaml -if [ -z "${LOG_PATH}" ]; then - export LOG_PATH="./logs/apih" -fi -if [ ${LOG_PATH} = "./logs/asdc/" ]; then - ln -s /app/logs/asdc ASDC -fi -if [ ${LOG_PATH} = "./logs/bpmn/" ]; then - ln -s /app/logs/bpmn BPMN -fi -if [ "${SSL_DEBUG}" = "log" ]; then - export SSL_DEBUG="-Djavax.net.debug=all" -else - export SSL_DEBUG="" -fi - -op=`basename $LOG_PATH` -if [ $op = "openstack" ]; then - export DISABLE_SNI="-Djsse.enableSNIExtension=false" -fi - -JAVA_VERSION_MAJOR=$(java -Xinternalversion | sed -n 's/.*JRE ([0-9]\.\([0-9]\+\)\.[0-9].*/\1/p') -JAVA_VERSION_MINOR=$(java -Xinternalversion | sed -n 's/.*JRE ([0-9]\.[0-9]\+\.[0-9]_\([0-9]\+\).*/\1/p') - -if [[ ${JAVA_VERSION_MAJOR} -eq 8 && ${JAVA_VERSION_MINOR} -lt 131 ]]; then - if [[ ${LOG_PATH} = "./logs/bpmn/" ]]; then - jvmargs="-Xmx8g " - else - jvmargs="-Xmx4g " - fi -elif [[ ${JAVA_VERSION_MAJOR} -eq 8 && ${JAVA_VERSION_MINOR} -ge 131 ]] || [[ ${JAVA_VERSION_MAJOR} -eq 9 ]]; then - jvmargs="-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -XX:MaxRAMFraction=1 " -fi - -jvmargs=${jvmargs}"-Dlogs_dir=${LOG_PATH} -Dlogging.config=/app/logback-spring.xml -Dmso.load.ssl.client.keystore=true -Djavax.net.ssl.keyStore=msoClientKeyStore-${TARGET_ENV}.jks -Djavax.net.ssl.keyStorePassword=${MSO_KEYSTORE_PASSWORD} -Djavax.net.ssl.trustStore=msoTrustStore.jks -Djavax.net.ssl.trustStorePassword=${MSO_TRUSTSTORE_PASSWORD} -Dspring.config.location=$CONFIG_PATH ${SSL_DEBUG} ${DISABLE_SNI}" - -echo JVM Arguments: ${jvmargs} - -java ${jvmargs} -jar app.jar diff --git a/packages/docker/src/main/docker/docker-files/wait-for.sh b/packages/docker/src/main/docker/docker-files/scripts/wait-for.sh index 2525821878..2525821878 100755 --- a/packages/docker/src/main/docker/docker-files/wait-for.sh +++ b/packages/docker/src/main/docker/docker-files/scripts/wait-for.sh diff --git a/packages/docker/src/main/docker/docker-files/settings.xml b/packages/docker/src/main/docker/docker-files/settings.xml deleted file mode 100644 index 57c2179bad..0000000000 --- a/packages/docker/src/main/docker/docker-files/settings.xml +++ /dev/null @@ -1,54 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> - -<!-- -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. ---> - -<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" -xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" -xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> - - <proxies> - <proxy> - <id>optional</id> - <active>false</active> - <protocol>http</protocol> - <host></host> - <port>8080</port> - <nonProxyHosts>localhost,127.0.0.1</nonProxyHosts> - </proxy> - </proxies> - - <servers> - <server> - <id>mso-releases</id> - <username>#USERNAME#</username> - <password>#PASSWORD#</password> - </server> - <server> - <id>mso-snapshots</id> - <username>#USERNAME#</username> - <password>#PASSWORD#</password> - </server> - <server> - <id>mso-3rd-party</id> - <username>#USERNAME#</username> - <password>#PASSWORD#</password> - </server> - </servers> -</settings> |