#!/bin/bash
-# This script is run when starting aaf_config Container.
+#########
+# ============LICENSE_START====================================================
+# org.onap.aaf
+# ===========================================================================
+# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+# ===========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END====================================================
+#
+# This script is run when starting client Container.
# It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
#
JAVA=/usr/bin/java
DOT_AAF="$HOME/.aaf"
SSO="$DOT_AAF/sso.props"
+JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine"
+JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent"
+JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent"
+JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
+
# Check for local dir
if [ ! -d $LOCAL ]; then
mkdir -p $LOCAL
for D in bin logs; do
- rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
+ mkdir -p $OSAAF/$D
+ cp $CONFIG/$D/* $OSAAF/$D
done
fi
# Setup Bash, first time only
-if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
- echo "alias cadi='$OSAAF/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
- echo "alias agent='$OSAAF/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
- chmod a+x $OSAAF/bin/agent.sh
- . $HOME/.bash_aliases
+if [ ! -e "$HOME/.bashrc" ] || [ -z "$(grep cadi $HOME/.bashrc)" ]; then
+ echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bashrc
+ echo "alias agent='$CONFIG/bin/agent.sh agent \$*'" >>$HOME/.bashrc
+ echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bashrc
+ chmod a+x $CONFIG/bin/agent.sh
+ . $HOME/.bashrc
fi
# Setup SSO info for Deploy ID
function sso_encrypt() {
- $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} $DOT_AAF/keyfile
+ $JAVA_CADI digest ${1} $DOT_AAF/keyfile
}
# Create Deployer Info, located at /root/.aaf
if [ ! -e "$DOT_AAF/keyfile" ]; then
mkdir -p $DOT_AAF
- $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen $DOT_AAF/keyfile
+ $JAVA_CADI keygen $DOT_AAF/keyfile
chmod 400 $DOT_AAF/keyfile
echo cadi_latitude=${LATITUDE} > ${SSO}
echo cadi_longitude=${LONGITUDE} >> ${SSO}
base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO}
echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO}
+ echo "Caller Properties Initialized"
+ INITIALIZED="true"
fi
# Only initialize once, automatically...
if [ ! -e $LOCAL/${NS}.props ]; then
- # setup Configs
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \
+ echo "#### Create Configuration files "
+ $JAVA_AGENT config $APP_FQI \
aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \
cadi_etc_dir=$LOCAL
cat $LOCAL/$NS.props
- # Read Certificate info (by deployer)
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar read ${APP_FQI} ${APP_FQDN} \
+ echo
+ echo "#### Certificate Authorization Artifact"
+ TMP=$(mktemp)
+ $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \
cadi_prop_files=${SSO} \
- cadi_etc_dir=$LOCAL
-
- # Place Certificates (by deployer)
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN} \
- cadi_prop_files=${SSO} \
- cadi_etc_dir=$LOCAL
-
- # Validate
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate \
- cadi_prop_files=$LOCAL/${NS}.props
+ cadi_etc_dir=$LOCAL > $TMP
+ cat $TMP
+ echo
+ if [ -n "$(grep 'Namespace:' $TMP)" ]; then
+ echo "#### Place Certificates (by deployer)"
+ $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \
+ cadi_prop_files=${SSO} \
+ cadi_etc_dir=$LOCAL
+
+ echo "#### Validate Configuration and Certificate with live call"
+ $JAVA_AGENT_SELF validate
+ echo "Obtained Certificates"
+ INITIALIZED="true"
+ else
+ echo "#### Certificate Authorization Artifact must be valid to continue"
+ fi
+ rm $TMP
fi
# Now run a command
CMD=$2
-if [ ! "$CMD" = "" ]; then
+if [ -z "$CMD" ]; then
+ if [ -n "$INITIALIZED" ]; then
+ echo "Initialization complete"
+ else
+ $JAVA_AGENT
+ fi
+else
shift
shift
case "$CMD" in
fi
fi
;;
- update)
- for D in bin logs; do
- rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
- done
- ;;
showpass)
echo "## Show Passwords"
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN}
+ $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN}
;;
check)
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN}
+ echo "## Check Certificate"
+ $JAVA_AGENT check ${APP_FQI} ${APP_FQDN}
;;
validate)
echo "## validate requested"
- $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate $LOCAL/${NS}.props
+ $JAVA_AGENT_SELF validate
+ ;;
+ renew)
+ echo "## Renew Certificate"
+ $JAVA_AGENT place ${APP_FQI} ${APP_FQDN}
;;
bash)
- #if [ ! -e $HOME/bash_aliases ]; then
- # echo "alias cadi='$JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >$HOME/bash_aliases
- # echo "alias agent='/bin/bash $CONFIG/bin/agent.sh no-op \$*'" >>$HOME/bash_aliases
- #fi
shift
cd $LOCAL || exit
- /bin/bash "$@"
+ exec bash "$@"
;;
setProp)
cd $LOCAL || exit
FILES=$(grep -l "$1" ./*.props)
- if [ "$FILES" = "" ]; then
- FILES="$3"
+ if [ -z "$FILES" ]; then
+ if [ -z "$3" ]; then
+ FILES=${NS}.props
+ else
+ FILES="$3"
+ fi
ADD=Y
fi
for F in $FILES; do
- echo "Changing $1 in $F"
if [ "$ADD" = "Y" ]; then
- echo $2 >> $F
+ echo "Changing $1 to $F"
+ echo "$1=$2" >> $F
else
+ echo "Changing $1 in $F"
sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F
fi
cat $F
else
ORIG_PW="$2"
fi
- PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
+ PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
if [ "$ADD" = "Y" ]; then
echo "$1=enc:$PWD" >> $F
else
;;
cadi)
echo "--- cadi Tool Comands ---"
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+ $JAVA_CADI
;;
agent)
echo "--- agent Tool Comands ---"
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
+ $JAVA_AGENT
+ ;;
+ aafcli)
+ echo "--- aafcli Tool Comands ---"
+ $JAVA_AAFCLI
;;
esac
echo ""
;;
+ ### Possible Dublin
+ # sample)
+ # echo "--- run Sample Servlet App ---"
+ # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
+ # ;;
*)
- $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+ $JAVA_AGENT "$CMD" "$@"
;;
esac
fi