!**/src/main/**
!**/src/test/**
**/var
-certServiceClient/certs_volume
+compose-resources/client-volume
### STS ###
.apt_generated
--- /dev/null
+all: build start-backend run-client stop-client stop-backend
+start-with-client: start-backend run-client
+.PHONY: build
+
+build:
+ @echo "##### Build Cert Service images locally #####"
+ mvn clean install -P docker
+ @echo "##### DONE #####"
+
+start-backend:
+ @echo "##### Start Cert Service #####"
+ docker-compose up -d
+ @echo "## Configure ejbca ##"
+ docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
+ @echo "##### DONE #####"
+
+run-client:
+ @echo "##### Create Cert Service Client volume folder: `pwd`/compose-resources/client-volume/ #####"
+ mkdir -p `pwd`/compose-resources/client-volume/
+ @echo "##### Start Cert Service Client #####"
+ docker run \
+ --name aafcert-client \
+ --env-file ./compose-resources/client-configuration.env \
+ --network certservice_certservice \
+ --mount type=bind,src=`pwd`/compose-resources/client-volume/,dst=/var/certs \
+ onap/org.onap.aaf.certservice.aaf-certservice-client:latest
+
+stop-client:
+ @echo "##### Remove Cert Service Client #####"
+ @echo "Removing aafcert-client"
+ @docker rm aafcert-client > /dev/null 2> /dev/null || true
+ @echo "##### DONE #####"
+
+stop-backend:
+ @echo "##### Stop Cert Service #####"
+ docker-compose down
+ @echo "##### DONE #####"
--- /dev/null
+# Cert service
+
+### General description
+
+More information about the project and all its functionalities you can find under the wiki page:
+ ```
+ https://wiki.onap.org/display/DW/AAF+Certification+Service
+ ```
+
+Project consists of two submodules:
+1. aaf-certservice-api
+2. aaf-certservice-client
+
+Detailed information about submodules can be found in ```README.md``` in their directories.
+
+### Project building
+```
+mvn clean package
+```
+
+### Install the packages into the local repository
+```
+mvn clean install
+```
+
+### Building Docker images and install packages into local repository
+```
+mvn clean install -P docker
+or
+make build
+```
+
+### Running Docker containers from docker-compose with EJBCA
+Docker-compose uses a local image of certservice-api and make run-client uses a local image of certservice-client
+Build docker images locally before running docker compose command.
+```
+1. Build local images
+make build
+2. Start Cert Service with configured EJBCA
+make start-backend
+3. Run Cert Service Client
+make run-client
+3. Remove client container
+make stop-client
+4. Stop Cert Service and EJBCA
+make stop-backend
+```
+
+### Running API with Helm
+1. Use environment/server with installed kubernetes and helm.
+2. Copy certService/helm/aaf-cert-service directory to that environment.
+3. Enter that environment
+4. Run ```helm install ./aaf-cert-service```
+
+
+### AAF CertService CSITs
+#### CSIT repository
+```
+https://gerrit.onap.org/r/admin/repos/integration/csit
+```
+
+####How to run tests locally
+1. Checkout CSIT repository
+2. Configure CSIT local environment
+3. Inside CSIT directory execute
+```
+sudo ./run-csit.sh plans/aaf/certservice
+```
+
+####Jenkins build
+https://jenkins.onap.org/view/CSIT/job/aaf-master-csit-certservice/
+
+### Sonar results
+```
+https://sonarcloud.io/dashboard?id=onap_aaf-certservice
+```
+
+### Maven artifacts
+All maven artifacts are deployed under nexus uri:
+```
+https://nexus.onap.org/content/repositories/snapshots/org/onap/aaf/certservice/
+```
+
+### Docker artifacts
+All docker images are hosted under nexus3 uri:
+```
+https://nexus3.onap.org/repository/docker.snapshot/v2/onap/org.onap.aaf.certservice.aaf-certservice-api/
+```
\ No newline at end of file
+++ /dev/null
-all: build start stop
-.PHONY: build
-
-build:
- @echo "##### Build Cert Service images locally #####"
- mvn clean install -P docker
- @echo "##### DONE #####"
-start:
- @echo "##### Start Cert Service #####"
- docker-compose up -d
- @echo "## Configure ejbca ##"
- docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh
- @echo "##### DONE #####"
-stop:
- @echo "##### Stop Cert Service #####"
- docker-compose down
- @echo "##### DONE #####"
-
-
-
-
-
-
-
-
-
-
-
-
-
-
### Building Docker image and install the package into local repository
```
mvn clean install -P docker
-or
-make build
```
### Running Docker container local
```
docker run -p 8080:8080 --name aaf-certservice-api --mount type=bind,source=/<absolute_path>/cmpServers.json,target=/etc/onap/aaf/certservice/cmpServers.json nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:1.0.0
```
-
-### Running Docker container from docker-compose with EJBCA
-Docker-compose uses a local image of certservice.
-Build a docker image locally before run docker compose command.
-```
-1. Build local image
-make build
-2. Start Cert Service with configured EJBCA
-make start
-3. Stop containers
-make stop
-```
-### Running with Helm
-1. Use environment/server with installed kubernetes and helm.
-2. Copy helm/aaf-cert-service directory to that environment.
-3. Enter that environment
-4. Run ```helm install ./aaf-cert-service```
-
### Health Check
Browser:
```
```
Should return {"status":"UP"}
-### AAF CertService CSITs
-#### CSIT repository
-```
-https://gerrit.onap.org/r/admin/repos/integration/csit
-```
-
-####How to run tests locally
-1. Checkout CSIT repository
-2. Configure CSIT local environment
-3. Inside CSIT directory execute
-```
-sudo ./run-csit.sh plans/aaf/certservice
-```
-
-####Jenkins build
-https://jenkins.onap.org/view/CSIT/job/aaf-master-csit-certservice/
-
### Logs locally
path:
You should see:
audit.log error.log trace.log
-### Sonar results
-```
-https://sonarcloud.io/dashboard?id=onap_aaf-certservice
-```
-
-### Maven artifacts
-All maven artifacts are deployed under nexus uri:
-```
-https://nexus.onap.org/content/repositories/snapshots/org/onap/aaf/certservice/
-```
-
-### Docker artifacts
-All docker images are hosted under nexus3 uri:
-```
-https://nexus3.onap.org/repository/docker.snapshot/v2/onap/org.onap.aaf.certservice.aaf-certservice-api/
-```
-
### RestAPI
API is described by Swagger ( OpenAPI 3.0 ) on endpoint /docs
( endpoint is defined in properties as springdoc.swagger-ui.path )
```
http://localchost:8080/docs
-```
-
-### Sonar results
-```
-https://sonarcloud.io/dashboard?id=onap_aaf-certservice
-```
+```
\ No newline at end of file
+++ /dev/null
-version: "2.1"
-
-services:
- ejbca:
- image: primekey/ejbca-ce:6.15.2.5
- hostname: cahostname
- container_name: aafcert-ejbca
- ports:
- - "80:8080"
- - "443:8443"
- volumes:
- - ../certService/src/main/resources/scripts/:/opt/primekey/scripts
- command: bash -c "
- ./scripts/ejbca-configuration.sh &
- /opt/primekey/bin/start.sh
- "
- healthcheck:
- test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"]
- interval: 20s
- timeout: 3s
- retries: 9
- networks:
- - certservice
-
- certservice:
- image: onap/org.onap.aaf.certservice.aaf-certservice-api:latest
- volumes:
- - ../certService/helm/aaf-cert-service/resources/cmpServers.json:/etc/onap/aaf/certservice/cmpServers.json
- container_name: aafcert-service
- ports:
- - "8080:8080"
- depends_on:
- ejbca:
- condition: service_healthy
- healthcheck:
- test: ["CMD-SHELL", "curl -f http://localhost:8080/actuator/health"]
- interval: 10s
- timeout: 3s
- retries: 9
- networks:
- - certservice
-
- certservice-client:
- image: onap/org.onap.aaf.certservice.aaf-certservice-client:latest
- container_name: aafcert-client
- env_file:
- - ./client_docker.env
- user: root #Run as root to avoid volume permission issues
- volumes:
- - ./certs_volume/:/var/certs
- depends_on:
- certservice:
- condition: service_healthy
- networks:
- - certservice
-
-networks:
- certservice:
- driver: bridge
#Client envs
-REQUEST_URL=http://certservice:8080/v1/certificate/
+REQUEST_URL=http://aafcert-service:8080/v1/certificate/
REQUEST_TIMEOUT=1000
OUTPUT_PATH=/var/certs
CA_NAME=RA
- "80:8080"
- "443:8443"
volumes:
- - ./src/main/resources/scripts/:/opt/primekey/scripts
- command: bash -c "
- /opt/primekey/bin/start.sh
- "
+ - ./compose-resources/ejbca-configuration.sh:/opt/primekey/scripts/ejbca-configuration.sh
healthcheck:
test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"]
interval: 10s
timeout: 3s
- retries: 9
+ retries: 15
networks:
- certservice
certservice:
image: onap/org.onap.aaf.certservice.aaf-certservice-api:latest
- volumes:
- - ./helm/aaf-cert-service/resources/cmpServers.json:/etc/onap/aaf/certservice/cmpServers.json
container_name: aafcert-service
+ volumes:
+ - ./certService/helm/aaf-cert-service/resources/cmpServers.json:/etc/onap/aaf/certservice/cmpServers.json
ports:
- "8080:8080"
depends_on:
Code Review / oom / platform / cert-service.git / commitdiff