From: Piotr Marcinkiewicz Date: Tue, 25 Aug 2020 13:09:28 +0000 (+0200) Subject: Add truststore merger description in readme X-Git-Tag: 2.0.0~2 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=d0e9d1fb9422effe0fe2408c8de2553e2ac20702;p=oom%2Fplatform%2Fcert-service.git Add truststore merger description in readme Issue-ID: DCAEGEN2-2253 Signed-off-by: Piotr Marcinkiewicz Change-Id: I522f40f86fd7433c9b3d3578cd819a294ea078e8 --- diff --git a/README.md b/README.md index 90da14f1..c214973f 100644 --- a/README.md +++ b/README.md @@ -7,9 +7,10 @@ More information about the project and all its functionalities you can find unde https://wiki.onap.org/display/DW/OOM+Certification+Service ``` -Project consists of two submodules: +Project consists of three submodules: 1. oom-certservice-api 2. oom-certservice-client +3. oom-truststore-merger Detailed information about submodules can be found in ```README.md``` in their directories. diff --git a/trustStoreMerger/README.md b/trustStoreMerger/README.md new file mode 100644 index 00000000..dff8a145 --- /dev/null +++ b/trustStoreMerger/README.md @@ -0,0 +1,77 @@ +# Truststore merger + +### Project building +``` +mvn clean package +``` + +### Install the package into the local repository +``` +mvn clean install +``` + +### Building Docker image and install the package into the local repository +``` +mvn clean install -P docker +``` + +### Nexus container image +``` +nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-truststore-merger:latest +``` + +### Running application as standalone docker container + +Exemplary config.env file with necessary envs +``` +TRUSTSTORES_PATHS=/var/certs/truststore.jks:/var/certs/truststore.pem +TRUSTSTORES_PASSWORDS_PATHS=/var/certs/truststoreJks.pass: +``` +TRUSTSTORES_PATHS env indicates paths (separated by ":") where truststores files are located. + +TRUSTSTORES_PASSWORDS_PATHS env indicates paths (separated by ":") where files with passwords to truststores are located. +PEM is not protected by password so its value should be empty + +Execute below command in order to run app as docker container +``` +docker run \ + --name oom-truststore-merger \ + --env-file ./config.env \ + --mount type=bind,src=,dst=/var/certs \ +onap/org.onap.oom.platform.cert-service.oom-truststore-merger:latest +``` +Before run replace with absolute path where you located truststores to merge (eg. /certs/resources/) + +Output from merger (when pointed more than one truststore to merge in TRUSTSTORES_PATHS env) success execution should be: +1. Created backup file (with .bak ext) of first truststore pointed in TRUSTSTORES_PATHS env +2. First truststore pointed in TRUSTSTORES_PATHS env contains merged certificates from all truststores mentioned in TRUSTSTORES_PATHS env + +Remove docker container: +``` +docker rm oom-truststore-merger +``` + +### Logs locally + +path: +``` +var/log/onap/oom/truststore-merger/truststore-merger.log +``` +### Logs in Docker container +``` +docker logs oom-merger +``` +###Exit codes +``` +0 Success +1 Invalid paths in environment variables +2 Invalid merger configuration +3 Invalid truststore file-password pair +4 Cannot read password from file +5 Cannot create backup file +6 Cannot initialize keystore instance +7 Cannot load truststore file +8 Cannot operate on truststore data +9 Missing truststore certificates in provided file +10 Alias conflict detected +11 Cannot save truststore file