From 1e86592650fc695615e0fa34c947b32693d03466 Mon Sep 17 00:00:00 2001
From: sebdet <sebastien.determe@intl.att.com>
Date: Tue, 27 Aug 2019 17:56:04 -0700
Subject: [PATCH] Fix frontend docker

Fix the frontend docker in Nginx with https for backend in https as well

Issue-ID: CLAMP-486
Change-Id: I33fd89289618affa5e734c80991aaefece31309e
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
---
 extra/docker/clamp/clamp.env                       |  2 +-
 extra/docker/clamp/docker-compose.yml              | 20 ++++---
 src/main/docker/backend/backend-files.xml          |  2 +-
 src/main/docker/frontend/Dockerfile                |  6 +-
 src/main/docker/frontend/frontend-files.xml        | 11 +++-
 .../main/docker/frontend}/nginx/nginx.conf         | 10 +++-
 src/main/resources/clds/aaf/ssl/clamp.key          | 32 +++++++++++
 src/main/resources/clds/aaf/ssl/clamp.pem          | 64 ++++++++++++++++++++++
 src/test/resources/http-cache/third_party_proxy.py |  2 +-
 ui-react/package.json                              |  3 +-
 ui-react/public/index.html                         | 10 ++--
 11 files changed, 137 insertions(+), 25 deletions(-)
 rename {ui-react => src/main/docker/frontend}/nginx/nginx.conf (52%)
 create mode 100644 src/main/resources/clds/aaf/ssl/clamp.key
 create mode 100644 src/main/resources/clds/aaf/ssl/clamp.pem

diff --git a/extra/docker/clamp/clamp.env b/extra/docker/clamp/clamp.env
index fee3152e..ae6dbec1 100644
--- a/extra/docker/clamp/clamp.env
+++ b/extra/docker/clamp/clamp.env
@@ -1,2 +1,2 @@
 ### Be careful, this must be in one line only ###
-SPRING_APPLICATION_JSON={"spring.datasource.cldsdb.url":"jdbc:mariadb:sequential://db:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3"}
\ No newline at end of file
+SPRING_APPLICATION_JSON={"spring.datasource.cldsdb.url":"jdbc:mariadb:sequential://db:3306/cldsdb4?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3","spring.profiles.active":"clamp-default,clamp-default-user,clamp-sdc-controller-new","clamp.config.policy.api.url":"http4://third-party-proxy:8085","clamp.config.policy.pap.url":"http4://third-party-proxy:8085","clamp.config.dcae.inventory.url":"http://third-party-proxy:8085","clamp.config.dcae.deployment.url":"http4://third-party-proxy:8085"}
diff --git a/extra/docker/clamp/docker-compose.yml b/extra/docker/clamp/docker-compose.yml
index f41473e9..7026de91 100644
--- a/extra/docker/clamp/docker-compose.yml
+++ b/extra/docker/clamp/docker-compose.yml
@@ -1,6 +1,12 @@
-version: '2'
+version: '3.1'
 
 services:
+  clamp-frontend:
+    image: onap/clamp-frontend
+    depends_on:
+      - clamp-backend
+    ports:
+      - "443:443"
   db:
     image: mariadb:10.3.12
     volumes:
@@ -12,23 +18,21 @@ services:
     ports:
       - "3306:3306"
 
-  clamp:
+  clamp-backend:
     image: onap/clamp-backend
-    volumes:
-      - "./config/:/opt/clamp/config:rw"
     depends_on:
       - db
+      - third-party-proxy
     env_file:
       - clamp.env
     ports:
-      - "8080:8080"
       - "8443:8443"
-
-  third_party_proxy:
+      
+  third-party-proxy:
     image: python:2-slim
     volumes:
       - "../../../src/test/resources/http-cache/example/:/thirdparty:rw"
       - "../../../src/test/resources/http-cache/:/script/:ro"
     ports:
       - "8085:8085"
-    command: /bin/sh -c "pip install requests &&  pip install simplejson && python -u /script/third_party_proxy.py -v true --port 8085 --root /thirdparty --proxyaddress third_party_proxy:8085"
+    command: /bin/sh -c "pip install requests &&  pip install simplejson && python -u /script/third_party_proxy.py -v true --port 8085 --root /thirdparty --proxyaddress third-party-proxy:8085"
diff --git a/src/main/docker/backend/backend-files.xml b/src/main/docker/backend/backend-files.xml
index 7a9c6f53..c73c47f6 100644
--- a/src/main/docker/backend/backend-files.xml
+++ b/src/main/docker/backend/backend-files.xml
@@ -36,7 +36,7 @@
 				<include>${project.build.finalName}.jar</include>
 			</includes>
 			<directory>${project.build.directory}</directory>
-			<outputDirectory>/</outputDirectory>
+			<outputDirectory></outputDirectory>
 		</fileSet>
 	</fileSets>
 
diff --git a/src/main/docker/frontend/Dockerfile b/src/main/docker/frontend/Dockerfile
index 8c755b03..8cdad308 100644
--- a/src/main/docker/frontend/Dockerfile
+++ b/src/main/docker/frontend/Dockerfile
@@ -46,7 +46,9 @@ RUN mkdir /var/log/onap
 RUN chmod a+rwx /var/log/onap
 
 COPY --from=build /app/build /usr/share/nginx/html
+COPY --from=build /app/ssl /etc/ssl
 RUN rm /etc/nginx/conf.d/default.conf
-COPY onap-clamp-frontend/nginx/nginx.conf /etc/nginx/conf.d
-EXPOSE 80
+#COPY onap-clamp-frontend/nginx/nginx.conf /etc/nginx/conf.d
+COPY nginx/nginx.conf /etc/nginx/conf.d
+EXPOSE 443
 CMD ["nginx", "-g", "daemon off;"]
\ No newline at end of file
diff --git a/src/main/docker/frontend/frontend-files.xml b/src/main/docker/frontend/frontend-files.xml
index 2610e828..aaf32be8 100644
--- a/src/main/docker/frontend/frontend-files.xml
+++ b/src/main/docker/frontend/frontend-files.xml
@@ -17,7 +17,7 @@
   limitations under the License.
   ============LICENSE_END=========================================================
   -->
-
+  
 <assembly
 	xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.1"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -35,8 +35,13 @@
 			<excludes>
 				<exclude>node_modules</exclude>
 			</excludes>
-			<directory>${project.basedir}/ui-react</directory>
-			<outputDirectory>/</outputDirectory>
+			<directory>${project.build.directory}/${ui.react.src}</directory>
+			<outputDirectory></outputDirectory>
+		</fileSet>
+		<!-- include ssl certificates files obtain from aaf p12 -->
+		<fileSet>
+			<directory>${project.basedir}/src/main/resources/clds/aaf/ssl</directory>
+			<outputDirectory>ssl</outputDirectory>
 		</fileSet>
 	</fileSets>
 
diff --git a/ui-react/nginx/nginx.conf b/src/main/docker/frontend/nginx/nginx.conf
similarity index 52%
rename from ui-react/nginx/nginx.conf
rename to src/main/docker/frontend/nginx/nginx.conf
index 758a646e..5bcac5cf 100644
--- a/ui-react/nginx/nginx.conf
+++ b/src/main/docker/frontend/nginx/nginx.conf
@@ -1,7 +1,13 @@
 server {
 
-  listen 80;
-
+  listen 443 default ssl;
+  ssl_protocols TLSv1.2;
+  ssl_certificate /etc/ssl/clamp.pem;
+  ssl_certificate_key /etc/ssl/clamp.key;
+    location /restservices/clds/ {
+        proxy_pass https://clamp-backend:8443;
+    }
+  
   location / {
     root   /usr/share/nginx/html;
     index  index.html index.htm;
diff --git a/src/main/resources/clds/aaf/ssl/clamp.key b/src/main/resources/clds/aaf/ssl/clamp.key
new file mode 100644
index 00000000..fcf68bfa
--- /dev/null
+++ b/src/main/resources/clds/aaf/ssl/clamp.key
@@ -0,0 +1,32 @@
+Bag Attributes
+    friendlyName: clamp@clamp.onap.org
+    localKeyID: 54 69 6D 65 20 31 35 35 33 37 38 37 35 31 38 33 30 33 
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC4nLg3HAYzgJTr
+C9WdZypwz0UzcQcCFXwEUUA8StwtMwx0OahJiEJRdFY6fmydq4MzFgZ6HQt/M7dY
+0l8phLHpGTVdrFMgW8yZer8bwNcSSiPVRy8j0s8lBHdR+KofG+yA19xg6lCYDX78
+yfeA2jZ52FhVWavyGHS4whWlw8T1EGbZZqXZCFgc7zHjUXuG1mo2ropppJkouf9g
+WEH2Vx16YiosgZzftRW1N3KJ7JozcEtS/j4w/pNyS7HOQDWWGTDk6Us4bt8Zg4gd
+1FeID0FmnEEGRKP+XscsGNwMd06MBsCAOutHkpFtS+UT3cr8xIKewL7uPq24X3ke
+W148togFAgMBAAECggEATncV+R5pKFS7dteV2IvzxvTh1cZxkxoslu0t3zJ2OKPc
+5D1pYK+QeGx5Be2cHru6TOlMoXRc4ZjKke8AUXY74/Y573GB91vtL0KznYkuIHDw
+oALcb153eqVWTbniHMzSjcSxv2N4E9iQo8L39oVI6CrjCIvPgFuSqMCdUNJPkVTI
+4nsarTfLK4fzi7IbWzi9JdE1QRNIxcCMcYJRnLZMdneMLBleR0UL82Xc2KOy5SEt
+zyKYCQ8zS247FKolnOrDkhKxXI5fzdDpRK5AQSsAykUPWlYq7pzKjY/dU9rMRohx
+YSltFjPZ3sQ3UKqqIqhZS+GoVuZoc925WyhViPsqtQKBgQDsL4LFfPWN8nnsusQp
+VR3T7HvvwXuEVAydlaJMwZU0cRYN+L7RHHjDoXZZrNJDIDzNoWnBLKRGx3mtLmgJ
+9Pa6SxN6Oc8oo6jzv2D59g1PVjNOMOYTCTb/2Xum4LMLaeeF57HkWxzeA3Ws47++
+gXwzQpbE90tp1Ys4uXD3JoivvwKBgQDIGZTwLGhLSegdAjG83WEgmdtzT1kjvx0Q
+A8IR2jkgkTJHdKiuslJ8Z3/XufHEwWMWwfs1XLwxYluoo1y9eNvNeHZXjLqjL62c
+I3034F9IvvTUqFcxam2WdoklXbAiSvLUo/9exPgOuVxok6Zv1imRgGb/vYV9vyG7
+86MRuQu5OwKBgQC9E3fcA6JMpY3H3uhEsngzfMDm+fyYvfRvfyezzNFWbyWZv8V6
+gBGJg0vMlFarGDa044BW/hbw9qXI5zqwpeOS1aFdGsRlo0cRAuduk/Spy7c85FZ7
+bMgT4BZmTMHo5DpNb2NxDSO59AkThCuvJde47ZjnS5WavzI6EfKGWNnZ3wKBgQCF
+QiwjCp/mS/DtqLFxAsmVSYGROG231aXILYiIFRloa+ndFn7j4NP4D4FfLHErRFL2
+K/ddIUYfaU57b1fqwts26ht90LXWyYDH9AaHOMCcFLe+C+INgcA7rPNG1C7hl6JC
+JHmEJo7AV4eICZSU9D44rRdrB08oYCpaHjYiLmb1UwKBgQCWCDJ4p2DrNL9hzj3K
+kzvM5saXrfI4aVBXVt9rw9s1d/WG8JOpnmHcnLPb6Tj59rDktrLCLv0sVstMwNVJ
+sOO+qsgn1VoZalcVhhjdONm5YvhJQgz0F7Y2xkr6g/AuMPz2YigGfm7fe/z7rc+L
+q9Ua2HmUS8DDBy7W89MNZJNkDQ==
+-----END PRIVATE KEY-----
diff --git a/src/main/resources/clds/aaf/ssl/clamp.pem b/src/main/resources/clds/aaf/ssl/clamp.pem
new file mode 100644
index 00000000..ccb0097d
--- /dev/null
+++ b/src/main/resources/clds/aaf/ssl/clamp.pem
@@ -0,0 +1,64 @@
+Bag Attributes
+    friendlyName: clamp@clamp.onap.org
+    localKeyID: 54 69 6D 65 20 31 35 35 33 37 38 37 35 31 38 33 30 33 
+subject=CN = clamp, emailAddress = , OU = clamp@clamp.onap.org, OU = OSAAF, O = ONAP, C = US
+
+issuer=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9
+
+-----BEGIN CERTIFICATE-----
+MIIEKDCCAxCgAwIBAgIIWY+5kgf/UG4wDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
+BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
+bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyMTE2MTY1OFoXDTIwMDMyMTE2MTY1OFow
+bDEOMAwGA1UEAwwFY2xhbXAxDzANBgkqhkiG9w0BCQEWADEdMBsGA1UECwwUY2xh
+bXBAY2xhbXAub25hcC5vcmcxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQ
+MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALic
+uDccBjOAlOsL1Z1nKnDPRTNxBwIVfARRQDxK3C0zDHQ5qEmIQlF0Vjp+bJ2rgzMW
+BnodC38zt1jSXymEsekZNV2sUyBbzJl6vxvA1xJKI9VHLyPSzyUEd1H4qh8b7IDX
+3GDqUJgNfvzJ94DaNnnYWFVZq/IYdLjCFaXDxPUQZtlmpdkIWBzvMeNRe4bWajau
+immkmSi5/2BYQfZXHXpiKiyBnN+1FbU3consmjNwS1L+PjD+k3JLsc5ANZYZMOTp
+Szhu3xmDiB3UV4gPQWacQQZEo/5exywY3Ax3TowGwIA660eSkW1L5RPdyvzEgp7A
+vu4+rbhfeR5bXjy2iAUCAwEAAaOB8jCB7zAJBgNVHRMEAjAAMA4GA1UdDwEB/wQE
+AwIF4DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVAYDVR0jBE0w
+S4AUgfeZWxC5yIze81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsMBU9TQUFGMQ0w
+CwYDVQQKDARPTkFQMQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQU+GZ6wmWDPrmq
+Wd1/NtMYiCQ8Dg4wOwYDVR0RBDQwMoIFY2xhbXCCHWNsYW1wLmFwaS5zaW1wbGVk
+ZW1vLm9uYXAub3JnggpjbGFtcC5vbmFwMA0GCSqGSIb3DQEBCwUAA4IBAQCFZdhB
+U6xm6l0vj4q89onLx4opTPvwGNRc0n402lifkPYXseFtphZSHIf2Sg0mFTH4KHb4
+FdMyBzq1+f5WLU+xRC1nT4eGJ0FvRR6204/fGVrzJTS67phnRnxr2WZzLPW0wPJe
+K8SzN6tkUgE7/a/s0T/htE/blDxWh75+tA2jQlgj1Ri0y9A1J8wx++REKjGlHjFN
+53aiipsB+wC/oEMzYL4qEPiYPI0Lr3Lsay1F7f6cvDT4+EYzBLMFuwCvpcnHgSMS
+4fFj2ROmUG2+CC23B88Q0WNxjLPq/CrmHZZBsqwruPJ0cSuCQxfshTQ6uZhcjtu8
+6TRYkIcL0x9r/AHP
+-----END CERTIFICATE-----
+Bag Attributes
+    friendlyName: CN=intermediateCA_9,OU=OSAAF,O=ONAP,C=US
+subject=C = US, O = ONAP, OU = OSAAF, CN = intermediateCA_9
+
+issuer=OU = OSAAF, O = ONAP, C = US
+
+-----BEGIN CERTIFICATE-----
+MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
+MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
+neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
+o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
+nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
+v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
+15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
+gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
+M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
+ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
+u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
+QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
+8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
+kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
+aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
+uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
+tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
+BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
+-----END CERTIFICATE-----
diff --git a/src/test/resources/http-cache/third_party_proxy.py b/src/test/resources/http-cache/third_party_proxy.py
index 0381ab18..5ec9f46c 100755
--- a/src/test/resources/http-cache/third_party_proxy.py
+++ b/src/test/resources/http-cache/third_party_proxy.py
@@ -43,7 +43,7 @@ parser.add_argument("--temp",     "-t", default=tempfile.mkdtemp(), type=str, he
 parser.add_argument("--proxy"         , type=str, help="Url of the  Act as a proxy. If not set, this script only uses the cache and will return a 404 if files aren't found")
 parser.add_argument("--port",     "-P", type=int, default="8081", help="Port on which the proxy should listen to")
 parser.add_argument("--verbose",  "-v", type=bool, help="Print more information in case of error")
-parser.add_argument("--proxyaddress","-a", type=str, help="Address of this proxy, generally either third_party_proxy:8085 or localhost:8085 depending if started with docker-compose or not")
+parser.add_argument("--proxyaddress","-a", type=str, help="Address of this proxy, generally either third-party-proxy:8085 or localhost:8085 depending if started with docker-compose or not")
 options = parser.parse_args()
 
 
diff --git a/ui-react/package.json b/ui-react/package.json
index 65608bed..3d2f6812 100644
--- a/ui-react/package.json
+++ b/ui-react/package.json
@@ -4,14 +4,13 @@
   "description": "ONAP Clamp Loop Designer UI",
   "author": "ONAP Clamp Team",
   "license": "Apache-2.0",
-  "homepage": "wiki.onap.org",
   "publishConfig": {
     "registry": "https://nexus3.onap.org/repository/npm.snapshot/"
   },
   "main": "index.js",
   "proxy": "https://localhost:8443",
   "scripts": {
-    "start": "react-scripts start",
+    "start": "HTTPS=true react-scripts start",
     "build": "react-scripts build",
     "test": "react-scripts test --env=jsdom --watchAll=false",
     "eject": "react-scripts eject",
diff --git a/ui-react/public/index.html b/ui-react/public/index.html
index 2b740fea..bab3e7ab 100644
--- a/ui-react/public/index.html
+++ b/ui-react/public/index.html
@@ -26,15 +26,15 @@
 <head>
 <meta charset="utf-8">
 <meta name="viewport"
-	content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    content="width=device-width, initial-scale=1, shrink-to-fit=no">
 <meta name="theme-color" content="#000000">
-<link rel="manifest" href="%PUBLIC_URL%/manifest.json">
-<link rel="shortcut icon" href="%PUBLIC_URL%/onap.ico">
+<link rel="manifest" href="manifest.json">
+<link rel="shortcut icon" href="onap.ico">
 
 <title>Clamp Designer UI</title>
 </head>
 <body>
-	<noscript>You need to enable JavaScript to run this app.</noscript>
-	<div id="root"></div>
+    <noscript>You need to enable JavaScript to run this app.</noscript>
+    <div id="root"></div>
 </body>
 </html>
-- 
2.16.6