2 # This script is run when starting client Container.
3 # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
6 AAF_INTERFACE_VERSION=2.1
8 # Extract Name, Domain and NS from FQI
9 FQIA=($(echo ${APP_FQI} | tr '@' '\n'))
12 # Reverse DOMAIN for NS
13 FQIA_E=($(echo ${FQI_DOMAIN} | tr '.' '\n'))
14 for (( i=( ${#FQIA_E[@]} -1 ); i>0; i-- )); do
15 NS=${NS}${FQIA_E[i]}'.'
18 CONFIG="/opt/app/aaf_config"
19 OSAAF="/opt/app/osaaf"
22 SSO="$DOT_AAF/sso.props"
24 JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine"
25 JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent"
26 JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent"
27 JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli"
30 if [ ! -d $LOCAL ]; then
33 rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
37 # Setup Bash, first time only
38 if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep agent $HOME/.bash_aliases)" ]; then
39 echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases
40 echo "alias agent='$OSAAF/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
41 echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases
42 chmod a+x $OSAAF/bin/agent.sh
46 # Setup SSO info for Deploy ID
47 function sso_encrypt() {
48 $JAVA_CADI digest ${1} $DOT_AAF/keyfile
52 # Create Deployer Info, located at /root/.aaf
53 if [ ! -e "$DOT_AAF/keyfile" ]; then
55 $JAVA_CADI keygen $DOT_AAF/keyfile
56 chmod 400 $DOT_AAF/keyfile
57 echo cadi_latitude=${LATITUDE} > ${SSO}
58 echo cadi_longitude=${LONGITUDE} >> ${SSO}
59 echo aaf_id=${DEPLOY_FQI} >> ${SSO}
60 if [ ! "${DEPLOY_PASSWORD}" = "" ]; then
61 echo aaf_password=enc:$(sso_encrypt ${DEPLOY_PASSWORD}) >> ${SSO}
63 echo aaf_locate_url=https://${AAF_FQDN}:8095 >> ${SSO}
64 echo aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:${AAF_INTERFACE_VERSION} >> ${SSO}
66 base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
67 echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO}
68 echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO}
69 echo "Caller Properties Initialized"
73 # Only initialize once, automatically...
74 if [ ! -e $LOCAL/${NS}.props ]; then
75 echo "#### Create Configuration files "
76 $JAVA_AGENT config $APP_FQI \
77 aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \
82 echo "#### Certificate Authorization Artifact"
84 $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \
85 cadi_prop_files=${SSO} \
86 cadi_etc_dir=$LOCAL > $TMP
89 if [ -n "$(grep 'Namespace:' $TMP)" ]; then
90 echo "#### Place Certificates (by deployer)"
91 $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \
92 cadi_prop_files=${SSO} \
95 echo "#### Validate Configuration and Certificate with live call"
96 $JAVA_AGENT_SELF validate
97 echo "Obtained Certificates"
100 echo "#### Certificate Authorization Artifact must be valid to continue"
107 if [ -z "$CMD" ]; then
108 if [ -n "$INITIALIZED" ]; then
109 echo "Initialization complete"
119 find /opt/app/osaaf -depth
122 if [ "$1" = "" ]; then
123 echo "usage: cat <file... ONLY files ending in .props>"
125 if [[ $1 == *.props ]]; then
127 echo "## CONTENTS OF $3"
131 echo "### ERROR ####"
132 echo " \"cat\" may only be used with files ending with \".props\""
137 for D in bin logs; do
138 rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
142 echo "## Show Passwords"
143 $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN}
146 $JAVA_AGENT check ${APP_FQI} ${APP_FQDN}
149 echo "## validate requested"
150 $JAVA_AGENT_SELF validate
159 FILES=$(grep -l "$1" ./*.props)
160 if [ -z "$FILES" ]; then
169 if [ "$ADD" = "Y" ]; then
170 echo "Changing $1 to $F"
173 echo "Changing $1 in $F"
174 sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F
182 FILES=$(grep -l "$1" ./*.props)
183 if [ "$FILES" = "" ]; then
184 FILES=$LOCAL/${NS}.cred.props
188 echo "Changing $1 in $F"
189 if [ "$2" = "" ]; then
190 read -r -p "Password (leave blank to cancel): " -s ORIG_PW
192 if [ "$ORIG_PW" = "" ]; then
199 PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
200 if [ "$ADD" = "Y" ]; then
201 echo "$1=enc:$PWD" >> $F
203 sed -i.backup -e "s/\\($1.*enc:\\).*/\\1$PWD/" $F
209 sh /opt/app/osaaf/logs/taillog
214 echo "--- Agent Container Comands ---"
215 echo " ls - Lists all files in Configuration"
216 echo " cat <file.props>> - Shows the contents (Prop files only)"
217 echo " validate - Runs a test using Configuration"
218 echo " setProp <tag> [<value>] - set value on 'tag' (if no value, it will be queried from config)"
219 echo " encrypt <tag> [<pass>] - set passwords on Configuration (if no pass, it will be queried)"
220 echo " bash - run bash in Container"
221 echo " Note: the following aliases are preset"
222 echo " cadi - CADI CmdLine tool"
223 echo " agent - Agent Java tool (see above help)"
225 echo " --help|-? [cadi|agent] - This help, cadi help or agent help"
228 echo "--- cadi Tool Comands ---"
232 echo "--- agent Tool Comands ---"
236 echo "--- aafcli Tool Comands ---"
244 # echo "--- run Sample Servlet App ---"
245 # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props
248 $JAVA_AGENT "$CMD" "$@"