integrate spring sli container with AAF

author Agarwal, Ruchira (ra1926) <ra1926@att.com>

Thu, 9 Apr 2020 16:15:58 +0000 (16:15 +0000)

committer Agarwal, Ruchira (ra1926) <ra1926@att.com>

Thu, 9 Apr 2020 16:15:58 +0000 (16:15 +0000)
author Agarwal, Ruchira (ra1926) <ra1926@att.com>
Thu, 9 Apr 2020 16:15:58 +0000 (16:15 +0000)
committer Agarwal, Ruchira (ra1926) <ra1926@att.com>
Thu, 9 Apr 2020 16:15:58 +0000 (16:15 +0000)
diff --git a/sliboot/pom.xml b/sliboot/pom.xml

index 9b67bdd..7e0d73f 100644 (file)
--- a/sliboot/pom.xml
+++ b/sliboot/pom.xml
@@ -99,10 +99,20 @@
                                      <directory>src/main/resources</directory>
                                      <includes>
                                          <include>*.properties</include>
                                      <directory>src/main/resources</directory>
                                      <includes>
                                          <include>*.properties</include>
+                                        <include>*.props</include>
                                          <include>*.sql</include>
                                      </includes>
                                      <filtering>true</filtering>
                                  </resource>
                                          <include>*.sql</include>
                                      </includes>
                                      <filtering>true</filtering>
                                  </resource>
+                                <resource>
+                                    <directory>src/main/resources</directory>
+                                    <includes>
+                                        <include>*.keyfile</include>
+                                        <include>*.jks</include>
+                                        <include>*.p12</include>
+                                    </includes>
+                                    <filtering>false</filtering>
+                                </resource>
                              </resources>
                          </configuration>
                      </execution>
                              </resources>
                          </configuration>
                      </execution>
diff --git a/sliboot/src/main/compose/docker-compose.yaml b/sliboot/src/main/compose/docker-compose.yaml

index fbce3b6..45b185f 100755 (executable)
--- a/sliboot/src/main/compose/docker-compose.yaml
+++ b/sliboot/src/main/compose/docker-compose.yaml
@@ -22,7 +22,7 @@ services:
        - db
      container_name: sliboot_sli_container
      ports:
        - db
      container_name: sliboot_sli_container
      ports:
-      - "8080:8080"
+      - "8443:8443"
      links:
        - db:dbhost
      environment:
      links:
        - db:dbhost
      environment:
@@ -36,5 +36,7 @@ services:
        options:  
          max-size: "30m"
          max-file: "5"
        options:  
          max-size: "30m"
          max-file: "5"
+    extra_hosts:
+      aaf-onap-test.osaaf.org: 10.12.5.145
  
  
  
  
diff --git a/sliboot/src/main/docker/Dockerfile b/sliboot/src/main/docker/Dockerfile

index 3be2717..3269d43 100644 (file)
--- a/sliboot/src/main/docker/Dockerfile
+++ b/sliboot/src/main/docker/Dockerfile
@@ -42,4 +42,4 @@ RUN chmod +x ${CCSDK_HOME}/bin/*.sh
  USER sli
  WORKDIR ${CCSDK_HOME}
  ENTRYPOINT /opt/onap/ccsdk/bin/startSliboot.sh
  USER sli
  WORKDIR ${CCSDK_HOME}
  ENTRYPOINT /opt/onap/ccsdk/bin/startSliboot.sh
-EXPOSE 8080
+EXPOSE 8443
diff --git a/sliboot/src/main/resources/application.properties b/sliboot/src/main/resources/application.properties

index 9be28c3..db2f39e 100644 (file)
--- a/sliboot/src/main/resources/application.properties
+++ b/sliboot/src/main/resources/application.properties
@@ -1,6 +1,5 @@
  springfox.documentation.swagger.v2.path=/api-docs
  server.contextPath=/restconf
  springfox.documentation.swagger.v2.path=/api-docs
  server.contextPath=/restconf
-server.port=8080
  spring.jackson.date-format=org.onap.ccsdk.sli.core.sliapi.springboot.controllers.swagger.RFC3339DateFormat
  spring.jackson.serialization.WRITE_DATES_AS_TIMESTAMPS=false
  logging.level.com.att=TRACE
  spring.jackson.date-format=org.onap.ccsdk.sli.core.sliapi.springboot.controllers.swagger.RFC3339DateFormat
  spring.jackson.serialization.WRITE_DATES_AS_TIMESTAMPS=false
  logging.level.com.att=TRACE
@@ -15,4 +14,12 @@ spring.jpa.show-sql=true
  spring.jpa.hibernate.ddl-auto=update
  spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyLegacyHbmImpl
  spring.jpa.hibernate.naming.physical-strategy=org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy
  spring.jpa.hibernate.ddl-auto=update
  spring.jpa.hibernate.naming.implicit-strategy=org.hibernate.boot.model.naming.ImplicitNamingStrategyLegacyHbmImpl
  spring.jpa.hibernate.naming.physical-strategy=org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy
-spring.jpa.database=mysql
-\ No newline at end of file
+spring.jpa.database=mysql
+server.port=8443
+server.ssl.key-store=classpath:org.onap.sdnc.p12
+server.ssl.key-store-type=PKCS12
+server.ssl.key-store-password=;:G58,7ZhqOSI:7^oZCY[9Dv
+server.ssl.key-password=;:G58,7ZhqOSI:7^oZCY[9Dv
+server.ssl.enabled=true
+server.ssl.protocol=TLS
+server.ssl.key-alias=sdnc@sdnc.onap.org
diff --git a/sliboot/src/main/resources/org.onap.sdnc.cred.props b/sliboot/src/main/resources/org.onap.sdnc.cred.props

new file mode 100644 (file)

index 0000000..e702d61
--- /dev/null
+++ b/sliboot/src/main/resources/org.onap.sdnc.cred.props
@@ -0,0 +1,17 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+#   by root
+#   on 2020-04-07T19:49:10.483+0000
+# @copyright 2019, AT&T
+############################################################
+Challenge=enc:gsZC3qJk3ylRSusYHUQqBiflWlKXn4rnh-fULJmfIU3RAphd_AHmZ6c6kl42qcJE
+cadi_alias=sdnc@sdnc.onap.org
+cadi_key_password=enc:HLzeIrsDqKLcY1fNlbRTXVch5RrfUvAXKW_sJ9cv9Rs49q8GsiPsZDqboJXAT-lF
+cadi_keyfile=/opt/onap/ccsdk/config/org.onap.sdnc.keyfile
+cadi_keystore=/opt/onap/ccsdk/config/org.onap.sdnc.p12
+cadi_keystore_password=enc:aH6rL1KPu8ZzMtQ16FiMvGE-janpERZBU3tnVuGcXBaK2T9_3F28UuBH-GJ2BRjM
+cadi_keystore_password_jks=enc:ydq6zoDeWGdBbFXkF_bLHJ4HrhMn-cSZ11m-NUNCm116gYhsjF1HKfkqs6Wrn6Zl
+cadi_keystore_password_p12=enc:aH6rL1KPu8ZzMtQ16FiMvGE-janpERZBU3tnVuGcXBaK2T9_3F28UuBH-GJ2BRjM
+cadi_truststore=/opt/onap/ccsdk/config/org.onap.sdnc.trust.jks
+cadi_truststore_password=enc:Lhl6jEPxCYutrEpioq0woR1ypC4K1i9yPWKGRG7s9eARe5egSzsEBCooiKB7om5B
+cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
diff --git a/sliboot/src/main/resources/org.onap.sdnc.keyfile b/sliboot/src/main/resources/org.onap.sdnc.keyfile

new file mode 100644 (file)

index 0000000..eb8fe84
--- /dev/null
+++ b/sliboot/src/main/resources/org.onap.sdnc.keyfile
@@ -0,0 +1,27 @@
+Xgwa72kLHXU9NRElW4t4taIjudICPqMwywqYe1HVQ7Ve9ccqRRksY9gjK4hnDwU9mn0XdYEMlIU2
+OMWL4ck6PaxjHlaVR1qVBIFRcrkXs_ttagrjijBxXvJvJVI60JMCBGmIgNkI78wnEZOi6PLG0x7S
+agVQM34a5HHBEMePfqtgO-J8rBXMaeIrpHOTTEEtZXU-ZvbI8VZWhCD0e9fnn3YlFQaPeni0zqOE
+NY_lV6ZxlAtD5RCKdQWuU4O_cmmv3_LpIm41NT7Dn4sG6QzHjw2WM5essLTCEUvXJntlj3OmZTkr
+p4lPBVAWg2-qc_ZZyY2VEtoxVmKIMP15ctq50RVgPtQMmd-hdj5I51yW5MQYSM4jTgxtspiGUDJq
+ftsxb76K5w76X-ADxpZt85bEe068dwEoqZd5Qe33jIcZD2iNfGUb_ee1vSVlTQO1JlGqHAelUNks
+ellL5WE7X4g4TCG8KW38_GUOyohyQ5pv-Mozq-Sxz2bK8JCBs6hFBhKbnE07x3yY7SOBVnDbdCec
+cXZ86TNcdOsxBdqfNXD4PK_qMiXZTh3OMRsEG8IhhFyD3sbpFEyVhU_96o47iOgvAeAAiIKJ2Uww
+QUTHfNxp7LWUTw7aHhmK4wZLpFS-Lz1seat65uNp9DRuQ9jin0Hpi0XW1UwY4WzYvWeiQh2swwM8
+XCz9jawem18wTJ-pZUvKtkAQ5ImwSBuIFaKoUkbiowrNAGFOFGaFhtapV1uvehPlpmzbvn9HfPO8
+1xAp3Jusu3G4tGrrsJdvkenUB-3BbcJHMPE-Ku1jEWGoOXnrn0WURiHXhYMy8gWbko56ykftIJRP
+Q4bq4TCwxNE8nzhNXSh0_dqYK0JlAkoOtvkBogM42Ljly5ODCIDb7NZFtTyK3FpYVXLC-um9wYxI
+2t7V5N-nPinFf9hWzgTCvnjfAn0X2kAWTBQVwO-Sxepy40ZbTkEkQzsKyFKa3pnB_BmkE6dvQMqj
+QZlg5dpu3eacVSMPaZCdgISYN-pYrWNYtPKKlxYQgsK0Z6hJuS-87snx-WYRN4SRhWBY_b-G1EsZ
+SeL9L8daNXYzmOHnprenlz5ZqitnM_KoL9th_rG4krV8-Nlw1Rh7K_YcXuFsKGTlzYbuoHyM1CBn
+oWPIf32W5DN4BRcSTi74wV_tScQL4sueKYo3epZMrTA0djFyq94-wyA0bOzySQxcrGIvvLMITJ51
+U6c845RXFAK8_Z2Nt8-Mdv6Ox_KDmZtX4P9bNJ21nM9D9Htgr2H5GIBXFBt_ZDUzwZ5WLrs-l4Li
+26dHL5OudyekOaI4BVxg_09hRD9xNPpU5kiVcz5_QAi7QsnYqf53oB55H_NEhq1h3KOmqzJw9q7M
+kYQgO-q5Y5dIvduBe9zruFIQIt-WhhRJM8v4i50QNaOCnbZfmDalStlSzFX9xEXKESU8q-7VwxRT
+Aro7Teu_fS3PXvsgr6hHSf-SK2zbrizPG-5AaPn3SkBoU-3Ofr-HeJfihx0NnvcCnjDYvQw9C5d6
+845zvcrJrphNkXVPNO23lRMTEuStQiCbbdZcaNcPFXMpjlS4x8tonxwNqBBa4CwO7p5omkayEVLi
+i_JbOg4JSor1C_cSnA9TIfEcwVe9znPeEE01uFp_IBP5rJHuiInca-f7NbZFDkhO5LJPIoyvmTHZ
+76LBniKhcocSW8CR7Gc9Q8wxXJFEivQb4JvA1gd8VZ_A31yqnSTnApxGcAu1DEHNnCd9AVYIq9jd
+weFikVaf5n3GF-DBYxeesu1ChEmTOLN0tZw43uyAvqWrqLU_m5DspMAv-MNA0ddgcMOw8yph0035
+5HgcosFyhnx_FByGJtbr0bahZ1dJnswN_lXlRUYB2-WYnWUot-ONKiw3cD7kU095p3zPOHkd6KlI
+cyRcCDVN9KQkE-S9VDWBWD8V2A6wudLLICsRug_Ypa6doZKGcF335ZT9U54R9DNqUHCf3IEu0xl3
+YlQrkCwrFZB8WVMkfJQJKFfqYyjeH-t-afS3JR-PkH-qBRDFFYZ3m1anYuZI20-IiP8BZKCI
+\ No newline at end of file
diff --git a/sliboot/src/main/resources/org.onap.sdnc.p12 b/sliboot/src/main/resources/org.onap.sdnc.p12

new file mode 100644 (file)

index 0000000..23a701a

Binary files /dev/null and b/sliboot/src/main/resources/org.onap.sdnc.p12 differ
diff --git a/sliboot/src/main/resources/org.onap.sdnc.props b/sliboot/src/main/resources/org.onap.sdnc.props

new file mode 100644 (file)

index 0000000..adef904
--- /dev/null
+++ b/sliboot/src/main/resources/org.onap.sdnc.props
@@ -0,0 +1,14 @@
+############################################################
+# Properties Generated by AT&T Certificate Manager
+#   by root
+#   on 2020-04-07T19:49:08.370+0000
+# @copyright 2019, AT&T
+############################################################
+aaf_id=sdnc@sdnc.onap.org
+aaf_locate_url=https://aaf-onap-test.osaaf.org:8095
+aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1
+cadi_latitude=38.432899
+cadi_longitude=-90.43248
+cadi_prop_files=/opt/onap/ccsdk/config/org.onap.sdnc.cred.props
+cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1
+cadi_protocols=TLSv1.1,TLSv1.2
diff --git a/sliboot/src/main/resources/org.onap.sdnc.trust.jks b/sliboot/src/main/resources/org.onap.sdnc.trust.jks

new file mode 100644 (file)

index 0000000..7a69861

Binary files /dev/null and b/sliboot/src/main/resources/org.onap.sdnc.trust.jks differ
diff --git a/sliboot/src/main/resources/startSliboot.sh b/sliboot/src/main/resources/startSliboot.sh

index db1dfaa..8c5f723 100644 (file)
--- a/sliboot/src/main/resources/startSliboot.sh
+++ b/sliboot/src/main/resources/startSliboot.sh
@@ -25,6 +25,8 @@ export CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk}
  export SLIBOOT_JAR=${SLIBOOT_JAR:-${ccsdk.sliboot.jar}}
  export SVCLOGIC_DIR=${SVCLOGIC_DIR:-opt/onap/ccsdk/svclogic/graphs}
  export LOG_PATH=${LOG_PATH:-/var/log/onap/ccsdk}
  export SLIBOOT_JAR=${SLIBOOT_JAR:-${ccsdk.sliboot.jar}}
  export SVCLOGIC_DIR=${SVCLOGIC_DIR:-opt/onap/ccsdk/svclogic/graphs}
  export LOG_PATH=${LOG_PATH:-/var/log/onap/ccsdk}
+export CCSDK_CONFIG_DIR=${CCSDK_CONFIG_DIR:-/opt/onap/ccsdk/config}
+export JAVA_SECURITY_DIR=${JAVA_SECURITY_DIR:-/etc/ssl/certs/java}
  
  #
  # Wait for database
  
  #
  # Wait for database
@@ -51,6 +53,12 @@ END
  # Initialize schema
  mysql -h ${MYSQL_DB_HOST} -u ${MYSQL_DB_USER} -p${MYSQL_DB_PASSWD} ${MYSQL_DB_DATABASE} < ${CCSDK_HOME}/config/schema.sql
  
  # Initialize schema
  mysql -h ${MYSQL_DB_HOST} -u ${MYSQL_DB_USER} -p${MYSQL_DB_PASSWD} ${MYSQL_DB_DATABASE} < ${CCSDK_HOME}/config/schema.sql
  
+# Install ssl and java certificates
+COPY $CCSDK_CONFIG_DIR/truststoreONAPall.jks $JAVA_SECURITY_DIR
+RUN keytool -importkeystore -srckeystore $JAVA_SECURITY_DIR/truststoreONAPall.jks -srcstorepass changeit -destkeystore $JAVA_SECURITY_DIR/cacerts  -deststorepass changeit
+
+echo -e "\nCerts ready"
+
  cd $CCSDK_HOME
  cd $CCSDK_HOME
-java -DserviceLogicDirectory=${SVCLOGIC_DIR} -DLOG_PATH=${LOG_PATH} -jar ${CCSDK_HOME}/lib/${SLIBOOT_JAR}
+java -DserviceLogicDirectory=${SVCLOGIC_DIR} -Dcadi_prop_files=${CCSDK_CONFIG_DIR}/org.onap.sdnc.props -Dserver.ssl.key-store=${CCSDK_CONFIG_DIR}/org.onap.sdnc.p12 -DLOG_PATH=${LOG_PATH} -jar ${CCSDK_HOME}/lib/${SLIBOOT_JAR}
  
  
diff --git a/sliboot/src/main/resources/truststoreONAPall.jks b/sliboot/src/main/resources/truststoreONAPall.jks

new file mode 100644 (file)

index 0000000..ff844b1

Binary files /dev/null and b/sliboot/src/main/resources/truststoreONAPall.jks differ
author	Agarwal, Ruchira (ra1926) <ra1926@att.com>
	Thu, 9 Apr 2020 16:15:58 +0000 (16:15 +0000)
committer	Agarwal, Ruchira (ra1926) <ra1926@att.com>
	Thu, 9 Apr 2020 16:15:58 +0000 (16:15 +0000)
sliboot/pom.xml		patch \| blob \| history
sliboot/src/main/compose/docker-compose.yaml		patch \| blob \| history
sliboot/src/main/docker/Dockerfile		patch \| blob \| history
sliboot/src/main/resources/application.properties		patch \| blob \| history
sliboot/src/main/resources/org.onap.sdnc.cred.props	[new file with mode: 0644]	patch \| blob
sliboot/src/main/resources/org.onap.sdnc.keyfile	[new file with mode: 0644]	patch \| blob
sliboot/src/main/resources/org.onap.sdnc.p12	[new file with mode: 0644]	patch \| blob
sliboot/src/main/resources/org.onap.sdnc.props	[new file with mode: 0644]	patch \| blob
sliboot/src/main/resources/org.onap.sdnc.trust.jks	[new file with mode: 0644]	patch \| blob
sliboot/src/main/resources/startSliboot.sh		patch \| blob \| history
sliboot/src/main/resources/truststoreONAPall.jks	[new file with mode: 0644]	patch \| blob