Change AAF Certservice CSITs to send requests via HTTPS

[integration/csit.git] / plans / aaf / certservice / docker-compose.yml

diff --git a/plans/aaf/certservice/docker-compose.yml b/plans/aaf/certservice/docker-compose.yml
index ae7ee87..dcac7df 100644 (file)
--- a/plans/aaf/certservice/docker-compose.yml
+++ b/plans/aaf/certservice/docker-compose.yml
@@ -10,9 +10,6 @@ services:
       - "443:8443"
     volumes:
       - $SCRIPTS_PATH:/opt/primekey/scripts
-    command: bash -c "
-      /opt/primekey/bin/start.sh
-      "
     healthcheck:
       test: ["CMD-SHELL", "curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth"]
       interval: 20s
@@ -21,16 +18,25 @@ services:
     networks:
       - certservice
 
-  certservice:
+  aaf-cert-service:
     image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:latest
     volumes:
       - $CONFIGURATION_PATH:/etc/onap/aaf/certservice/cmpServers.json
-    container_name: aafcert
+      - ./certs/truststore.jks:/etc/onap/aaf/certservice/certs/truststore.jks
+      - ./certs/root.crt:/etc/onap/aaf/certservice/certs/root.crt
+      - ./certs/certServiceServer-keystore.jks:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.jks
+      - ./certs/certServiceServer-keystore.p12:/etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12
+    container_name: aafcert-service
     ports:
-      - "8080:8080"
+      - "8443:8443"
     depends_on:
       ejbca:
         condition: service_healthy
+    healthcheck:
+      test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/aaf/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/aaf/certservice/certs/certServiceServer-keystore.p12 --pass secret"]
+      interval: 10s
+      timeout: 3s
+      retries: 15
     networks:
       - certservice