Gitiles
Code Review Sign In
gerrit.nordix.org / oransc / nonrtric / a9a369f89f777bbc830aee80f49f39b1513cba87^! / .
commita9a369f89f777bbc830aee80f49f39b1513cba87[log] [tgz]
authorRehanRaza <muhammad.rehan.raza@est.tech>Mon Jun 29 12:06:17 2020 +0200
committerRehanRaza <muhammad.rehan.raza@est.tech>Mon Jun 29 12:06:22 2020 +0200
tree7d4c524af8b97a7e8dee196ba70e8b959713f0e8
parent3483a78c55f1830dd0aa28f789ddf817ea1358c0 [diff]
Update docker-compose for configurable certs

Change-Id: Iebf697c6f0a0e2d62e05afad2996f1eadefab297
Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>

diff --git a/docker-compose/nosdnc/config/application.yaml b/docker-compose/nosdnc/config/application-policyagent.yaml
similarity index 79%
rename from docker-compose/nosdnc/config/application.yaml
rename to docker-compose/nosdnc/config/application-policyagent.yaml
index c0ddfb5..e9146e0 100755
--- a/docker-compose/nosdnc/config/application.yaml
+++ b/docker-compose/nosdnc/config/application-policyagent.yaml

@@ -25,13 +25,13 @@
    ssl:
       key-store-type: JKS
       key-store-password: policy_agent
-      key-store: classpath:keystore.jks
+      key-store: /opt/app/policy-agent/etc/cert/keystore.jks
       key-password: policy_agent
       key-alias: policy_agent
 app:
-  filepath: /opt/app/policy-agent/config/application_configuration.json
+  filepath: /opt/app/policy-agent/data/application_configuration.json
   webclient:
     trust-store-used: false
     trust-store-password: policy_agent
-    trust-store: classpath:keystore.jks
+    trust-store: /opt/app/policy-agent/etc/cert/truststore.jks
 

diff --git a/docker-compose/nosdnc/docker-compose.yml b/docker-compose/nosdnc/docker-compose.yml
index 043ecde..aa83c7a 100644
--- a/docker-compose/nosdnc/docker-compose.yml
+++ b/docker-compose/nosdnc/docker-compose.yml

@@ -26,7 +26,12 @@
       - 8081:8081
       - 8433:8433
     volumes:
-      - ./config:/opt/app/policy-agent/config:ro
+      - ./config/application_configuration.json:/opt/app/policy-agent/data/application_configuration.json:ro
+    # For using own certs instead of the default ones (built into the container),
+    # place them in config/ directory, update the application-policyagent.yaml file, and uncomment the following lines
+    #  - ./config/keystore-policyagent.jks:/opt/app/policy-agent/etc/cert/keystore.jks:ro
+    #  - ./config/truststore-policyagent.jks:/opt/app/policy-agent/etc/cert/truststore.jks:ro
+    #  - ./config/application-policyagent.yaml:/opt/app/policy-agent/config/application.yaml:ro
 
   a1-sim-OSC:
     image: nexus3.o-ran-sc.org:10004/o-ran-sc/a1-simulator:2.0.0

diff --git a/docker-compose/nosdnc/config/application.yaml b/docker-compose/sdnc/config/application-policyagent.yaml
similarity index 79%
copy from docker-compose/nosdnc/config/application.yaml
copy to docker-compose/sdnc/config/application-policyagent.yaml
index c0ddfb5..e9146e0 100755
--- a/docker-compose/nosdnc/config/application.yaml
+++ b/docker-compose/sdnc/config/application-policyagent.yaml

@@ -25,13 +25,13 @@
    ssl:
       key-store-type: JKS
       key-store-password: policy_agent
-      key-store: classpath:keystore.jks
+      key-store: /opt/app/policy-agent/etc/cert/keystore.jks
       key-password: policy_agent
       key-alias: policy_agent
 app:
-  filepath: /opt/app/policy-agent/config/application_configuration.json
+  filepath: /opt/app/policy-agent/data/application_configuration.json
   webclient:
     trust-store-used: false
     trust-store-password: policy_agent
-    trust-store: classpath:keystore.jks
+    trust-store: /opt/app/policy-agent/etc/cert/truststore.jks
 

diff --git a/docker-compose/sdnc/config/application.yaml b/docker-compose/sdnc/config/application.yaml
deleted file mode 100755
index c0ddfb5..0000000
--- a/docker-compose/sdnc/config/application.yaml
+++ /dev/null

@@ -1,37 +0,0 @@
-spring:
-  profiles:
-    active: prod
-  main:
-    allow-bean-definition-overriding: true
-  aop:
-    auto: false
-management:
-  endpoints:
-    web:
-      exposure:
-        include: "loggers,logfile,health,info,metrics,threaddump,heapdump"
-
-logging:
-  level:
-    ROOT: ERROR
-    org.springframework: ERROR
-    org.springframework.data: ERROR
-    org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR
-    org.oransc.policyagent: INFO
-  file: /var/log/policy-agent/application.log
-server:
-   port : 8433
-   http-port: 8081
-   ssl:
-      key-store-type: JKS
-      key-store-password: policy_agent
-      key-store: classpath:keystore.jks
-      key-password: policy_agent
-      key-alias: policy_agent
-app:
-  filepath: /opt/app/policy-agent/config/application_configuration.json
-  webclient:
-    trust-store-used: false
-    trust-store-password: policy_agent
-    trust-store: classpath:keystore.jks
-

diff --git a/docker-compose/sdnc/config/https-props-a1controller.properties b/docker-compose/sdnc/config/https-props-a1controller.properties
new file mode 100644
index 0000000..e3155c5
--- /dev/null
+++ b/docker-compose/sdnc/config/https-props-a1controller.properties

@@ -0,0 +1,24 @@
+# ========================LICENSE_START=================================
+# O-RAN-SC
+# %%
+# Copyright (C) 2020 Nordix Foundation
+# %%
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ========================LICENSE_END===================================
+
+key-store=/etc/ssl/certs/java/keystore.jks
+key-password=sdnc-a1-controller
+keystore-password=sdnc-a1-controller
+isTrustStoreUsed=true
+trust-store=/etc/ssl/certs/java/truststore.jks
+truststore-password=sdnc-a1-controller

diff --git a/docker-compose/sdnc/docker-compose.yml b/docker-compose/sdnc/docker-compose.yml
index f12f08c..1b5a296 100644
--- a/docker-compose/sdnc/docker-compose.yml
+++ b/docker-compose/sdnc/docker-compose.yml

@@ -26,7 +26,12 @@
       - 8081:8081
       - 8433:8433
     volumes:
-      - ./config:/opt/app/policy-agent/config:ro
+      - ./config/application_configuration.json:/opt/app/policy-agent/data/application_configuration.json:ro
+    # For using own certs instead of the default ones (built into the container),
+    # place them in config/ directory, update the application-policyagent.yaml file, and uncomment the following lines
+    #  - ./config/keystore-policyagent.jks:/opt/app/policy-agent/etc/cert/keystore.jks:ro
+    #  - ./config/truststore-policyagent.jks:/opt/app/policy-agent/etc/cert/truststore.jks:ro
+    #  - ./config/application-policyagent.yaml:/opt/app/policy-agent/config/application.yaml:ro
 
   a1-sim-OSC:
     image: nexus3.o-ran-sc.org:10004/o-ran-sc/a1-simulator:2.0.0
@@ -97,6 +102,12 @@
     environment:
       - MYSQL_ROOT_PASSWORD=openECOMP1.0
       - SDNC_CONFIG_DIR=/opt/onap/sdnc/data/properties
+    # For using own certs instead of the default ones (built into the container),
+    # place them in config/ directory, update the https-props-a1controller.properties file, and uncomment the following lines
+    #volumes:
+    #  - ./config/keystore-a1controller.jks:/etc/ssl/certs/java/keystore.jks:ro
+    #  - ./config/truststore-a1controller.jks:/etc/ssl/certs/java/truststore.jks:ro
+    #  - ./config/https-props-a1controller.properties:/opt/onap/sdnc/data/properties/https-props.properties:ro
     logging:
       driver:   "json-file"
       options: