From 148dfe2fad4ce4907e15a9d9c923e324a9d4d8d7 Mon Sep 17 00:00:00 2001 From: Ioakeim Samaras Date: Mon, 7 Oct 2019 13:06:00 +0300 Subject: [PATCH] [UI] Enable HTTPs default port The UI should be accessible using the default https (i.e. 443) port. JIRA: VAL-64 Signed-off-by: Ioakeim Samaras Change-Id: I48452327bca0aa7029ecaf69dd9c927ea2a27977 --- docker/README.rst | 3 +-- docker/mysql/deploy.sh | 3 +-- .../deploy_with_existing_persistent_storage.sh | 3 +-- docker/ui/deploy.sh | 8 +++++++- docker/ui/server.xml | 15 ++++++++++----- ui/README.rst | 21 ++++++++++----------- 6 files changed, 30 insertions(+), 23 deletions(-) diff --git a/docker/README.rst b/docker/README.rst index 1708db1..0fff3ed 100644 --- a/docker/README.rst +++ b/docker/README.rst @@ -106,7 +106,6 @@ REGISTRY, registry of the mysql image, default value is akraino NAME, name of the mysql image, default value is validation TAG_PRE, first part of the image version, default value is mysql TAG_VER, last part of the image version, default value is latest -MYSQL_HOST_PORT, port on which mysql is exposed on host, default value is 3307 In order to deploy the container, this script can be executed with the appropriate parameters. @@ -126,7 +125,6 @@ REGISTRY, the registry of the mysql image, default value is akraino NAME, the name of the mysql image, default value is validation TAG_PRE, the first part of the image version, default value is mysql TAG_VER, the last part of the image version, default value is latest -MYSQL_HOST_PORT, the port on which mysql is exposed on host, default value is 3307 In order to deploy the container, this script can be executed with the appropriate parameters. @@ -179,6 +177,7 @@ CERTDIR, the directory where the SSL certificates can be found, default value is ENCRYPTION_KEY, the key that should be used by the AES algorithm for encrypting passwords stored in database, this variable is required UI_ADMIN_PASSWORD, the desired Blueprint Validation UI password for the admin user, this variable is required TRUST_ALL, the variable that defines whether the UI should trust all certificates or not, default value is false +USE_NETWORK_HOST, the variable that defines whether the UI container should run in 'network host' mode or not, default value is "false" Note that, for a functional UI, the following prerequisites are needed: diff --git a/docker/mysql/deploy.sh b/docker/mysql/deploy.sh index 2a62184..ef79b13 100755 --- a/docker/mysql/deploy.sh +++ b/docker/mysql/deploy.sh @@ -30,7 +30,6 @@ REGISTRY=akraino NAME=validation TAG_PRE=mysql TAG_VER=latest -MYSQL_HOST_PORT=3307 while [ $# -gt 0 ]; do if [[ $1 == *"--"* ]]; then @@ -54,5 +53,5 @@ fi IMAGE="$REGISTRY"/"$NAME":"$TAG_PRE"-"$TAG_VER" chmod 0444 "/$(pwd)/mysql.conf" -docker run --detach --name $CONTAINER_NAME --publish $MYSQL_HOST_PORT:3306 -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" -e MYSQL_ROOT_PASSWORD="$MYSQL_ROOT_PASSWORD" -e MYSQL_DATABASE="akraino_bluvalui" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" $IMAGE +docker run --detach --name $CONTAINER_NAME -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" -e MYSQL_ROOT_PASSWORD="$MYSQL_ROOT_PASSWORD" -e MYSQL_DATABASE="akraino_bluvalui" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" $IMAGE sleep 10 diff --git a/docker/mysql/deploy_with_existing_persistent_storage.sh b/docker/mysql/deploy_with_existing_persistent_storage.sh index 13aeaef..7a52f5c 100755 --- a/docker/mysql/deploy_with_existing_persistent_storage.sh +++ b/docker/mysql/deploy_with_existing_persistent_storage.sh @@ -26,7 +26,6 @@ REGISTRY=akraino NAME=validation TAG_PRE=mysql TAG_VER=latest -MYSQL_HOST_PORT=3307 while [ $# -gt 0 ]; do if [[ $1 == *"--"* ]]; then @@ -37,5 +36,5 @@ while [ $# -gt 0 ]; do done IMAGE="$REGISTRY"/"$NAME":"$TAG_PRE"-"$TAG_VER" -docker run --detach --name $CONTAINER_NAME --publish $MYSQL_HOST_PORT:3306 -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" $IMAGE +docker run --detach --name $CONTAINER_NAME -v $DOCKER_VOLUME_NAME:/var/lib/mysql -v "$(pwd)/mysql.conf:/etc/mysql/conf.d/my.cnf" $IMAGE sleep 10 diff --git a/docker/ui/deploy.sh b/docker/ui/deploy.sh index d7970d5..6a0d58f 100755 --- a/docker/ui/deploy.sh +++ b/docker/ui/deploy.sh @@ -37,6 +37,7 @@ CERTDIR=$(pwd) ENCRYPTION_KEY="" UI_ADMIN_PASSWORD="" TRUST_ALL="false" +USE_NETWORK_HOST="false" while [ $# -gt 0 ]; do if [[ $1 == *"--"* ]]; then @@ -73,5 +74,10 @@ fi echo "Note: If there is a password already stored in database, the supplied UI_ADMIN_PASSWORD will be ignored." IMAGE="$REGISTRY"/"$NAME":"$TAG_PRE"-"$TAG_VER" -docker run --detach --name $CONTAINER_NAME --network="host" -v "$(pwd)/server.xml:/usr/local/tomcat/conf/server.xml" -v "$CERTDIR/bluval.key:/usr/local/tomcat/bluval.key" -v "$CERTDIR/bluval.crt:/usr/local/tomcat/bluval.crt" -v "$(pwd)/root_index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp" -e DB_IP_PORT="$DB_IP_PORT" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" -e ENCRYPTION_KEY="$ENCRYPTION_KEY" -e UI_ADMIN_PASSWORD="$UI_ADMIN_PASSWORD" -e TRUST_ALL="$TRUST_ALL" $IMAGE +if [[ $USE_NETWORK_HOST = "true" ]] + then + docker run --detach --name $CONTAINER_NAME --network="host" -v "$(pwd)/server.xml:/usr/local/tomcat/conf/server.xml" -v "$CERTDIR/bluval.key:/usr/local/tomcat/bluval.key" -v "$CERTDIR/bluval.crt:/usr/local/tomcat/bluval.crt" -v "$(pwd)/root_index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp" -e DB_IP_PORT="$DB_IP_PORT" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" -e ENCRYPTION_KEY="$ENCRYPTION_KEY" -e UI_ADMIN_PASSWORD="$UI_ADMIN_PASSWORD" -e TRUST_ALL="$TRUST_ALL" $IMAGE + else + docker run --detach --name $CONTAINER_NAME -v "$(pwd)/server.xml:/usr/local/tomcat/conf/server.xml" -v "$CERTDIR/bluval.key:/usr/local/tomcat/bluval.key" -v "$CERTDIR/bluval.crt:/usr/local/tomcat/bluval.crt" -v "$(pwd)/root_index.jsp:/usr/local/tomcat/webapps/ROOT/index.jsp" -e DB_IP_PORT="$DB_IP_PORT" -e MYSQL_USER="$MYSQL_USER" -e MYSQL_PASSWORD="$MYSQL_PASSWORD" -e JENKINS_URL="$JENKINS_URL" -e JENKINS_USERNAME="$JENKINS_USERNAME" -e JENKINS_USER_PASSWORD="$JENKINS_USER_PASSWORD" -e JENKINS_JOB_NAME="$JENKINS_JOB_NAME" -e NEXUS_PROXY="$NEXUS_PROXY" -e JENKINS_PROXY="$JENKINS_PROXY" -e ENCRYPTION_KEY="$ENCRYPTION_KEY" -e UI_ADMIN_PASSWORD="$UI_ADMIN_PASSWORD" -e TRUST_ALL="$TRUST_ALL" $IMAGE +fi sleep 10 diff --git a/docker/ui/server.xml b/docker/ui/server.xml index 969d62b..801b98f 100644 --- a/docker/ui/server.xml +++ b/docker/ui/server.xml @@ -50,9 +50,14 @@ - + Define an SSL/TLS Connector on port 8443 for backwards compatibility--> + @@ -69,7 +74,7 @@ clientAuth="false" sslProtocol="TLS" />--> + redirectPort="443" />