From b1d591a44cff18023928ec786d06115118b622d5 Mon Sep 17 00:00:00 2001
From: demx8as6 <martin.skorupski@highstreet-technologies.com>
Date: Sat, 29 Jan 2022 16:24:57 +0100
Subject: [PATCH] Modify docker-compose configuration

- ensure https to identity using external port 8463

IssueID: OAM-246
Change-Id: I7f04ac00d9f68024dfbcf019c2d18c54d9a64a35
Signed-off-by: demx8as6 <martin.skorupski@highstreet-technologies.com>
---
 solution/integration/smo/common/.env               |  4 +--
 solution/integration/smo/common/docker-compose.yml |  5 +--
 solution/integration/smo/common/identity/config.py |  2 +-
 .../smo/common/identity/o-ran-sc-realm.json        |  3 +-
 solution/integration/smo/oam/.env                  |  2 +-
 .../smo/oam/sdnr/oauth-provider.config.json        | 41 +++++++++++-----------
 6 files changed, 29 insertions(+), 28 deletions(-)

diff --git a/solution/integration/smo/common/.env b/solution/integration/smo/common/.env
index ae91017..f0168b0 100644
--- a/solution/integration/smo/common/.env
+++ b/solution/integration/smo/common/.env
@@ -29,8 +29,8 @@ NETWORK_GATEWAY_SMO=2001:db8:1:40::1
 
 # Identity server
 IDENTITY_IMAGE=quay.io/keycloak/keycloak:12.0.4
-IDENTITY_PORT=8081
-IDENTITY_PROVIDER_URL=http://identity:8081
+IDENTITY_PORT=8463
+IDENTITY_PROVIDER_URL=https://identity:8463
 
 # Topology server
 TOPOLOGY_IMAGE=docker.io/hightec/smo-topology-api-v2:2.0.2-SNAPSHOT-20210315T160448Z
diff --git a/solution/integration/smo/common/docker-compose.yml b/solution/integration/smo/common/docker-compose.yml
index e3088fd..0e85bf9 100755
--- a/solution/integration/smo/common/docker-compose.yml
+++ b/solution/integration/smo/common/docker-compose.yml
@@ -19,11 +19,12 @@ services:
     image: ${IDENTITY_IMAGE}
     container_name: identity
     ports: 
-      - ${IDENTITY_PORT}:${IDENTITY_PORT}
+      - ${IDENTITY_PORT}:8443
     environment: 
       - KEYCLOAK_USER=${ADMIN_USERNAME}
       - KEYCLOAK_PASSWORD=${ADMIN_PASSWORD}
-      - JAVA_OPTS=-Djboss.http.port=${IDENTITY_PORT}
+      - JAVA_OPTS=-Djboss.bind.address.private=[::1] -Djboss.bind.address=[::1] -Djava.net.preferIPv6Addresses=true -Djava.net.preferIPv4Stack=false
+      - DB_VENDOR=h2
     networks:
       dmz:
               
diff --git a/solution/integration/smo/common/identity/config.py b/solution/integration/smo/common/identity/config.py
index 65d0d45..9c1ec28 100644
--- a/solution/integration/smo/common/identity/config.py
+++ b/solution/integration/smo/common/identity/config.py
@@ -24,7 +24,7 @@ import getpass
 
 # global configurations
 # TODO: read from ../.env
-base = 'http://localhost:8081'
+base = 'https://identity:8463'
 username = 'admin'
 password = 'Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U'
 realmFile = os.path.dirname(os.path.abspath(__file__)) + '/o-ran-sc-realm.json'
diff --git a/solution/integration/smo/common/identity/o-ran-sc-realm.json b/solution/integration/smo/common/identity/o-ran-sc-realm.json
index c7621d7..97d7b30 100644
--- a/solution/integration/smo/common/identity/o-ran-sc-realm.json
+++ b/solution/integration/smo/common/identity/o-ran-sc-realm.json
@@ -698,7 +698,6 @@
       "clientAuthenticatorType": "client-secret",
       "secret": "2a64fdca-c205-4b52-9f58-195ccc142ddb",
       "redirectUris": [
-        "http://localhost:8081/*",
         "https://sdnc-web:8453/*"
       ],
       "webOrigins": [],
@@ -2151,4 +2150,4 @@
   },
   "keycloakVersion": "12.0.4",
   "userManagedAccessAllowed": false
-}
+}
\ No newline at end of file
diff --git a/solution/integration/smo/oam/.env b/solution/integration/smo/oam/.env
index c21df2b..d049b01 100644
--- a/solution/integration/smo/oam/.env
+++ b/solution/integration/smo/oam/.env
@@ -28,7 +28,7 @@ NETWORK_SUBNET_OAM_IPv6=2001:db8:1:50::/96
 NETWORK_GATEWAY_OAM_IPv6=2001:db8:1:50::1
 
 # Identity server
-IDENTITY_PROVIDER_URL=http://identity:8081
+IDENTITY_PROVIDER_URL=https://identity:8463
 
 # SDN Controller
 SDNC_IMAGE=nexus3.onap.org:10001/onap/sdnc-image:2.2.3
diff --git a/solution/integration/smo/oam/sdnr/oauth-provider.config.json b/solution/integration/smo/oam/sdnr/oauth-provider.config.json
index 9f608f5..7f17f68 100644
--- a/solution/integration/smo/oam/sdnr/oauth-provider.config.json
+++ b/solution/integration/smo/oam/sdnr/oauth-provider.config.json
@@ -1,23 +1,24 @@
 {
-	"tokenSecret": "my-secret",
-	"tokenIssuer": "ONAP-SDNC",
-	"publicUrl": "${SDNC_WEB_URL}",
-	"redirectUri": "/odlux/index.html#/oauth?token=",
-	"supportOdlUsers": "true",
-	"providers": [
-		{
-			"id": "identity",
-			"type": "KEYCLOAK",
-			"url": "http://identity:8081",
-			"clientId": "odlux.app",
-			"secret": "2a64fdca-c205-4b52-9f58-195ccc142ddb",
-			"scope": "openid",
-			"title": "ONAP-IDENTITY",
-			"roleMapping": {
-				"administration": "admin"
-			},
-			"realmName": "onap",
-            "trustAll": "true"
+  "tokenSecret": "my-secret",
+  "tokenIssuer": "ONAP-SDNC",
+  "publicUrl": "https://sdnc-web:8453",
+  "redirectUri": "/odlux/index.html#/oauth?token=",
+  "supportOdlUsers": "true",
+  "providers": [
+    {
+      "id": "identity",
+      "type": "KEYCLOAK",
+      "url": "https://identity:8463",
+      "internalUrl": "https://identity:8443",
+      "clientId": "odlux.app",
+      "secret": "2a64fdca-c205-4b52-9f58-195ccc142ddb",
+      "scope": "openid",
+      "title": "ONAP-IDENTITY",
+      "roleMapping": {
+        "administration": "admin"
+      },
+      "realmName": "onap",
+      "trustAll": "true"
 		}
 	]
-}
+}
\ No newline at end of file
-- 
2.16.6