--- /dev/null
+#
+# ============LICENSE_START=======================================================
+# Copyright (C) 2022 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+FROM golang:latest
+RUN mkdir /app
+COPY ./rapps-webhook /app
+RUN chmod +x /app/rapps-webhook
+WORKDIR /app
+ENTRYPOINT ["/app/rapps-webhook"]
# ============LICENSE_END=========================================================
#
This collection of files represent rapp service exposure prototyping in O-RAN.
-Prerequisites: Istio should be installed on your cluster with the demo profile.
+Prerequisites: Istio should be installed on your cluster with the demo profile. You may need to add istioctl to you $PATH variable.
istioctl install --set profile=demo
Please refer to the istio documentation for more information.
You will also need cfssl installed on your system: sudo apt install golang-cfssl
or change them to match your own setup.
-The certs directory contains 3 shell scripts for creating the server, client and webhook certs: server_certs.sh, client_certs.sh and webhook-certs.sh
+The certs directory contains 3 shell scripts for creating the server, client and webhook certs: server_certs.sh, client_certs.sh and webhook_certs.sh
Certs generated by the server_certs.sh script: rootCA.crt, tls.crt and tls.key go in the "/var/keycloak/certs" directory
-Certs generated by the client_certs.sh script: client.crt, client.key, client_pub.key and rootCA.crt go in the "/var/rapps/certs" directory
-The webhook-certs.sh script generates certs for use in the MutatingWebhookConfiguration.yaml and the rapps-webhook.yaml files.
+Certs generated by the client_certs.sh script: client.crt, client.key and rootCA.crt go in the "/var/rapps/certs" directory
+The webhook_certs.sh script generates certs for use in the MutatingWebhookConfiguration.yaml and the rapps-webhook.yaml files.
To configure MutatingWebhookConfiguration.yaml run the following commands:
1. ca_pem_b64="$(openssl base64 -A <"./certs/ca.pem")"
2. sed -i 's/${CA_PEM_B64}/'"$ca_pem_b64"'/g' MutatingWebhookConfiguration.yaml
#
-CLIENT_SUBJECT="/C=IE/ST=/L=/O=/OU=Keycloak/CN=localhost/emailAddress=client@mail.com"
+CLIENT_SUBJECT="/C=IE/ST=Dublin/L=Dublin/O=Keycloak/OU=Keycloak/CN=localhost/emailAddress=client@mail.com"
PW=changeit
echo $PW > secretfile.txt
#
-CA_SUBJECT="/C=IE/ST=/L=/O=/OU=Keycloak/CN=localhost/emailAddress=ca@mail.com"
-SERVER_SUBJECT="/C=IE/ST=/L=/O=/OU=Keycloak/CN=localhost/emailAddress=server@mail.com"
+CA_SUBJECT="/C=IE/ST=Dublin/L=Dublin/O=Keycloak/OU=Keycloak/CN=localhost/emailAddress=ca@mail.com"
+SERVER_SUBJECT="/C=IE/ST=Dublin/L=Dublin/O=Keycloak/OU=Keycloak/CN=localhost/emailAddress=server@mail.com"
PW=changeit
echo $PW > secretfile.txt
kind: Secret
metadata:
name: webhook-cert
+ namespace: default
type: Opaque
data:
tls.crt: $(cat webhook-cert.pem | base64 | tr -d '\n')
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
#
-export host=$(minikube ip)
+export host=$(kubectl get nodes -o wide | tail -1 | sed s'/ */ /'g | cut -f6 -d' ')
if [ -z "$1" ]
then
kind: Service
metadata:
name: keycloak
+ namespace: default
labels:
app: keycloak
spec:
kind: Gateway
metadata:
name: kcgateway
+ namespace: default
spec:
selector:
istio: ingressgateway # use istio default ingress gateway
kind: VirtualService
metadata:
name: keycloak-tls-vs
+ namespace: default
spec:
hosts:
- keycloak.oran.org
kind: VirtualService
metadata:
name: keycloak-vs
+ namespace: default
spec:
hosts:
- "*"
kind: ConfigMap
metadata:
name: db-init
+ namespace: default
data:
init.sql: |
SELECT 'CREATE DATABASE capif'
func addToRepo(url string) (string, error) {
repoFile := settings.RepositoryConfig
+ fmt.Printf("Repo File %s\n", repoFile)
//Ensure the file directory exists as it is required for file locking
err := os.MkdirAll(filepath.Dir(repoFile), os.ModePerm)
install := action.NewInstall(actionConfig)
+ fmt.Printf("Repo Name: %s\n",repoName)
+ fmt.Printf("Chart Name: %s\n",chartName)
cp, err := install.ChartPathOptions.LocateChart(fmt.Sprintf("%s/%s", repoName, chartName), settings)
+ fmt.Printf("Chart location: %s\n",cp)
chartRequested, err = loader.Load(cp)
id serial PRIMARY KEY,
name VARCHAR ( 50 ) UNIQUE NOT NULL,
type VARCHAR ( 50 ) NOT NULL,
- created_on TIMESTAMP DEFAULT NOW()
+ created_on TIMESTAMP DEFAULT NOW()
);`
_, err = db.Exec(createStmt)
if err != nil {
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
#
-export host=$(minikube ip)
echo "Deploying applications..."
echo "-------------------------"
# ============LICENSE_END=========================================================
#
-export host=$(minikube ip)
+export host=$(kubectl get nodes -o wide | tail -1 | sed s'/ */ /'g | cut -f6 -d' ')
echo "Undeploying applications..."
echo "---------------------------"
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
#
-export host=$(minikube ip)
+export host=$(kubectl get nodes -o wide | tail -1 | sed s'/ */ /'g | cut -f6 -d' ')
if [ -z "$1" ]
then