diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index c0b0923cec742ef7362b8671174ef15dcceef2d4..68251f3e0c9b7736d67f8f43391833f9f048104e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,77 +1,20 @@ +image: docker:latest +services: +- docker:dind stages: - - build - - dev - - validation - +- build +variables: + TEST_IMAGE: registry.vereign.com/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME:$CI_COMMIT_REF_NAME + TEST_IMAGE_SHA: registry.vereign.com/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME:$CI_COMMIT_SHA + RELEASE_IMAGE: registry.vereign.com/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME:latest +before_script: + - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN registry.vereign.com build: stage: build - image: golang:1.10.3 - before_script: - - ssh-keyscan code.vereign.com >> ~/.ssh/known_hosts - - chmod 644 ~/.ssh/known_hosts - - git config --global url."ssh://git@code.vereign.com".insteadOf https://code.vereign.com - - export GOPATH="/home/gitlab-runner/go" - - export GOROOT="/usr/local/go" - - export PATH=$PATH:/home/gitlab-runner/go/bin:/usr/local/go/bin - - cd $GOPATH/src - - rm -rf code.vereign.com/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME - - mkdir -p code.vereign.com/$CI_PROJECT_NAMESPACE - - cd code.vereign.com/$CI_PROJECT_NAMESPACE - - cp -rf $CI_PROJECT_DIR $CI_PROJECT_NAME - - cd $CI_PROJECT_NAME - - rm -rf $GOPATH/pkg Gopkg.lock vendor - script: - - make - -dev: - stage: dev - only: - - master - tags: - - dev - before_script: - - ssh-keyscan code.vereign.com >> ~/.ssh/known_hosts - - chmod 644 ~/.ssh/known_hosts - - git config --global url."ssh://git@code.vereign.com".insteadOf https://code.vereign.com - - export GOPATH="/home/gitlab-runner/go" - - export GOROOT="/usr/local/go" - - export PATH="/home/gitlab-runner/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/gradle/gradle-4.7-rc-1/bin:/usr/local/bin/node/bin/:/root/bin" - - cd $GOPATH/src - - echo $CI_PROJECT_NAMESPACE - - echo $CI_PROJECT_NAME - - set +e - - ls -la code.vereign.com/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME - - set -e - - rm -rf code.vereign.com/$CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME - - mkdir -p code.vereign.com/$CI_PROJECT_NAMESPACE - - cd code.vereign.com/$CI_PROJECT_NAMESPACE - - cp -rf $CI_PROJECT_DIR $CI_PROJECT_NAME - - cd $CI_PROJECT_NAME - - rm -rf $GOPATH/pkg Gopkg.lock vendor - - script: - - make - - set +e - - cat $HOME/tmp/restful-api.pid - - ./kill.sh - - set -e - - ./run.sh - - ps aux | grep $CI_PROJECT_NAME - -validation: - stage: validation - only: - - master tags: - - dev - before_script: - - ssh-keyscan code.vereign.com >> ~/.ssh/known_hosts - - chmod 644 ~/.ssh/known_hosts - - git config --global url."ssh://git@code.vereign.com".insteadOf https://code.vereign.com - - cd /root/development/go/src/code.vereign.com/testing/framework - - git pull - - export GOPATH="/home/gitlab-runner/go" - - export GOROOT="/usr/local/go" - - export PATH="/home/gitlab-runner/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/gradle/gradle-4.7-rc-1/bin:/usr/local/bin/node/bin/:/root/bin" + - hv2 script: - - sudo env PATH=$PATH gradle cucumber -Penv=local -Ptags=@smoke,~@wip + - docker build --build-arg CI_PROJECT_NAME=$CI_PROJECT_NAME --build-arg CI_JOB_TOKEN=$CI_JOB_TOKEN --pull -t $TEST_IMAGE -f Dockerfile . + - docker push $TEST_IMAGE + - docker tag $TEST_IMAGE $TEST_IMAGE_SHA + - docker push $TEST_IMAGE_SHA diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000000000000000000000000000000000000..e7b316013ab7663380460a72548a4a180384d01b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,33 @@ +FROM registry.vereign.com/docker/go-with-dep:master + +#RUN echo deb http://deb.debian.org/debian buster main > /etc/apt/sources.list.d/buster.list \ +# && apt-get update \ +# && apt-get install -y --no-install-recommends npm zlib1g-dev + +ENV GOPATH /srv/ +ENV SERVER_OUT "bin/server" +ENV SERVER_PKG_BUILD ${PKG} + +ARG CI_JOB_TOKEN +ARG CI_PROJECT_NAME + +ENV CI_PROJECT_NAME ${CI_PROJECT_NAME} + +RUN echo project is $CI_PROJECT_NAME && mkdir -p /srv/src/code.vereign.com/code/$CI_PROJECT_NAME + +COPY . /srv/src/code.vereign.com/code/$CI_PROJECT_NAME/ + +RUN cd /srv/src/code.vereign.com/code/$CI_PROJECT_NAME && \ + git config --global credential.https://code.vereign.com.username gitlab-ci-token && \ + git config --global credential.helper "store --file /tmp/store" && \ + echo https://gitlab-ci-token:$CI_JOB_TOKEN@code.vereign.com > /tmp/store && cat /tmp/store && \ + export PKG=code.vereign.com/code/$CI_PROJECT_NAME && \ + make && rm /tmp/store + +#FROM debian:stretch +#RUN mkdir -p /srv/src/code.vereign.com/code/ +#COPY --from=0 /srv/src/code.vereign.com/code/data-storage-agent /srv/src/code.vereign.com/code/ +#RUN find /srv/src/code.vereign.com/code/ + +ENTRYPOINT /srv/src/code.vereign.com/code/$CI_PROJECT_NAME/bin/server + diff --git a/Gopkg.toml b/Gopkg.toml index 8e8e9943dd0a00009a9626d49bf8a20ae8e28e05..03a94e1964d1cdfa64dcc83d1bfc36c4cf1e1249 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -1,5 +1,5 @@ [[constraint]] - branch = "master" + branch = "ci" name = "code.vereign.com/code/viam-apis" [[constraint]] diff --git a/cert/server.crt b/cert/server.crt deleted file mode 100644 index ffc52d260e9fac51405c58e02317690c9e79cfa2..0000000000000000000000000000000000000000 --- a/cert/server.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDPjCCAiYCCQDpx954xyvbgjANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJG -UjEMMAoGA1UECAwDaWRmMQ4wDAYDVQQHDAVQYXJpczESMBAGA1UECgwJUGFudG9t -YXRoMQwwCgYDVQQLDANub2MxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xNzEwMDUx -NTI5MzZaFw0yNzEwMDMxNTI5MzZaMGExCzAJBgNVBAYTAkZSMQwwCgYDVQQIDANp -ZGYxDjAMBgNVBAcMBVBhcmlzMRIwEAYDVQQKDAlQYW50b21hdGgxDDAKBgNVBAsM -A25vYzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEA9UFeeiJ5Gyi5MZGEI0ME8v4IikVByiBgwqn6PH/bYuJwRoR3acZg -tiiMS1pyfUBSQ2iTLRzrkvFd5rXByXWK4+6MeqYdAzAyQzgk6/1U58oPzGrZCRYe -b3Bm7QvS9rl00keO37gE8ETpatL8rCQt9Qsl88ah1BfCVuDdFtBdOW2Qz1i6qGUv -pkTSJDZBmE3gjWGHIp4UjcdshFlTEjmFfcKtNJtMuhnKZIgo6KZcN1Trvyf4aUUM -zQbPFm2jGd5lUFZJQvSQ00k+TF4YrbuDVfhozoxBrbsoaRXkVWVYC1fYey89FY1n -9zFyxB6OF32EIry4Kn5Tu6AG9+9z/CU3gwIDAQABMA0GCSqGSIb3DQEBCwUAA4IB -AQDUeByNiVS/XZgc4BXO5JPXY98orVZKfXEEWKzMfzPDxW925k2IpnnCpT4WkAe4 -sUR7C5efGPyv0TMTzNeXGrkB7lK/9WGWRrlR/bI0kdad7/p7Qx+5hC/nE2HWZYQo -5JYj8tEfetY3aV64rFllcq2hfI71dMML05GwoVaKaMc9Q1ccwIZAbkXR2Sifwsn9 -+UNNsP5hR+7kQh+Dqd/+qEySp1+0ZJ1LmRmRes37MlJI9KSoC1uANwcB5+4ZFrba -LHrkszk9nxk09Y/tLGYlvvf23y1BdhcqT2EbUZX7jD/jEDC0kZ5yxDE1UDk+pnZp -UaEcVsgg/b9dMESt38f6ICK/ ------END CERTIFICATE----- diff --git a/cert/server.csr b/cert/server.csr deleted file mode 100644 index 5662bf115417fa8cc05a5c987aa46e4bfbb229dd..0000000000000000000000000000000000000000 --- a/cert/server.csr +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICpjCCAY4CAQAwYTELMAkGA1UEBhMCRlIxDDAKBgNVBAgMA2lkZjEOMAwGA1UE -BwwFUGFyaXMxEjAQBgNVBAoMCVBhbnRvbWF0aDEMMAoGA1UECwwDbm9jMRIwEAYD -VQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1 -QV56InkbKLkxkYQjQwTy/giKRUHKIGDCqfo8f9ti4nBGhHdpxmC2KIxLWnJ9QFJD -aJMtHOuS8V3mtcHJdYrj7ox6ph0DMDJDOCTr/VTnyg/MatkJFh5vcGbtC9L2uXTS -R47fuATwROlq0vysJC31CyXzxqHUF8JW4N0W0F05bZDPWLqoZS+mRNIkNkGYTeCN -YYcinhSNx2yEWVMSOYV9wq00m0y6GcpkiCjoplw3VOu/J/hpRQzNBs8WbaMZ3mVQ -VklC9JDTST5MXhitu4NV+GjOjEGtuyhpFeRVZVgLV9h7Lz0VjWf3MXLEHo4XfYQi -vLgqflO7oAb373P8JTeDAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAES8c7EOs -rU0eu3whtUumllhotNvvqBP4x46arQQE2ud0GkLkxvxqbUuGQxLWi5KCcdads+Cx -EramC/UAUgAFFj8Ll1EuSZxy1+sb5GL00uJMxatpDBHwr78fhllAWkM7jiZbh2ad -FHOg9kQcDtdfFB6XP7JM7uiXluEQRyxIutoOzIkhZZva6zg/7iWE+u6DGz3r8dWQ -WNH8gsWA3D85ZyTDVrCvp6omGx35pzwuQOoWH6nO3dCsR2smf58ShnMtE+c6uLbF -qoZRTXGAiCaH3/Cn3TXkcrclZdneCCOWidHG2ICTsTqfujDYz/CCYM23AGkqQb1Y -QMQl0LGZ+k+HAQ== ------END CERTIFICATE REQUEST----- diff --git a/cert/server.key b/cert/server.key deleted file mode 100644 index e4633619d4877c9d199a723e3334cf887dece536..0000000000000000000000000000000000000000 --- a/cert/server.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpgIBAAKCAQEA9UFeeiJ5Gyi5MZGEI0ME8v4IikVByiBgwqn6PH/bYuJwRoR3 -acZgtiiMS1pyfUBSQ2iTLRzrkvFd5rXByXWK4+6MeqYdAzAyQzgk6/1U58oPzGrZ -CRYeb3Bm7QvS9rl00keO37gE8ETpatL8rCQt9Qsl88ah1BfCVuDdFtBdOW2Qz1i6 -qGUvpkTSJDZBmE3gjWGHIp4UjcdshFlTEjmFfcKtNJtMuhnKZIgo6KZcN1Trvyf4 -aUUMzQbPFm2jGd5lUFZJQvSQ00k+TF4YrbuDVfhozoxBrbsoaRXkVWVYC1fYey89 -FY1n9zFyxB6OF32EIry4Kn5Tu6AG9+9z/CU3gwIDAQABAoIBAQDcQdXAaD9NRdh0 -DNSX+nNyavRugV5hUYy0poTmWolDmEru+b5oj1GBpo7Aib0ygVaf1UYACO4D7KLB -NNCRxe9zXmRpLc/2cg1h0wVNrxjWheCEXB0IjQXOXSsCjlDrZYjl5IAKqTA+PBVI -660iR+fCHz35XZUubhwJfC7yczSWAe8nlnFHrcUzSeqLctI18JGsq3hDf5Fy+97+ -4uuJFPwQ0mLsgOdzKvCB79ecSZdQ18hkidgpnARaM1sI501b1Tp/uUQOLUmdVnvh -/MFEWndm1th3i+gMotsBwrBCyPPeWVrcvKI2sf0LJmgaMl4/sBB0UsSKLhcbBLsj -jvABikmJAoGBAP1z/WeNDaEaypXBSOKZlMu9YuPOemS2DY5GEc204Fi0dYNDlMEh -CAu7mEsEvH66hwKn+xMnpb5hIuxQv3/2hUFTME9au2htj2MX0+qk1bqMQMlDEdda -WWybxy+jW1mYJFMVHFwAAE7hXS5peH9ZCihAu/szYt8zPdZ4X3EEEqqfAoGBAPe4 -Slp2GVd742ZA3VBpfv6802C/DA98gIdHqWNF5vJzi1HU29m+2zY6mMGl9CP3ICeX -gLL6a3bqIc8aPgJ8ULAhegKOcFqruhGFIjmd+FPRtwjiYC9jJRXbMUSmTrR0XsxG -GkK2UmBNxVNGUj++1hwji39OfsMnf6OvfVhnmOydAoGBAJk5OgUUHR08WSTXyPxU -5MOXJuWZuhyQgvl0GudFZiu6TSCiBpgLJBYTvyn7HwluMpjEfOFDosvJZZd/6YWu -vziS1i3jKFEliv3ZNeAw7pTsnW4PAgYzNMSYGH8QPvWXKL6hkJd92LHXRMH+OT6j -0aQsHnjqw+czzzqNYwWr9Kz5AoGBAKvxBeLuUD6x5jAGW9dBsn08MXfYg5WINGox -qngWf+vPmWdOWN81o1BrsbXP67q/AFmaxiD0wnzCnH701w/Am/z074wws/mrcrZQ -c2YMqN39FY+cGWkq5wXZo8Pjr4N/toERM48Un+7qbEmV6OcIHfNgFKZjpIbutqC1 -4UnodnPdAoGBANzcLKz99NXBBuAiYHgmOckh6I2RCcORgE6WDbj57qrdMco0NToU -wU9ute0SBEm6VEnBf9i3jlrPZr69f3VT4OFWeo9RoHkVmVDD+LEY5P7xqftj/XZy -2r+uvgkqZWBC3rpAORGq3F7MgD4nFcyssFKwylEGyCVCfyGIsv5+ZKMr ------END RSA PRIVATE KEY----- diff --git a/cert/vereign_ca.cer b/cert/vereign_ca.cer deleted file mode 100644 index a31db3f657ab135aa4713dd655b0dd8e424a93ca..0000000000000000000000000000000000000000 --- a/cert/vereign_ca.cer +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEdjCCA16gAwIBAgIEW7HqGDANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJD -SDEMMAoGA1UECAwDWnVnMQwwCgYDVQQHDANadWcxEzARBgNVBAoMClZlcmVpZ24g -QUcxFTATBgNVBAsMDEJ1c3NpbmVzIERlcDETMBEGA1UEAwwKdmVyZWlnbi1jYTAe -Fw0xODEwMDEwOTM0MTZaFw0xOTEwMDEwOTM0MTZaMGoxCzAJBgNVBAYTAkNIMQww -CgYDVQQIDANadWcxDDAKBgNVBAcMA1p1ZzETMBEGA1UECgwKVmVyZWlnbiBBRzEV -MBMGA1UECwwMQnVzc2luZXMgRGVwMRMwEQYDVQQDDAp2ZXJlaWduLWNhMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfpPjrblQuxrHiSLAAyyDgRd66gY -PRo7lgKZH5NYcBO9VhJNwnvV+fBIVeJI49b+a12TPHjRzJYrkaBAcUxMM8FkZ01A -mv6JSG4o2ZXV+GWpnWzEJzt9ZXmNZ1MSUlqIGzVZ/eUlXIj4gy57+SZoJURcQGhs -jpoRgUpYnFsDJk2x77jiOa5ym/N+8HKsOabASMU6VkbIFvUqf62RXWpnQlOhFjGo -0jvheRGBWbaYKHM3/d+u78w4tmvHqGVDDbsuOluZ39p2jCic9S7CnDkauZB0Afd/ -xgQ0CglpAgY8g4cfMl2zwRmm616PtutqjcE/NoA2JEVN5vP9QZsuXeRpJwIDAQAB -o4IBIjCCAR4wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwLwYDVR0R -BCgwJoIPd3d3LnZlcmVpZ24uY29tgRNjb250YWN0QHZlcmVpZ24uY29tMBEGA1Ud -IAQKMAgwBgYEVR0gADCBlwYDVR0jBIGPMIGMgBQlN+K7lesKXsDZYQUu4zkqtNBw -rqFupGwwajELMAkGA1UEBhMCQ0gxDDAKBgNVBAgMA1p1ZzEMMAoGA1UEBwwDWnVn -MRMwEQYDVQQKDApWZXJlaWduIEFHMRUwEwYDVQQLDAxCdXNzaW5lcyBEZXAxEzAR -BgNVBAMMCnZlcmVpZ24tY2GCBFux6hgwHQYDVR0OBBYEFCU34ruV6wpewNlhBS7j -OSq00HCuMA0GCSqGSIb3DQEBCwUAA4IBAQCG3tf8/tuCNJXby4B7decDNE6bff40 -1ybO17kzekrKj0IO2TatFIG+UDlxDfm2iydEQVoPuRTAgmJD1aq5g4C0ZLyUqmOg -75Dve6W9+zzxbdI711WKxH+uSj4mTRkFD4Tb7r3VZ1ZyZYnCOMIGB4/lqUK6Ok3a -2v8XaFcxHt5XhrQtgqd5bBGokQfwYPNVZW9FwXf/8cd59prEOnqlMbZJ7copgwYO -97abhpy2FUoRWtvDjDLLfdiFQhVY8meDcS/h5mw2aEugew8hnfSEaD5ZcbOf0ZQe -MOVxKbIzSeUDAFyRY6BPpGVPuJD6QAXRMW6KIWiGoF1taKp5G/nzbzJC ------END CERTIFICATE----- diff --git a/cert/vereign_ca.key b/cert/vereign_ca.key deleted file mode 100644 index cc4d6c9d2838d46507f70a6a8dc76249ddc6eb52..0000000000000000000000000000000000000000 --- a/cert/vereign_ca.key +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCx+k+OtuVC7Gse -JIsADLIOBF3rqBg9GjuWApkfk1hwE71WEk3Ce9X58EhV4kjj1v5rXZM8eNHMliuR -oEBxTEwzwWRnTUCa/olIbijZldX4ZamdbMQnO31leY1nUxJSWogbNVn95SVciPiD -Lnv5JmglRFxAaGyOmhGBSlicWwMmTbHvuOI5rnKb837wcqw5psBIxTpWRsgW9Sp/ -rZFdamdCU6EWMajSO+F5EYFZtpgoczf9367vzDi2a8eoZUMNuy46W5nf2naMKJz1 -LsKcORq5kHQB93/GBDQKCWkCBjyDhx8yXbPBGabrXo+262qNwT82gDYkRU3m8/1B -my5d5GknAgMBAAECggEAWOWEoG2lRNCuzl8FWNB+jTbMLL2I4dg9A/gnQJjJ1y1c -6GV7FpXhMpa8or1EmB0Wdk1GkjFs5WnquDHZjl3EQCOsQVbaWrChpJ51Y/0N46Tv -3BRsQ4ZY43sb0IyzPZQ/oIt8+C7hAv/dVTS+Mpvm8Bpdk8Q02OOGs9QNP4fMInBd -HThActb+DF4FO/fE03nQYlZz2e7dOiPsaiArTvcpR7+5A+zDv88xYM/9+zi0E92o -6zzdWxJjOz8Bp4G2F9E/6V/VCrxfkD8kaX82Kx7k6zz276aGLgBzkPnmGfmzdJ1p -QTdOkSlE3+2qRoPN81TGHdxS3f08k55OqQ9I4vOCrQKBgQDrTC+0roiBGHJ+lhtX -1kTM6j1Lg6BZrjW0UGO0OKXLRUeUbK5oeMK0qab4SGIA4h13nyBh7sfKJbCxqOyT -vJM9B6oAPAk+Dyef/m5dHWvdjg9iVssccwNrPDl8RSBtTNljoTEhx338BDLuLLXa -ybenFTB9R6CdP4Nz6ISxJQrw8wKBgQDBow9SUJa8QdiuGNYt/9ietRHojj0YhUKf -ZvpFccvUYvy5H1qIWCry9kP2YoN38f80JkDyv4XN0WSIi2yU8zKqi/R5Tzg/2rEY -vL33h1taSNv8HU1WSYoLl2/DalWYm8Fz/S+3O2w4ac++FVHPOmAd4QwFsB/UwC0+ -La49C5TT/QKBgQCGz+7hWcJyHLy01HI0IFrpASg/VNoRp+OzPP/zKSWs0jPR0XcX -+mCsPCujQ22LTgJOIEjgc3va0T9sevmZJ8lAhVycp8kv2mT8oT1AcnPzy8n6sPnM -ggUqcqYJEl4i4Y4ILDnHPdJsC0fW+Jz1Du//df+DN//JOLOrPESSbkPXiwKBgBJj -ugDHRol6d2mRUkXsFlZ8O8cqOwMpJLqevQX7WLBC9l1ebOql9O4+FRZBJNsvUF1T -hLeJGNwDFtkg5J8Aub8Yq48Zxu3JhygiRKhNYo+ge8PlxIJ9WW7gYuzcHGTx5d1u -Hin4qr5wzhnvTGWx1Y8A4HNp1pwN5D4TeIizoN7BAoGAUOR+30ZhWYJNwK+Q49Dt -BILzN1y54wHkHZp91H48ZJTXJVOwDJjjMuTSLnAZXOE7iz7e142VSJlQVCA4EISu -fW+4UCbJ1gHfdmglpbbBZ1ZpHcJ2TRZ7qkH5Q0m/ElmdxoYO6Fbs6HMj24tsHU5x -qja+bFr42PiJQ0sArkUw0a4= ------END PRIVATE KEY----- diff --git a/config.yaml.sample b/config.yaml.sample index 0ec5701dd0ea40c10f194f720f069e448cea9857..1ee2d92b8a78a1c7cab3001a72a679b71314c503 100644 --- a/config.yaml.sample +++ b/config.yaml.sample @@ -1,10 +1,32 @@ -dataStorageClientUrl: localhost:7777 -grpcClientUrl: localhost:7877 -restClientUrl: localhost:7878 +# Make sure you have a "config.yaml" file on the root folder of this repo -# Certificate Related Config +# You can use this sample YAML file to configure your installation + +# Connection Information +dataStorageUrl: localhost:7777 +grpcListenAddress: localhost:7877 +restListenAddress: localhost:7878 + +# Choose a certificate method for providing PEM strings +# 1 = Read from file (*.crt and *.key files) +# 2 = Read from Vault server (this will require additional config information for Vault) +certificateMethod: 1 + +# Read Certificates From Folder and Files certDir: cert certFile: server.crt certKey: server.key vereignCertFile: vereign_ca.cer -vereignCertKey: vereign_ca.key \ No newline at end of file +vereignCertKey: vereign_ca.key +caCertFile: ca.crt + +# Maximum Message Size (in megabytes) +maxMessageSize: 32 + +# Read Certificates From Vault Server +vaultAddress: http://10.6.10.119:8200 +vaultToken: 00000000-0000-0000-0000-000000000000 +vaultPath: /developers/data/devteam/cert +certificateKey: certificateKey +privateKey: privateKey +caCertificateKey: caCertificateKey diff --git a/handler/generate_keypair.go b/handler/generate_keypair.go index 19f658283c8ab9b10d05a56bfa9d87d535efbbc2..1a7e20ed3133d461eaaf3be201756b3ffed96382 100644 --- a/handler/generate_keypair.go +++ b/handler/generate_keypair.go @@ -39,7 +39,7 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context, auth := s.CreateAuthentication(ctx) client := &client.DataStorageClientImpl{} - client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath) + client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath, s.MaxMessageSize) defer client.CloseClient() generateKeyPairResponse := &api.GenerateKeyPairResponse{} diff --git a/handler/handler.go b/handler/handler.go index ab527483a014f32cb929b0f099b92b511705ac75..fac6e94d1b167a93fabceb2c157b913340ed6448 100644 --- a/handler/handler.go +++ b/handler/handler.go @@ -36,8 +36,11 @@ import ( type KeyStorageServerImpl struct { DataStorageUrl string CertFilePath string + KeyFilePath string + CaCertFilePath string VereignCertFilePath string VereignPrivateKeyFilePath string + MaxMessageSize int } func (s *KeyStorageServerImpl) CreateAuthentication(ctx context.Context) *authentication.Authentication { @@ -60,7 +63,7 @@ func (s *KeyStorageServerImpl) GetKey(ctx context.Context, in *api.GetKeyRequest auth := s.CreateAuthentication(ctx) client := &client.DataStorageClientImpl{} - client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath) + client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath, s.MaxMessageSize) defer client.CloseClient() getKeyResponse := &api.GetKeyResponse{} @@ -107,7 +110,7 @@ func (s *KeyStorageServerImpl) SetKey(ctx context.Context, in *api.SetKeyRequest auth := s.CreateAuthentication(ctx) client := &client.DataStorageClientImpl{} - client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath) + client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath, s.MaxMessageSize) defer client.CloseClient() setKeyResponse := &api.SetKeyResponse{} @@ -155,7 +158,7 @@ func (s *KeyStorageServerImpl) ReserveKeyUUID(ctx context.Context, in *api.Reser auth := s.CreateAuthentication(ctx) client := &client.DataStorageClientImpl{} - client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath) + client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath, s.MaxMessageSize) defer client.CloseClient() reserveKeyUUIDResponse := &api.ReserveKeyUUIDResponse{} diff --git a/handler/revoke.go b/handler/revoke.go index 8f757b298b6d750587f54e312a3bb8388e8038a7..4522d3585bd5ede0e9326e78941afb7c5f39238e 100644 --- a/handler/revoke.go +++ b/handler/revoke.go @@ -29,7 +29,7 @@ func (s *KeyStorageServerImpl) Revoke(ctx context.Context, in *api.RevokeRequest auth := s.CreateAuthentication(ctx) client := &client.DataStorageClientImpl{} - client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath) + client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath, s.MaxMessageSize) defer client.CloseClient() revokeResponse := &api.RevokeResponse{} diff --git a/kill.sh b/kill.sh deleted file mode 100755 index 40d73ddc80314f22e053c5dd8353dc5c8b233579..0000000000000000000000000000000000000000 --- a/kill.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -PIDFILE="$HOME/tmp/key-storage-agent.pid" -kill -9 `cat $PIDFILE` diff --git a/main.go b/main.go index 076a8b7ac919e1f026a07659d6ca1176b3386b80..b49b48d44fc6fcdbe16ff6d77f136c7927e1beee 100644 --- a/main.go +++ b/main.go @@ -35,19 +35,22 @@ func main() { return } - grpcAddress := viper.GetString("grpcClientUrl") - restAddress := viper.GetString("restClientUrl") - dataStorageAddress := viper.GetString("dataStorageClientUrl") + grpcAddress := viper.GetString("grpcListenAddress") + restAddress := viper.GetString("restListenAddress") + dataStorageAddress := viper.GetString("dataStorageUrl") certFilePath := certDir + "/" + viper.GetString("certFile") privateKeyFilePath := certDir + "/" + viper.GetString("certKey") + caCertFilePath := certDir + "/" + viper.GetString("caCertFile") vereignCertFilePath := certDir + "/" + viper.GetString("vereignCertFile") vereignPrivateKeyFilePath := certDir + "/" + viper.GetString("vereignCertKey") + maxMessageSize := viper.GetInt("maxMessageSize") + // fire the gRPC server in a goroutine go func() { - err := server.StartGRPCServer(grpcAddress, certFilePath, privateKeyFilePath, vereignCertFilePath, - vereignPrivateKeyFilePath, dataStorageAddress) + err := server.StartGRPCServer(grpcAddress, certFilePath, privateKeyFilePath, caCertFilePath, vereignCertFilePath, + vereignPrivateKeyFilePath, dataStorageAddress, maxMessageSize) if err != nil { log.Fatalf("failed to start gRPC server: %s", err) } diff --git a/run.sh b/run.sh deleted file mode 100755 index ddfaeae8a956962a9c11ff73a110f88f18893a07..0000000000000000000000000000000000000000 --- a/run.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -mkdir -p "$HOME/tmp" -PIDFILE="$HOME/tmp/key-storage-agent.pid" - -if [ -e "${PIDFILE}" ] && (ps -u $(whoami) -opid= | - grep -P "^\s*$(cat ${PIDFILE})$" &> /dev/null); then - echo "Already running." - exit 99 -fi - -PATH=$PATH:/usr/local/bin - -nohup $GOPATH/src/code.vereign.com/code/key-storage-agent/bin/server --cert-dir $GOPATH/src/code.vereign.com/code/key-storage-agent/cert > $HOME/key-storage-agent.log 2>&1 & - -echo $! > "${PIDFILE}" -chmod 644 "${PIDFILE}" diff --git a/server/configs.go b/server/configs.go index 635427583f2eeae2fd99fb4263581bd7628bf8b5..d66e379e5d9d5bf3f19626119ee638ac9268b2fb 100644 --- a/server/configs.go +++ b/server/configs.go @@ -9,21 +9,31 @@ func SetConfigValues() { // Set Default Values For Config Variables // Vereign API Related - viper.SetDefault("grpcClientUrl", "localhost:7877") - viper.SetDefault("restClientUrl", "localhost:7878") - viper.SetDefault("dataStorageClientUrl", "localhost:7777") + viper.SetDefault("grpcListenAddress", "localhost:7877") + viper.SetDefault("restListenAddress", "localhost:7878") + viper.SetDefault("dataStorageUrl", "localhost:7777") // Certificates Related viper.SetDefault("certDir", "cert") viper.SetDefault("certFile", "server.crt") viper.SetDefault("certKey", "server.key") + viper.SetDefault("caCertFile", "ca.crt") viper.SetDefault("vereignCertFile", "vereign_ca.cer") viper.SetDefault("vereignCertKey", "vereign_ca.key") + viper.SetDefault("maxMessageSize", "32") + // Read Config File viper.SetConfigName("config") viper.AddConfigPath(".") if err := viper.ReadInConfig(); err != nil { log.Printf("can't read config: %s, will use default values", err) } + + // Print all config values to log file + log.Printf("All Settings From Config:") + as := viper.AllSettings() + for key, _ := range as { + log.Printf("%s => %s", key, viper.GetString(key)) + } } \ No newline at end of file diff --git a/server/server.go b/server/server.go index 8a58bd72c851ee9f855224963509fbb48c2366f7..8ff5003e77c2e2349cac8a51ccec3d39ea9e0017 100644 --- a/server/server.go +++ b/server/server.go @@ -47,6 +47,8 @@ const ( ) var pkgCertFile string +var pkgKeyFile string +var pkgCaCertFile string func credMatcher(headerName string) (mdName string, ok bool) { if headerName == "Session" { @@ -70,7 +72,7 @@ func authenticateClient(ctx context.Context, s *handler.KeyStorageServerImpl, in } sessionClient := &client.DataStorageClientImpl{} - sessionClient.SetUpClient(viamAuth, viper.GetString("dataStorageClientUrl"), pkgCertFile) + sessionClient.SetUpClient(viamAuth, viper.GetString("dataStorageUrl"), pkgCertFile, pkgKeyFile, pkgCaCertFile, viper.GetInt("maxMessageSize")) defer sessionClient.CloseClient() if clientAuth.Uuid == viamAuth.Uuid { @@ -107,8 +109,10 @@ func unaryInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServ return handler1(ctx, req) } -func StartGRPCServer(address, certFilePath, privateKeyFilePath, vereignCertFilePath, vereignPrivateKeyFilePath, dataStorageAddress string) error { +func StartGRPCServer(address, certFilePath, privateKeyFilePath, caCertFilePath, vereignCertFilePath, vereignPrivateKeyFilePath, dataStorageAddress string, maxMessageSize int) error { pkgCertFile = certFilePath + pkgKeyFile = privateKeyFilePath + pkgCaCertFile = caCertFilePath // create a listener on TCP port lis, err := net.Listen("tcp", address) @@ -120,8 +124,11 @@ func StartGRPCServer(address, certFilePath, privateKeyFilePath, vereignCertFileP s := handler.KeyStorageServerImpl{ DataStorageUrl: dataStorageAddress, CertFilePath: certFilePath, + KeyFilePath: privateKeyFilePath, + CaCertFilePath: caCertFilePath, VereignCertFilePath: vereignCertFilePath, VereignPrivateKeyFilePath: vereignPrivateKeyFilePath, + MaxMessageSize: maxMessageSize, } // Create the TLS credentials @@ -131,8 +138,11 @@ func StartGRPCServer(address, certFilePath, privateKeyFilePath, vereignCertFileP } // Create an array of gRPC options with the credentials - opts := []grpc.ServerOption{grpc.Creds(creds), - grpc.UnaryInterceptor(unaryInterceptor)} + opts := []grpc.ServerOption{ + grpc.Creds(creds), + grpc.UnaryInterceptor(unaryInterceptor), + grpc.MaxRecvMsgSize(viper.GetInt("maxMessageSize")*1024*1024), + } // create a gRPC server object grpcServer := grpc.NewServer(opts...)