Loading .gitlab-ci.yml +14 −0 Original line number Diff line number Diff line Loading @@ -120,6 +120,20 @@ build:schema-migrate: CONTEXT_DIR: $CI_PROJECT_DIR/images/schema-migrate needs: ["build:conda"] build:orp: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/orp needs: ["build:tomcat-builder", "build:tomcat-runtime"] build:search: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/search needs: ["build:tomcat-builder", "build:tomcat-runtime"] build:slcs: extends: .docker-build stage: build-4 Loading images/orp/01-keystore.sh 0 → 100755 +33 −0 Original line number Diff line number Diff line #!/usr/bin/bash set -eo pipefail ##### ## This script creates a keystore that Java understands from the hostcert ## and configures the ORP to use it ##### ESGF_KEYSTORE_ALIAS="${ESGF_KEYSTORE_ALIAS:-esgf-self}" ESGF_KEYSTORE_FILE="$ESGF_HOME/tomcat/hostcert.p12" # Generate a random keystore password for this container run ESGF_KEYSTORE_PASSWORD="$(openssl rand -hex 32)" # Create the keystore echo "[info] Creating PKCS12 bundle for host certificate and key" mkdir -p "$(dirname "$ESGF_KEYSTORE_FILE")" openssl pkcs12 -export \ -name "$ESGF_KEYSTORE_ALIAS" \ -out "$ESGF_KEYSTORE_FILE" \ -in "$ESGF_HOSTCERT_DIR/tls.crt" \ -inkey "$ESGF_HOSTCERT_DIR/tls.key" \ -password "pass:$ESGF_KEYSTORE_PASSWORD" # Configure the ORP to use it echo "[info] Configuring ORP for PKCS12 bundle" cat <<EOF > "$CATALINA_HOME/webapps/esg-orp/WEB-INF/classes/esg-orp.properties" keystoreFile=$ESGF_KEYSTORE_FILE keystorePassword=$ESGF_KEYSTORE_PASSWORD keystoreAlias=$ESGF_KEYSTORE_ALIAS orp.provider.list=$ESGF_CONFIG_DIR/esgf_known_providers.xml EOF images/orp/Dockerfile 0 → 100644 +20 −0 Original line number Diff line number Diff line ##### ## Docker image for the ESGF ORP tomcat application ##### ARG ESGF_REPOSITORY_BASE=esgfhub ARG ESGF_IMAGES_VERSION=latest # Unpack the esg-orp war ARG ESGF_ORP_ASSETS=https://github.com/ESGF/esg-orp/releases/download/ ARG ESGF_ORP_VERSION=v2.11.0 ARG WAR_LOCATION=$ESGF_ORP_ASSETS/$ESGF_ORP_VERSION/esgf-orp.war FROM ${ESGF_REPOSITORY_BASE}/tomcat-builder:${ESGF_IMAGES_VERSION} as builder # Copy the unpacked contents into the runtime container ARG WEBAPP_NAME=esg-orp FROM ${ESGF_REPOSITORY_BASE}/tomcat-runtime:${ESGF_IMAGES_VERSION} # Install custom startup scripts ENV ESGF_HOSTCERT_DIR $ESGF_HOME/hostcert COPY 01-keystore.sh $ESGF_INIT_DIR/ images/search/Dockerfile 0 → 100644 +16 −0 Original line number Diff line number Diff line ##### ## Docker image for the ESGF search tomcat application ##### ARG ESGF_REPOSITORY_BASE=esgfhub ARG ESGF_IMAGES_VERSION=latest # Unpack the war ARG ESGF_SEARCH_ASSETS=https://github.com/ESGF/esg-search/releases/download/ ARG ESGF_SEARCH_VERSION=v4.17.10 ARG WAR_LOCATION=$ESGF_SEARCH_ASSETS/$ESGF_SEARCH_VERSION/esg-search.war FROM ${ESGF_REPOSITORY_BASE}/tomcat-builder:${ESGF_IMAGES_VERSION} as builder # Copy the unpacked contents into the runtime container ARG WEBAPP_NAME=esg-search FROM ${ESGF_REPOSITORY_BASE}/tomcat-runtime:${ESGF_IMAGES_VERSION} Loading
.gitlab-ci.yml +14 −0 Original line number Diff line number Diff line Loading @@ -120,6 +120,20 @@ build:schema-migrate: CONTEXT_DIR: $CI_PROJECT_DIR/images/schema-migrate needs: ["build:conda"] build:orp: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/orp needs: ["build:tomcat-builder", "build:tomcat-runtime"] build:search: extends: .docker-build stage: build-3 variables: CONTEXT_DIR: $CI_PROJECT_DIR/images/search needs: ["build:tomcat-builder", "build:tomcat-runtime"] build:slcs: extends: .docker-build stage: build-4 Loading
images/orp/01-keystore.sh 0 → 100755 +33 −0 Original line number Diff line number Diff line #!/usr/bin/bash set -eo pipefail ##### ## This script creates a keystore that Java understands from the hostcert ## and configures the ORP to use it ##### ESGF_KEYSTORE_ALIAS="${ESGF_KEYSTORE_ALIAS:-esgf-self}" ESGF_KEYSTORE_FILE="$ESGF_HOME/tomcat/hostcert.p12" # Generate a random keystore password for this container run ESGF_KEYSTORE_PASSWORD="$(openssl rand -hex 32)" # Create the keystore echo "[info] Creating PKCS12 bundle for host certificate and key" mkdir -p "$(dirname "$ESGF_KEYSTORE_FILE")" openssl pkcs12 -export \ -name "$ESGF_KEYSTORE_ALIAS" \ -out "$ESGF_KEYSTORE_FILE" \ -in "$ESGF_HOSTCERT_DIR/tls.crt" \ -inkey "$ESGF_HOSTCERT_DIR/tls.key" \ -password "pass:$ESGF_KEYSTORE_PASSWORD" # Configure the ORP to use it echo "[info] Configuring ORP for PKCS12 bundle" cat <<EOF > "$CATALINA_HOME/webapps/esg-orp/WEB-INF/classes/esg-orp.properties" keystoreFile=$ESGF_KEYSTORE_FILE keystorePassword=$ESGF_KEYSTORE_PASSWORD keystoreAlias=$ESGF_KEYSTORE_ALIAS orp.provider.list=$ESGF_CONFIG_DIR/esgf_known_providers.xml EOF
images/orp/Dockerfile 0 → 100644 +20 −0 Original line number Diff line number Diff line ##### ## Docker image for the ESGF ORP tomcat application ##### ARG ESGF_REPOSITORY_BASE=esgfhub ARG ESGF_IMAGES_VERSION=latest # Unpack the esg-orp war ARG ESGF_ORP_ASSETS=https://github.com/ESGF/esg-orp/releases/download/ ARG ESGF_ORP_VERSION=v2.11.0 ARG WAR_LOCATION=$ESGF_ORP_ASSETS/$ESGF_ORP_VERSION/esgf-orp.war FROM ${ESGF_REPOSITORY_BASE}/tomcat-builder:${ESGF_IMAGES_VERSION} as builder # Copy the unpacked contents into the runtime container ARG WEBAPP_NAME=esg-orp FROM ${ESGF_REPOSITORY_BASE}/tomcat-runtime:${ESGF_IMAGES_VERSION} # Install custom startup scripts ENV ESGF_HOSTCERT_DIR $ESGF_HOME/hostcert COPY 01-keystore.sh $ESGF_INIT_DIR/
images/search/Dockerfile 0 → 100644 +16 −0 Original line number Diff line number Diff line ##### ## Docker image for the ESGF search tomcat application ##### ARG ESGF_REPOSITORY_BASE=esgfhub ARG ESGF_IMAGES_VERSION=latest # Unpack the war ARG ESGF_SEARCH_ASSETS=https://github.com/ESGF/esg-search/releases/download/ ARG ESGF_SEARCH_VERSION=v4.17.10 ARG WAR_LOCATION=$ESGF_SEARCH_ASSETS/$ESGF_SEARCH_VERSION/esg-search.war FROM ${ESGF_REPOSITORY_BASE}/tomcat-builder:${ESGF_IMAGES_VERSION} as builder # Copy the unpacked contents into the runtime container ARG WEBAPP_NAME=esg-search FROM ${ESGF_REPOSITORY_BASE}/tomcat-runtime:${ESGF_IMAGES_VERSION}
