diff --git a/.gitignore b/.gitignore index f0d4bc2f65..580915809c 100644 --- a/.gitignore +++ b/.gitignore @@ -40,3 +40,7 @@ deploy/development.rc deploy/ci/secrets.yml deploy/kubernetes/values.yaml outputs/ + +deploy/stratos-ui-release/.dev_builds +deploy/stratos-ui-release/blobs +deploy/stratos-ui-release/dev_releases/ diff --git a/build/tools/get-glide.sh b/build/tools/get-glide.sh new file mode 100755 index 0000000000..cb21e4575b --- /dev/null +++ b/build/tools/get-glide.sh @@ -0,0 +1,121 @@ +#!/bin/sh + +# The install script is licensed under the MIT license Glide itself is under. +# See https://github.com/Masterminds/glide/blob/master/LICENSE for more details. + +# To run this script execute: +# `curl https://glide.sh/get | sh` + +PROJECT_NAME="glide" + +# LGOBIN represents the local bin location. This can be either the GOBIN, if set, +# or the GOPATH/bin. + +LGOBIN="" + +verifyGoInstallation() { + GO=$(which go) + if [ "$?" = "1" ]; then + echo "$PROJECT_NAME needs go. Please intall it first." + exit 1 + fi + if [ -z "$GOPATH" ]; then + echo "$PROJECT_NAME needs environment variable "'$GOPATH'". Set it before continue." + exit 1 + fi + if [ -n "$GOBIN" ]; then + if [ ! -d "$GOBIN" ]; then + echo "$GOBIN "'($GOBIN)'" folder not found. Please create it before continue." + exit 1 + fi + LGOBIN="$GOBIN" + else + if [ ! -d "$GOPATH/bin" ]; then + echo "$GOPATH/bin "'($GOPATH/bin)'" folder not found. Please create it before continue." + exit 1 + fi + LGOBIN="$GOPATH/bin" + fi + +} + +initArch() { + ARCH=$(uname -m) + case $ARCH in + armv5*) ARCH="armv5";; + armv6*) ARCH="armv6";; + armv7*) ARCH="armv7";; + aarch64) ARCH="arm64";; + x86) ARCH="386";; + x86_64) ARCH="amd64";; + i686) ARCH="386";; + i386) ARCH="386";; + esac +} + +initOS() { + OS=$(echo `uname`|tr '[:upper:]' '[:lower:]') + + case "$OS" in + # Minimalist GNU for Windows + mingw*) OS='windows';; + esac +} + +downloadFile() { + TAG=$(wget -q -O - https://glide.sh/version) + LATEST_RELEASE_URL="https://api.github.com/repos/Masterminds/$PROJECT_NAME/releases/tags/$TAG" + LATEST_RELEASE_JSON=$(wget -q -O - "$LATEST_RELEASE_URL") + GLIDE_DIST="glide-$TAG-$OS-$ARCH.tar.gz" + # || true forces this command to not catch error if grep does not find anything + DOWNLOAD_URL=$(echo "$LATEST_RELEASE_JSON" | grep 'browser_' | cut -d\" -f4 | grep "$GLIDE_DIST") || true + if [ -z "$DOWNLOAD_URL" ]; then + echo "Sorry, we dont have a dist for your system: $OS $ARCH" + echo "You can ask one here: https://github.com/Masterminds/$PROJECT_NAME/issues" + exit 1 + else + GLIDE_TMP_FILE="/tmp/$GLIDE_DIST" + echo "Downloading $DOWNLOAD_URL" + wget -q -O "$GLIDE_TMP_FILE" "$DOWNLOAD_URL" + fi +} + +installFile() { + GLIDE_TMP="/tmp/$PROJECT_NAME" + mkdir -p "$GLIDE_TMP" + tar xf "$GLIDE_TMP_FILE" -C "$GLIDE_TMP" + GLIDE_TMP_BIN="$GLIDE_TMP/$OS-$ARCH/$PROJECT_NAME" + cp "$GLIDE_TMP_BIN" "$LGOBIN" +} + +bye() { + result=$? + if [ "$result" != "0" ]; then + echo "Fail to install $PROJECT_NAME" + fi + exit $result +} + +testVersion() { + set +e + GLIDE="$(which $PROJECT_NAME)" + if [ "$?" = "1" ]; then + echo "$PROJECT_NAME not found. Did you add "'$LGOBIN'" to your "'$PATH?' + exit 1 + fi + set -e + GLIDE_VERSION=$($PROJECT_NAME -v) + echo "$GLIDE_VERSION installed successfully" +} + +# Execution + +#Stop execution on any error +trap "bye" EXIT +verifyGoInstallation +set -e +initArch +initOS +downloadFile +installFile +testVersion diff --git a/components/app-core/backend/main.go b/components/app-core/backend/main.go index 415782b739..d6b9832a6a 100644 --- a/components/app-core/backend/main.go +++ b/components/app-core/backend/main.go @@ -628,6 +628,9 @@ func isConsoleUpgrading() bool { } upgradeLockPath := fmt.Sprintf("/%s/%s", upgradeVolume, upgradeLockFile) + if string(upgradeVolume[0]) == "/" { + upgradeLockPath = fmt.Sprintf("%s/%s", upgradeVolume, upgradeLockFile) + } if _, err := os.Stat(upgradeLockPath); err == nil { return true diff --git a/components/app-core/backend/repository/crypto/aes.go b/components/app-core/backend/repository/crypto/aes.go index f4759309d9..fb21fcb503 100644 --- a/components/app-core/backend/repository/crypto/aes.go +++ b/components/app-core/backend/repository/crypto/aes.go @@ -73,8 +73,12 @@ func Decrypt(key, ciphertext []byte) (plaintext []byte, err error) { // ReadEncryptionKey - Read the encryption key from the shared volume func ReadEncryptionKey(v, f string) ([]byte, error) { log.Println("ReadEncryptionKey") - fname := fmt.Sprintf("/%s/%s", v, f) - key64chars, err := ioutil.ReadFile(fname) + + encryptionKey := fmt.Sprintf("/%s/%s", v, f) + if string(f[0]) == "/" { + encryptionKey = fmt.Sprintf("%s/%s", v, f) + } + key64chars, err := ioutil.ReadFile(encryptionKey) if err != nil { log.Errorf("Unable to read encryption key file: %+v\n", err) return nil, err diff --git a/deploy/stratos-ui-release/README.md b/deploy/stratos-ui-release/README.md new file mode 100644 index 0000000000..183523401d --- /dev/null +++ b/deploy/stratos-ui-release/README.md @@ -0,0 +1,98 @@ +## Deploying the BOSH release + +**Note:** BOSH release is currently experimental. It currently has only been tested in a BOSH Lite environment, any suggestions for improvements to support other BOSH environments are welcome. + +To build and deploy the BOSH release you will require a BOSH director. If you don't have one available follow these instructions to setup BOSH lite [here](https://bosh.io/docs/bosh-lite.html). +The rest of the instruction assume that a BOSH lite environment is being used to deploy the chart. + + +### Deploying in a BOSH lite environment + +1. To upload a cloud-config execute the following: + ``` + $ bosh -e vbox update-cloud-config ~/workspace/bosh-deployment/warden/cloud-config.yml + ``` + +2. Upload a stemcell (using the `bosh-warden-boshlite-ubuntu-trusty`) + ``` + bosh -e vbox upload-stemcell https://bosh.io/d/stemcells/bosh-warden-boshlite-ubuntu-trusty-go_agent?v=3421.9 \ + --sha1 1396d7877204e630b9e77ae680f492d26607461d + ``` + +3. Build the Stratos UI BOSH release + ``` + $ bosh create-release + ``` + + If you have outstanding changes locally add the `--force` flag. + +4. After a successful build, upload the release to your director. + ``` + $ bosh -e vbox upload-release -d stratos-ui + ``` + +5. Deploy the release + + A sample bosh-lite deployment manifest has been provided in `bosh-lite/deployment.yaml`. The following will use that command to deploy the Console. + + 5.1. Provide UAA settings in the deployment manifest if known. In the following some sample values have been provided. + ``` + uaa_address: https://my-uaa:8080 + console_admin_scope: cloud_controller.admin + console_uaa_client: cf + ``` + + 5.2. Select the database you want to use. The Stratos UI Console can be deployed using a MySQL/MariaDB store or SQLite. The following are sample values for a mysql configuration. This assumes a MySQL server has been deployed locally on the host. + + ``` + use_mysql: true + use_sqlite: false + mysql_user: stratos + mysql_admin_user: root + mysql_admin_password: changeme + mysql_user_password: strat0s + mysql_db: stratos-db + mysql_host: 127.0.0.1 + mysql_port: 3306 + + ``` + + To use SQLite, use the following and comment out the mysql parameters. + ``` + # use_mysql: true + use_sqlite: true + # mysql_user: stratos + # mysql_admin_user: root + # mysql_admin_password: changeme + # mysql_user_password: strat0s + # mysql_db: stratos-db + # mysql_host: 127.0.0.1 + # mysql_port: 3306 + ``` + + To deploy you deployment manifest execute the following. + + ``` + $ bosh -e vbox -d stratos-ui deploy bosh-lite/deployment.yml + ``` + +6. List deployment + + List deployment to get the IP address of the frontend to access the Console. In the following example to access the Console the address is `https://10.0.16.4`. + + ``` + 09:10 $ bosh -e vbox -d stratos-ui instances + Using environment '192.168.50.6' as client 'admin' + + Task 22. Done + + Deployment 'stratos-ui' + + Instance Process State AZ IPs + backend/68580d76-a241-4de2-b246-82d0a184c9bb running - 10.0.16.103 + frontend/477c94ef-3138-416c-97d7-c09682e6d5dd running - 10.0.16.4 + + 2 instances + + Succeeded + ``` diff --git a/deploy/stratos-ui-release/bosh-lite/deployment.yml b/deploy/stratos-ui-release/bosh-lite/deployment.yml new file mode 100644 index 0000000000..6ad968b327 --- /dev/null +++ b/deploy/stratos-ui-release/bosh-lite/deployment.yml @@ -0,0 +1,195 @@ +--- +name: stratos-ui + +networks: +- name: stratos-net + type: manual + subnets: + - range: 10.0.16.0/24 + gateway: 10.0.16.1 + dns: [8.8.8.8] + reserved: ["10.0.16.2 - 10.0.16.3"] + static: ["10.0.16.100 - 10.0.16.105"] + +resource_pools: +- name: stratos_rp1 + network: stratos-net + stemcell: + name: bosh-warden-boshlite-ubuntu-trusty-go_agent + version: latest + cloud_properties: + availability_zone: az1 + +compilation: + workers: 6 + network: stratos-net + reuse_compilation_vms: true + cloud_properties: + availability_zone: az1 + +disk_pools: +- name: upgrade-volume + disk_size: 50 + cloud_properties: {type: standard} + +releases: +- name: stratos-ui + version: latest + +update: + canaries: 2 + max_in_flight: 1 + canary_watch_time: 5000-60000 + update_watch_time: 5000-60000 + +instance_groups: +- name: frontend + instances: 1 + resource_pool: stratos_rp1 + jobs: + - name: frontend + release: stratos-ui + properties: + stratos_ui: + frontend: + ssl_cert_key: | + -----BEGIN PRIVATE KEY----- + MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDV9+ySh0xZzM41 + Salbfmk1cWwUP9QYS/MKxceZ7rh/rYloRZiIr9agOHKCNSdFTSb9RTTf7mcFGPdP + XQ42uOrzlVu/PeK1Hlv2tEf7zFBMmy0dEWB3PkH2kvHjcYTHIHC4Cpy7t9KRlRCQ + 3yAGPLFzCspgz1Kj8gEu1/tGF6ODr+qvdY2d8BVRCEqrLAFefEKADiQhEkrFtBjz + dc8FcgFx1EfnGwENfR31Oyt7+/0b8FqJT/8K+GlXMQmJPNEONxrYL+/xDszFw/Ai + cAUz1XP6Iqy7r6CsMWiI2HeGqX6Z4RPWeZITur50g4BnnwSeTkFiw7Ek39+bK56w + gvRLcIpLAgMBAAECggEBANNJuycGy/JxN7+POdnLfoDzu9JTJVHIzft5Sp1LCo2q + A+Ift3xihwI4O3swmdLpWPMJACmQ9dIm0TBhp8OJ3xkiCDNVHSXVEOMRK3QOUc0T + /vyRSDz4EZM3j/0VABTSh/x1HkiQQTLZjD5C1xDRpjkAEtB+ahDSzTBAvzR761AA + +y3fQz59jUwEoC1fOmzd333brgUGG3rwaqdg5qyXQBQH3k2RC10r9GXoc5fvkwO7 + M2n2rW3WdytT3Yhb+Cvv+EZsJVs6lX8dyQcdfFLP9ivBjzRbNTxm6sA1vnmq0xf4 + 7ixC8MJk/N9ZRRGTcohxS97AfsnFqwqOTeGPrsdqFqECgYEA/5IHgr8ubnmTJ0ep + 0+n69jqVQkfMJ0/sPlXP/+1yywYxkf6kSm8JXboa1W+j3vsRMRYUWAQVLp8ALrLk + x3aQG024CayryabcdFPrfdbdQV1Ik+8RYae34uKiOgyOJVyy96YuqM4QCvqY5GYp + u+rthafJq4kGAzU6Pli7yI3ZsM8CgYEA1lP+YBHotCR993jXGa0OIwmqI7+n9EWV + k/ubNxutEqXE+VL4hXrWWn9mLD4MJ9y+umppTdzEawUcM9MoVD7eeQUwkgMiDlUd + 2c62pHHStYyKHaY85Zp1yovFDDjtROErXT9+fXcDAxSP0MOapEC9tToY1seVfJLH + pj/U52ONlcUCgYEAnCUzU43NJ5A9+QzO1Puq6k/Gq9VEBWzOUROK3rnLngFtvd5P + sG6A0XQIOwlXnL/WtB/iVBhCfNaGfQGtx7RHvXbRj4+g8bZyENzJD3x8eBgvZLr2 + 6qxXLFb9eOv82RT2/1nYPiiQIrUTPtCwhPC3KCboj1ZLhyA5MqhyKsmIDH8CgYAb + nV7dCfGtpDYGuK8eQ8nagdhGGt+M/Zo0IurwwsQd7vXeGe6jZBxSNK/5a1UtnaeF + ZUiEG7nDADmOA9riX+dSOHT1mym8JwNdmOC3d2LquVziTRTzkF805aVR2dPYWBq6 + PQATMk5VC0UsZMd7+kt3GjExGy4Liu3mYbsQxSbs8QKBgDPoTR3a39cjp4KgMS4z + 9nRT5DV72/GE5N7EDrDHrhpUyW0qkM4UcJ5Vi+c4EywzOgtYbFknSsXbYnVAkFDr + 42qv5Z0qoLTOch+GVuj0ZF1UgJh+RJWom7lPhTS0UP+VZFBc++nGl7PGTRflm3Zd + mEVvEQxyBz3V1fZ0Yz246W60 + -----END PRIVATE KEY----- + ssl_cert: | + -----BEGIN CERTIFICATE----- + MIIDXTCCAkWgAwIBAgIJAJooOiQWl1v1MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV + BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX + aWRnaXRzIFB0eSBMdGQwHhcNMTcwNjIzMTQ1MDM5WhcNMTgwNjIzMTQ1MDM5WjBF + MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 + ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB + CgKCAQEA1ffskodMWczONUmpW35pNXFsFD/UGEvzCsXHme64f62JaEWYiK/WoDhy + gjUnRU0m/UU03+5nBRj3T10ONrjq85Vbvz3itR5b9rRH+8xQTJstHRFgdz5B9pLx + 43GExyBwuAqcu7fSkZUQkN8gBjyxcwrKYM9So/IBLtf7Rhejg6/qr3WNnfAVUQhK + qywBXnxCgA4kIRJKxbQY83XPBXIBcdRH5xsBDX0d9Tsre/v9G/BaiU//CvhpVzEJ + iTzRDjca2C/v8Q7MxcPwInAFM9Vz+iKsu6+grDFoiNh3hql+meET1nmSE7q+dIOA + Z58Enk5BYsOxJN/fmyuesIL0S3CKSwIDAQABo1AwTjAdBgNVHQ4EFgQUXucATEFh + 8s94Mg1+J/aP8potwhMwHwYDVR0jBBgwFoAUXucATEFh8s94Mg1+J/aP8potwhMw + DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAGroqi6rKMjw3mCtr6dAU + WgGXiO96ADRzRchdp+gpHTVtybKAa1n13MAs/tl7HKUBQWwvDqPlqAAmBtCDKhfh + N8SiI8PxScaCE2NcJCJDHwxs2CucUSAIf99w+WIZ0pF2IC+73GTCR+p9Kwb5bN04 + 8vN/7YQTMwNk7GxkKas9QPR9/6rvPHLGPYvPx8mOW6HbYaWdPavJAI/XAYPxnfid + uQuNfXXbhJyxN1BUi1Kt+KkVCyG+CY0jJNbO7lTsiJSzcstLykSxTX1bw0jIvEWa + LdXmd/Dyu/EVzgOYnEPiZmHbha4KuVsb0dtAQIT8hmVRXIIOIbndERBduxeVMkLm + fw== + -----END CERTIFICATE----- + backend: + host: 10.0.16.103 + port: 443 + networks: + - name: stratos-net +- name: backend + instances: 1 + resource_pool: stratos_rp1 + persistent_disk_pool: upgrade-volume + jobs: + - name: backend + release: stratos-ui + properties: + stratos_ui: + backend: + skip_ssl_validation: true + address: 10.0.16.103 + port: 443 + # uaa_address: + # console_admin_scope: + # console_uaa_client: + frontend_origin_address: '' + ssl_cert_key: | + -----BEGIN PRIVATE KEY----- + MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDV9+ySh0xZzM41 + Salbfmk1cWwUP9QYS/MKxceZ7rh/rYloRZiIr9agOHKCNSdFTSb9RTTf7mcFGPdP + XQ42uOrzlVu/PeK1Hlv2tEf7zFBMmy0dEWB3PkH2kvHjcYTHIHC4Cpy7t9KRlRCQ + 3yAGPLFzCspgz1Kj8gEu1/tGF6ODr+qvdY2d8BVRCEqrLAFefEKADiQhEkrFtBjz + dc8FcgFx1EfnGwENfR31Oyt7+/0b8FqJT/8K+GlXMQmJPNEONxrYL+/xDszFw/Ai + cAUz1XP6Iqy7r6CsMWiI2HeGqX6Z4RPWeZITur50g4BnnwSeTkFiw7Ek39+bK56w + gvRLcIpLAgMBAAECggEBANNJuycGy/JxN7+POdnLfoDzu9JTJVHIzft5Sp1LCo2q + A+Ift3xihwI4O3swmdLpWPMJACmQ9dIm0TBhp8OJ3xkiCDNVHSXVEOMRK3QOUc0T + /vyRSDz4EZM3j/0VABTSh/x1HkiQQTLZjD5C1xDRpjkAEtB+ahDSzTBAvzR761AA + +y3fQz59jUwEoC1fOmzd333brgUGG3rwaqdg5qyXQBQH3k2RC10r9GXoc5fvkwO7 + M2n2rW3WdytT3Yhb+Cvv+EZsJVs6lX8dyQcdfFLP9ivBjzRbNTxm6sA1vnmq0xf4 + 7ixC8MJk/N9ZRRGTcohxS97AfsnFqwqOTeGPrsdqFqECgYEA/5IHgr8ubnmTJ0ep + 0+n69jqVQkfMJ0/sPlXP/+1yywYxkf6kSm8JXboa1W+j3vsRMRYUWAQVLp8ALrLk + x3aQG024CayryabcdFPrfdbdQV1Ik+8RYae34uKiOgyOJVyy96YuqM4QCvqY5GYp + u+rthafJq4kGAzU6Pli7yI3ZsM8CgYEA1lP+YBHotCR993jXGa0OIwmqI7+n9EWV + k/ubNxutEqXE+VL4hXrWWn9mLD4MJ9y+umppTdzEawUcM9MoVD7eeQUwkgMiDlUd + 2c62pHHStYyKHaY85Zp1yovFDDjtROErXT9+fXcDAxSP0MOapEC9tToY1seVfJLH + pj/U52ONlcUCgYEAnCUzU43NJ5A9+QzO1Puq6k/Gq9VEBWzOUROK3rnLngFtvd5P + sG6A0XQIOwlXnL/WtB/iVBhCfNaGfQGtx7RHvXbRj4+g8bZyENzJD3x8eBgvZLr2 + 6qxXLFb9eOv82RT2/1nYPiiQIrUTPtCwhPC3KCboj1ZLhyA5MqhyKsmIDH8CgYAb + nV7dCfGtpDYGuK8eQ8nagdhGGt+M/Zo0IurwwsQd7vXeGe6jZBxSNK/5a1UtnaeF + ZUiEG7nDADmOA9riX+dSOHT1mym8JwNdmOC3d2LquVziTRTzkF805aVR2dPYWBq6 + PQATMk5VC0UsZMd7+kt3GjExGy4Liu3mYbsQxSbs8QKBgDPoTR3a39cjp4KgMS4z + 9nRT5DV72/GE5N7EDrDHrhpUyW0qkM4UcJ5Vi+c4EywzOgtYbFknSsXbYnVAkFDr + 42qv5Z0qoLTOch+GVuj0ZF1UgJh+RJWom7lPhTS0UP+VZFBc++nGl7PGTRflm3Zd + mEVvEQxyBz3V1fZ0Yz246W60 + -----END PRIVATE KEY----- + ssl_cert: | + -----BEGIN CERTIFICATE----- + MIIDXTCCAkWgAwIBAgIJAJooOiQWl1v1MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV + BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX + aWRnaXRzIFB0eSBMdGQwHhcNMTcwNjIzMTQ1MDM5WhcNMTgwNjIzMTQ1MDM5WjBF + MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 + ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB + CgKCAQEA1ffskodMWczONUmpW35pNXFsFD/UGEvzCsXHme64f62JaEWYiK/WoDhy + gjUnRU0m/UU03+5nBRj3T10ONrjq85Vbvz3itR5b9rRH+8xQTJstHRFgdz5B9pLx + 43GExyBwuAqcu7fSkZUQkN8gBjyxcwrKYM9So/IBLtf7Rhejg6/qr3WNnfAVUQhK + qywBXnxCgA4kIRJKxbQY83XPBXIBcdRH5xsBDX0d9Tsre/v9G/BaiU//CvhpVzEJ + iTzRDjca2C/v8Q7MxcPwInAFM9Vz+iKsu6+grDFoiNh3hql+meET1nmSE7q+dIOA + Z58Enk5BYsOxJN/fmyuesIL0S3CKSwIDAQABo1AwTjAdBgNVHQ4EFgQUXucATEFh + 8s94Mg1+J/aP8potwhMwHwYDVR0jBBgwFoAUXucATEFh8s94Mg1+J/aP8potwhMw + DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAGroqi6rKMjw3mCtr6dAU + WgGXiO96ADRzRchdp+gpHTVtybKAa1n13MAs/tl7HKUBQWwvDqPlqAAmBtCDKhfh + N8SiI8PxScaCE2NcJCJDHwxs2CucUSAIf99w+WIZ0pF2IC+73GTCR+p9Kwb5bN04 + 8vN/7YQTMwNk7GxkKas9QPR9/6rvPHLGPYvPx8mOW6HbYaWdPavJAI/XAYPxnfid + uQuNfXXbhJyxN1BUi1Kt+KkVCyG+CY0jJNbO7lTsiJSzcstLykSxTX1bw0jIvEWa + LdXmd/Dyu/EVzgOYnEPiZmHbha4KuVsb0dtAQIT8hmVRXIIOIbndERBduxeVMkLm + fw== + -----END CERTIFICATE----- + upgrade_volume_path: /var/vcap/store/backend + upgrade_volume_file: upgrade.lock + encryption_key_volume: /var/vcap/store/backend + encryption_key_filename: key + session_store_secret: foo + use_mysql: false + use_sqlite: true + # mysql_user: + # mysql_admin_user: + # mysql_admin_password: + # mysql_user_password: + # mysql_db: + # mysql_host: + # mysql_port: + networks: + - name: stratos-net + static_ips: [10.0.16.103] diff --git a/deploy/stratos-ui-release/config/blobs.yml b/deploy/stratos-ui-release/config/blobs.yml new file mode 100644 index 0000000000..ec72c2d999 --- /dev/null +++ b/deploy/stratos-ui-release/config/blobs.yml @@ -0,0 +1,13 @@ +--- +nginx/nginx-1.11.13.tar.gz: + size: 980784 + object_id: 214aec6b-e095-4b21-7155-d038f699eaae + sha: 84f27729754796181dc39d47da761c7e85eb3ae2 +nginx/pcre-8.40.tar.gz: + size: 2065161 + object_id: 44706e8c-255c-4ff3-9737-23ab55a1a214 + sha: sha256:1d75ce90ea3f81ee080cdc04e68c9c25a9fb984861a0618be7bbf676b18eda3e +golang/go1.8.3.linux-amd64.tar.gz: + size: 90029041 + object_id: 53346f1f-edfc-40d5-54b9-04126e05fdf3 + sha: sha256:1862f4c3d3907e59b04a757cfda0ea7aa9ef39274af99a784f5be843c80c6772 diff --git a/deploy/stratos-ui-release/config/final.yml b/deploy/stratos-ui-release/config/final.yml new file mode 100644 index 0000000000..d47c1df585 --- /dev/null +++ b/deploy/stratos-ui-release/config/final.yml @@ -0,0 +1,7 @@ +--- +name: stratos-ui +min_cli_version: 1.5.0.pre.1001 +blobstore: + provider: s3 + options: + bucket_name: capi-release-blobs diff --git a/deploy/stratos-ui-release/jobs/backend/monit b/deploy/stratos-ui-release/jobs/backend/monit new file mode 100644 index 0000000000..10ba7609a3 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/monit @@ -0,0 +1,5 @@ +check process backend + with pidfile /var/vcap/sys/run/backend/backend.pid + start program = "/bin/bash -c '/var/vcap/jobs/backend/bin/backend_ctl start'" + stop program = "/bin/bash -c '/var/vcap/jobs/backend/bin/backend_ctl stop'" + group vcap diff --git a/deploy/stratos-ui-release/jobs/backend/spec b/deploy/stratos-ui-release/jobs/backend/spec new file mode 100644 index 0000000000..186119617f --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/spec @@ -0,0 +1,77 @@ +--- +name: backend +templates: + config.properties.erb: config/config.properties + ssl_cert.erb: config/dev-certs/pproxy.crt + ssl_cert_key.erb: config/dev-certs/pproxy.key + dbconf.yml.erb: /config/dbconf.yml + backend_ctl.erb: bin/backend_ctl + pre-start.erb: bin/pre-start + post-deploy.erb: bin/post-deploy + +packages: +- backend +- utils +- golang + +properties: + stratos_ui.backend.skip_ssl_validation: + description: "Skip SSL validation for connections to UAA" + default: false + stratos_ui.backend.address: + description: "Address the backend is binding to" + default: 0.0.0.0 + stratos_ui.backend.port: + description: "Port the backend is listening on" + default: 443 + stratos_ui.backend.uaa_address: + description: "UAA server address" + default: '' + stratos_ui.backend.console_admin_scope: + description: "UAA scope identifying Stratos UI Console admin" + default: '' + stratos_ui.backend.console_admin_scope: + description: "UAA scope identifying Stratos UI Console admin" + default: '' + stratos_ui.backend.console_uaa_client: + description: "UAA client for Stratos UI Console" + default: '' + stratos_ui.backend.frontend_origin_address: + description: "Frontend origin address" + stratos_ui.backend.ssl_cert_key: + description: "SSL Certificate key body" + stratos_ui.backend.ssl_cert: + description: "SSL Certificate body" + stratos_ui.backend.session_store_secret: + description: "Secret used to encrypt the backend session store" + stratos_ui.backend.use_mysql: + description: "Use mysql, need to specify relevant mysql settings" + stratos_ui.backend.mysql_user: + description: "mysql User" + stratos_ui.backend.mysql_user_password: + description: "mysql user password" + stratos_ui.backend.mysql_db: + description: "Stratos UI Console DB name" + stratos_ui.backend.mysql_host: + description: "mysql host" + stratos_ui.backend.mysql_port: + description: "mysql port" + stratos_ui.backend.mysql_admin_user: + description: "Mysql Administrator to create DB and user" + stratos_ui.backend.mysql_admin_password: + description: "Mysql Administrator port" + stratos_ui.backend.use_sqlite: + description: "Use SQLLite" + default: true + stratos_ui.backend.upgrade_volume_path: + description: "Upgrade volume path for pre-start data" + default: "/var/vcap/store/backend" + stratos_ui.backend.upgrade_volume_file: + description: "Upgrade lock file" + default: "upgrade.lock" + stratos_ui.backend.encryption_key_volume: + description: "Encryption key volume" + default: "/var/vcap/store/backend_encryption" + stratos_ui.backend.encryption_key_filename: + description: "Encryption key file name" + default: "key" diff --git a/deploy/stratos-ui-release/jobs/backend/templates/backend_ctl.erb b/deploy/stratos-ui-release/jobs/backend/templates/backend_ctl.erb new file mode 100644 index 0000000000..0cf43e7572 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/templates/backend_ctl.erb @@ -0,0 +1,53 @@ +#!/bin/bash + +RUN_DIR="/var/vcap/sys/run/backend" +LOG_DIR="/var/vcap/sys/log/backend" +PIDFILE="${RUN_DIR}/backend.pid" +CONFIG_DIR="/var/vcap/jobs/backend/config" + +source /var/vcap/packages/utils/syslog_utils.sh +source /var/vcap/packages/utils/pid_utils.sh + +if [ ! -d ${LOG_DIR} ]; then + mkdir ${LOG_DIR} +fi +tee_output_to_sys_log_and_file "${LOG_DIR}" "$(basename "$0")" + +function setup_environment() { + mkdir -p "${RUN_DIR}" +} + +case $1 in + + start) + setup_environment + pid_guard "$PIDFILE" "Nginx" + + cp -r $CONFIG_DIR/* /var/vcap/packages/backend/ + + <% if p('stratos_ui.backend.use_mysql') == true %> + cp -f $CONFIG_DIR/dbconf.yml /var/vcap/packages/backend/deploy/db/dbconf.yml + <% end %> + + cd /var/vcap/packages/backend/ + + chmod +x portal-proxy + echo $$ > "$PIDFILE" + + exec /var/vcap/packages/backend/portal-proxy + + ;; + + stop) + sigkill_on_timeout=0 + timeout=0 + kill_and_wait "${PIDFILE}" "${timeout}" "${sigkill_on_timeout}" + + ;; + + *) + echo "Usage: backend_ctl {start|stop}" + + ;; + +esac diff --git a/deploy/stratos-ui-release/jobs/backend/templates/config.properties.erb b/deploy/stratos-ui-release/jobs/backend/templates/config.properties.erb new file mode 100644 index 0000000000..bb4340d25f --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/templates/config.properties.erb @@ -0,0 +1,30 @@ +HTTP_CONNECTION_TIMEOUT_IN_SECS=10 +HTTP_CLIENT_TIMEOUT_IN_SECS=20 +SKIP_SSL_VALIDATION=<%= p('stratos_ui.backend.skip_ssl_validation') %> +CONSOLE_PROXY_TLS_ADDRESS=<%= p('stratos_ui.backend.address') %>:<%= p('stratos_ui.backend.port') %> +CF_CLIENT=cf +CF_ADMIN_ROLE=cloud_controller.admin + +UAA_ENDPOINT=<%= p('stratos_ui.backend.uaa_address') %> +CONSOLE_ADMIN_SCOPE=<%= p('stratos_ui.backend.console_admin_scope') %> +CONSOLE_CLIENT=<%= p('stratos_ui.backend.console_uaa_client') %> +ALLOWED_ORIGINS=<%= p('stratos_ui.backend.frontend_origin_address') %> + +SESSION_STORE_SECRET=<%= p('stratos_ui.backend.session_store_secret') %> + +<% if p('stratos_ui.backend.use_mysql') == true %> +DATABASE_PROVIDER=mysql +DB_USER=<%= p('stratos_ui.backend.mysql_user') %> +DB_PASSWORD=<%= p('stratos_ui.backend.mysql_user_password') %> +DB_DATABASE_NAME=<%= p('stratos_ui.backend.mysql_db') %> +DB_HOST=<%= p('stratos_ui.backend.mysql_host') %> +DB_PORT=<%= p('stratos_ui.backend.mysql_port') %> +<% end %> + +<% if p('stratos_ui.backend.use_sqlite') == true %> +DATABASE_PROVIDER=sqlite +<% end %> +UPGRADE_VOLUME=<%= p('stratos_ui.backend.upgrade_volume_path') %> +UPGRADE_LOCK_FILENAME=<%= p('stratos_ui.backend.upgrade_volume_file') %> +ENCRYPTION_KEY_VOLUME=<%= p('stratos_ui.backend.encryption_key_volume') %> +ENCRYPTION_KEY_FILENAME=<%= p('stratos_ui.backend.encryption_key_filename') %> diff --git a/deploy/stratos-ui-release/jobs/backend/templates/dbconf.yml.erb b/deploy/stratos-ui-release/jobs/backend/templates/dbconf.yml.erb new file mode 100644 index 0000000000..d042ec7295 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/templates/dbconf.yml.erb @@ -0,0 +1,5 @@ +<% if p('stratos_ui.backend.use_mysql') == true %> +bosh-mysql: + driver: mysql + open: <%= p('stratos_ui.backend.mysql_user') %>:<%= p('stratos_ui.backend.mysql_user_password') %>@tcp(<%= p('stratos_ui.backend.mysql_host') %>:<%= p('stratos_ui.backend.mysql_port') %>)/<%= p('stratos_ui.backend.mysql_db') %>?parseTime=true +<% end %> \ No newline at end of file diff --git a/deploy/stratos-ui-release/jobs/backend/templates/post-deploy.erb b/deploy/stratos-ui-release/jobs/backend/templates/post-deploy.erb new file mode 100644 index 0000000000..ed705db9ee --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/templates/post-deploy.erb @@ -0,0 +1,78 @@ +#!/bin/bash +<% if p('stratos_ui.backend.use_mysql') == true %> +set -e + +# TODO check if installation is required +# Check Git is installed +echo "Installing Git and MariaDB Client" +apt-get update +apt-get install -y git mariadb-client + +echo "PWD: $PWD" +export GOROOT="/var/vcap/packages/golang/" +export GOPATH="/var/vcap/packages/backend/go" +export PATH=$GOROOT/bin:$GOPATH/bin:$PATH + +function execStatement { + stmt=$1 + echo "Executing: mysql -u <%= p('stratos_ui.backend.mysql_admin_user') %> -h<%= p('stratos_ui.backend.mysql_host') %> -P <%= p('stratos_ui.backend.mysql_port') %> -pxxxxxxxxxxxx -e \"$stmt\"" + mysql -u <%= p('stratos_ui.backend.mysql_admin_user') %> -h<%= p('stratos_ui.backend.mysql_host') %> -P <%= p('stratos_ui.backend.mysql_port') %> -p<%= p('stratos_ui.backend.mysql_admin_password') %> -e "$stmt" + +} + +echo "Checking if DB exists" + +stratosDbExists=$(execStatement "SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '<%= p('stratos_ui.backend.mysql_db') %>';") + +# Create DB if neccessary +if [ -z "$stratosDbExists" ] ; then + echo "Creating database <%= p('stratos_ui.backend.mysql_db') %>" + execStatement "CREATE DATABASE \"<%= p('stratos_ui.backend.mysql_db') %>\";" + echo "Creating user <%= p('stratos_ui.backend.mysql_user') %>" + execStatement "CREATE USER <%= p('stratos_ui.backend.mysql_user') %> IDENTIFIED BY '<%= p('stratos_ui.backend.mysql_user_password') %>';" + + echo "Granting privs for <%= p('stratos_ui.backend.mysql_db') %> to <%= p('stratos_ui.backend.mysql_user') %>" + execStatement "GRANT ALL PRIVILEGES ON DATABASE \"<%= p('stratos_ui.backend.mysql_db') %>\" TO <%= p('stratos_ui.backend.mysql_user') %>;" +else + echo "<%= p('stratos_ui.backend.mysql_db') %> already exists" +fi + +# Migrate the database if necessary +echo "Checking database to see if migration is necessary." + +echo "Connection string: <%= p('stratos_ui.backend.mysql_user') %>:<%= p('stratos_ui.backend.mysql_user_password') %>@tcp(<%= p('stratos_ui.backend.mysql_host') %>:<%= p('stratos_ui.backend.mysql_port') %>)/<%= p('stratos_ui.backend.mysql_db') %>?parseTime=true" +# Check the version +echo "Checking database version." +goose -path=/var/vcap/packages/backend/deploy/db -env=bosh-mysql dbversion + +# Check the status +echo "Checking database status." +goose -path=/var/vcap/packages/backend/deploy/db -env=bosh-mysql status + +# Run migrations +echo "Attempting database migrations." +goose -path=/var/vcap/packages/backend/deploy/db -env=bosh-mysql up + +# CHeck the status +echo "Checking database status." +goose -path=/var/vcap/packages/backend/deploy/db -env=bosh-mysql status + +# Check the version +echo "Checking database version." +goose -path /var/vcap/packages/backend/deploy/db -env=bosh-mysql dbversion + +echo "Database operation(s) complete." + + +# Check if Upgrade Lock file exists +if [ ! -f "<%= p('stratos_ui.backend.upgrade_volume_path') %>/<%= p('stratos_ui.backend.upgrade_volume_file') %>" ]; then + exit 1 +fi +# Remove the lock file on the shared volume +echo "Removing the <%= p('stratos_ui.backend.upgrade_volume_file') %> file from the shared upgrade volume <%= p('stratos_ui.backend.upgrade_volume_path') %>." +rm <%= p('stratos_ui.backend.upgrade_volume_path') %>/<%= p('stratos_ui.backend.upgrade_volume_file') %> || true + +echo "Removed the upgrade lock file." + +exit 0 +<% end %> diff --git a/deploy/stratos-ui-release/jobs/backend/templates/pre-start.erb b/deploy/stratos-ui-release/jobs/backend/templates/pre-start.erb new file mode 100644 index 0000000000..3452e8278a --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/templates/pre-start.erb @@ -0,0 +1,24 @@ +#!/bin/sh +set -e + +# Step 1 - Set the lock file on the shared volume +mkdir -p <%= p('stratos_ui.backend.upgrade_volume_path') %> +<% if p('stratos_ui.backend.use_mysql') == true %> +touch <%= p('stratos_ui.backend.upgrade_volume_path') %>/<%= p('stratos_ui.backend.upgrade_volume_file') %> +chmod 440 <%= p('stratos_ui.backend.upgrade_volume_path') %>/<%= p('stratos_ui.backend.upgrade_volume_file') %> +echo "Created the upgrade lock file." +<% end %> + +# Step 2 - Create an AES-256 compliant encryption key +# in a file on a shared volume. +echo "Checking to see if we need to generate the encryption key <%= p('stratos_ui.backend.encryption_key_filename') %> file:" +if [ ! -e <%= p('stratos_ui.backend.encryption_key_volume') %>/<%= p('stratos_ui.backend.encryption_key_filename') %> ]; then + echo "-- Adding <%= p('stratos_ui.backend.encryption_key_filename') %> file to the shared volume <%= p('stratos_ui.backend.encryption_key_volume') %>." + keyfile=$(openssl enc -aes-256-cbc -k secret -P -md sha1 | grep key | cut -d '=' -f2) + printf "%s" "$keyfile" > <%= p('stratos_ui.backend.encryption_key_volume') %>/<%= p('stratos_ui.backend.encryption_key_filename') %> + chmod 440 <%= p('stratos_ui.backend.encryption_key_volume') %>/<%= p('stratos_ui.backend.encryption_key_filename') %> + echo "-- Done." +fi + +exit 0 + diff --git a/deploy/stratos-ui-release/jobs/backend/templates/ssl_cert.erb b/deploy/stratos-ui-release/jobs/backend/templates/ssl_cert.erb new file mode 100644 index 0000000000..38180c2263 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/templates/ssl_cert.erb @@ -0,0 +1 @@ +<%= p('stratos_ui.backend.ssl_cert') %> diff --git a/deploy/stratos-ui-release/jobs/backend/templates/ssl_cert_key.erb b/deploy/stratos-ui-release/jobs/backend/templates/ssl_cert_key.erb new file mode 100644 index 0000000000..4badf77826 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/backend/templates/ssl_cert_key.erb @@ -0,0 +1 @@ +<%= p('stratos_ui.backend.ssl_cert_key') %> diff --git a/deploy/stratos-ui-release/jobs/frontend/monit b/deploy/stratos-ui-release/jobs/frontend/monit new file mode 100644 index 0000000000..7395a7ab46 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/frontend/monit @@ -0,0 +1,5 @@ +check process nginx + with pidfile /var/vcap/sys/run/nginx/nginx.pid + start program = "/bin/bash -c '/var/vcap/jobs/frontend/bin/nginx_ctl start'" + stop program = "/bin/bash -c '/var/vcap/jobs/frontend/bin/nginx_ctl stop'" + group vcap diff --git a/deploy/stratos-ui-release/jobs/frontend/spec b/deploy/stratos-ui-release/jobs/frontend/spec new file mode 100644 index 0000000000..040a9c0cd5 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/frontend/spec @@ -0,0 +1,24 @@ +--- +name: frontend +templates: + nginx.conf.erb: config/nginx.conf + ssl_cert.erb: config/nginx.crt + ssl_cert_key.erb: config/nginx.key + nginx_ctl.erb: bin/nginx_ctl + +packages: +- nginx +- frontend +- utils + +properties: + stratos_ui.backend.host: + description: "Host deploying the backend" + default: localhost + stratos_ui.backend.port: + description: "Port the backend is listening on" + default: 443 + stratos_ui.frontend.ssl_cert: + description: "SSL certificate" + stratos_ui.frontend.ssl_cert_key: + description: "SSL certificate key" diff --git a/deploy/stratos-ui-release/jobs/frontend/templates/nginx.conf.erb b/deploy/stratos-ui-release/jobs/frontend/templates/nginx.conf.erb new file mode 100644 index 0000000000..e770455b9b --- /dev/null +++ b/deploy/stratos-ui-release/jobs/frontend/templates/nginx.conf.erb @@ -0,0 +1,75 @@ +worker_processes 2; + +events { + worker_connections 4096; + use epoll; +} + +http { + + upstream portalproxy { + least_conn; + server <%= p('stratos_ui.backend.host') %>:<%= p('stratos_ui.backend.port') %>; + keepalive 32; + } + + add_header X-Frame-Options DENY; + + include /var/vcap/packages/nginx/conf/mime.types; + default_type application/octet-stream; + keepalive_timeout 70; + proxy_read_timeout 200; + sendfile off; + tcp_nopush on; + tcp_nodelay on; + gzip on; + gzip_min_length 1000; + gzip_proxied any; + gzip_types text/plain text/html text/css text/xml + application/x-javascript application/xml + application/atom+xml text/javascript; + + proxy_next_upstream error; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' ''; + } + + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + + server { + listen 80; + return 301 https://$host$request_uri; + } + + server { + listen 443 ssl; + + ssl_certificate /var/vcap/jobs/frontend/config/nginx.crt; + ssl_certificate_key /var/vcap/jobs/frontend/config/nginx.key; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; + + client_max_body_size 50M; + + location /pp/ { + proxy_pass_header Server; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Scheme $scheme; + proxy_pass https://portalproxy/; + proxy_intercept_errors on; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + location / { + root /var/vcap/packages/frontend; + add_header Cache-Control no-cache; + } + } +} diff --git a/deploy/stratos-ui-release/jobs/frontend/templates/nginx_ctl.erb b/deploy/stratos-ui-release/jobs/frontend/templates/nginx_ctl.erb new file mode 100644 index 0000000000..0ab5b92174 --- /dev/null +++ b/deploy/stratos-ui-release/jobs/frontend/templates/nginx_ctl.erb @@ -0,0 +1,26 @@ + +#!/bin/bash -e + +RUN_DIR="/var/vcap/sys/run/nginx" +LOG_DIR="/var/vcap/sys/log/nginx" +PIDFILE="${RUN_DIR}/nginx.pid" +CONFIG_DIR="/var/vcap/jobs/frontend/config" + +mkdir -p $RUN_DIR $LOG_DIR $CONFIG_DIR + +source /var/vcap/packages/utils/syslog_utils.sh +source /var/vcap/packages/utils/pid_utils.sh +tee_output_to_sys_log_and_file "${LOG_DIR}" "$(basename "$0")" + +case $1 in + + start) + /var/vcap/packages/nginx/sbin/nginx -g "pid $PIDFILE;" -c "${CONFIG_DIR}/nginx.conf" + ;; + stop) + kill $(cat $PIDFILE) + ;; + *) + echo "Usage: nginx_ctl {start|stop}" + ;; +esac \ No newline at end of file diff --git a/deploy/stratos-ui-release/jobs/frontend/templates/ssl_cert.erb b/deploy/stratos-ui-release/jobs/frontend/templates/ssl_cert.erb new file mode 100644 index 0000000000..081bdf03dc --- /dev/null +++ b/deploy/stratos-ui-release/jobs/frontend/templates/ssl_cert.erb @@ -0,0 +1 @@ +<%= p('stratos_ui.frontend.ssl_cert') %> diff --git a/deploy/stratos-ui-release/jobs/frontend/templates/ssl_cert_key.erb b/deploy/stratos-ui-release/jobs/frontend/templates/ssl_cert_key.erb new file mode 100644 index 0000000000..8b41d9db5c --- /dev/null +++ b/deploy/stratos-ui-release/jobs/frontend/templates/ssl_cert_key.erb @@ -0,0 +1 @@ +<%= p('stratos_ui.frontend.ssl_cert_key') %> diff --git a/deploy/stratos-ui-release/packages/backend/packaging b/deploy/stratos-ui-release/packages/backend/packaging new file mode 100644 index 0000000000..818ec980f2 --- /dev/null +++ b/deploy/stratos-ui-release/packages/backend/packaging @@ -0,0 +1,4 @@ +# abort script on any command that exits with a non zero value +set -e + +cp -ar ./stratos-ui/* ${BOSH_INSTALL_TARGET} diff --git a/deploy/stratos-ui-release/packages/backend/pre_packaging b/deploy/stratos-ui-release/packages/backend/pre_packaging new file mode 100644 index 0000000000..e5d8cd7991 --- /dev/null +++ b/deploy/stratos-ui-release/packages/backend/pre_packaging @@ -0,0 +1,30 @@ +# abort script on any command that exits with a non zero value +set -ex + +cd ${BUILD_DIR}/stratos-ui +# Install Glide +build/tools/get-glide.sh + +# Build backend +npm install +export PATH=$PATH:$PWD/node_modules/.bin +npm run build-backend + +find ../stratos-ui/deploy -type d ! -path '../stratos-ui/deploy' ! -path '*/db' -maxdepth 1 | xargs rm -rf + +find ../stratos-ui -type d ! -path '*/outputs*' ! -path '*/deploy' ! -path '../stratos-ui' -maxdepth 1 | xargs rm -rf +# Delete top level files +rm -f *.* +mv outputs/* . +rm -rf outputs + + +# The following packages are required for the post-deploy task +mkdir go +export GOPATH=${PWD}/go + +# Fetch libraries +go get bitbucket.org/liamstask/goose/cmd/goose +go get bitbucket.org/liamstask/goose/lib/goose +go get github.com/go-sql-driver/mysql + diff --git a/deploy/stratos-ui-release/packages/backend/spec b/deploy/stratos-ui-release/packages/backend/spec new file mode 100644 index 0000000000..cc4df55676 --- /dev/null +++ b/deploy/stratos-ui-release/packages/backend/spec @@ -0,0 +1,11 @@ +--- +name: backend + +dependencies: +- golang + +files: +- stratos-ui/{package.json,plugins.json,bower.json,gulpfile.js} +- stratos-ui/{build,components}/**/* +- stratos-ui/deploy/db/migrations/**/*.go +- stratos-ui/deploy/db/sqlite_schema.sql diff --git a/deploy/stratos-ui-release/packages/frontend/packaging b/deploy/stratos-ui-release/packages/frontend/packaging new file mode 100644 index 0000000000..07dd36979c --- /dev/null +++ b/deploy/stratos-ui-release/packages/frontend/packaging @@ -0,0 +1,4 @@ +# abort script on any command that exits with a non zero value +set -e + +cp -a ./stratos-ui/* ${BOSH_INSTALL_TARGET} diff --git a/deploy/stratos-ui-release/packages/frontend/pre_packaging b/deploy/stratos-ui-release/packages/frontend/pre_packaging new file mode 100644 index 0000000000..6217001326 --- /dev/null +++ b/deploy/stratos-ui-release/packages/frontend/pre_packaging @@ -0,0 +1,17 @@ +# abort script on any command that exits with a non zero value +set -e -x + +cd ${BUILD_DIR}/stratos-ui + +npm install +export PATH=$PATH:$PWD/node_modules/.bin +bower install +npm run build + +# remove things we don't need +find ../stratos-ui -type d ! -path '*/dist*' ! -path '../stratos-ui' -maxdepth 1 | xargs rm -rf +# Delete top level files +rm -f *.* +# Move dist to top level +mv dist/* . +rm -rf dist diff --git a/deploy/stratos-ui-release/packages/frontend/spec b/deploy/stratos-ui-release/packages/frontend/spec new file mode 100644 index 0000000000..ae7f0b823b --- /dev/null +++ b/deploy/stratos-ui-release/packages/frontend/spec @@ -0,0 +1,9 @@ +--- +name: frontend + +dependencies: +- nginx + +files: +- stratos-ui/{package.json,plugins.json,bower.json,gulpfile.js} +- stratos-ui/{build,components}/**/* diff --git a/deploy/stratos-ui-release/packages/golang/packaging b/deploy/stratos-ui-release/packages/golang/packaging new file mode 100644 index 0000000000..1974f235f9 --- /dev/null +++ b/deploy/stratos-ui-release/packages/golang/packaging @@ -0,0 +1,4 @@ +set -e + +tar xzf golang/go1.8.3.linux-amd64.tar.gz +cp -R go/* ${BOSH_INSTALL_TARGET} diff --git a/deploy/stratos-ui-release/packages/golang/spec b/deploy/stratos-ui-release/packages/golang/spec new file mode 100644 index 0000000000..1087c543fd --- /dev/null +++ b/deploy/stratos-ui-release/packages/golang/spec @@ -0,0 +1,5 @@ +--- +name: golang + +files: + - golang/go1.8.3.linux-amd64.tar.gz diff --git a/deploy/stratos-ui-release/packages/nginx/README.md b/deploy/stratos-ui-release/packages/nginx/README.md new file mode 100644 index 0000000000..20e73c5b8d --- /dev/null +++ b/deploy/stratos-ui-release/packages/nginx/README.md @@ -0,0 +1,14 @@ +nginx-package +============ + +TODO: update this readme + +This repo is used for nginx and nginx-webdav packaging in BOSH deployments. + +The files can be downloaded from the following locations: + +| Filename | Download URL | +| -------- | ------------ | +| nginx-1.11.13.tar.gz | [nginx.org](http://nginx.org/download/nginx-1.11.13.tar.gz) | +| headers-more-nginx-module-0.32.tar.gz | [github.com/openresty/headers-more-nginx-module](https://github.com/openresty/headers-more-nginx-module/archive/v0.32.tar.gz) | +| pcre-8.40.tar.gz | [pcre.org](ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz) | diff --git a/deploy/stratos-ui-release/packages/nginx/packaging b/deploy/stratos-ui-release/packages/nginx/packaging new file mode 100644 index 0000000000..883bdca118 --- /dev/null +++ b/deploy/stratos-ui-release/packages/nginx/packaging @@ -0,0 +1,19 @@ +set -e -x + +echo "Extracting pcre..." +tar xzvf nginx/pcre-8.40.tar.gz + +echo "Extracting nginx..." +tar xzvf nginx/nginx-1.11.13.tar.gz + +echo "Building nginx..." +pushd nginx-1.11.13 + ./configure \ + --prefix=${BOSH_INSTALL_TARGET} \ + --with-pcre=../pcre-8.40 \ + --with-http_stub_status_module \ + --with-http_ssl_module + + make + make install +popd diff --git a/deploy/stratos-ui-release/packages/nginx/spec b/deploy/stratos-ui-release/packages/nginx/spec new file mode 100644 index 0000000000..ed312aab0f --- /dev/null +++ b/deploy/stratos-ui-release/packages/nginx/spec @@ -0,0 +1,5 @@ +--- +name: nginx +files: +- nginx/nginx-1.11.13.tar.gz +- nginx/pcre-8.40.tar.gz diff --git a/deploy/stratos-ui-release/packages/utils/packaging b/deploy/stratos-ui-release/packages/utils/packaging new file mode 100644 index 0000000000..743f62e2c2 --- /dev/null +++ b/deploy/stratos-ui-release/packages/utils/packaging @@ -0,0 +1,3 @@ +set -e -x + +cp -a ./utils/* ${BOSH_INSTALL_TARGET} diff --git a/deploy/stratos-ui-release/packages/utils/spec b/deploy/stratos-ui-release/packages/utils/spec new file mode 100644 index 0000000000..ae2e9f971b --- /dev/null +++ b/deploy/stratos-ui-release/packages/utils/spec @@ -0,0 +1,5 @@ +--- +name: utils +files: +- utils/pid_utils.sh +- utils/syslog_utils.sh diff --git a/deploy/stratos-ui-release/src/stratos-ui b/deploy/stratos-ui-release/src/stratos-ui new file mode 120000 index 0000000000..1b20c9fb81 --- /dev/null +++ b/deploy/stratos-ui-release/src/stratos-ui @@ -0,0 +1 @@ +../../../ \ No newline at end of file diff --git a/deploy/stratos-ui-release/src/utils/pid_utils.sh b/deploy/stratos-ui-release/src/utils/pid_utils.sh new file mode 100644 index 0000000000..5bfa4325fc --- /dev/null +++ b/deploy/stratos-ui-release/src/utils/pid_utils.sh @@ -0,0 +1,123 @@ +#!/usr/bin/env bash + +function pid_is_running() { + declare pid="$1" + ps -p "${pid}" >/dev/null 2>&1 +} + +# pid_guard +# +# @param pidfile +# @param name [String] an arbitrary name that might show up in STDOUT on errors +# +# Run this before attempting to start new processes that may use the same :pidfile:. +# If an old process is running on the pid found in the :pidfile:, exit 1. Otherwise, +# remove the stale :pidfile: if it exists. +# +function pid_guard() { + declare pidfile="$1" name="$2" + + echo "------------ STARTING $(basename "$0") at $(date) --------------" | tee /dev/stderr + + if [ ! -f "${pidfile}" ]; then + return 0 + fi + + local pid + pid=$(head -1 "${pidfile}") + + if pid_is_running "${pid}"; then + echo "${name} is already running, please stop it first" + exit 1 + fi + + echo "Removing stale pidfile" + rm "${pidfile}" +} + +# wait_pid_death +# +# @param pid +# @param timeout +# +# Watch a :pid: for :timeout: seconds, waiting for it to die. +# If it dies before :timeout:, exit 0. If not, exit 1. +# +# Note that this should be run in a subshell, so that the current +# shell does not exit. +# +function wait_pid_death() { + declare pid="$1" timeout="$2" + + local countdown + countdown=$(( timeout * 10 )) + + while true; do + if ! pid_is_running "${pid}"; then + return 0 + fi + + if [ ${countdown} -le 0 ]; then + return 1 + fi + + countdown=$(( countdown - 1 )) + sleep 0.1 + done +} + +# kill_and_wait +# +# @param pidfile +# @param timeout [default 25s] +# +# For a pid found in :pidfile:, send a `kill -15` TERM, then wait for :timeout: seconds to +# see if it dies on its own. If not, send it a `kill -9`. If the process does die, +# exit 0 and remove the :pidfile:. If after all of this, the process does not actually +# die, exit 1. +# +# Note: +# Monit default timeout for start/stop is 30s +# Append 'with timeout {n} seconds' to monit start/stop program configs +# +function kill_and_wait() { + declare pidfile="$1" timeout="${2:-25}" sigkill_on_timeout="${3:-1}" + + if [ ! -f "${pidfile}" ]; then + echo "Pidfile ${pidfile} doesn't exist" + exit 0 + fi + + local pid + pid=$(head -1 "${pidfile}") + + if [ -z "${pid}" ]; then + echo "Unable to get pid from ${pidfile}" + exit 1 + fi + + if ! pid_is_running "${pid}"; then + echo "Process ${pid} is not running" + rm -f "${pidfile}" + exit 0 + fi + + echo "Killing ${pidfile}: ${pid} " + kill "${pid}" + + if ! wait_pid_death "${pid}" "${timeout}"; then + if [ "${sigkill_on_timeout}" = "1" ]; then + echo "Kill timed out, using kill -9 on ${pid}" + kill -9 "${pid}" + sleep 0.5 + fi + fi + + if pid_is_running "${pid}"; then + echo "Timed Out" + exit 1 + else + echo "Stopped" + rm -f "${pidfile}" + fi +} diff --git a/deploy/stratos-ui-release/src/utils/syslog_utils.sh b/deploy/stratos-ui-release/src/utils/syslog_utils.sh new file mode 100644 index 0000000000..94b968edd7 --- /dev/null +++ b/deploy/stratos-ui-release/src/utils/syslog_utils.sh @@ -0,0 +1,32 @@ +#!/usr/bin/env bash + +# tee_output_to_sys_log_and_file +# +# @param log_dir [String] the directory where the log file should be written +# @param log_name [String] used to name the log files eg: log_name.log and log_name.err.log +# used to tag the syslog message eg: vcap.log_name.stdout and vcap.log_name.stderr +# +# Send stdout and stderr to syslog as well as a specified file. Prepends datetime to output in the log file. +function tee_output_to_sys_log_and_file { + declare log_dir="$1" log_name="$2" + + exec > >(tee -a >(logger -p user.info -t "vcap.${log_name}.stdout") | prepend_datetime >>"${log_dir}/${log_name}.log") + exec 2> >(tee -a >(logger -p user.error -t "vcap.${log_name}.stderr") | prepend_datetime >>"${log_dir}/${log_name}.err.log") +} + +# tee_output_to_sys_log +# +# @param log_name [String] used to name the log files eg: log_name.log and log_name.err.log +# used to tag the syslog message eg: vcap.log_name.stdout and vcap.log_name.stderr +# +# Send stdout and stderr to syslog . Prepends datetime to stdout and stderr. +function tee_output_to_sys_log { + declare log_name="$1" + + exec > >(tee -a >(logger -p user.info -t "vcap.${log_name}.stdout") | prepend_datetime >> /dev/stdout) + exec 2> >(tee -a >(logger -p user.error -t "vcap.${log_name}.stderr") | prepend_datetime >> /dev/stderr) +} + +function prepend_datetime { + awk -W interactive '{ system("echo -n [$(date +\"%Y-%m-%d %H:%M:%S%z\")]"); print " " $0 }' +}