Skip to content
This repository has been archived by the owner on Dec 16, 2019. It is now read-only.

Add Data Out's keyserver to our setup #355

Merged
merged 7 commits into from
Sep 19, 2018
Merged

Add Data Out's keyserver to our setup #355

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
0479053
Use EGA Data Out's keyserver.
dtitov Sep 14, 2018
094e733
Fix files generation (no new file at the end).
dtitov Sep 14, 2018
0d0e8e8
Rename image for Data Out's keyserver.
dtitov Sep 14, 2018
7ec69d5
Add flag to bootstrapping to select the keyserver implementation.
dtitov Sep 14, 2018
a07ad1b
Fix test-suite.
dtitov Sep 14, 2018
91fa10a
add missing options for bootstrapping and increase sleep for travis.
blankdots Sep 18, 2018
1f88554
add how to bootstrap with ega keyserver in the README
nanjiangshu Sep 19, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,25 +39,25 @@ jobs:
- stage: integration tests
before_script:
- cd docker
- make bootstrap ARGS='--inbox mina'
- make bootstrap ARGS='--inbox mina --keyserver ega'
- sudo chown -R travis private
- docker network create cega
- make up
- docker-compose ps
script:
- sleep 10
- sleep 20
- cd tests
- mvn test -Dtest=CommonTests -B
- stage: integration tests
before_script:
- cd docker
- make bootstrap ARGS='--inbox mina'
- make bootstrap ARGS='--inbox mina --keyserver ega'
- sudo chown -R travis private
- docker network create cega
- make up
- docker-compose ps
script:
- sleep 10
- sleep 20
- cd tests
- mvn test -Dtest=RobustnessTests -B
- stage: integration tests
Expand Down
7 changes: 5 additions & 2 deletions docker/bootstrap/boot.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,14 @@ VERBOSE=no
FORCE=yes
OPENSSL=openssl
INBOX=openssh
KEYSERVER=lega

function usage {
echo "Usage: $0 [options]"
echo -e "\nOptions are:"
echo -e "\t--openssl <value> \tPath to the Openssl executable [Default: ${OPENSSL}]"
echo -e "\t--inbox <value> \tSelect inbox \"openssh\" or \"mina\" [Default: ${INBOX}]"
echo -e "\t--keyserver <value> \tSelect keyserver \"lega\" or \"ega\" [Default: ${KEYSERVER}]"
echo ""
echo -e "\t--verbose, -v \tShow verbose output"
echo -e "\t--polite, -p \tDo not force the re-creation of the subfolders. Ask instead"
Expand All @@ -35,8 +37,9 @@ while [[ $# -gt 0 ]]; do
--verbose|-v) VERBOSE=yes;;
--polite|-p) FORCE=no;;
--openssl) OPENSSL=$2; shift;;
--inbox) INBOX=$2; shift;;
--) shift; break;;
--inbox) INBOX=$2; shift;;
--keyserver) KEYSERVER=$2; shift;;
--) shift; break;;
*) echo "$0: error - unrecognized option $1" 1>&2; usage; exit 1;; esac
shift
done
Expand Down
63 changes: 57 additions & 6 deletions docker/bootstrap/lega.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,10 @@ chmod 644 ${PRIVATE}/lega/pgp/ega.pub
${GEN_KEY} "${PGP_NAME}" "${PGP_EMAIL}" "${PGP_COMMENT}" --passphrase "${PGP_PASSPHRASE}" --pub ${PRIVATE}/lega/pgp/ega2.pub --priv ${PRIVATE}/lega/pgp/ega2.sec --armor
chmod 644 ${PRIVATE}/lega/pgp/ega2.pub

echo -n ${PGP_PASSPHRASE} > ${PRIVATE}/lega/pgp/ega.sec.pass
echo -n ${PGP_PASSPHRASE} > ${PRIVATE}/lega/pgp/ega2.sec.pass
echo -n ${LEGA_PASSWORD} > ${PRIVATE}/lega/pgp/ega.shared.pass

#########################################################################

echomsg "\t* the SSL certificates"
Expand Down Expand Up @@ -45,12 +49,35 @@ cat > ${PRIVATE}/lega/conf.ini <<EOF
log = debug
#log = silent

EOF
if [[ $KEYSERVER == 'ega' ]]; then
cat >> ${PRIVATE}/lega/conf.ini <<EOF

[keyserver]
port = 8080
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

flag here as well: if [[ $KEYSERVER == 'ega' ]]; then


[quality_control]
keyserver_endpoint = http://keys:8080/keys/retrieve/%s/private/bin?idFormat=hex

[outgestion]
# Just for test
keyserver_endpoint = http://keys:8080/keys/retrieve/%s/private/bin?idFormat=hex
EOF
else
cat >> ${PRIVATE}/lega/conf.ini <<EOF
[keyserver]
port = 8443

[quality_control]
keyserver_endpoint = https://keys:8443/retrieve/%s/private

[outgestion]
# Just for test
keyserver_endpoint = https://keys:8443/retrieve/%s/private
EOF
fi
cat >> ${PRIVATE}/lega/conf.ini <<EOF

[inbox]
location = /ega/inbox/%s
chroot_sessions = True
Expand All @@ -62,11 +89,6 @@ access_key = ${S3_ACCESS_KEY}
secret_key = ${S3_SECRET_KEY}
#region = lega


[outgestion]
# Just for test
keyserver_endpoint = https://keys:8443/retrieve/%s/private

## Connecting to Local EGA
[broker]
host = mq
Expand All @@ -84,7 +106,6 @@ try = 30
endpoint = http://cega-eureka:8761
EOF


#########################################################################
# Populate env-settings for docker compose
#########################################################################
Expand Down Expand Up @@ -231,6 +252,33 @@ cat >> ${PRIVATE}/lega.yml <<EOF
entrypoint: ["gosu", "lega", "ega-ingest"]

# Key server
EOF
if [[ $KEYSERVER == 'ega' ]]; then
cat >> ${PRIVATE}/lega.yml <<EOF
keys:
hostname: keys
container_name: keys
image: nbisweden/keys
environment:
- SPRING_PROFILES_ACTIVE=no-oss
- EGA_KEY_PATH=/etc/ega/pgp/ega.sec,/etc/ega/pgp/ega2.sec
- EGA_KEYPASS_PATH=/etc/ega/pgp/ega.sec.pass,/etc/ega/pgp/ega2.sec.pass
- EGA_SHAREDPASS_PATH=/etc/ega/pgp/ega.shared.pass
- EGA_PUBLICKEY_URL=
- EGA_LEGACY_PATH=
volumes:
- ./lega/pgp/ega.sec:/etc/ega/pgp/ega.sec:ro
- ./lega/pgp/ega.sec.pass:/etc/ega/pgp/ega.sec.pass:ro
- ./lega/pgp/ega2.sec:/etc/ega/pgp/ega2.sec:ro
- ./lega/pgp/ega2.sec.pass:/etc/ega/pgp/ega2.sec.pass:ro
- ./lega/pgp/ega.shared.pass:/etc/ega/pgp/ega.shared.pass:ro
restart: on-failure:3
networks:
- lega

EOF
else
cat >> ${PRIVATE}/lega.yml <<EOF
keys:
hostname: keys
container_name: keys
Expand All @@ -255,6 +303,9 @@ cat >> ${PRIVATE}/lega.yml <<EOF
- cega
entrypoint: ["gosu","lega","ega-keyserver","--keys","/etc/ega/keys.ini.enc"]

EOF
fi
cat >> ${PRIVATE}/lega.yml <<EOF
# Quality Control
verify:
depends_on:
Expand Down
2 changes: 1 addition & 1 deletion docker/tests/src/test/resources/config.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ ingest.max-timeout = 100000
images.name.db = postgres:9.6
images.name.inbox = nbisweden/ega-mina-inbox
images.name.ingest = nbisweden/ega-base:dev
images.name.keys = nbisweden/ega-base:dev
images.name.keys = nbisweden/keys
images.name.mq = rabbitmq:3.6.14-management
images.name.s3 = minio/minio
images.name.verify = nbisweden/ega-base:dev
Expand Down