diff --git a/Dockerfile b/Dockerfile index 7022e04..39185b8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -64,7 +64,7 @@ RUN addgroup -S "$OWPROV_USER" && \ RUN mkdir /openwifi RUN mkdir -p "$OWPROV_ROOT" "$OWPROV_CONFIG" && \ chown "$OWPROV_USER": "$OWPROV_ROOT" "$OWPROV_CONFIG" -RUN apk add --update --no-cache librdkafka curl-dev mariadb-connector-c libpq su-exec gettext ca-certificates +RUN apk add --update --no-cache librdkafka curl-dev mariadb-connector-c libpq su-exec gettext ca-certificates bash jq curl COPY --from=builder /owprov/cmake-build/owprov /openwifi/owprov COPY --from=builder /cppkafka/cmake-build/src/lib/* /lib/ @@ -77,6 +77,8 @@ COPY docker-entrypoint.sh / RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \ -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem +COPY readiness_check /readiness_check + EXPOSE 16005 17005 16105 ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/helm/values.yaml b/helm/values.yaml index 8706b22..304bad6 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -35,9 +35,10 @@ checks: path: / port: 16105 readiness: - httpGet: - path: / - port: 16105 + exec: + command: + - /readiness_check + failureThreshold: 1 ingresses: restapi: @@ -103,8 +104,16 @@ persistence: public_env_variables: OWPROV_ROOT: /owprov-data OWPROV_CONFIG: /owprov-data + # Environment variables required for the readiness checks using script + FLAGS: "-s --connect-timeout 3" + # NOTE in order for readiness check to use system info you need to set READINESS_METHOD to "systeminfo" and set OWSEC to the OWSEC's REST API endpoint + #READINESS_METHOD: systeminfo + #OWSEC: gw-qa01.cicd.lab.wlan.tip.build:16001 -secret_env_variables: {} +secret_env_variables: + # NOTE in order for readiness check to use system info method you need to override these values to the real OWSEC credentials + OWSEC_USERNAME: tip@ucentral.com + OWSEC_PASSWORD: openwifi configProperties: # -> Public part diff --git a/readiness_check b/readiness_check new file mode 100755 index 0000000..94ae6fb --- /dev/null +++ b/readiness_check @@ -0,0 +1,65 @@ +#!/bin/bash +set -e + +if [[ "$(which jq)" == "" ]] +then + echo "You need the package jq installed to use this script." + exit 1 +fi + +if [[ "$(which curl)" == "" ]] +then + echo "You need the package curl installed to use this script." + exit 1 +fi + +if [[ "${OWSEC}" == "" ]] +then + echo "You must set the variable OWSEC in order to use this script. Something like" + echo "OWSEC=security.isp.com:16001" + exit 1 +fi + +if [[ "${OWSEC_USERNAME}" == "" ]] +then + echo "You must set the variable OWSEC_USERNAME in order to use this script. Something like" + echo "OWSEC_USERNAME=tip@ucentral.com" + exit 1 +fi + +if [[ "${OWSEC_PASSWORD}" == "" ]] +then + echo "You must set the variable OWSEC_PASSWORD in order to use this script. Something like" + echo "OWSEC_PASSWORD=openwifi" + exit 1 +fi + +if [[ "${READINESS_METHOD}" == "systeminfo" ]] +then + # Get OAuth token from OWSEC and cache it or use cached one + payload="{ \"userId\" : \"$OWSEC_USERNAME\" , \"password\" : \"$OWSEC_PASSWORD\" }" + if [[ -f "/tmp/token" ]] + then + token=$(cat /tmp/token) + else + token=$(curl ${FLAGS} -X POST -H "Content-Type: application/json" -d "$payload" "https://${OWSEC}/api/v1/oauth2" | jq -r '.access_token') + fi + if [[ "${token}" == "" ]] + then + echo "Could not login. Please verify the host and username/password." + exit 13 + fi + echo -n $token > /tmp/token + + # Make systeminfo request to the local owprov instance + export RESTAPI_PORT=$(grep 'openwifi.restapi.host.0.port' $OWPROV_CONFIG/owprov.properties | awk -F '=' '{print $2}' | xargs | envsubst) + curl ${FLAGS} -k -X GET "https://localhost:$RESTAPI_PORT/api/v1/system?command=info" \ + -H "accept: application/json" \ + -H "Authorization: Bearer ${token}" > /tmp/result.json + exit_code=$? + jq < /tmp/result.json + exit $exit_code +else + export ALB_PORT=$(grep 'alb.port' $OWPROV_CONFIG/owprov.properties | awk -F '=' '{print $2}' | xargs | envsubst) + curl localhost:$ALB_PORT +fi