diff --git a/Dockerfile b/Dockerfile index 9d450ed2..dc4141c5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -57,7 +57,7 @@ RUN addgroup -S "$OWGW_USER" && \ RUN mkdir /openwifi RUN mkdir -p "$OWGW_ROOT" "$OWGW_CONFIG" && \ chown "$OWGW_USER": "$OWGW_ROOT" "$OWGW_CONFIG" -RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates +RUN apk add --update --no-cache librdkafka mariadb-connector-c libpq unixodbc su-exec gettext ca-certificates bash jq curl COPY --from=builder /owgw/cmake-build/owgw /openwifi/owgw COPY --from=builder /cppkafka/cmake-build/src/lib/* /lib/ @@ -66,7 +66,9 @@ COPY --from=builder /poco/cmake-build/lib/* /lib/ COPY owgw.properties.tmpl / COPY docker-entrypoint.sh / RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentral-deploy/main/docker-compose/certs/restapi-ca.pem \ - -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem + -O /usr/local/share/ca-certificates/restapi-ca-selfsigned.pem + +COPY readiness_check /readiness_check EXPOSE 15002 16002 16003 17002 16102 diff --git a/helm/values.yaml b/helm/values.yaml index 92c5561e..4c978667 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -43,9 +43,10 @@ checks: path: / port: 16102 readiness: - httpGet: - path: / - port: 16102 + exec: + command: + - /readiness_check + failureThreshold: 1 ingresses: restapi: @@ -130,8 +131,16 @@ persistence: public_env_variables: OWGW_ROOT: /owgw-data OWGW_CONFIG: /owgw-data + # Environment variables required for the readiness checks using script + FLAGS: "-s --connect-timeout 3" + # NOTE in order for readiness check to use system info you need to set READINESS_METHOD to "systeminfo" and set OWSEC to the OWSEC's REST API endpoint + #READINESS_METHOD: systeminfo + #OWSEC: gw-qa01.cicd.lab.wlan.tip.build:16001 -secret_env_variables: {} +secret_env_variables: + # NOTE in order for readiness check to use system info method you need to override these values to the real OWSEC credentials + OWSEC_USERNAME: tip@ucentral.com + OWSEC_PASSWORD: openwifi configProperties: # -> Public part diff --git a/readiness_check b/readiness_check new file mode 100755 index 00000000..4eeee7f8 --- /dev/null +++ b/readiness_check @@ -0,0 +1,65 @@ +#!/bin/bash +set -e + +if [[ "$(which jq)" == "" ]] +then + echo "You need the package jq installed to use this script." + exit 1 +fi + +if [[ "$(which curl)" == "" ]] +then + echo "You need the package curl installed to use this script." + exit 1 +fi + +if [[ "${OWSEC}" == "" ]] +then + echo "You must set the variable OWSEC in order to use this script. Something like" + echo "OWSEC=security.isp.com:16001" + exit 1 +fi + +if [[ "${OWSEC_USERNAME}" == "" ]] +then + echo "You must set the variable OWSEC_USERNAME in order to use this script. Something like" + echo "OWSEC_USERNAME=tip@ucentral.com" + exit 1 +fi + +if [[ "${OWSEC_PASSWORD}" == "" ]] +then + echo "You must set the variable OWSEC_PASSWORD in order to use this script. Something like" + echo "OWSEC_PASSWORD=openwifi" + exit 1 +fi + +if [[ "${READINESS_METHOD}" == "systeminfo" ]] +then + # Get OAuth token from OWSEC and cache it or use cached one + payload="{ \"userId\" : \"$OWSEC_USERNAME\" , \"password\" : \"$OWSEC_PASSWORD\" }" + if [[ -f "/tmp/token" ]] + then + token=$(cat /tmp/token) + else + token=$(curl ${FLAGS} -X POST -H "Content-Type: application/json" -d "$payload" "https://${OWSEC}/api/v1/oauth2" | jq -r '.access_token') + fi + if [[ "${token}" == "" ]] + then + echo "Could not login. Please verify the host and username/password." + exit 13 + fi + echo -n $token > /tmp/token + + # Make systeminfo request to the local owgw instance + export RESTAPI_PORT=$(grep 'openwifi.restapi.host.0.port' $OWGW_CONFIG/owgw.properties | awk -F '=' '{print $2}' | xargs | envsubst) + curl ${FLAGS} -k -X GET "https://localhost:$RESTAPI_PORT/api/v1/system?command=info" \ + -H "accept: application/json" \ + -H "Authorization: Bearer ${token}" > /tmp/result.json + exit_code=$? + jq < /tmp/result.json + exit $exit_code +else + export ALB_PORT=$(grep 'alb.port' $OWGW_CONFIG/owgw.properties | awk -F '=' '{print $2}' | xargs | envsubst) + curl localhost:$ALB_PORT +fi