From 3c208794c858ab60a1530c9e46e755396ea50403 Mon Sep 17 00:00:00 2001 From: Daniel Schmidt Date: Fri, 21 Sep 2018 21:52:42 +0200 Subject: [PATCH 1/4] [Java] move creation of required unit test resources into separate shell script This is needed because these required resources are only created through 'docker/joynr-android/scripts/build/java-android-clean-build'. If 'java-android-clean-build' wasn't executed in the past the resources aren't available and some tests from 'java/messaging/mqtt/joynr-mqtt-client' will fail. With these changes it doesn't matter from which 'clean-build' script the maven build process was started. --- .../scripts/build/java-android-clean-build | 30 --------- java/messaging/mqtt/joynr-mqtt-client/pom.xml | 26 ++++++++ .../scripts/gen-java-keystore-truststore.sh | 66 +++++++++++++++++++ 3 files changed, 92 insertions(+), 30 deletions(-) create mode 100755 java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh diff --git a/docker/joynr-android/scripts/build/java-android-clean-build b/docker/joynr-android/scripts/build/java-android-clean-build index 3d5f1d05a0..23733a0b84 100755 --- a/docker/joynr-android/scripts/build/java-android-clean-build +++ b/docker/joynr-android/scripts/build/java-android-clean-build @@ -23,36 +23,6 @@ while [ "$1" != "" ]; do shift done -echo '####################################################' -echo '# create keystore and truststore' -echo '####################################################' - -CERT_PATH='/data/ssl-data/certs' -PRIVATE_KEY_PATH='/data/ssl-data/private' -KEYSTORE_PASSWORD='password' - -mkdir -p /data/src/java/messaging/mqtt/joynr-mqtt-client/src/test/resources - -cd /data/src/java/messaging/mqtt/joynr-mqtt-client/src/test/resources/ - -# create JKS truststore -keytool -keystore catruststore.jks -importcert -file $CERT_PATH/ca.cert.pem -storepass $KEYSTORE_PASSWORD -trustcacerts -noprompt - -# list the truststore contents -keytool -list -keystore catruststore.jks -storepass $KEYSTORE_PASSWORD - -# create PKCS12 truststore -keytool -importkeystore -srckeystore catruststore.jks -srcstorepass $KEYSTORE_PASSWORD -destkeystore catruststore.p12 -deststorepass $KEYSTORE_PASSWORD -srcstoretype JKS -deststoretype PKCS12 - -# merge and import client certificate and private key into pkcs12 keystore -openssl pkcs12 -export -in $CERT_PATH/client.cert.pem -inkey $PRIVATE_KEY_PATH/client.key.pem -out clientkeystore.p12 -password pass:$KEYSTORE_PASSWORD - -# convert pkcs12 keystore into java keystore -keytool -importkeystore -deststorepass $KEYSTORE_PASSWORD -destkeypass $KEYSTORE_PASSWORD -destkeystore clientkeystore.jks -srckeystore clientkeystore.p12 -srcstoretype PKCS12 -srcstorepass $KEYSTORE_PASSWORD -alias 1 -storepass $KEYSTORE_PASSWORD - -# list the keystore contents -keytool -list -keystore clientkeystore.jks -storepass $KEYSTORE_PASSWORD - echo '####################################################' echo '# start tests' echo '####################################################' diff --git a/java/messaging/mqtt/joynr-mqtt-client/pom.xml b/java/messaging/mqtt/joynr-mqtt-client/pom.xml index edf2f082b1..b0e67b5876 100644 --- a/java/messaging/mqtt/joynr-mqtt-client/pom.xml +++ b/java/messaging/mqtt/joynr-mqtt-client/pom.xml @@ -55,4 +55,30 @@ + + + + exec-maven-plugin + org.codehaus.mojo + 1.6.0 + + + generate required sources + generate-test-resources + + exec + + + ${basedir}/scripts/gen-java-keystore-truststore.sh + + --destdir + ${basedir}/src/test/resources + + + + + + + + diff --git a/java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh b/java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh new file mode 100755 index 0000000000..c867a7632a --- /dev/null +++ b/java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +DEST_DIR='.' +KEYSTORE_PASSWORD='password' + +# these files are located inside the docker image +CERT_PATH='/data/ssl-data/certs' +PRIVATE_KEY_PATH='/data/ssl-data/private' + +function usage +{ + echo "usage: gen-java-keystore-truststore.sh + [--keystorepassword ] + [--destdir ]" +} + +while [ "$1" != "" ]; do + case $1 in + + --keystorepassword ) shift + KEYSTORE_PASSWORD=$1 + ;; + + --destdir ) shift + DEST_DIR=${1%/}/ + ;; + + * ) usage + exit 1 + esac + shift +done + +if [ -z "$KEYSTORE_PASSWORD" ]; then + echo "Empty password for the keystore specified ..." + echo " " + usage + exit -1 +fi + + +if [ -z "$DEST_DIR" ]; then + echo "No destination directory specified. Using current directory" +fi + + +cd "$DEST_DIR" + + +# create JKS truststore +keytool -keystore catruststore.jks -importcert -file $CERT_PATH/ca.cert.pem -storepass $KEYSTORE_PASSWORD -trustcacerts -noprompt + +# list the truststore contents +keytool -list -keystore catruststore.jks -storepass $KEYSTORE_PASSWORD + +# create PKCS12 truststore +keytool -importkeystore -srckeystore catruststore.jks -srcstorepass $KEYSTORE_PASSWORD -destkeystore catruststore.p12 -deststorepass $KEYSTORE_PASSWORD -srcstoretype JKS -deststoretype PKCS12 -noprompt + +# merge and import client certificate and private key into pkcs12 keystore +openssl pkcs12 -export -in $CERT_PATH/client.cert.pem -inkey $PRIVATE_KEY_PATH/client.key.pem -out clientkeystore.p12 -password pass:$KEYSTORE_PASSWORD + +# convert pkcs12 keystore into java keystore +keytool -delete -importkeystore -deststorepass $KEYSTORE_PASSWORD -destkeypass $KEYSTORE_PASSWORD -destkeystore clientkeystore.jks -srckeystore clientkeystore.p12 -srcstoretype PKCS12 -srcstorepass $KEYSTORE_PASSWORD -alias 1 -storepass $KEYSTORE_PASSWORD -noprompt + +# list the keystore contents +keytool -list -keystore clientkeystore.jks -storepass $KEYSTORE_PASSWORD From 1aa5c2a9652772ce8cac188b93067547534488c2 Mon Sep 17 00:00:00 2001 From: Daniel Schmidt Date: Fri, 21 Sep 2018 22:44:18 +0200 Subject: [PATCH 2/4] [Java] Make 'gen-java-keystore-truststore.sh' always exit with successful status The script always exits with return code 0 to not break the maven build. Without this change, running the unit tests of 'java/messaging/mqtt/joynr-mqtt-client' outside of the joynr docker container would fail and therefore break the maven build. --- .../joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh b/java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh index c867a7632a..23877256aa 100755 --- a/java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh +++ b/java/messaging/mqtt/joynr-mqtt-client/scripts/gen-java-keystore-truststore.sh @@ -64,3 +64,6 @@ keytool -delete -importkeystore -deststorepass $KEYSTORE_PASSWORD -destkeypass $ # list the keystore contents keytool -list -keystore clientkeystore.jks -storepass $KEYSTORE_PASSWORD + +# always return success (don't break the maven build in case of something went wrong) +exit 0 From 8e904dc0465b1414857fb437ab29d2f2c9668f78 Mon Sep 17 00:00:00 2001 From: Daniel Schmidt Date: Fri, 21 Sep 2018 23:17:46 +0200 Subject: [PATCH 3/4] [JAVA] Use exec-maven-plugin version specified in root pom --- java/messaging/mqtt/joynr-mqtt-client/pom.xml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/java/messaging/mqtt/joynr-mqtt-client/pom.xml b/java/messaging/mqtt/joynr-mqtt-client/pom.xml index b0e67b5876..6050e960b7 100644 --- a/java/messaging/mqtt/joynr-mqtt-client/pom.xml +++ b/java/messaging/mqtt/joynr-mqtt-client/pom.xml @@ -60,10 +60,9 @@ exec-maven-plugin org.codehaus.mojo - 1.6.0 - generate required sources + generate-java-keystore-truststore generate-test-resources exec From 1636ce203790cf33910cfc69c2f2c8d217afec66 Mon Sep 17 00:00:00 2001 From: Daniel Schmidt Date: Sat, 22 Sep 2018 01:52:19 +0200 Subject: [PATCH 4/4] [Java] Let maven know if it runs inside joynr environment The shell script 'gen-java-keystore-truststore.sh' only works correctly if it is executed inside a joynr-docker-container. On a windows system it would break the maven build, because in most cases running shell scripts isn't supported or requires additional configurations. The environment variable 'JOYNR_DOCKER_ENVIRONMENT' can be checked by maven or shell scripts to determine if it is save to do some magic which would only work inside the joynr-docker-containers. --- docker/joynr-base/Dockerfile | 5 ++ java/messaging/mqtt/joynr-mqtt-client/pom.xml | 58 +++++++++++-------- 2 files changed, 39 insertions(+), 24 deletions(-) diff --git a/docker/joynr-base/Dockerfile b/docker/joynr-base/Dockerfile index f45414f13c..dadeea2855 100644 --- a/docker/joynr-base/Dockerfile +++ b/docker/joynr-base/Dockerfile @@ -69,6 +69,11 @@ ENV BUILD_DIR /data/build ENV SRC_DIR /data/src ENV INSTALL_DIR /data/install +################################################### +# set joynr-docker-environment +################################################### +ENV JOYNR_DOCKER_ENVIRONMENT true + ################################################### # copy scripts and set start command ################################################### diff --git a/java/messaging/mqtt/joynr-mqtt-client/pom.xml b/java/messaging/mqtt/joynr-mqtt-client/pom.xml index 6050e960b7..a58aefc63d 100644 --- a/java/messaging/mqtt/joynr-mqtt-client/pom.xml +++ b/java/messaging/mqtt/joynr-mqtt-client/pom.xml @@ -55,29 +55,39 @@ - - - - exec-maven-plugin - org.codehaus.mojo - - - generate-java-keystore-truststore - generate-test-resources - - exec - - - ${basedir}/scripts/gen-java-keystore-truststore.sh - - --destdir - ${basedir}/src/test/resources - - - - - - - + + + joynr-docker-environment + + + env.JOYNR_DOCKER_ENVIRONMENT + + + + + + exec-maven-plugin + org.codehaus.mojo + + + generate required sources + generate-test-resources + + exec + + + ${basedir}/scripts/gen-java-keystore-truststore.sh + + --destdir + ${basedir}/src/test/resources + + + + + + + + +