ocket8888 closed pull request #3039: Fixed containers sometimes sourcing an
environment file which does not yet exist
URL: https://github.com/apache/trafficcontrol/pull/3039
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/infrastructure/cdn-in-a-box/Makefile
b/infrastructure/cdn-in-a-box/Makefile
index d2a899ba5..9da72ab20 100644
--- a/infrastructure/cdn-in-a-box/Makefile
+++ b/infrastructure/cdn-in-a-box/Makefile
@@ -60,8 +60,8 @@ mid/traffic_ops_ort.rpm edge/traffic_ops_ort.rpm:
../../dist/traffic_ops_ort-$(S
cp -f $? $@
traffic_portal/traffic_portal.rpm: ../../dist/traffic_portal-$(SPECIAL_SAUCE)
cp -f $? $@
-traffic_router/traffic_router.rpm: ../../dist/traffic_router-$(SPECIAL_SAUCE)
- cp -f $? $@
+traffic_router/traffic_router.rpm: traffic_router/tomcat.rpm
../../dist/traffic_router-$(SPECIAL_SAUCE)
+ cp -f ../../dist/traffic_router-$(SPECIAL_SEASONING) $@
traffic_router/tomcat.rpm: ../../dist/tomcat-$(SPECIAL_SEASONING)
cp -f $? $@
diff --git a/infrastructure/cdn-in-a-box/edge/run.sh
b/infrastructure/cdn-in-a-box/edge/run.sh
index affb597ff..bf798d21d 100755
--- a/infrastructure/cdn-in-a-box/edge/run.sh
+++ b/infrastructure/cdn-in-a-box/edge/run.sh
@@ -24,7 +24,7 @@ set -m
source /to-access.sh
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
diff --git a/infrastructure/cdn-in-a-box/enroller/run.sh
b/infrastructure/cdn-in-a-box/enroller/run.sh
index 0f35d1123..7a4f8c1ff 100755
--- a/infrastructure/cdn-in-a-box/enroller/run.sh
+++ b/infrastructure/cdn-in-a-box/enroller/run.sh
@@ -25,7 +25,7 @@ export TO_USER=$TO_ADMIN_USER
export TO_PASSWORD=$TO_ADMIN_PASSWORD
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
@@ -33,7 +33,7 @@ done
# Source the CIAB-CA shared SSL environment
source "$X509_CA_ENV_FILE"
-
+
# Copy the CIAB-CA certificate to the traffic_router conf so it can be added
to the trust store
cp "$X509_CA_CERT_FILE" /usr/local/share/ca-certificates
update-ca-certificates
diff --git a/infrastructure/cdn-in-a-box/mid/run.sh
b/infrastructure/cdn-in-a-box/mid/run.sh
index b707bc9f7..010258a8f 100755
--- a/infrastructure/cdn-in-a-box/mid/run.sh
+++ b/infrastructure/cdn-in-a-box/mid/run.sh
@@ -24,7 +24,7 @@ set -m
source /to-access.sh
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
diff --git a/infrastructure/cdn-in-a-box/origin/run.sh
b/infrastructure/cdn-in-a-box/origin/run.sh
index c7e1566c7..d298313d8 100755
--- a/infrastructure/cdn-in-a-box/origin/run.sh
+++ b/infrastructure/cdn-in-a-box/origin/run.sh
@@ -24,7 +24,7 @@ set -m
source /to-access.sh
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
diff --git a/infrastructure/cdn-in-a-box/testclient/run.sh
b/infrastructure/cdn-in-a-box/testclient/run.sh
index aad042803..046720c31 100755
--- a/infrastructure/cdn-in-a-box/testclient/run.sh
+++ b/infrastructure/cdn-in-a-box/testclient/run.sh
@@ -18,7 +18,7 @@
################################################################################
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
diff --git a/infrastructure/cdn-in-a-box/traffic_monitor/run.sh
b/infrastructure/cdn-in-a-box/traffic_monitor/run.sh
index 5029eec95..d957fcb06 100755
--- a/infrastructure/cdn-in-a-box/traffic_monitor/run.sh
+++ b/infrastructure/cdn-in-a-box/traffic_monitor/run.sh
@@ -41,7 +41,7 @@ done
source /to-access.sh
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
@@ -97,9 +97,9 @@ export TO_PASSWORD=$TO_ADMIN_PASSWORD
touch /opt/traffic_monitor/var/log/traffic_monitor.log
# Do not start until there is a valid CRConfig available
-until [ $(to-get '/CRConfig-Snapshots/CDN-in-a-Box/CRConfig.json' 2>/dev/null
| jq -c -e '.config|length') -gt 0 ] ; do
- echo "Waiting on valid CRConfig...";
- sleep 3;
+until [ $(to-get '/CRConfig-Snapshots/CDN-in-a-Box/CRConfig.json' 2>/dev/null
| jq -c -e '.config|length') -gt 0 ] ; do
+ echo "Waiting on valid CRConfig...";
+ sleep 3;
done
cd /opt/traffic_monitor
diff --git a/infrastructure/cdn-in-a-box/traffic_portal/run.sh
b/infrastructure/cdn-in-a-box/traffic_portal/run.sh
index 453225c5b..159c619c1 100755
--- a/infrastructure/cdn-in-a-box/traffic_portal/run.sh
+++ b/infrastructure/cdn-in-a-box/traffic_portal/run.sh
@@ -30,7 +30,7 @@ SPIN_SLEEP_TIME="2000"
source /to-access.sh
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
diff --git a/infrastructure/cdn-in-a-box/traffic_router/run.sh
b/infrastructure/cdn-in-a-box/traffic_router/run.sh
index fbc41f5fc..bb194e609 100755
--- a/infrastructure/cdn-in-a-box/traffic_router/run.sh
+++ b/infrastructure/cdn-in-a-box/traffic_router/run.sh
@@ -47,11 +47,11 @@ LOGFILE="$CATALINA_BASE/var/log/traffic_router.log"
ACCESSLOG="$CATALINA_BASE/var/log/access.log"
export JAVA_HOME JAVA_OPTS
-export TO_PROPERTIES TM_PROPERTIES
+export TO_PROPERTIES TM_PROPERTIES
export CATALINA_HOME CATALINA_BASE CATALINA_OPTS CATALINA_OUT CATALINA_PID
# Wait on SSL certificate generation
-until [ -f "$X509_CA_DONE_FILE" ]
+until [[ -f "$X509_CA_DONE_FILE" && -f "$x509_CA_ENV_FILE" ]]
do
echo "Waiting on Shared SSL certificate generation"
sleep 3
@@ -68,19 +68,19 @@ update-ca-trust extract
# Enroll Traffic Router
to-enroll tr || (while true; do echo "enroll failed."; sleep 3 ; done)
-# Add traffic
-for crtfile in $(find $CATALINA_BASE/conf -name \*.crt -type f)
-do
- alias=$(echo $crtfile |sed -e 's/.crt//g' |tr [:upper:] [:lower:]);
- cacerts=$(find $JAVA_HOME -follow -name cacerts); echo $cacerts;
- keytool=$JAVA_HOME/bin/keytool;
-
- $keytool -list -alias $alias -keystore $cacerts -storepass changeit
-noprompt > /dev/null;
-
- if [ $? -ne 0 ]; then
- echo "Installing certificate ${crtfile}..";
- $keytool -import -trustcacerts -file $crtfile -alias $alias -keystore
$cacerts -storepass changeit -noprompt;
- fi;
+# Add traffic
+for crtfile in $(find $CATALINA_BASE/conf -name \*.crt -type f)
+do
+ alias=$(echo $crtfile |sed -e 's/.crt//g' |tr [:upper:] [:lower:]);
+ cacerts=$(find $JAVA_HOME -follow -name cacerts); echo $cacerts;
+ keytool=$JAVA_HOME/bin/keytool;
+
+ $keytool -list -alias $alias -keystore $cacerts -storepass changeit
-noprompt > /dev/null;
+
+ if [ $? -ne 0 ]; then
+ echo "Installing certificate ${crtfile}..";
+ $keytool -import -trustcacerts -file $crtfile -alias $alias -keystore
$cacerts -storepass changeit -noprompt;
+ fi;
done
# Configure TO properties
@@ -101,6 +101,6 @@ until nc $TM_FQDN $TM_PORT </dev/null >/dev/null 2>&1; do
done
touch $LOGFILE $ACCESSLOG
-tail -F $CATALINA_OUT $CATALINA_LOG $LOGFILE $ACCESSLOG &
+tail -F $CATALINA_OUT $CATALINA_LOG $LOGFILE $ACCESSLOG &
-exec /opt/tomcat/bin/catalina.sh run
+exec /opt/tomcat/bin/catalina.sh run
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
