onos-package updates for sm-onos
Change-Id: I14e83645361b3ec12cb8b065f10e7db45008bd43
diff --git a/tools/build/onos-package b/tools/build/onos-package
index e7f2cbe..ce8d985 100755
--- a/tools/build/onos-package
+++ b/tools/build/onos-package
@@ -72,12 +72,15 @@
# ONOS Patching ----------------------------------------------------------------
+ export BOOT_FEATURES="webconsole,onos-api,onos-core,onos-incubator,onos-cli,onos-rest,onos-gui"
+
+ [ "$ONOS_SECURITY_MODE" = true ] && enable_security_mode
+
# Patch the Apache Karaf distribution file to add ONOS features repository
perl -pi.old -e "s|^(featuresRepositories=.*)|\1,mvn:org.onosproject/onos-features/$ONOS_POM_VERSION/xml/features|" \
$ONOS_STAGE/$KARAF_DIST/etc/org.apache.karaf.features.cfg
# Patch the Apache Karaf distribution file to load default ONOS boot features
- export BOOT_FEATURES="webconsole,onos-api,onos-core,onos-incubator,onos-cli,onos-rest,onos-gui"
perl -pi.old -e "s|^(featuresBoot=.*)|\1,$BOOT_FEATURES|" \
$ONOS_STAGE/$KARAF_DIST/etc/org.apache.karaf.features.cfg
@@ -89,19 +92,49 @@
echo $ONOS_VERSION > $ONOS_STAGE/VERSION
}
-function build_compressed_package() {
- # Package up the ONOS tar file
+function clean_stage_dir() {
+ [ -d "$ONOS_STAGE" ] && rm -r $ONOS_STAGE || :
+}
+
+function enable_security_mode() {
+ echo "Enabling security mode ONOS..."
+
+ # SM-ONOS step 1: downgrade felix config admin
+ FELIX_CFG_ADMIN=${FELIX_CFG_ADMIN:-~/Downloads/org.apache.felix.configadmin-1.6.0.jar}
+ if [ ! -f $FELIX_CFG_ADMIN ]; then
+ echo "Downloading $FELIX_CFG_ADMIN..."
+ curl -sL http://archive.apache.org/dist/felix/org.apache.felix.configadmin-1.6.0.jar > $FELIX_CFG_ADMIN
+ fi
+ [ ! -f $FELIX_CFG_ADMIN ] && \
+ echo "Felix config admin not found: $FELIX_CFG_ADMIN" && exit 1
+
+ mkdir -p $ONOS_STAGE/$KARAF_DIST/system/org/apache/felix/org.apache.felix.configadmin/1.6.0
+ cp $FELIX_CFG_ADMIN $ONOS_STAGE/$KARAF_DIST/system/org/apache/felix/org.apache.felix.configadmin/1.6.0
+ perl -pi.old -e "s|org.apache.felix.configadmin/1.8.0|org.apache.felix.configadmin/1.6.0|g" \
+ $ONOS_STAGE/$KARAF_DIST/etc/startup.properties
+
+ # SM-ONOS step 2: stage ONOS Felix framework security (this is already done by karaf assembly); end
+
+ # SM-ONOS step 3.1: configure karaf
+ perl -pi.old -e "s|#java.security.policy|java.security.policy|" \
+ $ONOS_STAGE/$KARAF_DIST/etc/system.properties
+ perl -pi.old -e "s|#org.osgi.framework.security|org.osgi.framework.security|" \
+ $ONOS_STAGE/$KARAF_DIST/etc/system.properties
+
+ # SM-ONOS step 3.2: update featuresBoot
+ export BOOT_FEATURES="onos-security,$BOOT_FEATURES"
+}
+
+function build_compressed_zip() {
cd $ONOS_STAGE_ROOT
- rm -f $ONOS_TAR $ONOS_ZIP
- COPYFILE_DISABLE=1 tar zcf $ONOS_TAR $ONOS_BITS
+ rm -f $ONOS_ZIP
+ which zip >/dev/null && zip -rq $ONOS_ZIP $ONOS_BITS && ls -lh $ONOS_ZIP
+}
- # Figure out whether we should build ONOS zip file and if so, build it.
- which zip >/dev/null && [ -z "$ONOS_TAR_ONLY" ] && buildZip=true || unset buildZip
- [ -n "$buildZip" ] && zip -rq $ONOS_ZIP $ONOS_BITS
-
- # Report on the archives that were built and clean-up
- [ -n "$buildZip" ] && ls -lh $ONOS_TAR $ONOS_ZIP || ls -lh $ONOS_TAR
- rm -r $ONOS_STAGE
+function build_compressed_tar() {
+ cd $ONOS_STAGE_ROOT
+ rm -f $ONOS_TAR
+ COPYFILE_DISABLE=1 tar zcf $ONOS_TAR $ONOS_BITS && ls -lh $ONOS_TAR
}
# Build a DEB package
@@ -162,25 +195,44 @@
# Bail on any errors
set -e
+[[ $# == 0 ]] && ONOS_PACKAGE_TAR_arg=true
+while [[ $# > 0 ]]; do
+case $1 in
+ -t|--tar)
+ ONOS_PACKAGE_TAR_arg=true
+ ;;
+ -z|--zip)
+ ONOS_PACKAGE_ZIP_arg=true
+ ;;
+ -d|--deb)
+ ONOS_PACKAGE_DEB_arg=true
+ ;;
+ -r|--rpm)
+ ONOS_PACKAGE_RPM_arg=true
+ ;;
+ -s|--secure)
+ ONOS_SECURITY_MODE=true
+ ;;
+ *)
+ # unknown option
+ echo "Unknown options: $1"
+ echo "usage: $(basename $0) [--tar] [--zip] [--deb] [--rpm] [--secure]" >&2 && exit 1
+ ;;
+esac
+shift
+done
+
# Run karaf assembly to collect artifacts for off-line installations.
aux=/tmp/assembly-$$.log
trap "rm -f $aux 2>/dev/null" EXIT
cd $ONOS_ROOT/tools/package/karaf-assembly && mvn clean install > $aux 2>&1
# Before starting make sure the environment is clan - delete onos staging folder
-rm -fr $ONOS_STAGE
+clean_stage_dir
-# If there are parameters check if we want to build a deb - otherwise build tar.gz
-case ${1:---tar} in
- "--tar" | "-T") build_stage_dir
- build_compressed_package
- ;;
- "--deb" | "-D") build_stage_dir
- build_deb
- ;;
- "--rpm" | "-R") build_stage_dir
- build_rpm
- ;;
- *) echo "usage: $(basename $0) [--tar|--deb|--rpm]" >&2 && exit 1
- ;;
-esac
+build_stage_dir
+[ "$ONOS_PACKAGE_TAR_arg" = true ] && build_compressed_tar
+[ "$ONOS_PACKAGE_ZIP_arg" = true ] && build_compressed_zip
+[ "$ONOS_PACKAGE_DEB_arg" = true ] && build_deb
+[ "$ONOS_PACKAGE_RPM_arg" = true ] && build_rpm
+clean_stage_dir