2023-02-14 12:30:16 +00:00
|
|
|
plugins {
|
|
|
|
id 'application'
|
|
|
|
id 'war'
|
2024-02-14 14:53:57 +00:00
|
|
|
id 'com.netflix.nebula.ospackage' version '11.8.0'
|
2024-11-27 17:32:21 +00:00
|
|
|
id 'org.springframework.boot' version '3.0.8'
|
2023-02-14 12:30:16 +00:00
|
|
|
id 'io.spring.dependency-management' version '1.1.0'
|
|
|
|
}
|
2018-09-06 13:47:33 +00:00
|
|
|
|
2023-03-17 18:47:10 +00:00
|
|
|
// Get version from main project gradle
|
2024-11-27 17:32:21 +00:00
|
|
|
def packVersion = properties.get("packageVersion")
|
|
|
|
def jarVersion = properties.get("jarVersion")
|
|
|
|
def projVersion = properties.get("projVersion")
|
2023-03-17 18:47:10 +00:00
|
|
|
//println "packageVersion is ${projVersion}"
|
|
|
|
|
2024-05-07 20:02:24 +00:00
|
|
|
bootRun {
|
2024-10-22 21:16:50 +00:00
|
|
|
if (project.hasProperty('debug')) {
|
|
|
|
jvmArgs project.debug
|
|
|
|
}
|
2024-05-07 20:02:24 +00:00
|
|
|
}
|
|
|
|
|
2023-02-14 12:30:16 +00:00
|
|
|
configurations {
|
|
|
|
compileOnly {
|
|
|
|
extendsFrom annotationProcessor
|
2018-09-06 13:47:33 +00:00
|
|
|
}
|
2023-06-27 19:58:36 +00:00
|
|
|
all*.exclude module: 'spring-boot-starter-logging'
|
2018-09-06 13:47:33 +00:00
|
|
|
}
|
|
|
|
|
2023-02-14 12:30:16 +00:00
|
|
|
dependencies {
|
2023-03-07 01:54:49 +00:00
|
|
|
implementation project(':HIRS_Utils')
|
|
|
|
implementation project(':HIRS_AttestationCA')
|
|
|
|
|
2023-03-07 14:23:55 +00:00
|
|
|
implementation libs.bouncycastle
|
2024-11-22 15:58:20 +00:00
|
|
|
implementation libs.gson
|
2023-03-07 14:23:55 +00:00
|
|
|
implementation libs.guava
|
2024-11-21 17:07:57 +00:00
|
|
|
implementation libs.jakarta.persistence.api
|
2024-11-22 15:58:20 +00:00
|
|
|
implementation libs.jakarta.servlet
|
2024-04-17 13:38:11 +00:00
|
|
|
implementation libs.jakarta.xml
|
2024-11-22 15:58:20 +00:00
|
|
|
implementation libs.log4j.spring.boot
|
|
|
|
implementation libs.mariadb.java.client
|
2024-11-27 00:08:04 +00:00
|
|
|
|
|
|
|
// pull the pci dependency and ...
|
|
|
|
implementation(libs.pci) {
|
|
|
|
// replace the default apache http client transitive dependency
|
|
|
|
exclude group: 'org.apache.httpcomponents', module: 'httpclient'
|
|
|
|
}
|
|
|
|
// with the non-vulnerable version of the apache http client dependency
|
|
|
|
implementation libs.apacheHttpClient
|
|
|
|
|
2024-11-21 17:07:57 +00:00
|
|
|
implementation libs.spring.boot.starter.web
|
|
|
|
implementation libs.spring.boot.starter.validation
|
|
|
|
implementation libs.spring.boot.starter.data.jpa
|
|
|
|
implementation libs.spring.boot.starter.log4j2
|
|
|
|
implementation libs.tomcat.embed.jasper
|
2023-02-14 12:30:16 +00:00
|
|
|
|
2024-11-21 17:07:57 +00:00
|
|
|
compileOnly libs.lombok
|
|
|
|
annotationProcessor libs.lombok
|
2024-11-22 15:58:20 +00:00
|
|
|
|
2024-11-21 17:07:57 +00:00
|
|
|
providedRuntime libs.spring.boot.starter.tomcat
|
|
|
|
|
|
|
|
testImplementation libs.junit.jupiter
|
|
|
|
testImplementation libs.hsqldb
|
2024-11-22 15:58:20 +00:00
|
|
|
testImplementation libs.spring.boot.starter.test
|
|
|
|
|
|
|
|
testCompileOnly libs.lombok
|
|
|
|
testAnnotationProcessor libs.lombok
|
2023-10-13 20:57:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
test {
|
|
|
|
useJUnitPlatform()
|
2023-02-14 12:30:16 +00:00
|
|
|
}
|
2018-09-06 13:47:33 +00:00
|
|
|
|
2024-02-21 18:16:13 +00:00
|
|
|
task buildVersion() {
|
|
|
|
doLast {
|
2024-02-13 13:59:43 +00:00
|
|
|
def verFile = new File(projectDir, "build/VERSION")
|
|
|
|
verFile.write("${jarVersion}")
|
2024-02-21 18:16:13 +00:00
|
|
|
}
|
|
|
|
}
|
2024-02-14 14:53:57 +00:00
|
|
|
|
2023-04-27 19:51:22 +00:00
|
|
|
ospackage {
|
|
|
|
packageName = 'HIRS_AttestationCA'
|
2024-04-24 19:40:46 +00:00
|
|
|
description = 'HIRS Attestation CA. Use systemctl status hirs-aca'
|
2023-04-27 19:51:22 +00:00
|
|
|
os = LINUX
|
|
|
|
arch = NOARCH
|
|
|
|
version = "$packVersion"
|
2024-04-24 19:40:46 +00:00
|
|
|
release = '2'
|
2024-10-22 21:16:50 +00:00
|
|
|
|
|
|
|
|
2023-04-27 19:51:22 +00:00
|
|
|
user 'root'
|
|
|
|
fileMode = 0755
|
|
|
|
|
|
|
|
addParentDirs = true
|
2024-10-22 21:16:50 +00:00
|
|
|
createDirectoryEntry true
|
2023-04-27 19:51:22 +00:00
|
|
|
|
2024-10-22 21:16:50 +00:00
|
|
|
into('/etc/hirs') {
|
|
|
|
from '../VERSION'
|
|
|
|
}
|
2023-09-27 18:40:18 +00:00
|
|
|
// copy json tables
|
2024-10-22 21:16:50 +00:00
|
|
|
into('/etc/hirs/aca/default-properties') {
|
|
|
|
from '../HIRS_AttestationCA/src/main/resources/component-class.json'
|
|
|
|
from '../HIRS_Utils/src/main/resources/vendor-table.json'
|
2023-09-27 18:40:18 +00:00
|
|
|
}
|
|
|
|
// copy springboot property file
|
2024-10-22 21:16:50 +00:00
|
|
|
into('/etc/hirs/aca/') {
|
|
|
|
from '../HIRS_AttestationCAPortal/src/main/resources/application.properties'
|
|
|
|
from 'build/VERSION'
|
2023-09-27 18:40:18 +00:00
|
|
|
}
|
2023-09-06 20:09:27 +00:00
|
|
|
// copy setup scripts to /opt/hirs/aca
|
2024-10-22 21:16:50 +00:00
|
|
|
into('/opt/hirs/aca/scripts/') {
|
|
|
|
from '../package/linux/'
|
2023-06-02 19:23:55 +00:00
|
|
|
}
|
2023-09-06 20:09:27 +00:00
|
|
|
// copy the war file into /opt/hirs/aca
|
2024-10-22 21:16:50 +00:00
|
|
|
into('/opt/hirs/aca/') {
|
|
|
|
from '../HIRS_AttestationCAPortal/build/libs/HIRS_AttestationCAPortal.war'
|
|
|
|
user 'root'
|
|
|
|
fileMode = 0755
|
2023-06-02 19:23:55 +00:00
|
|
|
}
|
2024-02-21 18:16:13 +00:00
|
|
|
|
2024-04-04 20:27:02 +00:00
|
|
|
// Install - check for existing setup
|
2024-04-24 19:40:46 +00:00
|
|
|
preInstall 'if [ -d /etc/hirs ]; then echo "Error: /etc/hirs/ exists, aborting install"; exit 1; fi;'
|
2024-04-04 20:27:02 +00:00
|
|
|
preInstall 'if [ -d /opt/hirs ]; then echo "Error: /opt/hirs/ exists, aborting install"; exit 1; fi;'
|
2023-09-06 20:09:27 +00:00
|
|
|
// Uninstall
|
2024-04-24 19:40:46 +00:00
|
|
|
preUninstall 'bash /opt/hirs/aca/scripts/aca/aca_remove_setup.sh $1'
|
2024-03-18 16:32:30 +00:00
|
|
|
preUninstall 'bash /opt/hirs/aca/scripts/systemd/aca_disable_service.sh'
|
2024-02-23 20:19:02 +00:00
|
|
|
postUninstall 'if [ -d /etc/hirs ]; then rm -rf /etc/hirs; fi;'
|
2024-04-24 19:40:46 +00:00
|
|
|
postUninstall 'if [ -d /opt/hirs ]; then rm -rf /opt/hirs; fi;'
|
2024-03-28 19:26:21 +00:00
|
|
|
|
2023-04-27 19:51:22 +00:00
|
|
|
buildRpm {
|
2024-10-22 21:16:50 +00:00
|
|
|
dependsOn ':HIRS_AttestationCAPortal:buildVersion'
|
|
|
|
dependsOn ':HIRS_AttestationCAPortal:bootWar'
|
2023-04-27 19:51:22 +00:00
|
|
|
arch = X86_64
|
2024-02-16 14:45:47 +00:00
|
|
|
// Required apps will be aut installed by dnf if not present
|
|
|
|
requires('java-17-openjdk', '17.0', GREATER | EQUAL)
|
2024-10-22 21:16:50 +00:00
|
|
|
requires('mariadb-server', '10.3', GREATER | EQUAL)
|
2024-02-16 14:45:47 +00:00
|
|
|
requires('procps-ng', '3.3.15', GREATER | EQUAL)
|
2024-02-21 18:16:13 +00:00
|
|
|
requires('alternatives', '1.19', GREATER | EQUAL)
|
2024-10-28 20:55:25 +00:00
|
|
|
requires('hwdata', '0.314', GREATER | EQUAL)
|
2024-02-16 14:45:47 +00:00
|
|
|
// Post Trans stage (Occurs after required app and postInstall stage)
|
2024-10-28 20:55:25 +00:00
|
|
|
// Note postInstall wont wait for required apps
|
2024-02-21 18:16:13 +00:00
|
|
|
postTrans 'update-alternatives --set java java-17-openjdk.x86_64'
|
2024-02-23 20:19:02 +00:00
|
|
|
postTrans 'firewall-cmd --add-port=8443/tcp --permanent'
|
|
|
|
postTrans 'firewall-cmd --reload'
|
2024-02-16 14:45:47 +00:00
|
|
|
postTrans 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u'
|
2024-03-18 16:32:30 +00:00
|
|
|
postTrans 'bash /opt/hirs/aca/scripts/systemd/aca_enable_service.sh'
|
2024-02-16 14:45:47 +00:00
|
|
|
postTrans 'chmod +x /opt/hirs/aca/scripts/aca/*'
|
|
|
|
postTrans 'if [ -f /opt/hirs/aca/VERSION ]; then rm /opt/hirs/aca/VERSION; fi;'
|
|
|
|
// Wait for ACA to start up before finishing the install
|
|
|
|
postTrans 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh'
|
2023-04-27 19:51:22 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
buildDeb {
|
2024-10-22 21:16:50 +00:00
|
|
|
dependsOn ':HIRS_AttestationCAPortal:buildVersion'
|
|
|
|
dependsOn ':HIRS_AttestationCAPortal:bootWar'
|
2023-10-10 18:29:37 +00:00
|
|
|
packageName = 'hirs-attestationca'
|
2023-04-27 19:51:22 +00:00
|
|
|
arch = 'amd64'
|
2024-02-16 14:45:47 +00:00
|
|
|
requires('openjdk-17-jdk', '17.0', GREATER | EQUAL)
|
2024-10-22 21:16:50 +00:00
|
|
|
requires('mariadb-server', '10.3', GREATER | EQUAL)
|
2024-02-16 14:45:47 +00:00
|
|
|
requires('curl')
|
2024-10-28 20:55:25 +00:00
|
|
|
requires('hwdata', '0.314', GREATER | EQUAL)
|
2024-02-16 14:45:47 +00:00
|
|
|
// Install after required packages
|
|
|
|
postInstall 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u'
|
2024-03-18 16:32:30 +00:00
|
|
|
postInstall 'bash /opt/hirs/aca/scripts/systemd/aca_enable_service.sh'
|
2024-02-16 18:40:03 +00:00
|
|
|
postInstall 'chmod +x /opt/hirs/aca/scripts/aca/*'
|
|
|
|
postInstall 'if [ -f /opt/hirs/aca/VERSION ]; then rm /opt/hirs/aca/VERSION; fi;'
|
2024-02-16 14:45:47 +00:00
|
|
|
// Wait for ACA to start up before finishing the install
|
|
|
|
postInstall 'bash /opt/hirs/aca/scripts/aca/check_for_aca.sh'
|
2023-04-27 19:51:22 +00:00
|
|
|
}
|
|
|
|
}
|