webstatus, internal catalog, identity and webshoppingapigw working

4 years ago · 263401128f
--- a/.gitignore
+++ b/.gitignore
@ -1,6 +1,13 @@
 ## Ignore Visual Studio temporary files, build results, and
 ## files generated by popular Visual Studio add-ons.

 # docker-compose secrets
 src/docker-compose.certificates.yml

 # local history
 .history
 .vshistory

 # User-specific files
 *.suo
 *.user
--- a/deploy/certificates/create-docker-certificate.sh
+++ b/deploy/certificates/create-docker-certificate.sh
@ -0,0 +1,22 @@
 echo "creating base certificate (.pem) and private key (.key) files..."
 openssl req \
  -x509 \
  -days 365 \
  -out docker-self-signed.pem \
  -keyout docker-self-signed.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' \
  -extensions EXT \
  -config <( \
    printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName='DNS.1:localhost,DNS.2:host.docker.internal'\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

 echo "printing text version..."
 openssl x509 -in docker-self-signed.pem -text -noout > docker-self-signed.txt

 echo "generating certificate container file (.pfx)..."
 openssl pkcs12 -export \
  -inkey docker-self-signed.key \
  -in docker-self-signed.pem \
  -out docker-self-signed.pfx \
  -name "Docker development certificate" \
  -password pass:$1
--- a/deploy/certificates/import-certificate.ps1
+++ b/deploy/certificates/import-certificate.ps1
@ -0,0 +1,8 @@
 param (
    [Parameter(Mandatory = $true)]
    [string]$Password
 )

 $CertPassword = ConvertTo-SecureString -String "$Password" -Force -AsPlainText

 Import-PfxCertificate -Exportable -FilePath .\docker-self-signed.pfx -CertStoreLocation Cert:\CurrentUser\Root\ -Password $CertPassword
--- a/deploy/certificates/media/root-ca-import-warning.png
+++ b/deploy/certificates/media/root-ca-import-warning.png
--- a/src/ApiGateways/Envoy/config/webshopping/envoy.yaml
+++ b/src/ApiGateways/Envoy/config/webshopping/envoy.yaml
@ -22,7 +22,13 @@ static_resources:
            - name: eshop_backend
              domains:
              - "*"
              # - "host.docker.internal"
              routes:
              # - match:
              #     prefix: "/"
              #   redirect:
              #     path_redirect: "/"
              #     https_redirect: true
              - name: "c-short"
                match:
                  prefix: "/c/"
@ -99,6 +105,13 @@ static_resources:
                upstream_cluster: "%UPSTREAM_CLUSTER%"
                upstream_local_address: "%UPSTREAM_LOCAL_ADDRESS%"
              path: "/tmp/access.log"
      tls_context:
        common_tls_context:
          tls_certificates:
            - certificate_chain:
                filename: "/https/docker-self-signed.pem"
              private_key:
                filename: "/https/docker-self-signed.key"
  clusters:
  - name: shoppingagg
    connect_timeout: 0.25s
--- a/src/docker-compose.certificates.sample.yaml
+++ b/src/docker-compose.certificates.sample.yaml
@ -0,0 +1,31 @@
 version: '3.4'

 services:

  identity-api:
    environment:
      - ASPNETCORE_URLS=https://+:443;http://+:80
      - ASPNETCORE_Kestrel__Certificates__Default__Password=<secure-COMPLEX-and-SECRET-password>
      - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/docker-self-signed.pfx
    volumes:
      - ~/.aspnet/https:/https:ro

  webstatus:
    environment:
      - ASPNETCORE_URLS=https://+:443
      - ASPNETCORE_Kestrel__Certificates__Default__Password=<secure-COMPLEX-and-SECRET-password>
      - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/docker-self-signed.pfx
    volumes:
      - ~/.aspnet/https:/https:ro

  webmvc:
    environment:
      - ASPNETCORE_URLS=https://+:443
      - ASPNETCORE_Kestrel__Certificates__Default__Password=<secure-COMPLEX-and-SECRET-password>
      - ASPNETCORE_Kestrel__Certificates__Default__Path=/https/docker-self-signed.pfx
    volumes:
      - ~/.aspnet/https:/https:ro

  webshoppingapigw:
    volumes:
      - ~/.aspnet/https:/https:ro
--- a/src/docker-compose.override.yml
+++ b/src/docker-compose.override.yml
@ -57,8 +57,10 @@ services:
      - UseCustomizationData=True
      - ApplicationInsights__InstrumentationKey=${INSTRUMENTATION_KEY}
      - OrchestratorType=${ORCHESTRATOR_TYPE}
      - Serilog__MinimumLevel__Override__Microsoft=Warning
    ports:
      - "5105:80"
      - "80" # We need HTTP access for inter-service communications
      - "5105:443"

  basket-api:
    environment:
@ -336,7 +338,7 @@ services:
      - ApplicationInsights__InstrumentationKey=${INSTRUMENTATION_KEY}
      - OrchestratorType=${ORCHESTRATOR_TYPE}
    ports:
      - "5107:80"
      - "5107:443"

  webspa:
    environment:
--- a/src/start.ps1
+++ b/src/start.ps1
@ -0,0 +1,8 @@

 if ($args.Count -eq 0) {
    docker-compose.exe -f docker-compose.yml -f docker-compose.override.yml -f docker-compose.certificates.yml up -d
 } elseif ($args.Count -eq 1 -and $args[0] -eq "infra") {
    docker-compose.exe -f docker-compose.yml -f docker-compose.override.yml -f docker-compose.certificates.yml up -d seq sqldata nosqldata basketdata rabbitmq
 } else {
    docker-compose.exe -f docker-compose.yml -f docker-compose.override.yml -f docker-compose.certificates.yml up -d $args
 }