[INJICERT-189] add steps for downloading hsm client in certify service

Signed-off-by: Challarao <[email protected]>
mosip · Jun 13, 2024 · 57b2f57 · 57b2f57
1 parent 6316bcc
commit 57b2f57
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 1 deletion.
diff --git a/certify-service/Dockerfile b/certify-service/Dockerfile
@@ -24,6 +24,12 @@ ARG is_glowroot
 # can be passed during Docker build as build time environment for artifactory URL
 ARG artifactory_url
 
+# can be passed during Docker build as build time environment for hsm client zip file path
+ARG hsm_client_zip_path
+
+# environment variable to pass hsm client zip file path, at docker runtime
+ENV hsm_zip_file_path=${hsm_client_zip_path}
+
 # environment variable to pass active profile such as DEV, QA etc at docker runtime
 ENV active_profile_env=${active_profile}
 
@@ -55,6 +61,10 @@ ARG container_user_uid=1001
 ARG container_user_gid=1001
 
 
+ARG hsm_local_dir=hsm-client
+
+ENV hsm_local_dir_name=${hsm_local_dir}
+
 # install packages and create user
 RUN apk -q update \
 && apk add -q unzip sudo bash curl \

diff --git a/certify-service/configure_start.sh b/certify-service/configure_start.sh
@@ -26,7 +26,42 @@ if [ "$enable_certify_artifactory" = "true" ]; then
   download_and_extract "${artifactory_url_env}/artifactory/libs-release-local/certify/certify-plugin.zip" "${loader_path_env}" "certify-sunbird-plugin.jar"
 fi
 
-echo "Installation complete"
+#installs the pkcs11 libraries.
+set -e
+
+DEFAULT_ZIP_PATH=artifactory/libs-release-local/hsm/client.zip
+[ -z "$hsm_zip_file_path" ] && zip_path="$DEFAULT_ZIP_PATH" || zip_path="$hsm_zip_file_path"
+
+echo "Download the client from $artifactory_url_env"
+echo "Zip File Path: $zip_path"
+
+wget -q "$artifactory_url_env/$zip_path"
+echo "Downloaded $artifactory_url_env/$zip_path"
+
+FILE_NAME=${zip_path##*/}
+
+DIR_NAME=$hsm_local_dir_name
+
+has_parent=$(zipinfo -1 "$FILE_NAME" | awk '{split($NF,a,"/");print a[1]}' | sort -u | wc -l)
+if test "$has_parent" -eq 1; then
+  echo "Zip has a parent directory inside"
+  dirname=$(zipinfo -1 "$FILE_NAME" | awk '{split($NF,a,"/");print a[1]}' | sort -u | head -n 1)
+  echo "Unzip directory"
+  unzip $FILE_NAME
+  echo "Renaming directory"
+  mv -v $dirname $DIR_NAME
+else
+  echo "Zip has no parent directory inside"
+  echo "Creating destination directory"
+  mkdir "$DIR_NAME"
+  echo "Unzip to destination directory"
+  unzip -d "$DIR_NAME" $FILE_NAME
+fi
+
+echo "Attempting to install"
+cd ./$DIR_NAME && chmod +x install.sh && sudo ./install.sh
+
+
 cd $work_dir
 
 exec "$@"