From 6940e728d9619930f86d673abc96a87f84d9ae1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anna=20V=C3=B6lker?= Date: Wed, 24 Apr 2024 10:36:04 +0200 Subject: [PATCH] update documentation and make carl owner in Dockerfile --- .ci/docker/carl/Dockerfile | 4 +++- doc/src/user-manual/cleo/setup.md | 22 +++++++++++----------- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/.ci/docker/carl/Dockerfile b/.ci/docker/carl/Dockerfile index bf7dd94c6..c2f04b359 100644 --- a/.ci/docker/carl/Dockerfile +++ b/.ci/docker/carl/Dockerfile @@ -14,7 +14,9 @@ COPY ./.ci/docker/carl/entrypoint.sh /opt/entrypoint.sh RUN groupadd --gid 1000 carl RUN useradd --create-home --uid 1000 --gid carl --shell /bin/bash carl +ENTRYPOINT ["/opt/entrypoint.sh"] + +RUN chown -R carl:carl /opt/opendut-carl/ USER carl -ENTRYPOINT ["/opt/entrypoint.sh"] CMD ["/opt/opendut-carl/opendut-carl"] diff --git a/doc/src/user-manual/cleo/setup.md b/doc/src/user-manual/cleo/setup.md index 92a18040f..29671eab2 100644 --- a/doc/src/user-manual/cleo/setup.md +++ b/doc/src/user-manual/cleo/setup.md @@ -16,8 +16,13 @@ as well as a script. The archive can be requested at `https://{CARL-HOST}/api/cleo/{architecture}/download`. -This might be the go-to way, if you want to use CLEO in your pipeline. -Once downloaded, extract the files with the command `tar -xvf opendut-cleo-{architecture}.tar.gz`. It will then be extracted into +Available architectures are: +- x86_64-unknown-linux-gnu +- armv7-unknown-linux-gnueabihf +- aarch64-unknown-linux-gnu + +This might be the go-to way, if you want to use CLEO in your pipeline. +Once downloaded, extract the files with the command `tar xvf opendut-cleo-{architecture}.tar.gz`. It will then be extracted into the folder which is the current work directory. You might want to use another directory of your choice. The tarball contains the `set-env-var.sh` shell script. It can be executed by the command `source set-env-var.sh`, which then sets the following environment variables to run CLEO: @@ -40,21 +45,16 @@ export OPENDUT_CLEO_NETWORK_OIDC_CLIENT_SECRET={{ CLIENT SECRET VARIBALE }} These two variables can be obtained by logging in to Keycloak. The last thing to do, is to check if there is already a certificate, which is required to use CLEO. -The provided script is expecting a certificate at the location `/etc/opendut/tls`. If there is no such folder or no file, -it has to be created manually. In this case execute the command: `mkdir -p /etc/opendut/tls`. This will create a folder, -if not yet existent. After that copy the correct certificate (most likely the CA certificate from keycloak) into the newly -created folder with `cp {source folder}/cert.pem /etc/opendut/tls/ca.pem`. The naming is important, because this is how it was stored -in the environment variable `OPENDUT_CLEO_NETWORK_TLS_CA`. +The provided script is expecting a certificate at the location provided by `OPENDUT_CLEO_NETWORK_TLS_CA`. If there is no such folder or no file, +it has to be created manually. ### TL;DR 1. Download archive from `https://{CARL-HOST}/api/cleo/{architecture}/download` -2. Extract `tar -xvf opendut-cleo-{architecture}.tar.gz` +2. Extract `tar xvf opendut-cleo-{architecture}.tar.gz` 3. Execute `source set-env-var.sh` 4. Add two environment variable `export OPENDUT_CLEO_NETWORK_OIDC_CLIENT_ID={{ CLIENT ID VARIBALE }}` and `export OPENDUT_CLEO_NETWORK_OIDC_CLIENT_SECRET={{ CLIENT SECRET VARIBALE }}` -5. (Optional) Check if certificate exists at `/etc/opendut/tls` otherwise follow these steps: - 1. `mkdir -p /etc/opendut/tls` - 2. `cp {source folder}/cert.pem /etc/opendut/tls/ca.pem` +5. (Optional) Check if certificate exists at location provided by `OPENDUT_CLEO_NETWORK_TLS_CA`. ## Additional notes - The CA certificate to be provided for CLEO depends on the used certificate authority used on server side for CARL.