sonic-buildimage/dockers/docker-sonic-restapi/restapi.sh

#!/usr/bin/env bash

RESTAPI_ARGS=""
while true
do
    client_auth=`sonic-cfggen -d -v "RESTAPI['config']['client_auth']"`
    if [[ $client_auth == 'true' ]]; then
        certs=`sonic-cfggen -d -v "RESTAPI['certs']"`
        allow_insecure=`sonic-cfggen -d -v "RESTAPI['config']['allow_insecure']"`
        if [[ $allow_insecure == 'true' ]]; then
            RESTAPI_ARGS=" -enablehttp=true"
        else
            RESTAPI_ARGS=" -enablehttp=false"
        fi
        if [[ -n "$certs" ]]; then
                SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"`
                SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"`
                CLIENT_CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['client_ca_crt']"`
                CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"`
                if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CLIENT_CA_CRT ]]; then
                    RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CLIENT_CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"
                    break
                fi
        fi
    fi
    logger "Waiting for certificates..."
    sleep 60
done

LOG_LEVEL=`sonic-cfggen -d -v "RESTAPI['config']['log_level']"`
if [ ! -z $LOG_LEVEL ]; then
    RESTAPI_ARGS+=" -loglevel=$LOG_LEVEL"
else
    RESTAPI_ARGS+=" -loglevel=trace"
fi 

logger "RESTAPI_ARGS: $RESTAPI_ARGS"
exec /usr/sbin/go-server-server ${RESTAPI_ARGS}
[docker-restapi]: Fix authentication in restapi (#4383) - enabling http/https endpoint and mounting the certificates directory - updating the sonic-restapi submodule 2020-04-15 04:08:45 -05:00			`#!/usr/bin/env bash`

			`RESTAPI_ARGS=""`
			`while true`
			`do`
			client_auth=`sonic-cfggen -d -v "RESTAPI['config']['client_auth']"`
			`if [[ $client_auth == 'true' ]]; then`
			certs=`sonic-cfggen -d -v "RESTAPI['certs']"`
			allow_insecure=`sonic-cfggen -d -v "RESTAPI['config']['allow_insecure']"`
			`if [[ $allow_insecure == 'true' ]]; then`
			`RESTAPI_ARGS=" -enablehttp=true"`
			`else`
			`RESTAPI_ARGS=" -enablehttp=false"`
			`fi`
			`if [[ -n "$certs" ]]; then`
			SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"`
			SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"`
			CLIENT_CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['client_ca_crt']"`
			CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"`
			`if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CLIENT_CA_CRT ]]; then`
			`RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CLIENT_CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"`
			`break`
			`fi`
			`fi`
			`fi`
			`logger "Waiting for certificates..."`
			`sleep 60`
			`done`

			LOG_LEVEL=`sonic-cfggen -d -v "RESTAPI['config']['log_level']"`
			`if [ ! -z $LOG_LEVEL ]; then`
			`RESTAPI_ARGS+=" -loglevel=$LOG_LEVEL"`
			`else`
			`RESTAPI_ARGS+=" -loglevel=trace"`
			`fi`

			`logger "RESTAPI_ARGS: $RESTAPI_ARGS"`
			`exec /usr/sbin/go-server-server ${RESTAPI_ARGS}`