sonic-buildimage/dockers/docker-sonic-restapi/restapi.sh
Sumukha Tumkur Vani 12400a447c
[docker-restapi]: Fix authentication in restapi (#4383)
- enabling http/https endpoint and mounting the certificates directory
- updating the sonic-restapi submodule
2020-04-15 02:08:45 -07:00

39 lines
1.5 KiB
Bash
Executable File

#!/usr/bin/env bash
RESTAPI_ARGS=""
while true
do
client_auth=`sonic-cfggen -d -v "RESTAPI['config']['client_auth']"`
if [[ $client_auth == 'true' ]]; then
certs=`sonic-cfggen -d -v "RESTAPI['certs']"`
allow_insecure=`sonic-cfggen -d -v "RESTAPI['config']['allow_insecure']"`
if [[ $allow_insecure == 'true' ]]; then
RESTAPI_ARGS=" -enablehttp=true"
else
RESTAPI_ARGS=" -enablehttp=false"
fi
if [[ -n "$certs" ]]; then
SERVER_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['server_crt']"`
SERVER_KEY=`sonic-cfggen -d -v "RESTAPI['certs']['server_key']"`
CLIENT_CA_CRT=`sonic-cfggen -d -v "RESTAPI['certs']['client_ca_crt']"`
CLIENT_CRT_CNAME=`sonic-cfggen -d -v "RESTAPI['certs']['client_crt_cname']"`
if [[ -f $SERVER_CRT && -f $SERVER_KEY && -f $CLIENT_CA_CRT ]]; then
RESTAPI_ARGS+=" -enablehttps=true -servercert=$SERVER_CRT -serverkey=$SERVER_KEY -clientcert=$CLIENT_CA_CRT -clientcertcommonname=$CLIENT_CRT_CNAME"
break
fi
fi
fi
logger "Waiting for certificates..."
sleep 60
done
LOG_LEVEL=`sonic-cfggen -d -v "RESTAPI['config']['log_level']"`
if [ ! -z $LOG_LEVEL ]; then
RESTAPI_ARGS+=" -loglevel=$LOG_LEVEL"
else
RESTAPI_ARGS+=" -loglevel=trace"
fi
logger "RESTAPI_ARGS: $RESTAPI_ARGS"
exec /usr/sbin/go-server-server ${RESTAPI_ARGS}