Versions Compared

Old Version 1

changes.mady.by.user Laura McCord

Saved on

compared with

New Version Current

changes.mady.by.user Laura McCord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Note

Work in progress

Info
iconfalse

Contribution from Eric Dalquist and Tim Levett (University of Wisconsin - Madison)


University of Wisconsin - Madison is using Maven and Jenkins to manage build and deployment of uPortal and portlets across five different environments from one central UI. The WAR Overlay feature of the Maven WAR Plugin is used to inject environment specific configuration into uPortal and each portlet. Jenkins automatically builds and deploys portlets in the development and test environments when changes or new releases are detected reducing developer overhead and turnaround time. A key-pair based token encryption tool is used to securely store credentials a version control system allowing them only to be decrypted at build time on the target server.

 

Prerequisites:

  • Java 7
  • Maven 3

Components:

  1. Jenkins (see below for installation and example configuration) 
  2. Maven
  3. Git
  4. Token Encryption Service 
  5. Projects and Scripts to use in Jenkins

...

  1. Clone the project at https://github.com/UW-Madison-DoIT/token-crypt.git
  2. Set Local Path For Keys Storage
    • /token-crypt/tcrypt-web/src/main/resources/webapp.properties
    • For example: edu.wisc.doit.tcrypt.path.keydirectory=/opt/keystore
    • Local Directory MUST be READABLE and WRITEABLE by Tomcat process
  3. Build the application With Maven 3
    • /token-crypt/pom.xml
    • From /token-crypt/ run mvn clean package
  4. Deploy .war file below to Tomcat webapps
    • /TokenCrypt/tcrypt-web/target/tcrypt-web-1.0.4-SNAPSHOT.war
  5. Caveats
    • Remove the jsp-api.jar from the /WEB-INF/lib directory if you get the following error: '500 Unable to read TLD "META-INF/fmt.tld"'

Keys Setup

There is one key directory for the tcrypt service, which will hold all the public keys for each of your server environments so the tcrypt service can encrypt tokens and/or files. The other key directory should be located on each server which will contain the private key. This is used during the overlay build to decrypt the tokens in the property files. 

  • To create the keys, click on the "CREATE SERVICE KEY"
  • Enter the name of your service (ex. my-dev.university.edu) and click the "Create Service Key" button
  • Download the generated public and private keys 
  • Place the public key on the tcrypt server under the directory path that you created above in webapp.properties (ex., /opt/keystore).
  • Place the private key on the server you created a service for under the directory path that you in webapp.properties (ex., /opt/keystore).

...