eric/onix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #525 from Beckn-One/517-beckn-onix-script

Browse Source 
Issue [517] [518] Refactor beckn-onix.sh to skip BAP/BPP containers and remove Vault dependency in setup.sh
This commit is contained in:
Mayuresh A Nirhali
2025-09-28 16:38:28 +05:30
committed by GitHub
parent 79a7914794 291fa7ee13
commit c1d452d3ee
3 changed files with 103 additions and 236 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
install/beckn-onix.sh
View File

@@ -52,18 +52,10 @@ update_registry_details() {
docker run --rm -v $SCRIPT_DIR/../registry_data/config:/source -v registry_data_volume:/target busybox cp /source/{envvars,logger.properties,swf.properties} /target/
docker rmi busybox
}
# Function to start the MongoDB, Redis, and RabbitMQ Services
# Function to start Redis service only
start_support_services() {
#ignore orphaned containers warning
export COMPOSE_IGNORE_ORPHANS=1
echo "${GREEN}................Installing MongoDB................${NC}"
docker compose -f docker-compose-app.yml up -d mongo_db
echo "MongoDB installation successful"
echo "${GREEN}................Installing RabbitMQ................${NC}"
docker compose -f docker-compose-app.yml up -d queue_service
echo "RabbitMQ installation successful"
echo "${GREEN}................Installing Redis................${NC}"
docker compose -f docker-compose-app.yml up -d redis_db
echo "Redis installation successful"
@@ -128,9 +120,8 @@ install_layer2_config() {
rm -f $FILENAME >/dev/null 2>&1
}
# Function to install BAP Protocol Server
# Function to install BAP Protocol Server - creates registry entries only
install_bap_protocol_server() {
start_support_services
if [[ $1 ]]; then
registry_url=$1
bap_subscriber_id=$2
@@ -140,35 +131,12 @@ install_bap_protocol_server() {
else
bash scripts/update_bap_config.sh
fi
sleep 10
docker volume create bap_client_config_volume
docker volume create bap_network_config_volume
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bap_client_config_volume:/target busybox cp /source/bap-client.yml /target/default.yml
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bap_client_config_volume:/target busybox cp /source/bap-client.yaml-sample /target
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bap_network_config_volume:/target busybox cp /source/bap-network.yml /target/default.yml
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bap_network_config_volume:/target busybox cp /source/bap-network.yaml-sample /target
docker rmi busybox
start_container $bap_docker_compose_file "bap-client"
sleep 20
start_container $bap_docker_compose_file "bap-network"
sleep 10
if [[ -z "$layer2_url" ]]; then
echo -e "${BoldGreen}Please download the Layer 2 configuration files by running the download_layer_2_config_bap.sh script located in the ../layer2 folder."
echo -e "For further information, refer to this URL:${BLUE}https://github.com/beckn/beckn-onix/blob/main/docs/user_guide.md#downloading-layer-2-configuration-for-a-domain.${NC}"
else
echo -e "${GREEN}Installing layer configuration for $(basename "$layer2_url")${NC}"
install_layer2_config bap-client
install_layer2_config bap-network
fi
echo "Protocol server BAP installation successful"
sleep 40
echo "Protocol server BAP registry entries created successfully"
}
# Function to install BPP Protocol Server without Sandbox
# Function to install BPP Protocol Server - creates registry entries only
install_bpp_protocol_server() {
start_support_services
echo "${GREEN}................Installing Protocol Server for BPP................${NC}"
if [[ $1 ]]; then
@@ -182,27 +150,7 @@ install_bpp_protocol_server() {
bash scripts/update_bpp_config.sh
fi
sleep 10
docker volume create bpp_client_config_volume
docker volume create bpp_network_config_volume
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_client_config_volume:/target busybox cp /source/bpp-client.yml /target/default.yml
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_client_config_volume:/target busybox cp /source/bpp-client.yaml-sample /target
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_network_config_volume:/target busybox cp /source/bpp-network.yml /target/default.yml
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_network_config_volume:/target busybox cp /source/bpp-network.yaml-sample /target
docker rmi busybox
start_container $bpp_docker_compose_file "bpp-client"
start_container $bpp_docker_compose_file "bpp-network"
sleep 10
if [[ -z "$layer2_url" ]]; then
echo -e "${BoldGreen}Please download the Layer 2 configuration files by running the download_layer_2_config_bpp.sh script located in the ../layer2 folder."
echo -e "For further information, refer to this URL:${BLUE} https://github.com/beckn/beckn-onix/blob/main/docs/user_guide.md#downloading-layer-2-configuration-for-a-domain.${NC}"
else
echo -e "${BoldGreen}Installing layer configuration for $(basename "$layer2_url")"
install_layer2_config bpp-client
install_layer2_config bpp-network
fi
echo "Protocol server BPP installation successful"
echo "Protocol server BPP registry entries created successfully"
}
mergingNetworks() {
@@ -260,11 +208,6 @@ mergingNetworks() {
# Function to install BPP Protocol Server with Sandbox
install_bpp_protocol_server_with_sandbox() {
start_support_services
docker volume create bpp_client_config_volume
docker volume create bpp_network_config_volume
echo "${GREEN}................Installing Sandbox................${NC}"
start_container $bpp_docker_compose_file_sandbox "sandbox-api"
sleep 5
@@ -283,17 +226,7 @@ install_bpp_protocol_server_with_sandbox() {
bash scripts/update_bpp_config.sh
fi
sleep 10
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_client_config_volume:/target busybox cp /source/bpp-client.yml /target/default.yml
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_client_config_volume:/target busybox cp /source/bpp-client.yaml-sample /target
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_network_config_volume:/target busybox cp /source/bpp-network.yml /target/default.yml
docker run --rm -v $SCRIPT_DIR/../protocol-server-data:/source -v bpp_network_config_volume:/target busybox cp /source/bpp-network.yaml-sample /target
docker rmi busybox
start_container $bpp_docker_compose_file "bpp-client"
start_container $bpp_docker_compose_file "bpp-network"
sleep 10
echo "Protocol server BPP installation successful"
echo "Protocol server BPP registry entries created successfully"
}
layer2_config() {
@@ -465,7 +398,7 @@ completeSetup() {
bap_subscriber_key_id="$bap_subscriber_id-key"
public_address=$bap_subscriber_url
layer2_config
# layer2_config # Commented out - ONIX adapter handles schemas differently
install_package
install_bap_protocol_server $registry_url $bap_subscriber_id $bap_subscriber_key_id $bap_subscriber_url
;;
@@ -512,7 +445,7 @@ completeSetup() {
bpp_subscriber_key_id="$bpp_subscriber_id-key"
public_address=$bpp_subscriber_url
layer2_config
# layer2_config # Commented out - ONIX adapter handles schemas differently
install_package
install_bpp_protocol_server $registry_url $bpp_subscriber_id $bpp_subscriber_key_id $bpp_subscriber_url $webhook_url
;;
@@ -578,7 +511,7 @@ completeSetup() {
install_gateway $registry_url $gateway_url
layer2_config
# layer2_config # Commented out - ONIX adapter handles schemas differently
#Append /subscribers for registry_url
new_registry_url="${registry_url%/}/subscribers"
bap_subscriber_key_id="$bap_subscriber_id-key"
@@ -702,6 +635,7 @@ update_network() {
}
install_adapter() {
start_support_services
start_container $adapter_docker_compose_file "onix-adapter"
sleep 10
echo "ONIX Adapter installation successful"

2
install/docker-compose-adapter2.yml
View File

@@ -2,7 +2,7 @@ version: '3.8'
services:
onix-adapter:
image: onix-adapter
image: fidedocker/onix-adapter
container_name: onix-adapter
platform: linux/amd64
networks:

249
install/setup.sh
View File

@@ -7,6 +7,57 @@ YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
# UNUSED FUNCTION - Complete Vault setup kept for future reference
setup_vault_unused() {
echo -e "${YELLOW}Setting up Vault for key management...${NC}"
if ! docker ps | grep -q "vault"; then
echo -e "${BLUE}Starting Vault container...${NC}"
docker run -d \
--name vault \
--cap-add=IPC_LOCK \
-e VAULT_DEV_ROOT_TOKEN_ID=root \
-e VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200 \
-p 8200:8200 \
hashicorp/vault:latest > /dev/null 2>&1
for i in {1..30}; do
if docker exec -e VAULT_ADDR=http://127.0.0.1:8200 vault vault status > /dev/null 2>&1; then
echo -e "${GREEN}✓ Vault is ready${NC}"
break
fi
if [ $i -eq 30 ]; then
echo -e "${RED}Error: Vault failed to start${NC}"
exit 1
fi
sleep 1
done
fi
# Enable AppRole authentication
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault vault auth enable approle 2>/dev/null
# Create policy for Beckn
echo 'path "beckn/*" { capabilities = ["create", "read", "update", "delete", "list"] }' | docker exec -i -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault vault policy write beckn-policy - > /dev/null 2>&1
# Create AppRole
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault vault write auth/approle/role/beckn-role token_policies="beckn-policy" token_ttl=24h token_max_ttl=48h > /dev/null 2>&1
# Enable KV secrets engine
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault vault secrets enable -path=beckn kv-v2 > /dev/null 2>&1
# Store BAP network keys
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault vault kv put secret/keys/bap-network signingPublicKey='1ct6/Xg6gHhT9QolufThbY4mWHYkIpXzh7YxMFM8MQE=' signingPrivateKey='C2hPMyeN+1Vzn8+7F/MUHmR5jKFuSb7s6tf/U5qni8vVy3r9eDqAeFP1CiW59OFtjiZYdiQilfOHtjEwUzwxAQ==' > /dev/null 2>&1
# Get AppRole credentials
ROLE_ID=$(docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault vault read -field=role_id auth/approle/role/beckn-role/role-id)
SECRET_ID=$(docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault vault write -field=secret_id -f auth/approle/role/beckn-role/secret-id)
echo -e "${GREEN}✓ Vault setup complete${NC}"
echo -e "${BLUE}Role ID: ${ROLE_ID}${NC}"
echo -e "${BLUE}Secret ID: ${SECRET_ID}${NC}"
}
echo -e "${BLUE}========================================${NC}"
echo -e "${BLUE}Beckn-ONIX Complete Setup${NC}"
echo -e "${BLUE}========================================${NC}"
@@ -17,10 +68,12 @@ if ! docker info > /dev/null 2>&1; then
exit 1
fi
# Step 1: Run the Beckn network installer
echo -e "${YELLOW}Step 1: Starting all Beckn ONIX adapter services...${NC}"
# Step 1: Start dependent services (Redis only)
echo -e "${YELLOW}Step 1: Starting dependent services...${NC}"
export COMPOSE_IGNORE_ORPHANS=1
docker compose -f ./docker-compose-adapter.yml down 2>/dev/null
docker compose -f ./docker-compose-adapter.yml up -d
docker compose -f ./docker-compose-adapter.yml up -d redis
echo "Redis installation successful"
# Make the installer executable
#chmod +x ./beckn-onix.sh
@@ -31,132 +84,8 @@ docker compose -f ./docker-compose-adapter.yml up -d
cd ..
# Wait for services to stabilize
#echo -e "${YELLOW}Waiting for services to be ready...${NC}"
#sleep 15
# Step 2: Configure Vault for key management
echo -e "${YELLOW}Step 2: Setting up Vault for key management...${NC}"
# Check if Vault is running, if not start it
if ! docker ps | grep -q "vault"; then
echo -e "${BLUE}Starting Vault container...${NC}"
docker run -d \
--name vault \
--cap-add=IPC_LOCK \
-e VAULT_DEV_ROOT_TOKEN_ID=root \
-e VAULT_DEV_LISTEN_ADDRESS=0.0.0.0:8200 \
-p 8200:8200 \
hashicorp/vault:latest > /dev/null 2>&1
# Wait for Vault to be ready
echo -e "${BLUE}Waiting for Vault to start...${NC}"
for i in {1..30}; do
if docker exec -e VAULT_ADDR=http://127.0.0.1:8200 vault vault status > /dev/null 2>&1; then
echo -e "${GREEN}✓ Vault is ready${NC}"
break
fi
if [ $i -eq 30 ]; then
echo -e "${RED}Error: Vault failed to start${NC}"
exit 1
fi
sleep 1
done
fi
# Configure Vault with error handling
echo -e "${BLUE}Configuring Vault policies...${NC}"
# Enable AppRole auth
if ! docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault auth list 2>/dev/null | grep -q "approle"; then
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault auth enable approle 2>/dev/null || {
echo -e "${YELLOW}AppRole already enabled or error occurred${NC}"
}
fi
# Create policy
echo 'path "beckn/*" { capabilities = ["create", "read", "update", "delete", "list"] }' | \
docker exec -i -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault policy write beckn-policy - > /dev/null 2>&1 || {
echo -e "${YELLOW}Policy already exists or updated${NC}"
}
# Create role
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault write auth/approle/role/beckn-role \
token_policies="beckn-policy" \
token_ttl=24h \
token_max_ttl=48h > /dev/null 2>&1 || {
echo -e "${YELLOW}Role already exists or updated${NC}"
}
# Get Vault credentials with error handling
echo -e "${BLUE}Getting Vault credentials...${NC}"
ROLE_ID=$(docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault read -field=role_id auth/approle/role/beckn-role/role-id 2>/dev/null)
if [ -z "$ROLE_ID" ]; then
echo -e "${RED}Error: Failed to get ROLE_ID from Vault${NC}"
exit 1
fi
SECRET_ID=$(docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault write -field=secret_id -f auth/approle/role/beckn-role/secret-id 2>/dev/null)
if [ -z "$SECRET_ID" ]; then
echo -e "${RED}Error: Failed to get SECRET_ID from Vault${NC}"
exit 1
fi
echo -e "${GREEN}✓ Got Vault credentials:${NC}"
echo -e " ROLE_ID: ${ROLE_ID:0:20}..."
echo -e " SECRET_ID: ${SECRET_ID:0:20}..."
# Enable KV v2 secrets engine
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault secrets enable -path=beckn kv-v2 > /dev/null 2>&1 || {
echo -e "${YELLOW}Secrets engine already enabled${NC}"
}
echo -e "${GREEN}✓ Vault configured successfully${NC}"
# Seed the keys for BAP network
echo -e "${BLUE}Seeding keys for BAP network...${NC}"
docker exec -e VAULT_ADDR=http://127.0.0.1:8200 -e VAULT_TOKEN=root vault \
vault kv put secret/keys/bap-network \
signingPublicKey='1ct6/Xg6gHhT9QolufThbY4mWHYkIpXzh7YxMFM8MQE=' \
signingPrivateKey='C2hPMyeN+1Vzn8+7F/MUHmR5jKFuSb7s6tf/U5qni8vVy3r9eDqAeFP1CiW59OFtjiZYdiQilfOHtjEwUzwxAQ==' > /dev/null 2>&1
if [ $? -eq 0 ]; then
echo -e "${GREEN}✓ BAP network keys seeded successfully${NC}"
else
echo -e "${YELLOW}Warning: Failed to seed BAP network keys or keys already exist${NC}"
fi
# Step 3: Check services status
echo -e "${YELLOW}Step 3: Checking services status...${NC}"
# Check if services are running
if docker ps | grep -q "registry"; then
echo -e "${GREEN}✓ Registry is running${NC}"
fi
if docker ps | grep -q "gateway"; then
echo -e "${GREEN}✓ Gateway is running${NC}"
fi
if docker ps | grep -q "bap-client"; then
echo -e "${GREEN}✓ BAP services are running${NC}"
fi
if docker ps | grep -q "bpp-client"; then
echo -e "${GREEN}✓ BPP services are running${NC}"
fi
if docker ps | grep -q "vault"; then
echo -e "${GREEN}✓ Vault is running${NC}"
fi
# Step 4: Create required directories
echo -e "${YELLOW}Step 4: Creating required directories...${NC}"
# Step 2: Create required directories
echo -e "${YELLOW}Step 2: Creating required directories...${NC}"
# Create schemas directory for validation
if [ ! -d "schemas" ]; then
@@ -182,8 +111,8 @@ else
echo -e "${YELLOW}plugins directory already exists${NC}"
fi
# Step 5: Build adapter plugins
echo -e "${YELLOW}Step 5: Building adapter plugins...${NC}"
# Step 3: Build adapter plugins
echo -e "${YELLOW}Step 3: Building adapter plugins...${NC}"
if [ -f "./install/build-plugins.sh" ]; then
chmod +x ./install/build-plugins.sh
@@ -199,8 +128,8 @@ else
exit 1
fi
# Step 6: Build the adapter server
echo -e "${YELLOW}Step 6: Building Beckn-ONIX adapter server...${NC}"
# Step 4: Build the adapter server
echo -e "${YELLOW}Step 4: Building Beckn-ONIX adapter server...${NC}"
if [ -f "go.mod" ]; then
go build -o beckn-adapter cmd/adapter/main.go
@@ -216,38 +145,41 @@ else
exit 1
fi
# Step 5: Start ONIX Adapter
echo -e "${YELLOW}Step 5: Starting ONIX Adapter...${NC}"
cd install
docker compose -f ./docker-compose-adapter2.yml up -d
echo "ONIX Adapter installation successful"
cd ..
# Step 6: Check services status
echo -e "${YELLOW}Step 6: Checking services status...${NC}"
# Check if services are running
if docker ps | grep -q "redis"; then
echo -e "${GREEN}✓ Redis is running${NC}"
fi
if docker ps | grep -q "onix-adapter"; then
echo -e "${GREEN}✓ ONIX Adapter is running${NC}"
fi
# Step 7: Create environment file
echo -e "${YELLOW}Step 7: Creating environment configuration...${NC}"
# Check if we have Vault credentials
if [ -z "$ROLE_ID" ] || [ -z "$SECRET_ID" ]; then
echo -e "${RED}Error: Vault credentials not available${NC}"
echo -e "${YELLOW}Please check Vault configuration and try again${NC}"
exit 1
fi
cat > .env <<EOF
# Beckn-ONIX Environment Configuration
# Generated on $(date)
# Service URLs
export REDIS_URL=localhost:6379
export MONGO_URL=mongodb://localhost:27017
# Adapter Configuration
export ADAPTER_PORT=8080
export ADAPTER_PORT=8081
export ADAPTER_MODE=development
# Vault Configuration
export VAULT_ADDR=http://localhost:8200
export VAULT_TOKEN=root
export VAULT_ROLE_ID=$ROLE_ID
export VAULT_SECRET_ID=$SECRET_ID
EOF
if [ -f ".env" ]; then
echo -e "${GREEN}✓ Environment file created successfully${NC}"
echo -e "${YELLOW} Vault ROLE_ID and SECRET_ID have been saved to .env${NC}"
else
echo -e "${RED}Error: Failed to create .env file${NC}"
exit 1
@@ -261,18 +193,19 @@ echo -e "${GREEN}========================================${NC}"
echo ""
echo -e "${BLUE}Services Running:${NC}"
echo -e " 💾 Redis: localhost:6379"
echo -e " 🗄️ MongoDB: localhost:27017"
echo -e " 🔧 ONIX Adapter: localhost:8081"
echo ""
echo -e "${GREEN}Next Steps:${NC}"
echo -e "1. Run the adapter:"
echo -e " ${YELLOW}source .env && ./beckn-adapter --config=config/local-dev.yaml${NC}"
echo -e "1. Adapter is running in Docker at 8081"
echo -e "2. Optionally, if you want to run adapter locally (update config file /config to suit to your environment ) then run below command:"
echo -e " ${YELLOW}source .env && ./beckn-adapter --config=config/<your-config>.yaml${NC}"
echo ""
echo -e "2. Test the endpoints:"
echo -e " ${YELLOW}./test_endpoints.sh${NC}"
echo -e "3. Test the endpoints:"
echo -e " ${YELLOW}curl -X POST http://localhost:8081/bap/caller/search${NC}"
echo ""
echo -e "3. Stop all services:"
echo -e " ${YELLOW}cd install && docker compose down${NC}"
echo -e "4. Stop all services:"
echo -e " ${YELLOW}cd install && docker compose -f docker-compose-adapter.yml down && docker compose -f docker-compose-adapter2.yml down${NC}"
echo ""
echo -e "4. View logs:"
echo -e " ${YELLOW}docker compose logs -f [service-name]${NC}"
echo -e "5. View logs:"
echo -e " ${YELLOW}cd install && docker compose -f docker-compose-adapter2.yml logs -f onix-adapter${NC}"
echo -e "${GREEN}========================================${NC}"