fix spring config location in qa

eidas-qa-proxy/overlay/etc/eidas-proxy/se/cfg/application.properties

@@ -1,103 +0,0 @@
-# Logging
-logging.level.org.springframework.web=INFO
-
-# Service path
-server.context-path=/eidas-ps
-
-proxy-service.path.prefix=${spring.config.location}..
-proxy-service.config.location=file://${spring.config.location}
-
-proxy-service.image.logo=${spring.config.location}/img/sweden-connect-color-yellow-on-blue.svg
-proxy-service.image.icon=${spring.config.location}/img/sweden-connect-color-yellow-on-blue-no-text.svg
-
-# Service port connector settings
-server.port=8443
-#server.ssl.key-store=${proxy-service.path.prefix}/keystore/sslSnakeOil.p12
-#server.ssl.key-store-type=PKCS12
-#server.ssl.key-store-password=secret
-#server.ssl.key-password=secret
-
-tomcat.ajp.port=8009
-tomcat.ajp.remoteauthentication=false
-tomcat.ajp.enabled=true
-
-# For development. Allowing signature check on metadata to be skipped. Default false.
-#proxy-service.dev.ignoreMetadataSignCheck=true
-
-# Initial delay in milliseconds (default 5000) and seconds between metadata configuration recache (default 240 sec).
-#proxy-service.daemon.inital.delay.ms=5000
-proxy-service.daemon.recache.delay.sec=240
-
-# Location of other properties files (general-metadata.properties, psidp-metadata.properties and natsp-metadata.properties)
-# Example specifying external location: 'proxy-service.config.location=file:///opt/webapp/eidas-ps/cfg/'
-# Example specifying src/main/resources config location: 'classpath:'
-
-proxy-service.country=SE
-
-# Key Store properties
-# Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"
-proxy-service.keySourceType=PKCS12
-proxy-service.keySourceLocation=${proxy-service.path.prefix}/proxy.p12
-proxy-service.keySourcePass=dummy
-proxy-service.keySourceAlias=proxy
-
-proxy-service.natsp.keySourceType=PKCS12
-proxy-service.natsp.keySourceLocation=${proxy-service.path.prefix}/proxy.p12
-proxy-service.natsp.keySourcePass=dummy
-proxy-service.natsp.keySourceAlias=proxy
-
-proxy-service.metadata.keySourceType=PKCS12
-proxy-service.metadata.keySourceLocation=${proxy-service.path.prefix}/metadata.p12
-proxy-service.metadata.keySourcePass=dummy
-proxy-service.metadata.keySourceAlias=metadata
-
-# Session Encryption properties
-#proxy-service.cookieEncryptPw=changeme
-
-# Requirements to show consent dialogue (Default false);
-proxy-service.consent=true
-proxy-service.consent.attributes=urn:oid:1.2.752.201.3.7,\
-  urn:oid:2.5.4.4,\
-  urn:oid:2.5.4.42,\
-  urn:oid:1.3.6.1.5.5.7.9.3,\
-  urn:oid:1.3.6.1.5.5.7.9.1
-proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3
-
-# Welcome page presentation text location
-proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md
-
-#Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"
-proxy-service.eidasMdListLocation=https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
-
-# Optional certificate file for validating metadata service list file signatures
-# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
-proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/cfg/metadata.crt
-
-#Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"
-proxy-service.eidasMetadataLocation=https://qa.md.eidas.swedenconnect.se/role/sp.xml
-
-# Optional certificate file for validating metadata signatures
-# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
-proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/metadata.crt
-
-# Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.
-proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache
-
-#Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"
-
-#proxy-service.nationalMetadata.test.location=http://eid.svelegtest.se/metadata/mdx/role/idp.xml
-#proxy-service.nationalMetadata.test.certFile=${proxy-service.path.prefix}/cfg/se-metadata-cert.crt
-#proxy-service.nationalMetadata.test.cacheFile=${proxy-service.path.prefix}/cache/test-metadata.xml
-#proxy-service.nationalMetadata.test.index=1
-
-proxy-service.nationalMetadata.qa.location=https://qa.md.swedenconnect.se/role/idp.xml
-proxy-service.nationalMetadata.qa.certFile=${proxy-service.path.prefix}/cfg/metadata.crt
-proxy-service.nationalMetadata.qa.cacheFile=${proxy-service.path.prefix}/cache/qa-metadata.xml
-proxy-service.nationalMetadata.qa.index=0
-
-management.context-path=/manage
-management.security.enabled=false
-management.port=8444
-management.ssl.enabled=true
-
-proxy-service.syslog.enabled=true

global/overlay/etc/puppet/cosmos-rules.yaml

@@ -707,6 +707,7 @@ md-eu1.qa.komreg.net:
    eidas_proxy:
       version: 1.2.0
       hostname: qa.proxy.eidas.swedenconnect.se
+      spring_config_param: SPRING_CONFIG_ADDITIONAL_LOCATION
    sunet::frontend::register_sites:
      sites:
        'qa.proxy.eidas.swedenconnect.se':

global/overlay/etc/puppet/manifests/cosmos-site.pp

@@ -434,7 +434,7 @@ class eidas_connector($version="1.0.6",$hostname='localhost') {
    ensure_resource('class','https_server',{})
 }
 
-class eidas_proxy($version='1.0.0',$country='se',$hostname='localhost') {
+class eidas_proxy($version='1.0.0',$country='se',$hostname='localhost', $spring_cfg_param='SPRING_CONFIG_LOCATION') {
    $_version = safe_hiera('eidas_proxy_version',$version)
    $_hostname = safe_hiera('eidas_proxy_hostname',$hostname);
    $_country = safe_hiera('eidas_proxy_country',$country);
@@ -465,7 +465,7 @@ class eidas_proxy($version='1.0.0',$country='se',$hostname='localhost') {
                    "SPRING_PROFILES_ACTIVE=se",
                    "CERTNAME=${::fqdn}_infra",
                    "PKCS11_PIN=${_pkcs11pin}",
-                   "SPRING_CONFIG_LOCATION=/etc/eidas-proxy/$_country/cfg/",
+                   "$spring_config_param=/etc/eidas-proxy/$_country/cfg/",
                    "PROXY_SERVICE_COOKIEENCRYPTPW=$proxy_service_cookie_encrypt_pw"],
       extra_parameters => ["--log-driver=syslog"]
    }