[PPML] remove hard-coded configurations in pccs (intel-analytics#7265)

ppml/services/pccs/docker/default.json

@@ -13,7 +13,7 @@
     "sqlite" : {
         "database" : "database",
         "username" : "username",
-        "password" : "password",
+        "password" : "YOUR_USER_PASSWORD",
         "options" : {
             "host": "localhost",
             "dialect": "sqlite",
@@ -33,7 +33,7 @@
     "mysql" : {
         "database" : "pckcache",
         "username" : "root",
-        "password" : "mypass",
+        "password" : "YOUR_USER_PASSWORD",
         "options" : {
             "host": "localhost",
             "dialect": "mysql",

ppml/services/pccs/docker/entrypoint.sh

@@ -3,13 +3,15 @@
 PCCS_PORT=$PCCS_PORT
 API_KEY=$API_KEY
 HTTPS_PROXY_URL=$HTTPS_PROXY_URL
+USER_PASSWORD=$USER_PASSWORD
+ADMIN_PASSWORD=$ADMIN_PASSWORD
 
 # Step 1. Generate certificates to use with PCCS
 mkdir /opt/intel/pccs/ssl_key
 cd /opt/intel/pccs/ssl_key
 openssl genrsa -out private.pem 2048
 openssl req -new -key private.pem -out csr.pem \
-        -subj "/C=$COUNTRY_NAME/ST=$CITY_NAME/L=$CITY_NAME/O=$ORGANIZATION_NAME/OU=$ORGANIZATION_NAME/CN=$COMMON_NAME/emailAddress=$EMAIL_ADDRESS/" -passout pass:$PASSWORD -passout pass:$PASSWORD
+        -subj "/C=$COUNTRY_NAME/ST=$CITY_NAME/L=$CITY_NAME/O=$ORGANIZATION_NAME/OU=$ORGANIZATION_NAME/CN=$COMMON_NAME/emailAddress=$EMAIL_ADDRESS/" -passout pass:$SERVER_CERT_PASSWORD -passout pass:$SERVER_CERT_PASSWORD
 openssl x509 -req -days 365 -in csr.pem -signkey private.pem -out file.crt
 rm -rf csr.pem
 chmod 644 ../ssl_key/*
@@ -18,12 +20,13 @@ ls ../ssl_key
 # Step 2. Set default.json to be under ssl_key folder and fill the parameters
 cd /opt/intel/pccs/config/
 
-userTokenHash=$(echo -n "user_password" | sha512sum | tr -d '[:space:]-')
-adminTokenHash=$(echo -n "admin_password" | sha512sum | tr -d '[:space:]-')
+userTokenHash=$(echo -n $USER_PASSWORD | sha512sum | tr -d '[:space:]-')
+adminTokenHash=$(echo -n $ADMIN_PASSWORD | sha512sum | tr -d '[:space:]-')
 HOST_IP=0.0.0.0
 
 sed -i "s/YOUR_HTTPS_PORT/$PCCS_PORT/g" default.json
 sed -i "s/YOUR_HOST_IP/$HOST_IP/g" default.json
+sed -i "s/YOUR_USER_PASSWORD/$USER_PASSWORD/g" default.json
 sed -i 's@YOUR_PROXY@'"$HTTPS_PROXY_URL"'@' default.json
 sed -i "s/YOUR_USER_TOKEN_HASH/$userTokenHash/g" default.json
 sed -i "s/YOUR_ADMIN_TOKEN_HASH/$adminTokenHash/g" default.json

ppml/services/pccs/docker/run-docker-container.sh

@@ -4,24 +4,28 @@ export PCCS_CONTAINER_NAME=your_pccs_container_name_to_run
 export PCCS_PORT=pccs_port_to_use
 export API_KEY=your_intel_pcs_server_subscription_key_obtained_through_web_registeration
 export HTTPS_PROXY_URL=your_usable_https_proxy_url
+export USER_PASSWORD=a_password_for_pccs_user
+export ADMIN_PASSWORD=a_password_for_pccs_admin
 # The above parameters are used to init pccs server
 export COUNTRY_NAME=your_country_name
 export CITY_NAME=your_city_name
 export ORGANIZATION_NAME=your_organizaition_name
 export COMMON_NAME=server_fqdn_or_your_name
 export EMAIL_ADDRESS=your_email_address
-export PASSWORD=your_server_password_to_use
+export SERVER_CERT_PASSWORD=your_server_cert_password_to_use
 
 docker run -itd \
 --net=host \
 --name $PCCS_CONTAINER_NAME \
 -e PCCS_PORT=$PCCS_PORT \
 -e API_KEY=$API_KEY \
 -e HTTPS_PROXY_URL=$HTTPS_PROXY_URL \
+-e USER_PASSWORD=$USER_PASSWORD \
+-e ADMIN_PASSWORD=$ADMIN_PASSWORD \
 -e COUNTRY_NAME=$COUNTRY_NAME \
 -e CITY_NAME=$CITY_NAME \
 -e ORGANIZATION_NAME==$ORGANIZATION_NAME \
 -e COMMON_NAME=$COMMON_NAME \
 -e EMAIL_ADDRESS=$EMAIL_ADDRESS \
--e PASSWORD=$PASSWORD \
+-e SERVER_CERT_PASSWORD=$SERVER_CERT_PASSWORD \
 -d $PCCS_IMAGE_NAME:$PCCS_IMAGE_VERSION