|
| 1 | +## Contract generation with contract expiry example |
| 2 | + |
| 3 | +This sample creates an encrypted and signed contract with expiry enabled and stores it locally in a file. In addition this example identifies |
| 4 | +the latest version of HPCR in the VPC cloud and then downloads the matching encryption certifcicate. |
| 5 | + |
| 6 | +### Prerequisite |
| 7 | + |
| 8 | +Prepare your environment according to [these steps](../README.md) |
| 9 | + |
| 10 | +### Settings |
| 11 | + |
| 12 | +#### Prerequisites |
| 13 | + |
| 14 | +1. Generate private key using the following commnad: |
| 15 | + ```bash |
| 16 | + openssl genrsa -out private.pem 4096 |
| 17 | + ``` |
| 18 | +2. Generate CA private key using the following command: |
| 19 | + ```bash |
| 20 | + openssl genrsa -out personal_ca.key 2048 |
| 21 | + ``` |
| 22 | +3. Generate CA certificate using the following command: |
| 23 | + ```bash |
| 24 | + openssl req -new -x509 -days 365 -key personal_ca.key -out personal_ca.crt |
| 25 | + ``` |
| 26 | + |
| 27 | +Use one of the following options to set your settings: |
| 28 | + |
| 29 | +#### Template file |
| 30 | + |
| 31 | +1. Copy contents of `my-settings.auto.tfvars-template` to `my-settings.auto.tfvars`. |
| 32 | + ```bash |
| 33 | + cp my-settings.auto.tfvars-template my-settings.auto.tfvars |
| 34 | + ``` |
| 35 | +2. Update `my-settings.auto.tfvars` to appropriate values. |
| 36 | + |
| 37 | +#### Environment variables |
| 38 | + |
| 39 | +Set the following environment variables: |
| 40 | + |
| 41 | +```text |
| 42 | +TF_VAR_logdna_ingestion_key="<logdna ingestion key>" |
| 43 | +TF_VAR_logdna_ingestion_hostname="<logdna hostname>" |
| 44 | +
|
| 45 | +TF_VAR_hpcr_csr_country="<CSR - Country>" |
| 46 | +TF_VAR_hpcr_csr_state="<CSR - State>" |
| 47 | +TF_VAR_hpcr_csr_location="<CSR - Location>" |
| 48 | +TF_VAR_hpcr_csr_org="<CSR - Organisation>" |
| 49 | +TF_VAR_hpcr_csr_unit="<CSR - Unit>" |
| 50 | +TF_VAR_hpcr_csr_domain="<CSR - Domain>" |
| 51 | +TF_VAR_hpcr_csr_mail="<CSR - Mail>" |
| 52 | +
|
| 53 | +TF_VAR_hpcr_private_key_path="<Private key path>" |
| 54 | +TF_VAR_hpcr_contract_expiry_days=<Expiry days> |
| 55 | +TF_VAR_hpcr_ca_privatekey_path="<CA private key path>" |
| 56 | +TF_VAR_hpcr_cacert_path="<CA certificate path>" |
| 57 | +``` |
| 58 | + |
| 59 | +### Run the Example |
| 60 | + |
| 61 | +Initialize terraform: |
| 62 | + |
| 63 | +```bash |
| 64 | +terraform init |
| 65 | +``` |
| 66 | + |
| 67 | +Deploy the example: |
| 68 | + |
| 69 | +```bash |
| 70 | +terraform apply |
| 71 | +``` |
| 72 | + |
| 73 | +The contract will be persisted in the `build/contract.yml` folder for further use. |
0 commit comments