def main(self, args):
if not args.apps:
args.apps = Apps().get_all_locally_installed_apps()
self.logfile_logger = get_logfile_logger('update-certificates')
for app in args.apps:
self.log('updating certificates for {0}'.format(app))
self.update_certificates(app)
def _set_config_via_tool(self, app, set_vars):
if not app.docker:
return super(Configure, self)._set_config_via_tool(app, set_vars)
if not app_is_running(app):
self.warn('Cannot write settings while %s is not running' % app)
return
logfile_logger = get_logfile_logger('docker.configure')
docker = self._get_docker(app)
if not docker.execute('which', 'ucr',
_logger=logfile_logger).returncode == 0:
self.warn(
'ucr cannot be found, falling back to changing the database file directly'
)
self._set_config_directly(app, set_vars)
return
self.log('Setting registry variables for %s' % app.id)
set_args = []
unset_args = []
for key, value in set_vars.items():
if value is None:
unset_args.append(key)
else:
set_args.append('%s=%s' % (key, value))
if set_args:
docker.execute('ucr', 'set', *set_args, _logger=logfile_logger)
if unset_args:
docker.execute('ucr', 'unset', *unset_args, _logger=logfile_logger)
def _update_apps(self, args):
self.log(
'Updating all installed Apps to use the new App Center server')
logfile_logger = get_logfile_logger('dev-use-test-appcenter')
for app in Apps().get_all_locally_installed_apps():
self.log('Updating %s' % app)
register = get_action('register')
# we should only use ['component'] in container_mode()
# and None otherwise, because it is more correct. however,
# this would require credentials (for potential schema updates etc)
register.call(apps=[app], register_task=['component'])
if app.docker and not container_mode():
try:
from univention.appcenter.docker import Docker
except ImportError:
# should not happen
self.log('univention-appcenter-docker is not installed')
continue
start = get_action('start')
start.call(app=app)
docker = Docker(app, self.logger)
self.log('Updating container... (checking for appbox)')
if docker.execute('which', 'univention-app').returncode == 0:
self.log(
'... setting the new App Center inside the container')
returncode = docker.execute(
'univention-install',
'-y',
'univention-appcenter-dev',
_logger=logfile_logger).returncode
if returncode != 0:
self.warn(
'univention-install univention-appcenter-dev failed!'
)
if args.revert:
returncode = docker.execute(
'univention-app',
'dev-use-test-appcenter',
'--revert',
_logger=logfile_logger).returncode
else:
returncode = docker.execute(
'univention-app',
'dev-use-test-appcenter',
'--appcenter-host',
args.appcenter_host,
_logger=logfile_logger).returncode
if returncode != 0:
self.fatal(
'univention-app dev-use-test-appcenter failed!')
else:
self.log('... nothing to do here')
def get_blocking_apps(cls, ucs_version):
''' checks if update is possible for this app '''
ucs_version = UCS_Version(ucs_version + '-0')
next_minor = '%(major)d.%(minor)d' % ucs_version
next_version = '%(major)d.%(minor)d-%(patchlevel)d' % ucs_version
current_version = UCS_Version(ucr_get('version/version') + '-0')
current_minor = '%(major)d.%(minor)d' % current_version
# if this is just a patchlevel update, everything is fine
if current_minor >= next_minor:
return {}
# first, update the local cache and get current apps
update = get_action('update')
update.logger = get_logfile_logger('update-check')
update.call()
current_cache = Apps(locale='en')
# get apps in next version
with TemporaryDirectory() as tempdir:
update.call(ucs_version=next_minor,
cache_dir=tempdir,
just_get_cache=True)
next_cache = AppCenterCache.build(ucs_versions=next_minor,
server=default_server(),
locale='en',
cache_dir=tempdir)
next_apps = next_cache.get_every_single_app()
# check apps
blocking_apps = dict()
for app in current_cache.get_all_locally_installed_apps():
if not cls.app_can_update(app, next_version, next_apps):
cls.debug('app %s is not available for %s' %
(app.id, next_version))
blocking_apps[app.component_id] = app.name
else:
cls.debug('app %s is available for %s' %
(app.id, next_version))
return blocking_apps
def _start_docker_image(self, app, hostdn, password, args):
docker = self._get_docker(app)
if not docker:
return
self.log('Verifying Docker registry manifest for app image %s' %
docker.image)
docker.verify()
if args.pull_image:
docker.pull()
self.log('Initializing app image')
hostname = explode_dn(hostdn, 1)[0]
set_vars = (args.set_vars or {}).copy()
after_image_configuration = {}
for setting in app.get_settings():
if setting.should_go_into_image_configuration(app):
if setting.name not in set_vars:
set_vars[setting.name] = setting.get_initial_value(app)
else:
try:
after_image_configuration[setting.name] = set_vars.pop(
setting.name)
except KeyError:
after_image_configuration[
setting.name] = setting.get_initial_value(app)
set_vars['docker/host/name'] = '%s.%s' % (ucr_get('hostname'),
ucr_get('domainname'))
set_vars['ldap/hostdn'] = hostdn
if app.docker_env_ldap_user:
set_vars[app.docker_env_ldap_user] = hostdn
set_vars['server/role'] = app.docker_server_role
set_vars['update/warning/releasenotes'] = 'no'
ucr_keys_list = list(ucr_keys())
for var in [
'nameserver.*', 'repository/online/server',
'repository/app_center/server', 'update/secure_apt',
'appcenter/index/verify', 'ldap/base', 'ldap/server.*',
'ldap/master.*', 'locale.*', 'domainname'
]:
for key in ucr_keys_list:
if re.match(var, key):
set_vars[key] = ucr_get(key)
if ucr_is_true('appcenter/docker/container/proxy/settings',
default=True):
if ucr_get('proxy/http'):
set_vars['proxy/http'] = ucr_get('proxy/http')
set_vars['http_proxy'] = ucr_get('proxy/http')
if ucr_get('proxy/https'):
set_vars['proxy/https'] = ucr_get('proxy/https')
set_vars['https_proxy'] = ucr_get('proxy/https')
if ucr_get('proxy/no_proxy'):
set_vars['proxy/no_proxy'] = ucr_get('proxy/no_proxy')
set_vars['no_proxy'] = ucr_get('proxy/no_proxy')
set_vars['updater/identify'] = 'Docker App'
database_connector = DatabaseConnector.get_connector(app)
database_password_file = None
if database_connector:
try:
database_password = database_connector.get_db_password()
database_password_file = database_connector.get_db_password_file(
)
if database_password:
set_vars[
app.
docker_env_database_host] = database_connector.get_db_host(
)
db_port = database_connector.get_db_port()
if db_port:
set_vars[app.docker_env_database_port] = db_port
set_vars[
app.
docker_env_database_name] = database_connector.get_db_name(
)
set_vars[
app.
docker_env_database_user] = database_connector.get_db_user(
)
if app.docker_env_database_password_file:
set_vars[
app.
docker_env_database_password_file] = database_password_file
else:
set_vars[
app.
docker_env_database_password] = database_password
autostart_variable = database_connector.get_autostart_variable(
)
if autostart_variable:
set_vars[autostart_variable] = 'no'
except DatabaseError as exc:
raise DatabaseConnectorError(str(exc))
container = docker.create(hostname, set_vars)
self.log('Preconfiguring container %s' % container)
autostart = 'yes'
if not Start.call(app=app):
raise DockerCouldNotStartContainer(str(Status.get_status(app)))
time.sleep(3)
if not docker.is_running():
dlogs = docker.dockerd_logs()
clogs = docker.logs()
inspect = docker.inspect_container()
msg = """
The container for {app} could not be started!
docker logs {container}:
{clogs}
dockerd logs:
{dlogs}
docker inspect:
{state}
{graphdriver}""".format(app=app,
container=docker.container,
clogs=clogs,
dlogs=dlogs,
state=inspect.get('State'),
graphdriver=inspect.get('GraphDriver'))
raise AppCenterErrorContainerStart(msg)
# copy password files
if os.path.isfile(app.secret_on_host):
# we can not use docker-cp here, as we support read-only containers too :-(
f_name = docker.path('/etc/machine.secret')
f_dir = os.path.dirname(f_name)
# if the container start takes a little longer the f_dir may not exist yet
# so wait max 60s
for i in xrange(0, 12):
if os.path.isdir(f_dir):
break
time.sleep(5)
try:
with open(f_name, 'w+b') as f:
os.chmod(f_name, 0o600)
f.write(password)
except Exception as exc:
raise DockerCouldNotStartContainer(
'Could not copy machine.secret to container: %s (%s)' %
(str(exc), docker.logs()))
if database_password_file:
docker.cp_to_container(database_password_file,
database_password_file)
# update timezone in container
logfile_logger = get_logfile_logger('docker.base')
docker.execute('rm',
'-f',
'/etc/timezone',
'/etc/localtime',
_logger=logfile_logger)
docker.cp_to_container('/etc/timezone',
'/etc/timezone',
_logger=logfile_logger)
docker.cp_to_container('/etc/localtime',
'/etc/localtime',
_logger=logfile_logger)
# configure app
after_image_configuration.update(set_vars)
configure = get_action('configure')
configure.call(app=app,
autostart=autostart,
run_script='no',
set_vars=after_image_configuration)