def execute(self, args, show_output=True):
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = Cluster()
cluster.name = args.cluster_name
cluster.description = 'Created by {} on {} (UTC)'.format(self._get_user_host(), datetime.utcnow().isoformat())
for name in('odb_type', 'odb_host', 'odb_port', 'odb_user', 'odb_db_name',
'broker_host', 'broker_port', 'lb_host', 'lb_port', 'lb_agent_port'):
setattr(cluster, name, getattr(args, name))
session.add(cluster)
admin_invoke_sec = HTTPBasicAuth(None, 'admin.invoke', True, 'admin.invoke', 'Zato admin invoke', args.admin_invoke_password, cluster)
session.add(admin_invoke_sec)
pubapi_sec = HTTPBasicAuth(None, 'pubapi', True, 'pubapi', 'Zato public API', uuid4().hex, cluster)
session.add(pubapi_sec)
self.add_soap_services(session, cluster, admin_invoke_sec, pubapi_sec)
self.add_ping_services(session, cluster)
try:
session.commit()
except IntegrityError, e:
msg = 'Cluster name [{}] already exists'.format(cluster.name)
if self.verbose:
msg += '. Caught an exception:[{}]'.format(format_exc(e))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.CLUSTER_NAME_ALREADY_EXISTS
def execute(self, args, show_output=True):
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = Cluster()
cluster.name = args.cluster_name
cluster.description = 'Created by {} on {} (UTC)'.format(self._get_user_host(), datetime.utcnow().isoformat())
for name in('odb_type', 'odb_host', 'odb_port', 'odb_user', 'odb_db_name',
'broker_host', 'broker_port', 'lb_host', 'lb_port', 'lb_agent_port'):
setattr(cluster, name, getattr(args, name))
session.add(cluster)
salt = uuid4().hex
password = tech_account_password(args.tech_account_password, salt)
tech_account = TechnicalAccount(None, args.tech_account_name, True, password, salt, cluster)
session.add(tech_account)
self.add_soap_services(session, cluster, tech_account)
self.add_json_services(session, cluster, tech_account)
self.add_ping_services(session, cluster)
try:
session.commit()
except IntegrityError, e:
msg = 'Cluster name [{}] already exists'.format(cluster.name)
if self.verbose:
msg += '. Caught an exception:[{}]'.format(format_exc(e))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.CLUSTER_NAME_ALREADY_EXISTS
def execute(self, args, show_output=True):
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = Cluster()
cluster.name = args.cluster_name
cluster.description = 'Created by {} on {} (UTC)'.format(
self._get_user_host(),
datetime.utcnow().isoformat())
for name in ('odb_type', 'odb_host', 'odb_port', 'odb_user',
'odb_db_name', 'broker_host', 'broker_port', 'lb_host',
'lb_port', 'lb_agent_port'):
setattr(cluster, name, getattr(args, name))
session.add(cluster)
# TODO: getattrs below should be squared away - one of the attrs should win
# and the other one should be get ridden of.
admin_invoke_sec = HTTPBasicAuth(
None, 'admin.invoke', True, 'admin.invoke', 'Zato admin invoke',
getattr(args, 'admin_invoke_password', None)
or getattr(args, 'tech_account_password'), cluster)
session.add(admin_invoke_sec)
pubapi_sec = HTTPBasicAuth(None, 'pubapi', True, 'pubapi',
'Zato public API',
uuid4().hex, cluster)
session.add(pubapi_sec)
internal_invoke_sec = HTTPBasicAuth(None, 'zato.internal.invoke', True,
'zato.internal.invoke.user',
'Zato internal invoker',
uuid4().hex, cluster)
session.add(internal_invoke_sec)
self.add_internal_services(session, cluster, admin_invoke_sec,
pubapi_sec, internal_invoke_sec)
self.add_ping_services(session, cluster)
self.add_default_pubsub_accounts(session, cluster)
self.add_default_rbac_permissions(session, cluster)
self.add_default_rbac_roles(session, cluster)
try:
session.commit()
except IntegrityError, e:
msg = 'Cluster name [{}] already exists'.format(cluster.name)
if self.verbose:
msg += '. Caught an exception:[{}]'.format(
format_exc(e).decode('utf-8'))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.CLUSTER_NAME_ALREADY_EXISTS
def execute(self, args, show_output=True):
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = Cluster()
cluster.name = args.cluster_name
cluster.description = 'Created by {} on {} (UTC)'.format(self._get_user_host(), datetime.utcnow().isoformat())
for name in(
'odb_type', 'odb_host', 'odb_port', 'odb_user', 'odb_db_name',
'broker_host', 'broker_port', 'lb_host', 'lb_port', 'lb_agent_port'):
setattr(cluster, name, getattr(args, name))
session.add(cluster)
# TODO: getattrs below should be squared away - one of the attrs should win
# and the other one should be get ridden of.
admin_invoke_sec = HTTPBasicAuth(None, 'admin.invoke', True, 'admin.invoke', 'Zato admin invoke', getattr(args, 'admin_invoke_password', None) or getattr(args, 'tech_account_password'), cluster)
session.add(admin_invoke_sec)
pubapi_sec = HTTPBasicAuth(None, 'pubapi', True, 'pubapi', 'Zato public API', uuid4().hex, cluster)
session.add(pubapi_sec)
self.add_soap_services(session, cluster, admin_invoke_sec, pubapi_sec)
self.add_ping_services(session, cluster)
self.add_default_pubsub_accounts(session, cluster)
self.add_default_rbac_permissions(session, cluster)
self.add_default_rbac_roles(session, cluster)
try:
session.commit()
except IntegrityError, e:
msg = 'Cluster name [{}] already exists'.format(cluster.name)
if self.verbose:
msg += '. Caught an exception:[{}]'.format(format_exc(e).decode('utf-8'))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.CLUSTER_NAME_ALREADY_EXISTS
def execute(self, args, show_output=True):
# stdlib
from datetime import datetime
from traceback import format_exc
# SQLAlchemy
from sqlalchemy.exc import IntegrityError
# Zato
from zato.common.odb.model import Cluster, HTTPBasicAuth
from zato.common.odb.post_process import ODBPostProcess
engine = self._get_engine(args)
session = self._get_session(engine)
if engine.dialect.has_table(engine.connect(), 'install_state'):
if is_arg_given(args, 'skip-if-exists', 'skip_if_exists'):
if show_output:
if self.verbose:
self.logger.debug('Cluster already exists, skipped its creation')
else:
self.logger.info('OK')
return
with session.no_autoflush:
cluster = Cluster()
cluster.name = args.cluster_name
cluster.description = 'Created by {} on {} (UTC)'.format(self._get_user_host(), datetime.utcnow().isoformat())
for name in(
'odb_type', 'odb_host', 'odb_port', 'odb_user', 'odb_db_name',
'broker_host', 'broker_port', 'lb_host', 'lb_port', 'lb_agent_port'):
setattr(cluster, name, getattr(args, name))
session.add(cluster)
# With a cluster object in place, we can construct the ODB post-processor
odb_post_process = ODBPostProcess(session, cluster, None)
# admin.invoke user's password may be possibly in one of these attributes,
# but if it is now, generate a new one.
admin_invoke_password = getattr(args, 'admin-invoke-password', None)
if not admin_invoke_password:
admin_invoke_password = getattr(args, 'admin_invoke_password', None)
if not admin_invoke_password:
admin_invoke_password = new_password()
admin_invoke_sec = HTTPBasicAuth(None, 'admin.invoke', True, 'admin.invoke', 'Zato admin invoke',
admin_invoke_password, cluster)
session.add(admin_invoke_sec)
pubapi_sec = HTTPBasicAuth(None, 'pubapi', True, 'pubapi', 'Zato public API', new_password(), cluster)
session.add(pubapi_sec)
internal_invoke_sec = HTTPBasicAuth(None, 'zato.internal.invoke', True, 'zato.internal.invoke.user',
'Zato internal invoker', new_password(), cluster)
session.add(internal_invoke_sec)
self.add_default_rbac_permissions(session, cluster)
root_rbac_role = self.add_default_rbac_roles(session, cluster)
ide_pub_rbac_role = self.add_rbac_role_and_acct(
session, cluster, root_rbac_role, 'IDE Publishers', 'ide_publisher', 'ide_publisher')
# We need to flush the session here, after adding default RBAC permissions
# which are needed by REST channels with security delegated to RBAC.
session.flush()
self.add_internal_services(session, cluster, admin_invoke_sec, pubapi_sec, internal_invoke_sec, ide_pub_rbac_role)
self.add_ping_services(session, cluster)
self.add_default_cache(session, cluster)
self.add_cache_endpoints(session, cluster)
self.add_crypto_endpoints(session, cluster)
self.add_pubsub_sec_endpoints(session, cluster)
# IBM MQ connections / connectors
self.add_internal_callback_wmq(session, cluster)
# SFTP connections / connectors
self.add_sftp_credentials(session, cluster)
# Account to access cache services with
self.add_cache_credentials(session, cluster)
# SSO
self.add_sso_endpoints(session, cluster)
# Run ODB post-processing tasks
odb_post_process.run()
try:
session.commit()
except IntegrityError as e:
msg = 'SQL IntegrityError caught `{}`'.format(e.message)
if self.verbose:
msg += '\nDetails:`{}`'.format(format_exc().decode('utf-8'))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.CLUSTER_NAME_ALREADY_EXISTS
if show_output:
if self.verbose:
msg = 'Successfully created a new cluster [{}]'.format(args.cluster_name)
self.logger.debug(msg)
else:
self.logger.info('OK')