def encrypt_model_dictionary(self, model_dict):
"""
Encrypt the model dictionary (and referenced variables, if provided) using the specified passphrase.
:param model_dict: the model dictionary
:return: the number of model elements encrypted, and the number of variables encrypted
:raises EncryptionException if an error occurs
"""
if model.get_model_domain_info_key() in model_dict:
domain_info_dict = model_dict[model.get_model_domain_info_key()]
self._encrypt_info_nodes(domain_info_dict)
if model.get_model_topology_key() in model_dict:
top_folder_names = self.alias_helper.get_model_topology_top_level_folder_names()
topology_nodes = model_dict[model.get_model_topology_key()]
location = LocationContext()
self._encrypt_nodes(location, topology_nodes, top_folder_names)
if model.get_model_resources_key() in model_dict:
top_folder_names = self.alias_helper.get_model_resources_top_level_folder_names()
resources_nodes = model_dict[model.get_model_resources_key()]
location = LocationContext()
self._encrypt_nodes(location, resources_nodes, top_folder_names)
if model.get_model_deployments_key() in model_dict:
top_folder_names = self.alias_helper.get_model_app_deployments_top_level_folder_names()
deployments_nodes = model_dict[model.get_model_deployments_key()]
location = LocationContext()
self._encrypt_nodes(location, deployments_nodes, top_folder_names)
return self.model_changes, self.variable_changes
def __init__(self):
self._validation_result_dict = {
'%s Section' % model.get_model_domain_info_key(): None,
'%s Section' % model.get_model_topology_key(): None,
'%s Section' % model.get_model_deployments_key(): None,
'%s Section' % model.get_model_resources_key(): None
}
def __init__(self,
program_name,
model,
model_context,
version=None,
variable_dictionary=None):
"""
Construct an instance of the injector with the model and information used by the injector.
:param program_name: name of the calling tool
:param model: to be updated with variables
:param model_context: context with command line information
:param version: of model if model context is not provided
"""
self.__program_name = program_name
self.__original = copy.deepcopy(model)
self.__model = model
self.__model_context = model_context
if self.__model_context:
self.__wlst_mode = self.__model_context.get_target_wlst_mode()
else:
self.__wlst_mode = WlstModes.OFFLINE
self.__section_keys = model_sections.get_model_top_level_keys()
self.__section_keys.remove(model_sections.get_model_domain_info_key())
if version:
self.__aliases = Aliases(model_context,
wlst_mode=self.__wlst_mode,
wls_version=version)
else:
self.__aliases = Aliases(model_context)
self.__variable_dictionary = variable_dictionary
def __init__(self):
self._validation_result_dict = {
'%s Section' % model.get_model_domain_info_key(): None,
'%s Section' % model.get_model_topology_key(): None,
'%s Section' % model.get_model_deployments_key(): None,
'%s Section' % model.get_model_resources_key(): None,
'%s Section' % model_constants.GLOBAL_VARIABLE_SUBSTITUTION: None
}
def encrypt_model_dictionary(passphrase, model_dict, variables=None):
"""
Encrypt the model dictionary (and referenced variables, if provided) using the specified passphrase.
:param passphrase: the passphrase used to encrypt/decrypt the passwords
:param model_dict: the model dictionary
:param variables: the variables property object
:raises EncryptionException if an error occurs
"""
_initialize_password_field_names()
model_changes = 0
variable_changes = 0
if model.get_model_domain_info_key() in model_dict:
domain_info_dict = model_dict[model.get_model_domain_info_key()]
_model_changes, _variable_changes = \
_search_and_replace_passwords(passphrase, model.get_model_domain_info_key(), domain_info_dict, variables)
model_changes += _model_changes
variable_changes += _variable_changes
if model.get_model_topology_key() in model_dict:
topology_dict = model_dict[model.get_model_topology_key()]
_model_changes, _variable_changes = \
_search_and_replace_passwords(passphrase, model.get_model_topology_key(), topology_dict, variables)
model_changes += _model_changes
variable_changes += _variable_changes
if model.get_model_resources_key() in model_dict:
resources_dict = model_dict[model.get_model_resources_key()]
_model_changes, _variable_changes = \
_search_and_replace_passwords(passphrase, model.get_model_resources_key(), resources_dict, variables)
model_changes += _model_changes
variable_changes += _variable_changes
if model.get_model_deployments_key() in model_dict:
deployments_dict = model_dict[model.get_model_deployments_key()]
_model_changes, _variable_changes = \
_search_and_replace_passwords(passphrase, model.get_model_deployments_key(), deployments_dict, variables)
model_changes += _model_changes
variable_changes += _variable_changes
return model_changes, variable_changes
def __set_app_dir(self):
"""
Set the AppDir domain option.
:raises: CreateException: if an error occurs
"""
_method_name = '__set_app_dir'
self.logger.entering(class_name=self.__class_name, method_name=_method_name)
if APP_DIR in self._domain_info:
app_dir = self._domain_info[APP_DIR]
self.logger.fine('WLSDPLY-12225', model_helper.get_model_domain_info_key(), APP_DIR, app_dir,
class_name=self.__class_name, method_name=_method_name)
else:
app_dir = os.path.join(self.model_context.get_domain_parent_dir(), 'applications')
self.logger.fine('WLSDPLY-12226', model_helper.get_model_domain_info_key(), APP_DIR, app_dir,
class_name=self.__class_name, method_name=_method_name)
self.wlst_helper.set_option_if_needed(SET_OPTION_APP_DIR, app_dir)
self.logger.exiting(class_name=self.__class_name, method_name=_method_name)
return
def __set_admin_password(self):
"""
Set the administrative user's password.
:raises: CreateException: if an error occurs
"""
_method_name = '__set_admin_password'
if ADMIN_PASSWORD in self._domain_info:
admin_password = self._domain_info[ADMIN_PASSWORD]
admin_username = self.wls_helper.get_default_admin_username()
if ADMIN_USERNAME in self._domain_info:
admin_username = self._domain_info[ADMIN_USERNAME]
location = LocationContext().append_location(SECURITY)
token_name = self.alias_helper.get_name_token(location)
if token_name is not None:
location.add_name_token(token_name, self._domain_name)
location.append_location(USER)
token_name = self.alias_helper.get_name_token(location)
if token_name is not None:
location.add_name_token(
token_name, self.wls_helper.get_default_admin_username())
admin_user_path = self.alias_helper.get_wlst_attributes_path(
location)
self.wlst_helper.cd(admin_user_path)
wlst_name, wlst_value = \
self.alias_helper.get_wlst_attribute_name_and_value(location, NAME, admin_username)
self.wlst_helper.set_if_needed(wlst_name, wlst_value, NAME,
admin_username)
wlst_name, wlst_value = \
self.alias_helper.get_wlst_attribute_name_and_value(location, PASSWORD, admin_password, masked=True)
self.wlst_helper.set_if_needed(wlst_name,
wlst_value,
PASSWORD,
'<masked>',
masked=True)
else:
ex = exception_helper.create_create_exception(
'WLSDPLY-12228', 'AdminPassword',
model_helper.get_model_domain_info_key())
self.logger.throwing(ex,
class_name=self.__class_name,
method_name=_method_name)
raise ex
return
def __init__(self, model_dictionary, model_context, aliases):
_method_name = '__init__'
Creator.__init__(self, model_dictionary, model_context, aliases)
# domainInfo section is required to get the admin password, everything else
# is optional and will use the template defaults
if model_helper.get_model_domain_info_key() not in model_dictionary:
ex = exception_helper.create_create_exception('WLSDPLY-12200', self.__program_name,
model_helper.get_model_domain_info_key(),
self.model_context.get_model_file())
self.logger.throwing(ex, class_name=self.__class_name, method_name=_method_name)
raise ex
self.topology_helper = TopologyHelper(self.aliases, ExceptionType.CREATE, self.logger)
self.security_provider_creator = SecurityProviderCreator(model_dictionary, model_context, aliases,
ExceptionType.CREATE, self.logger)
self._domain_typedef = self.model_context.get_domain_typedef()
self._topology = self.model.get_model_topology()
self._domain_info = self.model.get_model_domain_info()
if DOMAIN_NAME in self._topology:
self._domain_name = self._topology[DOMAIN_NAME]
else:
self._domain_name = DEFAULT_WLS_DOMAIN_NAME
self._domain_home = os.path.join(self.model_context.get_domain_parent_dir(), self._domain_name)
if ADMIN_SERVER_NAME in self._topology:
self._admin_server_name = self._topology[ADMIN_SERVER_NAME]
else:
self._admin_server_name = DEFAULT_ADMIN_SERVER_NAME
self.__default_domain_name = None
self.__default_admin_server_name = None
self.__default_security_realm_name = None
archive_file_name = self.model_context.get_archive_file_name()
if archive_file_name is not None:
self.archive_helper = ArchiveHelper(archive_file_name, self._domain_home, self.logger,
exception_helper.ExceptionType.CREATE)
self.library_helper = LibraryHelper(self.model, self.model_context, self.aliases, self._domain_home,
ExceptionType.CREATE, self.logger)
self.target_helper = TargetHelper(self.model, self.model_context, self.aliases, ExceptionType.CREATE,
self.logger)
#
# Creating domains with the wls.jar template is busted for pre-12.1.2 domains with regards to the
# names of the default authentication providers (both the DefaultAuthenticator and the
# DefaultIdentityAsserter names are 'Provider', making it impossible to work with in WLST. If
# the WLS version is earlier than fix this as part of domain creation...
#
self.__fix_default_authentication_provider_names = \
self.wls_helper.do_default_authentication_provider_names_need_fixing()
#
# This list gets modified as the domain is being created so do use this list for anything else...
#
self.__topology_folder_list = self.alias_helper.get_model_topology_top_level_folder_names()
return
def walk(self):
"""
Replace password attributes in each model file with secret tokens, and write each model.
Generate a script to create the required secrets.
Create any additional output specified for the target environment.
"""
_method_name = "walk"
model_file_name = None
try:
model_file_list = self.model_files.split(',')
for model_file in model_file_list:
self.cache.clear()
if os.path.splitext(model_file)[1].lower() == ".yaml":
model_file_name = model_file
FileToPython(model_file_name, True).parse()
aliases = Aliases(model_context=self.model_context,
wlst_mode=WlstModes.OFFLINE)
validator = Validator(self.model_context,
aliases,
wlst_mode=WlstModes.OFFLINE)
# Just merge and validate but without substitution
model_dictionary = cla_helper.merge_model_files(
model_file_name, None)
variable_file = self.model_context.get_variable_file()
if not os.path.exists(variable_file):
variable_file = None
return_code = validator.validate_in_tool_mode(
model_dictionary,
variables_file_name=variable_file,
archive_file_name=None)
if return_code == Validator.ReturnCode.STOP:
self._logger.severe('WLSDPLY-05705', model_file_name)
return VALIDATION_FAIL
self.current_dict = model_dictionary
self.__walk_model_section(
model.get_model_domain_info_key(), self.current_dict,
aliases.get_model_section_top_level_folder_names(
DOMAIN_INFO))
self.__walk_model_section(
model.get_model_topology_key(), self.current_dict,
aliases.get_model_topology_top_level_folder_names())
self.__walk_model_section(
model.get_model_resources_key(), self.current_dict,
aliases.get_model_resources_top_level_folder_names())
self.current_dict = self._apply_filter_and_inject_variable(
self.current_dict, self.model_context, validator)
file_name = os.path.join(self.output_dir,
os.path.basename(model_file_name))
fos = JFileOutputStream(file_name, False)
writer = JPrintWriter(fos, True)
pty = PythonToYaml(self.current_dict)
pty._write_dictionary_to_yaml_file(self.current_dict, writer)
writer.close()
self.cache.clear()
for key in self.secrets_to_generate:
self.cache[key] = ''
# use a merged, substituted, filtered model to get domain name and create additional target output.
full_model_dictionary = cla_helper.load_model(
_program_name, self.model_context, self._aliases, "discover",
WlstModes.OFFLINE)
target_configuration_helper.generate_k8s_script(
self.model_context, self.cache, full_model_dictionary)
# create any additional outputs from full model dictionary
target_configuration_helper.create_additional_output(
Model(full_model_dictionary), self.model_context,
self._aliases, ExceptionType.VALIDATE)
except ValidateException, te:
self._logger.severe('WLSDPLY-20009',
_program_name,
model_file_name,
te.getLocalizedMessage(),
error=te,
class_name=_class_name,
method_name=_method_name)
ex = exception_helper.create_compare_exception(
te.getLocalizedMessage(), error=te)
self._logger.throwing(ex,
class_name=_class_name,
method_name=_method_name)
return VALIDATION_FAIL
def walk(self):
_method_name = "walk"
model_file_name = None
try:
model_file_list = self.model_files.split(',')
for model_file in model_file_list:
self.cache.clear()
if os.path.splitext(model_file)[1].lower() == ".yaml":
model_file_name = model_file
FileToPython(model_file_name, True).parse()
aliases = Aliases(model_context=self.model_context, wlst_mode=WlstModes.OFFLINE)
validator = Validator(self.model_context, aliases, wlst_mode=WlstModes.OFFLINE)
# Just merge and validate but without substitution
model_dictionary = cla_helper.merge_model_files(model_file_name, None)
variable_file = self.model_context.get_variable_file()
if not os.path.exists(variable_file):
variable_file=None
return_code = validator.validate_in_tool_mode(model_dictionary,
variables_file_name=variable_file,
archive_file_name=None)
if return_code == Validator.ReturnCode.STOP:
__logger.severe('WLSDPLY-05705', model_file_name)
return VALIDATION_FAIL
self.current_dict = model_dictionary
self.__walk_model_section(model.get_model_domain_info_key(), self.current_dict,
aliases.get_model_section_top_level_folder_names(DOMAIN_INFO))
self.__walk_model_section(model.get_model_topology_key(), self.current_dict,
aliases.get_model_topology_top_level_folder_names())
self.__walk_model_section(model.get_model_resources_key(), self.current_dict,
aliases.get_model_resources_top_level_folder_names())
self.current_dict = self._apply_filter_and_inject_variable(self.current_dict, self.model_context,
validator)
file_name = os.path.join(self.output_dir, os.path.basename(model_file_name))
fos = JFileOutputStream(file_name, False)
writer = JPrintWriter(fos, True)
pty = PythonToYaml(self.current_dict)
pty._write_dictionary_to_yaml_file(self.current_dict, writer)
writer.close()
self.cache.clear()
for key in self.secrets_to_generate:
self.cache[key] = ''
target_configuration_helper.generate_k8s_script(self.model_context.get_kubernetes_variable_file(),
self.cache)
except ValidateException, te:
__logger.severe('WLSDPLY-20009', _program_name, model_file_name, te.getLocalizedMessage(),
error=te, class_name=_class_name, method_name=_method_name)
ex = exception_helper.create_compare_exception(te.getLocalizedMessage(), error=te)
__logger.throwing(ex, class_name=_class_name, method_name=_method_name)
return VALIDATION_FAIL
def __init__(self, model_dictionary, model_context, aliases):
_method_name = '__init__'
Creator.__init__(self, model_dictionary, model_context, aliases)
# domainInfo section is required to get the admin password, everything else
# is optional and will use the template defaults
if model_helper.get_model_domain_info_key() not in model_dictionary:
ex = exception_helper.create_create_exception(
'WLSDPLY-12200', self.__program_name,
model_helper.get_model_domain_info_key(),
self.model_context.get_model_file())
self.logger.throwing(ex,
class_name=self.__class_name,
method_name=_method_name)
raise ex
self.topology_helper = TopologyHelper(self.aliases,
ExceptionType.CREATE,
self.logger)
self.security_provider_creator = SecurityProviderCreator(
model_dictionary, model_context, aliases, ExceptionType.CREATE,
self.logger)
self._domain_typedef = self.model_context.get_domain_typedef()
self._topology = self.model.get_model_topology()
self._domain_info = self.model.get_model_domain_info()
if DOMAIN_NAME in self._topology:
self._domain_name = self._topology[DOMAIN_NAME]
else:
self._domain_name = DEFAULT_WLS_DOMAIN_NAME
# if domain home specified on command line, set it here, otherwise append domain name to domain parent
model_domain_home = self.model_context.get_domain_home()
if model_domain_home:
self._domain_home = model_domain_home
else:
self._domain_home = os.path.join(
self.model_context.get_domain_parent_dir(), self._domain_name)
if ADMIN_SERVER_NAME in self._topology:
self._admin_server_name = self._topology[ADMIN_SERVER_NAME]
else:
self._admin_server_name = DEFAULT_ADMIN_SERVER_NAME
self.__default_domain_name = None
self.__default_admin_server_name = None
self.__default_security_realm_name = None
archive_file_name = self.model_context.get_archive_file_name()
if archive_file_name is not None:
self.archive_helper = ArchiveHelper(
archive_file_name, self._domain_home, self.logger,
exception_helper.ExceptionType.CREATE)
self.library_helper = LibraryHelper(self.model, self.model_context,
self.aliases, self._domain_home,
ExceptionType.CREATE, self.logger)
self.target_helper = TargetHelper(self.model, self.model_context,
self.aliases, ExceptionType.CREATE,
self.logger)
#
# This list gets modified as the domain is being created so do use this list for anything else...
#
self.__topology_folder_list = self.alias_helper.get_model_topology_top_level_folder_names(
)
return
