def prompt_test_environment(self):
"""Prompts for test environment.
"""
logger.info("A test environment means that the installer will strip all resource requirements, "
"and hence will use as much as needed only. The pods are subject to eviction. Please use "
" at least 8GB Ram , 4 CPU, and 50 GB disk.")
self.settings.set("TEST_ENVIRONMENT", confirm_yesno("Is this a test environment."))
def prompt_couchbase_multi_cluster(self):
"""Prompts for couchbase multi cluster
"""
print(
"|------------------------------------------------------------------|"
)
print(
"| Is this a multi-cloud/region setup[N] ? [Y/N] |"
)
print(
"|------------------------------------------------------------------|"
)
print(
"| Notes |"
)
print(
"|------------------------------------------------------------------|"
)
print(
"If you are planning for a multi-cloud/region setup and this is the first cluster answer N or"
" leave blank. You will answer Y for the second and more cluster setup "
)
print(
"|------------------------------------------------------------------|"
)
self.settings.set("DEPLOY_MULTI_CLUSTER",
confirm_yesno("Is this a multi-cloud/region setup"))
def prompt_override_couchbase_files(self):
if not self.settings.get("COUCHBASE_CLUSTER_FILE_OVERRIDE"):
self.settings.set(
"COUCHBASE_CLUSTER_FILE_OVERRIDE",
confirm_yesno(
"Override couchbase-cluster.yaml with a custom couchbase-cluster.yaml",
))
if self.settings.get("COUCHBASE_CLUSTER_FILE_OVERRIDE") == "Y":
try:
shutil.copy(Path("./couchbase-cluster.yaml"),
Path("./couchbase/couchbase-cluster.yaml"))
shutil.copy(Path("./couchbase-buckets.yaml"),
Path("./couchbase/couchbase-buckets.yaml"))
shutil.copy(
Path("./couchbase-ephemeral-buckets.yaml"),
Path("./couchbase/couchbase-ephemeral-buckets.yaml"))
except FileNotFoundError:
logger.error(
"An override option has been chosen but there is a missing couchbase file that "
"could not be found at the current path. Please place the override files under the name"
" couchbase-cluster.yaml, couchbase-buckets.yaml, and couchbase-ephemeral-buckets.yaml"
" in the same directory pygluu-kubernetes.pyz exists ")
raise SystemExit(1)
def prompt_image_name_tag(self):
"""Manual prompts for image names and tags if changed from default or at a different repository.
"""
def prompt_and_set_setting(service, image_name_key, image_tag_key):
self.settings.set(image_name_key,
click.prompt(f"{service} image name", default=self.settings.get(image_name_key)))
self.settings.set(image_tag_key,
click.prompt(f"{service} image tag", default=self.settings.get(image_tag_key)))
if not self.settings.get("EDIT_IMAGE_NAMES_TAGS"):
self.settings.set("EDIT_IMAGE_NAMES_TAGS", confirm_yesno(
"Would you like to manually edit the image source/name and tag"))
if self.settings.get("EDIT_IMAGE_NAMES_TAGS") == "Y":
# CASA
if self.settings.get("ENABLE_CASA") == "Y":
prompt_and_set_setting("Casa", "CASA_IMAGE_NAME", "CASA_IMAGE_TAG")
# CONFIG
prompt_and_set_setting("Config", "CONFIG_IMAGE_NAME", "CONFIG_IMAGE_TAG")
# CACHE_REFRESH_ROTATE
if self.settings.get("ENABLE_CACHE_REFRESH") == "Y":
prompt_and_set_setting("CR-rotate", "CACHE_REFRESH_ROTATE_IMAGE_NAME", "CACHE_REFRESH_ROTATE_IMAGE_TAG")
# KEY_ROTATE
if self.settings.get("ENABLE_AUTH_SERVER_KEY_ROTATE") == "Y":
prompt_and_set_setting("Key rotate", "CERT_MANAGER_IMAGE_NAME", "CERT_MANAGER_IMAGE_TAG")
# LDAP
if self.settings.get("PERSISTENCE_BACKEND") == "hybrid" or \
self.settings.get("PERSISTENCE_BACKEND") == "ldap":
prompt_and_set_setting("OpenDJ", "LDAP_IMAGE_NAME", "LDAP_IMAGE_TAG")
# Jackrabbit
prompt_and_set_setting("jackrabbit", "JACKRABBIT_IMAGE_NAME", "JACKRABBIT_IMAGE_TAG")
# AUTH_SERVER
prompt_and_set_setting("Auth-Server", "AUTH_SERVER_IMAGE_NAME", "AUTH_SERVER_IMAGE_TAG")
# CLIENT_API
if self.settings.get("ENABLE_CLIENT_API") == "Y":
prompt_and_set_setting("CLIENT_API server", "CLIENT_API_IMAGE_NAME", "CLIENT_API_IMAGE_TAG")
# OXPASSPORT
if self.settings.get("ENABLE_OXPASSPORT") == "Y":
prompt_and_set_setting("oxPassport", "OXPASSPORT_IMAGE_NAME", "OXPASSPORT_IMAGE_TAG")
# OXSHIBBBOLETH
if self.settings.get("ENABLE_OXSHIBBOLETH") == "Y":
prompt_and_set_setting("oxShibboleth", "OXSHIBBOLETH_IMAGE_NAME", "OXSHIBBOLETH_IMAGE_TAG")
# OXTRUST
prompt_and_set_setting("oxTrust", "OXTRUST_IMAGE_NAME", "OXTRUST_IMAGE_TAG")
# PERSISTENCE
prompt_and_set_setting("Persistence", "PERSISTENCE_IMAGE_NAME", "PERSISTENCE_IMAGE_TAG")
# RADIUS
if self.settings.get("ENABLE_RADIUS") == "Y":
prompt_and_set_setting("Radius", "RADIUS_IMAGE_NAME", "RADIUS_IMAGE_TAG")
# Gluu-Gateway
if self.settings.get("INSTALL_GLUU_GATEWAY") == "Y":
prompt_and_set_setting("Gluu-Gateway", "GLUU_GATEWAY_IMAGE_NAME", "GLUU_GATEWAY_IMAGE_TAG")
# Gluu-Gateway-UI
prompt_and_set_setting("Gluu-Gateway-UI", "GLUU_GATEWAY_UI_IMAGE_NAME", "GLUU_GATEWAY_UI_IMAGE_TAG")
self.settings.set("EDIT_IMAGE_NAMES_TAGS", "N")
def prompt_istio(self):
"""Prompt for Istio
"""
if not self.settings.get("USE_ISTIO_INGRESS") and self.settings.get(
"DEPLOYMENT_ARCH") not in ("microk8s", "minikube"):
self.settings.set(
"USE_ISTIO_INGRESS",
confirm_yesno("[Alpha] Would you like to use "
"Istio Ingress with Gluu ?"))
if self.settings.get("USE_ISTIO_INGRESS") == "Y":
self.settings.set("USE_ISTIO", "Y")
if not self.settings.get("USE_ISTIO"):
logger.info(
"Please follow https://istio.io/latest/docs/ to learn more.")
logger.info(
"Istio will auto inject side cars into all pods in Gluus namespace chosen. "
"The label istio-injection=enabled will be added to the namespace Gluu will be installed in "
"if the namespace does not exist. If it does please run "
"kubectl label namespace <namespace> istio-injection=enabled")
self.settings.set(
"USE_ISTIO",
confirm_yesno(
"[Alpha] Would you like to use Istio with Gluu ?"))
if not self.settings.get("ISTIO_SYSTEM_NAMESPACE"
) and self.settings.get("USE_ISTIO") == "Y":
self.settings.set(
"ISTIO_SYSTEM_NAMESPACE",
click.prompt("Istio namespace", default="istio-system"))
if self.settings.get("USE_ISTIO_INGRESS") == "Y":
self.enabled_services.append("cn-istio-ingress")
self.settings.set("ENABLED_SERVICES_LIST", self.enabled_services)
if not self.settings.get("LB_ADD"):
self.settings.set(
"LB_ADD",
click.prompt(
"Istio loadbalancer adderss(eks) or "
"ip (gke, aks, digital ocean, local)",
default=""))
def prompt_license(self):
"""Prompts user to accept Apache 2.0 license
"""
if self.settings.get("ACCEPT_CN_LICENSE") != "Y":
with open("./LICENSE") as f:
print(f.read())
self.settings.set(
"ACCEPT_CN_LICENSE",
confirm_yesno("Do you accept the Gluu license stated above"))
if self.settings.get("ACCEPT_CN_LICENSE") != "Y":
logger.info("License not accepted.")
raise SystemExit(1)
def prompt_redis(self):
"""Prompts for Redis
"""
if not self.settings.get("REDIS_TYPE"):
logger.info("STANDALONE, CLUSTER")
self.settings.set("REDIS_TYPE", click.prompt("Please enter redis type", default="CLUSTER"))
if not self.settings.get("INSTALL_REDIS"):
logger.info("For the following prompt if placed [N] the Redis is assumed to be"
" installed or remotely provisioned")
self.settings.set("INSTALL_REDIS", confirm_yesno("Install Redis", default=True))
if self.settings.get("INSTALL_REDIS") == "Y":
if not self.settings.get("REDIS_MASTER_NODES"):
self.settings.set("REDIS_MASTER_NODES",
click.prompt("The number of master node. Minimum is 3", default=3))
if not self.settings.get("REDIS_NODES_PER_MASTER"):
self.settings.set("REDIS_NODES_PER_MASTER", click.prompt("The number of nodes per master node",
default=2))
if not self.settings.get("REDIS_NAMESPACE"):
self.settings.set("REDIS_NAMESPACE", click.prompt("Please enter a namespace for Redis cluster",
default="gluu-redis-cluster"))
else:
# Placing password in kubedb is currently not supported. # Todo: Remove else once supported
if not self.settings.get("REDIS_PW"):
self.settings.set("REDIS_PW", prompt_password("Redis"))
if not self.settings.get("REDIS_URL"):
if self.settings.get("INSTALL_REDIS") == "Y":
redis_url_prompt = "redis-cluster.{}.svc.cluster.local:6379".format(
self.settings.get("REDIS_NAMESPACE"))
else:
logger.info(
"Redis URL can be : redis-cluster.gluu-redis-cluster.svc.cluster.local:6379 in a redis deployment")
logger.info("Redis URL using AWS ElastiCach [Configuration Endpoint]: "
"clustercfg.testing-redis.icrbdv.euc1.cache.amazonaws.com:6379")
logger.info("Redis URL using Google MemoryStore : <ip>:6379")
redis_url_prompt = click.prompt(
"Please enter redis URL. If you are deploying redis",
default="redis-cluster.gluu-redis-cluster.svc.cluster.local:6379",
)
self.settings.set("REDIS_URL", redis_url_prompt)
def prompt_couchbase(self):
self.arch.prompt_arch()
self.namespace.prompt_gluu_namespace()
if self.settings.get("DEPLOYMENT_ARCH") not in ("microk8s",
"minikube"):
self.backup.prompt_backup()
if not self.settings.get("HOST_EXT_IP"):
ip = gather_ip
self.settings.set("HOST_EXT_IP", ip)
if not self.settings.get("INSTALL_COUCHBASE"):
logger.info(
"For the following prompt if placed [N] the couchbase is assumed to be"
" installed or remotely provisioned")
self.settings.set("INSTALL_COUCHBASE",
confirm_yesno("Install Couchbase", default=True))
if self.settings.get("INSTALL_COUCHBASE") == "N":
if not self.settings.get("COUCHBASE_CRT"):
print(
"Place the Couchbase certificate authority certificate in a file called couchbase.crt at "
"the same location as the installation script.")
print(
"This can also be found in your couchbase UI Security > Root Certificate"
)
_ = input("Hit 'enter' or 'return' when ready.")
with open(Path("./couchbase.crt")) as content_file:
ca_crt = content_file.read()
encoded_ca_crt_bytes = base64.b64encode(
ca_crt.encode("utf-8"))
encoded_ca_crt_string = str(encoded_ca_crt_bytes, "utf-8")
self.settings.set("COUCHBASE_CRT", encoded_ca_crt_string)
else:
self.settings.set("COUCHBASE_CRT", "")
self.prompt_override_couchbase_files()
if self.settings.get("DEPLOYMENT_ARCH") in ("microk8s", "minikube"):
self.settings.set("COUCHBASE_USE_LOW_RESOURCES", "Y")
if not self.settings.get("COUCHBASE_USE_LOW_RESOURCES"):
self.settings.set(
"COUCHBASE_USE_LOW_RESOURCES",
confirm_yesno(
"Setup CB nodes using low resources for demo purposes"))
if self.settings.get("COUCHBASE_USE_LOW_RESOURCES") == "N" and \
self.settings.get("COUCHBASE_CLUSTER_FILE_OVERRIDE") == "N" and \
self.settings.get("INSTALL_COUCHBASE") == "Y":
self.prompt_couchbase_calculator()
if not self.settings.get("COUCHBASE_NAMESPACE"):
self.settings.set(
"COUCHBASE_NAMESPACE",
click.prompt("Please enter a namespace for CB objects.",
default="cbns"))
if not self.settings.get("COUCHBASE_CLUSTER_NAME"):
self.settings.set(
"COUCHBASE_CLUSTER_NAME",
click.prompt("Please enter a cluster name.", default="cbgluu"))
if not self.settings.get("COUCHBASE_URL"):
self.settings.set(
"COUCHBASE_URL",
click.prompt(
"Please enter couchbase (remote or local) URL base name",
default=
f"{self.settings.get('COUCHBASE_CLUSTER_NAME')}.{self.settings.get('COUCHBASE_NAMESPACE')}.svc"
f".cluster.local",
))
if not self.settings.get("COUCHBASE_INDEX_NUM_REPLICA"):
self.settings.set(
"COUCHBASE_INDEX_NUM_REPLICA",
click.prompt(
"Please enter the number of replicas per index created. "
"Please note that the number of index nodes must be one greater than the number of replicas. "
"That means if your couchbase cluster only has 2 "
"index nodes you cannot place the number of replicas to be higher than 1.",
default="0",
))
if not self.settings.get("COUCHBASE_SUPERUSER"):
self.settings.set(
"COUCHBASE_SUPERUSER",
click.prompt("Please enter couchbase superuser username.",
default="admin"))
if not self.settings.get("COUCHBASE_SUPERUSER_PASSWORD"):
self.settings.set("COUCHBASE_SUPERUSER_PASSWORD",
prompt_password("Couchbase superuser"))
if not self.settings.get("COUCHBASE_USER"):
self.settings.set(
"COUCHBASE_USER",
click.prompt("Please enter gluu couchbase username.",
default="gluu"))
if not self.settings.get("COUCHBASE_PASSWORD"):
self.settings.set("COUCHBASE_PASSWORD",
prompt_password("Couchbase Gluu user"))
self.find_couchbase_certs_or_set_san_cn()
def prompt_couchbase_calculator(self):
"""Attempt to Calculate resources needed
"""
if not self.settings.get("NUMBER_OF_EXPECTED_USERS"):
self.settings.set(
"NUMBER_OF_EXPECTED_USERS",
click.prompt(
"Please enter the number of expected users "
"[alpha]",
default="1000000"))
if not self.settings.get(
"USING_RESOURCE_OWNER_PASSWORD_CRED_GRANT_FLOW"):
self.settings.set(
"USING_RESOURCE_OWNER_PASSWORD_CRED_GRANT_FLOW",
confirm_yesno(
"Will you be using the resource owner password credential grant flow [alpha]",
default=True,
))
if not self.settings.get("USING_CODE_FLOW"):
self.settings.set(
"USING_CODE_FLOW",
confirm_yesno("Will you be using the code flow [alpha]",
default=True))
if not self.settings.get("USING_SCIM_FLOW"):
self.settings.set(
"USING_SCIM_FLOW",
confirm_yesno("Will you be using the SCIM flow [alpha]",
default=True))
if not self.settings.get("EXPECTED_TRANSACTIONS_PER_SEC"):
self.settings.set(
"EXPECTED_TRANSACTIONS_PER_SEC",
click.prompt("Expected transactions per second [alpha]",
default=2000))
# couchbase-cluster.yaml specs
if not self.settings.get("COUCHBASE_DATA_NODES"):
self.settings.set(
"COUCHBASE_DATA_NODES",
click.prompt(
"Please enter the number of data nodes. [alpha] (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_INDEX_NODES"):
self.settings.set(
"COUCHBASE_INDEX_NODES",
click.prompt(
"Please enter the number of index nodes. [alpha] (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_QUERY_NODES"):
self.settings.set(
"COUCHBASE_QUERY_NODES",
click.prompt(
"Please enter the number of query nodes. [alpha] (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_SEARCH_EVENTING_ANALYTICS_NODES"):
self.settings.set(
"COUCHBASE_SEARCH_EVENTING_ANALYTICS_NODES",
click.prompt(
"Please enter the number of search, eventing and analytics nodes. [alpha] (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_GENERAL_STORAGE"):
self.settings.set(
"COUCHBASE_GENERAL_STORAGE",
click.prompt(
"Please enter the general storage size used for couchbase. [alpha] (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_DATA_STORAGE"):
self.settings.set(
"COUCHBASE_DATA_STORAGE",
click.prompt(
"Please enter the data node storage size used for couchbase. [alpha] (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_INDEX_STORAGE"):
self.settings.set(
"COUCHBASE_INDEX_STORAGE",
click.prompt(
"Please enter the index node storage size used for couchbase. (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_QUERY_STORAGE"):
self.settings.set(
"COUCHBASE_QUERY_STORAGE",
click.prompt(
"Please enter the query node storage size used for couchbase. (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_ANALYTICS_STORAGE"):
self.settings.set(
"COUCHBASE_ANALYTICS_STORAGE",
click.prompt(
"Please enter the analytics node storage size used for couchbase. (auto-calculated)",
default="",
))
if not self.settings.get("COUCHBASE_VOLUME_TYPE"):
logger.info("GCE GKE Options ('pd-standard', 'pd-ssd')")
logger.info("AWS EKS Options ('gp2', 'io1', 'st1', 'sc1')")
logger.info(
"Azure Options ('Standard_LRS', 'Premium_LRS', 'StandardSSD_LRS', 'UltraSSD_LRS')"
)
self.settings.set(
"COUCHBASE_VOLUME_TYPE",
click.prompt("Please enter the volume type.", default="io1"))
def test_helpers_confirm_yesno(monkeypatch, given, expected):
from pygluu.kubernetes.terminal.helpers import confirm_yesno
monkeypatch.setattr("click.confirm", lambda x: given)
assert confirm_yesno("Random question") == expected
def prompt_gluu_gateway(self):
"""Prompts for Gluu Gateway
"""
if not self.settings.get("INSTALL_GLUU_GATEWAY"):
self.settings.set(
"INSTALL_GLUU_GATEWAY",
confirm_yesno("Install Gluu Gateway Database mode"))
if self.settings.get("INSTALL_GLUU_GATEWAY") == "Y":
self.enabled_services.append("gluu-gateway-ui")
self.settings.set("ENABLED_SERVICES_LIST", self.enabled_services)
self.settings.set("ENABLE_CLIENT_API", "Y")
self.postgres.prompt_postgres()
if not self.settings.get("KONG_NAMESPACE"):
self.settings.set(
"KONG_NAMESPACE",
click.prompt("Please enter a namespace for Gluu Gateway",
default="gluu-gateway"))
if not self.settings.get("GLUU_GATEWAY_UI_NAMESPACE"):
self.settings.set(
"GLUU_GATEWAY_UI_NAMESPACE",
click.prompt(
"Please enter a namespace for gluu gateway ui",
default="gg-ui"))
if not self.settings.get("KONG_PG_USER"):
self.settings.set(
"KONG_PG_USER",
click.prompt(
"Please enter a user for gluu-gateway postgres database",
default="kong"))
if not self.settings.get("KONG_PG_PASSWORD"):
self.settings.set("KONG_PG_PASSWORD",
prompt_password("gluu-gateway-postgres"))
if not self.settings.get("GLUU_GATEWAY_UI_PG_USER"):
self.settings.set(
"GLUU_GATEWAY_UI_PG_USER",
click.prompt(
"Please enter a user for gluu-gateway-ui postgres database",
default="konga"))
if not self.settings.get("GLUU_GATEWAY_UI_PG_PASSWORD"):
self.settings.set("GLUU_GATEWAY_UI_PG_PASSWORD",
prompt_password("gluu-gateway-ui-postgres"))
if not self.settings.get("KONG_DATABASE"):
self.settings.set(
"KONG_DATABASE",
click.prompt(
"Please enter gluu-gateway postgres database name",
default="kong"))
if not self.settings.get("GLUU_GATEWAY_UI_DATABASE"):
self.settings.set(
"GLUU_GATEWAY_UI_DATABASE",
click.prompt(
"Please enter gluu-gateway-ui postgres database name",
default="konga"))
def prompt_optional_services(self):
if not self.settings.get("ENABLE_CACHE_REFRESH"):
self.settings.set("ENABLE_CACHE_REFRESH",
confirm_yesno("Deploy Cr-Rotate"))
if self.settings.get("ENABLE_CACHE_REFRESH") == "Y":
self.enabled_services.append("cr-rotate")
if not self.settings.get("ENABLE_AUTH_SERVER_KEY_ROTATE"):
self.settings.set("ENABLE_AUTH_SERVER_KEY_ROTATE",
confirm_yesno("Deploy Key-Rotation"))
if self.settings.get("ENABLE_AUTH_SERVER_KEY_ROTATE") == "Y":
self.enabled_services.append("auth-server-key-rotation")
if not self.settings.get("AUTH_SERVER_KEYS_LIFE"):
self.settings.set(
"AUTH_SERVER_KEYS_LIFE",
click.prompt("Auth-Server keys life in hours", default=48))
if not self.settings.get("ENABLE_RADIUS"):
self.settings.set("ENABLE_RADIUS", confirm_yesno("Deploy Radius"))
if self.settings.get("ENABLE_RADIUS") == "Y":
self.enabled_services.append("radius")
self.settings.set("ENABLE_RADIUS_BOOLEAN", "true")
if not self.settings.get("ENABLE_OXPASSPORT"):
self.settings.set("ENABLE_OXPASSPORT",
confirm_yesno("Deploy Passport"))
if self.settings.get("ENABLE_OXPASSPORT") == "Y":
self.enabled_services.append("oxpassport")
self.settings.set("ENABLE_OXPASSPORT_BOOLEAN", "true")
if not self.settings.get("ENABLE_OXSHIBBOLETH"):
self.settings.set("ENABLE_OXSHIBBOLETH",
confirm_yesno("Deploy Shibboleth SAML IDP"))
if self.settings.get("ENABLE_OXSHIBBOLETH") == "Y":
self.enabled_services.append("oxshibboleth")
self.settings.set("ENABLE_SAML_BOOLEAN", "true")
if not self.settings.get("ENABLE_CASA"):
self.settings.set("ENABLE_CASA", confirm_yesno("Deploy Casa"))
if self.settings.get("ENABLE_CASA") == "Y":
self.enabled_services.append("casa")
self.settings.set("ENABLE_CASA_BOOLEAN", "true")
self.settings.set("ENABLE_CLIENT_API", "Y")
if not self.settings.get("ENABLE_FIDO2"):
self.settings.set("ENABLE_FIDO2", confirm_yesno("Deploy fido2"))
if self.settings.get("ENABLE_FIDO2") == "Y":
self.enabled_services.append("fido2")
if not self.settings.get("ENABLE_SCIM"):
self.settings.set("ENABLE_SCIM", confirm_yesno("Deploy scim"))
if self.settings.get("ENABLE_SCIM") == "Y":
self.enabled_services.append("scim")
if not self.settings.get("ENABLE_CLIENT_API"):
self.settings.set("ENABLE_CLIENT_API",
confirm_yesno("Deploy Client API"))
if self.settings.get("ENABLE_CLIENT_API") == "Y":
self.enabled_services.append("client-api")
if not self.settings.get("CLIENT_API_APPLICATION_KEYSTORE_CN"):
self.settings.set(
"CLIENT_API_APPLICATION_KEYSTORE_CN",
click.prompt("Client API application keystore name",
default="client-api"))
if not self.settings.get("CLIENT_API_ADMIN_KEYSTORE_CN"):
self.settings.set(
"CLIENT_API_ADMIN_KEYSTORE_CN",
click.prompt("Client API admin keystore name",
default="client-api"))
if not self.settings.get("ENABLE_OXTRUST_API"):
self.settings.set("ENABLE_OXTRUST_API",
confirm_yesno("Enable oxTrust API"))
if self.settings.get("ENABLE_OXTRUST_API"):
self.settings.set("ENABLE_OXTRUST_API_BOOLEAN", "true")
if not self.settings.get("ENABLE_OXTRUST_TEST_MODE"):
self.settings.set("ENABLE_OXTRUST_TEST_MODE",
confirm_yesno("Enable oxTrust Test Mode"))
if self.settings.get("ENABLE_OXTRUST_TEST_MODE") == "Y":
self.settings.set("ENABLE_OXTRUST_TEST_MODE_BOOLEAN", "true")
self.settings.set("ENABLED_SERVICES_LIST", self.enabled_services)
def prompt_helm(self):
"""Prompts for helm installation and returns updated settings.
:return:
"""
if not self.settings.get("CN_HELM_RELEASE_NAME"):
self.settings.set(
"CN_HELM_RELEASE_NAME",
click.prompt("Please enter Gluu helm name", default="gluu"))
# ALPHA-FEATURE: Multi cluster ldap replication
if self.settings.get("PERSISTENCE_BACKEND") in ("hybrid", "ldap") and \
not self.settings.get("CN_LDAP_MULTI_CLUSTER"):
self.settings.set(
"CN_LDAP_MULTI_CLUSTER",
confirm_yesno(
"ALPHA-FEATURE-Are you setting up a multi kubernetes cluster"
))
if self.settings.get("CN_LDAP_MULTI_CLUSTER") == "Y":
if not self.settings.get("CN_LDAP_SERF_PORT"):
self.settings.set(
"CN_LDAP_SERF_PORT",
click.prompt(
"ALPHA-FEATURE-Please enter LDAP serf port (NodePort)",
default="30946"))
if not self.settings.get("CN_LDAP_ADVERTISE_ADDRESS"):
self.settings.set(
"CN_LDAP_ADVERTISE_ADDRESS",
click.prompt("Please enter Serf advertise address",
default="demoexample.gluu.org:30946"))
if not self.settings.get("CN_LDAP_ADVERTISE_ADMIN_PORT"):
self.settings.set(
"CN_LDAP_ADVERTISE_ADMIN_PORT",
click.prompt(
"ALPHA-FEATURE-Please enter LDAP advertise admin port (NodePort)",
default="30444"))
if not self.settings.get("CN_LDAP_ADVERTISE_LDAPS_PORT"):
self.settings.set(
"CN_LDAP_ADVERTISE_LDAPS_PORT",
click.prompt(
"ALPHA-FEATURE-Please enter LDAP advertise LDAPS port (NodePort)",
default="30636"))
if not self.settings.get("CN_LDAP_ADVERTISE_REPLICATION_PORT"):
self.settings.set(
"CN_LDAP_ADVERTISE_REPLICATION_PORT",
click.prompt(
"ALPHA-FEATURE-Please enter LDAP advertise replication port (NodePort)",
default="30989"))
if not self.settings.get("CN_LDAP_SECONDARY_CLUSTER"):
self.settings.set(
"CN_LDAP_SECONDARY_CLUSTER",
confirm_yesno(
"ALPHA-FEATURE-Is this not the first kubernetes cluster"
))
if not self.settings.get("CN_LDAP_SERF_PEERS"):
self.settings.set(
"CN_LDAP_SERF_PEERS",
click.prompt(
"ALPHA-FEATURE-Please enter LDAP advertise serf peers as an array",
default=
"['firstldap.gluu.org:30946', 'secondldap.gluu.org:31946']"
))
if not self.settings.get(
"NGINX_INGRESS_RELEASE_NAME") and self.settings.get(
"AWS_LB_TYPE") != "alb":
self.settings.set(
"NGINX_INGRESS_RELEASE_NAME",
click.prompt("Please enter nginx-ingress helm name",
default="ningress"))
if not self.settings.get(
"NGINX_INGRESS_NAMESPACE") and self.settings.get(
"AWS_LB_TYPE") != "alb":
self.settings.set(
"NGINX_INGRESS_NAMESPACE",
click.prompt("Please enter nginx-ingress helm namespace",
default="ingress-nginx"))
if self.settings.get("INSTALL_GLUU_GATEWAY") == "Y":
if not self.settings.get("KONG_HELM_RELEASE_NAME"):
self.settings.set(
"KONG_HELM_RELEASE_NAME",
click.prompt("Please enter Gluu Gateway helm name",
default="gluu-gateway"))
if not self.settings.get("GLUU_GATEWAY_UI_HELM_RELEASE_NAME"):
self.settings.set(
"GLUU_GATEWAY_UI_HELM_RELEASE_NAME",
click.prompt("Please enter Gluu Gateway UI helm name",
default="gluu-gateway-ui"))
def prompt_config(self):
"""Prompts for generation of configuration layer
"""
check_fqdn_provided = False
while True:
if not self.settings.get("CN_FQDN") or check_fqdn_provided:
self.settings.set(
"CN_FQDN",
click.prompt("Enter Hostname",
default="demoexample.gluu.org"))
regex_bool = re.match(
'^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.){2,}([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9]){2,}$',
# noqa: W605
self.settings.get("CN_FQDN"))
if regex_bool:
break
else:
check_fqdn_provided = True
logger.error(
"Input not FQDN structred. Please enter a FQDN with the format demoexample.gluu.org"
)
if not self.settings.get("COUNTRY_CODE"):
self.settings.set("COUNTRY_CODE",
click.prompt("Enter Country Code", default="US"))
if not self.settings.get("STATE"):
self.settings.set("STATE", click.prompt("Enter State",
default="TX"))
if not self.settings.get("CITY"):
self.settings.set("CITY",
click.prompt("Enter City", default="Austin"))
if not self.settings.get("EMAIL"):
self.settings.set(
"EMAIL", click.prompt("Enter email",
default="*****@*****.**"))
if not self.settings.get("ORG_NAME"):
self.settings.set(
"ORG_NAME", click.prompt("Enter Organization", default="Gluu"))
if not self.settings.get("ADMIN_PW"):
self.settings.set("ADMIN_PW", prompt_password("oxTrust"))
if not self.settings.get("LDAP_PW"):
if self.settings.get("PERSISTENCE_BACKEND") in ("hybrid", "ldap"):
self.settings.set("LDAP_PW", prompt_password("LDAP"))
else:
self.settings.set("LDAP_PW",
self.settings.get("COUCHBASE_PASSWORD"))
if self.settings.get("DEPLOYMENT_ARCH") in ("microk8s", "minikube"):
self.settings.set("IS_CN_FQDN_REGISTERED", "N")
if not self.settings.get("IS_CN_FQDN_REGISTERED"):
self.settings.set(
"IS_CN_FQDN_REGISTERED",
confirm_yesno("Are you using a globally resolvable FQDN"))
if self.settings.get("IS_CN_FQDN_REGISTERED") == "N":
self.enabled_services.append("update-lb-ip")
self.settings.set("ENABLED_SERVICES_LIST", self.enabled_services)
logger.info(
"You can mount your FQDN certification and key by placing them inside "
"gluu.crt and gluu.key respectivley at the same location pygluu-kubernetes.pyz is at."
)
self.generate_main_config()
def prompt_jackrabbit(self):
"""Prompts for Jackrabbit content repository
"""
if not self.settings.get("INSTALL_JACKRABBIT"):
logger.info(
"Jackrabbit must be installed. If the following prompt is answered with N it is assumed "
"the jackrabbit content repository is either installed locally or remotely"
)
self.settings.set(
"INSTALL_JACKRABBIT",
confirm_yesno("Install Jackrabbit content repository",
default=True))
jackrabbit_cluster_prompt = "Is"
if self.settings.get("INSTALL_JACKRABBIT") == "Y":
if not self.settings.get("JACKRABBIT_STORAGE_SIZE"):
self.settings.set(
"JACKRABBIT_STORAGE_SIZE",
click.prompt(
"Size of Jackrabbit content repository volume storage",
default="4Gi"))
self.settings.set("JACKRABBIT_URL", "http://jackrabbit:8080")
jackrabbit_cluster_prompt = "Enable"
if not self.settings.get("JACKRABBIT_URL"):
self.settings.set(
"JACKRABBIT_URL",
click.prompt("Please enter jackrabbit url.",
default="http://jackrabbit:8080"))
if not self.settings.get("JACKRABBIT_ADMIN_ID"):
self.settings.set(
"JACKRABBIT_ADMIN_ID",
click.prompt("Please enter Jackrabit admin user",
default="admin"))
if not self.settings.get("JACKRABBIT_ADMIN_PASSWORD"):
self.settings.set("JACKRABBIT_ADMIN_PASSWORD",
prompt_password("jackrabbit-admin", 24))
if not self.settings.get("JACKRABBIT_CLUSTER"):
self.settings.set(
"JACKRABBIT_CLUSTER",
confirm_yesno("{} Jackrabbit in cluster mode[beta] "
"Recommended in production".format(
jackrabbit_cluster_prompt),
default=True))
if self.settings.get("JACKRABBIT_CLUSTER") == "Y":
self.postgres.prompt_postgres()
if not self.settings.get("JACKRABBIT_PG_USER"):
self.settings.set(
"JACKRABBIT_PG_USER",
click.prompt(
"Please enter a user for jackrabbit postgres "
"database",
default="jackrabbit"))
if not self.settings.get("JACKRABBIT_PG_PASSWORD"):
self.settings.set("JACKRABBIT_PG_PASSWORD",
prompt_password("jackrabbit-postgres"))
if not self.settings.get("JACKRABBIT_DATABASE"):
self.settings.set(
"JACKRABBIT_DATABASE",
click.prompt(
"Please enter jackrabbit postgres database name",
default="jackrabbit"))
def prompt_aws_lb(self):
"""Prompts for AWS Load balancer information
"""
lb_map = {
1: "clb",
2: "nlb",
3: "alb",
}
if self.settings.get("AWS_LB_TYPE") not in lb_map.values():
print(
"|-----------------------------------------------------------------|"
)
print(
"| AWS Loadbalancer type |"
)
print(
"|-----------------------------------------------------------------|"
)
print(
"| [1] Classic Load Balancer (CLB) [default] |"
)
print(
"| [2] Network Load Balancer (NLB - Alpha) -- Static IP |"
)
print(
"| [3] Application Load Balancer (ALB - Alpha) DEV_ONLY |"
)
print(
"|-----------------------------------------------------------------|"
)
choice = click.prompt("Loadbalancer type", default=1)
self.settings.set("AWS_LB_TYPE", lb_map.get(choice, "clb"))
if self.settings.get("AWS_LB_TYPE") == "alb":
logger.info(
"A prompt later during installation will appear to input the ALB DNS address"
)
if not self.settings.get("USE_ARN"):
self.settings.set(
"USE_ARN",
confirm_yesno(
"Are you terminating SSL traffic at LB and using certificate from AWS"
))
if not self.settings.get("VPC_CIDR") and self.settings.get(
"USE_ARN") == "Y":
self.settings.set(
"AWS_VPC_CIDR",
click.prompt(
"Enter VPC CIDR in use for the Kubernetes cluster i.e 192.168.1.1/16",
default="0.0.0.0/0"))
if not self.settings.get("ARN_AWS_IAM") and self.settings.get(
"USE_ARN") == "Y":
# no default means it will try to prompt in loop until user inputs
self.settings.set(
"ARN_AWS_IAM",
click.prompt(
"Enter aws-load-balancer-ssl-cert arn quoted ('arn:aws:acm:us-west-2:XXXXXXXX:"
"certificate/XXXXXX-XXXXXXX-XXXXXXX-XXXXXXXX')"))