def _getProductAndFedVersion(): try: if os.path.exists(options.fedFile): newArchive = DeploymentArchive(options.fedFile) es = EntityStoreAPI.wrap(newArchive.getEntityStore(), passphrases[ES_PASSPHRASE]) else: es = EntityStoreAPI.create( "file:///%s/conf/fed/PrimaryStore.xml" % DISTDIR, passphrases[ES_PASSPHRASE], {"strictImportSchema": "false"}) productKey = es.getProductKey() fedVersion = es.getVersion() es.close() return productKey, fedVersion except (Exception, Throwable), e: _fail("Error reading the FED: %s" % e)
def parseOptions(): global options global es parser = OptionParser() parser.add_option("--esFile") parser.add_option("--passphrase", default="") parser.add_option( "--hostAndPort", action='append', dest='hostportvals', help='specify host and port - for example localhost:9042') (options, args) = parser.parse_args() if not os.path.isfile(options.esFile): parser.error( "A valid entity store file location was not specified: %s" % options.esFile) federatedFilePrefix = "federated:file:" if federatedFilePrefix not in options.esFile: options.esFile = federatedFilePrefix + options.esFile try: print("attempting to connect to entity store at url:%s" % options.esFile) es = EntityStoreAPI.create(options.esFile, options.passphrase, {}) except ValueError, val: print("Problem connecting to store. Unable to continue: ", val) exit(1)
def _getProductAndFedVersion(): try: newArchive = DeploymentArchive(options.fedFile) es = EntityStoreAPI.wrap(newArchive.getEntityStore(), passphrases[ES_PASSPHRASE]) productKey = es.getProductKey() fedVersion = es.getVersion() es.close() return productKey, fedVersion except (Exception, Throwable), e: _fail("Error reading the FED: %s" % e)
def _getEntityStore(storeType): fedDir = os.path.join(DISTDIR, "conf", "fed") try: for fname in os.listdir(fedDir): if re.match(storeType + r".*\.xml", fname) is not None: es = EntityStoreAPI.create("file:///%s/%s" % (fedDir, fname), passphrases[ES_PASSPHRASE], {"strictImportSchema": "false"}) return es _fail("Failed to locate %s in directory '%s'" % (storeType, fedDir)) except (Exception, Throwable), e: _fail("Error opening entity store of type %s: %s" % (storeType, e))
def updateDeploymentArchive(self): print '-Updating Deployment Archive' if PRE740: deployment = NodeManagerDeployAPI(self.nm_apiURL, self.options.username, self.options.password) else: deployment = NodeManagerDeployAPI(self.cc, False) archive = deployment.getDeploymentArchiveForServerByName( self.group.getName(), self.service.getName()) es = deployment.getArchiveEntityStore(archive, self.options.passphrase) outputDir = tempfile.gettempdir() componentEntityStores = archive.getComponentEntityStores(outputDir) primaryStore = EntityStoreAPI.wrap( componentEntityStores.get("PrimaryStore"), self.options.passphrase) try: newArchive = DeploymentArchive( "%s/%s" % (outputDir, archive.getId()), archive.getPolicyProperties(), archive.getEnvironmentProperties()) es = EntityStoreAPI.wrap(newArchive.getEntityStore(), self.options.passphrase) finally: primaryStore.close() try: self._importFragments(es) print '--Redeploying Updated Gateway' self.reportDeploy(Tracer(Tracer.INFO), deployment, self.group.getName(), archive, es) finally: es.close()
def __get_certificate_infos(self): infos = [] es = EntityStoreAPI.wrap(self.__fed_archive.getEntityStore(), self.__passphrase_in) cert_entities = es.getAll( "/[Certificates]name=Certificate Store/[Certificate]**") cf = CertificateFactory.getInstance("X.509") for cert_entity in cert_entities: alias = cert_entity.getStringValue("dname") subject = None not_after = None content = cert_entity.getBinaryValue("content") if content: cert = cf.generateCertificate(ByteArrayInputStream(content)) subject = cert.getSubjectDN().getName() not_after = cert.getNotAfter() infos.append(CertInfo(alias, subject, not_after)) return infos
def _configureHealthcheck(): if not options.healthcheck: return es = None try: pattern = re.compile("ListenersStore.*xml") listenersStore = [ fname for fname in os.listdir(FEDDIR) if re.match(pattern, fname) ][0] es = EntityStoreAPI.create( "file:///%s/conf/fed/%s" % (DISTDIR, listenersStore), passphrases[ES_PASSPHRASE], {"strictImportSchema": "false"}) print("Adding /healthcheck path to management port") es.importConf( os.path.join(DISTDIR, "samples", "SamplePolicies", "HealthCheck", "anm_hc_path.xml")) except (Exception, Throwable), e: _fail("Error adding /healthcheck path: %s" % e)
def __configure_certificates(self): if self.__cert_config is not None: # determine existing certificates logging.info("Determine existing certificates") cert_infos = self.__get_certificate_infos() self.__cert_config.set_cert_infos(cert_infos) self.__cert_config.update_config_file() # apply configured certificates logging.info("Configure certificates") certs = self.__cert_config.get_certificates() es = EntityStoreAPI.wrap(self.__fed_archive.getEntityStore(), self.__passphrase_in) cert_infos = [] cert = None for cert_ref in certs: file = self.__resolve_file_path(cert_ref.get_file()) logging.info("Process alias '%s' (%s): %s" % (cert_ref.get_alias(), cert_ref.get_type(), file)) if cert_ref.get_type() == "crt": cf = CertificateFactory.getInstance("X.509") if os.path.isfile(file): fis = FileInputStream(file) cert = cf.generateCertificate(fis) self.__add_or_replace_certificate( es, cert_ref.get_alias(), cert) else: if self.__simulation_mode: logging.warning( "[SIMULATION_MODE] Certificate file not found, certificate (CRT) ignored: alias=%s" % (cert_ref.get_alias())) continue else: raise ValueError( "Certificate file not found for alias '%s': %s" % (cert_ref.get_alias(), file)) elif cert_ref.get_type() == "p12": if os.path.isfile(file): key = self.__get_key_from_p12(file, cert_ref.get_password()) cert = self.__get_cert_from_p12( file, cert_ref.get_password()) self.__add_or_replace_certificate( es, cert_ref.get_alias(), cert, key) else: if self.__simulation_mode: logging.warning( "[SIMULATION_MODE] Certificate file not found, certificate (P12) ignored: alias=%s" % (cert_ref.get_alias())) continue else: raise ValueError( "Certificate file not found for alias '%s': %s" % (cert_ref.get_alias(), file)) elif cert_ref.get_type() == "empty": self.__remove_certificate(es, cert_ref.get_alias()) logging.info("Certificate removed: %s" % (cert_ref.get_alias())) continue else: raise ValueError("Unsupported certificate type: %s" % (cert_ref.get_type())) subject = cert.getSubjectDN().getName() not_after = cert.getNotAfter() cert_info = CertInfo(cert_ref.get_alias(), subject, not_after) logging.info( "Certificate (%s) added/replaced: %s [%s] - %s" % (cert_ref.get_type(), cert_info.get_alias(), cert_info.format_not_after(), cert_info.get_subject())) cert_infos.append(cert_info) if self.__update_cert_config: self.__cert_config.set_update_cert_infos(cert_infos) self.__cert_config.update_config_file() if self.__expiration_days >= 0: logging.info( "Checking for certificate expiration within %i days." % (self.__expiration_days)) has_expired = False for cert_info in cert_infos: expiration_days = cert_info.expiration_in_days() if self.__expiration_days > expiration_days: logging.error("Certificate '%s' expires in %i days!" % (cert_info.get_alias(), expiration_days)) has_expired = True if has_expired: raise ValueError( "At least one certificate expires in less than %i days; check log file!" % (self.__expiration_days)) if not self.__simulation_mode: DeploymentArchive.updateConfiguration(self.__fed_archive, es.es) logging.info("Certificates updated.") else: logging.info( "[SIMULATION_MODE] Certificates simulation succeeded.") return True
from com.vordel.client.manager.actions.services.WebServiceGenerator import BindingInfo from vtrace import Tracer from esapi import EntityStoreAPI import common from com.vordel.archive.fed import DeploymentArchive # Set trace to info level t = Tracer(Tracer.INFO) # Connects to the Admin Node Manager and downloads a configuration from it adminNM = NodeManagerDeployAPI.create(common.nm_apiURL, common.userName, common.password) archive = adminNM.getDeploymentArchiveForServerByName(common.defGroupName, common.defServerName) es = adminNM.getArchiveEntityStore(archive, '') entityStore = archive.getEntityStore() esapi = EntityStoreAPI(entityStore, '') shkf = ShorthandKeyFinder(esapi.es) # Gets the Default Services Listener and Web Services Group entities wsdlURL = 'http://www.webservicex.net/RealTimeMarketData.asmx?WSDL' listenerGroup = shkf.getEntity( '/[NetService]name=Service/[HTTP]name=Default Services') repo = shkf.getEntity( '/[WebServiceRepository]name=Web Service Repository/[WebServiceGroup]name=' + common.wsGroup) if (repo == None): t.info("Group " + common.wsGroup + ":is not available") repo = shkf.getEntity('/[WebServiceRepository]name=Web Service Repository') vals = [] vals.append(['name', common.wsGroup])