def _getProductAndFedVersion():
try:
if os.path.exists(options.fedFile):
newArchive = DeploymentArchive(options.fedFile)
es = EntityStoreAPI.wrap(newArchive.getEntityStore(),
passphrases[ES_PASSPHRASE])
else:
es = EntityStoreAPI.create(
"file:///%s/conf/fed/PrimaryStore.xml" % DISTDIR,
passphrases[ES_PASSPHRASE], {"strictImportSchema": "false"})
productKey = es.getProductKey()
fedVersion = es.getVersion()
es.close()
return productKey, fedVersion
except (Exception, Throwable), e:
_fail("Error reading the FED: %s" % e)
def parseOptions():
global options
global es
parser = OptionParser()
parser.add_option("--esFile")
parser.add_option("--passphrase", default="")
parser.add_option(
"--hostAndPort",
action='append',
dest='hostportvals',
help='specify host and port - for example localhost:9042')
(options, args) = parser.parse_args()
if not os.path.isfile(options.esFile):
parser.error(
"A valid entity store file location was not specified: %s" %
options.esFile)
federatedFilePrefix = "federated:file:"
if federatedFilePrefix not in options.esFile:
options.esFile = federatedFilePrefix + options.esFile
try:
print("attempting to connect to entity store at url:%s" %
options.esFile)
es = EntityStoreAPI.create(options.esFile, options.passphrase, {})
except ValueError, val:
print("Problem connecting to store. Unable to continue: ", val)
exit(1)
def _getProductAndFedVersion():
try:
newArchive = DeploymentArchive(options.fedFile)
es = EntityStoreAPI.wrap(newArchive.getEntityStore(),
passphrases[ES_PASSPHRASE])
productKey = es.getProductKey()
fedVersion = es.getVersion()
es.close()
return productKey, fedVersion
except (Exception, Throwable), e:
_fail("Error reading the FED: %s" % e)
def _getEntityStore(storeType):
fedDir = os.path.join(DISTDIR, "conf", "fed")
try:
for fname in os.listdir(fedDir):
if re.match(storeType + r".*\.xml", fname) is not None:
es = EntityStoreAPI.create("file:///%s/%s" % (fedDir, fname),
passphrases[ES_PASSPHRASE], {"strictImportSchema": "false"})
return es
_fail("Failed to locate %s in directory '%s'" % (storeType, fedDir))
except (Exception, Throwable), e:
_fail("Error opening entity store of type %s: %s" % (storeType, e))
def updateDeploymentArchive(self):
print '-Updating Deployment Archive'
if PRE740:
deployment = NodeManagerDeployAPI(self.nm_apiURL,
self.options.username,
self.options.password)
else:
deployment = NodeManagerDeployAPI(self.cc, False)
archive = deployment.getDeploymentArchiveForServerByName(
self.group.getName(), self.service.getName())
es = deployment.getArchiveEntityStore(archive, self.options.passphrase)
outputDir = tempfile.gettempdir()
componentEntityStores = archive.getComponentEntityStores(outputDir)
primaryStore = EntityStoreAPI.wrap(
componentEntityStores.get("PrimaryStore"), self.options.passphrase)
try:
newArchive = DeploymentArchive(
"%s/%s" % (outputDir, archive.getId()),
archive.getPolicyProperties(),
archive.getEnvironmentProperties())
es = EntityStoreAPI.wrap(newArchive.getEntityStore(),
self.options.passphrase)
finally:
primaryStore.close()
try:
self._importFragments(es)
print '--Redeploying Updated Gateway'
self.reportDeploy(Tracer(Tracer.INFO), deployment,
self.group.getName(), archive, es)
finally:
es.close()
def __get_certificate_infos(self):
infos = []
es = EntityStoreAPI.wrap(self.__fed_archive.getEntityStore(),
self.__passphrase_in)
cert_entities = es.getAll(
"/[Certificates]name=Certificate Store/[Certificate]**")
cf = CertificateFactory.getInstance("X.509")
for cert_entity in cert_entities:
alias = cert_entity.getStringValue("dname")
subject = None
not_after = None
content = cert_entity.getBinaryValue("content")
if content:
cert = cf.generateCertificate(ByteArrayInputStream(content))
subject = cert.getSubjectDN().getName()
not_after = cert.getNotAfter()
infos.append(CertInfo(alias, subject, not_after))
return infos
def _configureHealthcheck():
if not options.healthcheck:
return
es = None
try:
pattern = re.compile("ListenersStore.*xml")
listenersStore = [
fname for fname in os.listdir(FEDDIR) if re.match(pattern, fname)
][0]
es = EntityStoreAPI.create(
"file:///%s/conf/fed/%s" % (DISTDIR, listenersStore),
passphrases[ES_PASSPHRASE], {"strictImportSchema": "false"})
print("Adding /healthcheck path to management port")
es.importConf(
os.path.join(DISTDIR, "samples", "SamplePolicies", "HealthCheck",
"anm_hc_path.xml"))
except (Exception, Throwable), e:
_fail("Error adding /healthcheck path: %s" % e)
def __configure_certificates(self):
if self.__cert_config is not None:
# determine existing certificates
logging.info("Determine existing certificates")
cert_infos = self.__get_certificate_infos()
self.__cert_config.set_cert_infos(cert_infos)
self.__cert_config.update_config_file()
# apply configured certificates
logging.info("Configure certificates")
certs = self.__cert_config.get_certificates()
es = EntityStoreAPI.wrap(self.__fed_archive.getEntityStore(),
self.__passphrase_in)
cert_infos = []
cert = None
for cert_ref in certs:
file = self.__resolve_file_path(cert_ref.get_file())
logging.info("Process alias '%s' (%s): %s" %
(cert_ref.get_alias(), cert_ref.get_type(), file))
if cert_ref.get_type() == "crt":
cf = CertificateFactory.getInstance("X.509")
if os.path.isfile(file):
fis = FileInputStream(file)
cert = cf.generateCertificate(fis)
self.__add_or_replace_certificate(
es, cert_ref.get_alias(), cert)
else:
if self.__simulation_mode:
logging.warning(
"[SIMULATION_MODE] Certificate file not found, certificate (CRT) ignored: alias=%s"
% (cert_ref.get_alias()))
continue
else:
raise ValueError(
"Certificate file not found for alias '%s': %s"
% (cert_ref.get_alias(), file))
elif cert_ref.get_type() == "p12":
if os.path.isfile(file):
key = self.__get_key_from_p12(file,
cert_ref.get_password())
cert = self.__get_cert_from_p12(
file, cert_ref.get_password())
self.__add_or_replace_certificate(
es, cert_ref.get_alias(), cert, key)
else:
if self.__simulation_mode:
logging.warning(
"[SIMULATION_MODE] Certificate file not found, certificate (P12) ignored: alias=%s"
% (cert_ref.get_alias()))
continue
else:
raise ValueError(
"Certificate file not found for alias '%s': %s"
% (cert_ref.get_alias(), file))
elif cert_ref.get_type() == "empty":
self.__remove_certificate(es, cert_ref.get_alias())
logging.info("Certificate removed: %s" %
(cert_ref.get_alias()))
continue
else:
raise ValueError("Unsupported certificate type: %s" %
(cert_ref.get_type()))
subject = cert.getSubjectDN().getName()
not_after = cert.getNotAfter()
cert_info = CertInfo(cert_ref.get_alias(), subject, not_after)
logging.info(
"Certificate (%s) added/replaced: %s [%s] - %s" %
(cert_ref.get_type(), cert_info.get_alias(),
cert_info.format_not_after(), cert_info.get_subject()))
cert_infos.append(cert_info)
if self.__update_cert_config:
self.__cert_config.set_update_cert_infos(cert_infos)
self.__cert_config.update_config_file()
if self.__expiration_days >= 0:
logging.info(
"Checking for certificate expiration within %i days." %
(self.__expiration_days))
has_expired = False
for cert_info in cert_infos:
expiration_days = cert_info.expiration_in_days()
if self.__expiration_days > expiration_days:
logging.error("Certificate '%s' expires in %i days!" %
(cert_info.get_alias(), expiration_days))
has_expired = True
if has_expired:
raise ValueError(
"At least one certificate expires in less than %i days; check log file!"
% (self.__expiration_days))
if not self.__simulation_mode:
DeploymentArchive.updateConfiguration(self.__fed_archive,
es.es)
logging.info("Certificates updated.")
else:
logging.info(
"[SIMULATION_MODE] Certificates simulation succeeded.")
return True
from com.vordel.client.manager.actions.services.WebServiceGenerator import BindingInfo
from vtrace import Tracer
from esapi import EntityStoreAPI
import common
from com.vordel.archive.fed import DeploymentArchive
# Set trace to info level
t = Tracer(Tracer.INFO)
# Connects to the Admin Node Manager and downloads a configuration from it
adminNM = NodeManagerDeployAPI.create(common.nm_apiURL, common.userName,
common.password)
archive = adminNM.getDeploymentArchiveForServerByName(common.defGroupName,
common.defServerName)
es = adminNM.getArchiveEntityStore(archive, '')
entityStore = archive.getEntityStore()
esapi = EntityStoreAPI(entityStore, '')
shkf = ShorthandKeyFinder(esapi.es)
# Gets the Default Services Listener and Web Services Group entities
wsdlURL = 'http://www.webservicex.net/RealTimeMarketData.asmx?WSDL'
listenerGroup = shkf.getEntity(
'/[NetService]name=Service/[HTTP]name=Default Services')
repo = shkf.getEntity(
'/[WebServiceRepository]name=Web Service Repository/[WebServiceGroup]name='
+ common.wsGroup)
if (repo == None):
t.info("Group " + common.wsGroup + ":is not available")
repo = shkf.getEntity('/[WebServiceRepository]name=Web Service Repository')
vals = []
vals.append(['name', common.wsGroup])