From 7a8441ff35bfcd1b4e6e69e2c256d33e1cc49ca9 Mon Sep 17 00:00:00 2001 From: Richard Killen Date: Wed, 22 Mar 2023 14:43:47 -0500 Subject: [PATCH 1/4] Typedef exceptions should be type CLA, not create --- .../wlsdeploy/tool/create/domain_typedef.py | 36 ++++++++++--------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/core/src/main/python/wlsdeploy/tool/create/domain_typedef.py b/core/src/main/python/wlsdeploy/tool/create/domain_typedef.py index 5ddd1d3cc2..913b8c5804 100644 --- a/core/src/main/python/wlsdeploy/tool/create/domain_typedef.py +++ b/core/src/main/python/wlsdeploy/tool/create/domain_typedef.py @@ -335,7 +335,7 @@ def __resolve_paths(self): if not self._paths_resolved: if self._model_context is None: - ex = exception_helper.create_create_exception('WLSDPLY-12302') + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12302') self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex @@ -343,8 +343,9 @@ def __resolve_paths(self): self._domain_typedef['baseTemplate'] = \ self._model_context.replace_token_string(self._domain_typedef['baseTemplate']) else: - ex = exception_helper.create_create_exception('WLSDPLY-12303', self._domain_type, - self._domain_typedef_filename, self._version_typedef_name) + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12303', + self._domain_type, self._domain_typedef_filename, + self._version_typedef_name) self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex @@ -386,13 +387,13 @@ def __get_version_typedef(self): _method_name = '__get_version_typedef' if 'versions' not in self._domain_typedefs_dict: - ex = exception_helper.create_create_exception('WLSDPLY-12304', self._domain_type, - self._domain_typedef_filename) + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12304', + self._domain_type, self._domain_typedef_filename) self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex elif 'definitions' not in self._domain_typedefs_dict: - ex = exception_helper.create_create_exception('WLSDPLY-12305', self._domain_type, - self._domain_typedef_filename) + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12305', + self._domain_type, self._domain_typedef_filename) self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex @@ -401,8 +402,9 @@ def __get_version_typedef(self): if self._version_typedef_name in self._domain_typedefs_dict['definitions']: result = self._domain_typedefs_dict['definitions'][self._version_typedef_name] else: - ex = exception_helper.create_create_exception('WLSDPLY-12306', self._domain_type, - self._domain_typedef_filename, self._version_typedef_name) + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12306', + self._domain_type, self._domain_typedef_filename, + self._version_typedef_name) self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex return result @@ -418,8 +420,8 @@ def __match_version_typedef(self, versions_dict): self._logger.entering(versions_dict, class_name=self.__class_name, method_name=_method_name) if len(versions_dict) == 0: - ex = exception_helper.create_create_exception('WLSDPLY-12307', self._domain_type, - self._domain_typedef_filename) + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12307', + self._domain_type, self._domain_typedef_filename) self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex @@ -441,12 +443,14 @@ def __match_version_typedef(self, versions_dict): new_version = self.wls_helper.get_next_higher_order_version_number(new_version) if result is None: - ex = exception_helper.create_create_exception('WLSDPLY-12309', self._domain_type, - self._domain_typedef_filename, wls_version) + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12309', + self._domain_type, self._domain_typedef_filename, + wls_version) self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex if result == NOT_SUPPORTED: - ex = exception_helper.create_create_exception('WLSDPLY-12313', self._domain_type, wls_version) + ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12313', + self._domain_type, wls_version) self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex self._logger.exiting(self.__class_name, _method_name, result) @@ -494,7 +498,7 @@ def _resolve_topology_profile(self): if 'topologyProfile' not in self._domain_typedefs_dict: return None - topology_profile = self._domain_typedefs_dict['topologyProfile']; + topology_profile = self._domain_typedefs_dict['topologyProfile'] # there are no valid topology profiles for versions 12.1.x and below if not self.wls_helper.is_topology_profile_supported(): @@ -504,7 +508,7 @@ def _resolve_topology_profile(self): self._logger.throwing(ex, class_name=self.__class_name, method_name=_method_name) raise ex - # if specified, toppology profile must be one of the known types + # if specified, topology profile must be one of the known types if topology_profile not in TopologyProfile: ex = exception_helper.create_cla_exception(ExitCode.ARG_VALIDATION_ERROR, 'WLSDPLY-12315', topology_profile, self._domain_typedef_filename) From 4a86060748c95a3c38078bcbdb3204b15b0924ea Mon Sep 17 00:00:00 2001 From: Richard Killen Date: Thu, 23 Mar 2023 16:11:52 -0500 Subject: [PATCH 2/4] Apply OPSS credential values from the model during domain creation --- .../python/wlsdeploy/aliases/alias_entries.py | 2 + .../wlsdeploy/aliases/model_constants.py | 2 + .../wlsdeploy/tool/create/domain_creator.py | 8 ++- .../wlsdeploy/tool/create/opss_helper.py | 61 +++++++++++++++++++ .../category_modules/OPSSInitialization.json | 36 +++++++++++ .../deploy/messages/wlsdeploy_rb.properties | 3 + 6 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 core/src/main/python/wlsdeploy/tool/create/opss_helper.py create mode 100644 core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json diff --git a/core/src/main/python/wlsdeploy/aliases/alias_entries.py b/core/src/main/python/wlsdeploy/aliases/alias_entries.py index 90acb2978c..5535835d57 100644 --- a/core/src/main/python/wlsdeploy/aliases/alias_entries.py +++ b/core/src/main/python/wlsdeploy/aliases/alias_entries.py @@ -59,6 +59,7 @@ from wlsdeploy.aliases.model_constants import JPA from wlsdeploy.aliases.model_constants import ODL_CONFIGURATION from wlsdeploy.aliases.model_constants import OHS +from wlsdeploy.aliases.model_constants import OPSS_INITIALIZATION from wlsdeploy.aliases.model_constants import RCU_DB_INFO from wlsdeploy.aliases.model_constants import RESOURCE_MANAGER from wlsdeploy.aliases.model_constants import RESOURCES @@ -157,6 +158,7 @@ class AliasEntries(object): ] __domain_info_top_level_folders = [ + OPSS_INITIALIZATION, RCU_DB_INFO, WLS_ROLES, WLS_USER_PASSWORD_CREDENTIAL_MAPPINGS diff --git a/core/src/main/python/wlsdeploy/aliases/model_constants.py b/core/src/main/python/wlsdeploy/aliases/model_constants.py index 5a1b12c505..790d3248e2 100644 --- a/core/src/main/python/wlsdeploy/aliases/model_constants.py +++ b/core/src/main/python/wlsdeploy/aliases/model_constants.py @@ -208,6 +208,7 @@ ODL_CONFIGURATION = 'ODLConfiguration' OHS = 'OHS' OPEN_LDAP_AUTHENTICATOR = 'OpenLDAPAuthenticator' +OPSS_INITIALIZATION = 'OPSSInitialization' ORACLE_OID_AUTHENTICATOR = 'OracleInternetDirectoryAuthenticator' ORACLE_OUD_AUTHENTICATOR = 'OracleUnifiedDirectoryAuthenticator' ORACLE_OVD_AUTHENTICATOR = 'OracleVirtualDirectoryAuthenticator' @@ -296,6 +297,7 @@ SYSTEM_PASSWORD_VALIDATOR = 'SystemPasswordValidator' TARGET = 'Target' TARGET_DESTINATION = 'TargetDestination' +TARGET_KEY = 'TargetKey' TEMPLATE = 'Template' THREAD_DUMP_ACTION = 'ThreadDumpAction' THRESHOLDS = 'Thresholds' diff --git a/core/src/main/python/wlsdeploy/tool/create/domain_creator.py b/core/src/main/python/wlsdeploy/tool/create/domain_creator.py index 1952b4ba88..ed002c2416 100644 --- a/core/src/main/python/wlsdeploy/tool/create/domain_creator.py +++ b/core/src/main/python/wlsdeploy/tool/create/domain_creator.py @@ -80,6 +80,7 @@ from wlsdeploy.exception import exception_helper from wlsdeploy.exception.expection_types import ExceptionType from wlsdeploy.tool.create import atp_helper +from wlsdeploy.tool.create import opss_helper from wlsdeploy.tool.create import ssl_helper from wlsdeploy.tool.create import rcudbinfo_helper from wlsdeploy.tool.create.creator import Creator @@ -334,7 +335,7 @@ def __run_rcu(self): truststore_type) ssl_conn_properties["oracle.net.ssl_server_dn_match"] = 'false' - + fmw_database = self.wls_helper.get_jdbc_url_from_rcu_connect_string(rcu_database) runner = RCURunner.createSslRunner(domain_type, oracle_home, java_home, fmw_database, rcu_prefix, rcu_schemas, rcu_db_info.get_rcu_variables(), rcu_runner_map, ssl_conn_properties) @@ -641,6 +642,9 @@ def __extend_domain_with_select_template(self, domain_home): self.__apply_base_domain_config(topology_folder_list, delete=True) + # apply OPSS configuration before the first domain write + opss_helper.create_credentials(self.model.get_model(), self.model_context, self.aliases, self.wlst_helper) + self.logger.info('WLSDPLY-12205', self._domain_name, domain_home, class_name=self.__class_name, method_name=_method_name) self.wlst_helper.write_domain(domain_home) @@ -1137,7 +1141,7 @@ def __validate_and_get_ssl_rcudbinfo(self, rcu_db_info, check_admin_pwd=False): "'rcu_admin_password']") raise ex - return tns_admin, rcu_database, truststore_pwd, truststore_type, truststore, keystore_pwd, keystore_type, keystore + return tns_admin, rcu_database, truststore_pwd, truststore_type, truststore, keystore_pwd, keystore_type, keystore def __configure_fmw_infra_database(self): """ diff --git a/core/src/main/python/wlsdeploy/tool/create/opss_helper.py b/core/src/main/python/wlsdeploy/tool/create/opss_helper.py new file mode 100644 index 0000000000..3bf546a579 --- /dev/null +++ b/core/src/main/python/wlsdeploy/tool/create/opss_helper.py @@ -0,0 +1,61 @@ +""" +Copyright (c) 2023, Oracle and/or its affiliates. +Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +""" +from wlsdeploy.aliases.model_constants import CREDENTIAL +from wlsdeploy.aliases.model_constants import DOMAIN_INFO +from wlsdeploy.aliases.model_constants import OPSS_INITIALIZATION +from wlsdeploy.aliases.model_constants import TARGET_KEY +from wlsdeploy.logging.platform_logger import PlatformLogger +from wlsdeploy.util import dictionary_utils + +_class_name = 'opss_helper' + + +class OPSSHelper(object): + """ + Helper for OPSS credentials in the model dictionary. + """ + _class_name = 'OPSSHelper' + + def __init__(self, model_dictionary, model_context, aliases, wlst_helper): + """ + :param model_dictionary: the model dictionary to be used + :param model_context: used to check CLI arguments + :param aliases: used for folder lookup + :param wlst_helper: used for WLST commands + """ + self._model_dictionary = model_dictionary + self._model_context = model_context + self._aliases = aliases + self._wlst_helper = wlst_helper + self._logger = PlatformLogger('wlsdeploy.create') + + def create_credentials(self): + _method_name = 'create_credentials' + + domain_info = dictionary_utils.get_dictionary_element(self._model_dictionary, DOMAIN_INFO) + opss_initialization = dictionary_utils.get_dictionary_element(domain_info, OPSS_INITIALIZATION) + credentials = dictionary_utils.get_dictionary_element(opss_initialization, CREDENTIAL) + for store_key, store_folder in credentials.iteritems(): + self._logger.info('WLSDPLY-05713', store_key, class_name=self._class_name, method_name=_method_name) + keys = dictionary_utils.get_dictionary_element(store_folder, TARGET_KEY) + for key, key_folder in keys.iteritems(): + wlst_path = '/Credential/TargetStore/' + store_key + '/TargetKey/' + key + self._wlst_helper.cd(wlst_path) + self._wlst_helper.create('c', 'Credential') + self._wlst_helper.cd('Credential') + for field, field_value in key_folder.iteritems(): + self._wlst_helper.set(field, field_value) + + +def create_credentials(model_dictionary, model_context, aliases, wlst_helper): + """ + Static method for initializing OPSSHelper and creating credentials. + :param model_dictionary: the model dictionary to be used + :param model_context: used to check CLI arguments + :param aliases: used for folder lookup + :param wlst_helper: used for WLST commands + """ + opss_helper = OPSSHelper(model_dictionary, model_context, aliases, wlst_helper) + opss_helper.create_credentials() diff --git a/core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json b/core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json new file mode 100644 index 0000000000..a53143fedb --- /dev/null +++ b/core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json @@ -0,0 +1,36 @@ +{ + "copyright": "Copyright (c) 2023, Oracle and/or its affiliates.", + "license": "Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl", + "wlst_type": "OPSSInitialization", + "folders": { + "Credential": { + "wlst_type": "Credential", + "child_folders_type": "multiple", + "folders": { + "TargetKey": { + "wlst_type": "TargetKey", + "child_folders_type": "multiple", + "folders": {}, + "attributes": { + "Username": [ {"version": "[10,)", "wlst_mode": "both", "wlst_name": "Username", "wlst_path": "WP001", "default_value": null, "wlst_type": "credential" } ], + "Password": [ {"version": "[10,)", "wlst_mode": "both", "wlst_name": "Password", "wlst_path": "WP001", "default_value": null, "wlst_type": "password" } ] + }, + "wlst_attributes_path": "WP001", + "wlst_paths": { + "WP001": "/NO_FOLDER/%OPSSINITIALIZATION%/NO_FOLDER/%CREDENTIAL%/TargetKey" + } + } + }, + "attributes": {}, + "wlst_attributes_path": "WP001", + "wlst_paths": { + "WP001": "/NO_FOLDER/%OPSSINITIALIZATION%/NO_FOLDER/%CREDENTIAL%" + } + } + }, + "attributes": {}, + "wlst_attributes_path": "WP001", + "wlst_paths": { + "WP001": "/NO_FOLDER" + } +} diff --git a/core/src/main/resources/oracle/weblogic/deploy/messages/wlsdeploy_rb.properties b/core/src/main/resources/oracle/weblogic/deploy/messages/wlsdeploy_rb.properties index 4765b2ebf0..3e891d8fcb 100644 --- a/core/src/main/resources/oracle/weblogic/deploy/messages/wlsdeploy_rb.properties +++ b/core/src/main/resources/oracle/weblogic/deploy/messages/wlsdeploy_rb.properties @@ -1475,6 +1475,9 @@ WLSDPLY-12313=Domain type {0} is not supported for WebLogic version {1} WLSDDPL-12314=Topology profile "{0}" is typedef file {1} is not allowed for WebLogic version {2} WLSDPLY-12315=Topology profile "{0}" in type definition file {1} is not a known topology profile value +# opss_helper.py +WLSDPLY-12350=Initializing OPSS credentials for target store "{0}" + # create.py WLSDPLY-12400={0} got the JAVA_HOME {1} from the environment variable but it was not a valid location: {2} # number gap to fill From 14fd3dd93b0ba3fd3e5f516cd4d9d32d53cbae7c Mon Sep 17 00:00:00 2001 From: Richard Killen Date: Fri, 24 Mar 2023 13:12:34 -0500 Subject: [PATCH 3/4] Corrected info message key --- core/src/main/python/wlsdeploy/tool/create/opss_helper.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/src/main/python/wlsdeploy/tool/create/opss_helper.py b/core/src/main/python/wlsdeploy/tool/create/opss_helper.py index 3bf546a579..f1fdeb534d 100644 --- a/core/src/main/python/wlsdeploy/tool/create/opss_helper.py +++ b/core/src/main/python/wlsdeploy/tool/create/opss_helper.py @@ -38,7 +38,7 @@ def create_credentials(self): opss_initialization = dictionary_utils.get_dictionary_element(domain_info, OPSS_INITIALIZATION) credentials = dictionary_utils.get_dictionary_element(opss_initialization, CREDENTIAL) for store_key, store_folder in credentials.iteritems(): - self._logger.info('WLSDPLY-05713', store_key, class_name=self._class_name, method_name=_method_name) + self._logger.info('WLSDPLY-12350', store_key, class_name=self._class_name, method_name=_method_name) keys = dictionary_utils.get_dictionary_element(store_folder, TARGET_KEY) for key, key_folder in keys.iteritems(): wlst_path = '/Credential/TargetStore/' + store_key + '/TargetKey/' + key From 753f5012e5c22b861f261ffcf52aa68612f69146 Mon Sep 17 00:00:00 2001 From: Richard Killen Date: Fri, 24 Mar 2023 13:13:34 -0500 Subject: [PATCH 4/4] Added short name and token for prepare secret names --- .../deploy/aliases/category_modules/OPSSInitialization.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json b/core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json index a53143fedb..db58465202 100644 --- a/core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json +++ b/core/src/main/resources/oracle/weblogic/deploy/aliases/category_modules/OPSSInitialization.json @@ -2,6 +2,7 @@ "copyright": "Copyright (c) 2023, Oracle and/or its affiliates.", "license": "Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl", "wlst_type": "OPSSInitialization", + "short_name": "OPSS", "folders": { "Credential": { "wlst_type": "Credential", @@ -10,6 +11,7 @@ "TargetKey": { "wlst_type": "TargetKey", "child_folders_type": "multiple", + "short_name": "Key", "folders": {}, "attributes": { "Username": [ {"version": "[10,)", "wlst_mode": "both", "wlst_name": "Username", "wlst_path": "WP001", "default_value": null, "wlst_type": "credential" } ], @@ -17,7 +19,7 @@ }, "wlst_attributes_path": "WP001", "wlst_paths": { - "WP001": "/NO_FOLDER/%OPSSINITIALIZATION%/NO_FOLDER/%CREDENTIAL%/TargetKey" + "WP001": "/NO_FOLDER/%OPSSINITIALIZATION%/NO_FOLDER/%CREDENTIAL%/NO_FOLDER/%TARGETKEY%" } } },