Oracle SOASuite scripts and documentation for release 25.3.2

OracleSOASuite/kubernetes/README.md

@@ -23,5 +23,4 @@ The operator has several key features to assist you with deploying and managing
 Refer the following documentation links for detailed information about deploying Oracle SOA Suite domains on Kubernetes.  
 
 - [14.1.2.0.0](https://docs.oracle.com/en/middleware/soa-suite/soa/14.1.2/soakn/index.html)
-- [12.2.1.4.0](https://oracle.github.io/fmw-kubernetes/soa-domains/)  
-
+- [12.2.1.4.0](https://oracle.github.io/fmw-kubernetes/soa-domains/)

OracleSOASuite/kubernetes/create-oracle-db-service/common/oracle.db.19plus.yaml

@@ -0,0 +1,81 @@
+# Copyright (c) 2025, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: oracle-db
+  namespace: default
+spec:
+  ports:
+  - name: tns
+    port: 1521
+    protocol: TCP
+    targetPort: 1521
+    nodePort: 30011
+  selector:
+    app.kubernetes.io/instance: dev
+    app.kubernetes.io/name: oracle-db
+  sessionAffinity: None
+  type: LoadBalancer
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: oracle-db
+  namespace: default
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: dev
+      app.kubernetes.io/name: oracle-db
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/instance: dev
+        app.kubernetes.io/name: oracle-db
+    spec:
+      containers:
+      - env:
+        - name: ORACLE_SID
+          value: ORCLCDB
+        - name: ORACLE_PDB
+          value: ORCLPDB1
+        - name: DB_DOMAIN
+          value: k8s
+        - name: DB_BUNDLE
+          value: basic  
+        - name: ORACLE_PWD
+          valueFrom:
+            secretKeyRef:
+              name: oracle-db-secret
+              key: password
+        image: container-registry.oracle.com/database/enterprise:19.3.0.0
+        imagePullPolicy: IfNotPresent
+        name: oracle-db
+        ports:
+        - containerPort: 1521
+          name: tns
+          protocol: TCP
+        resources:
+          requests:
+            cpu: "2" 
+            memory: "24Gi"
+          limits:
+            cpu: "4"
+            memory: "40Gi"
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      imagePullSecrets:
+           - name: docker-store

OracleSOASuite/kubernetes/create-oracle-db-service/start-db-service.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright (c) 2020, 2022, Oracle and/or its affiliates.
+# Copyright (c) 2020, 2025, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 # Bring up Oracle DB Instance in [default] NameSpace with a NodePort Service
@@ -9,7 +9,7 @@ scriptDir="$( cd "$( dirname "${script}" )" && pwd )"
 source ${scriptDir}/../common/utility.sh
 
 usage() {
-  echo "usage: ${script} [-a <dbasecret>] [-p <nodeport>] [-i <image>] [-s <pullsecret>] [-n <namespace>] [-h]"
+  echo "usage: ${script} [-a <dbasecret>] [-p <nodeport>] [-i <image>] [-s <pullsecret>] [-n <namespace>] [-l <pdb_id>] [-h]"
   echo "  -a DB Sys Account Password Secret Name (optional)"
   echo "      (default: oracle-db-secret, secret must include a key named 'password')"
   echo "      If this secret is not deployed, then the database will not successfully deploy."
@@ -22,6 +22,7 @@ usage() {
   echo "      If this secret is not deployed, then Kubernetes will try pull anonymously."
   echo "  -n Configurable Kubernetes NameSpace for Oracle DB Service (optional)"
   echo "      (default: default) "
+  echo " -l db pdb id for Oracle DB service (optional, default: devpdb.k8s)"
   echo "  -h Help"
   exit $1
 }
@@ -31,8 +32,9 @@ nodeport=30011
 dbimage="container-registry.oracle.com/database/enterprise:12.2.0.1-slim"
 pullsecret="docker-store"
 namespace="default"
+pdbid="devpdb.k8s"
 
-while getopts ":a:p:i:s:n:h:" opt; do
+while getopts ":a:p:i:s:n:h:l:" opt; do
   case $opt in
     a) syssecret="${OPTARG}"
     ;;
@@ -44,6 +46,8 @@ while getopts ":a:p:i:s:n:h:" opt; do
     ;;
     n) namespace="${OPTARG}"
     ;;
+    l) pdbid="${OPTARG}"
+    ;;
     h) usage 0
     ;;
     *) usage 1
@@ -67,7 +71,13 @@ echo "NodePort[$nodeport] ImagePullSecret[$pullsecret] Image[${dbimage}] NameSpa
 dbYaml=${scriptDir}/common/oracle.db.${namespace}.yaml
 if [ ! -f "$dbYaml" ]; then
     echo "$dbYaml does not exist."
-    cp ${scriptDir}/common/oracle.db.yaml ${dbYaml}
+    if echo "$dbimage" | grep -q "12\."; then
+        templateYaml="${scriptDir}/common/oracle.db.yaml"
+    else
+	templateYaml="${scriptDir}/common/oracle.db.19plus.yaml"
+    fi
+    echo "Using template: $templateYaml"
+    cp "${templateYaml}" "${dbYaml}"
 fi
 
 # Modify ImagePullSecret and DatabaseImage based on input
@@ -107,14 +117,29 @@ checkService oracle-db ${namespace}
 ${KUBERNETES_CLI:-kubectl} get po -n ${namespace}
 ${KUBERNETES_CLI:-kubectl} get service -n ${namespace}
 
-${KUBERNETES_CLI:-kubectl} cp ${scriptDir}/common/checkDbState.sh -n ${namespace} ${dbpod}:/home/oracle/
+logfile="/tmp/setupDB.log"
+max=60
+counter=0
+while [ $counter -le ${max} ]
+do
+  ${KUBERNETES_CLI:-kubectl} logs ${dbpod} -n ${namespace} > $logfile
+  grep -i "DATABASE IS READY" $logfile
+  [[ $? == 0 ]] && break;
+  ((counter++))
+  echo "[$counter/${max}] Retrying for Oracle Database Availability..."
+  sleep 60
+done
 
-${KUBERNETES_CLI:-kubectl} exec -it ${dbpod} -n ${namespace} -- /bin/bash /home/oracle/checkDbState.sh
 if [ $? != 0  ]; then
- echo "######################";
- echo "[ERROR] Could not create Oracle DB Service, check the pod log for pod ${dbpod} in namespace ${namespace}";
- echo "######################";
- exit -3;
+  echo "######################";
+  echo "[ERROR] Could not create Oracle DB Service, check the pod log for pod ${dbpod} in namespace ${namespace}";
+  echo "######################";
+  exit -3;
+fi
+
+if echo "$dbimage" | grep -q "19\."; then
+  echo " set sys password "
+  ${KUBERNETES_CLI:-kubectl} exec -it ${dbpod} -n ${namespace} -- /bin/bash setPassword.sh Oradoc_db1
 fi
 
 if [ ! "${nodeport}" = "none" ]; then
@@ -123,4 +148,3 @@ else
   echo "Oracle DB Service is RUNNING and does not specify a public NodePort"
 fi
 echo "Oracle DB Service URL [oracle-db.${namespace}.svc.cluster.local:1521/devpdb.k8s]"
-

OracleSOASuite/kubernetes/create-soa-domain/domain-home-on-pv/wlst/create-domain-script.sh

@@ -43,36 +43,3 @@ wlst.sh -skipWLSModuleScanning \
         -osbManagedServerSSLPort ${OSB_MANAGED_SERVER_SSL_PORT} \
         -persistentStore ${PERSISTENCE_STORE}
 
-wlstCmdVal=$?
-
-if [ $wlstCmdVal -ne 0 ]; then
-   echo "ERROR: Domain creation failed. Please check the logs"
-   exit 1
-else
-   #For BUG-37807693
-   export OH=/u01/oracle
-   JAR_FILE="$OH/oracle_common/modules/oracle.adf.share/adf-share-support.jar"
-   SCRIPT_TO_CHECK="DomainConfigGraalLibUpdate.sh"
-   if [ -f $JAR_FILE ]; then
-	echo "adf-share-support.jar is available, Checking availability of script DomainConfigGraalLibUpdate.sh"
-	FILE_PATH=$(jar tf "$JAR_FILE" | grep "$SCRIPT_TO_CHECK")
-	if [ -n "$FILE_PATH" ]; then
-	   echo "File path of DomainConfigGraalLibUpdate.sh - $FILE_PATH"
-	   cd /tmp
-           jar xvf $JAR_FILE $FILE_PATH
-	   chmod +x $FILE_PATH
-	   echo $OH | /tmp/$FILE_PATH
-           retVal=$?
-           if [ $retVal -ne 0 ]; then
-              echo "ERROR: DomainConfigGraalLibUpdate.sh execution failed. Please check the logs"
-              exit 1
-           else
-              echo "DomainConfigGraalLibUpdate.sh script execution completed"
-           fi
-        else
-	   echo "Script DomainConfigGraalLibUpdate.sh not available"
-	fi
-   else
-      echo "$JAR_FILE not available"
-   fi
-fi

OracleSOASuite/kubernetes/domain-upgrade/README.md

@@ -24,11 +24,11 @@ Refer to the configuration parameters below to understand the information that y
 #### Configuration parameters
 
 * If SSL is disabled in the source environment, then you can not enable secure mode directly during upgrade process. Hence do not set `secureEnabled` to true as this will result in unexpected behaviour. You can perform below steps to enable secure domain:
-	- First upgrade to non-secure 14.1.2 domain using the domain upgrade scripts.
-	- Post upgrade, once the servers are up and running, refer to [Enable Secure domain post upgrade](#enable-secure-domain-post-upgrade) to enable the secure domain.
+       - First upgrade to non-secure 14.1.2 domain using the domain upgrade scripts.
+       - Post upgrade, once the servers are up and running, refer to [Enable Secure domain post upgrade](#enable-secure-domain-post-upgrade) to enable the secure domain.
+
+* If SSL is enabled in the source environment then you can set `secureEnabled` to `true` to enable secure domain during the upgrade process. 
 
-* If SSL is enabled in the source environment then you can set `secureEnabled` to `true` to enable secure domain during the upgrade process.
-
 The following parameters can be provided in the inputs file.
 
 | Parameter | Definition | Default |
@@ -84,12 +84,10 @@ $ cd $WORKDIR
 $ helm upgrade REPLACE-WITH-INGRESS-PER-DOMAIN-RELEASE-NAME charts/ingress-per-domain \
   --reuse-values --set wlsDomain.secureEnabled=true 
 ```
-
 #### Enable secure domain post upgrade
 
 Perform the below steps to enable the secure domain in a non-SSL OracleSOASuite 14.1.2 domain:
 
-
 * Connect to an Administration Server using WebLogic Remote console.
 * In the **Edit Tree**, go to **Environment**, then **Domain** and enable the `Secured Production Mode` toggle on Domain screen.
 * Click **Save**.
@@ -105,3 +103,5 @@ Perform the below steps to enable the secure domain in a non-SSL OracleSOASuite
 * Perform domain full shutdown and restart. Refer [Full domain restarts](https://oracle.github.io/weblogic-kubernetes-operator/managing-domains/domain-lifecycle/startup/#full-domain-restarts) for details.
 
 > **Note** : Once you have enabled "Secured Production Mode", existing ingress to access the domain URLs will not work. Refer to [Upgrade ingress](#upgrade-ingress) for details. 
+
+

OracleSOASuite/kubernetes/domain-upgrade/scripts/domainHomeUpgrade.py

@@ -31,6 +31,7 @@ def usage(status=0):
   print 'Preparing to update domain '+ domainName
   updateDomain()
   print 'Domain upgrade completed ....'
+  closeDomain()
 except Exception, e:
   if 'The domain is already at the current version' in str(e):
      print "Domain " + domainName + " already upgraded to current version."

OracleSOASuite/kubernetes/domain-upgrade/scripts/postUpgrade.py

@@ -56,6 +56,7 @@ def usage(status=0):
    print 'Preparing to update domain...'
    cd('/')
    updateDomain()
+   closeDomain()
 except:
    dumpStack()
    print 'Updating the JDBC data source for schema ' + wlsRuntimeUser + ' failed'

OracleSOASuite/kubernetes/domain-upgrade/scripts/secureDomain.py

@@ -24,11 +24,11 @@
    create('NO_NAME_0', 'SecureMode')
    cd('SecureMode/NO_NAME_0')
    set('SecureModeEnabled', true)
-   updateDomain()
 except:
    dumpStack()
 print 'Preparing to update domain...'
 cd('/')
 updateDomain()
+closeDomain()
 sys.exit(0)
 

OracleSOASuite/kubernetes/oke/README.md

@@ -101,7 +101,7 @@ See [SOA on Kubernetes documentation](https://docs.oracle.com/en/middleware/soa-
 
 #### Prepare for domain
 
-See [SOA on Kubernetes documentation](https://docs.oracle.com/en/middleware/soa-suite/soa/14.1.2/soakn/prepare-your-environment.html) for preparing the environment for Oracle SOA Suite domains. 
+See [SOA on Kubernetes documentation](https://docs.oracle.com/en/middleware/soa-suite/soa/14.1.2/soakn/prepare-your-environment.html) for preparing the environment for Oracle SOA Suite domains.
 
 Addtionally see below steps:
 

docs-source/content/soa-domains/_index.md

@@ -25,7 +25,7 @@ The operator has several key features to assist you with deploying and managing
 
 #### Current production release
 
-The current production release for the Oracle SOA Suite domains deployment on Kubernetes is [25.2.2](https://github.com/oracle/fmw-kubernetes/releases). This release uses the WebLogic Kubernetes Operator version [4.2.15](https://github.com/oracle/weblogic-kubernetes-operator/releases/tag/v4.2.15).
+The current production release for the Oracle SOA Suite domains deployment on Kubernetes is [25.3.2](https://github.com/oracle/fmw-kubernetes/releases). This release uses the WebLogic Kubernetes Operator version [4.2.19](https://github.com/oracle/weblogic-kubernetes-operator/releases/tag/v4.2.19).
 
 
 #### Recent changes and known issues
@@ -64,6 +64,7 @@ please consult this table of contents:
 
 To view documentation for an earlier release, see:
 
+* [Version 25.2.2](https://oracle.github.io/fmw-kubernetes/25.2.2/soa-domains/)
 * [Version 25.1.2](https://oracle.github.io/fmw-kubernetes/25.1.2/soa-domains/)
 * [Version 24.4.2](https://oracle.github.io/fmw-kubernetes/24.4.2/soa-domains/)
 * [Version 24.3.2](https://oracle.github.io/fmw-kubernetes/24.3.2/soa-domains/)

docs-source/content/soa-domains/adminguide/configure-load-balancer/apache.md

@@ -133,7 +133,7 @@ Refer to the [sample](https://github.com/oracle/docker-images/tree/main/OracleWe
 
    {{% /expand %}}
 
-1. Create a PV and PVC (pv-claim-name) that can be used to store the custom_mod_wl_apache.conf. Refer to the [Sample](https://github.com/oracle/weblogic-kubernetes-operator/blob/v4.2.15/kubernetes/samples/scripts/create-weblogic-domain-pv-pvc/README.md) for creating a PV or PVC.
+1. Create a PV and PVC (pv-claim-name) that can be used to store the custom_mod_wl_apache.conf. Refer to the [Sample](https://github.com/oracle/weblogic-kubernetes-operator/blob/v4.2.19/kubernetes/samples/scripts/create-weblogic-domain-pv-pvc/README.md) for creating a PV or PVC.
 
 #### Prepare the certificate and private key
 

docs-source/content/soa-domains/adminguide/configure-load-balancer/nginx.md

@@ -202,7 +202,7 @@ Follow these steps to set up NGINX as a load balancer for an Oracle SOA Suite do
 1. Create an ingress for the domain in the domain namespace by using the sample Helm chart. Here path-based routing is used for ingress. Sample values for default configuration are shown in the file `${WORKDIR}/charts/ingress-per-domain/values.yaml`. By default, `type` is `TRAEFIK` , `sslType` is `NONSSL`, and `domainType` is `soa`. These values can be overridden by passing values through the command line or can be edited in the sample file `values.yaml`.   
 If needed, you can update the ingress YAML file to define more path rules (in section `spec.rules.host.http.paths`) based on the domain application URLs that need to be accessed. Update the template YAML file for the NGINX load balancer located at `${WORKDIR}/charts/ingress-per-domain/templates/nginx-ingress.yaml`.
 
-   > Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v25.2.2/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md#configuration) for all the configuration parameters.
+   > Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v25.3.2/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md#configuration) for all the configuration parameters.
 
    ```bash
     $ cd ${WORKDIR}

docs-source/content/soa-domains/adminguide/configure-load-balancer/traefik.md

@@ -156,7 +156,7 @@ Sample values for default configuration are shown in the file `${WORKDIR}/charts
 By default, `type` is `TRAEFIK`, `sslType` is `NONSSL`, and `domainType` is `soa`. These values can be overridden by passing values through the command line or can be edited in the sample file `values.yaml` based on the type of configuration (NONSSL, SSL, and E2ESSL).  
 If needed, you can update the ingress YAML file to define more path rules (in section `spec.rules.host.http.paths`) based on the domain application URLs that need to be accessed. The template YAML file for the Traefik (ingress-based) load balancer is located at `${WORKDIR}/charts/ingress-per-domain/templates/traefik-ingress.yaml`.
 
-> Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v25.2.2/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md#configuration) for all the configuration parameters.
+> Note: See [here](https://github.com/oracle/fmw-kubernetes/blob/v25.3.2/OracleSOASuite/kubernetes/charts/ingress-per-domain/README.md#configuration) for all the configuration parameters.
 
 1. Choose an appropriate `LOADBALANCER_HOSTNAME` for accessing the Oracle SOA Suite domain application URLs.
 

docs-source/content/soa-domains/adminguide/monitoring-soa-domains.md

@@ -18,7 +18,7 @@ After the Oracle SOA Suite domain is set up, you can:
 Using the `WebLogic Monitoring Exporter` you can scrape runtime information from a running Oracle SOA Suite instance and monitor them using Prometheus and Grafana.
 
 #### Set up monitoring
-Follow [these steps](https://github.com/oracle/fmw-kubernetes/blob/v25.2.2/OracleSOASuite/kubernetes/monitoring-service/README.md) to set up monitoring for an Oracle SOA Suite instance. For more details on WebLogic Monitoring Exporter, see [here](https://github.com/oracle/weblogic-monitoring-exporter).
+Follow [these steps](https://github.com/oracle/fmw-kubernetes/blob/v25.3.2/OracleSOASuite/kubernetes/monitoring-service/README.md) to set up monitoring for an Oracle SOA Suite instance. For more details on WebLogic Monitoring Exporter, see [here](https://github.com/oracle/weblogic-monitoring-exporter).
 
 ### Publish WebLogic Server logs into Elasticsearch