From 50144166249c573c87d5ec94e6b6cbe020468e40 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 6 Feb 2023 16:03:11 +0800 Subject: [PATCH 1/5] support passwordless mssql connection in admin offer set default value to dbUser Changes to be committed: modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh --- .../arm-oraclelinux-wls-admin/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 34 +++++++++++++------ .../nestedtemplates/_pswlessDbTemplate.json | 21 +++++++++--- .../scripts/datasourceConfig-sqlserver.sh | 3 +- .../src/main/scripts/installJdbcDrivers.sh | 2 +- 5 files changed, 44 insertions(+), 18 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 17145e51b..0aa9e790d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -10,7 +10,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-admin - 1.0.39 + 1.0.40 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json index 249b59896..8d13a2383 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json @@ -994,7 +994,7 @@ "value": "oracle" }, { - "label": "Azure SQL", + "label": "Azure SQL (with support for passwordless connection)", "value": "sqlserver" }, { @@ -1023,8 +1023,16 @@ "defaultValue": "", "constraints": { "required": true, - "regex": "^[a-z0-9A-Z/]{1,30}$", - "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." + "validations": [ + { + "regex": "^[a-z0-9A-Z/]{1,30}$", + "message": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." + } + ] }, "visible": true }, @@ -1052,6 +1060,10 @@ { "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPluginClassName')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", "message": "The offer will append authenticationPluginClassName with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authentication=ActiveDirectoryMSI')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'msiClientId'))), 'true')]", + "message": "The offer will append authentication with ActiveDirectoryMSI, and append msiClientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -1096,6 +1108,13 @@ }, "visible": true }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')))]" + }, { "name": "dbUser", "type": "Microsoft.Common.TextBox", @@ -1115,14 +1134,7 @@ } ] }, - "visible": true - }, - { - "name": "enablePswlessConnection", - "type": "Microsoft.Common.CheckBox", - "label": "Use passwordless datasource connection", - "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" }, { "name": "dbPassword", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json index bd8b85ae2..99a4fbdb1 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -72,7 +72,7 @@ }, "wlsDomainName": { "type": "string", - "defaultValue": "wlsd", + "defaultValue": "adminDomain", "metadata": { "description": "Provide Weblogic domain name" } @@ -92,12 +92,24 @@ }, "variables": { "const_identityAPIVersion": "${azure.apiVersionForIndentity}", + "const_msiDefaultUser": "msiUser", "name_appendIdentityTemplate": "_appendUserManagedIdentity.json", "name_installJdbcLibsTemplate": "_installJdbcLibsTemplate.json", "name_dbTemplate": "_dbTemplate.json", + "array_msiClientId": { + "mysql": "azure.clientId", + "postgresql": "azure.clientId", + "sqlserver": "msiClientId" + }, "array_azureJdbcPlugins": { "mysql": "defaultAuthenticationPlugin=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin", - "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin" + "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin", + "sqlserver": "authentication=ActiveDirectoryMSI" + }, + "array_urlJoiner": { + "mysql": "&", + "postgresql": "&", + "sqlserver": ";" }, "obj_dbIdentity": { "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} @@ -148,6 +160,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", "name": "installJdbcLibsTemplate", + "condition": "[or(equals(parameters('databaseType'),'mysql'), equals(parameters('databaseType'),'postgresql'))]", "dependsOn": [ "assignDbIdentityToAdminVM" ], @@ -218,10 +231,10 @@ "value": "[parameters('dbGlobalTranPro')]" }, "dsConnectionURL": { - "value": "[uri(format('{0}&{1}&azure.clientId={2}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId), '')]" + "value": "[uri(format('{0}{4}{1}{4}{2}={3}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" }, "dbUser": { - "value": "[parameters('dbUser')]" + "value": "[if(equals(parameters('databaseType'), 'sqlserver'), variables('const_msiDefaultUser'), parameters('dbUser'))]" }, "enablePswlessConnection": { "value": true diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh index b3b7473d7..0a606f1f5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh @@ -97,9 +97,10 @@ function validateInput() exit 1 fi - # reset password + # reset password and user if [[ "${enablePswlessConnection,,}" == "true" ]]; then dsPassword="" + dsUser="" fi } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh index 1b10d87d6..5b339a16d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh @@ -239,7 +239,7 @@ read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName w export curlMaxTime=120 # seconds export gitUrl4AzureIdentityExtensionPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml" -export mvnVersion="3.8.6" +export mvnVersion="3.9.0" export mvnInstaller="apache-maven-${mvnVersion}-bin.tar.gz" export retryMaxAttempt=5 # retry attempt for curl command export url4MavenInstaller="https://dlcdn.apache.org/maven/maven-3/${mvnVersion}/binaries/${mvnInstaller}" From ff0d86030cdd7972235f9524a959fa7d8397193d Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 7 Feb 2023 13:55:38 +0800 Subject: [PATCH 2/5] support passwordless mssql in cluster offer --- .../arm-oraclelinux-wls-cluster/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 34 +++++++++++++------ .../nestedtemplates/_pswlessDbTemplate.json | 19 +++++++++-- .../scripts/datasourceConfig-sqlserver.sh | 3 +- .../src/main/scripts/installJdbcDrivers.sh | 2 +- 5 files changed, 43 insertions(+), 17 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index 0ea5c601e..611b312de 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -12,7 +12,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-cluster - 1.0.51000 + 1.0.52000 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json index 8536fcee8..61e83363c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json @@ -1323,7 +1323,7 @@ "value": "oracle" }, { - "label": "Azure SQL", + "label": "Azure SQL (with support for passwordless connection)", "value": "sqlserver" }, { @@ -1352,8 +1352,16 @@ "defaultValue": "", "constraints": { "required": true, - "regex": "^[a-z0-9A-Z/]{1,30}$", - "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." + "validations": [ + { + "regex": "^[a-z0-9A-Z/]{1,30}$", + "message": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." + } + ] }, "visible": true }, @@ -1381,6 +1389,10 @@ { "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPluginClassName')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", "message": "The offer will append authenticationPluginClassName with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authentication=ActiveDirectoryMSI')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'msiClientId'))), 'true')]", + "message": "The offer will append authentication with ActiveDirectoryMSI, and append msiClientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -1425,6 +1437,13 @@ }, "visible": true }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + }, { "name": "dbUser", "type": "Microsoft.Common.TextBox", @@ -1444,14 +1463,7 @@ } ] }, - "visible": true - }, - { - "name": "enablePswlessConnection", - "type": "Microsoft.Common.CheckBox", - "label": "Use passwordless datasource connection", - "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" }, { "name": "dbPassword", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json index 602cd05df..db3bd37e9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -109,12 +109,24 @@ "variables": { "const_identityAPIVersion": "${azure.apiVersionForIndentity}", "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", + "const_msiDefaultUser": "msiUser", "name_appendIdentityTemplate": "_appendUserManagedIdentity.json", "name_installJdbcLibsTemplate": "_installJdbcLibsTemplate.json", "name_dbTemplate": "_dbTemplate.json", "array_azureJdbcPlugins": { "mysql": "defaultAuthenticationPlugin=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin", - "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin" + "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin", + "sqlserver": "authentication=ActiveDirectoryMSI" + }, + "array_urlJoiner": { + "mysql": "&", + "postgresql": "&", + "sqlserver": ";" + }, + "array_msiClientId": { + "mysql": "azure.clientId", + "postgresql": "azure.clientId", + "sqlserver": "msiClientId" }, "obj_dbIdentity": { "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} @@ -169,6 +181,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", "name": "installJdbcLibsTemplate", + "condition": "[or(equals(parameters('databaseType'),'mysql'), equals(parameters('databaseType'),'postgresql'))]", "dependsOn": [ "virtualMachineIdentityLoop" ], @@ -245,10 +258,10 @@ "value": "[parameters('dbGlobalTranPro')]" }, "dsConnectionURL": { - "value": "[uri(format('{0}&{1}&azure.clientId={2}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId), '')]" + "value": "[uri(format('{0}{4}{1}{4}{2}={3}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" }, "dbUser": { - "value": "[parameters('dbUser')]" + "value": "[if(equals(parameters('databaseType'), 'sqlserver'), variables('const_msiDefaultUser'), parameters('dbUser'))]" }, "enablePswlessConnection": { "value": true diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh index eadd6ef51..b54fe6414 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh @@ -95,9 +95,10 @@ function validateInput() exit 1 fi - # reset password + # reset password and user if [[ "${enablePswlessConnection,,}" == "true" ]]; then dsPassword="" + dsUser="" fi } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh index 1b10d87d6..5b339a16d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh @@ -239,7 +239,7 @@ read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName w export curlMaxTime=120 # seconds export gitUrl4AzureIdentityExtensionPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml" -export mvnVersion="3.8.6" +export mvnVersion="3.9.0" export mvnInstaller="apache-maven-${mvnVersion}-bin.tar.gz" export retryMaxAttempt=5 # retry attempt for curl command export url4MavenInstaller="https://dlcdn.apache.org/maven/maven-3/${mvnVersion}/binaries/${mvnInstaller}" From 488ab0d9dbc8eca68c08abac02e7e95f357e83c9 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 7 Feb 2023 14:01:09 +0800 Subject: [PATCH 3/5] support passwordless mssql in dynamic cluster --- .../pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 35 ++++++++++++------- .../nestedtemplates/_pswlessDbTemplate.json | 19 ++++++++-- .../scripts/datasourceConfig-sqlserver.sh | 3 +- .../src/main/scripts/installJdbcDrivers.sh | 2 +- 5 files changed, 43 insertions(+), 18 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index 01b1efd2f..78ece9c05 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -10,7 +10,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-dynamic-cluster - 1.0.37 + 1.0.38 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json index 38da94700..9e1fd4c62 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json @@ -1417,7 +1417,7 @@ "value": "oracle" }, { - "label": "Azure SQL", + "label": "Azure SQL (with support for passwordless connection)", "value": "sqlserver" }, { @@ -1446,8 +1446,16 @@ "defaultValue": "", "constraints": { "required": true, - "regex": "^[a-z0-9A-Z/]{1,30}$", - "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." + "validations": [ + { + "regex": "^[a-z0-9A-Z/]{1,30}$", + "message": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." + } + ] }, "visible": true }, @@ -1475,6 +1483,10 @@ { "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPluginClassName')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", "message": "The offer will append authenticationPluginClassName with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authentication=ActiveDirectoryMSI')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'msiClientId'))), 'true')]", + "message": "The offer will append authentication with ActiveDirectoryMSI, and append msiClientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -1519,6 +1531,13 @@ }, "visible": true }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + }, { "name": "dbUser", "type": "Microsoft.Common.TextBox", @@ -1538,15 +1557,7 @@ } ] }, - "visible": true - }, - { - "name": "enablePswlessConnection", - "type": "Microsoft.Common.CheckBox", - "label": "Use passwordless datasource connection", - "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" - }, + "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" }, { "name": "dbPassword", "type": "Microsoft.Common.PasswordBox", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json index 5991795ef..7965b956d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -109,12 +109,24 @@ "variables": { "const_identityAPIVersion": "${azure.apiVersionForIndentity}", "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", + "const_msiDefaultUser": "msiUser", "name_appendIdentityTemplate": "_appendUserManagedIdentity.json", "name_installJdbcLibsTemplate": "_installJdbcLibsTemplate.json", "name_dbTemplate": "_dbTemplate.json", "array_azureJdbcPlugins": { "mysql": "defaultAuthenticationPlugin=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin", - "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin" + "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin", + "sqlserver": "authentication=ActiveDirectoryMSI" + }, + "array_urlJoiner": { + "mysql": "&", + "postgresql": "&", + "sqlserver": ";" + }, + "array_msiClientId": { + "mysql": "azure.clientId", + "postgresql": "azure.clientId", + "sqlserver": "msiClientId" }, "obj_dbIdentity": { "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} @@ -169,6 +181,7 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", "name": "installJdbcLibsTemplate", + "condition": "[or(equals(parameters('databaseType'),'mysql'), equals(parameters('databaseType'),'postgresql'))]", "dependsOn": [ "virtualMachineIdentityLoop" ], @@ -245,10 +258,10 @@ "value": "[parameters('dbGlobalTranPro')]" }, "dsConnectionURL": { - "value": "[uri(format('{0}&{1}&azure.clientId={2}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId), '')]" + "value": "[uri(format('{0}{4}{1}{4}{2}={3}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" }, "dbUser": { - "value": "[parameters('dbUser')]" + "value": "[if(equals(parameters('databaseType'), 'sqlserver'), variables('const_msiDefaultUser'), parameters('dbUser'))]" }, "enablePswlessConnection": { "value": true diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh index 673228c82..fea561da6 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh @@ -103,9 +103,10 @@ function validateInput() exit 1 fi - # reset password + # reset password and user if [[ "${enablePswlessConnection,,}" == "true" ]]; then dsPassword="" + dsUser="" fi } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh index 1b10d87d6..5b339a16d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh @@ -239,7 +239,7 @@ read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName w export curlMaxTime=120 # seconds export gitUrl4AzureIdentityExtensionPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml" -export mvnVersion="3.8.6" +export mvnVersion="3.9.0" export mvnInstaller="apache-maven-${mvnVersion}-bin.tar.gz" export retryMaxAttempt=5 # retry attempt for curl command export url4MavenInstaller="https://dlcdn.apache.org/maven/maven-3/${mvnVersion}/binaries/${mvnInstaller}" From afc0912adbd55d29aeb86748794126712fddab04 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 7 Feb 2023 14:09:54 +0800 Subject: [PATCH 4/5] enhance UI Changes to be committed: modified: ../weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json modified: ../weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json --- .../src/main/arm/createUiDefinition.json | 27 +++++++++++------- .../src/main/arm/createUiDefinition.json | 27 +++++++++++------- .../src/main/arm/createUiDefinition.json | 28 ++++++++++++------- 3 files changed, 52 insertions(+), 30 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json index 8d13a2383..489066a31 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json @@ -1027,10 +1027,6 @@ { "regex": "^[a-z0-9A-Z/]{1,30}$", "message": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." - }, - { - "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", - "message": "You must select at least one managed identity that has access to your database." } ] }, @@ -1064,6 +1060,10 @@ { "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authentication=ActiveDirectoryMSI')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'msiClientId'))), 'true')]", "message": "The offer will append authentication with ActiveDirectoryMSI, and append msiClientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection0),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." } ] }, @@ -1109,11 +1109,11 @@ "visible": true }, { - "name": "enablePswlessConnection", + "name": "enablePswlessConnection0", "type": "Microsoft.Common.CheckBox", "label": "Use passwordless datasource connection", "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')))]" + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))]" }, { "name": "dbUser", @@ -1134,7 +1134,14 @@ } ] }, - "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" + "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection0, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" + }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" }, { "name": "dbPassword", @@ -1152,7 +1159,7 @@ "options": { "hideConfirmation": false }, - "visible": "[and(bool(steps('section_database').enableDB), not(steps('section_database').databaseConnectionInfo.enablePswlessConnection))]" + "visible": "[and(bool(steps('section_database').enableDB), not(or(steps('section_database').databaseConnectionInfo.enablePswlessConnection, steps('section_database').databaseConnectionInfo.enablePswlessConnection0)))]" }, { "name": "dbIdentity", @@ -1168,7 +1175,7 @@ "hideSystemAssignedIdentity": true, "hideUserAssignedIdentity": false }, - "visible": "[and(bool(steps('section_database').enableDB), steps('section_database').databaseConnectionInfo.enablePswlessConnection)]" + "visible": "[and(bool(steps('section_database').enableDB), or(steps('section_database').databaseConnectionInfo.enablePswlessConnection, steps('section_database').databaseConnectionInfo.enablePswlessConnection0))]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -1523,7 +1530,7 @@ "enableDB": "[bool(steps('section_database').enableDB)]", "enableCustomDNS": "[bool(steps('section_networkingConfiguration').enableCustomDNS)]", "enableELK": "[bool(steps('section_elk').enableELK)]", - "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", + "enablePswlessConnection": "[or(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection0))]", "hasDNSZones": "[bool(if(bool(steps('section_networkingConfiguration').enableCustomDNS), steps('section_networkingConfiguration').customDNSSettings.bringDNSZone, 'false'))]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", "logsToIntegrate": "[steps('section_elk').elkInfo.logsToIntegrate]", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json index 61e83363c..0357fac15 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json @@ -1356,10 +1356,6 @@ { "regex": "^[a-z0-9A-Z/]{1,30}$", "message": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." - }, - { - "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", - "message": "You must select at least one managed identity that has access to your database." } ] }, @@ -1393,6 +1389,10 @@ { "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authentication=ActiveDirectoryMSI')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'msiClientId'))), 'true')]", "message": "The offer will append authentication with ActiveDirectoryMSI, and append msiClientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection0),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." } ] }, @@ -1438,11 +1438,11 @@ "visible": true }, { - "name": "enablePswlessConnection", + "name": "enablePswlessConnection0", "type": "Microsoft.Common.CheckBox", "label": "Use passwordless datasource connection", "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))]" }, { "name": "dbUser", @@ -1463,7 +1463,14 @@ } ] }, - "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" + "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection0, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" + }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" }, { "name": "dbPassword", @@ -1481,7 +1488,7 @@ "options": { "hideConfirmation": false }, - "visible": "[and(bool(steps('section_database').enableDB), not(steps('section_database').databaseConnectionInfo.enablePswlessConnection))]" + "visible": "[and(bool(steps('section_database').enableDB), not(or(steps('section_database').databaseConnectionInfo.enablePswlessConnection, steps('section_database').databaseConnectionInfo.enablePswlessConnection0)))]" }, { "name": "dbIdentity", @@ -1497,7 +1504,7 @@ "hideSystemAssignedIdentity": true, "hideUserAssignedIdentity": false }, - "visible": "[and(bool(steps('section_database').enableDB), steps('section_database').databaseConnectionInfo.enablePswlessConnection)]" + "visible": "[and(bool(steps('section_database').enableDB), or(steps('section_database').databaseConnectionInfo.enablePswlessConnection, steps('section_database').databaseConnectionInfo.enablePswlessConnection0))]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -1970,7 +1977,7 @@ "enableCookieBasedAffinity": "[bool(steps('section_appGateway').enableCookieBasedAffinity)]", "enableDNSConfiguration": "[bool(steps('section_networkingConfiguration').enableCustomDNS)]", "enableELK": "[bool(steps('section_elk').enableELK)]", - "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", + "enablePswlessConnection": "[or(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection0))]", "hasDNSZones": "[bool(if(bool(steps('section_networkingConfiguration').enableCustomDNS), steps('section_networkingConfiguration').customDNSSettings.bringDNSZone, 'false'))]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", "logsToIntegrate": "[steps('section_elk').elkInfo.logsToIntegrate]", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json index 9e1fd4c62..94c767bee 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json @@ -1450,10 +1450,6 @@ { "regex": "^[a-z0-9A-Z/]{1,30}$", "message": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." - }, - { - "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", - "message": "You must select at least one managed identity that has access to your database." } ] }, @@ -1487,6 +1483,10 @@ { "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authentication=ActiveDirectoryMSI')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'msiClientId'))), 'true')]", "message": "The offer will append authentication with ActiveDirectoryMSI, and append msiClientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection0),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver')), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." } ] }, @@ -1532,11 +1532,11 @@ "visible": true }, { - "name": "enablePswlessConnection", + "name": "enablePswlessConnection0", "type": "Microsoft.Common.CheckBox", "label": "Use passwordless datasource connection", "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))]" }, { "name": "dbUser", @@ -1557,7 +1557,15 @@ } ] }, - "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" }, + "visible": "[and(bool(steps('section_database').enableDB), not(and(steps('section_database').databaseConnectionInfo.enablePswlessConnection0, equals(steps('section_database').databaseConnectionInfo.databaseType, 'sqlserver'))))]" + }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + }, { "name": "dbPassword", "type": "Microsoft.Common.PasswordBox", @@ -1574,7 +1582,7 @@ "options": { "hideConfirmation": false }, - "visible": "[and(bool(steps('section_database').enableDB), not(steps('section_database').databaseConnectionInfo.enablePswlessConnection))]" + "visible": "[and(bool(steps('section_database').enableDB), not(or(steps('section_database').databaseConnectionInfo.enablePswlessConnection, steps('section_database').databaseConnectionInfo.enablePswlessConnection0)))]" }, { "name": "dbIdentity", @@ -1590,7 +1598,7 @@ "hideSystemAssignedIdentity": true, "hideUserAssignedIdentity": false }, - "visible": "[and(bool(steps('section_database').enableDB), steps('section_database').databaseConnectionInfo.enablePswlessConnection)]" + "visible": "[and(bool(steps('section_database').enableDB), or(steps('section_database').databaseConnectionInfo.enablePswlessConnection, steps('section_database').databaseConnectionInfo.enablePswlessConnection0))]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -2060,7 +2068,7 @@ "enableCustomDNS": "[bool(steps('section_networkingConfiguration').enableCustomDNS)]", "enableELK": "[bool(steps('section_elk').enableELK)]", "enableOHS": "[bool(steps('section_ohs').enableOHS)]", - "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", + "enablePswlessConnection": "[or(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection0))]", "hasDNSZones": "[bool(if(bool(steps('section_networkingConfiguration').enableCustomDNS), steps('section_networkingConfiguration').customDNSSettings.bringDNSZone, 'false'))]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", "logsToIntegrate": "[steps('section_elk').elkInfo.logsToIntegrate]", From 0d03c3a90ddc005df9e721f65526e25b3f335ed1 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Wed, 8 Feb 2023 14:28:10 +0800 Subject: [PATCH 5/5] fix sqlserver connections string (#1) modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json --- .../src/main/arm/nestedtemplates/_pswlessDbTemplate.json | 5 +++-- .../src/main/arm/nestedtemplates/_pswlessDbTemplate.json | 3 ++- .../src/main/arm/nestedtemplates/_pswlessDbTemplate.json | 3 ++- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json index 99a4fbdb1..0267bb2ec 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -91,6 +91,7 @@ } }, "variables": { + "const_connectionString": "[if(and(equals(parameters('databaseType'),'sqlserver'), equals(last(parameters('dsConnectionURL')),';')), take(parameters('dsConnectionURL'), add(length(parameters('dsConnectionURL')),-1)),parameters('dsConnectionURL'))]", "const_identityAPIVersion": "${azure.apiVersionForIndentity}", "const_msiDefaultUser": "msiUser", "name_appendIdentityTemplate": "_appendUserManagedIdentity.json", @@ -111,7 +112,7 @@ "postgresql": "&", "sqlserver": ";" }, - "obj_dbIdentity": { + "obj_dbIdentity": { "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} }, "obj_empty": {} @@ -231,7 +232,7 @@ "value": "[parameters('dbGlobalTranPro')]" }, "dsConnectionURL": { - "value": "[uri(format('{0}{4}{1}{4}{2}={3}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" + "value": "[uri(format('{0}{4}{1}{4}{2}={3}', variables('const_connectionString'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" }, "dbUser": { "value": "[if(equals(parameters('databaseType'), 'sqlserver'), variables('const_msiDefaultUser'), parameters('dbUser'))]" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json index db3bd37e9..1e183da8c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -107,6 +107,7 @@ } }, "variables": { + "const_connectionString": "[if(and(equals(parameters('databaseType'),'sqlserver'), equals(last(parameters('dsConnectionURL')),';')), take(parameters('dsConnectionURL'), add(length(parameters('dsConnectionURL')),-1)),parameters('dsConnectionURL'))]", "const_identityAPIVersion": "${azure.apiVersionForIndentity}", "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", "const_msiDefaultUser": "msiUser", @@ -258,7 +259,7 @@ "value": "[parameters('dbGlobalTranPro')]" }, "dsConnectionURL": { - "value": "[uri(format('{0}{4}{1}{4}{2}={3}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" + "value": "[uri(format('{0}{4}{1}{4}{2}={3}', variables('const_connectionString'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" }, "dbUser": { "value": "[if(equals(parameters('databaseType'), 'sqlserver'), variables('const_msiDefaultUser'), parameters('dbUser'))]" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json index 7965b956d..a6365ca05 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -107,6 +107,7 @@ } }, "variables": { + "const_connectionString": "[if(and(equals(parameters('databaseType'),'sqlserver'), equals(last(parameters('dsConnectionURL')),';')), take(parameters('dsConnectionURL'), add(length(parameters('dsConnectionURL')),-1)),parameters('dsConnectionURL'))]", "const_identityAPIVersion": "${azure.apiVersionForIndentity}", "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", "const_msiDefaultUser": "msiUser", @@ -258,7 +259,7 @@ "value": "[parameters('dbGlobalTranPro')]" }, "dsConnectionURL": { - "value": "[uri(format('{0}{4}{1}{4}{2}={3}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" + "value": "[uri(format('{0}{4}{1}{4}{2}={3}', variables('const_connectionString'), variables('array_azureJdbcPlugins')[parameters('databaseType')], variables('array_msiClientId')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId, variables('array_urlJoiner')[parameters('databaseType')]), '')]" }, "dbUser": { "value": "[if(equals(parameters('databaseType'), 'sqlserver'), variables('const_msiDefaultUser'), parameters('dbUser'))]"