From 0b4f13a4a95fd1c292644a08e715da8d0f103de9 Mon Sep 17 00:00:00 2001 From: smantoor Date: Fri, 19 Sep 2025 15:44:23 +0530 Subject: [PATCH 1/3] Changes related to default outbound access for admin offer --- .../src/main/arm/mainTemplate.json | 98 ++++++++++++++- .../arm/nestedtemplates/adminTemplate.json | 27 +++++ .../adminTemplateForCustomSSL.json | 27 +++++ .../postDeploymentTemplate.json | 107 ++++++++++++++++ .../postDeploymentUAMIRolesTemplate.json | 114 ++++++++++++++++++ .../src/main/scripts/postDeploymentScript.sh | 46 +++++++ 6 files changed, 417 insertions(+), 2 deletions(-) create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/postDeploymentScript.sh diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json index 885c3b05c..6de11704b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json @@ -177,6 +177,10 @@ "type": "string", "defaultValue": "[newGuid()]" }, + "guidTag": { + "type": "string", + "defaultValue": "[newGuid()]" + }, "location": { "type": "string", "defaultValue": "[resourceGroup().location]", @@ -368,12 +372,16 @@ }, "variables": { "const_globalResourceNameSuffix": "[uniqueString(parameters('guidValue'))]", + "const_guidTag": "[uniqueString(parameters('guidTag'))]", "name_adminCustomSSLLinkedTemplateName": "adminTemplateForCustomSSL.json", "name_adminLinkedTemplateDeployment": "[concat('admin',if(parameters('enableCustomSSL'),'CustomSSL',''),'LinkedTemplate')]", + "name_uamiForPostDeploymentScript" : "uamiForPostDeploymentScript", "name_adminLinkedTemplateName": "adminTemplate.json", "name_adminVM": "[concat(parameters('adminVMName'), variables('const_globalResourceNameSuffix'))]", "name_dbLinkedTemplate": "dbTemplate.json", "name_dnszonesLinkedTemplateName": "dnszonesTemplate.json", + "name_postDeploymentUAMIRolesTemplate" : "postDeploymentUAMIRolesTemplate.json", + "name_postDeploymentTemplate": "postDeploymentTemplate.json", "name_networkSecurityGroup": "[concat(parameters('dnsLabelPrefix'), '-nsg', variables('const_globalResourceNameSuffix'))]", "name_nsgLinkedTemplateName": "nsgNestedTemplate.json", // If adding a new resource, add the resource identifier to the array below @@ -456,6 +464,9 @@ "_globalResourceNameSuffix": { "value": "[variables('const_globalResourceNameSuffix')]" }, + "const_guidTag":{ + "value": "[variables('const_guidTag')]" + }, "adminPasswordOrKey": { "value": "[parameters('adminPasswordOrKey')]" }, @@ -556,6 +567,9 @@ "_globalResourceNameSuffix": { "value": "[variables('const_globalResourceNameSuffix')]" }, + "const_guidTag":{ + "value": "[variables('const_guidTag')]" + }, "adminPasswordOrKey": { "value": "[parameters('adminPasswordOrKey')]" }, @@ -807,18 +821,98 @@ } } - }, + }, { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersionForDeployment}", + "name": "[variables('name_uamiForPostDeploymentScript')]", + "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", "tags": "[variables('obj_tagsByResources')['${identifier.resourcesDeployment}']]", - "name": "${admin.end}", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', variables('name_adminLinkedTemplateDeployment'))]", "[resourceId('Microsoft.Resources/deployments', 'networkSecurityLinkedTemplate')]", "[resourceId('Microsoft.Resources/deployments', 'dnszonesLinkedTemplate')]", "[resourceId('Microsoft.Resources/deployments', 'dbLinkedTemplate')]" ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_postDeploymentUAMIRolesTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "_globalResourceNameSuffix": { + "value": "[variables('const_globalResourceNameSuffix')]" + }, + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "tagsByResource": { + "value": "[variables('obj_tagsByResources')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersionForDeployment}", + "name": "postDeplyment", + "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", + "tags": "[variables('obj_tagsByResources')['${identifier.resourcesDeployment}']]", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', variables('name_adminLinkedTemplateDeployment'))]", + "[resourceId('Microsoft.Resources/deployments', 'networkSecurityLinkedTemplate')]", + "[resourceId('Microsoft.Resources/deployments', 'dnszonesLinkedTemplate')]", + "[resourceId('Microsoft.Resources/deployments', 'dbLinkedTemplate')]", + "[resourceId('Microsoft.Resources/deployments', variables('name_uamiForPostDeploymentScript'))]" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_postDeploymentTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "location": { + "value": "[parameters('location')]" + }, + "_globalResourceNameSuffix": { + "value": "[variables('const_globalResourceNameSuffix')]" + }, + "tagsByResource": { + "value": "[variables('obj_tagsByResources')]" + }, + "const_guidTag":{ + "value": "[variables('const_guidTag')]" + }, + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "userAssignedIdentityResourceId":{ + "value": "[reference(variables('name_uamiForPostDeploymentScript'),'${azure.apiVersionForDeployment}').outputs.uamidForPostDeployment.value]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersionForDeployment}", + "tags": "[variables('obj_tagsByResources')['${identifier.resourcesDeployment}']]", + "name": "${admin.end}", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', variables('name_adminLinkedTemplateDeployment'))]", + "[resourceId('Microsoft.Resources/deployments', 'networkSecurityLinkedTemplate')]", + "[resourceId('Microsoft.Resources/deployments', 'dnszonesLinkedTemplate')]", + "[resourceId('Microsoft.Resources/deployments', 'dbLinkedTemplate')]", + "[resourceId('Microsoft.Resources/deployments', variables('name_uamiForPostDeploymentScript'))]", + "[resourceId('Microsoft.Resources/deployments', 'postDeplyment')]" + ], "properties": { "mode": "Incremental", "template": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json index a3d771a23..c13fc507d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json @@ -26,6 +26,12 @@ "metadata": { "description": "A unique suffix that was specified during the deployment of the solution template." } + }, + "const_guidTag" :{ + "type": "string", + "metadata": { + "description": "A unique tag for resources." + } }, "adminPasswordOrKey": { "type": "securestring", @@ -417,6 +423,20 @@ } } }, + { + "apiVersion": "${azure.apiVersionForPublicIPAddresses}", + "type": "Microsoft.Network/publicIPAddresses", + "tags": "[if(empty(parameters('tagsByResource')['${identifier.publicIPAddresses}']),createObject(parameters('const_guidTag'),''),union(parameters('tagsByResource')['${identifier.publicIPAddresses}'],createObject(parameters('const_guidTag'),'')))]", + "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", + "name": "[variables('name_publicIPAddress')]", + "location": "[parameters('location')]", + "properties": { + "publicIPAllocationMethod": "[variables('const_publicIPAddressType')]", + "dnsSettings": { + "domainNameLabel": "[concat(toLower(parameters('dnsLabelPrefix')),'-',take(replace(parameters('guidValue'), '-', ''), 10),'-',toLower(parameters('wlsDomainName')))]" + } + } + }, { "apiVersion": "${azure.apiVersionForVirtualNetworks}", "type": "Microsoft.Network/virtualNetworks", @@ -482,12 +502,19 @@ "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", "name": "[variables('name_nic_without_pub_ip')]", "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Network/publicIPAddresses/', variables('name_publicIPAddress'))]", + "[resourceId('Microsoft.Network/virtualNetworks/', variables('name_virtualNetwork'))]" + ], "properties": { "ipConfigurations": [ { "name": "ipconfig1", "properties": { "privateIPAllocationMethod": "Dynamic", + "publicIPAddress": { + "id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('name_publicIPAddress'))]" + }, "subnet": { "id": "[variables('ref_subnet')]" } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json index acf6ad817..94cfc84c4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json @@ -27,6 +27,12 @@ "description": "A unique suffix that was specified during the deployment of the solution template." } }, + "const_guidTag" :{ + "type": "string", + "metadata": { + "description": "A unique tag for resources." + } + }, "adminPasswordOrKey": { "type": "securestring", "metadata": { @@ -489,6 +495,20 @@ } } }, + { + "apiVersion": "${azure.apiVersionForPublicIPAddresses}", + "type": "Microsoft.Network/publicIPAddresses", + "tags": "[if(empty(parameters('tagsByResource')['${identifier.publicIPAddresses}']),createObject(parameters('const_guidTag'),''),union(parameters('tagsByResource')['${identifier.publicIPAddresses}'],createObject(parameters('const_guidTag'),'')))]", + "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", + "name": "[variables('name_publicIPAddress')]", + "location": "[parameters('location')]", + "properties": { + "publicIPAllocationMethod": "[variables('const_publicIPAddressType')]", + "dnsSettings": { + "domainNameLabel": "[concat(toLower(parameters('dnsLabelPrefix')),'-',take(replace(parameters('guidValue'), '-', ''), 10),'-',toLower(parameters('wlsDomainName')))]" + } + } + }, { "apiVersion": "${azure.apiVersionForVirtualNetworks}", "type": "Microsoft.Network/virtualNetworks", @@ -554,12 +574,19 @@ "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", "name": "[variables('name_nic_without_pub_ip')]", "location": "[parameters('location')]", + "dependsOn": [ + "[resourceId('Microsoft.Network/publicIPAddresses/', variables('name_publicIPAddress'))]", + "[resourceId('Microsoft.Network/virtualNetworks/', variables('name_virtualNetwork'))]" + ], "properties": { "ipConfigurations": [ { "name": "ipconfig1", "properties": { "privateIPAllocationMethod": "Dynamic", + "publicIPAddress": { + "id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('name_publicIPAddress'))]" + }, "subnet": { "id": "[variables('ref_subnet')]" } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentTemplate.json new file mode 100644 index 000000000..22eca42b8 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentTemplate.json @@ -0,0 +1,107 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "_globalResourceNameSuffix": { + "type": "string", + "metadata": { + "description": "A unique suffix that was specified during the deployment of the solution template." + } + }, + "tagsByResource": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "${label.tagsLabel}" + } + }, + "const_guidTag" :{ + "type": "string", + "metadata": { + "description": "A unique tag for resources." + } + }, + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationAdminTemplate": { + "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", + "type": "string", + "metadata": { + "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + } + }, + "userAssignedIdentityResourceId":{ + "type": "string", + "metadata": { + "Description": "UserAssigned Identity" + } + }, + "utcValue": { + "type": "string", + "defaultValue": "[utcNow()]" + } + }, + "variables": { + "name_postDeploymentscriptFile": "postDeploymentScript.sh" + }, + "resources": [ + { + "type": "Microsoft.Resources/deploymentScripts", + "apiVersion": "${azure.apiVersionForDeploymentScript}", + "tags": "[parameters('tagsByResource')['${identifier.deploymentScripts}']]", + "name": "[concat('postdeployscript-', parameters('_globalResourceNameSuffix'))]", + "kind": "AzureCLI", + "location": "[parameters('location')]", + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "[parameters('userAssignedIdentityResourceId')]": {} + } + }, + "properties": { + "forceUpdateTag": "[parameters('utcValue')]", + "azCliVersion": "2.9.1", + "timeout": "PT30M", + "cleanupPreference": "OnSuccess", + "retentionInterval": "P1D", + "primaryScriptUri": "[uri(parameters('_artifactsLocationAdminTemplate'), concat('../scripts/', variables('name_postDeploymentscriptFile'), parameters('_artifactsLocationSasToken')))]", + "environmentVariables": [ + { + "name": "MANAGED_IDENTITY_ID", + "value": "[parameters('userAssignedIdentityResourceId')]" + }, + { + "name": "RESOURCE_GROUP_NAME", + "value": "[resourceGroup().name]" + }, + { + "name": "GUID_TAG", + "value": "[parameters('const_guidTag')]" + } + ] + } + } + ], + "outputs": { + "userAssignedIdentityResource": { + "type": "string", + "value": "[parameters('userAssignedIdentityResourceId')]" + } + } +} diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json new file mode 100644 index 000000000..982939264 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json @@ -0,0 +1,114 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "_globalResourceNameSuffix": { + "type": "string", + "metadata": { + "description": "A unique suffix that was specified during the deployment of the solution template." + } + }, + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "tagsByResource": { + "type": "object", + "defaultValue": {}, + "metadata": { + "description": "${label.tagsLabel}" + } + }, + "roleAssignmentNameSeed": { + "type": "string", + "defaultValue": "[guid(subscription().id, parameters('_globalResourceNameSuffix'))]", + "metadata": { + "description": "A unique string used to generate the role assignment name. Defaults to a unique GUID based on the deployment context." + } + } + }, + "variables": { + "const_roleDefinitionIdOfContributor": "b24988ac-6180-42a0-ab88-20f7382dd24c", + "name_postDeploymentScriptUserDefinedManagedIdentity": "[concat('post-deployment-user-defined-managed-identity', parameters('_globalResourceNameSuffix'))]", + "name_postDeploymentScriptRoleAssignment": "[concat('post-deployment-user-defined-role-assignment', parameters('_globalResourceNameSuffix'))]", + "name_postDeploymentScriptRoleAssignmentTemplate": "postDeploymentRoleAssignmentTemplate.json" + }, + "resources": [ + { + "type": "Microsoft.ManagedIdentity/userAssignedIdentities", + "apiVersion": "${azure.apiVersionForIdentity}", + "tags": "[parameters('tagsByResource')['${identifier.userAssignedIdentities}']]", + "name": "[variables('name_postDeploymentScriptUserDefinedManagedIdentity')]", + "location": "[parameters('location')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersionForDeployment}", + "name": "[variables('name_postDeploymentScriptRoleAssignment')]", + "dependsOn": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('name_postDeploymentScriptUserDefinedManagedIdentity'))]" + ], + "properties": { + "mode": "Incremental", + "expressionEvaluationOptions": { + "scope": "inner" + }, + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "innerPrincipalId": { + "type": "string" + }, + "innerRoleDefinitionId": { + "type": "string" + }, + "innerRoleAssignmentNameSeed": { + "type": "string" + } + }, + "variables": { + "roleAssignmentGuid": "[guid(parameters('innerRoleAssignmentNameSeed'))]" + }, + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "${azure.apiVersionForRoleAssignment}", + "name": "[variables('roleAssignmentGuid')]", + "properties": { + "roleDefinitionId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/', parameters('innerRoleDefinitionId'))]", + "principalId": "[parameters('innerPrincipalId')]", + "principalType": "ServicePrincipal" + } + } + ] + }, + "parameters": { + "innerPrincipalId": { + "value": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities',variables('name_postDeploymentScriptUserDefinedManagedIdentity'))).principalId]" + }, + "innerRoleDefinitionId": { + "value": "[variables('const_roleDefinitionIdOfContributor')]" + }, + "innerRoleAssignmentNameSeed": { + "value": "[parameters('roleAssignmentNameSeed')]" + } + } + } + } + ], + "outputs": { + "uamidForPostDeployment": { + "type": "string", + "value": "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('name_postDeploymentScriptUserDefinedManagedIdentity'))]" + } + } +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/postDeploymentScript.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/postDeploymentScript.sh new file mode 100644 index 000000000..cc3790ae2 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/postDeploymentScript.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +#Function to output message to StdErr +function echo_stderr () +{ + echo "$@" >&2 +} + +#Function to display usage message +function usage() +{ + echo_stderr "./postDeploymentScript.sh " +} + + + +echo "Executing post Deployment script" + +# Get all public ips assigned to the network interface in a given resource group, and follow the below steps +# 1) Get the resource (public IP) tagged with supplied resource tag +# 2) Remove the public IP from netwrok interface +# 3) Finally delete all public IPs + +PUBLIC_IPS="$(az network public-ip list --resource-group ${RESOURCE_GROUP_NAME} --query "[?tags && contains(keys(tags), '${GUID_TAG}')].id" -o tsv)" +if [ -n "${PUBLIC_IPS}" ]; then + echo "Found public IPs to remove: ${PUBLIC_IPS}" + for PUBLIC_IP in ${PUBLIC_IPS}; do + IP_CONFIG_ID=$(az network public-ip show --ids "${PUBLIC_IP}" --query "ipConfiguration.id" -o tsv) + if [ -n "${IP_CONFIG_ID}" ]; then + echo "Found IP configuration: ${IP_CONFIG_ID}" + # Using IP configuration id extract Network interface name and IP config name + NIC_NAME=$(echo "${IP_CONFIG_ID}" | sed 's|.*/networkInterfaces/\([^/]*\)/.*|\1|') + IP_CONFIG_NAME=$(echo "${IP_CONFIG_ID}" | sed 's|.*/ipConfigurations/\([^/]*\).*|\1|') + echo "Removing public IP from NIC: ${NIC_NAME}, IP config: ${IP_CONFIG_NAME}" + az network nic ip-config update -g "${RESOURCE_GROUP_NAME}" --nic-name "${NIC_NAME}" -n "${IP_CONFIG_NAME}" --remove publicIPAddress + fi + done + echo "Deleting public IPs: ${PUBLIC_IPS}" + az network public-ip delete --ids ${PUBLIC_IPS} +else + echo "No public IPs found with tag ${GUID_TAG}" +fi +echo "Deleting $MANAGED_IDENTITY_ID " +az identity delete --ids $MANAGED_IDENTITY_ID \ No newline at end of file From ed97c557547c4707c4d2583b45e04833a56797a5 Mon Sep 17 00:00:00 2001 From: smantoor Date: Sat, 20 Sep 2025 15:32:37 +0530 Subject: [PATCH 2/3] Updated the changes as per review comments --- .../src/main/arm/mainTemplate.json | 3 --- .../main/arm/nestedtemplates/adminTemplate.json | 17 +---------------- .../adminTemplateForCustomSSL.json | 17 +---------------- .../postDeploymentUAMIRolesTemplate.json | 11 +++-------- 4 files changed, 5 insertions(+), 43 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json index 6de11704b..0775fbd38 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json @@ -847,9 +847,6 @@ "_globalResourceNameSuffix": { "value": "[variables('const_globalResourceNameSuffix')]" }, - "_artifactsLocation": { - "value": "[parameters('_artifactsLocation')]" - }, "tagsByResource": { "value": "[variables('obj_tagsByResources')]" } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json index c13fc507d..f415721a6 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json @@ -412,22 +412,7 @@ { "apiVersion": "${azure.apiVersionForPublicIPAddresses}", "type": "Microsoft.Network/publicIPAddresses", - "tags": "[parameters('tagsByResource')['${identifier.publicIPAddresses}']]", - "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'new')]", - "name": "[variables('name_publicIPAddress')]", - "location": "[parameters('location')]", - "properties": { - "publicIPAllocationMethod": "[variables('const_publicIPAddressType')]", - "dnsSettings": { - "domainNameLabel": "[concat(toLower(parameters('dnsLabelPrefix')),'-',take(replace(parameters('guidValue'), '-', ''), 10),'-',toLower(parameters('wlsDomainName')))]" - } - } - }, - { - "apiVersion": "${azure.apiVersionForPublicIPAddresses}", - "type": "Microsoft.Network/publicIPAddresses", - "tags": "[if(empty(parameters('tagsByResource')['${identifier.publicIPAddresses}']),createObject(parameters('const_guidTag'),''),union(parameters('tagsByResource')['${identifier.publicIPAddresses}'],createObject(parameters('const_guidTag'),'')))]", - "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", + "tags": "[if(equals(parameters('virtualNetworkNewOrExisting'), 'new'),parameters('tagsByResource')['${identifier.publicIPAddresses}'],if(empty(parameters('tagsByResource')['${identifier.publicIPAddresses}']),createObject(parameters('const_guidTag'),''),union(parameters('tagsByResource')['${identifier.publicIPAddresses}'],createObject(parameters('const_guidTag'),''))))]", "name": "[variables('name_publicIPAddress')]", "location": "[parameters('location')]", "properties": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json index 94cfc84c4..695281585 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json @@ -484,22 +484,7 @@ { "apiVersion": "${azure.apiVersionForPublicIPAddresses}", "type": "Microsoft.Network/publicIPAddresses", - "tags": "[parameters('tagsByResource')['${identifier.publicIPAddresses}']]", - "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'new')]", - "name": "[variables('name_publicIPAddress')]", - "location": "[parameters('location')]", - "properties": { - "publicIPAllocationMethod": "[variables('const_publicIPAddressType')]", - "dnsSettings": { - "domainNameLabel": "[concat(toLower(parameters('dnsLabelPrefix')),'-',take(replace(parameters('guidValue'), '-', ''), 10),'-',toLower(parameters('wlsDomainName')))]" - } - } - }, - { - "apiVersion": "${azure.apiVersionForPublicIPAddresses}", - "type": "Microsoft.Network/publicIPAddresses", - "tags": "[if(empty(parameters('tagsByResource')['${identifier.publicIPAddresses}']),createObject(parameters('const_guidTag'),''),union(parameters('tagsByResource')['${identifier.publicIPAddresses}'],createObject(parameters('const_guidTag'),'')))]", - "condition": "[equals(parameters('virtualNetworkNewOrExisting'), 'existing')]", + "tags": "[if(equals(parameters('virtualNetworkNewOrExisting'), 'new'),parameters('tagsByResource')['${identifier.publicIPAddresses}'],if(empty(parameters('tagsByResource')['${identifier.publicIPAddresses}']),createObject(parameters('const_guidTag'),''),union(parameters('tagsByResource')['${identifier.publicIPAddresses}'],createObject(parameters('const_guidTag'),''))))]", "name": "[variables('name_publicIPAddress')]", "location": "[parameters('location')]", "properties": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json index 982939264..c3b66f099 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/postDeploymentUAMIRolesTemplate.json @@ -14,12 +14,6 @@ "description": "A unique suffix that was specified during the deployment of the solution template." } }, - "_artifactsLocation": { - "type": "string", - "metadata": { - "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." - } - }, "tagsByResource": { "type": "object", "defaultValue": {}, @@ -38,8 +32,7 @@ "variables": { "const_roleDefinitionIdOfContributor": "b24988ac-6180-42a0-ab88-20f7382dd24c", "name_postDeploymentScriptUserDefinedManagedIdentity": "[concat('post-deployment-user-defined-managed-identity', parameters('_globalResourceNameSuffix'))]", - "name_postDeploymentScriptRoleAssignment": "[concat('post-deployment-user-defined-role-assignment', parameters('_globalResourceNameSuffix'))]", - "name_postDeploymentScriptRoleAssignmentTemplate": "postDeploymentRoleAssignmentTemplate.json" + "name_postDeploymentScriptRoleAssignment": "[concat('post-deployment-user-defined-role-assignment', parameters('_globalResourceNameSuffix'))]" }, "resources": [ { @@ -53,6 +46,8 @@ "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersionForDeployment}", "name": "[variables('name_postDeploymentScriptRoleAssignment')]", + "location": "[parameters('location')]", + "subscriptionId": "[subscription().subscriptionId]", "dependsOn": [ "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', variables('name_postDeploymentScriptUserDefinedManagedIdentity'))]" ], From f7a2a9073062ddc1d4d268e79d9e0db73b3f5ecd Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 19 Sep 2025 17:41:07 -0400 Subject: [PATCH 3/3] On branch edburns/o-717-default-outbound-admin-vm modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh Partner center seems to be incorrectly flagging a security violation on these lines: ```diff diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh index 7c5369c0f..9a1c23722 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then wlsClusterName="cluster1" @@ -27,7 +27,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -56,7 +56,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -119,7 +119,7 @@ function createJDBCSource_model() echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh index 4549073bb..6e42ae9c4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh @@ -20,7 +20,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -49,7 +49,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -107,7 +107,7 @@ function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') @@ -159,7 +159,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh index 7c387d58d..03140c6a9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh @@ -20,7 +20,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -49,7 +49,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -113,7 +113,7 @@ function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') @@ -170,7 +170,7 @@ ELEMENTS=${#args[@]} #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh index 0a606f1f5..c754bf442 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh @@ -20,7 +20,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -49,7 +49,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -108,7 +108,7 @@ function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') @@ -160,7 +160,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` ``` Clearly there is no password there. Let's see if it is simply keying off the word "password". Signed-off-by: Ed Burns --- .../src/main/scripts/configureCustomAdminSSL.sh | 8 ++++---- .../src/main/scripts/datasourceConfig-mysql.sh | 8 ++++---- .../src/main/scripts/datasourceConfig-oracle.sh | 8 ++++---- .../main/scripts/datasourceConfig-postgresql.sh | 8 ++++---- .../src/main/scripts/datasourceConfig-sqlserver.sh | 8 ++++---- .../src/main/scripts/installJdbcDrivers.sh | 10 +++++----- .../src/main/scripts/setupAdminDomain.sh | 14 +++++++------- 7 files changed, 32 insertions(+), 32 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh index 0ee7f3fd6..818498872 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh @@ -48,9 +48,9 @@ function validateInput() echo_stderr "wlsDomainName is required. " fi - if [[ -z "$wlsUserName" || -z "$wlsPassword" ]] + if [[ -z "$wlsUserName" || -z "$wlsShibboleth" ]] then - echo_stderr "wlsUserName or wlsPassword is required. " + echo_stderr "wlsUserName or wlsShibboleth is required. " exit 1 fi @@ -107,7 +107,7 @@ function configureSSL() isCustomSSLEnabled='${isCustomSSLEnabled}' -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$wlsServerName") startEdit() cd('/Servers/$wlsServerName') @@ -291,7 +291,7 @@ args=("$@") ELEMENTS=${#args[@]} #read arguments from stdin -read adminVMName wlsDomainName wlsUserName wlsPassword oracleHome wlsDomainPath enableAAD wlsADSSLCer isCustomSSLEnabled customIdentityKeyStoreBase64String customIdentityKeyStorePassPhrase customIdentityKeyStoreType customTrustKeyStoreBase64String customTrustKeyStorePassPhrase customTrustKeyStoreType privateKeyAlias privateKeyPassPhrase +read adminVMName wlsDomainName wlsUserName wlsShibboleth oracleHome wlsDomainPath enableAAD wlsADSSLCer isCustomSSLEnabled customIdentityKeyStoreBase64String customIdentityKeyStorePassPhrase customIdentityKeyStoreType customTrustKeyStoreBase64String customTrustKeyStorePassPhrase customTrustKeyStoreType privateKeyAlias privateKeyPassPhrase enableAAD="${enableAAD,,}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh index 7c5369c0f..9a1c23722 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then wlsClusterName="cluster1" @@ -27,7 +27,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -56,7 +56,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -119,7 +119,7 @@ function createJDBCSource_model() echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh index 4549073bb..6e42ae9c4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh @@ -20,7 +20,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -49,7 +49,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -107,7 +107,7 @@ function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') @@ -159,7 +159,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh index 7c387d58d..03140c6a9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh @@ -20,7 +20,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -49,7 +49,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -113,7 +113,7 @@ function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') @@ -170,7 +170,7 @@ ELEMENTS=${#args[@]} #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh index 0a606f1f5..c754bf442 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh @@ -20,7 +20,7 @@ function usage() function validateInput() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) jdbcDataSourceName=$(echo "${jdbcDataSourceName}" | base64 -d) dsConnectionURL=$(echo "${dsConnectionURL}" | base64 -d) dsPassword=$(echo "${dsPassword}" | base64 -d) @@ -49,7 +49,7 @@ function validateInput() exit 1 fi - if [ -z "$wlsPassword" ]; + if [ -z "$wlsShibboleth" ]; then echo _stderr "Please provide Weblogic password" exit 1 @@ -108,7 +108,7 @@ function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" cat <${scriptPath}/create_datasource.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') edit("$hostName") startEdit() cd('/') @@ -160,7 +160,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh index 625de72b5..0a2166503 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh @@ -18,7 +18,7 @@ function usage() { function validate_input() { # parse base64 string - wlsPassword=$(echo "${wlsPassword}" | base64 -d) + wlsShibboleth=$(echo "${wlsShibboleth}" | base64 -d) if [ -z "$oracleHome" ]; then echo _stderr "Please provide oracleHome" @@ -50,8 +50,8 @@ function validate_input() { exit 1 fi - if [ -z "$wlsPassword" ]; then - echo _stderr "Please provide wlsPassword" + if [ -z "$wlsShibboleth" ]; then + echo _stderr "Please provide wlsShibboleth" exit 1 fi @@ -190,7 +190,7 @@ function restart_admin_service() { function restart_managed_servers() { echo "Restart managed servers" cat <${SCRIPT_PWD}/restart-managedServer.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') servers=cmo.getServers() domainRuntime() print "Restart the servers which are in RUNNING status" @@ -220,7 +220,7 @@ EOF } #read arguments from stdin -read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName wlsPassword databaseType enablePswlessConnection +read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName wlsShibboleth databaseType enablePswlessConnection export curlMaxTime=120 # seconds export gitUrl4AzureIdentityExtensionPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh index 70d2a7c37..6903c1a5c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh @@ -134,7 +134,7 @@ function create_admin_model() cat <$DOMAIN_PATH/admin-domain.yaml domainInfo: AdminUserName: "$wlsUserName" - AdminPassword: "$wlsPassword" + AdminPassword: "$wlsShibboleth" ServerStartMode: prod topology: Name: "$wlsDomainName" @@ -176,7 +176,7 @@ EOF cat <>$DOMAIN_PATH/admin-domain.yaml domainInfo: AdminUserName: "$wlsUserName" - AdminPassword: "$wlsPassword" + AdminPassword: "$wlsShibboleth" ServerStartMode: prod topology: Name: "$wlsDomainName" @@ -254,7 +254,7 @@ echo "Creating admin server boot properties" #Create the boot.properties directory mkdir -p "$DOMAIN_PATH/$wlsDomainName/servers/admin/security" echo "username=$wlsUserName" > "$DOMAIN_PATH/$wlsDomainName/servers/admin/security/boot.properties" - echo "password=$wlsPassword" >> "$DOMAIN_PATH/$wlsDomainName/servers/admin/security/boot.properties" + echo "password=$wlsShibboleth" >> "$DOMAIN_PATH/$wlsDomainName/servers/admin/security/boot.properties" sudo chown -R $username:$groupname $DOMAIN_PATH/$wlsDomainName/servers echo "Completed admin server boot properties" } @@ -323,9 +323,9 @@ function validateInput() exit 1 fi - if [[ -z "$wlsUserName" || -z "$wlsPassword" ]] + if [[ -z "$wlsUserName" || -z "$wlsShibboleth" ]] then - echo_stderr "wlsUserName or wlsPassword is required. " + echo_stderr "wlsUserName or wlsShibboleth is required. " exit 1 fi @@ -592,7 +592,7 @@ function configureCustomHostNameVerifier() { echo "configureCustomHostNameVerifier for domain $wlsDomainName for server $wlsServerName" cat <$DOMAIN_PATH/configureCustomHostNameVerifier.py -connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +connect('$wlsUserName','$wlsShibboleth','t3://$wlsAdminURL') try: edit("$wlsServerName") startEdit() @@ -635,7 +635,7 @@ MIN_CERT_VALIDITY="1" #read arguments from stdin -read wlsDomainName wlsUserName wlsPassword wlsAdminHost oracleHome storageAccountName storageAccountKey mountpointPath isHTTPAdminListenPortEnabled adminPublicHostName dnsLabelPrefix location virtualNetworkNewOrExisting storageAccountPrivateIp fileShareName isCustomSSLEnabled customIdentityKeyStoreData customIdentityKeyStorePassPhrase customIdentityKeyStoreType customTrustKeyStoreData customTrustKeyStorePassPhrase customTrustKeyStoreType serverPrivateKeyAlias serverPrivateKeyPassPhrase +read wlsDomainName wlsUserName wlsShibboleth wlsAdminHost oracleHome storageAccountName storageAccountKey mountpointPath isHTTPAdminListenPortEnabled adminPublicHostName dnsLabelPrefix location virtualNetworkNewOrExisting storageAccountPrivateIp fileShareName isCustomSSLEnabled customIdentityKeyStoreData customIdentityKeyStorePassPhrase customIdentityKeyStoreType customTrustKeyStoreData customTrustKeyStorePassPhrase customTrustKeyStoreType serverPrivateKeyAlias serverPrivateKeyPassPhrase wlsServerName="admin" DOMAIN_PATH="/u01/domains"