From edc1af468fe5fbfda0a97781aad245c2e70d2b5b Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Fri, 7 Oct 2022 13:45:03 -0500 Subject: [PATCH 01/15] fix password and user in jdbc standalone xml --- .../weblogic/deploy/util/FileUtils.java | 5 +- .../deploy/util/WLSDeployArchive.java | 9 +++ .../wlsdeploy/aliases/model_constants.py | 1 + .../tool/discover/deployments_discoverer.py | 65 ++++++++++++++++++- .../tool/util/credential_injector.py | 20 +++++- 5 files changed, 96 insertions(+), 4 deletions(-) diff --git a/core/src/main/java/oracle/weblogic/deploy/util/FileUtils.java b/core/src/main/java/oracle/weblogic/deploy/util/FileUtils.java index 790558067d..c12f57f5b6 100644 --- a/core/src/main/java/oracle/weblogic/deploy/util/FileUtils.java +++ b/core/src/main/java/oracle/weblogic/deploy/util/FileUtils.java @@ -618,7 +618,7 @@ public static byte[] readInputStreamToByteArray(InputStream input) throws IOExce } public static File writeInputStreamToFile(InputStream input, String fileName) throws IOException { - File tmpdir = new File(System.getProperty("java.io.tmpdir")); + File tmpdir = getTmpDir(); File file = new File(tmpdir, fileName); try (FileOutputStream fos = new FileOutputStream(file)) { byte[] byteArray = FileUtils.readInputStreamToByteArray(input); @@ -627,6 +627,9 @@ public static File writeInputStreamToFile(InputStream input, String fileName) th return file; } + public static File getTmpDir() { + return new File(System.getProperty("java.io.tmpdir")); + } public static void extractZipFileContent(WLSDeployArchive archiveFile, String zipEntry, String extractPath) { final String METHOD = "extractZipFileContent"; diff --git a/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java b/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java index aca36b397f..7fd59cd868 100644 --- a/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java +++ b/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java @@ -615,6 +615,15 @@ public String addApplication(String appPath) throws WLSDeployArchiveIOException return newName; } + public String readdApplication(String appPath, String tempFile) throws WLSDeployArchiveIOException { + final String METHOD = "readdApplication"; + LOGGER.entering(CLASS, METHOD, appPath); + getZipFile().removeZipEntry(appPath); + String newName = addApplication(tempFile); + LOGGER.exiting(CLASS, METHOD, newName); + return newName; + } + public String addApplicationFolder(String appName, String appPath) throws WLSDeployArchiveIOException { final String METHOD = "addApplicationFolder"; diff --git a/core/src/main/python/wlsdeploy/aliases/model_constants.py b/core/src/main/python/wlsdeploy/aliases/model_constants.py index 57ebb37b20..00a3cde90c 100644 --- a/core/src/main/python/wlsdeploy/aliases/model_constants.py +++ b/core/src/main/python/wlsdeploy/aliases/model_constants.py @@ -192,6 +192,7 @@ MESSAGE_LOGGING_PARAMS = 'MessageLoggingParams' MESSAGING_BRIDGE = 'MessagingBridge' METHOD = 'Method' +MODULE_TYPE = 'ModuleType' MULTICAST = 'Multicast' MULTICAST_ADDRESS = 'MulticastAddress' MULTICAST_PORT = 'MulticastPort' diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index 65b9ec1c10..90b90f7747 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -4,14 +4,20 @@ """ import os +from java.io import BufferedReader +from java.io import BufferedWriter from java.io import File +from java.io import FileReader +from java.io import FileWriter from java.lang import IllegalArgumentException from oracle.weblogic.deploy.util import PyOrderedDict as OrderedDict +from oracle.weblogic.deploy.util import FileUtils from oracle.weblogic.deploy.util import StringUtils from oracle.weblogic.deploy.util import WLSDeployArchiveIOException from oracle.weblogic.deploy.util import WLSDeployArchive +from wlsdeploy.aliases.alias_constants import PASSWORD_TOKEN from wlsdeploy.aliases import model_constants from wlsdeploy.aliases.location_context import LocationContext from wlsdeploy.aliases.wlst_modes import WlstModes @@ -19,6 +25,7 @@ from wlsdeploy.logging.platform_logger import PlatformLogger from wlsdeploy.tool.discover import discoverer from wlsdeploy.tool.discover.discoverer import Discoverer +from wlsdeploy.util import dictionary_utils from wlsdeploy.util import path_utils _class_name = 'DeploymentsDiscoverer' @@ -224,14 +231,14 @@ def get_applications(self): location.add_name_token(name_token, application) result[application] = OrderedDict() self._populate_model_parameters(result[application], location) - self._add_application_to_archive(application, result[application]) + self._add_application_to_archive(application, result[application], location) self._discover_subfolders(result[application], location) location.remove_name_token(name_token) _logger.exiting(class_name=_class_name, method_name=_method_name, result=result) return model_top_folder_name, result - def _add_application_to_archive(self, application_name, application_dict): + def _add_application_to_archive(self, application_name, application_dict, location): """ Add the binary or directory referenced by the application to the archive file. If the binary can not be located and added to the archive file, un-target the application and log the problem. @@ -241,6 +248,7 @@ def _add_application_to_archive(self, application_name, application_dict): """ _method_name = 'add_application_to_archive' _logger.entering(application_name, class_name=_class_name, method_name=_method_name) + archive_file = self._model_context.get_archive_file() if model_constants.SOURCE_PATH in application_dict: if model_constants.PLAN_DIR in application_dict and \ @@ -265,6 +273,11 @@ def _add_application_to_archive(self, application_name, application_dict): method_name=_method_name) try: new_source_name = archive_file.addApplication(file_name_path) + module_type = dictionary_utils.get_dictionary_element(application_dict, + model_constants.MODULE_TYPE) + if module_type == 'jdbc': + self._jdbc_password_fix(new_source_name) + except IllegalArgumentException, iae: self._disconnect_target(application_name, application_dict, iae.getLocalizedMessage()) except WLSDeployArchiveIOException, wioe: @@ -325,6 +338,54 @@ def _create_app_folder(self, application_name, application_dict): _logger.exiting(class_name=_class_name, method_name=_method_name) + def _jdbc_password_fix(self, source_name): + """ + This will look for password and userid in the jdbc standalone xml and + replace with either fix password token or a token in the xml and variable file. + It extracts the jdbc xml from the archive and then replaces it with the updated file. + :param source_name: Name of the path and file for the standalone xml file + """ + _method_name = '_jdbc_password_fix' + _logger.entering(source_name, class_name=_class_name, method_name=_method_name) + archive_file = self._model_context.get_archive_file() + tmpDir = FileUtils.getTmpDir(); + temp_file = FileUtils.createTempDirectory(tmpDir, 'jdbc-xml') + jdbc_file = archive_file.extractFile(source_name, temp_file) + jdbc_out = FileUtils.createTempDirectory(tmpDir, 'jdbc-out') + jdbc_out = archive_file.extractFile(source_name, jdbc_out) + bis = BufferedReader(FileReader(jdbc_file)) + bos = BufferedWriter(FileWriter(jdbc_out)) + + found = False + while bis.ready(): + line = bis.readLine() + if 'password-encrypted' in line: + bos.write(self._get_pass_replacement(jdbc_file, '.pass.encrypt', 'password-encrypted')) + elif 'user' in line: + found = True + bos.write(line) + elif found and 'value' in line: + bos.write(self._get_pass_replacement(jdbc_file, '.user', 'value')) + + else: + bos.write(line) + bos.newLine() + bis.close() + bos.close() + archive_file.readdApplication(source_name, jdbc_out) + _logger.exiting(class_name=_class_name, method_name=_method_name) + + def _get_pass_replacement(self, jdbc_file, name, type): + if self._credential_injector is not None: + head, tail = os.path.split(jdbc_file) + token = tail[:len(jdbc_file) - len('jdbc.xml')] + token = token + name + result = self._credential_injector.injection_out_of_model(token) + else: + result = PASSWORD_TOKEN + result = '<' + type + '>' + result + '' + return result + def _test_app_folder(self, source_path, plan_dir): app_folder = False app_dir = File(source_path).getParent() diff --git a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py index ba3de49765..7958b15ac7 100644 --- a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py @@ -81,6 +81,8 @@ def __init__(self, program_name, model, model_context, version=None, variable_di VariableInjector.__init__(self, program_name, model, model_context, version=version, variable_dictionary=variable_dictionary) self._model_context = model_context + self._no_filter_keys_cache = [] + self._no_filter_keys_cache.append(self.NO_FILTER_KEYS) def check_and_tokenize(self, model_dict, attribute, location): """ @@ -138,6 +140,22 @@ def check_and_tokenize(self, model_dict, attribute, location): assigns.append('%s=%s' % (key, properties[key])) model_dict[attribute] = split_value.join(assigns) + def injection_out_of_model(self, token): + """ + This is for tokenizing variables that are not in the model but need to be in the variable file + :param token: name for cache to create a token for + :param attribute: attribute name + :return: tokenized name + """ + _method_name = 'injection_out_of_model' + _logger.entering(token, class_name=_class_name, method_name=_method_name) + result = self.get_variable_token(None, token) + self.add_to_cache(token_name=token, token_value='') + + self._no_filter_keys_cache.append(token) + _logger.exiting(class_name=_class_name, method_name=_method_name, result=result) + return result + def get_variable_name(self, attribute_location, attribute, suffix=None): """ Override method to possibly create secret token names instead of property names. @@ -222,7 +240,7 @@ def filter_unused_credentials(self, model_dictionary): cache_keys = self.get_variable_cache().keys() for key in cache_keys: - if key in self.NO_FILTER_KEYS: + if key in self._no_filter_keys_cache: continue if credentials_method == SECRETS_METHOD: From 245460e240ffa4d2bf00199443c169a08a1e40db Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Mon, 10 Oct 2022 10:06:56 -0500 Subject: [PATCH 02/15] reset found flag --- .../python/wlsdeploy/tool/discover/deployments_discoverer.py | 1 + 1 file changed, 1 insertion(+) diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index 90b90f7747..b76308c6c5 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -366,6 +366,7 @@ def _jdbc_password_fix(self, source_name): bos.write(line) elif found and 'value' in line: bos.write(self._get_pass_replacement(jdbc_file, '.user', 'value')) + found = False else: bos.write(line) From f5e67b227b73af1f06b5989470cb2a41079ba638 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Thu, 13 Oct 2022 14:01:36 -0500 Subject: [PATCH 03/15] add ons password token --- .../python/wlsdeploy/tool/discover/deployments_discoverer.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index b76308c6c5..f1859b9fe9 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -359,8 +359,10 @@ def _jdbc_password_fix(self, source_name): found = False while bis.ready(): line = bis.readLine() - if 'password-encrypted' in line: + if '' in line: bos.write(self._get_pass_replacement(jdbc_file, '.pass.encrypt', 'password-encrypted')) + elif '' in line: + bos.write(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt', 'ons-wallet-password-encrypted')) elif 'user' in line: found = True bos.write(line) From 97dfe13263cabf9faaeed4695c2d9c3f09ae1c78 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Mon, 17 Oct 2022 10:32:40 -0500 Subject: [PATCH 04/15] capture user in properties --- .../deploy/util/WLSDeployArchive.java | 4 +- .../tool/discover/deployments_discoverer.py | 45 ++++++++++++------- 2 files changed, 30 insertions(+), 19 deletions(-) diff --git a/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java b/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java index 7fd59cd868..88317a0595 100644 --- a/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java +++ b/core/src/main/java/oracle/weblogic/deploy/util/WLSDeployArchive.java @@ -615,8 +615,8 @@ public String addApplication(String appPath) throws WLSDeployArchiveIOException return newName; } - public String readdApplication(String appPath, String tempFile) throws WLSDeployArchiveIOException { - final String METHOD = "readdApplication"; + public String replaceApplication(String appPath, String tempFile) throws WLSDeployArchiveIOException { + final String METHOD = "replaceApplication"; LOGGER.entering(CLASS, METHOD, appPath); getZipFile().removeZipEntry(appPath); String newName = addApplication(tempFile); diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index f1859b9fe9..c77f170317 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -10,6 +10,9 @@ from java.io import FileReader from java.io import FileWriter from java.lang import IllegalArgumentException +from java.lang import StringBuilder +from java.util.regex import Matcher +from java.util.regex import Pattern from oracle.weblogic.deploy.util import PyOrderedDict as OrderedDict from oracle.weblogic.deploy.util import FileUtils @@ -355,27 +358,35 @@ def _jdbc_password_fix(self, source_name): jdbc_out = archive_file.extractFile(source_name, jdbc_out) bis = BufferedReader(FileReader(jdbc_file)) bos = BufferedWriter(FileWriter(jdbc_out)) - + cache = StringBuilder() found = False while bis.ready(): - line = bis.readLine() - if '' in line: - bos.write(self._get_pass_replacement(jdbc_file, '.pass.encrypt', 'password-encrypted')) - elif '' in line: - bos.write(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt', 'ons-wallet-password-encrypted')) - elif 'user' in line: - found = True - bos.write(line) - elif found and 'value' in line: - bos.write(self._get_pass_replacement(jdbc_file, '.user', 'value')) - found = False - - else: - bos.write(line) - bos.newLine() + cache.append(bis.readLine()) bis.close() + pattern = Pattern.compile("(\s?)user(\s?)") + matcher = pattern.matcher(cache.toString()) + end = -1 + if matcher.find(): + end = matcher.end() + result = cache.toString() + if end >= 0: + pattern = Pattern.compile("(.+?)") + matcher = pattern.matcher(result[end:]) + matcher.find() + pattern = Pattern.compile(matcher.group()) + matcher = pattern.matcher(cache.toString()) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.user', 'value')) + + pattern = Pattern.compile('(.+?)') + matcher = pattern.matcher(result) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.pass.encrypt', 'password-encrypted')) + + pattern = Pattern.compile('(.+?)') + matcher = pattern.matcher(result) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt', 'ons-wallet-password-encrypted')) + bos.write(result) bos.close() - archive_file.readdApplication(source_name, jdbc_out) + archive_file.replaceApplication(source_name, jdbc_out) _logger.exiting(class_name=_class_name, method_name=_method_name) def _get_pass_replacement(self, jdbc_file, name, type): From 0fd46634bab9dd9c9c617756a557a102f2fa2203 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Tue, 18 Oct 2022 16:57:34 -0500 Subject: [PATCH 05/15] changes for url and sh script --- core/src/main/python/discover.py | 4 +++- .../tool/discover/deployments_discoverer.py | 18 ++++++++++-------- .../wlsdeploy/tool/util/credential_injector.py | 10 ++++++++-- .../wlsdeploy/tool/util/variable_injector.py | 5 +++-- .../util/target_configuration_helper.py | 9 +++++++++ 5 files changed, 33 insertions(+), 13 deletions(-) diff --git a/core/src/main/python/discover.py b/core/src/main/python/discover.py index a8f59cdc6f..aed3f313b0 100644 --- a/core/src/main/python/discover.py +++ b/core/src/main/python/discover.py @@ -492,8 +492,10 @@ def __check_and_customize_model(model, model_context, aliases, credential_inject # Apply the injectors specified in model_variable_injector.json, or in the target configuration. # Include the variable mappings that were collected in credential_cache. + extra_cache = dict() variable_injector = VariableInjector(_program_name, model.get_model(), model_context, - WebLogicHelper(__logger).get_actual_weblogic_version(), credential_cache) + WebLogicHelper(__logger).get_actual_weblogic_version(), credential_cache, + extra_cache) inserted, variable_model, variable_file_name = variable_injector.inject_variables_keyword_file() diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index c77f170317..991e493914 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -11,7 +11,6 @@ from java.io import FileWriter from java.lang import IllegalArgumentException from java.lang import StringBuilder -from java.util.regex import Matcher from java.util.regex import Pattern from oracle.weblogic.deploy.util import PyOrderedDict as OrderedDict @@ -359,9 +358,8 @@ def _jdbc_password_fix(self, source_name): bis = BufferedReader(FileReader(jdbc_file)) bos = BufferedWriter(FileWriter(jdbc_out)) cache = StringBuilder() - found = False while bis.ready(): - cache.append(bis.readLine()) + cache.append(bis.readLine()).append("\n") bis.close() pattern = Pattern.compile("(\s?)user(\s?)") matcher = pattern.matcher(cache.toString()) @@ -375,26 +373,30 @@ def _jdbc_password_fix(self, source_name): matcher.find() pattern = Pattern.compile(matcher.group()) matcher = pattern.matcher(cache.toString()) - result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.user', 'value')) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.user:username', 'value')) pattern = Pattern.compile('(.+?)') matcher = pattern.matcher(result) - result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.pass.encrypt', 'password-encrypted')) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.user:password', 'password-encrypted')) + + pattern = Pattern.compile('(.+?)(.+?)') matcher = pattern.matcher(result) - result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt', 'ons-wallet-password-encrypted')) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt:password', 'ons-wallet-password-encrypted')) bos.write(result) bos.close() archive_file.replaceApplication(source_name, jdbc_out) _logger.exiting(class_name=_class_name, method_name=_method_name) - def _get_pass_replacement(self, jdbc_file, name, type): + def _get_pass_replacement(self, jdbc_file, name, type, property=False): if self._credential_injector is not None: head, tail = os.path.split(jdbc_file) token = tail[:len(jdbc_file) - len('jdbc.xml')] token = token + name - result = self._credential_injector.injection_out_of_model(token) + result = self._credential_injector.injection_out_of_model(token, property) else: result = PASSWORD_TOKEN result = '<' + type + '>' + result + '' diff --git a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py index 7958b15ac7..febfb97fd9 100644 --- a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py @@ -140,7 +140,7 @@ def check_and_tokenize(self, model_dict, attribute, location): assigns.append('%s=%s' % (key, properties[key])) model_dict[attribute] = split_value.join(assigns) - def injection_out_of_model(self, token): + def injection_out_of_model(self, token, property=False): """ This is for tokenizing variables that are not in the model but need to be in the variable file :param token: name for cache to create a token for @@ -149,7 +149,10 @@ def injection_out_of_model(self, token): """ _method_name = 'injection_out_of_model' _logger.entering(token, class_name=_class_name, method_name=_method_name) - result = self.get_variable_token(None, token) + if property: + result = self.get_property_token(None, token) + else: + result = self.get_variable_token(None, token) self.add_to_cache(token_name=token, token_value='') self._no_filter_keys_cache.append(token) @@ -209,6 +212,9 @@ def get_variable_token(self, attribute, variable_name): else: return VariableInjector.get_variable_token(self, attribute, variable_name) + def get_property_token(self, attribute, variable_name): + return VariableInjector.get_variable_token(self, attribute, variable_name) + def _check_tokenized(self, attribute_value): """ Override to return true if target uses credentials and the value is formatted like @@SECRET:xyz:abc@@. diff --git a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py index dd67e9a809..c89a8d8b4f 100644 --- a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py @@ -80,7 +80,7 @@ class VariableInjector(object): - def __init__(self, program_name, model, model_context, version=None, variable_dictionary=None): + def __init__(self, program_name, model, model_context, version=None, variable_dictionary=None, extra_cache=None): """ Construct an instance of the injector with the model and information used by the injector. :param program_name: name of the calling tool @@ -92,6 +92,7 @@ def __init__(self, program_name, model, model_context, version=None, variable_di self.__program_name = program_name self.__original = copy.deepcopy(model) self.__model = model + self.__extra_cache = extra_cache self.__model_context = model_context if self.__model_context: self.__wlst_mode = self.__model_context.get_target_wlst_mode() @@ -463,7 +464,7 @@ def _process_attribute(self, model, attribute, location, injector_values): def get_variable_name(self, location, attribute, suffix=None): """ - Return the variable name for use in the cache, and in the variable token. + Return the variable name for use in the cache, and in the variable token. v The default behavior is to return the concatenated location paths, with invalid characters cleared. Sub-classes may extend this for other types of tokens, such as @@SECRET. :param location: the location to be used diff --git a/core/src/main/python/wlsdeploy/util/target_configuration_helper.py b/core/src/main/python/wlsdeploy/util/target_configuration_helper.py index 9d697207ac..7f520a0068 100644 --- a/core/src/main/python/wlsdeploy/util/target_configuration_helper.py +++ b/core/src/main/python/wlsdeploy/util/target_configuration_helper.py @@ -33,6 +33,15 @@ WEBLOGIC_CREDENTIALS_SECRET_NAME = 'weblogic-credentials' WEBLOGIC_CREDENTIALS_SECRET_SUFFIX = '-' + WEBLOGIC_CREDENTIALS_SECRET_NAME +JDBC_CREDENTIALS_SECRET_USER_NAME = 'standalone-jdbc.xml.user' +JDBC_CREDENTIALS_SECRET_USER_SUFFIX = '-' + JDBC_CREDENTIALS_SECRET_USER_NAME + +JDBC_CREDENTIALS_SECRET_PASS_NAME = 'standalone-jdbc.xml.pass.encrypt' +JDBC_CREDENTIALS_SECRET_PASS_SUFFIX = '-' + JDBC_CREDENTIALS_SECRET_PASS_NAME + +JDBC_CREDENTIALS_SECRET_ONS_PASS_NAME = 'standalone-jdbc.xml.ons.pass.encrypt' +JDBC_CREDENTIALS_SECRET_ONS_PASS_SUFFIX = '-' + JDBC_CREDENTIALS_SECRET_ONS_PASS_NAME + RUNTIME_ENCRYPTION_SECRET_NAME = 'runtime-encryption-secret' RUNTIME_ENCRYPTION_SECRET_SUFFIX = '-' + RUNTIME_ENCRYPTION_SECRET_NAME From c019cb0065bd1d71905e2b4b7f5138582c5e1aa2 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Thu, 20 Oct 2022 17:00:39 -0500 Subject: [PATCH 06/15] add userid to sh script --- .../tool/discover/deployments_discoverer.py | 13 ++++++++----- .../wlsdeploy/tool/util/credential_injector.py | 6 ++++-- .../wlsdeploy/util/target_configuration_helper.py | 1 + 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index 991e493914..6ecb4e9286 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -371,17 +371,20 @@ def _jdbc_password_fix(self, source_name): pattern = Pattern.compile("(.+?)") matcher = pattern.matcher(result[end:]) matcher.find() + username = matcher.group() + username = username[len(''):len(username) - len('')] pattern = Pattern.compile(matcher.group()) matcher = pattern.matcher(cache.toString()) - result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.user:username', 'value')) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '-user:username', + 'value', username=username)) pattern = Pattern.compile('(.+?)') matcher = pattern.matcher(result) - result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.user:password', 'password-encrypted')) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '-user:password', 'password-encrypted')) pattern = Pattern.compile('(.+?)(.+?)') matcher = pattern.matcher(result) @@ -391,12 +394,12 @@ def _jdbc_password_fix(self, source_name): archive_file.replaceApplication(source_name, jdbc_out) _logger.exiting(class_name=_class_name, method_name=_method_name) - def _get_pass_replacement(self, jdbc_file, name, type, property=False): + def _get_pass_replacement(self, jdbc_file, name, type, property=False, username=''): if self._credential_injector is not None: head, tail = os.path.split(jdbc_file) token = tail[:len(jdbc_file) - len('jdbc.xml')] token = token + name - result = self._credential_injector.injection_out_of_model(token, property) + result = self._credential_injector.injection_out_of_model(token, property, username) else: result = PASSWORD_TOKEN result = '<' + type + '>' + result + '' diff --git a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py index febfb97fd9..753f56045b 100644 --- a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py @@ -140,7 +140,7 @@ def check_and_tokenize(self, model_dict, attribute, location): assigns.append('%s=%s' % (key, properties[key])) model_dict[attribute] = split_value.join(assigns) - def injection_out_of_model(self, token, property=False): + def injection_out_of_model(self, token, property=False, username=''): """ This is for tokenizing variables that are not in the model but need to be in the variable file :param token: name for cache to create a token for @@ -153,7 +153,9 @@ def injection_out_of_model(self, token, property=False): result = self.get_property_token(None, token) else: result = self.get_variable_token(None, token) - self.add_to_cache(token_name=token, token_value='') + if username is None: + username = '' + self.add_to_cache(token_name=token, token_value=username) self._no_filter_keys_cache.append(token) _logger.exiting(class_name=_class_name, method_name=_method_name, result=result) diff --git a/core/src/main/python/wlsdeploy/util/target_configuration_helper.py b/core/src/main/python/wlsdeploy/util/target_configuration_helper.py index 7f520a0068..bfc7c4f0ad 100644 --- a/core/src/main/python/wlsdeploy/util/target_configuration_helper.py +++ b/core/src/main/python/wlsdeploy/util/target_configuration_helper.py @@ -142,6 +142,7 @@ def _prepare_k8s_secrets(model_context, token_dictionary, model_dictionary): for secret_name in secret_names: secret_keys = secret_map[secret_name] user_name = dictionary_utils.get_element(secret_keys, SECRET_USERNAME_KEY) + if user_name is None: secrets.append(_build_secret_hash(secret_name, None, PASSWORD_TAG)) else: From d033e1d3b1a378206f37fe5021fb9e38972ae48d Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Fri, 21 Oct 2022 14:33:16 -0500 Subject: [PATCH 07/15] dont clear cache of other than credentials --- core/src/main/python/discover.py | 7 +++---- .../wlsdeploy/tool/util/credential_injector.py | 3 ++- .../python/wlsdeploy/tool/util/variable_injector.py | 12 ++++++++++++ .../oracle/weblogic/deploy/k8s/create_k8s_secrets.sh | 2 +- 4 files changed, 18 insertions(+), 6 deletions(-) diff --git a/core/src/main/python/discover.py b/core/src/main/python/discover.py index aed3f313b0..2393c864d3 100644 --- a/core/src/main/python/discover.py +++ b/core/src/main/python/discover.py @@ -488,14 +488,13 @@ def __check_and_customize_model(model, model_context, aliases, credential_inject # if target handles credential configuration, clear property cache to keep out of variables file. if model_context.get_target_configuration().manages_credentials(): - credential_cache.clear() + credential_injector.clear_cache(credential_cache) # Apply the injectors specified in model_variable_injector.json, or in the target configuration. # Include the variable mappings that were collected in credential_cache. - extra_cache = dict() + variable_injector = VariableInjector(_program_name, model.get_model(), model_context, - WebLogicHelper(__logger).get_actual_weblogic_version(), credential_cache, - extra_cache) + WebLogicHelper(__logger).get_actual_weblogic_version(), credential_cache) inserted, variable_model, variable_file_name = variable_injector.inject_variables_keyword_file() diff --git a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py index 753f56045b..c73512adc7 100644 --- a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py @@ -144,7 +144,8 @@ def injection_out_of_model(self, token, property=False, username=''): """ This is for tokenizing variables that are not in the model but need to be in the variable file :param token: name for cache to create a token for - :param attribute: attribute name + :param property: Determine if the property is a property or a secret + :param username: usernames appear as part of property value :return: tokenized name """ _method_name = 'injection_out_of_model' diff --git a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py index c89a8d8b4f..d9010dfbf2 100644 --- a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py @@ -107,6 +107,18 @@ def __init__(self, program_name, model, model_context, version=None, variable_di self.__aliases = Aliases(model_context) self.__variable_dictionary = variable_dictionary + def clear_cache(self, cache): + """ + Clear the cache of password and usernames. + :param cache: to c + """ + entries = list() + for item in cache: + if ':password' in item or ':username' in item: + entries.append(item) + for entry in entries: + cache.pop(entry) + def get_variable_cache(self): """ This caches all variable information, both from running as a tool, and collected during special diff --git a/core/src/main/resources/oracle/weblogic/deploy/k8s/create_k8s_secrets.sh b/core/src/main/resources/oracle/weblogic/deploy/k8s/create_k8s_secrets.sh index c78f950a0d..83ca1f055b 100644 --- a/core/src/main/resources/oracle/weblogic/deploy/k8s/create_k8s_secrets.sh +++ b/core/src/main/resources/oracle/weblogic/deploy/k8s/create_k8s_secrets.sh @@ -34,7 +34,7 @@ function create_paired_k8s_secret { {{#comments}} # {{{comment}}} {{/comments}} -create_paired_k8s_secret {{{secretName}}} {{{user}}} {{{password}}} +create_paired_k8s_secret {{{secretName}}} "{{{user}}}" {{{password}}} {{/pairedSecrets}} {{#secrets}} From d81bea4aa59e1ba8f90bfe36831f8c98574f64e4 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Mon, 24 Oct 2022 10:05:00 -0500 Subject: [PATCH 08/15] change level of warning message --- alias-test/src/test/python/aliastest/generate/generator_wlst.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/alias-test/src/test/python/aliastest/generate/generator_wlst.py b/alias-test/src/test/python/aliastest/generate/generator_wlst.py index ae3748029c..9a2b21181e 100644 --- a/alias-test/src/test/python/aliastest/generate/generator_wlst.py +++ b/alias-test/src/test/python/aliastest/generate/generator_wlst.py @@ -168,7 +168,7 @@ def get_singleton_name(mbean_type): class_name=__class_name, method_name=_method_name) return None if len(name_list) == 0: - __logger.warning('No MBean instance found for {0} at location {1} and was not in listChildTypes', + __logger.fine('No MBean instance found for {0} at location {1} and was not in listChildTypes', mbean_type, current_path(), class_name=__class_name, method_name=_method_name) return None if len(name_list) > 1: From 8ee3a33048d866ea92dc062798c4e00b5273065e Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Mon, 24 Oct 2022 10:29:53 -0500 Subject: [PATCH 09/15] reverse revision --- alias-test/src/test/python/aliastest/generate/generator_wlst.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/alias-test/src/test/python/aliastest/generate/generator_wlst.py b/alias-test/src/test/python/aliastest/generate/generator_wlst.py index 9a2b21181e..ae3748029c 100644 --- a/alias-test/src/test/python/aliastest/generate/generator_wlst.py +++ b/alias-test/src/test/python/aliastest/generate/generator_wlst.py @@ -168,7 +168,7 @@ def get_singleton_name(mbean_type): class_name=__class_name, method_name=_method_name) return None if len(name_list) == 0: - __logger.fine('No MBean instance found for {0} at location {1} and was not in listChildTypes', + __logger.warning('No MBean instance found for {0} at location {1} and was not in listChildTypes', mbean_type, current_path(), class_name=__class_name, method_name=_method_name) return None if len(name_list) > 1: From 3f19f53757534536ff5050413d53e825901f49a5 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Mon, 24 Oct 2022 13:41:17 -0500 Subject: [PATCH 10/15] remove extra character in comments --- core/src/main/python/wlsdeploy/tool/util/variable_injector.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py index d9010dfbf2..3afa947d00 100644 --- a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py @@ -476,7 +476,7 @@ def _process_attribute(self, model, attribute, location, injector_values): def get_variable_name(self, location, attribute, suffix=None): """ - Return the variable name for use in the cache, and in the variable token. v + Return the variable name for use in the cache, and in the variable token. The default behavior is to return the concatenated location paths, with invalid characters cleared. Sub-classes may extend this for other types of tokens, such as @@SECRET. :param location: the location to be used From 116bae615d9232c15a7f30709a7dd48fcda3e616 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Mon, 24 Oct 2022 13:58:24 -0500 Subject: [PATCH 11/15] remove unneeded argument --- .../python/wlsdeploy/tool/discover/deployments_discoverer.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index 6ecb4e9286..aeb5842841 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -233,14 +233,14 @@ def get_applications(self): location.add_name_token(name_token, application) result[application] = OrderedDict() self._populate_model_parameters(result[application], location) - self._add_application_to_archive(application, result[application], location) + self._add_application_to_archive(application, result[application]) self._discover_subfolders(result[application], location) location.remove_name_token(name_token) _logger.exiting(class_name=_class_name, method_name=_method_name, result=result) return model_top_folder_name, result - def _add_application_to_archive(self, application_name, application_dict, location): + def _add_application_to_archive(self, application_name, application_dict): """ Add the binary or directory referenced by the application to the archive file. If the binary can not be located and added to the archive file, un-target the application and log the problem. From 51af3485b7943ed0021347f522c54917ad143339 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Tue, 25 Oct 2022 10:15:56 -0500 Subject: [PATCH 12/15] replace with extra tokens --- core/src/main/python/discover.py | 19 ++++++++++++------- .../tool/discover/deployments_discoverer.py | 18 ++++++++++++------ .../tool/util/credential_injector.py | 8 ++++---- .../wlsdeploy/tool/util/variable_injector.py | 12 ------------ 4 files changed, 28 insertions(+), 29 deletions(-) diff --git a/core/src/main/python/discover.py b/core/src/main/python/discover.py index 2393c864d3..6d5a98703e 100644 --- a/core/src/main/python/discover.py +++ b/core/src/main/python/discover.py @@ -219,13 +219,14 @@ def __process_domain_home(arg_map, wlst_mode): arg_map[CommandLineArgUtil.DOMAIN_HOME_SWITCH] = full_path -def __discover(model_context, aliases, credential_injector, helper): +def __discover(model_context, aliases, credential_injector, helper, extra_tokens): """ Populate the model from the domain. :param model_context: the model context :param aliases: aliases instance for discover :param credential_injector: credential injector instance :param helper: wlst_helper instance + :param extra_tokens: dictionary to store non-credential tokens during credential search :return: the fully-populated model :raises DiscoverException: if an error occurred while discover the domain """ @@ -233,7 +234,6 @@ def __discover(model_context, aliases, credential_injector, helper): model = Model() base_location = LocationContext() __connect_to_domain(model_context, helper) - try: _add_domain_name(base_location, aliases, helper) DomainInfoDiscoverer(model_context, model.get_model_domain_info(), base_location, wlst_mode=__wlst_mode, @@ -243,7 +243,8 @@ def __discover(model_context, aliases, credential_injector, helper): ResourcesDiscoverer(model_context, model.get_model_resources(), base_location, wlst_mode=__wlst_mode, aliases=aliases, credential_injector=credential_injector).discover() DeploymentsDiscoverer(model_context, model.get_model_app_deployments(), base_location, wlst_mode=__wlst_mode, - aliases=aliases, credential_injector=credential_injector).discover() + aliases=aliases, credential_injector=credential_injector, + extra_tokens=extra_tokens).discover() __discover_multi_tenant(model, model_context, base_location, aliases, credential_injector) except AliasException, ae: wls_version = WebLogicHelper(__logger).get_actual_weblogic_version() @@ -448,7 +449,7 @@ def __persist_model(model, model_context): __logger.exiting(class_name=_class_name, method_name=_method_name) -def __check_and_customize_model(model, model_context, aliases, credential_injector): +def __check_and_customize_model(model, model_context, aliases, credential_injector, extra_tokens): """ Customize the model dictionary before persisting. Validate the model after customization for informational purposes. Any validation errors will not stop the discovered model to be persisted. @@ -456,6 +457,7 @@ def __check_and_customize_model(model, model_context, aliases, credential_inject :param model_context: configuration from command-line :param aliases: used for validation if model changes are made :param credential_injector: injector created to collect and tokenize credentials, possibly None + :param extra_tokens: dictionary to handle non-credential tokenized arguments """ _method_name = '__check_and_customize_model' __logger.entering(class_name=_class_name, method_name=_method_name) @@ -488,7 +490,7 @@ def __check_and_customize_model(model, model_context, aliases, credential_inject # if target handles credential configuration, clear property cache to keep out of variables file. if model_context.get_target_configuration().manages_credentials(): - credential_injector.clear_cache(credential_cache) + credential_cache.clear() # Apply the injectors specified in model_variable_injector.json, or in the target configuration. # Include the variable mappings that were collected in credential_cache. @@ -496,6 +498,8 @@ def __check_and_customize_model(model, model_context, aliases, credential_inject variable_injector = VariableInjector(_program_name, model.get_model(), model_context, WebLogicHelper(__logger).get_actual_weblogic_version(), credential_cache) + variable_injector.add_to_cache(dictionary=extra_tokens) + inserted, variable_model, variable_file_name = variable_injector.inject_variables_keyword_file() if inserted: @@ -590,10 +594,11 @@ def main(model_context): else: __logger.info('WLSDPLY-06024', class_name=_class_name, method_name=_method_name) + extra_tokens = {} try: - model = __discover(model_context, aliases, credential_injector, helper) + model = __discover(model_context, aliases, credential_injector, helper, extra_tokens) - model = __check_and_customize_model(model, model_context, aliases, credential_injector) + model = __check_and_customize_model(model, model_context, aliases, credential_injector, extra_tokens) __remote_report(model_context) except DiscoverException, ex: diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index aeb5842841..1aa6ec7123 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -41,9 +41,10 @@ class DeploymentsDiscoverer(Discoverer): """ def __init__(self, model_context, deployments_dictionary, base_location, - wlst_mode=WlstModes.OFFLINE, aliases=None, credential_injector=None): + wlst_mode=WlstModes.OFFLINE, aliases=None, credential_injector=None, extra_tokens=None): Discoverer.__init__(self, model_context, base_location, wlst_mode, aliases, credential_injector) self._dictionary = deployments_dictionary + self._extra_tokens = extra_tokens def discover(self): """ @@ -382,24 +383,29 @@ def _jdbc_password_fix(self, source_name): matcher = pattern.matcher(result) result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '-user:password', 'password-encrypted')) - pattern = Pattern.compile('(.+?)(\s*)(.+?)(\s*)(.+?)') matcher = pattern.matcher(result) - result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt:password', 'ons-wallet-password-encrypted')) + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt:password', + 'ons-wallet-password-encrypted')) bos.write(result) bos.close() archive_file.replaceApplication(source_name, jdbc_out) _logger.exiting(class_name=_class_name, method_name=_method_name) - def _get_pass_replacement(self, jdbc_file, name, type, property=False, username=''): + def _get_pass_replacement(self, jdbc_file, name, type, properties=None, username=''): if self._credential_injector is not None: head, tail = os.path.split(jdbc_file) token = tail[:len(jdbc_file) - len('jdbc.xml')] token = token + name - result = self._credential_injector.injection_out_of_model(token, property, username) + if properties is not None: + self._extra_tokens[token] = properties + result = self._credential_injector.injection_out_of_model(token, properties, username) else: result = PASSWORD_TOKEN result = '<' + type + '>' + result + '' diff --git a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py index c73512adc7..2e40aa004b 100644 --- a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py @@ -144,7 +144,7 @@ def injection_out_of_model(self, token, property=False, username=''): """ This is for tokenizing variables that are not in the model but need to be in the variable file :param token: name for cache to create a token for - :param property: Determine if the property is a property or a secret + :param property: value is a property not a secret :param username: usernames appear as part of property value :return: tokenized name """ @@ -154,9 +154,9 @@ def injection_out_of_model(self, token, property=False, username=''): result = self.get_property_token(None, token) else: result = self.get_variable_token(None, token) - if username is None: - username = '' - self.add_to_cache(token_name=token, token_value=username) + if username is None: + username = '' + self.add_to_cache(token_name=token, token_value=username) self._no_filter_keys_cache.append(token) _logger.exiting(class_name=_class_name, method_name=_method_name, result=result) diff --git a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py index 3afa947d00..6b3130e0d8 100644 --- a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py @@ -107,18 +107,6 @@ def __init__(self, program_name, model, model_context, version=None, variable_di self.__aliases = Aliases(model_context) self.__variable_dictionary = variable_dictionary - def clear_cache(self, cache): - """ - Clear the cache of password and usernames. - :param cache: to c - """ - entries = list() - for item in cache: - if ':password' in item or ':username' in item: - entries.append(item) - for entry in entries: - cache.pop(entry) - def get_variable_cache(self): """ This caches all variable information, both from running as a tool, and collected during special From 83cbafdcf415d7856384f43d0ae1bf1d52c70889 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Tue, 25 Oct 2022 11:08:36 -0500 Subject: [PATCH 13/15] requested fixes --- .../wlsdeploy/tool/discover/deployments_discoverer.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index 1aa6ec7123..93980bb543 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -383,7 +383,7 @@ def _jdbc_password_fix(self, source_name): matcher = pattern.matcher(result) result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '-user:password', 'password-encrypted')) - pattern = Pattern.compile('(\s*)(.+?)(\s*)(\s*)(.+?)(\s*)') matcher = pattern.matcher(result) matcher.find() result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '-url', 'url', @@ -391,7 +391,7 @@ def _jdbc_password_fix(self, source_name): pattern = Pattern.compile('(.+?)') matcher = pattern.matcher(result) - result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '.ons.pass.encrypt:password', + result = matcher.replaceFirst(self._get_pass_replacement(jdbc_file, '-ons-pass-encrypt:password', 'ons-wallet-password-encrypted')) bos.write(result) bos.close() @@ -401,7 +401,7 @@ def _jdbc_password_fix(self, source_name): def _get_pass_replacement(self, jdbc_file, name, type, properties=None, username=''): if self._credential_injector is not None: head, tail = os.path.split(jdbc_file) - token = tail[:len(jdbc_file) - len('jdbc.xml')] + token = tail[:len(tail) - len('.xml')] token = token + name if properties is not None: self._extra_tokens[token] = properties From a4e6123c05780cda4830353f7d78815dd3a95859 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Tue, 25 Oct 2022 13:51:46 -0500 Subject: [PATCH 14/15] code smells --- .../wlsdeploy/tool/discover/deployments_discoverer.py | 6 +++--- .../main/python/wlsdeploy/tool/util/variable_injector.py | 3 +-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index 93980bb543..1047c7303f 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -351,10 +351,10 @@ def _jdbc_password_fix(self, source_name): _method_name = '_jdbc_password_fix' _logger.entering(source_name, class_name=_class_name, method_name=_method_name) archive_file = self._model_context.get_archive_file() - tmpDir = FileUtils.getTmpDir(); - temp_file = FileUtils.createTempDirectory(tmpDir, 'jdbc-xml') + tmp_dir = FileUtils.getTmpDir(); + temp_file = FileUtils.createTempDirectory(tmp_dir, 'jdbc-xml') jdbc_file = archive_file.extractFile(source_name, temp_file) - jdbc_out = FileUtils.createTempDirectory(tmpDir, 'jdbc-out') + jdbc_out = FileUtils.createTempDirectory(tmp_dir, 'jdbc-out') jdbc_out = archive_file.extractFile(source_name, jdbc_out) bis = BufferedReader(FileReader(jdbc_file)) bos = BufferedWriter(FileWriter(jdbc_out)) diff --git a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py index 6b3130e0d8..dd67e9a809 100644 --- a/core/src/main/python/wlsdeploy/tool/util/variable_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/variable_injector.py @@ -80,7 +80,7 @@ class VariableInjector(object): - def __init__(self, program_name, model, model_context, version=None, variable_dictionary=None, extra_cache=None): + def __init__(self, program_name, model, model_context, version=None, variable_dictionary=None): """ Construct an instance of the injector with the model and information used by the injector. :param program_name: name of the calling tool @@ -92,7 +92,6 @@ def __init__(self, program_name, model, model_context, version=None, variable_di self.__program_name = program_name self.__original = copy.deepcopy(model) self.__model = model - self.__extra_cache = extra_cache self.__model_context = model_context if self.__model_context: self.__wlst_mode = self.__model_context.get_target_wlst_mode() From bc641949171008d7b9dfd3e4e2a7f98fd6dd65a2 Mon Sep 17 00:00:00 2001 From: Carolyn Rountree Date: Tue, 25 Oct 2022 14:33:37 -0500 Subject: [PATCH 15/15] requested change --- .../tool/discover/deployments_discoverer.py | 4 +++- .../wlsdeploy/tool/util/credential_injector.py | 12 +++--------- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py index 1047c7303f..28ef1f7e09 100644 --- a/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py +++ b/core/src/main/python/wlsdeploy/tool/discover/deployments_discoverer.py @@ -405,7 +405,9 @@ def _get_pass_replacement(self, jdbc_file, name, type, properties=None, username token = token + name if properties is not None: self._extra_tokens[token] = properties - result = self._credential_injector.injection_out_of_model(token, properties, username) + result = self._credential_injector.get_property_token(None, token) + else: + result = self._credential_injector.injection_out_of_model(token, username) else: result = PASSWORD_TOKEN result = '<' + type + '>' + result + '' diff --git a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py index 2e40aa004b..c30a547327 100644 --- a/core/src/main/python/wlsdeploy/tool/util/credential_injector.py +++ b/core/src/main/python/wlsdeploy/tool/util/credential_injector.py @@ -140,23 +140,17 @@ def check_and_tokenize(self, model_dict, attribute, location): assigns.append('%s=%s' % (key, properties[key])) model_dict[attribute] = split_value.join(assigns) - def injection_out_of_model(self, token, property=False, username=''): + def injection_out_of_model(self, token, username=''): """ This is for tokenizing variables that are not in the model but need to be in the variable file :param token: name for cache to create a token for - :param property: value is a property not a secret :param username: usernames appear as part of property value :return: tokenized name """ _method_name = 'injection_out_of_model' _logger.entering(token, class_name=_class_name, method_name=_method_name) - if property: - result = self.get_property_token(None, token) - else: - result = self.get_variable_token(None, token) - if username is None: - username = '' - self.add_to_cache(token_name=token, token_value=username) + result = self.get_variable_token(None, token) + self.add_to_cache(token_name=token, token_value=username) self._no_filter_keys_cache.append(token) _logger.exiting(class_name=_class_name, method_name=_method_name, result=result)