diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 368fd10c..60c60102 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,6 +10,7 @@ on: env: azCliVersion: 2.6.0 + adminConsolePort: 7005 dbName: wlsdb${{ github.run_id }}${{ github.run_number }} elkURI: ${{ secrets.ELK_URI }} elkUser: ${{ secrets.ELK_USER_NAME }} @@ -152,11 +153,19 @@ jobs: --name ${{ env.dbName }} \ --location ${location} \ --admin-user weblogic \ - --ssl-enforcement Disabled \ + --ssl-enforcement Enabled \ --public-network-access Enabled \ --admin-password ${{ env.wlsPassword }} \ --sku-name B_Gen5_1 + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDependency }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + deploy-weblogic-admin: needs: deploy-dependencies runs-on: ubuntu-latest @@ -223,12 +232,7 @@ jobs: s/#gitUserName#/$userName/g" \ ${{ env.offerName }}/test/data/parameters-test.json sed -i "s/#adminPasswordOrKey#/$wlsPassword/g" \ - ${{ env.offerName }}/test/scripts/verify-wls-path.sh - sed -i "s/#adminVMName#/$adminVMName/g; \ - s/#adminPasswordOrKey#/$wlsPassword/g; \ - s/#wlsUserName#/$wlsUserName/g; \ - s/#wlspassword#/$wlsPassword/g" \ - ${{ env.offerName }}/test/scripts/verify-wls-access.sh + ${{ env.offerName }}/test/scripts/verify-wls-path.sh - name: Accept Image Terms id: accept-terms @@ -296,7 +300,7 @@ jobs: --nsg-name ${nsg} \ --name NRMS-Rule-101 \ --source-address-prefixes $sourceAddressPrefixes \ - --destination-port-ranges 443 22 + --destination-port-ranges 443 22 ${adminConsolePort} - name: Restart wls VM id: restart-wls-wm @@ -330,7 +334,18 @@ jobs: echo "Verifying Weblgic server installation" timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.offerName }}/test/scripts/verify-wls-path.sh - + + - name: Restart remote SSH agent + id: restart-remote-ssh + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + - name: Verify system services at admin server id: veriy-admin-service run: | @@ -341,7 +356,8 @@ jobs: id: verify-wls-access run: | echo "Verifying Weblogic Server Access" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.offerName }}/test/scripts/verify-wls-access.sh + echo ${wlsPublicIP} + bash ${{ env.offerName }}/test/scripts/verify-wls-access.sh "${wlsPublicIP}" "7005" - name: Deploy DB Template to Connect to Azure Postgresql Database id: enable-postgresql-db diff --git a/src/main/scripts/aadIntegration.sh b/src/main/scripts/aadIntegration.sh index 7af8373b..b8b739c6 100644 --- a/src/main/scripts/aadIntegration.sh +++ b/src/main/scripts/aadIntegration.sh @@ -101,7 +101,7 @@ function validateInput() function createAADProvider_model() { - cat <${SCRIPT_PWD}/configure-active-directory.py + cat <${SCRIPT_PATH}/configure-active-directory.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') try: edit() @@ -161,7 +161,7 @@ EOF function createSSL_model() { - cat <${SCRIPT_PWD}/configure-ssl.py + cat <${SCRIPT_PATH}/configure-ssl.py # Connect to the AdminServer. connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') try: @@ -241,8 +241,8 @@ function importAADCertificate() function configureSSL() { echo "configure ladp ssl" - . $oracleHome/oracle_common/common/bin/setWlstEnv.sh - java $WLST_ARGS weblogic.WLST ${SCRIPT_PWD}/configure-ssl.py + sudo chown -R ${USER_ORACLE}:${GROUP_ORACLE} ${SCRIPT_PATH} + runuser -l ${USER_ORACLE} -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST ${SCRIPT_PATH}/configure-ssl.py" errorCode=$? if [ $errorCode -eq 1 ] @@ -255,8 +255,8 @@ function configureSSL() function configureAzureActiveDirectory() { echo "create Azure Active Directory provider" - . $oracleHome/oracle_common/common/bin/setWlstEnv.sh - java $WLST_ARGS weblogic.WLST ${SCRIPT_PWD}/configure-active-directory.py + sudo chown -R ${USER_ORACLE}:${GROUP_ORACLE} ${SCRIPT_PATH} + runuser -l ${USER_ORACLE} -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST ${SCRIPT_PATH}/configure-active-directory.py" errorCode=$? if [ $errorCode -eq 1 ] @@ -304,8 +304,7 @@ function wait_for_admin() function cleanup() { echo "Cleaning up temporary files..." - rm -f ${SCRIPT_PWD}/configure-ssl.py - rm -f ${SCRIPT_PWD}/configure-active-directory.py + rm -f -r ${SCRIPT_PATH} rm -rf ${SCRIPT_PWD}/security/* echo "Cleanup completed." } @@ -327,11 +326,21 @@ EOF fi } +function createTempFolder() +{ + export SCRIPT_PATH="/u01/tmp" + sudo rm -f -r ${SCRIPT_PATH} + sudo mkdir ${SCRIPT_PATH} + sudo rm -rf $SCRIPT_PATH/* +} + export LDAP_USER_NAME='sAMAccountName' export LDAP_USER_FROM_NAME_FILTER='(&(sAMAccountName=%u)(objectclass=user))' export JAVA_OPTIONS_TLS_V12="-Djdk.tls.client.protocols=TLSv1.2" export STRING_ENABLE_TLSV12="Append -Djdk.tls.client.protocols to JAVA_OPTIONS in jdk8" export SCRIPT_PWD=`pwd` +export USER_ORACLE="oracle" +export GROUP_ORACLE="oracle" if [ $# -ne 18 ] then @@ -359,7 +368,8 @@ export wlsAdminServerName=${17} export wlsDomainPath=${18} export wlsAdminURL=$wlsAdminHost:$wlsAdminPort - +validateInput +createTempFolder echo "check status of admin server" wait_for_admin @@ -378,3 +388,4 @@ echo "Waiting for admin server to be available" wait_for_admin echo "Weblogic admin server is up and running" +cleanup diff --git a/src/main/scripts/datasourceConfig-oracle.sh b/src/main/scripts/datasourceConfig-oracle.sh index 58fac6fb..8063d89e 100644 --- a/src/main/scripts/datasourceConfig-oracle.sh +++ b/src/main/scripts/datasourceConfig-oracle.sh @@ -91,7 +91,7 @@ function validateInput() function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" -cat <create_datasource.py +cat <${scriptPath}/create_datasource.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') edit("$hostName") startEdit() @@ -122,24 +122,46 @@ try: resolve() activate() except Exception, e: - print "Already datasource with name $jdbcDataSourceName exists" + e.printStackTrace() + dumpStack() + undo('true',defaultAnswer='y') + cancelEdit('y') + destroyEditSession("$hostName",force = true) + raise("$jdbcDataSourceName configuration failed") destroyEditSession("$hostName",force = true) disconnect() EOF } +function createTempFolder() +{ + export scriptPath="/u01/tmp" + sudo rm -f -r ${scriptPath} + sudo mkdir ${scriptPath} + sudo rm -rf $scriptPath/* +} + if [ $# -lt 9 ] then usage exit 1 fi +createTempFolder validateInput createJDBCSource_model -. $oracleHome/oracle_common/common/bin/setWlstEnv.sh +sudo chown -R oracle:oracle ${scriptPath} +runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST ${scriptPath}/create_datasource.py" +errorCode=$? +if [ $errorCode -eq 1 ] +then + echo "Exception occurs during DB configuration, please check." + exit 1 +fi -java $WLST_ARGS weblogic.WLST create_datasource.py $wlsUserName $wlsPassword $wlsAdminURL $jdbcDataSourceName $dsConnectionURL $dsUser $dsPassword $wlsClusterName +echo "Cleaning up temporary files..." +rm -f -r ${scriptPath} diff --git a/src/main/scripts/datasourceConfig-postgresql.sh b/src/main/scripts/datasourceConfig-postgresql.sh index 7cd01a39..6f4b835c 100644 --- a/src/main/scripts/datasourceConfig-postgresql.sh +++ b/src/main/scripts/datasourceConfig-postgresql.sh @@ -91,7 +91,7 @@ function validateInput() function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" -cat <create_datasource.py +cat <${scriptPath}/create_datasource.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') edit("$hostName") startEdit() @@ -122,12 +122,25 @@ try: resolve() activate() except Exception, e: - print "Already datasource with name $jdbcDataSourceName exists" + e.printStackTrace() + dumpStack() + undo('true',defaultAnswer='y') + cancelEdit('y') + destroyEditSession("$hostName",force = true) + raise("$jdbcDataSourceName configuration failed") destroyEditSession("$hostName",force = true) disconnect() EOF } +function createTempFolder() +{ + export scriptPath="/u01/tmp" + sudo rm -f -r ${scriptPath} + sudo mkdir ${scriptPath} + sudo rm -rf $scriptPath/* +} + # store arguments in a special array args=("$@") @@ -147,12 +160,20 @@ then exit 1 fi +createTempFolder validateInput createJDBCSource_model -. $oracleHome/oracle_common/common/bin/setWlstEnv.sh +sudo chown -R oracle:oracle ${scriptPath} +runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST ${scriptPath}/create_datasource.py" +errorCode=$? +if [ $errorCode -eq 1 ] +then + echo "Exception occurs during DB configuration, please check." + exit 1 +fi -java $WLST_ARGS weblogic.WLST create_datasource.py $wlsUserName $wlsPassword $wlsAdminURL $jdbcDataSourceName $dsConnectionURL $dsUser $dsPassword $wlsClusterName - +echo "Cleaning up temporary files..." +rm -f -r ${scriptPath} diff --git a/src/main/scripts/datasourceConfig-sqlserver.sh b/src/main/scripts/datasourceConfig-sqlserver.sh index 5904cdb3..b7e0c68a 100644 --- a/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/src/main/scripts/datasourceConfig-sqlserver.sh @@ -91,7 +91,7 @@ function validateInput() function createJDBCSource_model() { echo "Creating JDBC data source with name $jdbcDataSourceName" -cat <create_datasource.py +cat <${scriptPath}/create_datasource.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') edit("$hostName") startEdit() @@ -122,24 +122,45 @@ try: resolve() activate() except Exception, e: - print "Already datasource with name $jdbcDataSourceName exists" + e.printStackTrace() + dumpStack() + undo('true',defaultAnswer='y') + cancelEdit('y') + destroyEditSession("$hostName",force = true) + raise("$jdbcDataSourceName configuration failed") destroyEditSession("$hostName",force = true) disconnect() EOF } +function createTempFolder() +{ + export scriptPath="/u01/tmp" + sudo rm -f -r ${scriptPath} + sudo mkdir ${scriptPath} + sudo rm -rf $scriptPath/* +} + if [ $# -lt 9 ] then usage exit 1 fi +createTempFolder validateInput createJDBCSource_model -. $oracleHome/oracle_common/common/bin/setWlstEnv.sh +sudo chown -R oracle:oracle ${scriptPath} +runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST ${scriptPath}/create_datasource.py" +errorCode=$? +if [ $errorCode -eq 1 ] +then + echo "Exception occurs during DB configuration, please check." + exit 1 +fi -java $WLST_ARGS weblogic.WLST create_datasource.py $wlsUserName $wlsPassword $wlsAdminURL $jdbcDataSourceName $dsConnectionURL $dsUser $dsPassword $wlsClusterName - +echo "Cleaning up temporary files..." +rm -f -r ${scriptPath} diff --git a/src/main/scripts/elkIntegration.sh b/src/main/scripts/elkIntegration.sh index 8ee5f71d..6924ea19 100644 --- a/src/main/scripts/elkIntegration.sh +++ b/src/main/scripts/elkIntegration.sh @@ -98,7 +98,7 @@ function validate_input() # Stack Traces to stdout: true function create_wls_log_model() { - cat <${SCRIPT_PWD}/configure-wls-log.py + cat <${SCRIPT_PATH}/configure-wls-log.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') try: edit("$hostName") @@ -528,7 +528,8 @@ EOF function configure_wls_log() { echo "Configure WebLogic Log" - java $WLST_ARGS weblogic.WLST ${SCRIPT_PWD}/configure-wls-log.py + sudo chown -R ${userOracle}:${groupOracle} ${SCRIPT_PATH} + runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST ${SCRIPT_PATH}/configure-wls-log.py" errorCode=$? if [ $errorCode -eq 1 ] @@ -610,10 +611,18 @@ function shutdown_admin() { function cleanup() { echo "Cleaning up temporary files..." - rm -f ${SCRIPT_PWD}/*.py + rm -f -r ${SCRIPT_PATH} echo "Cleanup completed." } +function createTempFolder() +{ + export SCRIPT_PATH="/u01/tmp" + sudo rm -f -r ${SCRIPT_PATH} + sudo mkdir ${SCRIPT_PATH} + sudo rm -rf $SCRIPT_PATH/* +} + export SCRIPT_PWD=`pwd` if [ $# -ne 13 ] @@ -622,6 +631,7 @@ then exit 1 fi +createTempFolder validate_input echo "start to configure ELK" diff --git a/test/scripts/gen-parameters-deploy-db.sh b/test/scripts/gen-parameters-deploy-db.sh index 419f9e0c..eb2d7bc5 100644 --- a/test/scripts/gen-parameters-deploy-db.sh +++ b/test/scripts/gen-parameters-deploy-db.sh @@ -26,7 +26,7 @@ cat < ${parametersPath}/parameters-deploy-db.json "value": "weblogic@${dbName}" }, "dsConnectionURL": { - "value": "jdbc:postgresql://${dbName}.postgres.database.azure.com:5432/postgres" + "value": "jdbc:postgresql://${dbName}.postgres.database.azure.com:5432/postgres?sslmode=require" }, "jdbcDataSourceName": { "value": "jdbc/WebLogicDB" diff --git a/test/scripts/verify-wls-access.sh b/test/scripts/verify-wls-access.sh index 2038c3ff..7814ad1d 100644 --- a/test/scripts/verify-wls-access.sh +++ b/test/scripts/verify-wls-access.sh @@ -1,36 +1,40 @@ -# Verifying admin server is accessible -isSuccess=false -maxAttempt=5 -attempt=1 -echo "Verifying http://#adminVMName#:7001/weblogic/ready" -while [ $attempt -le $maxAttempt ] -do - echo "Attempt $attempt :- Checking WebLogic admin server is accessible" - curl http://#adminVMName#:7001/weblogic/ready - if [ $? == 0 ]; then - isSuccess=true - break - fi - attempt=`expr $attempt + 1` - sleep 2m -done - -if [[ $isSuccess == "false" ]]; then - echo "Failed : WebLogic admin server is not accessible" - exit 1 -else - echo "WebLogic admin server is accessible" -fi - -sleep 1m - -# Verifying whether admin console is accessible -echo "Checking WebLogic admin console is acessible" -curl http://#adminVMName#:7001/console/ -if [[ $? != 0 ]]; then - echo "WebLogic admin console is not accessible" - exit 1 -else - echo "WebLogic admin console is accessible" - exit 0 -fi +#!/bin/bash +# Verifying admin server is accessible +adminPublicIP="$1" +adminPort=$2 + +isSuccess=false +maxAttempt=5 +attempt=1 +echo "Verifying http://${adminPublicIP}:${adminPort}/weblogic/ready" +while [ $attempt -le $maxAttempt ] +do + echo "Attempt $attempt :- Checking WebLogic admin server is accessible" + curl http://${adminPublicIP}:${adminPort}/weblogic/ready + if [ $? == 0 ]; then + isSuccess=true + break + fi + attempt=`expr $attempt + 1` + sleep 2m +done + +if [[ $isSuccess == "false" ]]; then + echo "Failed : WebLogic admin server is not accessible" + exit 1 +else + echo "WebLogic admin server is accessible" +fi + +sleep 1m + +# Verifying whether admin console is accessible +echo "Checking WebLogic admin console is acessible" +curl http://${adminPublicIP}:${adminPort}/console/ +if [[ $? != 0 ]]; then + echo "WebLogic admin console is not accessible" + exit 1 +else + echo "WebLogic admin console is accessible" + exit 0 +fi