summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/scriptlets/pkiparser.py
diff options
context:
space:
mode:
authorMatthew Harmsen <mharmsen@redhat.com>2012-04-23 13:39:04 -0700
committerMatthew Harmsen <mharmsen@redhat.com>2012-04-26 15:28:54 -0700
commitdd566ed3c64a69801a9edf3b27f11077aa40ecef (patch)
treee582b16f39c2a284bff873f23410fa058539a0ca /base/deploy/src/scriptlets/pkiparser.py
parent7741dd4a44f87012974e9849d35f1df0d56929c2 (diff)
downloadpki-dd566ed3c64a69801a9edf3b27f11077aa40ecef.tar.gz
pki-dd566ed3c64a69801a9edf3b27f11077aa40ecef.tar.xz
pki-dd566ed3c64a69801a9edf3b27f11077aa40ecef.zip
PKI Deployment Scriptlets
* Completed the following six 'scriptlets': * Dogtag 10: Python 'initialization.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/147) * Dogtag 10: Python 'instance_layout.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/75) * Dogtag 10: Python 'webserver_layout.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/140) * Dogtag 10: Python 'subsystem_layout.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/141) * Dogtag 10: Python 'war_explosion.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/76) * Dogtag 10: Python 'finalization.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/148) * Created numerous PKI deployment helper utilities. * Augmented logging to provide indentation. * Generated logic for installation 'manifest'. * Tested logic using '--dry_run' option and '-p' prefix options. * Per initial review, removed numerous "constants" and consolidated logic into "master" dictionary. * Corrected the following ticket: * Dogtag 10: Fix 'build_dogtag_pki' script to account for 'pki-deploy' RPM (https://fedorahosted.org/pki/ticket/138) Resolves Bugzilla Bug #810047 - build_dogtag_pki fails with requirements for pki-deploy (https://bugzilla.redhat.com/show_bug.cgi?id=810047) * Created the following three 'scriptlets' as 'NOT YET IMPLEMENTED' place-holders: * Dogtag 10: Python 'security_databases.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/136) * Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/146) * Dogtag 10: Python 'configuration.py' Configuration Scriptlet (https://fedorahosted.org/pki/ticket/137)
Diffstat (limited to 'base/deploy/src/scriptlets/pkiparser.py')
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py362
1 files changed, 362 insertions, 0 deletions
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
new file mode 100644
index 000000000..bff405955
--- /dev/null
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -0,0 +1,362 @@
+#!/usr/bin/python -t
+# Authors:
+# Matthew Harmsen <mharmsen@redhat.com>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; version 2 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+# Copyright (C) 2012 Red Hat, Inc.
+# All rights reserved.
+#
+
+# System Imports
+import ConfigParser
+import argparse
+import logging
+import os
+
+
+# PKI Deployment Imports
+import pkiconfig as config
+import pkimessages as log
+
+
+# PKI Deployment Helper Functions
+def process_command_line_arguments(argv):
+ "Read and process command-line options"
+ description = None
+ if os.path.basename(argv[0]) == 'pkispawn':
+ description = 'PKI Instance Installation and Configuration'
+ elif os.path.basename(argv[0]) == 'pkidestroy':
+ description = 'PKI Instance Removal'
+ parser = argparse.ArgumentParser(
+ description=description,
+ add_help=False,
+ formatter_class=argparse.RawDescriptionHelpFormatter,
+ epilog=log.PKI_VERBOSITY)
+ mandatory = parser.add_argument_group('mandatory arguments')
+ mandatory.add_argument('-s',
+ dest='pki_subsystem', action='store',
+ nargs=1, choices=config.PKI_SUBSYSTEMS,
+ required=True, metavar='<subsystem>',
+ help='where <subsystem> is '
+ 'CA, KRA, OCSP, RA, TKS, or TPS')
+ optional = parser.add_argument_group('optional arguments')
+ optional.add_argument('--dry_run',
+ dest='pki_dry_run_flag', action='store_true',
+ help='do not actually perform any actions')
+ optional.add_argument('-f',
+ dest='pkideployment_cfg', action='store',
+ nargs=1, metavar='<file>',
+ help='overrides default configuration filename')
+ optional.add_argument('-h', '--help',
+ dest='help', action='help',
+ help='show this help message and exit')
+ optional.add_argument('-p',
+ dest='pki_root_prefix', action='store',
+ nargs=1, metavar='<prefix>',
+ help='directory prefix to specify local directory')
+ if os.path.basename(argv[0]) == 'pkispawn':
+ optional.add_argument('-u',
+ dest='pki_update_flag', action='store_true',
+ help='update instance of specified subsystem')
+ optional.add_argument('-v',
+ dest='pki_verbosity', action='count',
+ help='display verbose information (details below)')
+ custom = parser.add_argument_group('custom arguments '
+ '(OVERRIDES configuration file values)')
+ custom.add_argument('-i',
+ dest='pki_instance_name', action='store',
+ nargs=1, metavar='<instance>',
+ help='PKI instance name (MUST specify REQUIRED ports)')
+ custom.add_argument('--http_port',
+ dest='pki_http_port', action='store',
+ nargs=1, metavar='<port>',
+ help='HTTP port (CA, KRA, OCSP, RA, TKS, TPS)')
+ custom.add_argument('--https_port',
+ dest='pki_https_port', action='store',
+ nargs=1, metavar='<port>',
+ help='HTTPS port (CA, KRA, OCSP, RA, TKS, TPS)')
+ custom.add_argument('--ajp_port',
+ dest='pki_ajp_port', action='store',
+ nargs=1, metavar='<port>',
+ help='AJP port (CA, KRA, OCSP, TKS)')
+ args = parser.parse_args()
+
+ config.pki_subsystem = str(args.pki_subsystem).strip('[\']')
+ if args.pki_dry_run_flag:
+ config.pki_dry_run_flag = args.pki_dry_run_flag
+ if not args.pki_root_prefix is None:
+ config.pki_root_prefix = str(args.pki_root_prefix).strip('[\']')
+ if config.pki_root_prefix is None or\
+ len(config.pki_root_prefix) == 0:
+ config.pki_root_prefix = ""
+ elif not os.path.exists(config.pki_root_prefix) or\
+ not os.path.isdir(config.pki_root_prefix):
+ print "ERROR: " +\
+ log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 %\
+ config.pki_root_prefix
+ print
+ parser.print_help()
+ parser.exit(-1);
+ if os.path.basename(argv[0]) == 'pkispawn':
+ if args.pki_update_flag:
+ config.pki_update_flag = args.pki_update_flag
+ if args.pki_verbosity == 1:
+ config.pki_console_log_level = logging.INFO
+ config.pki_log_level = logging.INFO
+ elif args.pki_verbosity == 2:
+ config.pki_console_log_level = logging.INFO
+ config.pki_log_level = logging.DEBUG
+ elif args.pki_verbosity == 3:
+ config.pki_console_log_level = logging.DEBUG
+ config.pki_log_level = logging.DEBUG
+ elif args.pki_verbosity > 3:
+ print "ERROR: " + log.PKI_VERBOSITY_LEVELS_MESSAGE
+ print
+ parser.print_help()
+ parser.exit(-1);
+ if not args.pki_instance_name is None:
+ config.pki_instance_name = str(args.pki_instance_name).strip('[\']')
+ if not args.pki_http_port is None:
+ config.pki_http_port = str(args.pki_http_port).strip('[\']')
+ if not args.pki_https_port is None:
+ config.pki_https_port = str(args.pki_https_port).strip('[\']')
+ if not args.pki_ajp_port is None:
+ if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS:
+ config.pki_ajp_port = str(args.pki_ajp_port).strip('[\']')
+ else:
+ print "ERROR: " +\
+ log.PKI_CUSTOM_TOMCAT_AJP_PORT_1 %\
+ config.pki_subsystem
+ print
+ parser.print_help()
+ parser.exit(-1);
+ if not args.pki_instance_name is None or\
+ not args.pki_http_port is None or\
+ not args.pki_https_port is None or\
+ not args.pki_ajp_port is None:
+ if config.pki_subsystem in config.PKI_APACHE_SUBSYSTEMS:
+ if args.pki_instance_name is None or\
+ args.pki_http_port is None or\
+ args.pki_https_port is None:
+ print "ERROR: " + log.PKI_CUSTOM_APACHE_INSTANCE_1 %\
+ config.pki_subsystem
+ print
+ parser.print_help()
+ parser.exit(-1);
+ elif config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS:
+ if args.pki_instance_name is None or\
+ args.pki_http_port is None or\
+ args.pki_https_port is None or\
+ args.pki_ajp_port is None:
+ print "ERROR: " + log.PKI_CUSTOM_TOMCAT_INSTANCE_1 %\
+ config.pki_subsystem
+ print
+ parser.print_help()
+ parser.exit(-1);
+ if not args.pkideployment_cfg is None:
+ config.pkideployment_cfg = str(args.pkideployment_cfg).strip('[\']')
+ elif os.path.basename(argv[0]) == 'pkidestroy':
+ # NOTE: When performing 'pkidestroy', a configuration file must be
+ # explicitly specified if it does not use the default location
+ # and/or default configuration file name.
+ config.pkideployment_cfg = config.pki_root_prefix +\
+ config.PKI_DEPLOYMENT_REGISTRY_ROOT + "/" +\
+ config.PKI_DEPLOYMENT_DEFAULT_INSTANCE_NAME + "/" +\
+ config.pki_subsystem.lower() +"/" +\
+ config.PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE
+ if not os.path.exists(config.pkideployment_cfg) or\
+ not os.path.isfile(config.pkideployment_cfg):
+ print "ERROR: " +\
+ log.PKI_FILE_MISSING_OR_NOT_A_FILE_1 %\
+ config.pkideployment_cfg
+ print
+ parser.print_help()
+ parser.exit(-1);
+ return
+
+
+def read_pki_configuration_file():
+ "Read configuration file sections into dictionaries"
+ rv = 0
+ try:
+ parser = ConfigParser.ConfigParser()
+ parser.read(config.pkideployment_cfg)
+ config.pki_common_dict = dict(parser._sections['Common'])
+ if config.pki_subsystem == "CA":
+ config.pki_web_server_dict = dict(parser._sections['Tomcat'])
+ config.pki_subsystem_dict = dict(parser._sections['CA'])
+ elif config.pki_subsystem == "KRA":
+ config.pki_web_server_dict = dict(parser._sections['Tomcat'])
+ config.pki_subsystem_dict = dict(parser._sections['KRA'])
+ elif config.pki_subsystem == "OCSP":
+ config.pki_web_server_dict = dict(parser._sections['Tomcat'])
+ config.pki_subsystem_dict = dict(parser._sections['OCSP'])
+ elif config.pki_subsystem == "RA":
+ config.pki_web_server_dict = dict(parser._sections['Apache'])
+ config.pki_subsystem_dict = dict(parser._sections['RA'])
+ elif config.pki_subsystem == "TKS":
+ config.pki_web_server_dict = dict(parser._sections['Tomcat'])
+ config.pki_subsystem_dict = dict(parser._sections['TKS'])
+ elif config.pki_subsystem == "TPS":
+ config.pki_web_server_dict = dict(parser._sections['Apache'])
+ config.pki_subsystem_dict = dict(parser._sections['TPS'])
+ # Insert empty record into dictionaries for "pretty print" statements
+ config.pki_common_dict[0] = None
+ config.pki_web_server_dict[0] = None
+ config.pki_subsystem_dict[0] = None
+ except ConfigParser.ParsingError, err:
+ rv = err
+ return rv
+
+
+def compose_pki_master_dictionary():
+ "Create a single master PKI dictionary from the sectional dictionaries"
+ config.pki_master_dict = dict()
+ # 'pkispawn'/'pkirespawn'/'pkidestroy' name/value pairs
+ config.pki_master_dict['pki_timestamp'] = config.pki_timestamp
+ # Configuration file name/value pairs
+ config.pki_master_dict.update(config.pki_common_dict)
+ config.pki_master_dict.update(config.pki_web_server_dict)
+ config.pki_master_dict.update(config.pki_subsystem_dict)
+ config.pki_master_dict.update(__name__="PKI Master Dictionary")
+ config.pki_master_dict['pki_source_conf'] =\
+ config.pki_master_dict['pki_source_root'] + "/" +\
+ config.pki_master_dict['pki_subsystem'].lower() + "/" + "conf"
+ if config.pki_master_dict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS:
+ config.pki_master_dict['pki_war'] =\
+ config.pki_master_dict['pki_source_root'] + "/" +\
+ config.pki_master_dict['pki_subsystem'].lower() + "/" +\
+ "war" + "/" + config.pki_master_dict['pki_war_name']
+ config.pki_master_dict['pki_tomcat_bin_path'] =\
+ config.pki_master_dict['pki_tomcat_root'] + "/" + "bin"
+ config.pki_master_dict['pki_tomcat_lib_path'] =\
+ config.pki_master_dict['pki_tomcat_root'] + "/" + "lib"
+ if config.pki_master_dict['pki_subsystem'] == "CA":
+ config.pki_master_dict['pki_source_emails'] =\
+ config.pki_master_dict['pki_source_root'] + "/" +\
+ "ca" + "/" + "emails"
+ config.pki_master_dict['pki_source_profiles'] =\
+ config.pki_master_dict['pki_source_root'] + "/" +\
+ "ca" + "/" + "profiles"
+ # Instance layout base name/value pairs
+ config.pki_master_dict['pki_root_prefix'] = config.pki_root_prefix
+ config.pki_master_dict['pki_path'] =\
+ config.pki_master_dict['pki_root_prefix'] +\
+ config.pki_master_dict['pki_instance_root']
+ config.pki_master_dict['pki_instance_path'] =\
+ config.pki_master_dict['pki_path'] + "/" +\
+ config.pki_master_dict['pki_instance_name']
+ config.pki_master_dict['pki_instance_database_link'] =\
+ config.pki_master_dict['pki_instance_path'] + "/" + "alias"
+ # Instance layout log name/value pairs
+ config.pki_master_dict['pki_log_path'] =\
+ config.pki_master_dict['pki_root_prefix'] +\
+ config.pki_master_dict['pki_instance_log_root']
+ config.pki_master_dict['pki_instance_log_path'] =\
+ config.pki_master_dict['pki_log_path'] + "/" +\
+ config.pki_master_dict['pki_instance_name']
+ # Instance layout configuration name/value pairs
+ config.pki_master_dict['pki_configuration_path'] =\
+ config.pki_master_dict['pki_root_prefix'] +\
+ config.pki_master_dict['pki_instance_configuration_root']
+ config.pki_master_dict['pki_instance_configuration_path'] =\
+ config.pki_master_dict['pki_configuration_path'] + "/" +\
+ config.pki_master_dict['pki_instance_name']
+ # Instance layout registry name/value pairs
+ config.pki_master_dict['pki_registry_path'] =\
+ config.pki_master_dict['pki_root_prefix'] +\
+ config.PKI_DEPLOYMENT_REGISTRY_ROOT
+ config.pki_master_dict['pki_instance_registry_path'] =\
+ config.pki_master_dict['pki_registry_path'] + "/" +\
+ config.pki_master_dict['pki_instance_name']
+ # Instance-based webserver Apache base name/value pairs
+ if config.pki_master_dict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS:
+ config.pki_master_dict['pki_apache_path'] =\
+ config.pki_master_dict['pki_instance_path'] + "/apache"
+ # Instance-based webserver Tomcat base name/value pairs
+ if config.pki_master_dict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS:
+ config.pki_master_dict['pki_tomcat_path'] =\
+ config.pki_master_dict['pki_instance_path'] + "/" + "tomcat"
+ config.pki_master_dict['pki_tomcat_bin_link'] =\
+ config.pki_master_dict['pki_tomcat_path'] + "/" + "bin"
+ config.pki_master_dict['pki_common_path'] =\
+ config.pki_master_dict['pki_tomcat_path'] + "/" + "common"
+ config.pki_master_dict['pki_common_lib_path'] =\
+ config.pki_master_dict['pki_common_path'] + "/" + "lib"
+ config.pki_master_dict['pki_conf_path'] =\
+ config.pki_master_dict['pki_tomcat_path'] + "/" + "conf"
+ config.pki_master_dict['pki_tomcat_lib_link'] =\
+ config.pki_master_dict['pki_tomcat_path'] + "/" + "lib"
+ config.pki_master_dict['pki_tomcat_logs_link'] =\
+ config.pki_master_dict['pki_tomcat_path'] + "/" + "logs"
+ config.pki_master_dict['pki_webapps_path'] =\
+ config.pki_master_dict['pki_tomcat_path'] + "/" + "webapps"
+ config.pki_master_dict['pki_webapps_root_path'] =\
+ config.pki_master_dict['pki_webapps_path'] + "/" + "ROOT"
+ config.pki_master_dict['pki_webapps_root_webinf_path'] =\
+ config.pki_master_dict['pki_webapps_root_path'] + "/" + "WEB-INF"
+ config.pki_master_dict['pki_webapps_webinf_path'] =\
+ config.pki_master_dict['pki_webapps_path'] + "/" + "WEB-INF"
+ config.pki_master_dict['pki_webapps_webinf_classes_path'] =\
+ config.pki_master_dict['pki_webapps_webinf_path'] + "/" + "classes"
+ config.pki_master_dict['pki_webapps_webinf_lib_path'] =\
+ config.pki_master_dict['pki_webapps_webinf_path'] + "/" + "lib"
+ config.pki_master_dict['pki_webapps_subsystem_path'] =\
+ config.pki_master_dict['pki_webapps_path'] + "/" +\
+ config.pki_master_dict['pki_subsystem'].lower()
+ config.pki_master_dict['pki_webapps_subsystem_webinf_classes_link'] =\
+ config.pki_master_dict['pki_webapps_subsystem_path'] + "/" +\
+ "WEB-INF" + "/" + "classes"
+ config.pki_master_dict['pki_webapps_subsystem_webinf_lib_link'] =\
+ config.pki_master_dict['pki_webapps_subsystem_path'] + "/" +\
+ "WEB-INF" + "/" + "lib"
+ # Instance-based webserver Apache/Tomcat configuration name/value pairs
+ config.pki_master_dict['pki_database_path'] =\
+ config.pki_master_dict['pki_instance_configuration_path'] + "/" +\
+ "alias"
+ # Instance-based subsystem base name/value pairs
+ config.pki_master_dict['pki_subsystem_path'] =\
+ config.pki_master_dict['pki_instance_path'] + "/" +\
+ config.pki_master_dict['pki_subsystem'].lower()
+ config.pki_master_dict['pki_subsystem_database_link'] =\
+ config.pki_master_dict['pki_subsystem_path'] + "/" + "alias"
+ config.pki_master_dict['pki_subsystem_configuration_link'] =\
+ config.pki_master_dict['pki_subsystem_path'] + "/" + "conf"
+ config.pki_master_dict['pki_subsystem_logs_link'] =\
+ config.pki_master_dict['pki_subsystem_path'] + "/" + "logs"
+ if config.pki_master_dict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS:
+ if config.pki_master_dict['pki_subsystem'] == "CA":
+ config.pki_master_dict['pki_subsystem_emails_path'] =\
+ config.pki_master_dict['pki_subsystem_path'] + "/" + "emails"
+ config.pki_master_dict['pki_subsystem_profiles_path'] =\
+ config.pki_master_dict['pki_subsystem_path'] + "/" + "profiles"
+ config.pki_master_dict['pki_subsystem_webapps_link'] =\
+ config.pki_master_dict['pki_subsystem_path'] + "/" + "webapps"
+ # Instance-based subsystem log name/value pairs
+ config.pki_master_dict['pki_subsystem_log_path'] =\
+ config.pki_master_dict['pki_instance_log_path'] + "/" +\
+ config.pki_master_dict['pki_subsystem'].lower()
+ config.pki_master_dict['pki_subsystem_signed_audit_log_path'] =\
+ config.pki_master_dict['pki_subsystem_log_path'] + "/" +\
+ "signedAudit"
+ # Instance-based subsystem configuration name/value pairs
+ config.pki_master_dict['pki_subsystem_configuration_path'] =\
+ config.pki_master_dict['pki_instance_configuration_path'] + "/" +\
+ config.pki_master_dict['pki_subsystem'].lower()
+ # Instance-based subsystem registry name/value pairs
+ config.pki_master_dict['pki_subsystem_registry_path'] =\
+ config.pki_master_dict['pki_instance_registry_path'] + "/" +\
+ config.pki_master_dict['pki_subsystem'].lower()
+ return