summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/scriptlets
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-12-18 14:46:41 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-12-18 14:46:41 -0500
commit6260aca7bf54b5406db24ff368b52363a3c9ea28 (patch)
treed2ba8cb388facb4f963cfd890914cd935389bbe0 /base/deploy/src/scriptlets
parent6e77f338ca848ec204a666b1a39bfcbc6c05301c (diff)
downloadpki-ticket-380.tar.gz
pki-ticket-380.tar.xz
pki-ticket-380.zip
Diffstat (limited to 'base/deploy/src/scriptlets')
-rw-r--r--base/deploy/src/scriptlets/infrastructure_layout.py12
-rw-r--r--base/deploy/src/scriptlets/pkiconfig.py9
-rw-r--r--base/deploy/src/scriptlets/pkihelper.py4
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py138
4 files changed, 101 insertions, 62 deletions
diff --git a/base/deploy/src/scriptlets/infrastructure_layout.py b/base/deploy/src/scriptlets/infrastructure_layout.py
index 947fbcdfe..5d0924f12 100644
--- a/base/deploy/src/scriptlets/infrastructure_layout.py
+++ b/base/deploy/src/scriptlets/infrastructure_layout.py
@@ -58,8 +58,16 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.directory.create(master['pki_subsystem_registry_path'])
util.file.copy(master['pki_default_deployment_cfg'],
master['pki_default_deployment_cfg_replica'])
- util.file.copy(master['pki_user_deployment_cfg'],
- master['pki_user_deployment_cfg_replica'])
+ if master['pki_user_deployment_cfg']:
+ util.file.copy(master['pki_user_deployment_cfg'],
+ master['pki_user_deployment_cfg_replica'])
+ else:
+ with open(master['pki_user_deployment_cfg_replica'], 'w') as f:
+ f.write('[' + master['pki_subsystem'] + ']\n')
+ f.write('pki_instance_name=' + master['pki_instance_name'] + '\n')
+ f.write('pki_admin_password=' + master['pki_admin_password'] + '\n')
+ f.write('pki_ds_password=' + master['pki_ds_password'] + '\n')
+
# establish top-level infrastructure, instance, and subsystem
# base directories and create the "registry" symbolic link that
# the "pkidestroy" executable relies upon
diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py
index 7b20e474a..d85c4f140 100644
--- a/base/deploy/src/scriptlets/pkiconfig.py
+++ b/base/deploy/src/scriptlets/pkiconfig.py
@@ -125,15 +125,18 @@ pki_deployment_executable = None
# PKI Deployment "Mandatory" Command-Line Variables
pki_subsystem = None
-# 'pkispawn' ONLY
default_deployment_cfg = None
user_deployment_cfg = None
-# 'pkidestroy' ONLY
-pki_deployed_instance_name = None
+pki_instance_name = None
# PKI Deployment "Optional" Command-Line Variables
# 'pkispawn' ONLY
pki_update_flag = False
+pki_http_port = None
+pki_https_port = None
+pki_admin_user_name = None
+pki_admin_password = None
+pki_security_domain_name = None
# PKI Deployment "Test" Command-Line Variables
pki_root_prefix = None
diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py
index 1eb7b51e6..ca0227f7e 100644
--- a/base/deploy/src/scriptlets/pkihelper.py
+++ b/base/deploy/src/scriptlets/pkihelper.py
@@ -792,11 +792,11 @@ class configuration_file:
# Silently verify that the command-line parameters match the values
# that are present in the corresponding configuration file
if master['pki_deployment_executable'] == 'pkidestroy':
- if master['pki_deployed_instance_name'] !=\
+ if master['pki_instance_name'] !=\
master['pki_instance_id']:
config.pki_log.error(
log.PKIHELPER_COMMAND_LINE_PARAMETER_MISMATCH_2,
- master['pki_deployed_instance_name'],
+ master['pki_instance_name'],
master['pki_instance_id'],
extra=config.PKI_INDENTATION_LEVEL_2)
sys.exit(1)
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
index 558873ded..390d19a8c 100644
--- a/base/deploy/src/scriptlets/pkiparser.py
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -22,6 +22,7 @@
# System Imports
import ConfigParser
import argparse
+import getpass
import logging
import os
import random
@@ -57,7 +58,7 @@ class PKIConfigParser:
self.mandatory.add_argument('-s',
dest='pki_subsystem', action='store',
nargs=1, choices=config.PKI_SUBSYSTEMS,
- required=True, metavar='<subsystem>',
+ metavar='<subsystem>',
help='where <subsystem> is '
'CA, KRA, OCSP, RA, TKS, or TPS')
# Establish 'Optional' command-line options
@@ -122,7 +123,7 @@ class PKIConfigParser:
return args
- def validate(self):
+ def initialize(self):
# Validate command-line options
if len(config.pki_root_prefix) > 0:
@@ -145,16 +146,45 @@ class PKIConfigParser:
self.arg_parser.print_help()
self.arg_parser.exit(-1);
- # verify user configuration file exists
- if not os.path.exists(config.user_deployment_cfg) or\
- not os.path.isfile(config.user_deployment_cfg):
- print "ERROR: " +\
- log.PKI_FILE_MISSING_OR_NOT_A_FILE_1 %\
- config.user_deployment_cfg
- print
- self.arg_parser.print_help()
- self.arg_parser.exit(-1);
+ if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS:
+ default_instance_name = 'pki-tomcat'
+ default_http_port = '8080'
+ default_https_port = '8443'
+ else:
+ default_instance_name = 'pki-apache'
+ default_http_port = '80'
+ default_https_port = '443'
+ self.pki_config = ConfigParser.SafeConfigParser({
+ 'pki_instance_name': default_instance_name,
+ 'pki_http_port': default_http_port,
+ 'pki_https_port': default_https_port,
+ 'pki_dns_domainname': config.pki_dns_domainname,
+ 'pki_subsystem' : config.pki_subsystem,
+ 'pki_hostname': config.pki_hostname})
+
+ # Make keys case-sensitive!
+ self.pki_config.optionxform = str
+ with open(config.default_deployment_cfg) as f:
+ self.pki_config.readfp(f)
+
+ config.pki_master_dict = dict(self.pki_config.items('DEFAULT'))
+ if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS:
+ config.pki_master_dict.update(dict(self.pki_config.items('Tomcat')))
+ else:
+ config.pki_master_dict.update(dict(self.pki_config.items('Apache')))
+ config.pki_master_dict.update(dict(self.pki_config.items(config.pki_subsystem)))
+
+ if config.user_deployment_cfg:
+ # verify user configuration file exists
+ if not os.path.exists(config.user_deployment_cfg) or\
+ not os.path.isfile(config.user_deployment_cfg):
+ print "ERROR: " +\
+ log.PKI_FILE_MISSING_OR_NOT_A_FILE_1 %\
+ config.user_deployment_cfg
+ print
+ parser.arg_parser.print_help()
+ parser.arg_parser.exit(-1);
# The following code is based heavily upon
# "http://www.decalage.info/en/python/configparser"
@@ -179,53 +209,46 @@ class PKIConfigParser:
f.close()
return values
+ def read_text(self, property, message):
+ default = config.pki_master_dict[property]
+ if default:
+ message = message + ' [' + default + ']'
+ value = raw_input(message + ': ')
+ if len(value) == 0:
+ value = default
+ config.pki_master_dict[property] = value
+
+ def read_password(self, property, message):
+ value = ''
+ while len(value) == 0:
+ value = getpass.getpass(prompt=message + ': ')
+ config.pki_master_dict[property] = value
def read_pki_configuration_file(self):
"Read configuration file sections into dictionaries"
rv = 0
try:
- if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS:
- default_instance_name = 'pki-tomcat'
- default_http_port = '8080'
- default_https_port = '8443'
- else:
- default_instance_name = 'pki-apache'
- default_http_port = '80'
- default_https_port = '443'
-
- predefined_dict = {'pki_instance_name': default_instance_name,
- 'pki_http_port': default_http_port,
- 'pki_https_port': default_https_port,
- 'pki_dns_domainname': config.pki_dns_domainname,
- 'pki_subsystem' : config.pki_subsystem,
- 'pki_hostname': config.pki_hostname}
+ print pkilogging.format(config.pki_master_dict)
- self.pki_config = ConfigParser.SafeConfigParser(predefined_dict)
+ self.pki_config = ConfigParser.SafeConfigParser(config.pki_master_dict)
# Make keys case-sensitive!
self.pki_config.optionxform = str
- self.pki_config.read([
- config.default_deployment_cfg,
- config.user_deployment_cfg])
+ with open(config.default_deployment_cfg) as f:
+ self.pki_config.readfp(f)
+
+ if config.user_deployment_cfg:
+ print 'Reading configuration file ' + config.user_deployment_cfg + '.'
+ self.pki_config.read([config.user_deployment_cfg])
+
config.pki_default_dict = dict(self.pki_config.items('DEFAULT'))
- pkilogging.sensitive_parameters = config.pki_default_dict['sensitive_parameters'].split()
- if config.pki_subsystem == "CA":
- config.pki_web_server_dict = dict(self.pki_config.items('Tomcat'))
- config.pki_subsystem_dict = dict(self.pki_config.items('CA'))
- elif config.pki_subsystem == "KRA":
- config.pki_web_server_dict = dict(self.pki_config.items('Tomcat'))
- config.pki_subsystem_dict = dict(self.pki_config.items('KRA'))
- elif config.pki_subsystem == "OCSP":
- config.pki_web_server_dict = dict(self.pki_config.items('Tomcat'))
- config.pki_subsystem_dict = dict(self.pki_config.items('OCSP'))
- elif config.pki_subsystem == "RA":
- config.pki_web_server_dict = dict(self.pki_config.items('Apache'))
- config.pki_subsystem_dict = dict(self.pki_config.items('RA'))
- elif config.pki_subsystem == "TKS":
- config.pki_web_server_dict = dict(self.pki_config.items('Tomcat'))
- config.pki_subsystem_dict = dict(self.pki_config.items('TKS'))
- elif config.pki_subsystem == "TPS":
- config.pki_web_server_dict = dict(self.pki_config.items('Apache'))
- config.pki_subsystem_dict = dict(self.pki_config.items('TPS'))
+ if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS:
+ if self.pki_config.has_section('Tomcat'):
+ config.pki_web_server_dict = dict(self.pki_config.items('Tomcat'))
+ else:
+ if self.pki_config.has_section('Apache'):
+ config.pki_web_server_dict = dict(self.pki_config.items('Apache'))
+ if self.pki_config.has_section(config.pki_subsystem):
+ config.pki_subsystem_dict = dict(self.pki_config.items(config.pki_subsystem))
# Insert empty record into dictionaries for "pretty print" statements
# NEVER print "sensitive" key value pairs!!!
config.pki_default_dict[0] = None
@@ -240,7 +263,6 @@ class PKIConfigParser:
def compose_pki_master_dictionary(self):
"Create a single master PKI dictionary from the sectional dictionaries"
try:
- config.pki_master_dict = dict()
# 'pkispawn'/'pkirespawn'/'pkidestroy' name/value pairs
config.pki_master_dict['pki_deployment_executable'] =\
config.pki_deployment_executable
@@ -253,8 +275,9 @@ class PKIConfigParser:
config.pki_jython_log_level
config.pki_master_dict['pki_default_deployment_cfg'] = config.default_deployment_cfg
config.pki_master_dict['pki_user_deployment_cfg'] = config.user_deployment_cfg
- config.pki_master_dict['pki_deployed_instance_name'] =\
- config.pki_deployed_instance_name
+ if config.pki_instance_name:
+ config.pki_master_dict['pki_instance_name'] =\
+ config.pki_instance_name
# Generate random 'pin's for use as security database passwords
# and add these to the "sensitive" key value pairs read in from
# the configuration file
@@ -266,11 +289,16 @@ class PKIConfigParser:
random.randint(pin_low, pin_high)
# Configuration file name/value pairs
# NEVER add "sensitive" key value pairs to the master dictionary!!!
- config.pki_master_dict.update(config.pki_default_dict)
- config.pki_master_dict.update(config.pki_web_server_dict)
- config.pki_master_dict.update(config.pki_subsystem_dict)
+ if config.pki_default_dict:
+ config.pki_master_dict.update(config.pki_default_dict)
+ if config.pki_web_server_dict:
+ config.pki_master_dict.update(config.pki_web_server_dict)
+ if config.pki_subsystem_dict:
+ config.pki_master_dict.update(config.pki_subsystem_dict)
config.pki_master_dict.update(__name__="PKI Master Dictionary")
+ pkilogging.sensitive_parameters = config.pki_master_dict['sensitive_parameters'].split()
+
# RESTEasy
config.pki_master_dict['RESTEASY_LIB'] =\
subprocess.check_output(