From 391d345b5a6a1a905e3db4105a65dd4fdd0d19a9 Mon Sep 17 00:00:00 2001 From: Matthew Harmsen Date: Fri, 4 May 2012 20:29:35 -0700 Subject: PKI Deployment Scriptlets * Re-aligned code to account for revised layout documented at http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment * Massaged logic to comply with PKI subsystem running within a shared instance * Developed code to take advantage of a single shared NSS security database model * Completed the following two 'scriptlets': * Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/146) * Dogtag 10: Python 'security_databases.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/136) * Created several additional PKI deployment helper utilities. --- base/deploy/src/scriptlets/instance_layout.py | 72 +++++++++++++++++++-------- 1 file changed, 51 insertions(+), 21 deletions(-) (limited to 'base/deploy/src/scriptlets/instance_layout.py') diff --git a/base/deploy/src/scriptlets/instance_layout.py b/base/deploy/src/scriptlets/instance_layout.py index 38234f4cc..baa261cad 100644 --- a/base/deploy/src/scriptlets/instance_layout.py +++ b/base/deploy/src/scriptlets/instance_layout.py @@ -48,6 +48,11 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # establish instance registry util.directory.create(master['pki_registry_path']) util.directory.create(master['pki_instance_registry_path']) + # establish shared NSS security databases + util.directory.create(master['pki_database_path']) + # establish convenience symbolic links + util.symlink.create(master['pki_database_path'], + master['pki_instance_database_link']) return self.rv def respawn(self): @@ -67,31 +72,56 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # update instance registry util.directory.modify(master['pki_registry_path']) util.directory.modify(master['pki_instance_registry_path']) + # update shared NSS security databases + util.directory.modify(master['pki_database_path']) + # update convenience symbolic links + util.symlink.modify(master['pki_instance_database_link']) return self.rv def destroy(self): config.pki_log.info(log.INSTANCE_DESTROY_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) # remove instance base - if util.directory.is_empty(master['pki_instance_path']): - util.directory.delete(master['pki_instance_path']) - if util.directory.is_empty(master['pki_path']): - util.directory.delete(master['pki_path']) - # remove instance logs - if util.directory.is_empty(master['pki_instance_log_path']): - util.directory.delete(master['pki_instance_log_path']) - if util.directory.is_empty(master['pki_log_path']): - util.directory.delete(master['pki_log_path']) - # remove instance configuration - if util.directory.is_empty(master['pki_instance_configuration_path']): - util.directory.delete(master['pki_instance_configuration_path']) - if util.directory.is_empty(master['pki_configuration_path']) and\ - master['pki_configuration_path'] !=\ - config.PKI_SHARED_CONFIGURATION_ROOT: - util.directory.delete(master['pki_configuration_path']) - # remove instance registry - if util.directory.is_empty(master['pki_instance_registry_path']): - util.directory.delete(master['pki_instance_registry_path']) - if util.directory.is_empty(master['pki_registry_path']): - util.directory.delete(master['pki_registry_path']) + if not config.pki_dry_run_flag: + if master['pki_subsystem'] in config.PKI_SUBSYSTEMS and\ + util.instance.pki_subsystem_instances() == 0: + # remove instance base + util.directory.delete(master['pki_instance_path']) + util.directory.delete(master['pki_path']) + # remove instance logs + util.directory.delete(master['pki_instance_log_path']) + util.directory.delete(master['pki_log_path']) + # remove shared NSS security database path + util.directory.delete(master['pki_database_path']) + # remove instance configuration + util.directory.delete(master['pki_instance_configuration_path']) + if util.directory.is_empty(master['pki_configuration_path'])\ + and master['pki_configuration_path'] !=\ + config.PKI_SHARED_CONFIGURATION_ROOT: + util.directory.delete(master['pki_configuration_path']) + # remove instance registry + util.directory.delete(master['pki_instance_registry_path']) + util.directory.delete(master['pki_registry_path']) + util.file.delete(master['pki_target_tomcat_conf']) + + else: + # ALWAYS display correct information (even during dry_run) + if master['pki_subsystem'] in config.PKI_SUBSYSTEMS and\ + util.instance.pki_subsystem_instances() == 1: + # remove instance base + util.directory.delete(master['pki_instance_path']) + util.directory.delete(master['pki_path']) + # remove instance logs + util.directory.delete(master['pki_instance_log_path']) + util.directory.delete(master['pki_log_path']) + # remove shared NSS security database path + util.directory.delete(master['pki_database_path']) + if util.directory.is_empty(master['pki_configuration_path'])\ + and master['pki_configuration_path'] !=\ + config.PKI_SHARED_CONFIGURATION_ROOT: + util.directory.delete(master['pki_configuration_path']) + # remove instance registry + util.directory.delete(master['pki_instance_registry_path']) + util.directory.delete(master['pki_registry_path']) + util.file.delete(master['pki_target_tomcat_conf']) return self.rv -- cgit