manageiq-appliance_console 5.4.0 → 6.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.codeclimate.yml +24 -25
- data/.rspec_ci +2 -0
- data/.rubocop.yml +3 -3
- data/.rubocop_cc.yml +3 -4
- data/.rubocop_local.yml +1 -1
- data/.travis.yml +4 -3
- data/Gemfile +1 -3
- data/README.md +1 -2
- data/Rakefile +20 -1
- data/bin/appliance_console +30 -6
- data/lib/manageiq/appliance_console/certificate_authority.rb +1 -1
- data/lib/manageiq/appliance_console/cli.rb +66 -20
- data/lib/manageiq/appliance_console/database_configuration.rb +2 -1
- data/lib/manageiq/appliance_console/database_replication.rb +1 -1
- data/lib/manageiq/appliance_console/database_replication_standby.rb +1 -1
- data/lib/manageiq/appliance_console/internal_database_configuration.rb +1 -1
- data/lib/manageiq/appliance_console/logfile_configuration.rb +2 -2
- data/lib/manageiq/appliance_console/message_configuration.rb +199 -0
- data/lib/manageiq/appliance_console/message_configuration_client.rb +96 -0
- data/lib/manageiq/appliance_console/message_configuration_server.rb +319 -0
- data/lib/manageiq/appliance_console/oidc_authentication.rb +43 -4
- data/lib/manageiq/appliance_console/postgres_admin.rb +325 -0
- data/lib/manageiq/appliance_console/utilities.rb +45 -1
- data/lib/manageiq/appliance_console/version.rb +1 -1
- data/lib/manageiq-appliance_console.rb +2 -6
- data/locales/appliance/en.yml +1 -1
- data/locales/container/en.yml +1 -1
- data/manageiq-appliance_console.gemspec +3 -3
- metadata +39 -24
- data/lib/manageiq/appliance_console/messaging_configuration.rb +0 -92
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e7ed6c6df2d284c02eba3f022dd09735b6412719746ddc28c7485a08d472c282
|
4
|
+
data.tar.gz: 1f35253097961ddbf12b01baa21b079a782d8e3eea2692b17f11443cfe4df9b1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 987814a43c0d007aa8e03a35e2a15f92f2e681913e0680c0d4665f0ea190baa65b971f869683967674f866587ec4d1470a0ce78cdf77e31501b744d3ffa30df9
|
7
|
+
data.tar.gz: 33e138cf775bba965835a49796484129e0a52b62c1148792f13984c1515a24221a3d0513673ca603d106420a4261b96ed9714dcf3a3160687c52bec00c61ef81
|
data/.codeclimate.yml
CHANGED
@@ -1,13 +1,18 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
-
|
4
|
-
|
5
|
-
-
|
6
|
-
|
7
|
-
-
|
8
|
-
|
9
|
-
-
|
10
|
-
|
1
|
+
prepare:
|
2
|
+
fetch:
|
3
|
+
- url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/.rubocop_base.yml
|
4
|
+
path: ".rubocop_base.yml"
|
5
|
+
- url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/.rubocop_cc_base.yml
|
6
|
+
path: ".rubocop_cc_base.yml"
|
7
|
+
- url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/styles/base.yml
|
8
|
+
path: styles/base.yml
|
9
|
+
- url: https://raw.githubusercontent.com/ManageIQ/manageiq-style/master/styles/cc_base.yml
|
10
|
+
path: styles/cc_base.yml
|
11
|
+
plugins:
|
12
|
+
rubocop:
|
13
|
+
enabled: true
|
14
|
+
config: ".rubocop_cc.yml"
|
15
|
+
channel: rubocop-0-82
|
11
16
|
brakeman:
|
12
17
|
enabled: false
|
13
18
|
bundler-audit:
|
@@ -27,18 +32,12 @@ engines:
|
|
27
32
|
enabled: false
|
28
33
|
markdownlint:
|
29
34
|
enabled: false
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
path: ".rubocop_cc_base.yml"
|
40
|
-
ratings:
|
41
|
-
paths:
|
42
|
-
- Gemfile.lock
|
43
|
-
- "**.rake"
|
44
|
-
- "**.rb"
|
35
|
+
exclude_patterns:
|
36
|
+
- ".git/"
|
37
|
+
- "**.xml"
|
38
|
+
- "**.yaml"
|
39
|
+
- "**.yml"
|
40
|
+
- locale/
|
41
|
+
- spec/
|
42
|
+
- tools/
|
43
|
+
version: '2'
|
data/.rspec_ci
CHANGED
data/.rubocop.yml
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
+
inherit_gem:
|
2
|
+
manageiq-style: ".rubocop_base.yml"
|
1
3
|
inherit_from:
|
2
|
-
-
|
3
|
-
# put all local rubocop config into .rubocop_local.yml as it will be loaded by .rubocop_cc.yml as well
|
4
|
-
- .rubocop_local.yml
|
4
|
+
- ".rubocop_local.yml"
|
data/.rubocop_cc.yml
CHANGED
data/.rubocop_local.yml
CHANGED
@@ -1,2 +1,2 @@
|
|
1
|
-
# GlobalVars:
|
1
|
+
# Style/GlobalVars:
|
2
2
|
# AllowedVariables:
|
data/.travis.yml
CHANGED
data/Gemfile
CHANGED
@@ -1,7 +1,5 @@
|
|
1
1
|
source 'http://rubygems.manageiq.org'
|
2
2
|
source 'https://rubygems.org'
|
3
3
|
|
4
|
-
# Specify your gem's dependencies in manageiq-
|
4
|
+
# Specify your gem's dependencies in manageiq-appliance_console.gemspec
|
5
5
|
gemspec
|
6
|
-
|
7
|
-
gem "manageiq-gems-pending", :git => "https://github.com/ManageIQ/manageiq-gems-pending", :branch => "master"
|
data/README.md
CHANGED
@@ -1,10 +1,9 @@
|
|
1
1
|
# ManageIQ::ApplianceConsole
|
2
2
|
|
3
3
|
[![Gem Version](https://badge.fury.io/rb/manageiq-appliance_console.svg)](http://badge.fury.io/rb/manageiq-appliance_console)
|
4
|
-
[![Build Status](https://travis-ci.
|
4
|
+
[![Build Status](https://travis-ci.com/ManageIQ/manageiq-appliance_console.svg?branch=master)](https://travis-ci.com/ManageIQ/manageiq-appliance_console)
|
5
5
|
[![Code Climate](https://codeclimate.com/github/ManageIQ/manageiq-appliance_console.svg)](https://codeclimate.com/github/ManageIQ/manageiq-appliance_console)
|
6
6
|
[![Test Coverage](https://codeclimate.com/github/ManageIQ/manageiq-appliance_console/badges/coverage.svg)](https://codeclimate.com/github/ManageIQ/manageiq-appliance_console/coverage)
|
7
|
-
[![Dependency Status](https://gemnasium.com/ManageIQ/manageiq-appliance_console.svg)](https://gemnasium.com/ManageIQ/manageiq-appliance_console)
|
8
7
|
[![Security](https://hakiri.io/github/ManageIQ/manageiq-appliance_console/master.svg)](https://hakiri.io/github/ManageIQ/manageiq-appliance_console/master)
|
9
8
|
|
10
9
|
[![Chat](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/ManageIQ/manageiq-appliance_console?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
|
data/Rakefile
CHANGED
@@ -1,6 +1,25 @@
|
|
1
1
|
require "bundler/gem_tasks"
|
2
2
|
require "rspec/core/rake_task"
|
3
3
|
|
4
|
+
desc "Run RSpec code examples (skip postgres required ones)"
|
4
5
|
RSpec::Core::RakeTask.new(:spec)
|
5
6
|
|
6
|
-
|
7
|
+
# In CI, as part of the .rspec_ci, load a helper that sets the configuration
|
8
|
+
# setting to allow the postgres specs to run.
|
9
|
+
desc "Run RSpec code examples (assumes ci dependencies)"
|
10
|
+
RSpec::Core::RakeTask.new("spec:ci") do |t|
|
11
|
+
t.rspec_opts = "--options #{File.expand_path(".rspec_ci", __dir__)}"
|
12
|
+
end
|
13
|
+
|
14
|
+
desc "Run RSpec code examples (with local postgres dependencies)"
|
15
|
+
RSpec::Core::RakeTask.new("spec:dev") do |t|
|
16
|
+
# Load the PostgresRunner helper to facilitate a clean postgres environment
|
17
|
+
# for testing locally (not necessary for CI), and enables the postgres test
|
18
|
+
# via the helper.
|
19
|
+
pg_runner = File.join("spec", "postgres_runner_helper.rb")
|
20
|
+
t.rspec_opts = "-r #{File.expand_path(pg_runner, __dir__)}"
|
21
|
+
end
|
22
|
+
|
23
|
+
task :default do
|
24
|
+
Rake::Task["spec#{':ci' if ENV['CI']}"].invoke
|
25
|
+
end
|
data/bin/appliance_console
CHANGED
@@ -13,7 +13,7 @@ require 'highline/system_extensions'
|
|
13
13
|
require 'rubygems'
|
14
14
|
require 'bcrypt'
|
15
15
|
require 'linux_admin'
|
16
|
-
require '
|
16
|
+
require 'manageiq/appliance_console/postgres_admin'
|
17
17
|
require 'awesome_spawn'
|
18
18
|
include HighLine::SystemExtensions
|
19
19
|
|
@@ -384,13 +384,14 @@ Static Network Configuration
|
|
384
384
|
"Create Region in External Database" => "create_external",
|
385
385
|
"Join Region in External Database" => "join_external",
|
386
386
|
"Reset Configured Database" => "reset_region",
|
387
|
-
"No
|
387
|
+
"Make No Database Changes" => "no_changes"
|
388
388
|
}
|
389
389
|
database_action = ask_with_menu("Database Operation", options)
|
390
390
|
|
391
391
|
messaging_options = {
|
392
|
-
"
|
393
|
-
"
|
392
|
+
"Configure this appliance as a messaging server" => "message_server",
|
393
|
+
"Connect to an external messaging system" => "message_client",
|
394
|
+
"Make No messaging changes" => "no_changes"
|
394
395
|
}
|
395
396
|
|
396
397
|
messaging_action = ask_with_menu("Configure Messaging", messaging_options)
|
@@ -420,8 +421,31 @@ Static Network Configuration
|
|
420
421
|
region = ManageIQ::ApplianceConsole::DatabaseConfiguration.region
|
421
422
|
|
422
423
|
case messaging_action
|
423
|
-
when "
|
424
|
-
|
424
|
+
when "message_server"
|
425
|
+
say("#{selection}\n\n")
|
426
|
+
|
427
|
+
message_server = MessageServerConfiguration.new
|
428
|
+
if message_server.ask_questions && message_server.configure
|
429
|
+
say("\nMessage Server configured successfully.\n")
|
430
|
+
press_any_key
|
431
|
+
else
|
432
|
+
say("\nMessage Server configuration failed!\n")
|
433
|
+
press_any_key
|
434
|
+
raise MiqSignalError
|
435
|
+
end
|
436
|
+
|
437
|
+
when "message_client"
|
438
|
+
say("#{selection}\n\n")
|
439
|
+
|
440
|
+
message_client = MessageClientConfiguration.new
|
441
|
+
if message_client.ask_questions && message_client.configure
|
442
|
+
say("\nMessage Client configured successfully.\n")
|
443
|
+
press_any_key
|
444
|
+
else
|
445
|
+
say("\nMessage Client configuration failed!\n")
|
446
|
+
press_any_key
|
447
|
+
raise MiqSignalError
|
448
|
+
end
|
425
449
|
end
|
426
450
|
|
427
451
|
press_any_key
|
@@ -77,6 +77,22 @@ module ApplianceConsole
|
|
77
77
|
options[:saml_unconfig]
|
78
78
|
end
|
79
79
|
|
80
|
+
def message_server_config?
|
81
|
+
options[:message_server_config]
|
82
|
+
end
|
83
|
+
|
84
|
+
def message_server_unconfig?
|
85
|
+
options[:message_server_unconfig]
|
86
|
+
end
|
87
|
+
|
88
|
+
def message_client_config?
|
89
|
+
options[:message_client_config]
|
90
|
+
end
|
91
|
+
|
92
|
+
def message_client_unconfig?
|
93
|
+
options[:message_client_unconfig]
|
94
|
+
end
|
95
|
+
|
80
96
|
def oidc_config?
|
81
97
|
options[:oidc_config]
|
82
98
|
end
|
@@ -101,10 +117,6 @@ module ApplianceConsole
|
|
101
117
|
options[:openscap]
|
102
118
|
end
|
103
119
|
|
104
|
-
def configure_messaging?
|
105
|
-
options[:messaging_hostname] && options[:messaging_password] && options[:messaging_port] && options[:messaging_username]
|
106
|
-
end
|
107
|
-
|
108
120
|
def initialize(options = {})
|
109
121
|
self.options = options
|
110
122
|
end
|
@@ -169,19 +181,42 @@ module ApplianceConsole
|
|
169
181
|
opt :oidc_client_host, "Optional Appliance host used for OpenID-Connect Authentication", :type => :string
|
170
182
|
opt :oidc_client_id, "The OpenID-Connect Provider Client ID", :type => :string
|
171
183
|
opt :oidc_client_secret, "The OpenID-Connect Provider Client Secret", :type => :string
|
184
|
+
opt :oidc_insecure, "OpenID-Connect Insecure No SSL Verify (development)", :type => :boolean, :default => false
|
185
|
+
opt :oidc_introspection_endpoint, "The OpenID-Connect Provider Introspect Endpoint", :type => :string
|
172
186
|
opt :oidc_enable_sso, "Optionally enable SSO with OpenID-Connect Authentication", :type => :boolean, :default => false
|
173
187
|
opt :oidc_unconfig, "Unconfigure Appliance OpenID-Connect Authentication", :type => :boolean, :default => false
|
174
188
|
opt :server, "{start|stop|restart} actions on evmserverd Server", :type => :string
|
175
189
|
opt :openscap, "Setup OpenScap", :type => :boolean, :default => false
|
176
|
-
opt :
|
177
|
-
opt :
|
178
|
-
opt :
|
179
|
-
opt :
|
190
|
+
opt :message_server_config, "Subcommand to Configure Appliance as a Kafka Message Server", :type => :boolean, :default => false
|
191
|
+
opt :message_server_unconfig, "Subcommand to Unconfigure Appliance as a Kafka Message Server", :type => :boolean, :default => false
|
192
|
+
opt :message_client_config, "Subcommand to Configure Appliance as a Kafka Message Client", :type => :boolean, :default => false
|
193
|
+
opt :message_client_unconfig, "Subcommand to Unconfigure Appliance as a Kafka Message Client", :type => :boolean, :default => false
|
194
|
+
opt :message_keystore_username, "Message Server Keystore Username", :type => :string
|
195
|
+
opt :message_keystore_password, "Message Server Keystore Password", :type => :string
|
196
|
+
opt :message_server_username, "Message Server Username", :type => :string
|
197
|
+
opt :message_server_password, "Message Server password", :type => :string
|
198
|
+
opt :message_server_port, "Message Server Port", :type => :integer
|
199
|
+
opt :message_server_use_ipaddr, "Message Server Use Address", :type => :boolean, :default => false
|
200
|
+
opt :message_server_host, "Message Server Hostname or IP Address", :type => :string
|
201
|
+
opt :message_truststore_path_src, "Message Server Truststore Path", :type => :string
|
202
|
+
opt :message_ca_cert_path_src, "Message Server CA Cert Path", :type => :string
|
203
|
+
opt :message_persistent_disk, "Message Persistent Disk Path", :type => :string
|
180
204
|
end
|
181
205
|
Optimist.die :region, "needed when setting up a local database" if region_number_required? && options[:region].nil?
|
206
|
+
Optimist.die "Supply only one of --message-server-host or --message-server-use-ipaddr=true" if both_host_and_use_ip_addr_specified?
|
207
|
+
Optimist.die "Supply only one of --message-server-config, --message-server-unconfig, --message-client-config or --message-client-unconfig" if multiple_message_subcommands?
|
182
208
|
self
|
183
209
|
end
|
184
210
|
|
211
|
+
def both_host_and_use_ip_addr_specified?
|
212
|
+
!options[:message_server_host].nil? && options[:message_server_use_ipaddr] == true
|
213
|
+
end
|
214
|
+
|
215
|
+
def multiple_message_subcommands?
|
216
|
+
a = [options[:message_server_config], options[:message_server_unconfig], options[:message_client_config], options[:message_client_unconfig]]
|
217
|
+
a.each_with_object(Hash.new(0)) { |o, h| h[o] += 1 }[true] > 1
|
218
|
+
end
|
219
|
+
|
185
220
|
def region_number_required?
|
186
221
|
!options[:standalone] && local_database?
|
187
222
|
end
|
@@ -191,7 +226,9 @@ module ApplianceConsole
|
|
191
226
|
uninstall_ipa? || install_ipa? || certs? || extauth_opts? ||
|
192
227
|
set_server_state? || set_replication? || openscap? ||
|
193
228
|
saml_config? || saml_unconfig? ||
|
194
|
-
oidc_config? || oidc_unconfig? ||
|
229
|
+
oidc_config? || oidc_unconfig? ||
|
230
|
+
message_server_config? || message_server_unconfig? ||
|
231
|
+
message_client_config? || message_client_unconfig?
|
195
232
|
|
196
233
|
if set_host?
|
197
234
|
system_hosts = LinuxAdmin::Hosts.new
|
@@ -215,7 +252,10 @@ module ApplianceConsole
|
|
215
252
|
oidc_unconfig if oidc_unconfig?
|
216
253
|
set_server_state if set_server_state?
|
217
254
|
openscap if openscap?
|
218
|
-
|
255
|
+
message_server_config if message_server_config?
|
256
|
+
message_server_unconfig if message_server_unconfig?
|
257
|
+
message_client_config if message_client_config?
|
258
|
+
message_client_unconfig if message_client_unconfig?
|
219
259
|
rescue CliError => e
|
220
260
|
say(e.message)
|
221
261
|
say("")
|
@@ -417,6 +457,22 @@ module ApplianceConsole
|
|
417
457
|
OIDCAuthentication.new(options).unconfigure
|
418
458
|
end
|
419
459
|
|
460
|
+
def message_server_config
|
461
|
+
MessageServerConfiguration.new(options).configure
|
462
|
+
end
|
463
|
+
|
464
|
+
def message_server_unconfig
|
465
|
+
MessageServerConfiguration.new(options).unconfigure
|
466
|
+
end
|
467
|
+
|
468
|
+
def message_client_config
|
469
|
+
MessageClientConfiguration.new(options).configure
|
470
|
+
end
|
471
|
+
|
472
|
+
def message_client_unconfig
|
473
|
+
MessageClientConfiguration.new(options).unconfigure
|
474
|
+
end
|
475
|
+
|
420
476
|
def set_server_state
|
421
477
|
service = LinuxAdmin::Service.new("evmserverd")
|
422
478
|
service_running = service.running?
|
@@ -435,16 +491,6 @@ module ApplianceConsole
|
|
435
491
|
def self.parse(args)
|
436
492
|
new.parse(args).run
|
437
493
|
end
|
438
|
-
|
439
|
-
def configure_messaging
|
440
|
-
say("configuring messaging")
|
441
|
-
ManageIQ::ApplianceConsole::MessagingConfiguration.new.save(
|
442
|
-
"hostname" => options[:messaging_hostname],
|
443
|
-
"password" => options[:messaging_password],
|
444
|
-
"port" => options[:messaging_port],
|
445
|
-
"username" => options[:messaging_username]
|
446
|
-
)
|
447
|
-
end
|
448
494
|
end
|
449
495
|
end
|
450
496
|
end
|
@@ -8,7 +8,8 @@ require 'fileutils'
|
|
8
8
|
module ManageIQ
|
9
9
|
module ApplianceConsole
|
10
10
|
class DatabaseConfiguration
|
11
|
-
attr_accessor :adapter, :host, :username, :database, :
|
11
|
+
attr_accessor :adapter, :host, :username, :database, :port, :region
|
12
|
+
attr_reader :password
|
12
13
|
|
13
14
|
class ModelWithNoBackingTable < ActiveRecord::Base
|
14
15
|
end
|
@@ -1,7 +1,7 @@
|
|
1
|
+
require "manageiq/appliance_console/utilities"
|
1
2
|
require 'linux_admin'
|
2
3
|
require 'pathname'
|
3
4
|
require 'fileutils'
|
4
|
-
require 'util/miq-system.rb'
|
5
5
|
|
6
6
|
module ManageIQ
|
7
7
|
module ApplianceConsole
|
@@ -18,7 +18,7 @@ module ApplianceConsole
|
|
18
18
|
self.disk = config[:disk]
|
19
19
|
self.new_logrotate_count = nil
|
20
20
|
|
21
|
-
self.size =
|
21
|
+
self.size = Utilities.disk_usage(LOGFILE_DIRECTORY)[0][:total_bytes]
|
22
22
|
self.current_logrotate_count = /rotate\s+(\d+)/.match(File.read(MIQ_LOGS_CONF))[1]
|
23
23
|
self.evm_was_running = LinuxAdmin::Service.new("evmserverd").running?
|
24
24
|
end
|
@@ -0,0 +1,199 @@
|
|
1
|
+
require 'active_support/core_ext/module/delegation'
|
2
|
+
require 'pathname'
|
3
|
+
|
4
|
+
module ManageIQ
|
5
|
+
module ApplianceConsole
|
6
|
+
class MessageConfiguration
|
7
|
+
attr_reader :message_keystore_username, :message_keystore_password,
|
8
|
+
:message_server_host, :message_server_port,
|
9
|
+
:miq_config_dir_path, :config_dir_path, :sample_config_dir_path,
|
10
|
+
:client_properties_path,
|
11
|
+
:keystore_dir_path, :truststore_path, :keystore_path,
|
12
|
+
:messaging_yaml_sample_path, :messaging_yaml_path,
|
13
|
+
:ca_cert_path
|
14
|
+
|
15
|
+
BASE_DIR = "/opt/kafka".freeze
|
16
|
+
LOGS_DIR = "#{BASE_DIR}/logs".freeze
|
17
|
+
CONFIG_DIR = "#{BASE_DIR}/config".freeze
|
18
|
+
SAMPLE_CONFIG_DIR = "#{BASE_DIR}/config-sample".freeze
|
19
|
+
MIQ_CONFIG_DIR = ManageIQ::ApplianceConsole::RAILS_ROOT.join("config").freeze
|
20
|
+
|
21
|
+
def initialize(options = {})
|
22
|
+
@message_server_port = options[:message_server_port] || 9093
|
23
|
+
@message_keystore_username = options[:message_keystore_username] || "admin"
|
24
|
+
@message_keystore_password = options[:message_keystore_password]
|
25
|
+
|
26
|
+
@miq_config_dir_path = Pathname.new(MIQ_CONFIG_DIR)
|
27
|
+
@config_dir_path = Pathname.new(CONFIG_DIR)
|
28
|
+
@sample_config_dir_path = Pathname.new(SAMPLE_CONFIG_DIR)
|
29
|
+
|
30
|
+
@client_properties_path = config_dir_path.join("client.properties")
|
31
|
+
@keystore_dir_path = config_dir_path.join("keystore")
|
32
|
+
@truststore_path = keystore_dir_path.join("truststore.jks")
|
33
|
+
@keystore_path = keystore_dir_path.join("keystore.jks")
|
34
|
+
|
35
|
+
@messaging_yaml_sample_path = miq_config_dir_path.join("messaging.kafka.yml")
|
36
|
+
@messaging_yaml_path = miq_config_dir_path.join("messaging.yml")
|
37
|
+
@ca_cert_path = keystore_dir_path.join("ca-cert")
|
38
|
+
end
|
39
|
+
|
40
|
+
def already_configured?
|
41
|
+
installed_file_found = false
|
42
|
+
installed_files.each do |f|
|
43
|
+
if File.exist?(f)
|
44
|
+
installed_file_found = true
|
45
|
+
say("Installed file #{f} found.")
|
46
|
+
end
|
47
|
+
end
|
48
|
+
installed_file_found
|
49
|
+
end
|
50
|
+
|
51
|
+
def ask_questions
|
52
|
+
return false unless valid_environment?
|
53
|
+
|
54
|
+
ask_for_parameters
|
55
|
+
show_parameters
|
56
|
+
return false unless agree("\nProceed? (Y/N): ")
|
57
|
+
|
58
|
+
return false unless host_reachable?(message_server_host, "Message Server Host:")
|
59
|
+
|
60
|
+
true
|
61
|
+
end
|
62
|
+
|
63
|
+
def create_client_properties
|
64
|
+
say(__method__.to_s.tr("_", " ").titleize)
|
65
|
+
|
66
|
+
return if file_found?(client_properties_path)
|
67
|
+
|
68
|
+
algorithm = message_server_host.ipaddress? ? "" : "HTTPS"
|
69
|
+
protocol = secure? ? "SASL_SSL" : "PLAINTEXT"
|
70
|
+
content = secure? ? secure_client_properties_content(algorithm, protocol) : unsecure_client_properties_content(algorithm, protocol)
|
71
|
+
|
72
|
+
File.write(client_properties_path, content)
|
73
|
+
end
|
74
|
+
|
75
|
+
def secure_client_properties_content(algorithm, protocol)
|
76
|
+
secure_content = <<~CLIENT_PROPERTIES
|
77
|
+
ssl.truststore.location=#{truststore_path}
|
78
|
+
ssl.truststore.password=#{message_keystore_password}
|
79
|
+
CLIENT_PROPERTIES
|
80
|
+
|
81
|
+
unsecure_client_properties_content(algorithm, protocol) + secure_content
|
82
|
+
end
|
83
|
+
|
84
|
+
def unsecure_client_properties_content(algorithm, protocol)
|
85
|
+
<<~CLIENT_PROPERTIES
|
86
|
+
ssl.endpoint.identification.algorithm=#{algorithm}
|
87
|
+
|
88
|
+
sasl.mechanism=PLAIN
|
89
|
+
security.protocol=#{protocol}
|
90
|
+
sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \\
|
91
|
+
username=#{message_keystore_username} \\
|
92
|
+
password=#{message_keystore_password} ;
|
93
|
+
CLIENT_PROPERTIES
|
94
|
+
end
|
95
|
+
|
96
|
+
def configure_messaging_yaml
|
97
|
+
say(__method__.to_s.tr("_", " ").titleize)
|
98
|
+
|
99
|
+
return if file_found?(messaging_yaml_path)
|
100
|
+
|
101
|
+
messaging_yaml = YAML.load_file(messaging_yaml_sample_path)
|
102
|
+
|
103
|
+
messaging_yaml["production"].delete("username")
|
104
|
+
messaging_yaml["production"].delete("password")
|
105
|
+
|
106
|
+
messaging_yaml["production"]["hostname"] = message_server_host
|
107
|
+
messaging_yaml["production"]["port"] = message_server_port
|
108
|
+
messaging_yaml["production"]["sasl.mechanism"] = "PLAIN"
|
109
|
+
messaging_yaml["production"]["sasl.username"] = message_keystore_username
|
110
|
+
messaging_yaml["production"]["sasl.password"] = ManageIQ::Password.try_encrypt(message_keystore_password)
|
111
|
+
|
112
|
+
if secure?
|
113
|
+
messaging_yaml["production"]["security.protocol"] = "SASL_SSL"
|
114
|
+
messaging_yaml["production"]["ssl.ca.location"] = ca_cert_path.to_path
|
115
|
+
else
|
116
|
+
messaging_yaml["production"]["security.protocol"] = "PLAINTEXT"
|
117
|
+
end
|
118
|
+
|
119
|
+
File.write(messaging_yaml_path, messaging_yaml.to_yaml)
|
120
|
+
end
|
121
|
+
|
122
|
+
def remove_installed_files
|
123
|
+
say(__method__.to_s.tr("_", " ").titleize)
|
124
|
+
|
125
|
+
installed_files.each { |f| FileUtils.rm_rf(f) }
|
126
|
+
end
|
127
|
+
|
128
|
+
def valid_environment?
|
129
|
+
if already_configured?
|
130
|
+
unconfigure if agree("\nAlready configured on this Appliance, Un-Configure first? (Y/N): ")
|
131
|
+
return false unless agree("\nProceed with Configuration? (Y/N): ")
|
132
|
+
end
|
133
|
+
true
|
134
|
+
end
|
135
|
+
|
136
|
+
def file_found?(path)
|
137
|
+
return false unless File.exist?(path)
|
138
|
+
|
139
|
+
say("\tWARNING: #{path} already exists. Taking no action.")
|
140
|
+
true
|
141
|
+
end
|
142
|
+
|
143
|
+
def files_found?(path_list)
|
144
|
+
return false unless path_list.all? { |path| File.exist?(path) }
|
145
|
+
|
146
|
+
path_list.each { |path| file_found?(path) }
|
147
|
+
true
|
148
|
+
end
|
149
|
+
|
150
|
+
def file_contains?(path, content)
|
151
|
+
return false unless File.exist?(path)
|
152
|
+
|
153
|
+
content.split("\n").each do |l|
|
154
|
+
l.gsub!("/", "\\/")
|
155
|
+
l.gsub!(/password=.*$/, "password=") # Remove the password as it can have special characters that grep can not match.
|
156
|
+
return false unless File.foreach(path).grep(/#{l}/).any?
|
157
|
+
end
|
158
|
+
|
159
|
+
say("Content already exists in #{path}. Taking no action.")
|
160
|
+
true
|
161
|
+
end
|
162
|
+
|
163
|
+
def host_reachable?(host, what)
|
164
|
+
require 'net/ping'
|
165
|
+
say("Checking connectivity to #{host} ... ")
|
166
|
+
unless Net::Ping::External.new(host).ping
|
167
|
+
say("Failed.\nCould not connect to #{host},")
|
168
|
+
say("the #{what} must be reachable by name.")
|
169
|
+
return false
|
170
|
+
end
|
171
|
+
say("Succeeded.")
|
172
|
+
true
|
173
|
+
end
|
174
|
+
|
175
|
+
def configure_messaging_type(value)
|
176
|
+
say(__method__.to_s.tr("_", " ").titleize)
|
177
|
+
|
178
|
+
result = ManageIQ::ApplianceConsole::Utilities.rake_run("evm:settings:set", ["/prototype/messaging_type=#{value}"])
|
179
|
+
raise parse_errors(result).join(', ') if result.failure?
|
180
|
+
end
|
181
|
+
|
182
|
+
def restart_evmserverd
|
183
|
+
say("Restart evmserverd if it is running...")
|
184
|
+
evmserverd_service = LinuxAdmin::Service.new("evmserverd")
|
185
|
+
evmserverd_service.restart if evmserverd_service.running?
|
186
|
+
end
|
187
|
+
|
188
|
+
def unconfigure
|
189
|
+
configure_messaging_type("miq_queue") # Settings.prototype.messaging_type = 'miq_queue'
|
190
|
+
restart_evmserverd
|
191
|
+
remove_installed_files
|
192
|
+
end
|
193
|
+
|
194
|
+
def secure?
|
195
|
+
message_server_port == 9_093
|
196
|
+
end
|
197
|
+
end
|
198
|
+
end
|
199
|
+
end
|