From e84677c536c7c4dda2b2af2bc653701c601b1e0e Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Fri, 24 Sep 2021 16:03:37 +0800 Subject: [PATCH 001/720] Support patched image in application update Signed-off-by: Zheng Chang --- .../src/main/arm/createUiDefinition.json | 183 ++++++++++++------ .../main/arm/scripts/buildWLSDockerImage.sh | 27 ++- .../main/arm/scripts/createVMAndBuildImage.sh | 27 ++- .../main/arm/scripts/invokeSetupWLSDomain.sh | 8 +- .../arm/scripts/invokeUpdateApplications.sh | 8 +- .../src/main/arm/scripts/setupWLSDomain.sh | 20 +- .../main/arm/scripts/updateApplications.sh | 20 +- .../src/main/bicep/mainTemplate.bicep | 16 +- .../_ds-create-networking.bicep | 1 - .../_ds-create-wls-cluster.bicep | 4 +- .../_ds_update-applications.bicep | 4 +- .../bicep/modules/setupWebLogicCluster.bicep | 9 +- .../modules/updateWebLogicApplications.bicep | 14 +- 13 files changed, 248 insertions(+), 93 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 812fac057..21cb917c1 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -66,47 +66,6 @@ }, "visible": true }, - { - "name": "ocrSSOInfo", - "type": "Microsoft.Common.InfoBox", - "visible": true, - "options": { - "icon": "Info", - "text": "Provide an Oracle Single Sign-On (SSO) account to access the Oracle Registry Server. Click the link to create Oracle SSO account.", - "uri": "https://profile.oracle.com/myprofile/account/create-account.jspx" - } - }, - { - "name": "ocrSSOUserName", - "type": "Microsoft.Common.TextBox", - "label": "Username for Oracle Single Sign-On authentication", - "defaultValue": "example@contoso.com", - "toolTip": "Username for Oracle Single Sign-On authentication to login the Oracle Container Registry.", - "constraints": { - "required": true, - "regex": "^([a-zA-Z0-9_\\-\\.]+)@([a-zA-Z0-9_\\-\\.]+)\\.([a-zA-Z]{2,5})$", - "validationMessage": "The value must be an email address." - }, - "visible": true - }, - { - "name": "ocrSSOPassword", - "type": "Microsoft.Common.PasswordBox", - "label": { - "password": "Password for Oracle Single Sign-On authentication", - "confirmPassword": "Confirm password" - }, - "toolTip": "Password for Oracle Single Sign-On authentication to login the Oracle Container Registry.", - "constraints": { - "required": true, - "regex": "^(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d\\$\\&\\+\\,:\\=\\?@#|'.\\^\\*!\\-_~/'\\[\\]\\{\\}\"]{8,}$", - "validationMessage": "The password must contain at least 8 characters, with at least 1 uppercase letter, 1 lowercase letter and 1 number, and special characters, but should not contain > < ( ) % ; \\." - }, - "options": { - "hideConfirmation": false - }, - "visible": true - }, { "name": "errInfo", "type": "Microsoft.Common.InfoBox", @@ -393,13 +352,71 @@ ] }, { - "name": "acrInfo", + "name": "imageInfo", "type": "Microsoft.Common.Section", - "label": "Azure Container Registry", + "label": "Image Selection", "elements": [ + { + "name": "useOracleImage", + "type": "Microsoft.Common.OptionsGroup", + "label": "Use Oracle WebLogic Image?", + "defaultValue": "Yes", + "toolTip": "Select 'Yes' to Use Oracle WebLogic Image, or select 'No' to provide an existing image stored in ACR instance.", + "constraints": { + "allowedValues": [ + { + "label": "Yes", + "value": "true" + }, + { + "label": "No", + "value": "false" + } + ], + "required": true + } + }, { - "name": "createACR", + "name": "userProvidedAcrInfo", + "type": "Microsoft.Common.InfoBox", + "visible": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]", + "options": { + "icon": "Info", + "text": "Make sure the Azure Container Registry has enabled admin user.", + "uri": "https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication#admin-account" + } + }, + { + "name": "userProvidedAcrSelector", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Select existing ACR instance", + "toolTip": "Select the existing ACR instance.", + "resourceType": "Microsoft.ContainerRegistry/registries", + "options": { + "filter": { + "subscription": "onBasics", + "location": "onBasics" + } + }, + "visible": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]" + }, + { + "name": "userProvidedImagePath", + "type": "Microsoft.Common.TextBox", + "visible": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]", + "label": "Please provide the image path", + "toolTip": "Please provide the image path, the image must be stored in the selected ACR above", + "defaultValue": "", + "constraints": { + "required": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]", + "regex": "[concat(coalesce(last(split(steps('section_aks').imageInfo.userProvidedAcrSelector.id, '/')), ''), '.*$')]", + "validationMessage": "The image must be stored in the selected ACR above" + } + }, + { + "name": "oracleCreateACR", "type": "Microsoft.Common.OptionsGroup", + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "label": "Create a new ACR instance?", "defaultValue": "Yes", "toolTip": "Select 'Yes' to create a new ACR instance, or select 'No' to provide an existing ACR instance.", @@ -418,9 +435,9 @@ } }, { - "name": "acrInfo", + "name": "oracleAcrInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[not(bool(steps('section_aks').acrInfo.createACR))]", + "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),not(bool(steps('section_aks').imageInfo.oracleCreateACR)))]", "options": { "icon": "Info", "text": "Make sure the Azure Container Registry has enabled admin user.", @@ -428,7 +445,7 @@ } }, { - "name": "acrSelector", + "name": "oracleAcrSelector", "type": "Microsoft.Solutions.ResourceSelector", "label": "Select ACR instance", "toolTip": "Select the existing ACR instance.", @@ -439,19 +456,12 @@ "location": "onBasics" } }, - "visible": "[not(bool(steps('section_aks').acrInfo.createACR))]" - } - ] - }, - { - "name": "imageInfo", - "type": "Microsoft.Common.Section", - "label": "Oracle WebLogic Image", - "elements": [ + "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),not(bool(steps('section_aks').imageInfo.oracleCreateACR)))]" + }, { "name": "fromImageText", "type": "Microsoft.Common.TextBlock", - "visible": true, + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "options": { "text": "This value is appended to 'container-registry.oracle.com/middleware/weblogic:' and used in the Dockerfile from statement. \nOracle Standard Terms and Restrictions terms must be agreed. \nClick the following link to make sure you have agree the terms and check the valid tags.", "link": { @@ -461,11 +471,53 @@ } }, { - "name": "fromImage", + "name": "ocrSSOInfo", + "type": "Microsoft.Common.InfoBox", + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", + "options": { + "icon": "Info", + "text": "Provide an Oracle Single Sign-On (SSO) account to access the Oracle Registry Server. Click the link to create Oracle SSO account.", + "uri": "https://profile.oracle.com/myprofile/account/create-account.jspx" + } + }, + { + "name": "ocrSSOUserName", + "type": "Microsoft.Common.TextBox", + "label": "Username for Oracle Single Sign-On authentication", + "defaultValue": "example@contoso.com", + "toolTip": "Username for Oracle Single Sign-On authentication to login the Oracle Container Registry.", + "constraints": { + "required": true, + "regex": "^([a-zA-Z0-9_\\-\\.]+)@([a-zA-Z0-9_\\-\\.]+)\\.([a-zA-Z]{2,5})$", + "validationMessage": "The value must be an email address." + }, + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" + }, + { + "name": "ocrSSOPassword", + "type": "Microsoft.Common.PasswordBox", + "label": { + "password": "Password for Oracle Single Sign-On authentication", + "confirmPassword": "Confirm password" + }, + "toolTip": "Password for Oracle Single Sign-On authentication to login the Oracle Container Registry.", + "constraints": { + "required": true, + "regex": "^(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d\\$\\&\\+\\,:\\=\\?@#|'.\\^\\*!\\-_~/'\\[\\]\\{\\}\"]{8,}$", + "validationMessage": "The password must contain at least 8 characters, with at least 1 uppercase letter, 1 lowercase letter and 1 number, and special characters, but should not contain > < ( ) % ; \\." + }, + "options": { + "hideConfirmation": false + }, + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" + }, + { + "name": "fromOracleImage", "type": "Microsoft.Common.TextBox", + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "label": "WebLogic Docker tag", "defaultValue": "12.2.1.4-ol8", - "toolTip": "Docker tag that comes after 'container-registry.oracle.com/middleware/weblogic:' in the fromImage option to 'imagetool'.", + "toolTip": "Docker tag that comes after 'container-registry.oracle.com/middleware/weblogic:' in the fromOracleImage option to 'imagetool'.", "multiLine": false, "constraints": { "required": true, @@ -1651,7 +1703,7 @@ } ], "outputs": { - "acrName": "[last(split(steps('section_aks').acrInfo.acrSelector.id, '/'))]", + "acrName": "[last(split(steps('section_aks').imageInfo.oracleAcrSelector.id, '/'))]", "aksAgentPoolNodeCount": "[steps('section_aks').clusterInfo.aksNodeCount]", "aksClusterName": "[last(split(steps('section_aks').clusterInfo.aksClusterSelector.id, '/'))]", "aksClusterRGName": "[last(take(split(steps('section_aks').clusterInfo.aksClusterSelector.id, '/'), 5))]", @@ -1663,7 +1715,7 @@ "appgwForRemoteConsole": "[steps('section_appGateway').appgwIngress.appgwForAdminRemote]", "appPackageUrls": "[steps('section_aks').jeeAppInfo.appPackageUrl]", "appReplicas": "[int(steps('section_aks').jeeAppInfo.appReplicas)]", - "createACR": "[bool(steps('section_aks').acrInfo.createACR)]", + "createACR": "[bool(steps('section_aks').imageInfo.oracleCreateACR)]", "createAKSCluster": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", "createDNSZone": "[not(bool(steps('section_dnsConfiguration').bringDNSZone))]", "dbPassword": "[steps('section_database').databaseConnectionInfo.dbPassword]", @@ -1695,8 +1747,8 @@ "keyVaultSSLCertDataSecretName": "[steps('section_appGateway').appgwIngress.keyVaultSSLCertDataSecretName]", "keyVaultSSLCertPasswordSecretName": "[steps('section_appGateway').appgwIngress.keyVaultSSLCertPasswordSecretName]", "managedServerPrefix": "[basics('basicsOptional').managedServerPrefix]", - "ocrSSOPSW": "[basics('basicsRequired').ocrSSOPassword]", - "ocrSSOUser": "[basics('basicsRequired').ocrSSOUserName]", + "ocrSSOPSW": "[steps('section_aks').imageInfo.ocrSSOPassword]", + "ocrSSOUser": "[steps('section_aks').imageInfo.ocrSSOUserName]", "servicePrincipal": "[steps('section_appGateway').appgwIngress.servicePrincipal]", "sslConfigurationAccessOption": "[steps('section_sslConfiguration').sslConfigurationAccessOption]", "sslKeyVaultCustomIdentityKeyStoreDataSecretName": "[steps('section_sslConfiguration').keyVaultStoredCustomSSLSettings.keyVaultCustomIdentityKeyStoreDataSecretName]", @@ -1718,11 +1770,14 @@ "sslUploadedPrivateKeyAlias": "[steps('section_sslConfiguration').uploadedCustomSSLSettings.uploadedPrivateKeyAlias]", "sslUploadedPrivateKeyPassPhrase": "[steps('section_sslConfiguration').uploadedCustomSSLSettings.uploadedPrivateKeyPassPhrase]", "useInternalLB": "[bool(steps('section_appGateway').lbSVCInfo.enableInternalLB)]", + "useOracleImage": "[bool(steps('section_aks').imageInfo.useOracleImage)]", + "userProvidedAcr": "[last(split(steps('section_aks').imageInfo.userProvidedAcrSelector.id, '/'))]", + "userProvidedImagePath": "[steps('section_aks').imageInfo.userProvidedImagePath]", "wdtRuntimePassword": "[basics('basicsRequired').wdtRuntimePassword]", "wlsClusterSize": "[basics('basicsOptional').wlsClusterSize]", "wlsDomainName": "[basics('basicsOptional').wlsDomainName]", "wlsDomainUID": "[basics('basicsOptional').wlsDomainUID]", - "wlsImageTag": "[steps('section_aks').imageInfo.fromImage]", + "wlsImageTag": "[steps('section_aks').imageInfo.fromOracleImage]", "wlsJavaOption": "[basics('basicsOptional').wlsJavaOption]", "wlsPassword": "[basics('basicsRequired').wlsPassword]", "wlsUserName": "[basics('basicsRequired').wlsUserName]" diff --git a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh index 0694ebe0d..4454e62b2 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh @@ -31,6 +31,11 @@ function validate_status() { } function validate_inputs() { + if [ -z "$useOracleImage" ]; then + echo_stderr "userProvidedImagePath is required. " + usage 1 + fi + if [ -z "$wlsImagePath" ]; then echo_stderr "wlsImagePath is required. " usage 1 @@ -61,12 +66,12 @@ function validate_inputs() { usage 1 fi - if [ -z "$ocrSSOUser" ]; then + if [[ "${useOracleImage,,}" == "${constTrue}" ]] && [ -z "$ocrSSOUser" ]; then echo_stderr "ocrSSOUser is required. " usage 1 fi - if [ -z "$ocrSSOPSW" ]; then + if [[ "${useOracleImage,,}" == "${constTrue}" ]] && [ -z "$ocrSSOPSW" ]; then echo_stderr "ocrSSOPSW is required. " usage 1 fi @@ -169,7 +174,16 @@ function install_utilities() { function get_wls_image_from_ocr() { sudo docker logout sudo docker login ${ocrLoginServer} -u ${ocrSSOUser} -p ${ocrSSOPSW} - echo "Start to pull image ${wlsImagePath}" + echo "Start to pull oracle image ${wlsImagePath} ${ocrLoginServer} ${ocrSSOUser} ${ocrSSOPSW}" + sudo docker pull -q ${wlsImagePath} + validate_status "Finish pulling image from OCR." +} + +# Get user provided image +function get_user_provided_wls_image_from_acr() { + sudo docker logout + sudo docker login ${azureACRServer} -u ${azureACRUserName} -p ${azureACRPassword} + echo "Start to pull user provided image ${wlsImagePath} ${azureACRServer} ${azureACRUserName} ${azureACRPassword}" sudo docker pull -q ${wlsImagePath} validate_status "Finish pulling image from OCR." } @@ -250,6 +264,7 @@ export wlsClusterSize=$7 export enableSSL=$8 export enableAdminT3Tunneling=$9 export enableClusterT3Tunneling=${10} +export useOracleImage=${11} export acrImagePath="$azureACRServer/aks-wls-images:${imageTag}" export ocrLoginServer="container-registry.oracle.com" @@ -266,7 +281,11 @@ initialize install_utilities -get_wls_image_from_ocr +if [[ "${useOracleImage,,}" == "${constTrue}" ]]; then + get_wls_image_from_ocr +else + get_user_provided_wls_image_from_acr +fi prepare_wls_models diff --git a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh index 51aa393db..f6d61c1cf 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh @@ -86,16 +86,23 @@ function build_docker_image() { --enable-auto-update false \ --tags SkipASMAzSecPack=true SkipNRMSCorp=true SkipNRMSDatabricks=true SkipNRMSDB=true SkipNRMSHigh=true SkipNRMSMedium=true SkipNRMSRDPSSH=true SkipNRMSSAW=true SkipNRMSMgmt=true --verbose - wlsImagePath="${ocrLoginServer}/middleware/weblogic:${wlsImageTag}" - az vm extension set --name CustomScript \ - --extension-instance-name wls-image-script \ - --resource-group ${currentResourceGroup} \ - --vm-name ${vmName} \ - --publisher Microsoft.Azure.Extensions \ - --version 2.0 \ - --settings "{ \"fileUris\": [\"${scriptURL}model.properties\",\"${scriptURL}genImageModel.sh\",\"${scriptURL}buildWLSDockerImage.sh\",\"${scriptURL}common.sh\"]}" \ - --protected-settings "{\"commandToExecute\":\"echo ${azureACRPassword} ${ocrSSOPSW} | bash buildWLSDockerImage.sh ${wlsImagePath} ${azureACRServer} ${azureACRUserName} ${newImageTag} \\\"${appPackageUrls}\\\" ${ocrSSOUser} ${wlsClusterSize} ${enableCustomSSL} ${enableAdminT3Tunneling} ${enableClusterT3Tunneling} \"}" + if [[ "${useOracleImage,,}" == "${constTrue}" ]]; then + wlsImagePath="${ocrLoginServer}/middleware/weblogic:${wlsImageTag}" + else + wlsImagePath="${userProvidedImagePath}" + fi + echo "wlsImagePath: ${wlsImagePath}" + + az vm extension set --name CustomScript \ + --extension-instance-name wls-image-script \ + --resource-group ${currentResourceGroup} \ + --vm-name ${vmName} \ + --publisher Microsoft.Azure.Extensions \ + --version 2.0 \ + --settings "{ \"fileUris\": [\"${scriptURL}model.properties\",\"${scriptURL}genImageModel.sh\",\"${scriptURL}buildWLSDockerImage.sh\",\"${scriptURL}common.sh\"]}" \ + --protected-settings "{\"commandToExecute\":\"echo ${azureACRPassword} ${ocrSSOPSW} | bash buildWLSDockerImage.sh ${wlsImagePath} ${azureACRServer} ${azureACRUserName} ${newImageTag} \\\"${appPackageUrls}\\\" ${ocrSSOUser} ${wlsClusterSize} ${enableCustomSSL} ${enableAdminT3Tunneling} ${enableClusterT3Tunneling} ${useOracleImage} \"}" + cleanup_vm } @@ -120,6 +127,8 @@ export enableCustomSSL=$9 export scriptURL=${10} export enableAdminT3Tunneling=${11} export enableClusterT3Tunneling=${12} +export useOracleImage=${13} +export userProvidedImagePath=${14} read_sensitive_parameters_from_stdin diff --git a/weblogic-azure-aks/src/main/arm/scripts/invokeSetupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/invokeSetupWLSDomain.sh index 22d559a25..2682419e3 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/invokeSetupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/invokeSetupWLSDomain.sh @@ -42,6 +42,8 @@ Usage: + + END ) echo_stdout "${usage}" @@ -92,6 +94,8 @@ export enableClusterT3Tunneling=${32} export t3AdminPort=${33} export t3ClusterPort=${34} export wlsJavaOption=${35} +export userProvidedImagePath=${36} +export useOracleImage=${37} echo ${ocrSSOPSW} \ ${wlsPassword} \ @@ -128,7 +132,9 @@ echo ${ocrSSOPSW} \ ${enableClusterT3Tunneling} \ ${t3AdminPort} \ ${t3ClusterPort} \ - ${wlsJavaOption} + ${wlsJavaOption} \ + ${userProvidedImagePath} \ + ${useOracleImage} if [ $? -ne 0 ]; then usage 1 diff --git a/weblogic-azure-aks/src/main/arm/scripts/invokeUpdateApplications.sh b/weblogic-azure-aks/src/main/arm/scripts/invokeUpdateApplications.sh index 2d5234750..7d3b7ca0c 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/invokeUpdateApplications.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/invokeUpdateApplications.sh @@ -20,6 +20,8 @@ Usage: + + END ) echo_stdout "${usage}" @@ -48,6 +50,8 @@ export appPackageUrls=${10} export scriptURL=${11} export appStorageAccountName=${12} export appContainerName=${13} +export userProvidedImagePath=${14} +export useOracleImage=${15} echo ${ocrSSOPSW} | \ bash ./updateApplications.sh \ @@ -62,7 +66,9 @@ echo ${ocrSSOPSW} | \ ${appPackageUrls} \ ${scriptURL} \ ${appStorageAccountName} \ - ${appContainerName} + ${appContainerName} \ + ${userProvidedImagePath} \ + ${useOracleImage} if [ $? -ne 0 ]; then usage 1 diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh index b95814e1f..1da9fd3f5 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh @@ -44,6 +44,8 @@ echo + + END ) echo_stdout ${usage} @@ -55,7 +57,12 @@ END #Function to validate input function validate_input() { - if [[ -z "$ocrSSOUser" || -z "${ocrSSOPSW}" ]]; then + if [ -z "$useOracleImage" ]; then + echo_stderr "userProvidedImagePath is required. " + usage 1 + fi + + if [[ "${useOracleImage,,}" == "${constTrue}" ]] && [[ -z "$ocrSSOUser" || -z "${ocrSSOPSW}" ]]; then echo_stderr "Oracle SSO account is required. " usage 1 fi @@ -208,6 +215,11 @@ function validate_input() { if [[ "${wlsJavaOption}" == "null" ]];then wlsJavaOption="" fi + + if [[ "${useOracleImage,,}" == "${constFalse}" ]] && [ -z "$userProvidedImagePath" ]; then + echo_stderr "userProvidedImagePath is required. " + usage 1 + fi } # Validate teminal status with $?, exit with exception if errors happen. @@ -369,7 +381,9 @@ function build_docker_image() { $enableCustomSSL \ "$scriptURL" \ ${enableAdminT3Tunneling} \ - ${enableClusterT3Tunneling} + ${enableClusterT3Tunneling} \ + ${useOracleImage} \ + ${userProvidedImagePath} az acr repository show -n ${acrName} --image aks-wls-images:${newImageTag} if [ $? -ne 0 ]; then @@ -786,6 +800,8 @@ export enableClusterT3Tunneling=${26} export t3AdminPort=${27} export t3ClusterPort=${28} export wlsJavaOption=${29} +export userProvidedImagePath=${30} +export useOracleImage=${31} export adminServerName="admin-server" export azFileShareName="weblogic" diff --git a/weblogic-azure-aks/src/main/arm/scripts/updateApplications.sh b/weblogic-azure-aks/src/main/arm/scripts/updateApplications.sh index 4db5be666..f3e7b4bcb 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/updateApplications.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/updateApplications.sh @@ -25,6 +25,8 @@ echo | + + END ) echo_stdout "${usage}" @@ -36,7 +38,12 @@ END #Function to validate input function validate_input() { - if [[ -z "$ocrSSOUser" || -z "${ocrSSOPSW}" ]]; then + if [ -z "$useOracleImage" ]; then + echo_stderr "userProvidedImagePath is required. " + usage 1 + fi + + if [[ "${useOracleImage,,}" == "${constTrue}" ]] && [[ -z "$ocrSSOUser" || -z "${ocrSSOPSW}" ]]; then echo_stderr "Oracle SSO account is required. " usage 1 fi @@ -90,6 +97,11 @@ function validate_input() { echo_stderr "appContainerName is required. " usage 1 fi + + if [[ "${useOracleImage,,}" == "${constFalse}" ]] && [ -z "$userProvidedImagePath" ]; then + echo_stderr "userProvidedImagePath is required. " + usage 1 + fi } # Connect to AKS cluster @@ -214,7 +226,9 @@ function build_docker_image() { $enableCustomSSL \ "$scriptURL" \ ${enableAdminT3} \ - ${enableClusterT3} + ${enableClusterT3} \ + ${useOracleImage} \ + ${userProvidedImagePath} az acr repository show -n ${acrName} --image aks-wls-images:${newImageTag} if [ $? -ne 0 ]; then @@ -289,6 +303,8 @@ export appPackageUrls=$9 export scriptURL=${10} export appStorageAccountName=${11} export appContainerName=${12} +export userProvidedImagePath=${13} +export useOracleImage=${14} export newImageTag=$(date +%s) # seconds diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index b1e2608c0..bdcf9d406 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -143,9 +143,9 @@ param lbSvcValues array = [] param managedServerPrefix string = 'managed-server' @secure() @description('Password of Oracle SSO account.') -param ocrSSOPSW string +param ocrSSOPSW string = newGuid() @description('User name of Oracle SSO account.') -param ocrSSOUser string +param ocrSSOUser string = 'null' @secure() @description('Base64 string of service principal. use the command to generate a testing string: az ad sp create-for-rbac --sdk-auth | base64 -w0') param servicePrincipal string = newGuid() @@ -218,6 +218,12 @@ param t3ChannelClusterPort int = 8011 param useInternalLB bool = false @description('ture to upload Java EE applications and deploy the applications to WebLogic domain.') param utcValue string = utcNow() +@description('User provided ACR for base image') +param userProvidedAcr string = 'null' +@description('User provided base image path') +param userProvidedImagePath string = 'null' +@description('Use Oracle images or user provided patched images') +param useOracleImage bool = true @secure() @description('Password for model WebLogic Deploy Tooling runtime encrytion.') param wdtRuntimePassword string @@ -364,6 +370,9 @@ module wlsDomainDeployment 'modules/setupWebLogicCluster.bicep' = if (!enableCus t3ChannelAdminPort: t3ChannelAdminPort t3ChannelClusterPort: t3ChannelClusterPort wdtRuntimePassword: wdtRuntimePassword + userProvidedAcr: userProvidedAcr + userProvidedImagePath: userProvidedImagePath + useOracleImage: useOracleImage wlsClusterSize: wlsClusterSize wlsCPU: wlsCPU wlsDomainName: wlsDomainName @@ -424,6 +433,9 @@ module wlsDomainWithCustomSSLDeployment 'modules/setupWebLogicCluster.bicep' = i storageAccountName: name_storageAccountName t3ChannelAdminPort: t3ChannelAdminPort t3ChannelClusterPort: t3ChannelClusterPort + userProvidedAcr: userProvidedAcr + userProvidedImagePath: userProvidedImagePath + useOracleImage: useOracleImage wdtRuntimePassword: wdtRuntimePassword wlsClusterSize: wlsClusterSize wlsCPU: wlsCPU diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep index 179faac22..d8fec4160 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep @@ -89,4 +89,3 @@ output adminRemoteSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 output clusterLBUrl string = (!enableCustomSSL) && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('https://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): '' output clusterLBSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('http://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): '' output clusterT3LBUrl string = length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterT3Endpoint != 'null') ? reference(name_deploymentName).outputs.clusterT3Endpoint: '' - diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index 6ae022f00..e7fafd739 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -24,6 +24,8 @@ param storageAccountName string = 'null' param t3ChannelAdminPort int = 7005 param t3ChannelClusterPort int = 8011 param utcValue string = utcNow() +param userProvidedImagePath string = 'null' +param useOracleImage bool = true @secure() param wdtRuntimePassword string param wlsClusterSize int = 5 @@ -56,7 +58,7 @@ param wlsTrustKeyStorePassPhrase string = newGuid() param wlsTrustKeyStoreType string = 'PKCS12' param wlsUserName string = 'weblogic' -var const_arguments = '${ocrSSOUser} ${ocrSSOPSW} ${aksClusterRGName} ${aksClusterName} ${wlsImageTag} ${acrName} ${wlsDomainName} ${wlsDomainUID} ${wlsUserName} ${wlsPassword} ${wdtRuntimePassword} ${wlsCPU} ${wlsMemory} ${managedServerPrefix} ${appReplicas} ${string(appPackageUrls)} ${resourceGroup().name} ${const_scriptLocation} ${storageAccountName} ${wlsClusterSize} ${enableCustomSSL} ${wlsIdentityKeyStoreData} ${wlsIdentityKeyStorePassphrase} ${wlsIdentityKeyStoreType} ${wlsPrivateKeyAlias} ${wlsPrivateKeyPassPhrase} ${wlsTrustKeyStoreData} ${wlsTrustKeyStorePassPhrase} ${wlsTrustKeyStoreType} ${enablePV} ${enableAdminT3Tunneling} ${enableClusterT3Tunneling} ${t3ChannelAdminPort} ${t3ChannelClusterPort} "${wlsJavaOption}"' +var const_arguments = '${ocrSSOUser} ${ocrSSOPSW} ${aksClusterRGName} ${aksClusterName} ${wlsImageTag} ${acrName} ${wlsDomainName} ${wlsDomainUID} ${wlsUserName} ${wlsPassword} ${wdtRuntimePassword} ${wlsCPU} ${wlsMemory} ${managedServerPrefix} ${appReplicas} ${string(appPackageUrls)} ${resourceGroup().name} ${const_scriptLocation} ${storageAccountName} ${wlsClusterSize} ${enableCustomSSL} ${wlsIdentityKeyStoreData} ${wlsIdentityKeyStorePassphrase} ${wlsIdentityKeyStoreType} ${wlsPrivateKeyAlias} ${wlsPrivateKeyPassPhrase} ${wlsTrustKeyStoreData} ${wlsTrustKeyStorePassPhrase} ${wlsTrustKeyStoreType} ${enablePV} ${enableAdminT3Tunneling} ${enableClusterT3Tunneling} ${t3ChannelAdminPort} ${t3ChannelClusterPort} "${wlsJavaOption}" ${userProvidedImagePath} ${useOracleImage}' var const_buildDockerImageScript='createVMAndBuildImage.sh' var const_commonScript = 'common.sh' var const_invokeSetUpDomainScript = 'invokeSetupWLSDomain.sh' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep index 6e83cc448..d76a659bc 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep @@ -23,8 +23,10 @@ param utcValue string = utcNow() param wlsDomainName string = 'domain1' param wlsDomainUID string = 'sample-domain1' param wlsImageTag string = '12.2.1.4' +param userProvidedImagePath string = 'null' +param useOracleImage bool = true -var const_arguments = '${ocrSSOUser} ${ocrSSOPSW} ${aksClusterRGName} ${aksClusterName} ${wlsImageTag} ${acrName} ${wlsDomainName} ${wlsDomainUID} ${resourceGroup().name} ${string(appPackageUrls)} ${const_scriptLocation} ${appPackageFromStorageBlob.storageAccountName} ${appPackageFromStorageBlob.containerName} ' +var const_arguments = '${ocrSSOUser} ${ocrSSOPSW} ${aksClusterRGName} ${aksClusterName} ${wlsImageTag} ${acrName} ${wlsDomainName} ${wlsDomainUID} ${resourceGroup().name} ${string(appPackageUrls)} ${const_scriptLocation} ${appPackageFromStorageBlob.storageAccountName} ${appPackageFromStorageBlob.containerName} ${userProvidedImagePath} ${useOracleImage} ' var const_azcliVersion='2.15.0' var const_buildDockerImageScript='createVMAndBuildImage.sh' var const_commonScript = 'common.sh' diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep index 8281508fc..fe69130c8 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep @@ -73,6 +73,9 @@ param ocrSSOUser string param storageAccountName string param t3ChannelAdminPort int = 7005 param t3ChannelClusterPort int = 8011 +param userProvidedAcr string = 'null' +param userProvidedImagePath string = 'null' +param useOracleImage bool = true @secure() @description('Password for model WebLogic Deploy Tooling runtime encrytion.') param wdtRuntimePassword string @@ -150,7 +153,7 @@ module aksClusterDeployment './_azure-resoruces/_aks.bicep' = if (createAKSClust /* * Deploy ACR */ -module acrDeployment './_azure-resoruces/_acr.bicep' = if (createACR) { +module acrDeployment './_azure-resoruces/_acr.bicep' = if (useOracleImage && createACR) { name: 'acr-deployment' params: { location: location @@ -182,7 +185,7 @@ module wlsDomainDeployment './_deployment-scripts/_ds-create-wls-cluster.bicep' _artifactsLocationSasToken: _artifactsLocationSasToken aksClusterRGName: createAKSCluster ? resourceGroup().name : aksClusterRGName aksClusterName: createAKSCluster ? aksClusterDeployment.outputs.aksClusterName : aksClusterName - acrName: createACR ? acrDeployment.outputs.acrName : acrName + acrName: useOracleImage ? (createACR ? acrDeployment.outputs.acrName : acrName) : userProvidedAcr appPackageUrls: appPackageUrls appReplicas: appReplicas enableCustomSSL: enableCustomSSL @@ -197,6 +200,8 @@ module wlsDomainDeployment './_deployment-scripts/_ds-create-wls-cluster.bicep' storageAccountName: storageAccountName t3ChannelAdminPort: t3ChannelAdminPort t3ChannelClusterPort: t3ChannelClusterPort + userProvidedImagePath: userProvidedImagePath + useOracleImage: useOracleImage wdtRuntimePassword: wdtRuntimePassword wlsClusterSize: wlsClusterSize wlsCPU: wlsCPU diff --git a/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep b/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep index 8468ff787..604fae6b0 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep @@ -54,9 +54,9 @@ param identity object @secure() @description('Password of Oracle SSO account.') -param ocrSSOPSW string +param ocrSSOPSW string = 'null' @description('User name of Oracle SSO account.') -param ocrSSOUser string +param ocrSSOUser string = 'null' @description('Name of WebLogic domain to create.') param wlsDomainName string = 'domain1' @@ -64,6 +64,12 @@ param wlsDomainName string = 'domain1' param wlsDomainUID string = 'sample-domain1' @description('Docker tag that comes after "container-registry.oracle.com/middleware/weblogic:"') param wlsImageTag string = '12.2.1.4' +@description('User provided ACR for base image') +param userProvidedAcr string = 'null' +@description('User provided base image path') +param userProvidedImagePath string = 'null' +@description('Use Oracle images or user provided patched images') +param useOracleImage bool = true module pids './_pids/_pid.bicep' = { name: 'initialization' @@ -86,7 +92,7 @@ module updateWLSApplications '_deployment-scripts/_ds_update-applications.bicep' _artifactsLocationSasToken: _artifactsLocationSasToken aksClusterRGName: aksClusterRGName aksClusterName: aksClusterName - acrName: acrName + acrName: useOracleImage ? acrName : userProvidedAcr appPackageUrls: appPackageUrls appPackageFromStorageBlob: appPackageFromStorageBlob identity: identity @@ -95,6 +101,8 @@ module updateWLSApplications '_deployment-scripts/_ds_update-applications.bicep' wlsDomainName: wlsDomainName wlsDomainUID: wlsDomainUID wlsImageTag: wlsImageTag + userProvidedImagePath: userProvidedImagePath + useOracleImage: useOracleImage } dependsOn:[ pidStart From 459d1521ce5aa107e467c7197322d3129cddbfaa Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Mon, 27 Sep 2021 11:10:52 +0800 Subject: [PATCH 002/720] Update pid and pom version Signed-off-by: Zheng Chang --- weblogic-azure-aks/pom.xml | 2 +- weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index fa63fa571..cf84d403c 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -11,7 +11,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.18 + 1.0.19 com.microsoft.azure.iaas diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index bdcf9d406..d8c5c831f 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -290,7 +290,7 @@ module pids './modules/_pids/_pid.bicep' = { // Due to lack of preprocessor solution for the way we use bicep, must hard-code the pid here. // For test, replace the pid with testing one, and build the package. module partnerCenterPid './modules/_pids/_empty.bicep' = { - name: 'pid-a1775ed4-512c-4cfa-9e68-f0b09b36de90-partnercenter' + name: 'pid-cf7143e4-83ed-4b7e-ae86-1c5ecdd71bcb-partnercenter' } module wlsSSLCertSecretsDeployment 'modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep' = if (enableCustomSSL && sslConfigurationAccessOption != const_wlsSSLCertOptionKeyVault) { From 24c707ec692fa31a1efcd19c0a76046ad3fd65b0 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 29 Sep 2021 10:10:17 +0800 Subject: [PATCH 003/720] Apply UI for better wording Signed-off-by: Zheng Chang --- weblogic-azure-aks/src/main/arm/createUiDefinition.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 21cb917c1..762df4839 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -359,9 +359,9 @@ { "name": "useOracleImage", "type": "Microsoft.Common.OptionsGroup", - "label": "Use Oracle WebLogic Image?", + "label": "Use a pre-existing WebLogic Server Docker image in Oracle Container Registry?", "defaultValue": "Yes", - "toolTip": "Select 'Yes' to Use Oracle WebLogic Image, or select 'No' to provide an existing image stored in ACR instance.", + "toolTip": "Select 'Yes' to a use pre-existing WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic server image, from the specified ACR instance. This allows the use of custom PSU images.", "constraints": { "allowedValues": [ { From 1366b3870919c1c3a1330f65e560818923be955f Mon Sep 17 00:00:00 2001 From: Jianguo Ma Date: Wed, 29 Sep 2021 13:35:56 +0800 Subject: [PATCH 004/720] add version info as parameter of issue tracker url Signed-off-by: Jianguo Ma --- .../src/main/arm/createUiDefinition.json | 13 ++----------- .../src/main/arm/createUiDefinition.json | 11 +---------- .../src/main/arm/createUiDefinition.json | 11 +---------- .../src/main/arm/createUiDefinition.json | 11 +---------- .../src/main/arm/createUiDefinition.json | 11 +---------- 5 files changed, 6 insertions(+), 51 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 812fac057..cce9291b3 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -253,7 +253,7 @@ "text": "If you encounter problems during the deployment of Oracle WebLogic Server, report them here.", "link": { "label": "Issue tracker", - "uri": "https://aka.ms/arm-oraclelinux-wls-issues" + "uri": "https://aka.ms/arm-oraclelinux-wls-issues?version=${project.version}" } } }, @@ -283,15 +283,6 @@ } ], "visible": true - }, - { - "name": "About", - "type": "Microsoft.Common.InfoBox", - "options": { - "icon": "None", - "text": "Template version ${project.version}" - }, - "visible": "[bool('${template.version.visible}')]" } ], "steps": [ @@ -456,7 +447,7 @@ "text": "This value is appended to 'container-registry.oracle.com/middleware/weblogic:' and used in the Dockerfile from statement. \nOracle Standard Terms and Restrictions terms must be agreed. \nClick the following link to make sure you have agree the terms and check the valid tags.", "link": { "label": "Must be a valid tag value from Oracle Container Registry", - "uri": "https://aka.ms/wls-aks-fromImage-tag?${project.version}-${maven.build.timestamp}" + "uri": "https://aka.ms/wls-aks-fromImage-tag" } } }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json index d5fd75fbc..5d0754c42 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json @@ -265,15 +265,6 @@ }, "defaultValue": "Yes", "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]" - }, - { - "name": "About", - "type": "Microsoft.Common.InfoBox", - "options": { - "icon": "None", - "text": "Template version ${project.version}" - }, - "visible": "[bool('${template.version.visible}')]" } ], "visible": true @@ -291,7 +282,7 @@ "text": "If you encounter problems during the deployment of Oracle WebLogic Server, report them here.", "link": { "label": "Issue tracker", - "uri": "https://aka.ms/arm-oraclelinux-wls-issues" + "uri": "https://aka.ms/arm-oraclelinux-wls-issues?version=${project.version}" } } }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json index 04977cbff..ba35e17df 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json @@ -291,15 +291,6 @@ }, "defaultValue": "Yes", "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]" - }, - { - "name": "About", - "type": "Microsoft.Common.InfoBox", - "options": { - "icon": "None", - "text": "Template version ${project.version}" - }, - "visible": "[bool('${template.version.visible}')]" } ], "visible": true @@ -317,7 +308,7 @@ "text": "If you encounter problems during the deployment of Oracle WebLogic Server, report them here.", "link": { "label": "Issue tracker", - "uri": "https://aka.ms/arm-oraclelinux-wls-issues" + "uri": "https://aka.ms/arm-oraclelinux-wls-issues?version=${project.version}" } } }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json index bc469557b..d68c8e447 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json @@ -308,15 +308,6 @@ ], "visible": true }, - { - "name": "About", - "type": "Microsoft.Common.InfoBox", - "options": { - "icon": "None", - "text": "Template version ${project.version}" - }, - "visible": "[bool('${template.version.visible}')]" - }, { "name": "howToReportIssues", "type": "Microsoft.Common.Section", @@ -330,7 +321,7 @@ "text": "If you encounter problems during the deployment of Oracle WebLogic Server, report them here.", "link": { "label": "Issue tracker", - "uri": "https://aka.ms/arm-oraclelinux-wls-issues" + "uri": "https://aka.ms/arm-oraclelinux-wls-issues?version=${project.version}" } } }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json index f43531b44..dbf9b4c4c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json @@ -179,15 +179,6 @@ }, "defaultValue": "Yes", "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]" - }, - { - "name": "About", - "type": "Microsoft.Common.InfoBox", - "options": { - "icon": "None", - "text": "Template version ${project.version}" - }, - "visible": "[bool('${template.version.visible}')]" } ], "visible": true @@ -205,7 +196,7 @@ "text": "If you encounter problems during the deployment of Oracle WebLogic Server, report them here.", "link": { "label": "Issue tracker", - "uri": "https://aka.ms/arm-oraclelinux-wls-issues" + "uri": "https://aka.ms/arm-oraclelinux-wls-issues?version=${project.version}" } } }, From 5130de3c1379052e7747dc05576f9a81e87526d3 Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Wed, 6 Oct 2021 12:38:52 +0000 Subject: [PATCH 005/720] including upl license information in readme.md and yaml files for weblogiccluster and dynamic cluster offers --- .../.github/workflows/build.yml | 4 ++++ .../.github/workflows/newtag.yaml | 4 ++++ .../.github/workflows/package.yaml | 4 ++++ weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md | 8 ++++++++ .../src/main/resources/README.md | 7 +++++++ .../.github/workflows/build.yml | 4 ++++ .../.github/workflows/newtag.yaml | 4 ++++ .../.github/workflows/pakage.yaml | 4 ++++ .../arm-oraclelinux-wls-dynamic-cluster/README.md | 7 +++++++ .../src/main/resources/README.md | 7 +++++++ 10 files changed, 53 insertions(+) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml index 4f23c16b5..d6e4a51cd 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml @@ -1,3 +1,7 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +#. + name: Build and Test on: workflow_dispatch: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml index def24ea6e..e650bfc12 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml @@ -1,3 +1,7 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +#. + name: New Tag on: workflow_dispatch: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml index da7f3a918..e4015f79c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml @@ -1,3 +1,7 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +#. + name: Package ARM on: workflow_dispatch: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md index b034f5346..d268df8df 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md @@ -4,3 +4,11 @@ This git repository is used to maintain the Azure Resource Management (ARM) temp used for the implementation of WebLogic Server (with N-Node Cluster) on Microsoft Azure. For WebLogic Server running in the Azure Virtual Machines documentation, please refer to the [README documentation](https://github.com/oracle/weblogic-azure/weblogic-azure-vm/README.md). + +## License + +Copyright (c) 2021 Oracle and/or its affiliates. + +Released under the Universal Permissive License v1.0 as shown at +. + diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md index 05961c0a1..770a5bba3 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md @@ -79,3 +79,10 @@ weblogic12c-n-cluster Preview Subscription Ids REDACTED + +## License + +Copyright (c) 2021 Oracle and/or its affiliates. + +Released under the Universal Permissive License v1.0 as shown at +. diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml index 40e7b5ab9..79e6ddd6a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml @@ -1,3 +1,7 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +#. + name: Build and Test on: workflow_dispatch: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml index d27d1ff41..738f4804f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml @@ -1,3 +1,7 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +#. + name: New Tag on: workflow_dispatch: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml index 25b182d3e..3de8c3da1 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml @@ -1,3 +1,7 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +#. + name: Package ARM on: workflow_dispatch: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md index 44ac50fab..f6cd48be5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md @@ -4,3 +4,10 @@ This git repository is used to maintain the Azure Resource Management (ARM) temp used for the implementation of WebLogic Server (with N-Node Dynamic Cluster) on Microsoft Azure. For WebLogic Server running in the Azure Virtual Machines documentation, please refer to the [README documentation](https://github.com/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls/README.md). + +## License + +Copyright (c) 2021 Oracle and/or its affiliates. + +Released under the Universal Permissive License v1.0 as shown at +. diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md index 2f52022e0..38ff8f492 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md @@ -79,3 +79,10 @@ weblogic12c-n-dynamic-cluster Preview Subscription Ids REDACTED + +## License + +Copyright (c) 2021 Oracle and/or its affiliates. + +Released under the Universal Permissive License v1.0 as shown at +. From c5ac107454f0ab136e41ff8309a20ab90c659fd0 Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Wed, 6 Oct 2021 15:12:21 +0000 Subject: [PATCH 006/720] using html like comment to include license info in readme.md --- .../arm-oraclelinux-wls-cluster/README.md | 13 +++++-------- .../src/main/resources/README.md | 12 +++++------- .../arm-oraclelinux-wls-dynamic-cluster/README.md | 11 +++++------ .../src/main/resources/README.md | 12 +++++------- 4 files changed, 20 insertions(+), 28 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md index d268df8df..c1a10b45a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/README.md @@ -1,14 +1,11 @@ + + ## WebLogic Server (with N-Node Cluster) on Microsoft Azure - Marketplace Offerings This git repository is used to maintain the Azure Resource Management (ARM) templates and other scripts used for the implementation of WebLogic Server (with N-Node Cluster) on Microsoft Azure. For WebLogic Server running in the Azure Virtual Machines documentation, please refer to the [README documentation](https://github.com/oracle/weblogic-azure/weblogic-azure-vm/README.md). - -## License - -Copyright (c) 2021 Oracle and/or its affiliates. - -Released under the Universal Permissive License v1.0 as shown at -. - diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md index 770a5bba3..f9efaa131 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md @@ -1,3 +1,8 @@ + + # What is this stuff? Content that goes into the "Marketplace" tab of the offer. @@ -79,10 +84,3 @@ weblogic12c-n-cluster Preview Subscription Ids REDACTED - -## License - -Copyright (c) 2021 Oracle and/or its affiliates. - -Released under the Universal Permissive License v1.0 as shown at -. diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md index f6cd48be5..8908bae6a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/README.md @@ -1,3 +1,8 @@ + + ## WebLogic Server (with N-Node Dynamic Cluster) on Microsoft Azure - Marketplace Offerings This git repository is used to maintain the Azure Resource Management (ARM) templates and other scripts @@ -5,9 +10,3 @@ used for the implementation of WebLogic Server (with N-Node Dynamic Cluster) on For WebLogic Server running in the Azure Virtual Machines documentation, please refer to the [README documentation](https://github.com/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls/README.md). -## License - -Copyright (c) 2021 Oracle and/or its affiliates. - -Released under the Universal Permissive License v1.0 as shown at -. diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md index 38ff8f492..1b7e62ed4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md @@ -1,3 +1,8 @@ + + # What is this stuff? Content that goes into the "Marketplace" tab of the offer. @@ -79,10 +84,3 @@ weblogic12c-n-dynamic-cluster Preview Subscription Ids REDACTED - -## License - -Copyright (c) 2021 Oracle and/or its affiliates. - -Released under the Universal Permissive License v1.0 as shown at -. From 266a4ae4135fafe1a6d1b4d9984005436e59621f Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 8 Oct 2021 10:19:49 +0800 Subject: [PATCH 007/720] On branch main: fix outputs of cluster lb external url. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep --- .../modules/_deployment-scripts/_ds-create-networking.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep index d8fec4160..26d8d2095 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep @@ -86,6 +86,6 @@ output adminConsoleLBSecuredUrl string = enableCustomSSL && length(lbSvcValues) output adminServerT3LBUrl string = length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminServerT3Endpoint != 'null') ? reference(name_deploymentName).outputs.adminServerT3Endpoint: '' output adminRemoteUrl string = (!enableCustomSSL) && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminRemoteEndpoint != 'null') ? format('http://{0}',reference(name_deploymentName).outputs.adminRemoteEndpoint): '' output adminRemoteSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminRemoteEndpoint != 'null') ? format('https://{0}',reference(name_deploymentName).outputs.adminRemoteEndpoint): '' -output clusterLBUrl string = (!enableCustomSSL) && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('https://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): '' -output clusterLBSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('http://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): '' +output clusterLBUrl string = (!enableCustomSSL) && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('http://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): '' +output clusterLBSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('https://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): '' output clusterT3LBUrl string = length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterT3Endpoint != 'null') ? reference(name_deploymentName).outputs.clusterT3Endpoint: '' From dd2434796549d3e65fb8c8c215ae6c6e580e4138 Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Fri, 8 Oct 2021 11:22:10 +0000 Subject: [PATCH 008/720] replacing references to wls-eng git repo with oracle/weblogic-azure git repo in cluster and dynamic cluster offer related files --- .../arm-oraclelinux-wls-cluster/.github/workflows/build.yml | 6 +++--- .../arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml | 4 ++-- .../arm-oraclelinux-wls-cluster/addnode/pom.xml | 4 ++-- .../arm-oraclelinux-wls-cluster/pom.xml | 4 ++-- .../src/main/resources/README.md | 4 ++-- .../arm-oraclelinux-wls-cluster/deletenode/pom.xml | 4 ++-- weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml | 4 ++-- .../.github/workflows/build.yml | 6 +++--- .../addnode-coherence/pom.xml | 4 ++-- .../arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml | 4 ++-- .../arm-oraclelinux-wls-dynamic-cluster/pom.xml | 4 ++-- .../src/main/resources/README.md | 4 ++-- .../arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml | 4 ++-- .../arm-oraclelinux-wls-dynamic-cluster/pom.xml | 4 ++-- 14 files changed, 30 insertions(+), 30 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml index d6e4a51cd..4aa2f644f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml @@ -12,7 +12,7 @@ on: default: 'false' # Allows you to run this workflow using GitHub APIs # PERSONAL_ACCESS_TOKEN= - # REPO_NAME=wls-eng/arm-oraclelinux-wls-cluster + # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster # curl --verbose -XPOST -u "wls-eng:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' repository_dispatch: @@ -982,7 +982,7 @@ jobs: - name: summarize jobs if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} run: | - workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/wls-eng/arm-oraclelinux-wls-cluster/actions/runs/${{ github.run_id }}/jobs) + workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster/actions/runs/${{ github.run_id }}/jobs) critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-cluster."))) | length') echo "$critical_job_num" succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-cluster."))) | length') @@ -997,7 +997,7 @@ jobs: { "@context":"http://schema.org/extensions", "@type":"MessageCard", - "text":"$failed_job_num jobs failed in Configured Cluster Offer's workflow, please take a look at: https://github.com/wls-eng/arm-oraclelinux-wls-cluster/actions/runs/${{ github.run_id }}" + "text":"$failed_job_num jobs failed in Configured Cluster Offer's workflow, please take a look at: https://github.com/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster/actions/runs/${{ github.run_id }}" } EOF fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml index a367ddd12..d793d0fc9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml index 9cca61cbd..557192ad7 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index cec4636f0..c61e7bcd2 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md index f9efaa131..61652f22f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/resources/README.md @@ -9,7 +9,7 @@ Content that goes into the "Marketplace" tab of the offer. See [the Marketplace documentation](https://docs.microsoft.com/en-us/azure/marketplace/cloud-partner-portal/virtual-machine/cpp-marketplace-tab) for details. -When submitting the offer, use content from [https://github.com/wls-eng/arm-oraclelinux-wls/tree/master/arm-oraclelinux-wls/src/main/resources](this directory), but apply the changes in this file on top. +When submitting the offer, use content from [https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources](this directory), but apply the changes in this file on top. ## Offer Settings @@ -71,7 +71,7 @@ Provisions an n-node Oracle WebLogic Server cluster on Oracle Linux 7.6 Description -[description.html](https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/master/arm-oraclelinux-wls/src/main/resources/description.html) +[description.html](https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html) Offer available to Microsoft CSP Reseller channel? * diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml index 3eed1ca2a..336610f3d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml index 9902d3ab3..d0add8428 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml @@ -18,12 +18,12 @@ - https://github.com/wls-eng/arm-oraclelinux-wls-cluster + https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster scm:git:git@github.com:wls-eng/arm-oraclelinux-wls.git scm:git:git@github.com:wls-eng/arm-oraclelinux-wls-cluster.git - https://github.com/wls-eng/arm-oraclelinux-wls-cluster + https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster HEAD diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml index 79e6ddd6a..23535bfec 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml @@ -12,7 +12,7 @@ on: default: 'false' # Allows you to run this workflow using GitHub APIs # PERSONAL_ACCESS_TOKEN= - # REPO_NAME=wls-eng/arm-oraclelinux-wls-dynamic-cluster + # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster # curl --verbose -XPOST -u "wls-eng:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' repository_dispatch: @@ -820,7 +820,7 @@ jobs: - name: summarize jobs if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} run: | - workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/wls-eng/arm-oraclelinux-wls-dynamic-cluster/actions/runs/${{ github.run_id }}/jobs) + workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/actions/runs/${{ github.run_id }}/jobs) critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-cluster."))) | length') echo "$critical_job_num" succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-cluster."))) | length') @@ -835,7 +835,7 @@ jobs: { "@context":"http://schema.org/extensions", "@type":"MessageCard", - "text":"$failed_job_num jobs failed in Dynamic Cluster Offer's workflow, please take a look at: https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster/actions/runs/${{ github.run_id }}" + "text":"$failed_job_num jobs failed in Dynamic Cluster Offer's workflow, please take a look at: https://github.com/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/actions/runs/${{ github.run_id }}" } EOF fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml index b81cc5db2..c21f44f7e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml index e0081079a..acecd8c5b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index 914e7aae1..7ae576602 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md index 1b7e62ed4..cecce3383 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/README.md @@ -9,7 +9,7 @@ Content that goes into the "Marketplace" tab of the offer. See [the Marketplace documentation](https://docs.microsoft.com/en-us/azure/marketplace/cloud-partner-portal/virtual-machine/cpp-marketplace-tab) for details. -When submitting the offer, use content from [https://github.com/wls-eng/arm-oraclelinux-wls/tree/master/arm-oraclelinux-wls/src/main/resources](this directory), but apply the changes in this file on top. +When submitting the offer, use content from [https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources](this directory), but apply the changes in this file on top. ## Offer Settings @@ -71,7 +71,7 @@ Provisions an n-node Oracle WebLogic Server cluster on Oracle Linux 7.6 Description -[description.html](https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/master/arm-oraclelinux-wls/src/main/resources/description.html) +[description.html](https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html) Offer available to Microsoft CSP Reseller channel? * diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml index bed47ec88..f787cb722 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml index fdc5f72ee..36ab4c835 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -16,12 +16,12 @@ - https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster + https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster scm:git:git@github.com:wls-eng/arm-oraclelinux-wls-dynamic-cluster.git scm:git:git@github.com:wls-eng/arm-oraclelinux-wls-dynamic-cluster.git - https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster + https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster HEAD From 31b410262e4b6c49aa9039ac76615fcdc7d5e0a8 Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Fri, 8 Oct 2021 11:42:03 +0000 Subject: [PATCH 009/720] modified upl license url in yaml files --- .../arm-oraclelinux-wls-cluster/.github/workflows/build.yml | 2 +- .../arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml | 2 +- .../arm-oraclelinux-wls-cluster/.github/workflows/package.yaml | 2 +- .../.github/workflows/build.yml | 2 +- .../.github/workflows/newtag.yaml | 2 +- .../.github/workflows/pakage.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml index 4aa2f644f..6c11a2d93 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml @@ -1,6 +1,6 @@ #Copyright (c) 2021 Oracle and/or its affiliates. #Released under the Universal Permissive License v1.0 as shown at -#. +# https://oss.oracle.com/licenses/upl/ name: Build and Test on: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml index e650bfc12..fa8630401 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml @@ -1,6 +1,6 @@ #Copyright (c) 2021 Oracle and/or its affiliates. #Released under the Universal Permissive License v1.0 as shown at -#. +# https://oss.oracle.com/licenses/upl/ name: New Tag on: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml index e4015f79c..fe720de97 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml @@ -1,6 +1,6 @@ #Copyright (c) 2021 Oracle and/or its affiliates. #Released under the Universal Permissive License v1.0 as shown at -#. +# https://oss.oracle.com/licenses/upl/ name: Package ARM on: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml index 23535bfec..995deaf5e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml @@ -1,6 +1,6 @@ #Copyright (c) 2021 Oracle and/or its affiliates. #Released under the Universal Permissive License v1.0 as shown at -#. +# https://oss.oracle.com/licenses/upl/ name: Build and Test on: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml index 738f4804f..7f9ad02ab 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml @@ -1,6 +1,6 @@ #Copyright (c) 2021 Oracle and/or its affiliates. #Released under the Universal Permissive License v1.0 as shown at -#. +# https://oss.oracle.com/licenses/upl/ name: New Tag on: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml index 3de8c3da1..5abbc208e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml @@ -1,6 +1,6 @@ #Copyright (c) 2021 Oracle and/or its affiliates. #Released under the Universal Permissive License v1.0 as shown at -#. +# https://oss.oracle.com/licenses/upl/ name: Package ARM on: From d93368795917e6094997e4c81e12c76caed9df3a Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 11 Oct 2021 16:08:05 +0800 Subject: [PATCH 010/720] On branch main: output 'aksAgentPoolVMSize' in UI definition. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json --- weblogic-azure-aks/src/main/arm/createUiDefinition.json | 1 + 1 file changed, 1 insertion(+) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index cb5ea9fc4..abf854d46 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -1696,6 +1696,7 @@ "outputs": { "acrName": "[last(split(steps('section_aks').imageInfo.oracleAcrSelector.id, '/'))]", "aksAgentPoolNodeCount": "[steps('section_aks').clusterInfo.aksNodeCount]", + "aksAgentPoolVMSize": "[steps('section_aks').clusterInfo.nodeVMSizeSelector]", "aksClusterName": "[last(split(steps('section_aks').clusterInfo.aksClusterSelector.id, '/'))]", "aksClusterRGName": "[last(take(split(steps('section_aks').clusterInfo.aksClusterSelector.id, '/'), 5))]", "appGatewayCertificateOption": "[steps('section_appGateway').appgwIngress.certificateOption]", From d9c5aa2b2798c92a7154f741caf4c47616131751 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 12 Oct 2021 13:12:23 +0800 Subject: [PATCH 011/720] On branch main: UI - selector for oracle images Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json --- .../src/main/arm/createUiDefinition.json | 90 ++++++++++++++----- 1 file changed, 69 insertions(+), 21 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index abf854d46..f5ded01f9 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -347,7 +347,7 @@ "type": "Microsoft.Common.Section", "label": "Image Selection", "elements": [ - { + { "name": "useOracleImage", "type": "Microsoft.Common.OptionsGroup", "label": "Use a pre-existing WebLogic Server Docker image in Oracle Container Registry?", @@ -404,11 +404,11 @@ "validationMessage": "The image must be stored in the selected ACR above" } }, - { + { "name": "oracleCreateACR", "type": "Microsoft.Common.OptionsGroup", "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", - "label": "Create a new ACR instance?", + "label": "Create a new Azure Container Registry to store application images?", "defaultValue": "Yes", "toolTip": "Select 'Yes' to create a new ACR instance, or select 'No' to provide an existing ACR instance.", "constraints": { @@ -449,18 +449,6 @@ }, "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),not(bool(steps('section_aks').imageInfo.oracleCreateACR)))]" }, - { - "name": "fromImageText", - "type": "Microsoft.Common.TextBlock", - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", - "options": { - "text": "This value is appended to 'container-registry.oracle.com/middleware/weblogic:' and used in the Dockerfile from statement. \nOracle Standard Terms and Restrictions terms must be agreed. \nClick the following link to make sure you have agree the terms and check the valid tags.", - "link": { - "label": "Must be a valid tag value from Oracle Container Registry", - "uri": "https://aka.ms/wls-aks-fromImage-tag" - } - } - }, { "name": "ocrSSOInfo", "type": "Microsoft.Common.InfoBox", @@ -502,14 +490,74 @@ }, "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" }, + { + "name": "fromImageText", + "type": "Microsoft.Common.TextBlock", + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", + "options": { + "text": "This value is appended to 'container-registry.oracle.com/middleware/weblogic:' and used in the Dockerfile from statement. \nOracle Standard Terms and Restrictions terms must be agreed. \nClick the following link to make sure you have agree the terms and check the valid tags.", + "link": { + "label": "Must be a valid tag value from Oracle Container Registry", + "uri": "https://aka.ms/wls-aks-fromImage-tag" + } + } + }, + { + "name": "oracleImageSelector", + "type": "Microsoft.Common.DropDown", + "label": "Select WebLogic Docker tag", + "defaultValue": "14.1.1.0-11", + "toolTip": "Docker tag that comes after 'container-registry.oracle.com/middleware/weblogic:' in the fromOracleImage option to 'imagetool'.", + "constraints": { + "allowedValues": [ + { + "label": "14.1.1.0-8", + "value": "14.1.1.0-8" + }, + { + "label": "14.1.1.0-11", + "value": "14.1.1.0-11" + }, + { + "label": "12.2.1.4", + "value": "12.2.1.4" + }, + { + "label": "12.2.1.3", + "value": "12.2.1.3" + }, + { + "label": "14.1.1.0-8-ol8", + "value": "14.1.1.0-8-ol8" + }, + { + "label": "14.1.1.0-11-ol8", + "value": "14.1.1.0-11-ol8" + }, + { + "label": "12.2.1.4-ol8", + "value": "12.2.1.4-ol8" + }, + { + "label": "12.2.1.3-ol8", + "value": "12.2.1.3-ol8" + }, + { + "label": "Others", + "value": "others" + } + ], + "required": true + }, + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" + }, { "name": "fromOracleImage", "type": "Microsoft.Common.TextBox", - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", + "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),equals(steps('section_aks').imageInfo.oracleImageSelector, 'others'))]", "label": "WebLogic Docker tag", - "defaultValue": "12.2.1.4-ol8", + "defaultValue": "14.1.1.0-slim-11", "toolTip": "Docker tag that comes after 'container-registry.oracle.com/middleware/weblogic:' in the fromOracleImage option to 'imagetool'.", - "multiLine": false, "constraints": { "required": true, "validations": [ @@ -1764,15 +1812,15 @@ "useInternalLB": "[bool(steps('section_appGateway').lbSVCInfo.enableInternalLB)]", "useOracleImage": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "userProvidedAcr": "[last(split(steps('section_aks').imageInfo.userProvidedAcrSelector.id, '/'))]", - "userProvidedImagePath": "[steps('section_aks').imageInfo.userProvidedImagePath]", + "userProvidedImagePath": "[steps('section_aks').imageInfo.userProvidedImagePath]", "wdtRuntimePassword": "[basics('basicsRequired').wdtRuntimePassword]", "wlsClusterSize": "[basics('basicsOptional').wlsClusterSize]", "wlsDomainName": "[basics('basicsOptional').wlsDomainName]", "wlsDomainUID": "[basics('basicsOptional').wlsDomainUID]", - "wlsImageTag": "[steps('section_aks').imageInfo.fromOracleImage]", + "wlsImageTag": "[if(equals(steps('section_aks').imageInfo.oracleImageSelector, 'others'), steps('section_aks').imageInfo.fromOracleImage, steps('section_aks').imageInfo.oracleImageSelector)]", "wlsJavaOption": "[basics('basicsOptional').wlsJavaOption]", "wlsPassword": "[basics('basicsRequired').wlsPassword]", "wlsUserName": "[basics('basicsRequired').wlsUserName]" } } -} +} \ No newline at end of file From 2d781344ba159c769c698a0251b29a6637d2c743 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Sat, 9 Oct 2021 11:17:26 +0800 Subject: [PATCH 012/720] On branch main: validate inputs and fail fast. On branch main: validate inputs and fail fast. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep --- .../inline-scripts/validateParameters.sh | 522 ++++++++++++++++++ .../src/main/bicep/mainTemplate.bicep | 61 +- .../_ds-validate-parameters.bicep | 209 +++++++ 3 files changed, 789 insertions(+), 3 deletions(-) create mode 100644 weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh new file mode 100644 index 000000000..1251c5388 --- /dev/null +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh @@ -0,0 +1,522 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# This script runs on Azure Container Instance with Alpine Linux that Azure Deployment script creates. +# +# env inputs: +# ORACLE_ACCOUNT_NAME +# ORACLE_ACCOUNT_PASSWORD +# ACR_NAME +# AKS_CLUSTER_NAME +# AKS_CLUSTER_RESOURCEGROUP_NAME +# BASE64_FOR_SERVICE_PRINCIPAL +# WLS_SSL_KEYVAULT_NAME +# WLS_SSL_KEYVAULT_RESOURCEGROUP_NAME +# WLS_SSL_KEYVAULT_IDENTITY_DATA_SECRET_NAME +# WLS_SSL_KEYVAULT_IDENTITY_PASSWORD_SECRET_NAME +# WLS_SSL_KEYVAULT_IDENTITY_TYPE +# WLS_SSL_KEYVAULT_TRUST_DATA_SECRET_NAME +# WLS_SSL_KEYVAULT_TRUST_PASSWORD_SECRET_NAME +# WLS_SSL_KEYVAULT_TRUST_TYPE +# WLS_SSL_KEYVAULT_PRIVATE_KEY_ALIAS +# WLS_SSL_KEYVAULT_PRIVATE_KEY_PASSWORD +# WLS_SSL_IDENTITY_DATA +# WLS_SSL_IDENTITY_PASSWORD +# WLS_SSL_IDENTITY_TYPE +# WLS_SSL_TRUST_DATA +# WLS_SSL_TRUST_PASSWORD +# WLS_SSL_TRUST_TYPE +# WLS_SSL_PRIVATE_KEY_ALIAS +# WLS_SSL_PRIVATE_KEY_PASSWORD +# APPLICATION_GATEWAY_SSL_KEYVAULT_NAME +# APPLICATION_GATEWAY_SSL_KEYVAULT_RESOURCEGROUP +# APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_DATA_SECRET_NAME +# APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_PASSWORD_SECRET_NAME +# APPLICATION_GATEWAY_SSL_FRONTEND_CERT_DATA +# APPLICATION_GATEWAY_SSL_FRONTEND_CERT_PASSWORD +# DNA_ZONE_NAME +# DNA_ZONE_RESOURCEGROUP_NAME + +function echo_stderr() { + echo "$@" 1>&2 + # The function is used for scripts running within Azure Deployment Script + # The value of AZ_SCRIPTS_OUTPUT_PATH is /mnt/azscripts/azscriptoutput + echo -e "$@" >>${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/errors.log +} + +function echo_stdout() { + echo "$@" + # The function is used for scripts running within Azure Deployment Script + # The value of AZ_SCRIPTS_OUTPUT_PATH is /mnt/azscripts/azscriptoutput + echo -e "$@" >>${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/debug.log +} + +function install_jdk() { + # Install Microsoft OpenJDK + apk --no-cache add openjdk11 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community + + echo "java version" + java -version + if [ $? -eq 1 ]; then + echo_stderr "Failed to install open jdk 11." + exit 1 + fi + # JAVA_HOME=/usr/lib/jvm/java-11-openjdk +} + +#Validate teminal status with $?, exit with exception if errors happen. +# $1 - error message +# $2 - root cause message +function validate_status() { + if [ $? != 0 ]; then + echo_stderr "Errors happen during: $1." $2 + exit 1 + else + echo_stdout "$1" + fi +} + +# Validate User Assigned Managed Identity +# Check points: +# - the identity is User Assigned Identity, if not, exit with error. +# - the identity is assigned with Contributor or Owner role, if not, exit with error. +function validate_user_assigned_managed_identity() { + # AZ_SCRIPTS_USER_ASSIGNED_IDENTITY + local uamiType=$(az identity show --ids ${AZ_SCRIPTS_USER_ASSIGNED_IDENTITY} --query "type" -o tsv) + validate_status "query resource type of ${AZ_SCRIPTS_USER_ASSIGNED_IDENTITY}" "The user managed identity may not exist, please check." + if [[ "${uamiType}" != "${userManagedIdentityType}" ]]; then + echo_stderr "You must use User Assigned Managed Identity, please follow the document to create one: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal?WT.mc_id=Portal-Microsoft_Azure_CreateUIDef" + fi + + echo_stdout "query principal Id of the User Assigned Identity." + local principalId=$(az identity show --ids ${AZ_SCRIPTS_USER_ASSIGNED_IDENTITY} --query "principalId" -o tsv) + + echo_stdout "check if the user assigned managed identity has Contributor or Owner role." + local roleLength=$(az role assignment list --assignee ${principalId} | + jq '.[] | [select(.roleDefinitionName=="Contributor" or .roleDefinitionName=="Owner")] | length') + if [ ${roleLength} -lt 1 ]; then + echo_stderr "You must grant the User Assigned Managed Identity with at least Contributor role. Please check ${AZ_SCRIPTS_USER_ASSIGNED_IDENTITY}" + fi + + echo_stdout "Check User Assigned Identity: passed!" +} + +# Validate compute resources +# Check points: +# - there is enough resource for AKS cluster +# - there is enough resource for VM to build the image +# Example to list the vm usage: +# az vm list-usage --location "East US" -o table +# Name CurrentValue Limit +# ---------------------------------------- -------------- ------- +# Availability Sets 0 2500 +# Total Regional vCPUs 2 200 +# Virtual Machines 1 25000 +# Virtual Machine Scale Sets 0 2500 +# Dedicated vCPUs 0 3000 +# Cloud Services 0 2500 +# Total Regional Low-priority vCPUs 0 100 +# Standard DSv2 Family vCPUs 0 100 +# Standard Av2 Family vCPUs 2 100 +# Basic A Family vCPUs 0 100 +# Standard A0-A7 Family vCPUs 0 200 +# Standard A8-A11 Family vCPUs 0 100 +# Standard D Family vCPUs 0 100 +# Standard Dv2 Family vCPUs 0 100 +# Standard DS Family vCPUs 0 100 +# Standard G Family vCPUs 0 100 +# Standard GS Family vCPUs 0 100 +# Standard F Family vCPUs 0 100 +# Standard FS Family vCPUs 0 100 +# ... ... +function validate_compute_resources() { + # Resource for ubuntu machine + # 2 Standard Av2 Family vCPUs + + # query total cores + local vmUsage=$(az vm list-usage -l ${location} -o json) + local totalCPUs=$(echo ${vmUsage} | jq '.[] | select(.name.value=="cores") | .limit' | tr -d "\"") + local currentCPUs=$(echo ${vmUsage} | jq '.[] | select(.name.value=="cores") | .currentValue' | tr -d "\"") + local aksCPUs=0 + + # if creating new AKS cluster + if [[ "${createAKSCluster,,}" == "true" ]]; then + local aksVMDetails=$(az vm list-skus --size ${aksAgentPoolVMSize} -l ${location} --query [0]) + local vmFamily=$(echo ${aksVMDetails} | jq '.family' | tr -d "\"") + local vmCPUs=$(echo ${aksVMDetails} | jq '.capabilities[] | select(.name=="vCPUs") | .value' | tr -d "\"") + aksCPUs=$((vmCPUs * aksAgentPoolNodeCount)) + + # query CPU usage of the vm family + local familyLimit=$(echo ${vmUsage} | jq '.[] | select(.name.value=="'${vmFamily}'") | .limit' | tr -d "\"") + local familyUsage=$(echo ${vmUsage} | jq '.[] | select(.name.value=="'${vmFamily}'") | .currentValue' | tr -d "\"") + local requiredFamilyCPUs=$((aksCPUs + familyUsage)) + # make sure thers is enough vCPUs of the family for AKS + if [ ${requiredFamilyCPUs} -gt ${familyLimit} ]; then + echo_stderr "It requires ${aksCPUs} ${vmFamily} vCPUs to create the AKS cluster, ${vmFamily} vCPUs quota is limited to ${familyLimit}, current usage is ${familyUsage}." + exit 1 + fi + fi + + local vmFamilyOfUbuntu="standardAv2Family" + local familyLimit=$(echo ${vmUsage} | jq '.[] | select(.name.value=="'${vmFamilyOfUbuntu}'") | .limit' | tr -d "\"") + local familyUsage=$(echo ${vmUsage} | jq '.[] | select(.name.value=="'${vmFamilyOfUbuntu}'") | .currentValue' | tr -d "\"") + local requiredFamilyCPUs=$((2 + familyUsage)) + # make sure thers is enough vCPUs of the family for ubuntu machine + if [ ${requiredFamilyCPUs} -gt ${familyLimit} ]; then + echo_stderr "It requires 2 ${vmFamilyOfUbuntu} vCPUs to create an ubuntu machine for docker image, ${vmFamilyOfUbuntu} vCPUs quota is limited to ${familyLimit}, current usage is ${familyUsage}." + exit 1 + fi + + local requiredCPU=$((aksCPUs + 2 + currentCPUs)) + if [ ${requiredCPU} -gt ${totalCPUs} ]; then + echo_stderr "It requires ${requiredCPU} vCPUs to run WLS on AKS, vCPUs quota is limited to ${totalCPUs}, current usage is ${currentCPUs}." + exit 1 + fi + + echo_stdout "Check compute resources: passed!" +} + +function validate_ocr_account() { + # install docker cli + apk add docker --no-cache --quiet + docker --help + validate_status "install docker" + + # ORACLE_ACCOUNT_NAME + # ORACLE_ACCOUNT_PASSWORD + docker logout + echo "${ORACLE_ACCOUNT_PASSWORD}" | docker login ${ocrLoginServer} -u ${ORACLE_ACCOUNT_NAME} --password-stdin + validate_status "login OCR with user ${ORACLE_ACCOUNT_NAME}" + + echo_stdout "Check OCR account: passed!" +} + +function check_acr_admin_enabled() { + echo_stdout "check if admin user enabled in ACR $ACR_NAME " + local adminUserEnabled=$(az acr show --name $ACR_NAME --query "adminUserEnabled") + validate_status "query 'adminUserEnabled' property of ACR ${ACR_NAME}" "Invalid ACR: ${ACR_NAME}" + + if [[ "${adminUserEnabled}" == "false" ]]; then + echo_stderr "Make sure admin user is enabled in ACR $ACR_NAME. Please find steps in https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication?WT.mc_id=Portal-Microsoft_Azure_CreateUIDef&tabs=azure-cli#admin-account" + exit 1 + fi +} + +function validate_acr_image() { + echo_stdout "use ACR: $ACR_NAME" + + local pathWithoutTag=${userProvidedImagePath%\:*} + local repository=${pathWithoutTag#*\/} + local tag="${userProvidedImagePath##*:}" + + local tagIndex=$(az acr repository show-tags --name $ACR_NAME --repository ${repository} | jq 'index("'${tag}'")') + validate_status "check if tag ${tag} exists." "Invalid image path ${userProvidedImagePath}" + if [[ "${tagIndex}" == "null" ]]; then + echo_stderr "Tag ${tag} does not exist in ${repository}." + exit 1 + fi + + echo_stdout "Check ACR image: passed!" +} + +function validate_base_image_path() { + if [[ "${useOracleImage,,}" == "true" ]]; then + validate_ocr_account + else + validate_acr_image + fi +} + +# Only support kubenet currently +function validate_aks_network_plugin() { + # AKS_CLUSTER_NAME + # AKS_CLUSTER_RESOURCEGROUP_NAME + + if [[ "${createAKSCluster,,}" == "false" ]]; then + local networkPlugin=$(az aks show -n ${AKS_CLUSTER_NAME} \ + -g ${AKS_CLUSTER_RESOURCEGROUP_NAME} \ + --query 'networkProfile.networkPlugin' -o tsv) + + if [[ "${networkPlugin}" != "kubenet" ]]; then + echo_stderr "The offer only supports AKS network type kubenet, you are using a cluster of CNI." + exit 1 + fi + fi + + echo_stdout "Check AKS networking: passed!" +} + +function download_wls_ssl_certificates_from_keyvault() { + # check key vault accessibility for template deployment + local enabledForTemplateDeployment=$(az keyvault show --name ${WLS_SSL_KEYVAULT_NAME} --query "properties.enabledForTemplateDeployment") + if [[ "${enabledForTemplateDeployment,,}" != "true" ]]; then + echo_stderr "Make sure Key Vault ${WLS_SSL_KEYVAULT_NAME} is enabled for template deployment. " + exit 1 + fi + + # allow the identity to access the keyvault + local principalId=$(az identity show --ids ${AZ_SCRIPTS_USER_ASSIGNED_IDENTITY} --query "principalId" -o tsv) + az keyvault set-policy --name ${WLS_SSL_KEYVAULT_NAME} --object-id ${principalId} --secret-permissions get list + validate_status "grant identity permission to get/list secrets in key vault ${WLS_SSL_KEYVAULT_NAME}" + + local identityDataFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/identityData.txt + local identityPswFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/identityPsw.txt + local trustDataFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/trustData.txt + local trustPswFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/trustPsw.txt + local privateKeyAliasFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/privateKeyData.txt + local privateKeyPswFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/privateKeyPsw.txt + + rm -f ${identityDataFileName} + rm -f ${identityPswFileName} + rm -f ${trustDataFileName} + rm -f ${trustPswFileName} + rm -f ${privateKeyAliasFileName} + rm -f ${privateKeyPswFileName} + + # download identity data + az keyvault secret download --file ${identityDataFileName} \ + --name ${WLS_SSL_KEYVAULT_IDENTITY_DATA_SECRET_NAME} \ + --vault-name ${WLS_SSL_KEYVAULT_NAME} + validate_status "download secret ${WLS_SSL_KEYVAULT_IDENTITY_DATA_SECRET_NAME} from key vault ${WLS_SSL_KEYVAULT_NAME}" + # set identity data with values in download file + WLS_SSL_IDENTITY_DATA=$(cat ${identityDataFileName}) + # remove the data file + rm -f ${identityDataFileName} + + # download identity password + az keyvault secret download --file ${identityPswFileName} \ + --name ${WLS_SSL_KEYVAULT_IDENTITY_PASSWORD_SECRET_NAME} \ + --vault-name ${WLS_SSL_KEYVAULT_NAME} + validate_status "download secret ${WLS_SSL_KEYVAULT_IDENTITY_PASSWORD_SECRET_NAME} from key vault ${WLS_SSL_KEYVAULT_NAME}" + # set identity psw with values in download file + WLS_SSL_IDENTITY_PASSWORD=$(cat ${identityPswFileName}) + # remove the data file + rm -f ${identityPswFileName} + + # download trust data + az keyvault secret download --file ${trustDataFileName} \ + --name ${WLS_SSL_KEYVAULT_TRUST_DATA_SECRET_NAME} \ + --vault-name ${WLS_SSL_KEYVAULT_NAME} + validate_status "download secret ${WLS_SSL_KEYVAULT_TRUST_DATA_SECRET_NAME} from key vault ${WLS_SSL_KEYVAULT_NAME}" + # set trust data with values in download file + WLS_SSL_TRUST_DATA=$(cat ${trustDataFileName}) + # remove the data file + rm -f ${trustDataFileName} + + # download trust psw + az keyvault secret download --file ${trustPswFileName} \ + --name ${WLS_SSL_KEYVAULT_TRUST_PASSWORD_SECRET_NAME} \ + --vault-name ${WLS_SSL_KEYVAULT_NAME} + validate_status "download secret ${WLS_SSL_KEYVAULT_TRUST_PASSWORD_SECRET_NAME} from key vault ${WLS_SSL_KEYVAULT_NAME}" + # set trust psw with values in download file + WLS_SSL_TRUST_PASSWORD=$(cat ${trustPswFileName}) + # remove the data file + rm -f ${trustPswFileName} + + # download alias + az keyvault secret download --file ${privateKeyAliasFileName} \ + --name ${WLS_SSL_KEYVAULT_PRIVATE_KEY_ALIAS} \ + --vault-name ${WLS_SSL_KEYVAULT_NAME} + validate_status "download secret ${WLS_SSL_KEYVAULT_PRIVATE_KEY_ALIAS} from key vault ${WLS_SSL_KEYVAULT_NAME}" + # set alias with values in download file + WLS_SSL_PRIVATE_KEY_ALIAS=$(cat ${privateKeyAliasFileName}) + # remove the data file + rm -f ${privateKeyAliasFileName} + + # download private key psw + az keyvault secret download --file ${privateKeyPswFileName} \ + --name ${WLS_SSL_KEYVAULT_PRIVATE_KEY_PASSWORD} \ + --vault-name ${WLS_SSL_KEYVAULT_NAME} + validate_status "download secret ${WLS_SSL_KEYVAULT_PRIVATE_KEY_PASSWORD} from key vault ${WLS_SSL_KEYVAULT_NAME}" + # set private key psw with values in download file + WLS_SSL_PRIVATE_KEY_PASSWORD=$(cat ${privateKeyPswFileName}) + # remove the data file + rm -f ${privateKeyPswFileName} + + WLS_SSL_IDENTITY_TYPE=${WLS_SSL_KEYVAULT_IDENTITY_TYPE} + WLS_SSL_TRUST_TYPE=${WLS_SSL_KEYVAULT_TRUST_TYPE} + + # reset key vault policy + az keyvault delete-policy --name ${WLS_SSL_KEYVAULT_NAME} --object-id ${principalId} + validate_status "delete identity permission to get/list secrets in key vault ${WLS_SSL_KEYVAULT_NAME}" +} + +function validate_wls_ssl_certificates() { + if [[ "${sslConfigurationAccessOption}" == "${sslCertificateKeyVaultOption}" ]]; then + download_wls_ssl_certificates_from_keyvault + fi + + local wlsIdentityKeyStoreFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/identity.keystore + local wlsTrustKeyStoreFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/trust.keystore + echo "$WLS_SSL_IDENTITY_DATA" | base64 -d >$wlsIdentityKeyStoreFileName + echo "$WLS_SSL_TRUST_DATA" | base64 -d >$wlsTrustKeyStoreFileName + + # use default Java, if no, install open jdk 11. + # why not using Microsoft open jdk? + # No apk installation package! + export JAVA_HOME=/usr/lib/jvm/default-jvm/ + if [ ! -d "${JAVA_HOME}" ]; then + install_jdk + JAVA_HOME=/usr/lib/jvm/java-11-openjdk + fi + #validate if identity keystore has entry + ${JAVA_HOME}/bin/keytool -list -v \ + -keystore $wlsIdentityKeyStoreFileName \ + -storepass $WLS_SSL_IDENTITY_PASSWORD \ + -storetype $WLS_SSL_IDENTITY_TYPE | + grep 'Entry type:' | + grep 'PrivateKeyEntry' + + validate_status "validate Identity Keystore." + + #validate if trust keystore has entry + ${JAVA_HOME}/bin/keytool -list -v \ + -keystore ${wlsTrustKeyStoreFileName} \ + -storepass $WLS_SSL_TRUST_PASSWORD \ + -storetype $WLS_SSL_TRUST_TYPE | + grep 'Entry type:' | + grep 'trustedCertEntry' + + validate_status "validate Trust Keystore." + + echo_stdout "validate SSL key stores: passed!" +} + +function download_application_gateway_certificate_from_keyvault() { + # check key vault accessibility for template deployment + local enabledForTemplateDeployment=$(az keyvault show --name ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME} --query "properties.enabledForTemplateDeployment") + if [[ "${enabledForTemplateDeployment,,}" != "true" ]]; then + echo_stderr "Make sure Key Vault ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME} is enabled for template deployment. " + exit 1 + fi + + # allow the identity to access the keyvault + local principalId=$(az identity show --ids ${AZ_SCRIPTS_USER_ASSIGNED_IDENTITY} --query "principalId" -o tsv) + az keyvault set-policy --name ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME} --object-id ${principalId} --secret-permissions get list + validate_status "grant identity permission to get/list secrets in key vault ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME}" + + local gatewayCertDataFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/gatewayCertData.txt + local gatewayCertPswFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/gatewayCertPsw.txt + + rm -f ${gatewayCertDataFileName} + rm -f ${gatewayCertPswFileName} + + # download cert data + az keyvault secret download --file ${gatewayCertDataFileName} \ + --name ${APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_DATA_SECRET_NAME} \ + --vault-name ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME} + validate_status "download secret ${APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_DATA_SECRET_NAME} from key vault ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME}" + # set cert data with values in download file + APPLICATION_GATEWAY_SSL_FRONTEND_CERT_DATA=$(cat ${gatewayCertDataFileName}) + # remove the data file + rm -f ${gatewayCertDataFileName} + + # download cert data + az keyvault secret download --file ${gatewayCertPswFileName} \ + --name ${APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_PASSWORD_SECRET_NAME} \ + --vault-name ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME} + validate_status "download secret ${APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_PASSWORD_SECRET_NAME} from key vault ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME}" + # set cert data with values in download file + APPLICATION_GATEWAY_SSL_FRONTEND_CERT_PASSWORD=$(cat ${gatewayCertPswFileName}) + # remove the data file + rm -f ${gatewayCertPswFileName} + + # reset key vault policy + az keyvault delete-policy --name ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME} --object-id ${principalId} + validate_status "delete identity permission to get/list secrets in key vault ${APPLICATION_GATEWAY_SSL_KEYVAULT_NAME}" +} + +function validate_gateway_frontend_certificates() { + if [[ "${appGatewayCertificateOption}" == "generateCert" ]]; then + return + fi + + if [[ "${appGatewayCertificateOption}" == "haveKeyVault" ]]; then + download_application_gateway_certificate_from_keyvault + fi + + local appgwFrontCertFileName=${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/gatewaycert.pfx + echo "$APPLICATION_GATEWAY_SSL_FRONTEND_CERT_DATA" | base64 -d >$appgwFrontCertFileName + + openssl pkcs12 \ + -in $appgwFrontCertFileName \ + -nocerts \ + -out ${AZ_SCRIPTS_PATH_OUTPUT_DIRECTORY}/cert.key \ + -passin pass:${APPLICATION_GATEWAY_SSL_FRONTEND_CERT_PASSWORD} \ + -passout pass:${APPLICATION_GATEWAY_SSL_FRONTEND_CERT_PASSWORD} + + validate_status "access application gateway frontend key." "Make sure the Application Gateway frontend certificate is correct." +} + +function validate_service_principal() { + spObject=$(echo "${BASE64_FOR_SERVICE_PRINCIPAL}" | base64 -d) + validate_status "decode the service principal base64 string." "Invalid service principal." + + local principalId=$(echo ${spObject} | jq '.clientId') + validate_status "get client id from the service principal." "Invalid service principal." + if [[ "${principalId}" == "null" ]] || [[ "${principalId}" == "" ]]; then + echo_stderr "the service principal is invalid." + exit 1 + fi + + echo_stdout "check if the service principal has Contributor or Owner role." + local roleLength=$(az role assignment list --assignee ${principalId} | + jq '.[] | [select(.roleDefinitionName=="Contributor" or .roleDefinitionName=="Owner")] | length') + if [ ${roleLength} -lt 1 ]; then + echo_stderr "You must grant the service principal with at least Contributor role." + fi + + echo_stdout "Check service principal: passed!" +} + +function validate_dns_zone() { + if [[ "${checkDNSZone,,}" == "true" ]]; then + az network dns zone show -n ${DNA_ZONE_NAME} -g ${DNA_ZONE_RESOURCEGROUP_NAME} + validate_status "check DNS Zone ${DNA_ZONE_NAME}" "Make sure the DNS Zone exists." + + echo_stdout "Check DNS Zone: passed!" + fi +} + +# main +location=$1 +createAKSCluster=$2 +aksAgentPoolVMSize=$3 +aksAgentPoolNodeCount=$4 +useOracleImage=$5 +wlsImageTag=$6 +userProvidedImagePath=$7 +enableCustomSSL=$8 +sslConfigurationAccessOption=$9 +appGatewayCertificateOption=${10} +enableAppGWIngress=${11} +checkDNSZone=${12} +checkACR=${13} + +ocrLoginServer="container-registry.oracle.com" +sslCertificateKeyVaultOption="keyVaultStoredConfig" +userManagedIdentityType="Microsoft.ManagedIdentity/userAssignedIdentities" + +validate_user_assigned_managed_identity + +validate_compute_resources + +validate_base_image_path + +validate_aks_network_plugin + +if [[ "${checkACR,,}" == "true" ]]; then + check_acr_admin_enabled +fi + +if [[ "${enableCustomSSL,,}" == "true" ]]; then + validate_wls_ssl_certificates +fi + +if [[ "${enableAppGWIngress,,}" == "true" ]]; then + validate_gateway_frontend_certificates + validate_service_principal +fi + +validate_dns_zone + + diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index d8c5c831f..ec23817c0 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -272,7 +272,7 @@ var name_identityKeyStorePswSecret = (sslConfigurationAccessOption == const_wlsS var name_keyVaultName = empty(const_keyvaultNameFromTag) ? '${take(concat('wls-kv', uniqueString(utcValue)), 24)}' : resourceGroup().tags.wlsKeyVault var name_privateKeyAliasSecret = (sslConfigurationAccessOption == const_wlsSSLCertOptionKeyVault) ? sslKeyVaultPrivateKeyAliasSecretName : 'privateKeyAlias' var name_privateKeyPswSecret = (sslConfigurationAccessOption == const_wlsSSLCertOptionKeyVault) ? sslKeyVaultPrivateKeyPassPhraseSecretName : 'privateKeyPsw' -var name_rgNameWithoutSpecialCharacter= replace(replace(replace(replace(resourceGroup().name, '.', ''), '(', ''), ')', ''), '_', '') // remove . () _ from resource group name +var name_rgNameWithoutSpecialCharacter = replace(replace(replace(replace(resourceGroup().name, '.', ''), '(', ''), ')', ''), '_', '') // remove . () _ from resource group name var name_rgKeyvaultForWLSSSL = (sslConfigurationAccessOption == const_wlsSSLCertOptionKeyVault) ? sslKeyVaultResourceGroup : resourceGroup().name var name_storageAccountName = const_hasStorageAccount ? reference('query-existing-storage-account').outputs.storageAccount.value : 'wls${uniqueString(utcValue)}' var name_tagNameForKeyVault = 'wlsKeyVault' @@ -290,7 +290,63 @@ module pids './modules/_pids/_pid.bicep' = { // Due to lack of preprocessor solution for the way we use bicep, must hard-code the pid here. // For test, replace the pid with testing one, and build the package. module partnerCenterPid './modules/_pids/_empty.bicep' = { - name: 'pid-cf7143e4-83ed-4b7e-ae86-1c5ecdd71bcb-partnercenter' + name: 'pid-a1775ed4-512c-4cfa-9e68-f0b09b36de90-partnercenter' +} + +module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep' = { + name: 'validate-parameters-and-fail-fast' + params: { + acrName: acrName + aksAgentPoolNodeCount: aksAgentPoolNodeCount + aksAgentPoolVMSize: aksAgentPoolVMSize + aksClusterRGName: aksClusterRGName + aksClusterName: aksClusterName + appGatewayCertificateOption: appGatewayCertificateOption + appGatewaySSLCertData: appGatewaySSLCertData + appGatewaySSLCertPassword: appGatewaySSLCertPassword + createACR: createACR + createAKSCluster: createAKSCluster + createDNSZone: createDNSZone + dnszoneName: dnszoneName + dnszoneRGName: dnszoneRGName + enableAppGWIngress: enableAppGWIngress + enableCustomSSL: enableCustomSSL + enableDNSConfiguration: enableDNSConfiguration + keyVaultName: keyVaultName + keyVaultResourceGroup: keyVaultResourceGroup + keyVaultSSLCertDataSecretName: keyVaultSSLCertDataSecretName + keyVaultSSLCertPasswordSecretName: keyVaultSSLCertPasswordSecretName + identity: identity + ocrSSOPSW: ocrSSOPSW + ocrSSOUser: ocrSSOUser + servicePrincipal: servicePrincipal + sslConfigurationAccessOption: sslConfigurationAccessOption + sslKeyVaultCustomIdentityKeyStoreDataSecretName: sslKeyVaultCustomIdentityKeyStoreDataSecretName + sslKeyVaultCustomIdentityKeyStorePassPhraseSecretName: sslKeyVaultCustomIdentityKeyStorePassPhraseSecretName + sslKeyVaultCustomIdentityKeyStoreType: sslKeyVaultCustomIdentityKeyStoreType + sslKeyVaultCustomTrustKeyStoreDataSecretName: sslKeyVaultCustomTrustKeyStoreDataSecretName + sslKeyVaultCustomTrustKeyStorePassPhraseSecretName: sslKeyVaultCustomTrustKeyStorePassPhraseSecretName + sslKeyVaultCustomTrustKeyStoreType: sslKeyVaultCustomTrustKeyStoreType + sslKeyVaultName: sslKeyVaultName + sslKeyVaultPrivateKeyAliasSecretName: sslKeyVaultPrivateKeyAliasSecretName + sslKeyVaultPrivateKeyPassPhraseSecretName: sslKeyVaultPrivateKeyPassPhraseSecretName + sslKeyVaultResourceGroup: sslKeyVaultResourceGroup + sslUploadedCustomIdentityKeyStoreData: sslUploadedCustomIdentityKeyStoreData + sslUploadedCustomIdentityKeyStorePassphrase: sslUploadedCustomIdentityKeyStorePassphrase + sslUploadedCustomIdentityKeyStoreType: sslUploadedCustomIdentityKeyStoreType + sslUploadedCustomTrustKeyStoreData: sslUploadedCustomTrustKeyStoreData + sslUploadedCustomTrustKeyStorePassPhrase: sslUploadedCustomTrustKeyStorePassPhrase + sslUploadedCustomTrustKeyStoreType: sslUploadedCustomTrustKeyStoreType + sslUploadedPrivateKeyAlias: sslUploadedPrivateKeyAlias + sslUploadedPrivateKeyPassPhrase: sslUploadedPrivateKeyPassPhrase + userProvidedAcr: userProvidedAcr + userProvidedImagePath: userProvidedImagePath + useOracleImage: useOracleImage + wlsImageTag: wlsImageTag + } + dependsOn: [ + pids + ] } module wlsSSLCertSecretsDeployment 'modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep' = if (enableCustomSSL && sslConfigurationAccessOption != const_wlsSSLCertOptionKeyVault) { @@ -580,4 +636,3 @@ output clusterExternalUrl string = const_enableNetworking ? networkingDeployment output clusterExternalSecuredUrl string = const_enableNetworking ? networkingDeployment.outputs.clusterExternalSecuredUrl : '' output clusterT3InternalUrl string = ref_wlsDomainDeployment.outputs.clusterT3InternalUrl.value output clusterT3ExternalUrl string = enableAdminT3Tunneling && const_enableNetworking ? format('{0}://{1}', enableCustomSSL ? 't3s' : 't3', networkingDeployment.outputs.clusterT3ChannelUrl) : '' - diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep new file mode 100644 index 000000000..a84b2ee36 --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep @@ -0,0 +1,209 @@ +// Copyright (c) 2021, Oracle Corporation and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +param acrName string +param aksAgentPoolNodeCount int +param aksAgentPoolVMSize string +param aksClusterRGName string +param aksClusterName string +param appGatewayCertificateOption string +param appGatewaySSLCertData string +@secure() +param appGatewaySSLCertPassword string +param createACR bool +param createAKSCluster bool +param createDNSZone bool +param dnszoneName string +param dnszoneRGName string +param enableAppGWIngress bool +param enableCustomSSL bool +param enableDNSConfiguration bool +param keyVaultName string +param keyVaultResourceGroup string +param keyVaultSSLCertDataSecretName string +param keyVaultSSLCertPasswordSecretName string +param identity object +@secure() +param ocrSSOPSW string +param ocrSSOUser string +@secure() +param servicePrincipal string +param sslConfigurationAccessOption string +param sslKeyVaultCustomIdentityKeyStoreDataSecretName string +param sslKeyVaultCustomIdentityKeyStorePassPhraseSecretName string +param sslKeyVaultCustomIdentityKeyStoreType string +param sslKeyVaultCustomTrustKeyStoreDataSecretName string +param sslKeyVaultCustomTrustKeyStorePassPhraseSecretName string +param sslKeyVaultCustomTrustKeyStoreType string +param sslKeyVaultName string +param sslKeyVaultPrivateKeyAliasSecretName string +param sslKeyVaultPrivateKeyPassPhraseSecretName string +param sslKeyVaultResourceGroup string +param sslUploadedCustomIdentityKeyStoreData string +@secure() +param sslUploadedCustomIdentityKeyStorePassphrase string +param sslUploadedCustomIdentityKeyStoreType string +param sslUploadedCustomTrustKeyStoreData string +@secure() +param sslUploadedCustomTrustKeyStorePassPhrase string +param sslUploadedCustomTrustKeyStoreType string +param sslUploadedPrivateKeyAlias string +@secure() +param sslUploadedPrivateKeyPassPhrase string +param userProvidedAcr string +param userProvidedImagePath string +param useOracleImage bool +param utcValue string = utcNow() +param wlsImageTag string + +var const_acrName= useOracleImage ? acrName: userProvidedAcr +var const_arguments = '${resourceGroup().location} ${createAKSCluster} ${aksAgentPoolVMSize} ${aksAgentPoolNodeCount} ${useOracleImage} ${wlsImageTag} ${userProvidedImagePath} ${enableCustomSSL} ${sslConfigurationAccessOption} ${appGatewayCertificateOption} ${enableAppGWIngress} ${const_checkDNSZone} ${const_checkACRAdminEnabled}' +var const_azcliVersion = '2.15.0' +var const_checkDNSZone = enableDNSConfiguration && !createDNSZone +var const_checkACRAdminEnabled= useOracleImage || !createACR +var const_deploymentName = 'ds-validate-parameters-and-fail-fast' + +resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: const_deploymentName + location: resourceGroup().location + kind: 'AzureCLI' + identity: identity + properties: { + azCliVersion: const_azcliVersion + arguments: const_arguments + environmentVariables: [ + { + name: 'ORACLE_ACCOUNT_NAME' + value: ocrSSOUser + } + { + name: 'ORACLE_ACCOUNT_PASSWORD' + secureValue: ocrSSOPSW + } + { + name: 'ACR_NAME' + value: const_acrName + } + { + name: 'AKS_CLUSTER_NAME' + value: aksClusterName + } + { + name: 'AKS_CLUSTER_RESOURCEGROUP_NAME' + value: aksClusterRGName + } + { + name: 'BASE64_FOR_SERVICE_PRINCIPAL' + secureValue: servicePrincipal + } + { + name: 'WLS_SSL_KEYVAULT_NAME' + value: sslKeyVaultName + } + { + name: 'WLS_SSL_KEYVAULT_RESOURCEGROUP_NAME' + value: sslKeyVaultResourceGroup + } + { + name: 'WLS_SSL_KEYVAULT_IDENTITY_DATA_SECRET_NAME' + value: sslKeyVaultCustomIdentityKeyStoreDataSecretName + } + { + name: 'WLS_SSL_KEYVAULT_IDENTITY_PASSWORD_SECRET_NAME' + value: sslKeyVaultCustomIdentityKeyStorePassPhraseSecretName + } + { + name: 'WLS_SSL_KEYVAULT_IDENTITY_TYPE' + value: sslKeyVaultCustomIdentityKeyStoreType + } + { + name: 'WLS_SSL_KEYVAULT_TRUST_DATA_SECRET_NAME' + value: sslKeyVaultCustomTrustKeyStoreDataSecretName + } + { + name: 'WLS_SSL_KEYVAULT_TRUST_PASSWORD_SECRET_NAME' + value: sslKeyVaultCustomTrustKeyStorePassPhraseSecretName + } + { + name: 'WLS_SSL_KEYVAULT_TRUST_TYPE' + value: sslKeyVaultCustomTrustKeyStoreType + } + { + name: 'WLS_SSL_KEYVAULT_PRIVATE_KEY_ALIAS' + value: sslKeyVaultPrivateKeyAliasSecretName + } + { + name: 'WLS_SSL_KEYVAULT_PRIVATE_KEY_PASSWORD' + value: sslKeyVaultPrivateKeyPassPhraseSecretName + } + { + name: 'WLS_SSL_IDENTITY_DATA' + secureValue: sslUploadedCustomIdentityKeyStoreData + } + { + name: 'WLS_SSL_IDENTITY_PASSWORD' + secureValue: sslUploadedCustomIdentityKeyStorePassphrase + } + { + name: 'WLS_SSL_IDENTITY_TYPE' + value: sslUploadedCustomIdentityKeyStoreType + } + { + name: 'WLS_SSL_TRUST_DATA' + secureValue: sslUploadedCustomTrustKeyStoreData + } + { + name: 'WLS_SSL_TRUST_PASSWORD' + secureValue: sslUploadedCustomTrustKeyStorePassPhrase + } + { + name: 'WLS_SSL_TRUST_TYPE' + value: sslUploadedCustomTrustKeyStoreType + } + { + name: 'WLS_SSL_PRIVATE_KEY_ALIAS' + secureValue: sslUploadedPrivateKeyAlias + } + { + name: 'WLS_SSL_PRIVATE_KEY_PASSWORD' + secureValue: sslUploadedPrivateKeyPassPhrase + } + { + name: 'APPLICATION_GATEWAY_SSL_KEYVAULT_NAME' + value: keyVaultName + } + { + name: 'APPLICATION_GATEWAY_SSL_KEYVAULT_RESOURCEGROUP' + value: keyVaultResourceGroup + } + { + name: 'APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_DATA_SECRET_NAME' + value: keyVaultSSLCertDataSecretName + } + { + name: 'APPLICATION_GATEWAY_SSL_KEYVAULT_FRONTEND_CERT_PASSWORD_SECRET_NAME' + value: keyVaultSSLCertPasswordSecretName + } + { + name: 'APPLICATION_GATEWAY_SSL_FRONTEND_CERT_DATA' + value: appGatewaySSLCertData + } + { + name: 'APPLICATION_GATEWAY_SSL_FRONTEND_CERT_PASSWORD' + value: appGatewaySSLCertPassword + } + { + name: 'DNA_ZONE_NAME' + value: dnszoneName + } + { + name: 'DNA_ZONE_RESOURCEGROUP_NAME' + value: dnszoneRGName + } + ] + scriptContent: loadTextContent('../../../arm/scripts/inline-scripts/validateParameters.sh') + cleanupPreference: 'OnSuccess' + retentionInterval: 'P1D' + forceUpdateTag: utcValue + } +} From 843c22688faeac1a587578936e7cbace70937aae Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 12 Oct 2021 13:18:53 +0800 Subject: [PATCH 013/720] On branch main: remove certificate validation in domain script, they have been checked in step "validate inputs and fail fast" Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh --- .../src/main/arm/scripts/setupWLSDomain.sh | 29 +------------------ 1 file changed, 1 insertion(+), 28 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh index 1da9fd3f5..f8b2ede38 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh @@ -410,34 +410,7 @@ function create_source_folder_for_certificates() { } function validate_ssl_keystores() { - #validate if identity keystore has entry - ${JAVA_HOME}/bin/keytool -list -v \ - -keystore ${mntPath}/$wlsIdentityKeyStoreFileName \ - -storepass $wlsIdentityPsw \ - -storetype $wlsIdentityType | - grep 'Entry type:' | - grep 'PrivateKeyEntry' - - validate_status "Validate Identity Keystore." - #validate if trust keystore has entry - ${JAVA_HOME}/bin/keytool -list -v \ - -keystore ${mntPath}/${wlsTrustKeyStoreFileName} \ - -storepass $wlsTrustPsw \ - -storetype $wlsTrustType | - grep 'Entry type:' | - grep 'trustedCertEntry' - - validate_status "Validate Trust Keystore." - - #validate if trust keystore has entry - ${JAVA_HOME}/bin/keytool -list -v \ - -keystore ${mntPath}/${wlsTrustKeyStoreFileName} \ - -storepass $wlsTrustPsw \ - -storetype jks | - grep 'Entry type:' | - grep 'trustedCertEntry' - ${JAVA_HOME}/bin/keytool -list -v \ -keystore ${mntPath}/${wlsTrustKeyStoreJKSFileName} \ -storepass $wlsTrustPsw \ @@ -445,7 +418,7 @@ function validate_ssl_keystores() { grep 'Entry type:' | grep 'trustedCertEntry' - validate_status "Validate Trust Keystore." + validate_status "validate Trust Keystore." echo "Validate SSL key stores successfull !!" } From fea0dc7ff6e885a7437cb2af67716140a3691e14 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 12 Oct 2021 14:17:54 +0800 Subject: [PATCH 014/720] On main branch: update the image with the same user and group from base image Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh --- .../main/arm/scripts/buildWLSDockerImage.sh | 27 +++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh index 4454e62b2..fa561e43e 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh @@ -222,6 +222,30 @@ function build_wls_image() { # Zip wls model and applications zip -r ${scriptDir}/model-images/archive.zip wlsdeploy + # inspect user/group of the base image + local imageInfo=$(./imagetool/bin/imagetool.sh inspect --image ${wlsImagePath}) + # { + # "os" : { + # "id" : "ol", + # "name" : "Oracle Linux Server", + # "version" : "7.9" + # }, + # "javaHome" : "/u01/jdk", + # "javaVersion" : "1.8.0_271", + # "oracleHome" : "/u01/oracle", + # "oracleHomeGroup" : "oracle", + # "oracleHomeUser" : "oracle", + # "oracleInstalledProducts" : "WLS,COH,TOPLINK", + # "packageManager" : "YUM", + # "wlsVersion" : "12.2.1.4.0" + # } + echo ${imageInfo} + local user=${imageInfo#*oracleHomeUser} + local user=$(echo ${user%%\,*} | tr -d "\"\:\ ") + local group=${imageInfo#*oracleHomeGroup} + local group=$(echo ${group%%\,*} | tr -d "\"\:\ ") + echo "use ${user}:${group} to update the image" + # Build image echo "Start building WLS image." ./imagetool/bin/imagetool.sh update \ @@ -232,8 +256,7 @@ function build_wls_image() { --wdtArchive ${scriptDir}/model-images/archive.zip \ --wdtModelOnly \ --wdtDomainType WLS \ - --chown oracle:root - # --additionalBuildCommands ${scriptDir}/nodemanager.dockerfile + --chown ${user}:${group} validate_status "Check status of building WLS domain image." From e3f0210671e767e9a32701c3f98a12e0fa4ad0e5 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 12 Oct 2021 14:25:18 +0800 Subject: [PATCH 015/720] On branch main: increse pom version Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index cf84d403c..a316e7359 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -11,7 +11,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.19 + 1.0.20 com.microsoft.azure.iaas From 9c707e7ffb056c6ecaadc0da23b63a83e9983b18 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 12 Oct 2021 14:45:11 +0800 Subject: [PATCH 016/720] On branch main: fix deployment order, pids -> validate inputs -> deploy domain Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep --- weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index ec23817c0..0545a0ed3 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -368,7 +368,7 @@ module wlsSSLCertSecretsDeployment 'modules/_azure-resoruces/_keyvault/_keyvault wlsTrustKeyStorePassPhraseSecretName: name_trustKeyStorePswSecret } dependsOn: [ - pids + validateInputs ] } @@ -448,7 +448,7 @@ module wlsDomainDeployment 'modules/setupWebLogicCluster.bicep' = if (!enableCus wlsUserName: wlsUserName } dependsOn: [ - pids + validateInputs queryStorageAccount ] } From 2d69db975dea03818b8ad9d57ae7855d3d1fa377 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Mon, 11 Oct 2021 14:56:52 +0800 Subject: [PATCH 017/720] init pipelines for wls on aks Signed-off-by: Zheng Chang --- .github/workflows/setupDBandStorage.yml | 111 +++++++++++++++ .github/workflows/setupWlsAks.yml | 163 ++++++++++++++++++++++ .github/workflows/updateCargoTracker.yml | 169 +++++++++++++++++++++++ 3 files changed, 443 insertions(+) create mode 100644 .github/workflows/setupDBandStorage.yml create mode 100644 .github/workflows/setupWlsAks.yml create mode 100644 .github/workflows/updateCargoTracker.yml diff --git a/.github/workflows/setupDBandStorage.yml b/.github/workflows/setupDBandStorage.yml new file mode 100644 index 000000000..b97e1fb1e --- /dev/null +++ b/.github/workflows/setupDBandStorage.yml @@ -0,0 +1,111 @@ +name: Setup DB and Storage Account + +on: + workflow_dispatch: + repository_dispatch: + +env: + refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 + azCliVersion: 2.23.0 + azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} + location: eastus + resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} + resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} + dbName: wlsdb${{ github.run_id }}${{ github.run_number }} + dbAdminUser: weblogic + dbPassword: ${{ secrets.DB_PASSWORD }} + storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} + storageContainerName: wlsdcon${{ github.run_id }}${{ github.run_number }} + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + deploy-db: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForDB }} + az group create --verbose --name ${{ env.resourceGroupForDB }} --location ${{ env.location }} + - name: Set Up Azure Postgresql to Test dbTemplate + id: setup-postgresql + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "Deploy DB with name " ${{ env.dbName }} + az postgres server create \ + --resource-group ${{ env.resourceGroupForDB }} \ + --name ${{ env.dbName }} \ + --location ${{ env.location }} \ + --admin-user ${{ env.dbAdminUser }} \ + --ssl-enforcement Enabled \ + --public-network-access Enabled \ + --admin-password ${{ env.dbPassword }} \ + --sku-name B_Gen5_1 + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDB }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + deploy-storage-account: + needs: preflight + runs-on: ubuntu-latest + steps: + - name: Checkout zhengchang907/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: zhengchang907/cargotracker-azure + path: cargotracker + - name: Maven build web app + run: | + mvn clean install -PweblogicOnAks --file cargotracker/pom.xml + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForStorageAccount }} + az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location ${{ env.location }} + - name: Create Storage Account + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage account create --name ${{ env.storageAccountName }} \ + --resource-group ${{ env.resourceGroupForStorageAccount }} \ + --location ${{ env.location }} \ + --sku Standard_LRS \ + --kind StorageV2 + - name: Create Storage Container + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage container create -n ${{ env.storageContainerName }} --public-access container --account-name ${{ env.storageAccountName }} + - name: Upload built web app war file + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage blob upload --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war + \ No newline at end of file diff --git a/.github/workflows/setupWlsAks.yml b/.github/workflows/setupWlsAks.yml new file mode 100644 index 000000000..39ece721b --- /dev/null +++ b/.github/workflows/setupWlsAks.yml @@ -0,0 +1,163 @@ +name: Setup WLS on AKS + +on: + workflow_dispatch: + inputs: + disambiguationSuffix: + description: 'Included in names to disambiguate. Get from another pipeline execution' + required: true + storageAccountName: + description: 'Specify storage account of uploading .war file' + required: true + storageContainerName: + description: 'Specify name of storage container within account' + required: true + dbName: + description: 'Name of the database. Get from another pipeline run' + required: true + repository_dispatch: + +env: + refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 + azCliVersion: 2.23.0 + azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} + location: eastus + resourceGroupForWlsAks: wlsd-aks-${{ github.event.inputs.disambiguationSuffix }}-${{ github.run_number }} + dbAdminUser: weblogic + dbPassword: ${{ secrets.DB_PASSWORD }} + dbName: ${{ github.event.inputs.dbName }} + servicePrincipal: ${{ secrets.SERVICE_PRINCIPAL }} + ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} + ocrSSOUser: ${{ secrets.ORC_SSOUSER }} + wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} + wlsUserName: ${{ secrets.WLS_USERNAME }} + wlsPassword: ${{ secrets.WLS_PSW }} + userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} + aksRepoUserName: oracle + aksRepoBranchName: d1d50ccfc33bbda2420d77b8aed7dc341480ccdf + aksClusterConfigMapName: wlsd-wdt-config-map-${{ github.event.inputs.disambiguationSuffix }} + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Set up bicep + run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --version + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Build and test weblogic-azure/weblogic-azure-aks + run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" + - name: Archive weblogic-azure/weblogic-azure-aks template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + + deploy-wls-on-aks: + needs: preflight + runs-on: ubuntu-latest + steps: + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Query web app blob url and set to env + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ github.event.inputs.storageAccountName }} --container-name ${{ github.event.inputs.storageContainerName }} --name cargo-tracker.war -o tsv) + polishedUrl=$(echo ${cargoTrackerBlobUrl} | sed 's,/,\\\/,g') + echo "cargoTrackerBlobUrl=${polishedUrl}" >> $GITHUB_ENV + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForWlsAks }} + az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} + - name: Checkout zhengchang907/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: zhengchang907/cargotracker-azure + path: cargotracker + - name: Prepare parameter file + run: | + echo "replace placeholders using real parameter" + sed -i "s/#location#/${location}/g; \ + s/#wlsUserName#/${wlsUserName}/g; \ + s/#wlsPassword#/${wlsPassword}/g; \ + s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ + s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ + s/#ocrSSOUser#/${ocrSSOUser}/g; \ + s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ + s/#servicePrincipal#/${servicePrincipal}/g; \ + s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ + s/#testbranchName#/${aksRepoBranchName}/g; \ + s/#gitUserName#/${aksRepoUserName}/g; \ + s/#dbPassword#/${dbPassword}/g; \ + s/#dbUser#/${dbAdminUser}@${dbName}/g; \ + s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ + cargotracker/src/test/aks/parameters.json + - name: Deploy WebLogic Server Cluster Domain offer + id: deploy-wls-cluster + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az deployment group create \ + --verbose \ + --resource-group ${{ env.resourceGroupForWlsAks }} \ + --name wls-on-aks \ + --parameters @cargotracker/src/test/aks/parameters.json \ + --template-file ${artifactName}/mainTemplate.json \ No newline at end of file diff --git a/.github/workflows/updateCargoTracker.yml b/.github/workflows/updateCargoTracker.yml new file mode 100644 index 000000000..b6a373bb5 --- /dev/null +++ b/.github/workflows/updateCargoTracker.yml @@ -0,0 +1,169 @@ +name: Update Cargo Tracker + +on: + workflow_dispatch: + inputs: + wlsImagePath: + description: 'Specify weblogic image path' + required: true + default: 'container-registry.oracle.com/middleware/weblogic:14.1.1.0-11' + resourceGroupForWlsAks: + description: 'Specify resource group of aks cluster' + required: true + default: 'wlsd-aks-1052320694-65' + storageAccountName: + description: 'Specify storage account of uploading .war file' + required: true + default: 'wlsdsa105232069465' + storageContainerName: + description: 'Specify container of uploading .war file' + required: true + default: 'wlsdcon105232069465' + azureACRServer: + description: 'Specify ACR server of uploading image' + required: true + default: 'wlsaksacr7ozfx6l7kbssy.azurecr.io' + azureACRUserName: + description: 'Specify ACR server user name' + required: true + default: 'wlsaksacr7ozfx6l7kbssy' + wlsClusterSize: + description: 'Specify WLS on AKS cluster size' + required: true + default: '5' + wlsClusterNamespace: + description: 'Specify WLS on AKS cluster namespace' + required: true + default: 'sample-domain1-ns' + wlsCLusterDomainName: + description: 'Specify WLS on AKS cluster domain name' + required: true + default: 'sample-domain1' + repository_dispatch: + +env: + azCliVersion: 2.23.0 + azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} + location: eastus + ocrSSOUser: ${{ secrets.ORC_SSOUSER }} + ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} + azureACRPassword: ${{ secrets.AZURE_ACR_PASSWORD }} + imageTag: ${{ github.run_id }}${{ github.run_number }} + aksRepoUserName: oracle + aksRepoBranchName: d1d50ccfc33bbda2420d77b8aed7dc341480ccdf + +jobs: + deploy-cargo-tracker: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Install jq + run: | + sudo apt-get install jq -y + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Checkout zhengchang907/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: zhengchang907/cargotracker-azure + path: cargotracker + - name: Build the app + run: | + echo "build the Cargo Tracker web app" + mvn clean install -PweblogicOnAks --file cargotracker/pom.xml + - name: Query version string for deployment verification + run: | + PROPERTY_FILE="cargotracker/target/cargo-tracker/WEB-INF/classes/org/eclipse/cargotracker/messages.properties" + PROP_KEY=versionString + deployVersion=$(cat $PROPERTY_FILE | grep "$PROP_KEY" | cut -d '=' -f 2) + echo "deployVersion=${deployVersion}" >> $GITHUB_ENV + - name: Upload the app to storage account + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage blob upload --account-name ${{ github.event.inputs.storageAccountName }} --container-name ${{ github.event.inputs.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war + - name: Query web app blob url and set to env + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ github.event.inputs.storageAccountName }} --container-name ${{ github.event.inputs.storageContainerName }} --name cargo-tracker.war -o tsv) + echo "cargoTrackerBlobUrl=${cargoTrackerBlobUrl}" >> $GITHUB_ENV + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Build image and upload to ACR + run: | + chmod ugo+x -R weblogic-azure/ + cd weblogic-azure/weblogic-azure-aks/src/main/arm/scripts + echo ${{ env.azureACRPassword }} ${{ env.ocrSSOPSW }} | ./buildWLSDockerImage.sh ${{ github.event.inputs.wlsImagePath }} ${{ github.event.inputs.azureACRServer }} ${{ github.event.inputs.azureACRUserName }} ${{ env.imageTag }} ["${cargoTrackerBlobUrl}"] ${{ env.ocrSSOUser }} ${{ github.event.inputs.wlsClusterSize }} false + - name: Connect to AKS cluster + run: | + echo "connect to cluster" + aksClusterName=$(az resource list --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) + az aks get-credentials --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --name $aksClusterName + - name: Query current image in use + run: | + oldImageURL=$(kubectl get domain ${{ github.event.inputs.wlsCLusterDomainName }} -n ${{ github.event.inputs.wlsClusterNamespace }} -o json | jq -r '.spec.image') + echo "oldImageURL=${oldImageURL}" >> $GITHUB_ENV + - name: Update image path + run: | + acrImagePath="${{ github.event.inputs.azureACRServer }}/aks-wls-images:${{ env.imageTag }}" + restartVersion=$(kubectl -n ${{ github.event.inputs.wlsClusterNamespace }} get domain ${{ github.event.inputs.wlsCLusterDomainName }} '-o=jsonpath={.spec.restartVersion}') + # increase restart version + restartVersion=$((restartVersion + 1)) + kubectl -n ${{ github.event.inputs.wlsClusterNamespace }} patch domain ${{ github.event.inputs.wlsCLusterDomainName }} \ + --type=json \ + '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "replace", "path": "/spec/image", "value": "'${acrImagePath}'" }]' + echo "acrImagePath=${acrImagePath}" >> $GITHUB_ENV + - name: Verify all pods are updated with the latest image + run: | + echo "check if all pods are updated with the latest image" + chmod ugo+x -R cargotracker/ + attempt=0 + podVersionStatus="notAllUpdated" + while [[ $attempt -le 10 ]] && [[ $podVersionStatus = notAllUpdated ]] + do + sleep 2m + attempt=$((attempt + 1)) + podVersionStatus=$(./cargotracker/src/test/aks/checkPodsImage.sh ${{ github.event.inputs.wlsClusterNamespace }} ${{ env.acrImagePath }}) + echo "Pod image version status: ${podVersionStatus}" + done + - name: Query Application Gateway URL + run: | + appgatewayname=$(az resource list --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) + echo $appgatewayname + publicIpAddressId=$(az network application-gateway show --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) + echo $publicIpAddressId + appGatewayURL=$(az network public-ip show --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) + echo $appGatewayURL + echo "appGatewayURL=${appGatewayURL}" >> $GITHUB_ENV + - name: Verify that the app is update + run: | + # install dependencies + sudo apt-get install libegl1\ + libopus0\ + libwoff1\ + libharfbuzz-icu0\ + libgstreamer-plugins-base1.0-0\ + libgstreamer-gl1.0-0\ + libgstreamer-plugins-bad1.0-0\ + libopenjp2-7\ + libwebpdemux2\ + libenchant1c2a\ + libhyphen0\ + libgles2\ + gstreamer1.0-libav -y + appURL=http://${{ env.appGatewayURL }}/cargo-tracker/ + cd cargotracker/src/test/aks/playwright-ui-test + mvn clean install + mvn exec:java -e -Dexec.mainClass=com.microsoft.azure.javaee.FetchBuildVersion -Dexec.args="'${appURL}' '${{ env.deployVersion }}'" \ No newline at end of file From eafd6a3cd499b3a5dc644fd975c5d88edce556b6 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Tue, 12 Oct 2021 13:15:53 +0800 Subject: [PATCH 018/720] Modify pipeline to use local parameter file Signed-off-by: Zheng Chang --- .github/workflows/setupWlsAks.yml | 3 +- .github/workflows/updateCargoTracker.yml | 186 ++++++++++------- .../src/test/setupWlsAksParameters.json | 187 ++++++++++++++++++ .../src/test/updateAppParameters.json | 88 +++++++++ 4 files changed, 390 insertions(+), 74 deletions(-) create mode 100644 weblogic-azure-aks/src/test/setupWlsAksParameters.json create mode 100644 weblogic-azure-aks/src/test/updateAppParameters.json diff --git a/.github/workflows/setupWlsAks.yml b/.github/workflows/setupWlsAks.yml index 39ece721b..fd4e112db 100644 --- a/.github/workflows/setupWlsAks.yml +++ b/.github/workflows/setupWlsAks.yml @@ -34,8 +34,7 @@ env: wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} aksRepoUserName: oracle - aksRepoBranchName: d1d50ccfc33bbda2420d77b8aed7dc341480ccdf - aksClusterConfigMapName: wlsd-wdt-config-map-${{ github.event.inputs.disambiguationSuffix }} + aksRepoBranchName: main jobs: preflight: diff --git a/.github/workflows/updateCargoTracker.yml b/.github/workflows/updateCargoTracker.yml index b6a373bb5..5eea52e7e 100644 --- a/.github/workflows/updateCargoTracker.yml +++ b/.github/workflows/updateCargoTracker.yml @@ -3,59 +3,115 @@ name: Update Cargo Tracker on: workflow_dispatch: inputs: - wlsImagePath: - description: 'Specify weblogic image path' - required: true - default: 'container-registry.oracle.com/middleware/weblogic:14.1.1.0-11' - resourceGroupForWlsAks: + aksClusterRGName: description: 'Specify resource group of aks cluster' required: true - default: 'wlsd-aks-1052320694-65' + default: 'wlsd-aks-1327934454-4' + aksClusterName: + description: 'Specify aks cluster name' + required: true + default: 'wlsonaks0esltmxel6os24' + acrName: + description: 'Specify acr name' + required: true + default: 'wlsaksacresltmxel6os24' storageAccountName: description: 'Specify storage account of uploading .war file' required: true - default: 'wlsdsa105232069465' + default: 'wlsdsa13279344541' storageContainerName: description: 'Specify container of uploading .war file' required: true - default: 'wlsdcon105232069465' - azureACRServer: - description: 'Specify ACR server of uploading image' - required: true - default: 'wlsaksacr7ozfx6l7kbssy.azurecr.io' - azureACRUserName: - description: 'Specify ACR server user name' - required: true - default: 'wlsaksacr7ozfx6l7kbssy' - wlsClusterSize: - description: 'Specify WLS on AKS cluster size' - required: true - default: '5' - wlsClusterNamespace: - description: 'Specify WLS on AKS cluster namespace' - required: true - default: 'sample-domain1-ns' - wlsCLusterDomainName: - description: 'Specify WLS on AKS cluster domain name' - required: true - default: 'sample-domain1' + default: 'wlsdcon13279344541' repository_dispatch: env: + refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 azCliVersion: 2.23.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} location: eastus ocrSSOUser: ${{ secrets.ORC_SSOUSER }} ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} - azureACRPassword: ${{ secrets.AZURE_ACR_PASSWORD }} imageTag: ${{ github.run_id }}${{ github.run_number }} aksRepoUserName: oracle - aksRepoBranchName: d1d50ccfc33bbda2420d77b8aed7dc341480ccdf + aksRepoBranchName: main + wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} + userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} + wlsUserName: ${{ secrets.WLS_USERNAME }} + wlsPassword: ${{ secrets.WLS_PSW }} + acrName: ${{ github.event.inputs.acrName }} + aksClusterName: ${{ github.event.inputs.aksClusterName }} + aksClusterRGName: ${{ github.event.inputs.aksClusterRGName }} jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Set up bicep + run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --version + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Build and test weblogic-azure/weblogic-azure-aks + run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" + - name: Archive weblogic-azure/weblogic-azure-aks template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} deploy-cargo-tracker: + needs: preflight runs-on: ubuntu-latest steps: + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} - name: Set up JDK 1.8 uses: actions/setup-java@v1 with: @@ -95,49 +151,35 @@ jobs: inlineScript: | cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ github.event.inputs.storageAccountName }} --container-name ${{ github.event.inputs.storageContainerName }} --name cargo-tracker.war -o tsv) echo "cargoTrackerBlobUrl=${cargoTrackerBlobUrl}" >> $GITHUB_ENV - - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure - uses: actions/checkout@v2 - with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure - path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - - name: Build image and upload to ACR - run: | - chmod ugo+x -R weblogic-azure/ - cd weblogic-azure/weblogic-azure-aks/src/main/arm/scripts - echo ${{ env.azureACRPassword }} ${{ env.ocrSSOPSW }} | ./buildWLSDockerImage.sh ${{ github.event.inputs.wlsImagePath }} ${{ github.event.inputs.azureACRServer }} ${{ github.event.inputs.azureACRUserName }} ${{ env.imageTag }} ["${cargoTrackerBlobUrl}"] ${{ env.ocrSSOUser }} ${{ github.event.inputs.wlsClusterSize }} false - - name: Connect to AKS cluster - run: | - echo "connect to cluster" - aksClusterName=$(az resource list --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) - az aks get-credentials --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --name $aksClusterName - - name: Query current image in use + - name: Prepare parameter file run: | - oldImageURL=$(kubectl get domain ${{ github.event.inputs.wlsCLusterDomainName }} -n ${{ github.event.inputs.wlsClusterNamespace }} -o json | jq -r '.spec.image') - echo "oldImageURL=${oldImageURL}" >> $GITHUB_ENV - - name: Update image path - run: | - acrImagePath="${{ github.event.inputs.azureACRServer }}/aks-wls-images:${{ env.imageTag }}" - restartVersion=$(kubectl -n ${{ github.event.inputs.wlsClusterNamespace }} get domain ${{ github.event.inputs.wlsCLusterDomainName }} '-o=jsonpath={.spec.restartVersion}') - # increase restart version - restartVersion=$((restartVersion + 1)) - kubectl -n ${{ github.event.inputs.wlsClusterNamespace }} patch domain ${{ github.event.inputs.wlsCLusterDomainName }} \ - --type=json \ - '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "replace", "path": "/spec/image", "value": "'${acrImagePath}'" }]' - echo "acrImagePath=${acrImagePath}" >> $GITHUB_ENV - - name: Verify all pods are updated with the latest image - run: | - echo "check if all pods are updated with the latest image" - chmod ugo+x -R cargotracker/ - attempt=0 - podVersionStatus="notAllUpdated" - while [[ $attempt -le 10 ]] && [[ $podVersionStatus = notAllUpdated ]] - do - sleep 2m - attempt=$((attempt + 1)) - podVersionStatus=$(./cargotracker/src/test/aks/checkPodsImage.sh ${{ github.event.inputs.wlsClusterNamespace }} ${{ env.acrImagePath }}) - echo "Pod image version status: ${podVersionStatus}" - done + echo "replace placeholders using real parameter" + sed -i "s/#location#/${location}/g; \ + s/#wlsUserName#/${wlsUserName}/g; \ + s/#wlsPassword#/${wlsPassword}/g; \ + s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ + s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ + s/#ocrSSOUser#/${ocrSSOUser}/g; \ + s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ + s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ + s/#acrName#/${acrName}/g; \ + s/#aksClusterName#/${aksClusterName}/g; \ + s/#aksClusterRGName#/${aksClusterRGName}/g; \ + s/#testbranchName#/${aksRepoBranchName}/g; \ + s/#gitUserName#/${aksRepoUserName}/g \ + weblogic-azure/weblogic-azure-aks/src/test/updateAppParameters.json + - name: Deploy WebLogic Server Cluster Domain offer + id: deploy-wls-cluster + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az deployment group create \ + --verbose \ + --resource-group ${{ env.resourceGroupForWlsAks }} \ + --name wls-on-aks \ + --parameters @weblogic-azure/weblogic-azure-aks/src/test/updateAppParameters.json \ + --template-file ${artifactName}/mainTemplate.json - name: Query Application Gateway URL run: | appgatewayname=$(az resource list --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) diff --git a/weblogic-azure-aks/src/test/setupWlsAksParameters.json b/weblogic-azure-aks/src/test/setupWlsAksParameters.json new file mode 100644 index 000000000..bd087d3f0 --- /dev/null +++ b/weblogic-azure-aks/src/test/setupWlsAksParameters.json @@ -0,0 +1,187 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/" + }, + "aciResourcePermissions": { + "value": true + }, + "aciRetentionInDays": { + "value": 120 + }, + "aciWorkspaceSku": { + "value": "pergb2018" + }, + "acrName": { + "value": "acr-contoso" + }, + "aksAgentPoolName": { + "value": "agentpool" + }, + "aksAgentPoolNodeCount": { + "value": 2 + }, + "aksAgentPoolVMSize": { + "value": "Standard_DS2_v2" + }, + "aksClusterNamePrefix": { + "value": "wlsonaks" + }, + "aksClusterRGName": { + "value": "aks-contoso-rg" + }, + "aksClusterName": { + "value": "aks-contoso" + }, + "aksVersion": { + "value": "default" + }, + "appGatewayCertificateOption": { + "value": "generateCert" + }, + "appGatewayPublicIPAddressName": { + "value": "gwip" + }, + "appGatewaySSLCertData": { + "value": "appgw-ssl-data" + }, + "appgwForAdminServer": { + "value": true + }, + "appPackageUrls": { + "value": [ + "#appPackageUrls#" + ] + }, + "appReplicas": { + "value": 2 + }, + "createACR": { + "value": true + }, + "createAKSCluster": { + "value": true + }, + "createDNSZone": { + "value": true + }, + "databaseType": { + "value": "postgresql" + }, + "dbPassword": { + "value": "#dbPassword#" + }, + "dbUser": { + "value": "#dbUser#" + }, + "dnsNameforApplicationGateway": { + "value": "wlsgw" + }, + "dnszoneAdminConsoleLabel": { + "value": "admin" + }, + "dnszoneAppGatewayLabel": { + "value": "www" + }, + "dnszoneName": { + "value": "contoso.xyz" + }, + "dnszoneRGName": { + "value": "dns-contoso-rg" + }, + "dsConnectionURL": { + "value": "#dsConnectionURL#" + }, + "enableAppGWIngress": { + "value": true + }, + "enableAzureMonitoring": { + "value": false + }, + "enableAzureFileShare": { + "value": false + }, + "enableDB": { + "value": true + }, + "enableDNSConfiguration": { + "value": false + }, + "enableCookieBasedAffinity": { + "value": true + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "#userAssignedManagedIdentity#": {} + } + } + }, + "jdbcDataSourceName": { + "value": "jdbc/CargoTrackerDB" + }, + "keyVaultName": { + "value": "kv-contoso" + }, + "keyVaultResourceGroup": { + "value": "kv-contoso-rg" + }, + "keyVaultSku": { + "value": "Standard" + }, + "keyVaultSSLCertDataSecretName": { + "value": "kv-ssl-data" + }, + "keyVaultSSLCertPasswordSecretName": { + "value": "kv-ssl-psw" + }, + "location": { + "value": "#location#" + }, + "lbSvcValues": { + "value": [] + }, + "managedServerPrefix": { + "value": "managed-server" + }, + "ocrSSOPSW": { + "value": "#ocrSSOPSW#" + }, + "ocrSSOUser": { + "value": "#ocrSSOUser#" + }, + "servicePrincipal": { + "value": "#servicePrincipal#" + }, + "wdtRuntimePassword": { + "value": "#wdtRuntimePassword#" + }, + "wlsClusterSize": { + "value": 5 + }, + "wlsCPU": { + "value": "200m" + }, + "wlsDomainName": { + "value": "domain1" + }, + "wlsDomainUID": { + "value": "sample-domain1" + }, + "wlsImageTag": { + "value": "14.1.1.0-11" + }, + "wlsMemory": { + "value": "1.5Gi" + }, + "wlsPassword": { + "value": "#wlsPassword#" + }, + "wlsUserName": { + "value": "#wlsUserName#" + } + } +} \ No newline at end of file diff --git a/weblogic-azure-aks/src/test/updateAppParameters.json b/weblogic-azure-aks/src/test/updateAppParameters.json new file mode 100644 index 000000000..1888ced93 --- /dev/null +++ b/weblogic-azure-aks/src/test/updateAppParameters.json @@ -0,0 +1,88 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "value": "https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/" + }, + "acrName": { + "value": "#acrName#" + }, + "aksClusterName": { + "value": "#aksClusterName#" + }, + "aksClusterRGName": { + "value": "#aksClusterRGName#" + }, + "appPackageUrls": { + "value": [ + "#appPackageUrls#" + ] + }, + "appReplicas": { + "value": 2 + }, + "createACR": { + "value": false + }, + "createAKSCluster": { + "value": false + }, + "createDNSZone": { + "value": true + }, + "enableAppGWIngress": { + "value": false + }, + "enableAzureMonitoring": { + "value": false + }, + "enableAzureFileShare": { + "value": false + }, + "enableCookieBasedAffinity": { + "value": false + }, + "enableCustomSSL": { + "value": false + }, + "enableDB": { + "value": false + }, + "enableDNSConfiguration": { + "value": false + }, + "identity": { + "value": { + "type": "UserAssigned", + "userAssignedIdentities": { + "#userAssignedManagedIdentity#": {} + } + } + }, + "location": { + "value": "#location#" + }, + "ocrSSOPSW": { + "value": "#ocrSSOPSW#" + }, + "ocrSSOUser": { + "value": "#ocrSSOUser#" + }, + "useInternalLB": { + "value": false + }, + "wdtRuntimePassword": { + "value": "#wdtRuntimePassword#" + }, + "wlsImageTag": { + "value": "14.1.1.0-11" + }, + "wlsPassword": { + "value": "#wlsPassword#" + }, + "wlsUserName": { + "value": "#wlsUserName#" + } + } +} \ No newline at end of file From f5f270d25b31b4bdf1ba6c521616b4b8972458a3 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Wed, 13 Oct 2021 10:30:16 +0800 Subject: [PATCH 019/720] Update setupWlsAks with bug fix Signed-off-by: Zheng Chang --- .github/workflows/setupDBandStorage.yml | 111 ------ .github/workflows/setupWlsAks.yml | 162 -------- .github/workflows/testWlsAks.yml | 349 ++++++++++++++++++ .github/workflows/updateCargoTracker.yml | 211 ----------- .../main/arm/scripts/genDatasourceModel.sh | 2 +- .../src/test/setupWlsAksParameters.json | 106 +----- 6 files changed, 367 insertions(+), 574 deletions(-) delete mode 100644 .github/workflows/setupDBandStorage.yml delete mode 100644 .github/workflows/setupWlsAks.yml create mode 100644 .github/workflows/testWlsAks.yml delete mode 100644 .github/workflows/updateCargoTracker.yml diff --git a/.github/workflows/setupDBandStorage.yml b/.github/workflows/setupDBandStorage.yml deleted file mode 100644 index b97e1fb1e..000000000 --- a/.github/workflows/setupDBandStorage.yml +++ /dev/null @@ -1,111 +0,0 @@ -name: Setup DB and Storage Account - -on: - workflow_dispatch: - repository_dispatch: - -env: - refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 - azCliVersion: 2.23.0 - azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} - location: eastus - resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} - resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} - dbName: wlsdb${{ github.run_id }}${{ github.run_number }} - dbAdminUser: weblogic - dbPassword: ${{ secrets.DB_PASSWORD }} - storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} - storageContainerName: wlsdcon${{ github.run_id }}${{ github.run_number }} - -jobs: - preflight: - runs-on: ubuntu-latest - steps: - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - deploy-db: - needs: preflight - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ env.azureCredentials }} - - name: Create Resource Group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForDB }} - az group create --verbose --name ${{ env.resourceGroupForDB }} --location ${{ env.location }} - - name: Set Up Azure Postgresql to Test dbTemplate - id: setup-postgresql - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Deploy DB with name " ${{ env.dbName }} - az postgres server create \ - --resource-group ${{ env.resourceGroupForDB }} \ - --name ${{ env.dbName }} \ - --location ${{ env.location }} \ - --admin-user ${{ env.dbAdminUser }} \ - --ssl-enforcement Enabled \ - --public-network-access Enabled \ - --admin-password ${{ env.dbPassword }} \ - --sku-name B_Gen5_1 - echo "Allow Access To Azure Services" - az postgres server firewall-rule create \ - -g ${{ env.resourceGroupForDB }} \ - -s ${{ env.dbName }} \ - -n "AllowAllWindowsAzureIps" \ - --start-ip-address "0.0.0.0" \ - --end-ip-address "0.0.0.0" - deploy-storage-account: - needs: preflight - runs-on: ubuntu-latest - steps: - - name: Checkout zhengchang907/cargotracker-azure - uses: actions/checkout@v2 - with: - repository: zhengchang907/cargotracker-azure - path: cargotracker - - name: Maven build web app - run: | - mvn clean install -PweblogicOnAks --file cargotracker/pom.xml - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ env.azureCredentials }} - - name: Create Resource Group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForStorageAccount }} - az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location ${{ env.location }} - - name: Create Storage Account - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az storage account create --name ${{ env.storageAccountName }} \ - --resource-group ${{ env.resourceGroupForStorageAccount }} \ - --location ${{ env.location }} \ - --sku Standard_LRS \ - --kind StorageV2 - - name: Create Storage Container - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az storage container create -n ${{ env.storageContainerName }} --public-access container --account-name ${{ env.storageAccountName }} - - name: Upload built web app war file - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az storage blob upload --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war - \ No newline at end of file diff --git a/.github/workflows/setupWlsAks.yml b/.github/workflows/setupWlsAks.yml deleted file mode 100644 index fd4e112db..000000000 --- a/.github/workflows/setupWlsAks.yml +++ /dev/null @@ -1,162 +0,0 @@ -name: Setup WLS on AKS - -on: - workflow_dispatch: - inputs: - disambiguationSuffix: - description: 'Included in names to disambiguate. Get from another pipeline execution' - required: true - storageAccountName: - description: 'Specify storage account of uploading .war file' - required: true - storageContainerName: - description: 'Specify name of storage container within account' - required: true - dbName: - description: 'Name of the database. Get from another pipeline run' - required: true - repository_dispatch: - -env: - refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 - azCliVersion: 2.23.0 - azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} - location: eastus - resourceGroupForWlsAks: wlsd-aks-${{ github.event.inputs.disambiguationSuffix }}-${{ github.run_number }} - dbAdminUser: weblogic - dbPassword: ${{ secrets.DB_PASSWORD }} - dbName: ${{ github.event.inputs.dbName }} - servicePrincipal: ${{ secrets.SERVICE_PRINCIPAL }} - ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} - ocrSSOUser: ${{ secrets.ORC_SSOUSER }} - wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} - wlsUserName: ${{ secrets.WLS_USERNAME }} - wlsPassword: ${{ secrets.WLS_PSW }} - userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoUserName: oracle - aksRepoBranchName: main - -jobs: - preflight: - runs-on: ubuntu-latest - steps: - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Set up bicep - run: | - curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 - chmod +x ./bicep - sudo mv ./bicep /usr/local/bin/bicep - bicep --version - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure - uses: actions/checkout@v2 - with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure - path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) - artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly - unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}" - echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" - - name: Archive weblogic-azure/weblogic-azure-aks template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} - - deploy-wls-on-aks: - needs: preflight - runs-on: ubuntu-latest - steps: - - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure - uses: actions/checkout@v2 - with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure - path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml - id: version - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) - echo "version=${version}" >> $GITHUB_ENV - - name: Output artifact name for Download action - id: artifact_file - run: | - artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly - echo "artifactName=${artifactName}" >> $GITHUB_ENV - echo "##[set-output name=artifactName;]${artifactName}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file.outputs.artifactName}} - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ env.azureCredentials }} - - name: Query web app blob url and set to env - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ github.event.inputs.storageAccountName }} --container-name ${{ github.event.inputs.storageContainerName }} --name cargo-tracker.war -o tsv) - polishedUrl=$(echo ${cargoTrackerBlobUrl} | sed 's,/,\\\/,g') - echo "cargoTrackerBlobUrl=${polishedUrl}" >> $GITHUB_ENV - - name: Create Resource Group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForWlsAks }} - az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} - - name: Checkout zhengchang907/cargotracker-azure - uses: actions/checkout@v2 - with: - repository: zhengchang907/cargotracker-azure - path: cargotracker - - name: Prepare parameter file - run: | - echo "replace placeholders using real parameter" - sed -i "s/#location#/${location}/g; \ - s/#wlsUserName#/${wlsUserName}/g; \ - s/#wlsPassword#/${wlsPassword}/g; \ - s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ - s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ - s/#ocrSSOUser#/${ocrSSOUser}/g; \ - s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ - s/#servicePrincipal#/${servicePrincipal}/g; \ - s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ - s/#testbranchName#/${aksRepoBranchName}/g; \ - s/#gitUserName#/${aksRepoUserName}/g; \ - s/#dbPassword#/${dbPassword}/g; \ - s/#dbUser#/${dbAdminUser}@${dbName}/g; \ - s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ - cargotracker/src/test/aks/parameters.json - - name: Deploy WebLogic Server Cluster Domain offer - id: deploy-wls-cluster - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az deployment group create \ - --verbose \ - --resource-group ${{ env.resourceGroupForWlsAks }} \ - --name wls-on-aks \ - --parameters @cargotracker/src/test/aks/parameters.json \ - --template-file ${artifactName}/mainTemplate.json \ No newline at end of file diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml new file mode 100644 index 000000000..7289bcd68 --- /dev/null +++ b/.github/workflows/testWlsAks.yml @@ -0,0 +1,349 @@ +name: Test WLS on AKS + +on: + workflow_dispatch: + inputs: + isForDemo: + description: 'If set to true, JMS configuration for Cargo Tracker will be applied, and resources will not be deleted' + required: true + default: 'false' + repository_dispatch: + +env: + refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 + azCliVersion: 2.23.0 + azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} + location: eastus + resourceGroupForWlsAks: wlsd-aks-${{ github.run_id }}-${{ github.run_number }} + dbAdminUser: weblogic + dbPassword: ${{ secrets.DB_PASSWORD }} + dbName: wlsdb${{ github.run_id }}${{ github.run_number }} + servicePrincipal: ${{ secrets.SERVICE_PRINCIPAL }} + ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} + ocrSSOUser: ${{ secrets.ORC_SSOUSER }} + wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} + wlsUserName: ${{ secrets.WLS_USERNAME }} + wlsPassword: ${{ secrets.WLS_PSW }} + userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} + aksRepoUserName: zhengchang907 + aksRepoBranchName: pipelineforwlsaks + resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} + resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} + storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} + storageContainerName: wlsdcon${{ github.run_id }}${{ github.run_number }} + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Set up bicep + run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --version + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Build and test weblogic-azure/weblogic-azure-aks + run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" + - name: Archive weblogic-azure/weblogic-azure-aks template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + deploy-db: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForDB }} + az group create --verbose --name ${{ env.resourceGroupForDB }} --location ${{ env.location }} + - name: Set Up Azure Postgresql to Test dbTemplate + id: setup-postgresql + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "Deploy DB with name " ${{ env.dbName }} + az postgres server create \ + --resource-group ${{ env.resourceGroupForDB }} \ + --name ${{ env.dbName }} \ + --location ${{ env.location }} \ + --admin-user ${{ env.dbAdminUser }} \ + --ssl-enforcement Enabled \ + --public-network-access Enabled \ + --admin-password ${{ env.dbPassword }} \ + --sku-name B_Gen5_1 + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDB }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + deploy-storage-account: + needs: preflight + runs-on: ubuntu-latest + steps: + - name: Checkout zhengchang907/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: zhengchang907/cargotracker-azure + path: cargotracker + - name: Maven build web app + run: | + mvn clean install -PweblogicOnAks --file cargotracker/pom.xml + - name: Query version string for deployment verification + run: | + PROPERTY_FILE="cargotracker/target/cargo-tracker/WEB-INF/classes/org/eclipse/cargotracker/messages.properties" + PROP_KEY=versionString + deployVersion=$(cat $PROPERTY_FILE | grep "$PROP_KEY" | cut -d '=' -f 2) + echo "deployVersion=${deployVersion}" >> $GITHUB_ENV + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForStorageAccount }} + az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location ${{ env.location }} + - name: Create Storage Account + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage account create --name ${{ env.storageAccountName }} \ + --resource-group ${{ env.resourceGroupForStorageAccount }} \ + --location ${{ env.location }} \ + --sku Standard_LRS \ + --kind StorageV2 + - name: Create Storage Container + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage container create -n ${{ env.storageContainerName }} --public-access container --account-name ${{ env.storageAccountName }} + - name: Upload built web app war file + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage blob upload --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war + deploy-wls-on-aks: + needs: [deploy-storage-account, deploy-db] + runs-on: ubuntu-latest + steps: + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Query web app blob url and set to env + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --name cargo-tracker.war -o tsv) + polishedUrl=$(echo ${cargoTrackerBlobUrl} | sed 's,/,\\\/,g') + echo "cargoTrackerBlobUrl=${polishedUrl}" >> $GITHUB_ENV + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForWlsAks }} + az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} + - name: Checkout zhengchang907/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: zhengchang907/cargotracker-azure + path: cargotracker + - name: Prepare parameter file + run: | + echo "replace placeholders using real parameter" + sed -i "s/#location#/${location}/g; \ + s/#wlsUserName#/${wlsUserName}/g; \ + s/#wlsPassword#/${wlsPassword}/g; \ + s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ + s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ + s/#ocrSSOUser#/${ocrSSOUser}/g; \ + s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ + s/#servicePrincipal#/${servicePrincipal}/g; \ + s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ + s/#testbranchName#/${aksRepoBranchName}/g; \ + s/#gitUserName#/${aksRepoUserName}/g; \ + s/#dbPassword#/${dbPassword}/g; \ + s/#dbUser#/${dbAdminUser}@${dbName}/g; \ + s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ + weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json + - name: Deploy WebLogic Server Cluster Domain offer + id: deploy-wls-cluster + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az deployment group create \ + --verbose \ + --resource-group ${{ env.resourceGroupForWlsAks }} \ + --name wls-on-aks \ + --parameters @weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json \ + --template-file ${artifactName}/mainTemplate.json + - name: Query Application Gateway URL + run: | + appgatewayname=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) + echo $appgatewayname + publicIpAddressId=$(az network application-gateway show --resource-group ${{ env.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) + echo $publicIpAddressId + appGatewayURL=$(az network public-ip show --resource-group ${{ env.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) + echo $appGatewayURL + echo "appGatewayURL=${appGatewayURL}" >> $GITHUB_ENV + - name: Verify Cargo Tracker is deployed as expected + run: | + echo "Verifying Cargo Tracker is deployed as expected" + curl --verbose http://${{ env.appGatewayURL }}/cargo-tracker/ + response=$(curl --write-out '%{http_code}' --silent --output /dev/null http://${{ env.appGatewayURL }}/cargo-tracker/) + echo "$response" + if [ "$response" -ne 200 ]; then + echo "Cargo Tracker is not accessible" + exit 1 + else + echo "Cargo Tracker is accessible" + fi + - name: Install kubectl + if: ${{ github.event.inputs.isForDemo == 'true' }} + run: | + curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" + sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl + kubectl version --client + - name: Connect to AKS cluster + if: ${{ github.event.inputs.isForDemo == 'true' }} + run: | + echo "connect to cluster" + aksClusterName=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) + az aks get-credentials --resource-group ${{ env.resourceGroupForWlsAks }} --name $aksClusterName + - name: Generate&Apply configmap + if: ${{ github.event.inputs.isForDemo == 'true' }} + run: | + wlsConfigmapName=sample-domain1-wdt-config-map + wlsConfigmapJson=cargo-tracker-db.json + modelFilePath=models + mkdir ${modelFilePath} + echo "create configmap" + echo "export exisiting configmap" + kubectl -n sample-domain1-ns get configmap ${wlsConfigmapName} -o json >${wlsConfigmapJson} + + echo "query model keys" + keyList=$(cat ${wlsConfigmapJson} | jq '.data | keys[]' | tr -d "\"") + for item in $keyList; do + data=$(cat ${wlsConfigmapJson} | jq ".data[\"${item}\"]") + data=$(echo "${data:1:${#data}-2}") + echo -e "${data}" >${modelFilePath}/${item} + done + + # remove current configmap and create a new one + kubectl -n sample-domain1-ns delete configmap ${wlsConfigmapName} + + cp cargotracker/src/test/aks/cargo-tracker-jms.yaml ${modelFilePath}/cargo-tracker-jms.yaml + + kubectl -n sample-domain1-ns create configmap ${wlsConfigmapName} \ + --from-file=${modelFilePath} + + kubectl -n sample-domain1-ns label configmap ${wlsConfigmapName} \ + weblogic.domainUID=sample-domain1 + restartVersion=$(kubectl -n sample-domain1-ns get domain sample-domain1 '-o=jsonpath={.spec.restartVersion}') + # increase restart version + restartVersion=$((restartVersion + 1)) + echo "append configmap and update restart version" + kubectl -n sample-domain1-ns patch domain sample-domain1 \ + --type=json \ + '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' + cleanup: + needs: deploy-wls-on-aks + if: ${{ github.event.inputs.isForDemo == 'false' }} + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Delete Storage Account Resource Group + id: delete-sa-resource-group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "delete... " ${{ env.resourceGroupForStorageAccount }} + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForStorageAccount }} + - name: Delete DB Resource Group + id: delete-db-resource-group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "delete... " ${{ env.resourceGroupForDB }} + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDB }} + - name: Delete AKS Resource Group + id: delete-aks-resource-group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "delete... " ${{ env.resourceGroupForWlsAks }} + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForWlsAks }} \ No newline at end of file diff --git a/.github/workflows/updateCargoTracker.yml b/.github/workflows/updateCargoTracker.yml deleted file mode 100644 index 5eea52e7e..000000000 --- a/.github/workflows/updateCargoTracker.yml +++ /dev/null @@ -1,211 +0,0 @@ -name: Update Cargo Tracker - -on: - workflow_dispatch: - inputs: - aksClusterRGName: - description: 'Specify resource group of aks cluster' - required: true - default: 'wlsd-aks-1327934454-4' - aksClusterName: - description: 'Specify aks cluster name' - required: true - default: 'wlsonaks0esltmxel6os24' - acrName: - description: 'Specify acr name' - required: true - default: 'wlsaksacresltmxel6os24' - storageAccountName: - description: 'Specify storage account of uploading .war file' - required: true - default: 'wlsdsa13279344541' - storageContainerName: - description: 'Specify container of uploading .war file' - required: true - default: 'wlsdcon13279344541' - repository_dispatch: - -env: - refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 - azCliVersion: 2.23.0 - azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} - location: eastus - ocrSSOUser: ${{ secrets.ORC_SSOUSER }} - ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} - imageTag: ${{ github.run_id }}${{ github.run_number }} - aksRepoUserName: oracle - aksRepoBranchName: main - wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} - userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - wlsUserName: ${{ secrets.WLS_USERNAME }} - wlsPassword: ${{ secrets.WLS_PSW }} - acrName: ${{ github.event.inputs.acrName }} - aksClusterName: ${{ github.event.inputs.aksClusterName }} - aksClusterRGName: ${{ github.event.inputs.aksClusterRGName }} - -jobs: - preflight: - runs-on: ubuntu-latest - steps: - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Set up bicep - run: | - curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 - chmod +x ./bicep - sudo mv ./bicep /usr/local/bin/bicep - bicep --version - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure - uses: actions/checkout@v2 - with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure - path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) - artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly - unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}" - echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" - - name: Archive weblogic-azure/weblogic-azure-aks template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} - deploy-cargo-tracker: - needs: preflight - runs-on: ubuntu-latest - steps: - - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure - uses: actions/checkout@v2 - with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure - path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml - id: version - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) - echo "version=${version}" >> $GITHUB_ENV - - name: Output artifact name for Download action - id: artifact_file - run: | - artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly - echo "artifactName=${artifactName}" >> $GITHUB_ENV - echo "##[set-output name=artifactName;]${artifactName}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file.outputs.artifactName}} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Install jq - run: | - sudo apt-get install jq -y - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ env.azureCredentials }} - - name: Checkout zhengchang907/cargotracker-azure - uses: actions/checkout@v2 - with: - repository: zhengchang907/cargotracker-azure - path: cargotracker - - name: Build the app - run: | - echo "build the Cargo Tracker web app" - mvn clean install -PweblogicOnAks --file cargotracker/pom.xml - - name: Query version string for deployment verification - run: | - PROPERTY_FILE="cargotracker/target/cargo-tracker/WEB-INF/classes/org/eclipse/cargotracker/messages.properties" - PROP_KEY=versionString - deployVersion=$(cat $PROPERTY_FILE | grep "$PROP_KEY" | cut -d '=' -f 2) - echo "deployVersion=${deployVersion}" >> $GITHUB_ENV - - name: Upload the app to storage account - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az storage blob upload --account-name ${{ github.event.inputs.storageAccountName }} --container-name ${{ github.event.inputs.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war - - name: Query web app blob url and set to env - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ github.event.inputs.storageAccountName }} --container-name ${{ github.event.inputs.storageContainerName }} --name cargo-tracker.war -o tsv) - echo "cargoTrackerBlobUrl=${cargoTrackerBlobUrl}" >> $GITHUB_ENV - - name: Prepare parameter file - run: | - echo "replace placeholders using real parameter" - sed -i "s/#location#/${location}/g; \ - s/#wlsUserName#/${wlsUserName}/g; \ - s/#wlsPassword#/${wlsPassword}/g; \ - s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ - s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ - s/#ocrSSOUser#/${ocrSSOUser}/g; \ - s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ - s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ - s/#acrName#/${acrName}/g; \ - s/#aksClusterName#/${aksClusterName}/g; \ - s/#aksClusterRGName#/${aksClusterRGName}/g; \ - s/#testbranchName#/${aksRepoBranchName}/g; \ - s/#gitUserName#/${aksRepoUserName}/g \ - weblogic-azure/weblogic-azure-aks/src/test/updateAppParameters.json - - name: Deploy WebLogic Server Cluster Domain offer - id: deploy-wls-cluster - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az deployment group create \ - --verbose \ - --resource-group ${{ env.resourceGroupForWlsAks }} \ - --name wls-on-aks \ - --parameters @weblogic-azure/weblogic-azure-aks/src/test/updateAppParameters.json \ - --template-file ${artifactName}/mainTemplate.json - - name: Query Application Gateway URL - run: | - appgatewayname=$(az resource list --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) - echo $appgatewayname - publicIpAddressId=$(az network application-gateway show --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) - echo $publicIpAddressId - appGatewayURL=$(az network public-ip show --resource-group ${{ github.event.inputs.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) - echo $appGatewayURL - echo "appGatewayURL=${appGatewayURL}" >> $GITHUB_ENV - - name: Verify that the app is update - run: | - # install dependencies - sudo apt-get install libegl1\ - libopus0\ - libwoff1\ - libharfbuzz-icu0\ - libgstreamer-plugins-base1.0-0\ - libgstreamer-gl1.0-0\ - libgstreamer-plugins-bad1.0-0\ - libopenjp2-7\ - libwebpdemux2\ - libenchant1c2a\ - libhyphen0\ - libgles2\ - gstreamer1.0-libav -y - appURL=http://${{ env.appGatewayURL }}/cargo-tracker/ - cd cargotracker/src/test/aks/playwright-ui-test - mvn clean install - mvn exec:java -e -Dexec.mainClass=com.microsoft.azure.javaee.FetchBuildVersion -Dexec.args="'${appURL}' '${{ env.deployVersion }}'" \ No newline at end of file diff --git a/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh b/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh index 19c9543e7..e6035ce03 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh @@ -25,7 +25,7 @@ resources: JNDIName: [ ${jndiName} ] - GlobalTransactionsProtocol: TwoPhaseCommit + GlobalTransactionsProtocol: EmulateTwoPhaseCommit JDBCDriverParams: DriverName: ${driver} URL: '@@SECRET:${secretName}:url@@' diff --git a/weblogic-azure-aks/src/test/setupWlsAksParameters.json b/weblogic-azure-aks/src/test/setupWlsAksParameters.json index bd087d3f0..0334d1eef 100644 --- a/weblogic-azure-aks/src/test/setupWlsAksParameters.json +++ b/weblogic-azure-aks/src/test/setupWlsAksParameters.json @@ -5,51 +5,21 @@ "_artifactsLocation": { "value": "https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/" }, - "aciResourcePermissions": { - "value": true - }, - "aciRetentionInDays": { - "value": 120 - }, - "aciWorkspaceSku": { - "value": "pergb2018" - }, - "acrName": { - "value": "acr-contoso" - }, - "aksAgentPoolName": { - "value": "agentpool" - }, "aksAgentPoolNodeCount": { "value": 2 }, "aksAgentPoolVMSize": { "value": "Standard_DS2_v2" }, - "aksClusterNamePrefix": { - "value": "wlsonaks" - }, - "aksClusterRGName": { - "value": "aks-contoso-rg" - }, - "aksClusterName": { - "value": "aks-contoso" - }, - "aksVersion": { - "value": "default" - }, "appGatewayCertificateOption": { "value": "generateCert" }, - "appGatewayPublicIPAddressName": { - "value": "gwip" - }, - "appGatewaySSLCertData": { - "value": "appgw-ssl-data" - }, "appgwForAdminServer": { "value": true }, + "appgwForRemoteConsole": { + "value": true + }, "appPackageUrls": { "value": [ "#appPackageUrls#" @@ -67,29 +37,14 @@ "createDNSZone": { "value": true }, - "databaseType": { - "value": "postgresql" - }, "dbPassword": { "value": "#dbPassword#" }, "dbUser": { "value": "#dbUser#" }, - "dnsNameforApplicationGateway": { - "value": "wlsgw" - }, - "dnszoneAdminConsoleLabel": { - "value": "admin" - }, - "dnszoneAppGatewayLabel": { - "value": "www" - }, - "dnszoneName": { - "value": "contoso.xyz" - }, - "dnszoneRGName": { - "value": "dns-contoso-rg" + "databaseType": { + "value": "postgresql" }, "dsConnectionURL": { "value": "#dsConnectionURL#" @@ -103,15 +58,18 @@ "enableAzureFileShare": { "value": false }, - "enableDB": { + "enableCookieBasedAffinity": { "value": true }, - "enableDNSConfiguration": { + "enableCustomSSL": { "value": false }, - "enableCookieBasedAffinity": { + "enableDB": { "value": true }, + "enableDNSConfiguration": { + "value": false + }, "identity": { "value": { "type": "UserAssigned", @@ -123,30 +81,9 @@ "jdbcDataSourceName": { "value": "jdbc/CargoTrackerDB" }, - "keyVaultName": { - "value": "kv-contoso" - }, - "keyVaultResourceGroup": { - "value": "kv-contoso-rg" - }, - "keyVaultSku": { - "value": "Standard" - }, - "keyVaultSSLCertDataSecretName": { - "value": "kv-ssl-data" - }, - "keyVaultSSLCertPasswordSecretName": { - "value": "kv-ssl-psw" - }, "location": { "value": "#location#" }, - "lbSvcValues": { - "value": [] - }, - "managedServerPrefix": { - "value": "managed-server" - }, "ocrSSOPSW": { "value": "#ocrSSOPSW#" }, @@ -156,27 +93,18 @@ "servicePrincipal": { "value": "#servicePrincipal#" }, - "wdtRuntimePassword": { - "value": "#wdtRuntimePassword#" - }, - "wlsClusterSize": { - "value": 5 - }, - "wlsCPU": { - "value": "200m" + "useInternalLB": { + "value": false }, - "wlsDomainName": { - "value": "domain1" + "useOracleImage": { + "value": true }, - "wlsDomainUID": { - "value": "sample-domain1" + "wdtRuntimePassword": { + "value": "#wdtRuntimePassword#" }, "wlsImageTag": { "value": "14.1.1.0-11" }, - "wlsMemory": { - "value": "1.5Gi" - }, "wlsPassword": { "value": "#wlsPassword#" }, From 412c577cf7ada88c8e5e04f5d5200e69369046b5 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Thu, 14 Oct 2021 15:12:34 +0800 Subject: [PATCH 020/720] Add secret setup and teardown scripts Signed-off-by: Zheng Chang --- .github/workflows/setupForWlsAks.sh | 207 ++++++++++++++++++ .github/workflows/teardownForWlsAks.sh | 107 +++++++++ .github/workflows/testWlsAks.yml | 12 +- .../src/test/updateAppParameters.json | 88 -------- 4 files changed, 320 insertions(+), 94 deletions(-) create mode 100644 .github/workflows/setupForWlsAks.sh create mode 100644 .github/workflows/teardownForWlsAks.sh delete mode 100644 weblogic-azure-aks/src/test/updateAppParameters.json diff --git a/.github/workflows/setupForWlsAks.sh b/.github/workflows/setupForWlsAks.sh new file mode 100644 index 000000000..93f4ac1c3 --- /dev/null +++ b/.github/workflows/setupForWlsAks.sh @@ -0,0 +1,207 @@ +#!/usr/bin/env bash +################################################ +# This script is invoked by a human who: +# - has done az login. +# - can create repository secrets in the github repo from which this file was cloned. +# - has the gh client >= 2.0.0 installed. +# +# This script initializes the repo from which this file is was cloned +# with the necessary secrets to run the workflows. +# +# Script design taken from https://github.com/microsoft/NubesGen. +# +################################################ + +################################################ +# Set environment variables - the main variables you might want to configure. +# +AKS_REPO_USER_NAME=oracle +DB_PASSWORD="Secret123!" +# Three letters to disambiguate names. Leave blank to use ejb. +DISAMBIG_PREFIX= +# The location of the resource group. For example `eastus`. Leave blank to use your default location. +LOCATION= +ORC_SSOPSW= +ORC_SSOUSER= +OWNER_REPONAME= +SLEEP_VALUE=30s +WDT_RUNTIMEPSW=Secret123456 +WLS_PSW=${WDT_RUNTIMEPSW} +WLS_USERNAME=weblogic + +# End set environment variables +################################################ + + +set -Eeuo pipefail +trap cleanup SIGINT SIGTERM ERR EXIT + +cleanup() { + trap - SIGINT SIGTERM ERR EXIT + # script cleanup here +} + +setup_colors() { + if [[ -t 2 ]] && [[ -z "${NO_COLOR-}" ]] && [[ "${TERM-}" != "dumb" ]]; then + NOFORMAT='\033[0m' RED='\033[0;31m' GREEN='\033[0;32m' ORANGE='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' YELLOW='\033[1;33m' + else + NOFORMAT='' RED='' GREEN='' ORANGE='' BLUE='' PURPLE='' CYAN='' YELLOW='' + fi +} + +msg() { + echo >&2 -e "${1-}" +} + +setup_colors + +# get DISAMBIG_PREFIX if not set at the beginning of this file +if [ "$DISAMBIG_PREFIX" == '' ] ; then + DISAMBIG_PREFIX=ejb +fi + +# get ORC_SSOUSER if not set at the beginning of this file +if [ "$ORC_SSOUSER" == '' ] ; then + read -r -p "Enter Oracle single sign-on userid: " ORC_SSOUSER +fi + +# get ORC_SSOPSW if not set at the beginning of this file +if [ "$ORC_SSOPSW" == '' ] ; then + read -s -r -p "Enter password for preceding Oracle single sign-on userid: " ORC_SSOPSW +fi + +# get OWNER_REPONAME if not set at the beginning of this file +if [ "$OWNER_REPONAME" == '' ] ; then + read -r -p "Enter owner/reponame (blank for upsteam of current fork): " OWNER_REPONAME +fi + +if [ -z "${OWNER_REPONAME}" ] ; then + GH_FLAGS="" +else + GH_FLAGS="--repo ${OWNER_REPONAME}" +fi + +DISAMBIG_PREFIX=${DISAMBIG_PREFIX}`date +%m%d` +SERVICE_PRINCIPAL_NAME=${DISAMBIG_PREFIX}sp +USER_ASSIGNED_MANAGED_IDENTITY_NAME=${DISAMBIG_PREFIX}u + +# get default location if not set at the beginning of this file +if [ "$LOCATION" == '' ] ; then + { + az config get defaults.location --only-show-errors > /dev/null 2>&1 + LOCATION_DEFAULTS_SETUP=$? + } || { + LOCATION_DEFAULTS_SETUP=0 + } + # if no default location is set, fallback to "eastus" + if [ "$LOCATION_DEFAULTS_SETUP" -eq 1 ]; then + LOCATION=eastus + else + LOCATION=$(az config get defaults.location --only-show-errors | jq -r .value) + fi +fi + +# Check AZ CLI status +msg "${GREEN}(1/6) Checking Azure CLI status...${NOFORMAT}" +{ + az > /dev/null +} || { + msg "${RED}Azure CLI is not installed." + msg "${GREEN}Go to https://aka.ms/nubesgen-install-az-cli to install Azure CLI." + exit 1; +} +{ + az account show > /dev/null +} || { + msg "${RED}You are not authenticated with Azure CLI." + msg "${GREEN}Run \"az login\" to authenticate." + exit 1; +} + +msg "${YELLOW}Azure CLI is installed and configured!" + +# Check GitHub CLI status +msg "${GREEN}(2/6) Checking GitHub CLI status...${NOFORMAT}" +USE_GITHUB_CLI=false +{ + gh auth status && USE_GITHUB_CLI=true && msg "${YELLOW}GitHub CLI is installed and configured!" +} || { + msg "${YELLOW}Cannot use the GitHub CLI. ${GREEN}No worries! ${YELLOW}We'll set up the GitHub secrets manually." + USE_GITHUB_CLI=false +} + +# Execute commands +msg "${GREEN}(3/6) Create service principal and Azure credentials ${SERVICE_PRINCIPAL_NAME}" +SUBSCRIPTION_ID=$(az account show --query id --output tsv --only-show-errors) + +### AZ ACTION CREATE + +SERVICE_PRINCIPAL=$(az ad sp create-for-rbac --name ${SERVICE_PRINCIPAL_NAME} --role="Contributor" --scopes="/subscriptions/${SUBSCRIPTION_ID}" --sdk-auth --only-show-errors | base64 -w0) +AZURE_CREDENTIALS=$(echo $SERVICE_PRINCIPAL | base64 -d) + +### AZ ACTION CREATE + +msg "${GREEN}(4/6) Create User assigned managed identity ${USER_ASSIGNED_MANAGED_IDENTITY_NAME}" +az group create --name ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} --location ${LOCATION} +az identity create --name ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} --location ${LOCATION} --resource-group ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} --subscription ${SUBSCRIPTION_ID} +USER_ASSIGNED_MANAGED_IDENTITY_ID_NOT_ESCAPED=$(az identity show --name ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} --resource-group ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} --query id) + +### AZ ACTION MUTATE + +msg "${GREEN}(5/6) Grant Contributor role in subscription scope to ${USER_ASSIGNED_MANAGED_IDENTITY_NAME}. Sleeping for ${SLEEP_VALUE} first." +sleep ${SLEEP_VALUE} +ASSIGNEE_OBJECT_ID=$(az identity show --name ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} --resource-group ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} --query principalId) +# strip quotes +ASSIGNEE_OBJECT_ID=${ASSIGNEE_OBJECT_ID//\"/} +az role assignment create --role Contributor --assignee-principal-type ServicePrincipal --assignee-object-id ${ASSIGNEE_OBJECT_ID} --subscription ${SUBSCRIPTION_ID} --scope /subscriptions/${SUBSCRIPTION_ID} + +# https://stackoverflow.com/questions/13210880/replace-one-substring-for-another-string-in-shell-script +USER_ASSIGNED_MANAGED_IDENTITY_ID=${USER_ASSIGNED_MANAGED_IDENTITY_ID_NOT_ESCAPED//\//\\/} + +msg "${GREEN}(6/6) Create secrets in GitHub" +if $USE_GITHUB_CLI; then + { + msg "${GREEN}Using the GitHub CLI to set secrets.${NOFORMAT}" + gh ${GH_FLAGS} secret set AKS_REPO_USER_NAME -b"${AKS_REPO_USER_NAME}" + gh ${GH_FLAGS} secret set AZURE_CREDENTIALS -b"${AZURE_CREDENTIALS}" + gh ${GH_FLAGS} secret set DB_PASSWORD -b"${DB_PASSWORD}" + gh ${GH_FLAGS} secret set ORC_SSOPSW -b"${ORC_SSOPSW}" + gh ${GH_FLAGS} secret set ORC_SSOUSER -b"${ORC_SSOUSER}" + gh ${GH_FLAGS} secret set SERVICE_PRINCIPAL -b"${SERVICE_PRINCIPAL}" + gh ${GH_FLAGS} secret set USER_ASSIGNED_MANAGED_IDENTITY_ID -b"${USER_ASSIGNED_MANAGED_IDENTITY_ID}" + gh ${GH_FLAGS} secret set WDT_RUNTIMEPSW -b"${WDT_RUNTIMEPSW}" + gh ${GH_FLAGS} secret set WLS_PSW -b"${WLS_PSW}" + gh ${GH_FLAGS} secret set WLS_USERNAME -b"${WLS_USERNAME}" + } || { + USE_GITHUB_CLI=false + } +fi +if [ $USE_GITHUB_CLI == false ]; then + msg "${NOFORMAT}======================MANUAL SETUP======================================" + msg "${GREEN}Using your Web browser to set up secrets..." + msg "${NOFORMAT}Go to the GitHub repository you want to configure." + msg "${NOFORMAT}In the \"settings\", go to the \"secrets\" tab and the following secrets:" + msg "(in ${YELLOW}yellow the secret name and${NOFORMAT} in ${GREEN}green the secret value)" + msg "${YELLOW}\"AKS_REPO_USER_NAME\"" + msg "${GREEN}${AKS_REPO_USER_NAME}" + msg "${YELLOW}\"AZURE_CREDENTIALS\"" + msg "${GREEN}${AZURE_CREDENTIALS}" + msg "${YELLOW}\"DB_PASSWORD\"" + msg "${GREEN}${DB_PASSWORD}" + msg "${YELLOW}\"ORC_SSOPSW\"" + msg "${GREEN}${ORC_SSOPSW}" + msg "${YELLOW}\"ORC_SSOUSER\"" + msg "${GREEN}${ORC_SSOUSER}" + msg "${YELLOW}\"SERVICE_PRINCIPAL\"" + msg "${GREEN}${SERVICE_PRINCIPAL}" + msg "${YELLOW}\"USER_ASSIGNED_MANAGED_IDENTITY_ID\"" + msg "${GREEN}${USER_ASSIGNED_MANAGED_IDENTITY_ID}" + msg "${YELLOW}\"WDT_RUNTIMEPSW\"" + msg "${GREEN}${WDT_RUNTIMEPSW}" + msg "${YELLOW}\"WLS_PSW\"" + msg "${GREEN}${WLS_PSW}" + msg "${YELLOW}\"WLS_USERNAME\"" + msg "${GREEN}${WLS_USERNAME}" + msg "${NOFORMAT}========================================================================" +fi +msg "${GREEN}Secrets configured" diff --git a/.github/workflows/teardownForWlsAks.sh b/.github/workflows/teardownForWlsAks.sh new file mode 100644 index 000000000..80c8a24ad --- /dev/null +++ b/.github/workflows/teardownForWlsAks.sh @@ -0,0 +1,107 @@ +#!/usr/bin/env bash +################################################ +# This script is invoked by a human who: +# - has invoked the setupForWlsAks.sh script +# +# This script removes the secrets and deletes the azure resources created in +# setupForWlsAks.sh. +# +# Script design taken from https://github.com/microsoft/NubesGen. +# +################################################ + + +set -Eeuo pipefail +trap cleanup SIGINT SIGTERM ERR EXIT + +cleanup() { + trap - SIGINT SIGTERM ERR EXIT + # script cleanup here +} + +setup_colors() { + if [[ -t 2 ]] && [[ -z "${NO_COLOR-}" ]] && [[ "${TERM-}" != "dumb" ]]; then + NOFORMAT='\033[0m' RED='\033[0;31m' GREEN='\033[0;32m' ORANGE='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' YELLOW='\033[1;33m' + else + NOFORMAT='' RED='' GREEN='' ORANGE='' BLUE='' PURPLE='' CYAN='' YELLOW='' + fi +} + +msg() { + echo >&2 -e "${1-}" +} + +setup_colors + +read -r -p "Enter disambiguation prefix: " DISAMBIG_PREFIX +read -r -p "Enter owner/reponame (blank for upsteam of current fork): " OWNER_REPONAME + +if [ -z "${OWNER_REPONAME}" ] ; then + GH_FLAGS="" +else + GH_FLAGS="--repo ${OWNER_REPONAME}" +fi + +SERVICE_PRINCIPAL_NAME=${DISAMBIG_PREFIX}sp +USER_ASSIGNED_MANAGED_IDENTITY_NAME=${DISAMBIG_PREFIX}u + +# Execute commands +msg "${GREEN}(1/4) Delete service principal ${SERVICE_PRINCIPAL_NAME}" +SUBSCRIPTION_ID=$(az account show --query id --output tsv --only-show-errors) +SP_OBJECT_ID_ARRAY=$(az ad sp list --display-name ${SERVICE_PRINCIPAL_NAME} --query "[].objectId") || true +# remove whitespace +SP_OBJECT_ID_ARRAY=$(echo ${SP_OBJECT_ID_ARRAY} | xargs) || true +SP_OBJECT_ID_ARRAY=${SP_OBJECT_ID_ARRAY//[/} +SP_OBJECT_ID=${SP_OBJECT_ID_ARRAY//]/} +az ad sp delete --id ${SP_OBJECT_ID} || true + +msg "${GREEN}(2/4) Delete User assigned managed identity ${USER_ASSIGNED_MANAGED_IDENTITY_NAME}" +az group delete --yes --no-wait --name ${USER_ASSIGNED_MANAGED_IDENTITY_NAME} > /dev/null 2>&1 || true + +# Check GitHub CLI status +msg "${GREEN}(3/4) Checking GitHub CLI status...${NOFORMAT}" +USE_GITHUB_CLI=false +{ + gh auth status && USE_GITHUB_CLI=true && msg "${YELLOW}GitHub CLI is installed and configured!" +} || { + msg "${YELLOW}Cannot use the GitHub CLI. ${GREEN}No worries! ${YELLOW}We'll set up the GitHub secrets manually." + USE_GITHUB_CLI=false +} + +msg "${GREEN}(4/4) Removing secrets...${NOFORMAT}" +if $USE_GITHUB_CLI; then + { + msg "${GREEN}Using the GitHub CLI to remove secrets.${NOFORMAT}" + gh ${GH_FLAGS} secret remove AKS_REPO_USER_NAME + gh ${GH_FLAGS} secret remove AZURE_CREDENTIALS + gh ${GH_FLAGS} secret remove DB_PASSWORD + gh ${GH_FLAGS} secret remove ORC_SSOPSW + gh ${GH_FLAGS} secret remove ORC_SSOUSER + gh ${GH_FLAGS} secret remove SERVICE_PRINCIPAL + gh ${GH_FLAGS} secret remove USER_ASSIGNED_MANAGED_IDENTITY_ID + gh ${GH_FLAGS} secret remove WDT_RUNTIMEPSW + gh ${GH_FLAGS} secret remove WLS_PSW + gh ${GH_FLAGS} secret remove WLS_USERNAME + } || { + USE_GITHUB_CLI=false + } +fi +if [ $USE_GITHUB_CLI == false ]; then + msg "${NOFORMAT}======================MANUAL REMOVAL======================================" + msg "${GREEN}Using your Web browser to remove secrets..." + msg "${NOFORMAT}Go to the GitHub repository you want to configure." + msg "${NOFORMAT}In the \"settings\", go to the \"secrets\" tab and remove the following secrets:" + msg "(in ${YELLOW}yellow the secret name)" + msg "${YELLOW}\"AKS_REPO_USER_NAME\"" + msg "${YELLOW}\"AZURE_CREDENTIALS\"" + msg "${YELLOW}\"DB_PASSWORD\"" + msg "${YELLOW}\"ORC_SSOPSW\"" + msg "${YELLOW}\"ORC_SSOUSER\"" + msg "${YELLOW}\"SERVICE_PRINCIPAL\"" + msg "${YELLOW}\"USER_ASSIGNED_MANAGED_IDENTITY_ID\"" + msg "${YELLOW}\"WDT_RUNTIMEPSW\"" + msg "${YELLOW}\"WLS_PSW\"" + msg "${YELLOW}\"WLS_USERNAME\"" + msg "${NOFORMAT}========================================================================" +fi +msg "${GREEN}Secrets removed" diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index 7289bcd68..294264837 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -25,8 +25,8 @@ env: wlsUserName: ${{ secrets.WLS_USERNAME }} wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoUserName: zhengchang907 - aksRepoBranchName: pipelineforwlsaks + aksRepoUserName: oracle + aksRepoBranchName: main resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} @@ -118,10 +118,10 @@ jobs: needs: preflight runs-on: ubuntu-latest steps: - - name: Checkout zhengchang907/cargotracker-azure + - name: Checkout Azure-Samples/cargotracker-azure uses: actions/checkout@v2 with: - repository: zhengchang907/cargotracker-azure + repository: Azure-Samples/cargotracker-azure path: cargotracker - name: Maven build web app run: | @@ -209,10 +209,10 @@ jobs: inlineScript: | echo "create resource group" ${{ env.resourceGroupForWlsAks }} az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} - - name: Checkout zhengchang907/cargotracker-azure + - name: Checkout Azure-Samples/cargotracker-azure uses: actions/checkout@v2 with: - repository: zhengchang907/cargotracker-azure + repository: Azure-Samples/cargotracker-azure path: cargotracker - name: Prepare parameter file run: | diff --git a/weblogic-azure-aks/src/test/updateAppParameters.json b/weblogic-azure-aks/src/test/updateAppParameters.json deleted file mode 100644 index 1888ced93..000000000 --- a/weblogic-azure-aks/src/test/updateAppParameters.json +++ /dev/null @@ -1,88 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/" - }, - "acrName": { - "value": "#acrName#" - }, - "aksClusterName": { - "value": "#aksClusterName#" - }, - "aksClusterRGName": { - "value": "#aksClusterRGName#" - }, - "appPackageUrls": { - "value": [ - "#appPackageUrls#" - ] - }, - "appReplicas": { - "value": 2 - }, - "createACR": { - "value": false - }, - "createAKSCluster": { - "value": false - }, - "createDNSZone": { - "value": true - }, - "enableAppGWIngress": { - "value": false - }, - "enableAzureMonitoring": { - "value": false - }, - "enableAzureFileShare": { - "value": false - }, - "enableCookieBasedAffinity": { - "value": false - }, - "enableCustomSSL": { - "value": false - }, - "enableDB": { - "value": false - }, - "enableDNSConfiguration": { - "value": false - }, - "identity": { - "value": { - "type": "UserAssigned", - "userAssignedIdentities": { - "#userAssignedManagedIdentity#": {} - } - } - }, - "location": { - "value": "#location#" - }, - "ocrSSOPSW": { - "value": "#ocrSSOPSW#" - }, - "ocrSSOUser": { - "value": "#ocrSSOUser#" - }, - "useInternalLB": { - "value": false - }, - "wdtRuntimePassword": { - "value": "#wdtRuntimePassword#" - }, - "wlsImageTag": { - "value": "14.1.1.0-11" - }, - "wlsPassword": { - "value": "#wlsPassword#" - }, - "wlsUserName": { - "value": "#wlsUserName#" - } - } -} \ No newline at end of file From 88790074274e67c159d32642c76ac4d31709a1f4 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 13 Oct 2021 14:01:43 +0800 Subject: [PATCH 021/720] On branch pipeline-for-new-tag: pipeline for new tag. Signed-off-by: galiacheng --- .github/workflows/newtag.yaml | 116 ++++++++++++++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 .github/workflows/newtag.yaml diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml new file mode 100644 index 000000000..a665a2724 --- /dev/null +++ b/.github/workflows/newtag.yaml @@ -0,0 +1,116 @@ +name: New Tag +on: + workflow_dispatch: + inputs: + tagname: + description: 'Specify Tag name to create/update.' + required: true + default: '2021-10-13-01-Q4' + ref: + description: 'Specify Git Ref if needed.' + required: false + default: 'refs/heads/main' +env: + tagbranch: "tagbranch" + gitToken: ${{ secrets.GIT_TOKEN }} + refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: c073dee94765142158f62e5a3bee0f255dd7c3a0 + repoName: "weblogic-azure" + userEmail: ${{ secrets.USER_EMAIL }} + userName: ${{ secrets.USER_NAME }} + +jobs: + newtag: + runs-on: ubuntu-latest + steps: + - name: Checkout ${{ env.repoName }} + uses: actions/checkout@v2 + with: + path: ${{ env.repoName }} + ref: ${{ github.event.inputs.ref }} + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} + + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + + - name: Build ${{ env.repoName }} + run: | + cd ${{ env.repoName }} + mvn -Ptemplate-validation-tests clean install --file weblogic-azure-vm/arm-oraclelinux-wls/pom.xml + mvn -Ptemplate-validation-tests clean install --file weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml + mvn -Ptemplate-validation-tests clean install --file weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml + mvn -Ptemplate-validation-tests clean install --file weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml + + - name: Create new tag + run: | + cd ${{ env.repoName }} + + git config --global core.longpaths true + git config --global user.email $userEmail + git config --global user.name $userName + + authGitPath=https://$gitToken@github.com/$userName/${{ env.repoName }}.git + + echo "Create tag branch" + remoteBranches=$(git ls-remote --heads) + echo ${remoteBranches} + if [[ -n `echo ${remoteBranches} | grep "${tagbranch}"` ]]; then + git push ${authGitPath} --delete ${tagbranch} -f + fi + + if [[ -n `git branch --all | grep "${tagbranch}"` ]]; then + git branch -D ${tagbranch} + fi + + git checkout -b ${tagbranch} + + # replace pids + export targetARM="target" + for d in weblogic-azure-vm/*/ ; do + for d1 in $d*/; do + if [ ! -d ${d1}${targetARM} ];then + continue; + fi + + list=$(find ${d1}${targetARM} | grep ".json") + for file in ${list}; do + sourcePath=$(echo "$file" | sed "s:target:src/main:g") + if test -f "$sourcePath"; then + echo "Replace ${sourcePath} with ${file}" + cp -f $file $sourcePath + fi + done + done + done + + git status + git add --all + git commit -m "hard code pids" + git fetch --unshallow + git push ${authGitPath} ${tagbranch} -f + + # remove existing tag + tagname=${{ github.event.inputs.tagname }} + if [[ -n `git ls-remote --tags | grep "${tagname}"` ]]; then + git push ${authGitPath} --delete ${tagname} -f + fi + + # create new tag + git tag ${tagname} + git push ${authGitPath} ${tagname} -f + # git push ${authGitPath} --delete ${tagbranch} -f From d5e9b508f8335382fb69ad8ce91a0f1ef21a3e4b Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 14 Oct 2021 10:48:08 +0800 Subject: [PATCH 022/720] On branch pipeline-for-new-tag: use azure-javaee-iaas-parent latest version. update pid file locations. add pom.xml at weblogic-azure-vm root. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls/pom.xml new file: weblogic-azure-vm/pom.xml --- weblogic-azure-aks/pom.xml | 2 +- .../admin-ssl-post-deploy/pom.xml | 6 ++--- .../arm-oraclelinux-wls-admin/pom.xml | 14 +++++----- .../addnode-coherence/pom.xml | 6 ++--- .../addnode/pom.xml | 6 ++--- .../arm-oraclelinux-wls-cluster/pom.xml | 6 ++--- .../deletenode/pom.xml | 6 ++--- .../arm-oraclelinux-wls-cluster/pom.xml | 2 +- .../addnode-coherence/pom.xml | 6 ++--- .../addnode/pom.xml | 6 ++--- .../pom.xml | 6 ++--- .../deletenode/pom.xml | 6 ++--- .../pom.xml | 2 +- weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 6 ++--- weblogic-azure-vm/pom.xml | 27 +++++++++++++++++++ 15 files changed, 67 insertions(+), 40 deletions(-) create mode 100644 weblogic-azure-vm/pom.xml diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index cf84d403c..b05eaf088 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -16,7 +16,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.10 + 1.0.12 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml index ff0b2128a..d92954d50 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 5c143d2c3..1815cc0af 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -15,18 +15,18 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 - jar + pom ${project.artifactId} -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties - - - + + admin-ssl-post-deploy + diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml index a367ddd12..02b1385f1 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml index 9cca61cbd..f8e9bc88e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index cec4636f0..6c55659da 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml index 3eed1ca2a..757c91c6a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -27,8 +27,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml index 9902d3ab3..97f665d89 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/pom.xml @@ -18,7 +18,7 @@ - https://github.com/wls-eng/arm-oraclelinux-wls-cluster + https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster scm:git:git@github.com:wls-eng/arm-oraclelinux-wls.git diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml index b81cc5db2..5e97ab5ae 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml index e0081079a..5f0d77790 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index 914e7aae1..d654db7ba 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml index bed47ec88..d0ac697db 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 @@ -25,8 +25,8 @@ ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml index fdc5f72ee..968f11c98 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -16,7 +16,7 @@ - https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster + https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster scm:git:git@github.com:wls-eng/arm-oraclelinux-wls-dynamic-cluster.git diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index 51eb22f62..b0671e22e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -17,15 +17,15 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.7 + 1.0.12 jar arm-oraclelinux-wls - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/pid.properties - https://raw.githubusercontent.com/wls-eng/arm-oraclelinux-wls/develop/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/pom.xml b/weblogic-azure-vm/pom.xml new file mode 100644 index 000000000..ff27d9439 --- /dev/null +++ b/weblogic-azure-vm/pom.xml @@ -0,0 +1,27 @@ + + + + + 4.0.0 + + com.oracle.weblogic.azure + weblogic-azure-vm + pom + 1.0.0 + ${project.artifactId} + https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm + + + arm-oraclelinux-wls + arm-oraclelinux-wls-admin + arm-oraclelinux-wls-cluster + arm-oraclelinux-wls-dynamic-cluster + + + From b5b1608e71906d670d629dcd578becb50c3945d8 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 14 Oct 2021 14:15:16 +0800 Subject: [PATCH 023/720] On branch pipeline-for-new-tag: update artifact location. Update arm ttk test parameter Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls/pom.xml --- .github/workflows/newtag.yaml | 12 ++++++++++++ .../admin-ssl-post-deploy/pom.xml | 5 +++-- .../src/main/arm/mainTemplate.json | 3 +-- weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml | 2 ++ .../addnode-coherence/pom.xml | 5 +++-- .../addnode-coherence/src/main/arm/mainTemplate.json | 2 +- .../arm-oraclelinux-wls-cluster/addnode/pom.xml | 5 +++-- .../addnode/src/main/arm/mainTemplate.json | 2 +- .../arm-oraclelinux-wls-cluster/pom.xml | 3 ++- .../arm-oraclelinux-wls-cluster/deletenode/pom.xml | 5 +++-- .../deletenode/src/main/arm/mainTemplate.json | 2 +- .../addnode-coherence/pom.xml | 5 +++-- .../addnode-coherence/src/main/arm/mainTemplate.json | 2 +- .../addnode/pom.xml | 5 +++-- .../addnode/src/main/arm/mainTemplate.json | 2 +- .../arm-oraclelinux-wls-dynamic-cluster/pom.xml | 3 ++- .../deletenode/pom.xml | 5 +++-- .../deletenode/src/main/arm/mainTemplate.json | 2 +- weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 1 + 19 files changed, 47 insertions(+), 24 deletions(-) diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml index a665a2724..b0157a2d0 100644 --- a/.github/workflows/newtag.yaml +++ b/.github/workflows/newtag.yaml @@ -82,6 +82,18 @@ jobs: # replace pids export targetARM="target" for d in weblogic-azure-vm/*/ ; do + # for admin offer and single node offer + if [ -d ${d}${targetARM} ];then + list=$(find ${d}${targetARM} | grep ".json") + for file in ${list}; do + sourcePath=$(echo "$file" | sed "s:target:src/main:g") + if test -f "$sourcePath"; then + echo "Replace ${sourcePath} with ${file}" + cp -f $file $sourcePath + fi + done + fi + for d1 in $d*/; do if [ ! -d ${d1}${targetARM} ];then continue; diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml index d92954d50..e175c183d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml @@ -23,8 +23,9 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="admin-ssl-post-deploy/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/arm/mainTemplate.json index d59f63ea9..decfda7b4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/arm/mainTemplate.json @@ -7,7 +7,7 @@ "metadata": { "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." }, - "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-admin/${git.tag}/admin-ssl-post-deploy/src/main/" + "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/" }, "_artifactsLocationSasToken": { "type": "securestring", @@ -85,7 +85,6 @@ } }, "variables": { - "const_hyphen": "-", "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", "const_wlsDomainPath": "/u01/domains", "name_scriptFile": "configureCustomAdminSSL.sh" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 1815cc0af..9ce6edebe 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -21,6 +21,8 @@ pom ${project.artifactId} + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml index 02b1385f1..128cbc663 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml @@ -25,8 +25,9 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json index 2c94efe40..d70825b38 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json @@ -7,7 +7,7 @@ "metadata": { "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." }, - "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/addnode-coherence/src/main/" + "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/" }, "_artifactsLocationSasToken": { "type": "securestring", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml index f8e9bc88e..37d958485 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml @@ -25,8 +25,9 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json index 278585185..944c842f5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json @@ -7,7 +7,7 @@ "metadata": { "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." }, - "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/addnode/src/main/" + "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-cluster/addnode/src/main/" }, "_artifactsLocationSasToken": { "type": "securestring", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index 6c55659da..382897796 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -25,7 +25,8 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml index 757c91c6a..f6483acff 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml @@ -25,8 +25,9 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json index 3048c2143..3ce5476e7 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json @@ -7,7 +7,7 @@ "metadata": { "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." }, - "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-cluster/${git.tag}/deletenode/src/main/" + "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-cluster/deletenode/src/main/" }, "_artifactsLocationSasToken": { "type": "securestring", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml index 5e97ab5ae..6f02f6315 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml @@ -23,8 +23,9 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json index 45b1f75cc..2df51092b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json @@ -7,7 +7,7 @@ "metadata": { "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." }, - "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/addnode-coherence/src/main/" + "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/" }, "_artifactsLocationSasToken": { "type": "securestring", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml index 5f0d77790..477e2267d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml @@ -23,8 +23,9 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json index a3ecd6314..2bd4811b8 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json @@ -7,7 +7,7 @@ "metadata": { "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." }, - "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/addnode/src/main/" + "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/" }, "_artifactsLocationSasToken": { "type": "securestring", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index d654db7ba..6a77439a5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -23,7 +23,8 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml index d0ac697db..fb56ce854 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml @@ -23,8 +23,9 @@ ${project.artifactId} - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json index 77e59bb2a..b39cca347 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json @@ -7,7 +7,7 @@ "metadata": { "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." }, - "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/${git.tag}/deletenode/src/main/" + "defaultValue": "${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/" }, "_artifactsLocationSasToken": { "type": "securestring", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index b0671e22e..896fc2883 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -24,6 +24,7 @@ jar arm-oraclelinux-wls + ${basedir}/../../../arm-ttk/arm-ttk https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties From 417ebe1a632342b84342936dde360456df69015e Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 14 Oct 2021 16:28:46 +0800 Subject: [PATCH 024/720] On branch pipeline-for-new-tag: remove the tag branch. Signed-off-by: galiacheng Changes to be committed: modified: .github/workflows/newtag.yaml --- .github/workflows/newtag.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml index b0157a2d0..d406a6ec5 100644 --- a/.github/workflows/newtag.yaml +++ b/.github/workflows/newtag.yaml @@ -125,4 +125,4 @@ jobs: # create new tag git tag ${tagname} git push ${authGitPath} ${tagname} -f - # git push ${authGitPath} --delete ${tagbranch} -f + git push ${authGitPath} --delete ${tagbranch} -f From b66e4dfeb779688b18310684f9e3d39995335dda Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 14 Oct 2021 17:23:18 +0800 Subject: [PATCH 025/720] On branch pipeline-for-new-tag: remove unused newtag.yaml Signed-off-by: galiacheng Changes to be committed: deleted: weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/newtag.yaml deleted: weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml deleted: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml --- .../.github/workflows/newtag.yaml | 110 ------------------ .../.github/workflows/newtag.yaml | 104 ----------------- .../.github/workflows/newtag.yaml | 104 ----------------- 3 files changed, 318 deletions(-) delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/newtag.yaml delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/newtag.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/newtag.yaml deleted file mode 100644 index 691f75077..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/newtag.yaml +++ /dev/null @@ -1,110 +0,0 @@ -name: New Tag -on: - workflow_dispatch: - inputs: - tagname: - description: 'Specify Tag name to create/update.' - required: true - default: '2020-12-02-01-Q4' - ref: - description: 'Specify Git Ref if needed.' - required: false - default: 'refs/heads/develop' -env: - tagbranch: "tagbranch" - gitToken: ${{ secrets.GIT_TOKEN }} - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - refJavaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - repoName: "arm-oraclelinux-wls-admin" - userEmail: ${{ secrets.USER_EMAIL }} - userName: ${{ secrets.USER_NAME }} - -jobs: - newtag: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.refArmttk }} - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - ref: ${{ github.event.inputs.ref }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - - name: Build and test ${{ env.repoName }} - run: | - cd ${{ env.repoName }} - mvn -Ptemplate-validation-tests clean install - - - name: Create new tag - run: | - cd ${{ env.repoName }} - git config --global core.longpaths true - git config --global user.email $userEmail - git config --global user.name $userName - - authGitPath=https://$gitToken@github.com/$userName/${{ env.repoName }}.git - - echo "Create tag branch" - remoteBranches=$(git ls-remote --heads) - echo ${remoteBranches} - if [[ -n `echo ${remoteBranches} | grep "${tagbranch}"` ]]; then - git push ${authGitPath} --delete ${tagbranch} -f - fi - - if [[ -n `git branch --all | grep "${tagbranch}"` ]]; then - git branch -D ${tagbranch} - fi - - git checkout -b ${tagbranch} - - # replace pids - export targetARM="arm" - for d in */ ; do - echo $d - if [ ! -d ${d}${targetARM} ];then - continue; - fi - - list=$(find ${d}${targetARM} | grep ".json") - for file in ${list}; do - targetPath=$(echo "$file" | sed "s:target:src/main:g") - if test -f "$targetPath"; then - echo "Replace ${targetPath} with ${file}" - cp -f $file $targetPath - fi - done - done - - git status - git add --all - git commit -m "hard code pids" - git fetch --unshallow - git push ${authGitPath} tagbranch -f - - # remove existing tag - tagname=${{ github.event.inputs.tagname }} - if [[ -n `git ls-remote --tags | grep "${tagname}"` ]]; then - git push ${authGitPath} --delete ${tagname} -f - fi - - # create new tag - git tag ${tagname} - git push ${authGitPath} ${tagname} -f - git push ${authGitPath} --delete ${tagbranch} -f diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml deleted file mode 100644 index def24ea6e..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/newtag.yaml +++ /dev/null @@ -1,104 +0,0 @@ -name: New Tag -on: - workflow_dispatch: - inputs: - tagname: - description: 'Specify Tag name to create/update.' - required: true - default: '2020-12-02-01-Q4' - ref: - description: 'Specify Git Ref if needed.' - required: false - default: 'refs/heads/develop' -env: - tagbranch: "tagbranch" - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - refJavaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - gitToken: ${{ secrets.GIT_TOKEN }} - repoName: "arm-oraclelinux-wls-cluster" - userEmail: ${{ secrets.USER_EMAIL }} - userName: ${{ secrets.USER_NAME }} - -jobs: - newtag: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.refArmttk }} - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - ref: ${{ github.event.inputs.ref }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - - name: Build and test ${{ env.repoName }} - run: | - cd ${{ env.repoName }} - mvn -Ptemplate-validation-tests clean install - - - name: Create new tag - run: | - cd ${{ env.repoName }} - git config --global core.longpaths true - git config --global user.email $userEmail - git config --global user.name $userName - - authGitPath=https://$gitToken@github.com/$userName/${{ env.repoName }}.git - - echo "Create tag branch" - remoteBranches=$(git ls-remote --heads) - echo ${remoteBranches} - if [[ -n `echo ${remoteBranches} | grep "${tagbranch}"` ]]; then - git push ${authGitPath} --delete ${tagbranch} -f - fi - git checkout -b ${tagbranch} - - # replace pids - export targetARM="target/arm" - for d in */ ; do - echo $d - if [ ! -d ${d}${targetARM} ];then - continue; - fi - - list=$(find ${d}${targetARM} | grep ".json") - for file in ${list}; do - targetPath=$(echo "$file" | sed "s:target:src/main:g") - if test -f "$targetPath"; then - echo "Replace ${targetPath} with ${file}" - cp -f $file $targetPath - fi - done - done - - git status - git commit -a -m "hard code pids" - git fetch --unshallow - git push ${authGitPath} tagbranch -f - - # remove existing tag - tagname=${{ github.event.inputs.tagname }} - if [[ -n `git ls-remote --tags | grep "${tagname}"` ]]; then - git push ${authGitPath} --delete ${tagname} -f - fi - - # create new tag - git tag ${tagname} - git push ${authGitPath} ${tagname} -f - git push ${authGitPath} --delete ${tagbranch} -f diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml deleted file mode 100644 index d27d1ff41..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/newtag.yaml +++ /dev/null @@ -1,104 +0,0 @@ -name: New Tag -on: - workflow_dispatch: - inputs: - tagname: - description: 'Specify Tag name to create/update.' - required: true - default: '2020-12-02-01-Q4' - ref: - description: 'Specify Git Ref if needed.' - required: false - default: 'refs/heads/develop' -env: - tagbranch: "tagbranch" - gitToken: ${{ secrets.GIT_TOKEN }} - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - refJavaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - repoName: "arm-oraclelinux-wls-dynamic-cluster" - userEmail: ${{ secrets.USER_EMAIL }} - userName: ${{ secrets.USER_NAME }} - -jobs: - newtag: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.refArmttk }} - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - ref: ${{ github.event.inputs.ref }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - - name: Build and test ${{ env.repoName }} - run: | - cd ${{ env.repoName }} - mvn -Ptemplate-validation-tests clean install - - - name: Create new tag - run: | - cd ${{ env.repoName }} - git config --global core.longpaths true - git config --global user.email $userEmail - git config --global user.name $userName - - authGitPath=https://$gitToken@github.com/$userName/${{ env.repoName }}.git - - echo "Create tag branch" - remoteBranches=$(git ls-remote --heads) - echo ${remoteBranches} - if [[ -n `echo ${remoteBranches} | grep "${tagbranch}"` ]]; then - git push ${authGitPath} --delete ${tagbranch} -f - fi - git checkout -b ${tagbranch} - - # replace pids - export targetARM="target/arm" - for d in */ ; do - echo $d - if [ ! -d ${d}${targetARM} ];then - continue; - fi - - list=$(find ${d}${targetARM} | grep ".json") - for file in ${list}; do - targetPath=$(echo "$file" | sed "s:target:src/main:g") - if test -f "$targetPath"; then - echo "Replace ${targetPath} with ${file}" - cp -f $file $targetPath - fi - done - done - - git status - git commit -a -m "hard code pids" - git fetch --unshallow - git push ${authGitPath} tagbranch -f - - # remove existing tag - tagname=${{ github.event.inputs.tagname }} - if [[ -n `git ls-remote --tags | grep "${tagname}"` ]]; then - git push ${authGitPath} --delete ${tagname} -f - fi - - # create new tag - git tag ${tagname} - git push ${authGitPath} ${tagname} -f - git push ${authGitPath} --delete ${tagbranch} -f \ No newline at end of file From 342ac253f2100da453f8d380d429d0197c2bdeed Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Fri, 15 Oct 2021 09:05:29 +0800 Subject: [PATCH 026/720] WLS on AKS pipeline setup script: Always aks DISAMBIG_PREFIX and echo more Signed-off-by: Zheng Chang --- .github/workflows/setupForWlsAks.sh | 22 ++++++++++++++++++---- .github/workflows/testWlsAks.yml | 2 +- 2 files changed, 19 insertions(+), 5 deletions(-) mode change 100644 => 100755 .github/workflows/setupForWlsAks.sh diff --git a/.github/workflows/setupForWlsAks.sh b/.github/workflows/setupForWlsAks.sh old mode 100644 new mode 100755 index 93f4ac1c3..c41aa8ce3 --- a/.github/workflows/setupForWlsAks.sh +++ b/.github/workflows/setupForWlsAks.sh @@ -17,7 +17,7 @@ # AKS_REPO_USER_NAME=oracle DB_PASSWORD="Secret123!" -# Three letters to disambiguate names. Leave blank to use ejb. +# Three letters to disambiguate names. DISAMBIG_PREFIX= # The location of the resource group. For example `eastus`. Leave blank to use your default location. LOCATION= @@ -55,9 +55,11 @@ msg() { setup_colors -# get DISAMBIG_PREFIX if not set at the beginning of this file +read -r -p "Enter a disambiguation prefix (try initials with a sequence number, such as ejb01): " DISAMBIG_PREFIX + if [ "$DISAMBIG_PREFIX" == '' ] ; then - DISAMBIG_PREFIX=ejb + msg "${RED}You must enter a disambiguation prefix." + exit 1; fi # get ORC_SSOUSER if not set at the beginning of this file @@ -157,6 +159,8 @@ az role assignment create --role Contributor --assignee-principal-type ServicePr # https://stackoverflow.com/questions/13210880/replace-one-substring-for-another-string-in-shell-script USER_ASSIGNED_MANAGED_IDENTITY_ID=${USER_ASSIGNED_MANAGED_IDENTITY_ID_NOT_ESCAPED//\//\\/} +# remove leading and trailing quote +USER_ASSIGNED_MANAGED_IDENTITY_ID=${USER_ASSIGNED_MANAGED_IDENTITY_ID//\"/} msg "${GREEN}(6/6) Create secrets in GitHub" if $USE_GITHUB_CLI; then @@ -164,14 +168,22 @@ if $USE_GITHUB_CLI; then msg "${GREEN}Using the GitHub CLI to set secrets.${NOFORMAT}" gh ${GH_FLAGS} secret set AKS_REPO_USER_NAME -b"${AKS_REPO_USER_NAME}" gh ${GH_FLAGS} secret set AZURE_CREDENTIALS -b"${AZURE_CREDENTIALS}" + msg "${YELLOW}\"AZURE_CREDENTIALS\"" + msg "${GREEN}${AZURE_CREDENTIALS}" gh ${GH_FLAGS} secret set DB_PASSWORD -b"${DB_PASSWORD}" gh ${GH_FLAGS} secret set ORC_SSOPSW -b"${ORC_SSOPSW}" gh ${GH_FLAGS} secret set ORC_SSOUSER -b"${ORC_SSOUSER}" gh ${GH_FLAGS} secret set SERVICE_PRINCIPAL -b"${SERVICE_PRINCIPAL}" + msg "${YELLOW}\"SERVICE_PRINCIPAL\"" + msg "${GREEN}${SERVICE_PRINCIPAL}" gh ${GH_FLAGS} secret set USER_ASSIGNED_MANAGED_IDENTITY_ID -b"${USER_ASSIGNED_MANAGED_IDENTITY_ID}" + msg "${YELLOW}\"USER_ASSIGNED_MANAGED_IDENTITY_ID\"" + msg "${GREEN}${USER_ASSIGNED_MANAGED_IDENTITY_ID}" gh ${GH_FLAGS} secret set WDT_RUNTIMEPSW -b"${WDT_RUNTIMEPSW}" gh ${GH_FLAGS} secret set WLS_PSW -b"${WLS_PSW}" - gh ${GH_FLAGS} secret set WLS_USERNAME -b"${WLS_USERNAME}" + gh ${GH_FLAGS} secret set WLS_USERNAME -b"${WLS_USERNAME}" + msg "${YELLOW}\"DISAMBIG_PREFIX\"" + msg "${GREEN}${DISAMBIG_PREFIX}" } || { USE_GITHUB_CLI=false } @@ -202,6 +214,8 @@ if [ $USE_GITHUB_CLI == false ]; then msg "${GREEN}${WLS_PSW}" msg "${YELLOW}\"WLS_USERNAME\"" msg "${GREEN}${WLS_USERNAME}" + msg "${YELLOW}\"DISAMBIG_PREFIX\"" + msg "${GREEN}${DISAMBIG_PREFIX}" msg "${NOFORMAT}========================================================================" fi msg "${GREEN}Secrets configured" diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index 294264837..e545ad0e3 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -10,7 +10,7 @@ on: repository_dispatch: env: - refJavaee: bce4e6ec57726d4bc7992b45e1ff6e459b02fb39 + refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 azCliVersion: 2.23.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} location: eastus From f07bc0f02039e1e532df3646dcf078bc9d308cb4 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 15 Sep 2021 13:50:58 +0800 Subject: [PATCH 027/720] On branch galia-3rddb: support 3rd data source Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json modified: weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh modified: weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh modified: weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh modified: weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh modified: weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep modified: weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep modified: weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep --- .../src/main/arm/createUiDefinition.json | 117 ++++++++++++++++-- .../main/arm/scripts/buildWLSDockerImage.sh | 37 +++++- .../main/arm/scripts/createVMAndBuildImage.sh | 15 ++- .../src/main/arm/scripts/dbUtility.sh | 4 + .../main/arm/scripts/genDatasourceModel.sh | 2 +- .../src/main/arm/scripts/genImageModel.sh | 2 +- .../src/main/bicep/mainTemplate.bicep | 14 +++ .../_ds-create-wls-cluster.bicep | 7 ++ .../_ds-datasource-connection.bicep | 17 +++ .../bicep/modules/_setupDBConnection.bicep | 9 ++ .../bicep/modules/setupDBConnection.bicep | 4 + .../bicep/modules/setupWebLogicCluster.bicep | 2 + 12 files changed, 216 insertions(+), 14 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index f5ded01f9..2fc7cb742 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -1672,6 +1672,10 @@ { "label": "Azure SQL", "value": "sqlserver" + }, + { + "label": "Others", + "value": "otherdb" } ], "required": true @@ -1685,9 +1689,9 @@ "toolTip": "The JNDI name for the database JDBC connection", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", - "regex": "^[a-zA-Z0-9./_-]{1,30}$", - "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, hyphens (-), underscores (_), periods (.) and slashes (/)." + "required": true, + "regex": "^[a-z0-9A-Z/]{1,30}$", + "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." }, "visible": true }, @@ -1698,10 +1702,62 @@ "toolTip": "The JDBC connection string for the database", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "[concat('^jdbc:', coalesce(steps('section_database').databaseConnectionInfo.databaseType, ''), '.*$')]", "validationMessage": "A valid JDBC URL for the chosen database type must be provided" }, + "visible": "[and(bool(steps('section_database').enableDB), not(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb')))]" + }, + { + "name": "dsConnectionURL2", + "type": "Microsoft.Common.TextBox", + "label": "DataSource Connection String", + "toolTip": "The JDBC connection string for the database", + "defaultValue": "", + "constraints": { + "required": true, + "regex": "^jdbc:.*$", + "validationMessage": "A valid JDBC URL for the chosen database type must be provided" + }, + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" + }, + { + "name": "dbGlobalTranPro", + "type": "Microsoft.Common.DropDown", + "label": "Global transactions protocol", + "defaultValue": "EmulateTwoPhaseCommit", + "multiLine": true, + "toolTip": "Determines the transaction protocol (global transaction processing behavior) for the data source.", + "constraints": { + "allowedValues": [ + { + "label": "TwoPhaseCommit", + "description": "Standard XA transaction processing. Requires an XA driver.", + "value": "TwoPhaseCommit" + }, + { + "label": "LoggingLastResource", + "description": "A performance enhancement for one non-XA resource.", + "value": "LoggingLastResource" + }, + { + "label": "EmulateTwoPhaseCommit", + "description": "Enables one non-XA resource to participate in a global transaction, but has some risk to data.", + "value": "EmulateTwoPhaseCommit" + }, + { + "label": "OnePhaseCommit", + "description": "One-phase XA transaction processing using a non-XA driver. This is the default setting.", + "value": "OnePhaseCommit" + }, + { + "label": "None", + "description": "Support for local transactions only.", + "value": "None" + } + ], + "required": true + }, "visible": true }, { @@ -1711,8 +1767,8 @@ "toolTip": "Use only letters and numbers", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", - "regex": "^(?=.{1,128}$)[a-zA-Z](?!.*--)(?!.*@@)(?!.*-@)(?!.*@-)[a-zA-Z0-9-@]*[a-zA-Z0-9]$", + "required": true, + "regex": "^(?!\\-)([a-z0-9A-Z@\\-]{1,128})([^\\-])$", "validationMessage": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." }, "visible": true @@ -1726,7 +1782,7 @@ }, "toolTip": "Database Password", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "^((?=.*[0-9])(?=.*[a-zA-Z!@#$%^&*])).{5,128}$", "validationMessage": "The password must be between 5 and 128 characters long and have at least one number." }, @@ -1734,6 +1790,47 @@ "hideConfirmation": false }, "visible": true + }, + { + "name": "dbDriverLibraries", + "type": "Microsoft.Common.FileUpload", + "label": "DataSource driver (.jar)", + "toolTip": "The datasource driver jar package for the specified database.", + "constraints": { + "required": true, + "accept": ".jar" + }, + "options": { + "multiple": true, + "uploadMode": "url", + "openMode": "binary" + }, + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" + }, + { + "name": "dbDriverName", + "type": "Microsoft.Common.TextBox", + "label": "DataSource driver name", + "toolTip": "The driver name for the database", + "placeholder": "com.informix.jdbc.IfxDriver", + "constraints": { + "required": true, + "regex": "^[a-zA-Z_][a-zA-Z0-9_]+(\\.[a-zA-Z_][a-zA-Z0-9_]+){1,50}$", + "validationMessage": "A valid driver name for the chosen database type must be provided" + }, + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" + }, + { + "name": "dbTestTableName", + "type": "Microsoft.Common.TextBox", + "label": "Test table name", + "toolTip": "The name of the database table to use when testing physical database connections. ", + "constraints": { + "required": true, + "regex": "^.*$", + "validationMessage": "A test table name for the chosen database type must be provided" + }, + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -1758,7 +1855,11 @@ "createACR": "[bool(steps('section_aks').imageInfo.oracleCreateACR)]", "createAKSCluster": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", "createDNSZone": "[not(bool(steps('section_dnsConfiguration').bringDNSZone))]", + "dbDriverLibrariesUrls": "[steps('section_database').databaseConnectionInfo.dbDriverLibraries]", + "dbDriverName": "[steps('section_database').databaseConnectionInfo.dbDriverName]", + "dbGlobalTranPro": "[steps('section_database').databaseConnectionInfo.dbGlobalTranPro]", "dbPassword": "[steps('section_database').databaseConnectionInfo.dbPassword]", + "dbTestTableName": "[steps('section_database').databaseConnectionInfo.dbTestTableName]", "dbUser": "[steps('section_database').databaseConnectionInfo.dbUser]", "databaseType": "[steps('section_database').databaseConnectionInfo.databaseType]", "dnszoneAdminConsoleLabel": "[steps('section_dnsConfiguration').dnszoneAdminConsoleLabel]", @@ -1767,7 +1868,7 @@ "dnszoneClusterT3ChannelLabel": "[steps('section_dnsConfiguration').dnszoneClusterT3ChannelLabel]", "dnszoneName": "[steps('section_dnsConfiguration').dnszoneName]", "dnszoneRGName": "[steps('section_dnsConfiguration').dnsZoneResourceGroup]", - "dsConnectionURL": "[steps('section_database').databaseConnectionInfo.dsConnectionURL]", + "dsConnectionURL": "[coalesce(steps('section_database').databaseConnectionInfo.dsConnectionURL, steps('section_database').databaseConnectionInfo.dsConnectionURL2, 'null')]", "enableAppGWIngress": "[steps('section_appGateway').appgwIngress.enableAppGateway]", "enableAzureMonitoring": "[bool(steps('section_aks').clusterInfo.enableAzureMonitoring)]", "enableAzureFileShare": "[bool(steps('section_aks').clusterInfo.enableAzureFileShare)]", diff --git a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh index fa561e43e..5eb663b1a 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh @@ -15,7 +15,7 @@ function read_sensitive_parameters_from_stdin() { #Function to display usage message function usage() { - echo " ./buildWLSDockerImage.sh ./buildWLSDockerImage.sh " + echo " | ./buildWLSDockerImage.sh " if [ $1 -eq 1 ]; then exit 1 fi @@ -95,6 +95,11 @@ function validate_inputs() { echo_stderr "enableClusterT3Tunneling is required. " usage 1 fi + + if [ -z "${dbDriversUrls}" ]; then + echo_stderr "dbDriversUrls is required. " + usage 1 + fi } function initialize() { @@ -169,6 +174,32 @@ function install_utilities() { validate_status "Install mssql driver." } +function install_db_drivers() { + if [ "${dbDriversUrls}" == "[]" ] || [ -z "${dbDriversUrls}" ]; then + return + fi + + local dbDriversUrls=$(echo "${dbDriversUrls:1:${#dbDriversUrls}-2}") + local dbDriversUrlsArray=$(echo $dbDriversUrls | tr "," "\n") + + for item in $dbDriversUrlsArray; do + echo ${item} + # e.g. https://wlsaksapp.blob.core.windows.net/japps/mariadb-java-client-2.7.4.jar?sp=r&se=2021-04-29T15:12:38Z&sv=2020-02-10&sr=b&sig=7grL4qP%2BcJ%2BLfDJgHXiDeQ2ZvlWosRLRQ1ciLk0Kl7M%3D + local urlWithoutQueryString="${item%\?*}" + echo $urlWithoutQueryString + local fileName="${urlWithoutQueryString##*/}" + echo $fileName + + curl -m ${curlMaxTime} -fL "$item" -o ${scriptDir}/model-images/wlsdeploy/domainLibraries/${fileName} + if [ $? -ne 0 ];then + echo "Failed to download $item" + exit 1 + fi + + dbDriverPaths="${dbDriverPaths},'wlsdeploy/domainLibraries/${fileName}'" + done +} + # Login in OCR # Pull weblogic image function get_wls_image_from_ocr() { @@ -288,8 +319,10 @@ export enableSSL=$8 export enableAdminT3Tunneling=$9 export enableClusterT3Tunneling=${10} export useOracleImage=${11} +export dbDriversUrls=${12} export acrImagePath="$azureACRServer/aks-wls-images:${imageTag}" +export dbDriverPaths="" export ocrLoginServer="container-registry.oracle.com" export wdtDownloadURL="https://github.com/oracle/weblogic-deploy-tooling/releases/download/release-1.9.17/weblogic-deploy.zip" export witDownloadURL="https://github.com/oracle/weblogic-image-tool/releases/download/release-1.9.16/imagetool.zip" @@ -304,6 +337,8 @@ initialize install_utilities +install_db_drivers + if [[ "${useOracleImage,,}" == "${constTrue}" ]]; then get_wls_image_from_ocr else diff --git a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh index f6d61c1cf..d605a0cd1 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh @@ -6,6 +6,13 @@ function read_sensitive_parameters_from_stdin() { read azureACRPassword ocrSSOPSW } +function initialize() { + # initialize URL_3RD_DATASOURCE + if [ -z "${URL_3RD_DATASOURCE}" ];then + URL_3RD_DATASOURCE="[]" + fi +} + function cleanup_vm() { #Remove VM resources az extension add --name resource-graph @@ -89,11 +96,11 @@ function build_docker_image() { if [[ "${useOracleImage,,}" == "${constTrue}" ]]; then wlsImagePath="${ocrLoginServer}/middleware/weblogic:${wlsImageTag}" else - wlsImagePath="${userProvidedImagePath}" + wlsImagePath="${userProvidedImagePath}" fi echo "wlsImagePath: ${wlsImagePath}" - + URL_3RD_DATASOURCE=$(echo $URL_3RD_DATASOURCE | tr -d "\"") # remove " from the string az vm extension set --name CustomScript \ --extension-instance-name wls-image-script \ --resource-group ${currentResourceGroup} \ @@ -101,7 +108,7 @@ function build_docker_image() { --publisher Microsoft.Azure.Extensions \ --version 2.0 \ --settings "{ \"fileUris\": [\"${scriptURL}model.properties\",\"${scriptURL}genImageModel.sh\",\"${scriptURL}buildWLSDockerImage.sh\",\"${scriptURL}common.sh\"]}" \ - --protected-settings "{\"commandToExecute\":\"echo ${azureACRPassword} ${ocrSSOPSW} | bash buildWLSDockerImage.sh ${wlsImagePath} ${azureACRServer} ${azureACRUserName} ${newImageTag} \\\"${appPackageUrls}\\\" ${ocrSSOUser} ${wlsClusterSize} ${enableCustomSSL} ${enableAdminT3Tunneling} ${enableClusterT3Tunneling} ${useOracleImage} \"}" + --protected-settings "{\"commandToExecute\":\"echo ${azureACRPassword} ${ocrSSOPSW} | bash buildWLSDockerImage.sh ${wlsImagePath} ${azureACRServer} ${azureACRUserName} ${newImageTag} \\\"${appPackageUrls}\\\" ${ocrSSOUser} ${wlsClusterSize} ${enableCustomSSL} ${enableAdminT3Tunneling} ${enableClusterT3Tunneling} ${useOracleImage} \\\"${URL_3RD_DATASOURCE}\\\" \"}" cleanup_vm } @@ -132,6 +139,8 @@ export userProvidedImagePath=${14} read_sensitive_parameters_from_stdin +initialize + build_docker_image diff --git a/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh b/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh index 9bc9c86ff..162a1c4fc 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh @@ -17,6 +17,9 @@ function generate_ds_model() { elif [[ "${databaseType}" == "${dbTypeSQLServer}" ]]; then databaseDriver=${driverSQLServer} databaseTestTableName=${testTableSQLServer} + elif [[ "${databaseType}" == "${dbTypeOthers}" ]]; then + databaseDriver=${DB_DRIVER_NAME} + databaseTestTableName=${TEST_TABLE_NAME} fi echo "generate data source model file" @@ -152,6 +155,7 @@ export clusterName="cluster-1" export dbTypeOracle="oracle" export dbTypePostgre="postgresql" export dbTypeSQLServer="sqlserver" +export dbTypeOthers="otherdb" export driverOracle="oracle.jdbc.OracleDriver" export driverPostgre="org.postgresql.Driver" export driverSQLServer="com.microsoft.sqlserver.jdbc.SQLServerDriver" diff --git a/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh b/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh index e6035ce03..ec7e5ad0e 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genDatasourceModel.sh @@ -25,7 +25,7 @@ resources: JNDIName: [ ${jndiName} ] - GlobalTransactionsProtocol: EmulateTwoPhaseCommit + GlobalTransactionsProtocol: ${GLOBAL_TRANSATION_PROTOCOL} JDBCDriverParams: DriverName: ${driver} URL: '@@SECRET:${secretName}:url@@' diff --git a/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh b/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh index 5daf9dad9..6f15e9bce 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh @@ -33,7 +33,7 @@ domainInfo: AdminUserName: "@@SECRET:__weblogic-credentials__:username@@" AdminPassword: "@@SECRET:__weblogic-credentials__:password@@" ServerStartMode: "prod" - domainLibraries: [ 'wlsdeploy/domainLibraries/postgresql-42.2.8.jar', 'wlsdeploy/domainLibraries/mssql-jdbc-7.4.1.jre8.jar'] + domainLibraries: [ 'wlsdeploy/domainLibraries/postgresql-42.2.8.jar', 'wlsdeploy/domainLibraries/mssql-jdbc-7.4.1.jre8.jar'${dbDriverPaths}] topology: Name: "@@ENV:CUSTOM_DOMAIN_NAME@@" diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 0545a0ed3..6c1b4b9c2 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -78,6 +78,7 @@ param createDNSZone bool = false 'oracle' 'postgresql' 'sqlserver' + 'otherdb' ]) @description('One of the supported database types') param databaseType string = 'oracle' @@ -87,8 +88,16 @@ param databaseType string = 'oracle' ]) @description('createOrUpdate: create a new data source connection, or update an existing data source connection. delete: delete an existing data source connection') param dbConfigurationType string = 'createOrUpdate' +@description('Urls of datasource drivers, must be specified if database type is otherdb') +param dbDriverLibrariesUrls array = [] +@description('Datasource driver name, must be specified if database type is otherdb') +param dbDriverName string = 'org.contoso.Driver' +@description('Determines the transaction protocol (global transaction processing behavior) for the data source.') +param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' @description('Password for Database') param dbPassword string = newGuid() +@description('The name of the database table to use when testing physical database connections. This name is required when you specify a Test Frequency and enable Test Reserved Connections.') +param dbTestTableName string = 'Null' @description('User id of Database') param dbUser string = 'contosoDbUser' @description('DNS prefix for ApplicationGateway') @@ -412,6 +421,7 @@ module wlsDomainDeployment 'modules/setupWebLogicCluster.bicep' = if (!enableCus createACR: createACR createAKSCluster: createAKSCluster createStorageAccount: const_bCreateStorageAccount + dbDriverLibrariesUrls: dbDriverLibrariesUrls enableAzureMonitoring: enableAzureMonitoring enableCustomSSL: enableCustomSSL enableAdminT3Tunneling: enableAdminT3Tunneling @@ -476,6 +486,7 @@ module wlsDomainWithCustomSSLDeployment 'modules/setupWebLogicCluster.bicep' = i createACR: createACR createAKSCluster: createAKSCluster createStorageAccount: const_bCreateStorageAccount + dbDriverLibrariesUrls: dbDriverLibrariesUrls enableAzureMonitoring: enableAzureMonitoring enableCustomSSL: enableCustomSSL enableAdminT3Tunneling: enableAdminT3Tunneling @@ -608,7 +619,10 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value databaseType: databaseType dbConfigurationType: dbConfigurationType + dbDriverName: dbDriverName + dbGlobalTranPro: dbGlobalTranPro dbPassword: dbPassword + dbTestTableName: dbTestTableName dbUser: dbUser dsConnectionURL: dsConnectionURL identity: identity diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index e7fafd739..fc0cb7e54 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -10,6 +10,7 @@ param aksClusterName string = '' param acrName string = '' param appPackageUrls array = [] param appReplicas int = 2 +param dbDriverLibrariesUrls array = [] param enableCustomSSL bool = false param enableAdminT3Tunneling bool = false param enableClusterT3Tunneling bool = false @@ -78,6 +79,12 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { properties: { azCliVersion: '2.15.0' arguments: const_arguments + environmentVariables: [ + { + name: 'URL_3RD_DATASOURCE' + value: '${string(dbDriverLibrariesUrls)}' + } + ] primaryScriptUri: uri(const_scriptLocation, '${const_invokeSetUpDomainScript}${_artifactsLocationSasToken}') supportingScriptUris: [ uri(const_scriptLocation, '${const_setUpDomainScript}${_artifactsLocationSasToken}') diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep index b647a4bd6..facd11b66 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep @@ -9,7 +9,10 @@ param aksClusterName string param aksClusterRGName string param databaseType string = 'oracle' param dbConfigurationType string +param dbDriverName string = 'org.contoso.Driver' +param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' param dbPassword string = newGuid() +param dbTestTableName string = 'Null' param dbUser string param dsConnectionURL string param identity object @@ -39,6 +42,20 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { properties: { azCliVersion: const_azcliVersion arguments: const_arguments + environmentVariables: [ + { + name: 'DB_DRIVER_NAME' + value: dbDriverName + } + { + name: 'GLOBAL_TRANSATION_PROTOCOL' + value: dbGlobalTranPro + } + { + name: 'TEST_TABLE_NAME' + value: dbTestTableName + } + ] primaryScriptUri: uri(const_scriptLocation, '${const_invokeSetupDBConnectionsScript}${_artifactsLocationSasToken}') supportingScriptUris: [ uri(const_scriptLocation, '${const_datasourceScript}${_artifactsLocationSasToken}') diff --git a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep index cb2fcbc09..2df8f77d0 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep @@ -19,8 +19,14 @@ param databaseType string = 'oracle' 'delete' ]) param dbConfigurationType string = 'createOrUpdate' +@description('Datasource driver name') +param dbDriverName string = 'org.contoso.Driver' +@description('Determines the transaction protocol (global transaction processing behavior) for the data source.') +param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' @description('Password for Database') param dbPassword string = newGuid() +@description('The name of the database table to use when testing physical database connections. This name is required when you specify a Test Frequency and enable Test Reserved Connections.') +param dbTestTableName string = 'Null' @description('User id of Database') param dbUser string = 'contosoDbUser' @description('JDBC Connection String') @@ -53,7 +59,10 @@ module configDataSource '_deployment-scripts/_ds-datasource-connection.bicep' = aksClusterRGName: aksClusterRGName databaseType: databaseType dbConfigurationType: dbConfigurationType + dbDriverName: dbDriverName + dbGlobalTranPro: dbGlobalTranPro dbPassword: dbPassword + dbTestTableName: dbTestTableName dbUser: dbUser dsConnectionURL: dsConnectionURL identity: identity diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep index e5a4bf977..688233cc6 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep @@ -17,6 +17,7 @@ Parameters - createOrUpdate: create a new data source connection, or update an existing data source connection. - delete: delete an existing data source connection - dbPassword: Password for Database + - dbGlobalTranPro: Determines the transaction protocol (global transaction processing behavior) for the data source.. - dbUser: User id of Database - dsConnectionURL: JDBC Connection String - identity: Azure user managed identity used, make sure the identity has permission to create/update/delete Azure resources. It's recommended to assign "Contributor" role. @@ -48,6 +49,8 @@ param databaseType string = 'oracle' ]) @description('createOrUpdate: create a new data source connection, or update an existing data source connection. delete: delete an existing data source connection') param dbConfigurationType string = 'createOrUpdate' +@description('Determines the transaction protocol (global transaction processing behavior) for the data source.') +param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' @description('Password for Database') param dbPassword string = newGuid() @description('User id of Database') @@ -81,6 +84,7 @@ module configDataSource './_setupDBConnection.bicep' = { aksClusterRGName: resourceGroup().name databaseType: databaseType dbConfigurationType: dbConfigurationType + dbGlobalTranPro: dbGlobalTranPro dbPassword: dbPassword dbUser: dbUser dsConnectionURL: dsConnectionURL diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep index fe69130c8..5c1484294 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep @@ -53,6 +53,7 @@ param createACR bool = false @description('true to create a new AKS cluster.') param createAKSCluster bool = true param createStorageAccount bool = false +param dbDriverLibrariesUrls array = [] @description('In addition to the CPU and memory metrics included in AKS by default, you can enable Container Insights for more comprehensive data on the overall performance and health of your cluster. Billing is based on data ingestion and retention settings.') param enableAzureMonitoring bool = false @description('true to create persistent volume using file share.') @@ -188,6 +189,7 @@ module wlsDomainDeployment './_deployment-scripts/_ds-create-wls-cluster.bicep' acrName: useOracleImage ? (createACR ? acrDeployment.outputs.acrName : acrName) : userProvidedAcr appPackageUrls: appPackageUrls appReplicas: appReplicas + dbDriverLibrariesUrls: dbDriverLibrariesUrls enableCustomSSL: enableCustomSSL enableAdminT3Tunneling: enableAdminT3Tunneling enableClusterT3Tunneling: enableClusterT3Tunneling From 35a959878b319c76836b7256093b36a18eddffc8 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 19 Oct 2021 16:06:13 +0800 Subject: [PATCH 028/720] On branch galia-3rddb: output error message to deployment output. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh --- weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh b/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh index fd5283aa8..d5748a1ee 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh @@ -233,7 +233,7 @@ function validate_datasource() { testDatasourceScript=${scriptDir}/${dsScriptFileName} podNum=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.clusterName=${wlsClusterName} -o json | jq '.items| length') if [ ${podNum} -le 0 ]; then - echo "Ensure your cluster has at least one pod." + echo_stderr "Ensure your cluster has at least one pod." exit 1 fi @@ -262,7 +262,7 @@ EOF kubectl exec -it ${podName} -n ${wlsDomainNS} -c ${wlsContainerName} -- bash -c "wlst.sh ${targetDSFilePath}" | grep "State is Running" if [ $? == 1 ];then - echo "Failed to configure datasource ${jdbcDataSourceName}. Please make sure the input values are correct." + echo_stderr "Failed to configure datasource ${jdbcDataSourceName}. Please make sure the input values are correct." delete_datasource exit 1 fi From 3e9be2b21227504ee3c99e3d8b2ce55ab49f5d1f Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 19 Oct 2021 17:01:08 +0800 Subject: [PATCH 029/720] On branch galia-3rddb: increase pom version to 1.0.21 Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index a1fd1123f..e353d445b 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -11,7 +11,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.20 + 1.0.21 com.microsoft.azure.iaas From 2494b3fa95f4ac0dfcaef1b9b49a3eb84fa6a6a8 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 25 Aug 2021 14:41:51 -0400 Subject: [PATCH 030/720] Copied from contact me offer. Need to edit for WLS on AKS new file: weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md On branch wls-aks-marketplace-entry Copyedits. modified: weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md - Apply copyediting changes from @rosemarymarano and @mriccell. --- .../resources/marketing-artifacts/README.md | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md diff --git a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md new file mode 100644 index 000000000..8d61fd4a7 --- /dev/null +++ b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md @@ -0,0 +1,63 @@ +

Offer listing

+ +

Name

+ +Oracle WebLogic Server on Azure Solution Overview + +

Oracle WebLogic Server is a scalable, enterprise-ready Java EE application server.

+ +

Description

+ +

Azure Oracle WebLogic Server (WLS) offers enable you to embrace cloud computing by providing greater choice and flexibility for WLS migration including lift and shift of your Java applications to Azure Virtual Machines with the smallest effort and biggest impact. The offers empower you to start your business applications quickly by automatically provisioning virtual network, storage and Linux resources, installing WLS, setting up security with a network security group, easing database connectivity, configuring load balancing with App Gateway or Oracle HTTP Server, connecting to Azure Active Directory, enabling centralized logging via ELK as well as integrating distributed caching with Oracle Coherence.

+

There are a number of offers that support different common use cases, such as a single working instance with Admin Server enabled, as well as highly available clusters.

+

The offers are linked in the Learn more section at the bottom of this page. You should feel free to give them a try; the offers are available free of charge.

+

These offers are Bring-Your-Own-License. They assume you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

+

These offers support a range of operating system, WebLogic Server and Java such as WLS 14c and JDK 11 on Oracle Linux 7.6 and 8 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

+
WLS Single Node
+

This offer provisions a single virtual machine and installs WLS on it. It does not create a domain or start the Administration Server. This is useful for scenarios with highly customized domain configuration.

+
WLS with Admin Server
+

This offer provisions a single virtual machine and installs WLS on it. It creates a domain and starts up the Administration Server, which allows you to manage the domain.

+
WLS Cluster
+

This offer creates a highly available cluster of WLS virtual machines. The Administration Server and all Managed Servers are started by default, which allow you to manage the domain.

+
WLS Dynamic Cluster
+

This offer creates a highly available and scalable dynamic cluster of WLS virtual machines. The Administration Server and all Managed Servers are started by default, which allow you to manage the domain.

+ +

Search keywords

+ +Java +Java EE +WebLogic + +

Privacy policy link

+ +https://www.oracle.com/legal/privacy/privacy-policy.html + +

Useful links

+ +[Overview](https://www.oracle.com/middleware/weblogic/) + +[Oracle WebLogic Server Single Node](https://portal.azure.com/#create/oracle.20191001-arm-oraclelinux-wls20191001-arm-oraclelinux-wls) + +[Oracle WebLogic Server With Admin Server](https://portal.azure.com/#create/oracle.20191009-arm-oraclelinux-wls-admin20191009-arm-oraclelinux-wls-admin) + +[Oracle WebLogic Server Cluster](https://portal.azure.com/#create/oracle.20191007-arm-oraclelinux-wls-cluster20191007-arm-oraclelinux-wls-cluster) + +[Oracle WebLogic Server Dynamic Cluster](https://portal.azure.com/#create/oracle.20191021-arm-oraclelinux-wls-dynamic-cluster20191021-arm-oraclelinux-wls-dynamic-cluster) + +[Fusion Middleware Documentation](https://docs.oracle.com/en/middleware/fusion-middleware/index.html) + +[Learn More](https://www.oracle.com/middleware/technologies/weblogic.html) + +

Videos

+ +

Name

+ +WebLogic on Azure IaaS + +

Link

+ +https://www.youtube.com/watch?v=gFS-64XQorA + +

Thumbnail

+ + From 7878676b8033a0c5aa5c2d0b33cc6096c7a9ea59 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Wed, 20 Oct 2021 16:12:37 +0800 Subject: [PATCH 031/720] Use older Bicep Signed-off-by: Zheng Chang --- .github/workflows/testWlsAks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index e545ad0e3..52d06f83f 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -42,7 +42,7 @@ jobs: java-version: 1.8 - name: Set up bicep run: | - curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + curl -Lo bicep https://github.com/Azure/bicep/releases/download/v0.4.613/bicep-linux-x64 chmod +x ./bicep sudo mv ./bicep /usr/local/bin/bicep bicep --version From ac2e7e71700a67e00f90b5bb09b9876a44d229db Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Thu, 21 Oct 2021 10:27:59 +0800 Subject: [PATCH 032/720] Add pipeline to build WLS on AKS artifact Signed-off-by: Zheng Chang --- .github/workflows/buildWlsAksArtifact.yml | 57 +++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 .github/workflows/buildWlsAksArtifact.yml diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml new file mode 100644 index 000000000..92aa86d33 --- /dev/null +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -0,0 +1,57 @@ +name: Build WLS on AKS artifact + +on: + workflow_dispatch: + repository_dispatch: + +env: + refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 + azCliVersion: 2.23.0 + location: eastus + aksRepoUserName: oracle + aksRepoBranchName: main + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Set up bicep + run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/download/v0.4.613/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --version + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure + uses: actions/checkout@v2 + with: + repository: ${{ env.aksRepoUserName }}/weblogic-azure + path: weblogic-azure + ref: ${{ env.aksRepoBranchName }} + - name: Build and test weblogic-azure/weblogic-azure-aks + run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" + - name: Archive weblogic-azure/weblogic-azure-aks template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} \ No newline at end of file From 0fc7b0c8db7b76c9cbfdc597692a8e7ca893ad85 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 21 Oct 2021 10:52:01 +0800 Subject: [PATCH 033/720] On branch galia-3rddb: enhance UI. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json --- weblogic-azure-aks/src/main/arm/createUiDefinition.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 2fc7cb742..7c18028dc 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -1690,8 +1690,8 @@ "defaultValue": "", "constraints": { "required": true, - "regex": "^[a-z0-9A-Z/]{1,30}$", - "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." + "regex": "^[a-zA-Z0-9./_-]{1,30}$", + "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, hyphens (-), underscores (_), periods (.) and slashes (/)." }, "visible": true }, @@ -1768,7 +1768,7 @@ "defaultValue": "", "constraints": { "required": true, - "regex": "^(?!\\-)([a-z0-9A-Z@\\-]{1,128})([^\\-])$", + "regex": "^(?=.{1,128}$)[a-zA-Z](?!.*--)(?!.*@@)(?!.*-@)(?!.*@-)[a-zA-Z0-9-@]*[a-zA-Z0-9]$", "validationMessage": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." }, "visible": true From b4f9480c73ee0febd4d7c672e318a7ec25d9d796 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 21 Oct 2021 15:20:08 +0800 Subject: [PATCH 034/720] On branch validate-app: make sure all applications in the cluster are active. Signed-off-by: galiacheng Changes to be committed: new file: weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py modified: weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh modified: weblogic-azure-aks/src/main/arm/scripts/utility.sh modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep --- .../py-scripts/checkApplicationStatus.py | 57 +++++++++++++++++++ .../src/main/arm/scripts/setupWLSDomain.sh | 11 ++++ .../src/main/arm/scripts/utility.sh | 36 ++++++++++++ .../_ds-create-wls-cluster.bicep | 2 + 4 files changed, 106 insertions(+) create mode 100644 weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py diff --git a/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py b/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py new file mode 100644 index 000000000..2ba47fb68 --- /dev/null +++ b/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py @@ -0,0 +1,57 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +import sys + +def usage(): + print(sys.argv[0] + '-user -password -t3ChannelAddress
-t3ChannelPort ') + +if len(sys.argv) < 4: + usage() + sys.exit(0) + +#domainUser is hard-coded to weblogic. You can change to other name of your choice. Command line paramter -user. +domainUser = 'weblogic' +#domainPassword will be passed by Command line parameter -password. +domainPassword = None +t3ChannelPort = None +t3ChannelAddress = None + +i = 1 +while i < len(sys.argv): + if sys.argv[i] == '-user': + domainUser = sys.argv[i + 1] + i += 2 + elif sys.argv[i] == '-password': + domainPassword = sys.argv[i + 1] + i += 2 + elif sys.argv[i] == '-t3ChannelAddress': + t3ChannelAddress = sys.argv[i + 1] + i += 2 + elif sys.argv[i] == '-t3ChannelPort': + t3ChannelPort = sys.argv[i + 1] + i += 2 + else: + print('Unexpected argument switch at position ' + str(i) + ': ' + str(sys.argv[i])) + usage() + sys.exit(1) + +t3ConnectionUri='t3://'+t3ChannelAddress+':'+t3ChannelPort +connect(domainUser, domainPassword, t3ConnectionUri) +myapps=cmo.getAppDeployments() +inactiveApp=0 +for app in myapps: + bean=getMBean('/AppDeployments/'+app.getName()+'/Targets/') + targetsbean=bean.getTargets() + for target in targetsbean: + domainRuntime() + cd('AppRuntimeStateRuntime/AppRuntimeStateRuntime') + appstatus=cmo.getCurrentState(app.getName(),target.getName()) + if appstatus != 'STATE_ACTIVE': + inactiveApp=inactiveApp+1 + serverConfig() + +if inactiveApp == 0: + print("Summary: all applications are active!") +else: + print("Summary: number of inactive application:" + inactiveApp + '.') \ No newline at end of file diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh index f8b2ede38..f585f5e7b 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh @@ -735,6 +735,16 @@ function setup_wls_domain() { wait_for_image_update_completed wait_for_pod_completed + + # make sure all the application are active, if not, fail the deployment. + scriptCheckAppStatus=$scriptDir/checkApplicationStatus.py + chmod ugo+x $scriptDir/checkApplicationStatus.py + utility_validate_application_status \ + ${wlsDomainNS} \ + ${wlsAdminSvcName} \ + ${wlsUserName} \ + ${wlsPassword} \ + ${scriptCheckAppStatus} } # Main script @@ -790,6 +800,7 @@ export sasTokenValidTime=3600 export storageFileShareName="weblogic" export storageResourceGroup=${currentResourceGroup} export sharedPath="/shared" +export wlsAdminSvcName="${wlsDomainUID}-admin-server" export wlsDomainNS="${wlsDomainUID}-ns" export wlsOptHelmChart="https://oracle.github.io/weblogic-kubernetes-operator/charts" export wlsOptNameSpace="weblogic-operator-ns" diff --git a/weblogic-azure-aks/src/main/arm/scripts/utility.sh b/weblogic-azure-aks/src/main/arm/scripts/utility.sh index 42b0cf113..2b7635669 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/utility.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/utility.sh @@ -141,6 +141,42 @@ function utility_upload_file_to_fileshare() { fi } +# +# Make sure all the applciations are running +# Exit with error if there is inactive application. +# $1 - namespace of the domain +# $2 - ClusterIP service name of admin server +# $3 - domain user +# $4 - domain password +# $5 - path of python script which checks application status, the script will run on admin server pod. +function utility_validate_application_status() { + local wlsDomainNS=$1 + local wlsAdminSvcName=$2 + local wlsUser=$3 + local wlsPassword=$4 + local pyScriptPath=$5 + + local podName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=admin-server -o json \ + | jq '.items[0] | .metadata.name' \ + | tr -d "\"") + + # get non-ssl port + local adminTargetPort=$(kubectl get svc ${wlsAdminSvcName} -n ${wlsDomainNS} -o json | jq '.spec.ports[] | select(.name=="default") | .port') + local t3ChannelAddress="${podName}.${wlsDomainNS}" + + local targetFilePath=/tmp/checkApplicationStatus.py + echo "copy ${pyScriptPath} to ${targetFilePath}" + kubectl cp ${pyScriptPath} -n ${wlsDomainNS} ${podName}:${targetFilePath} + kubectl exec -it ${podName} -n ${wlsDomainNS} -c "weblogic-server" \ + -- bash -c "wlst.sh ${targetFilePath} -user ${wlsUser} -password ${wlsPassword} -t3ChannelAddress ${t3ChannelAddress} -t3ChannelPort ${adminTargetPort}" | + grep "Summary: all applications are active" + + if [ $? == 1 ];then + echo "Failed to deploy application to WLS cluster. Please make sure the configurations are correct." + exit 1 + fi +} + # Call this function to make sure pods of a domain are running. # * Make sure the admin server pod is running # * Make sure all the managed server pods are running diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index e7fafd739..33468b2b3 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -62,6 +62,7 @@ var const_arguments = '${ocrSSOUser} ${ocrSSOPSW} ${aksClusterRGName} ${aksClust var const_buildDockerImageScript='createVMAndBuildImage.sh' var const_commonScript = 'common.sh' var const_invokeSetUpDomainScript = 'invokeSetupWLSDomain.sh' +var const_pyCheckAppStatusScript = 'py-scripts/checkApplicationStatus.py' var const_pvTempalte = 'pv.yaml.template' var const_pvcTempalte = 'pvc.yaml.template' var const_scriptLocation = uri(_artifactsLocation, 'scripts/') @@ -88,6 +89,7 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { uri(const_scriptLocation, '${const_commonScript}${_artifactsLocationSasToken}') uri(const_scriptLocation, '${const_buildDockerImageScript}${_artifactsLocationSasToken}') uri(const_scriptLocation, '${const_updateDomainConfigScript}${_artifactsLocationSasToken}') + uri(const_scriptLocation, '${const_pyCheckAppStatusScript}${_artifactsLocationSasToken}') ] cleanupPreference: 'OnSuccess' retentionInterval: 'P1D' From b7446c29e43cb5729b5be1fdd7c61a37915e1e7f Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 22 Oct 2021 09:42:03 +0800 Subject: [PATCH 035/720] On branch galia-3rddb: apply Ed's changes to UI. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json --- .../src/main/arm/createUiDefinition.json | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 7c18028dc..b1db433ff 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -1674,7 +1674,7 @@ "value": "sqlserver" }, { - "label": "Others", + "label": "Other", "value": "otherdb" } ], @@ -1807,6 +1807,16 @@ }, "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" }, + { + "name": "dbDriverInfoBox", + "type": "Microsoft.Common.InfoBox", + "options": { + "icon": "Info", + "text": "WebLogic Server provides support for application data access to any database using a JDBC-compliant driver. Select here for more details.", + "uri": "https://aka.ms/wls-aks-dbdriver" + }, + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" + }, { "name": "dbDriverName", "type": "Microsoft.Common.TextBox", @@ -1924,4 +1934,4 @@ "wlsUserName": "[basics('basicsRequired').wlsUserName]" } } -} \ No newline at end of file +} From 848ce8badba9e3a9af1275572ab5bf09936629ed Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 22 Oct 2021 09:56:58 +0800 Subject: [PATCH 036/720] On branch validate-app: apply Ed's comments. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py modified: weblogic-azure-aks/src/main/arm/scripts/utility.sh --- .../src/main/arm/scripts/py-scripts/checkApplicationStatus.py | 1 + weblogic-azure-aks/src/main/arm/scripts/utility.sh | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py b/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py index 2ba47fb68..0cfa5c4b7 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py +++ b/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py @@ -51,6 +51,7 @@ def usage(): inactiveApp=inactiveApp+1 serverConfig() +# TIGHT COUPLING: this exact print text is expected to indicate a successful return. if inactiveApp == 0: print("Summary: all applications are active!") else: diff --git a/weblogic-azure-aks/src/main/arm/scripts/utility.sh b/weblogic-azure-aks/src/main/arm/scripts/utility.sh index 2b7635669..fc4040a5e 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/utility.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/utility.sh @@ -142,7 +142,7 @@ function utility_upload_file_to_fileshare() { } # -# Make sure all the applciations are running +# Make sure all the applications are running # Exit with error if there is inactive application. # $1 - namespace of the domain # $2 - ClusterIP service name of admin server From 95293450475abee7d852177c6beffa6b7358f68f Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 22 Oct 2021 13:13:35 +0800 Subject: [PATCH 037/720] On branch main: allow to specify the owner of the repo Signed-off-by: galiacheng --- .github/workflows/newtag.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml index d406a6ec5..230368ba2 100644 --- a/.github/workflows/newtag.yaml +++ b/.github/workflows/newtag.yaml @@ -10,6 +10,10 @@ on: description: 'Specify Git Ref if needed.' required: false default: 'refs/heads/main' + owner: + description: 'Specify repository owner.' + required: false + env: tagbranch: "tagbranch" gitToken: ${{ secrets.GIT_TOKEN }} @@ -64,7 +68,13 @@ jobs: git config --global user.email $userEmail git config --global user.name $userName - authGitPath=https://$gitToken@github.com/$userName/${{ env.repoName }}.git + + owner=${{ github.event.inputs.owner }} + if [[ -z "${owner}" ]];then + owner=$userName + fi + + authGitPath=https://$gitToken@github.com/$owner/${{ env.repoName }}.git echo "Create tag branch" remoteBranches=$(git ls-remote --heads) From 4801ef68146cc63d33e4943d0b1bd659dfd560bf Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 22 Oct 2021 13:44:00 +0800 Subject: [PATCH 038/720] On branch main: remove owner. Signed-off-by: galiacheng --- .github/workflows/newtag.yaml | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml index 230368ba2..a5962ac1b 100644 --- a/.github/workflows/newtag.yaml +++ b/.github/workflows/newtag.yaml @@ -10,9 +10,6 @@ on: description: 'Specify Git Ref if needed.' required: false default: 'refs/heads/main' - owner: - description: 'Specify repository owner.' - required: false env: tagbranch: "tagbranch" @@ -67,14 +64,8 @@ jobs: git config --global core.longpaths true git config --global user.email $userEmail git config --global user.name $userName - - - owner=${{ github.event.inputs.owner }} - if [[ -z "${owner}" ]];then - owner=$userName - fi - authGitPath=https://$gitToken@github.com/$owner/${{ env.repoName }}.git + authGitPath=https://$gitToken@github.com/${GITHUB_REPOSITORY}.git echo "Create tag branch" remoteBranches=$(git ls-remote --heads) From d92e5f1d846488d6f0da725bac563b4566584c11 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Fri, 22 Oct 2021 15:19:36 +0800 Subject: [PATCH 039/720] Add pipeline to sync up forked repo Signed-off-by: Zheng Chang --- .github/workflows/syncupWithUpstream.yml | 28 ++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/syncupWithUpstream.yml diff --git a/.github/workflows/syncupWithUpstream.yml b/.github/workflows/syncupWithUpstream.yml new file mode 100644 index 000000000..f096c73af --- /dev/null +++ b/.github/workflows/syncupWithUpstream.yml @@ -0,0 +1,28 @@ +name: Merge upstream branches +on: + workflow_dispatch: + schedule: + # run it every 10 mins + - cron: '*/10 * * * *' +env: + userName: ${{ secrets.USER_NAME }} + userEmail: ${{ secrets.USER_EMAIL }} +jobs: + merge: + if: (github.event_name == 'schedule' && github.repository_owner != 'oracle') || (github.event_name != 'schedule') + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Merge upstream + run: | + git config --global user.name ${{ env.userName }} + git config --global user.email ${{ env.userEmail }} + + # "git checkout main" is unnecessary, already here by default + git pull --unshallow + + git remote add upstream https://github.com/oracle/weblogic-azure.git + git fetch upstream + + git merge --no-edit upstream/main + git push origin main \ No newline at end of file From 5c7443e3375e0b39ad93047c86f7a84fd159ea92 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 22 Oct 2021 13:09:24 -0400 Subject: [PATCH 040/720] Update README.md --- .../src/main/resources/marketing-artifacts/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md index 8d61fd4a7..9b3c8722c 100644 --- a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md +++ b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md @@ -61,3 +61,9 @@ https://www.youtube.com/watch?v=gFS-64XQorA

Thumbnail

+ +LICENSE + +Copyright (c) 2021 Oracle and/or its affiliates. + +Released under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl/. From 28020b73d2c00d0bb7a6534c6384c725d09c76d8 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 22 Oct 2021 16:24:24 -0400 Subject: [PATCH 041/720] On branch edburns-msft-46-fix-trivial-python-error use str. Tested locally. modified: weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py With fix: ``` python message.py Summary: number of inactive application:0. `` Without fix: ``` python message.py Traceback (most recent call last): File "message.py", line 3, in print("Summary: number of inactive application: " + inactiveApp + '.') TypeError: cannot concatenate 'str' and 'int' objects ``` Signed-off-by: Ed Burns --- .../src/main/arm/scripts/py-scripts/checkApplicationStatus.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py b/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py index 0cfa5c4b7..0936b1ffd 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py +++ b/weblogic-azure-aks/src/main/arm/scripts/py-scripts/checkApplicationStatus.py @@ -55,4 +55,4 @@ def usage(): if inactiveApp == 0: print("Summary: all applications are active!") else: - print("Summary: number of inactive application:" + inactiveApp + '.') \ No newline at end of file + print("Summary: number of inactive application: " + str(inactiveApp) + '.') From 8c7aa038299c9a3a98086064aa7c1bfed1f13cbc Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 22 Oct 2021 17:49:54 -0400 Subject: [PATCH 042/720] On branch edburns-msft-48-tighten-triggers modified: .github/workflows/buildWlsAksArtifact.yml modified: .github/workflows/testWlsAks.yml Try to apply guidance from https://github.com/marketplace/actions/repository-dispatch to tighten workflows run via cURL. Signed-off-by: Ed Burns --- .github/workflows/buildWlsAksArtifact.yml | 3 ++- .github/workflows/testWlsAks.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml index 92aa86d33..72610f394 100644 --- a/.github/workflows/buildWlsAksArtifact.yml +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -3,6 +3,7 @@ name: Build WLS on AKS artifact on: workflow_dispatch: repository_dispatch: + types: [build-zip] env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 @@ -54,4 +55,4 @@ jobs: if: success() with: name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} \ No newline at end of file + path: ${{steps.artifact_file.outputs.artifactPath}} diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index 52d06f83f..fb3ced772 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -8,6 +8,7 @@ on: required: true default: 'false' repository_dispatch: + types: [integration-test] env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 @@ -346,4 +347,4 @@ jobs: azcliversion: ${{ env.azCliVersion }} inlineScript: | echo "delete... " ${{ env.resourceGroupForWlsAks }} - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForWlsAks }} \ No newline at end of file + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForWlsAks }} From 365d2890f1ad26eecc8b627c0053d611ab6e1cbe Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor Date: Thu, 7 Oct 2021 14:40:25 +0530 Subject: [PATCH 043/720] Updated license,copyrights and pid properties url --- .../arm-oraclelinux-wls-admin/.github/workflows/build.yml | 3 +++ .../.github/workflows/package.yaml | 3 +++ weblogic-azure-vm/arm-oraclelinux-wls-admin/README.md | 6 +++++- .../admin-ssl-post-deploy/pom.xml | 6 ++++++ weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml | 4 ++++ weblogic-azure-vm/arm-oraclelinux-wls/README.md | 6 ++++++ weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 4 ++++ .../arm-oraclelinux-wls/src/main/resources/README.md | 5 +++++ .../src/main/resources/description.html | 4 ++++ .../src/main/resources/marketing-artifacts/README.md | 8 +++++++- .../main/resources/marketing-artifacts/base-images.html | 4 ++++ 11 files changed, 51 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml index 48bda2b36..20da05267 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml @@ -1,3 +1,6 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + name: Build and Test on: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml index 521ee1b89..d5152bb4b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml @@ -1,3 +1,6 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + name: Package ARM on: workflow_dispatch: diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/README.md b/weblogic-azure-vm/arm-oraclelinux-wls-admin/README.md index 9f98cca02..c4058234a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/README.md @@ -1,7 +1,11 @@ + + ## WebLogic Server (with Administration Server) on Microsoft Azure - Marketplace Offerings This git repository is used to maintain the Azure Resource Management (ARM) templates and other scripts used for the implementation of WebLogic Server (with Administration Server) on Microsoft Azure. For WebLogic Server running in the Azure Virtual Machines documentation, please refer to the [README documentation](https://github.com/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls/README.md). - diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml index e175c183d..b768fd3b4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml @@ -23,10 +23,16 @@ ${project.artifactId} +<<<<<<< HEAD https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="admin-ssl-post-deploy/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties +======= + ${basedir}/../../arm-ttk/arm-ttk + -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/${git.tag}/"}' + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +>>>>>>> 5c345c0... Updated license,copyrights and pid properties url https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 9ce6edebe..5b6b5b753 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -24,7 +24,11 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' +<<<<<<< HEAD https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties +======= + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +>>>>>>> 5c345c0... Updated license,copyrights and pid properties url https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/README.md index 6e93c209e..019fb22d4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/README.md @@ -1,6 +1,12 @@ + + ## WebLogic Server installation on Microsoft Azure Virtual Machine - Marketplace Offerings This git repository is used to maintain the Azure Resource Management (ARM) templates and other scripts used for the implementation of WebLogic Server installation on Microsoft Azure. For WebLogic Server running in the Azure Virtual Machines documentation, please refer to the [README documentation](https://github.com/oracle/weblogic-azure/weblogic-azure-vm/README.md). + diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index 896fc2883..a29b09a7c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -24,8 +24,12 @@ jar arm-oraclelinux-wls +<<<<<<< HEAD ${basedir}/../../../arm-ttk/arm-ttk https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties +======= + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +>>>>>>> 5c345c0... Updated license,copyrights and pid properties url https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md index f0d1d8526..777e9a1a9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md @@ -1,3 +1,8 @@ + + # What is this stuff? Useful Links to documentation, video, blog of WebLogic on Azure IaaS. diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html index beb96a97f..ae4dbcf36 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html @@ -1 +1,5 @@

Oracle WebLogic Server 12c is a scalable, enterprise-ready Java EE 7 application server.

Oracle WebLogic Server is the best application server for building and deploying enterprise Java EE 7 applications with support for new features for lowering cost of operations, improving performance, enhancing scalability and supporting the Oracle Applications portfolio.

For documentation on this and other WebLogic Server on Microsoft Azure IaaS offers, see the official documentation.

WebLogic implements the following standards.
StandardVersion

Batch

1.0

CDI

1.1

Dependency Injection

1.0

Concurrent Managed Objects

1.0

Expression Language (EL)

3.0, 2.2, 2.1, 2.0

JSON Processing

1.0

XML Web Services (JAX-WS)

2.2, 2.1, 2.0

REST (JAX-RS)

2.0

WebSocket

1.1

JavaBeans Activation Framework

1.1

Java EE

7.0

Application Deployment

1.2

Bean Validation

1.1

Common Annotations

1.2

Connectors

1.7

EJB

3.2, 3.1, 3.0, 2.1, 2.0, and 1.1

Web Services

1.3, 1.2, 1.1

Interceptors

1.2

JDBC

4.0, 3.0

JMS

2.0, 1.1, 1.0.2b

JNDI

1.2

JSF

2.2, 2.1.*, 2.0, 1.2, 1.1

JSP

2.3, 2.2, 2.1, 2.0, 1.2, and 1.1

Managed Beans

1.0

Servlet

3.1, 3.0, 2.5, 2.4, 2.3, and 2.2

Java RMI

1.0

JavaMail

1.5

JTA

1.2

JAX-B

2.2, 2.1, 2.0

JAX-P

1.3, 1.2, 1.1

JAX-R

1.0

JAX-RPC

1.1

JMX

2.0

JPA

2.1, 2.0., 1.0

Management

1.1

JSTL

1.2

Managed Beans

1.0

OTS/JTA

OTS 1.2 and JTA 1.2

RMI/IIOP

1.0

SOAP Attachments (SAAJ)

1.3, 1.2

Streaming API for XML (StAX)

1.0

Web Services Metadata

2.0, 1.1

+

License

+Copyright (c) 2021 Oracle and/or its affiliates. +

+Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/README.md index 2a9211287..ac2e7643d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/README.md @@ -1,3 +1,8 @@ + +

Offer listing

Name

@@ -32,6 +37,7 @@ WebLogic https://www.oracle.com/legal/privacy/privacy-policy.html +

Useful links

[Overview](https://www.oracle.com/middleware/weblogic/) @@ -60,4 +66,4 @@ https://www.youtube.com/watch?v=gFS-64XQorA

Thumbnail

- + \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/base-images.html b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/base-images.html index 07e797f93..aac2be19c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/base-images.html +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/base-images.html @@ -82,3 +82,7 @@

Customer support links

https://support.oracle.com/portal/ +

License

+Copyright (c) 2021, Oracle and/or its affiliates. +

+Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. From bac0c8a72815b0df0715d32d4d748ddd99aa8207 Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor Date: Tue, 19 Oct 2021 12:48:18 +0530 Subject: [PATCH 044/720] Resolved conflict files --- .../arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml | 6 ------ weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml | 4 ---- weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 4 ---- 3 files changed, 14 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml index b768fd3b4..e175c183d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml @@ -23,16 +23,10 @@ ${project.artifactId} -<<<<<<< HEAD https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="admin-ssl-post-deploy/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties -======= - ${basedir}/../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/${git.tag}/"}' - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties ->>>>>>> 5c345c0... Updated license,copyrights and pid properties url https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 5b6b5b753..9ce6edebe 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -24,11 +24,7 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' -<<<<<<< HEAD https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties -======= - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties ->>>>>>> 5c345c0... Updated license,copyrights and pid properties url https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index a29b09a7c..896fc2883 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -24,12 +24,8 @@ jar arm-oraclelinux-wls -<<<<<<< HEAD ${basedir}/../../../arm-ttk/arm-ttk https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties -======= - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties ->>>>>>> 5c345c0... Updated license,copyrights and pid properties url https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties From 233ad29e0197ddde8eaf4204d19e130fc186938f Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor Date: Tue, 19 Oct 2021 14:46:32 +0530 Subject: [PATCH 045/720] Corrected pid.properties file URL --- .../arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml | 2 +- weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml | 2 +- weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml index e175c183d..a219d21ef 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml @@ -26,7 +26,7 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="admin-ssl-post-deploy/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-admin/"}' - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 9ce6edebe..5825d5696 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -24,7 +24,7 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index 896fc2883..9b7f49565 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -25,7 +25,7 @@ arm-oraclelinux-wls ${basedir}/../../../arm-ttk/arm-ttk - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties From 3cfed6688e5f351ec95ae64a004d7d6947e0ed64 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 22 Oct 2021 18:31:10 -0400 Subject: [PATCH 046/720] On branch edburns-msft-48-tighten-triggers modified: .github/workflows/testWlsAks.yml See https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1421474 . Signed-off-by: Ed Burns --- .github/workflows/testWlsAks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index fb3ced772..b53e42af3 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -12,7 +12,7 @@ on: env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 - azCliVersion: 2.23.0 + azCliVersion: 2.29.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} location: eastus resourceGroupForWlsAks: wlsd-aks-${{ github.run_id }}-${{ github.run_number }} From 231207cd1c9a8e101616324f347c209535d507f6 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 22 Oct 2021 18:43:17 -0400 Subject: [PATCH 047/720] On branch edburns-msft-48-tighten-triggers Make this trigger only for Monica. modified: .github/workflows/syncupWithUpstream.yml Signed-off-by: Ed Burns --- .github/workflows/syncupWithUpstream.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/syncupWithUpstream.yml b/.github/workflows/syncupWithUpstream.yml index f096c73af..47ef86cda 100644 --- a/.github/workflows/syncupWithUpstream.yml +++ b/.github/workflows/syncupWithUpstream.yml @@ -9,7 +9,7 @@ env: userEmail: ${{ secrets.USER_EMAIL }} jobs: merge: - if: (github.event_name == 'schedule' && github.repository_owner != 'oracle') || (github.event_name != 'schedule') + if: (github.event_name == 'schedule' && github.repository_owner == 'mriccell') || (github.event_name != 'schedule') runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 @@ -25,4 +25,4 @@ jobs: git fetch upstream git merge --no-edit upstream/main - git push origin main \ No newline at end of file + git push origin main From e2b2ae20e5ca125bf80bb9cf59ebfff642266a70 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Tue, 26 Oct 2021 09:55:58 +0800 Subject: [PATCH 048/720] Use Git token to sync up with upstream Signed-off-by: Zheng Chang --- .github/workflows/syncupWithUpstream.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/syncupWithUpstream.yml b/.github/workflows/syncupWithUpstream.yml index 47ef86cda..0781081e2 100644 --- a/.github/workflows/syncupWithUpstream.yml +++ b/.github/workflows/syncupWithUpstream.yml @@ -1,18 +1,20 @@ name: Merge upstream branches on: workflow_dispatch: - schedule: - # run it every 10 mins - - cron: '*/10 * * * *' + repository_dispatch: + types: [upstream-sync] env: userName: ${{ secrets.USER_NAME }} userEmail: ${{ secrets.USER_EMAIL }} + gitToken: ${{ secrets.GIT_TOKEN }} jobs: merge: if: (github.event_name == 'schedule' && github.repository_owner == 'mriccell') || (github.event_name != 'schedule') runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + with: + token: ${{ env.gitToken }} - name: Merge upstream run: | git config --global user.name ${{ env.userName }} From a3404a6c3efe61efb54fa7e152cb6b69d2e6b6ae Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 25 Oct 2021 11:10:50 +0800 Subject: [PATCH 049/720] On branch main: check application status after all configurations are set. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh modified: weblogic-azure-aks/src/main/arm/scripts/utility.sh new file: weblogic-azure-aks/src/main/arm/scripts/validateApplications.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep --- .../src/main/arm/scripts/setupWLSDomain.sh | 11 ---- .../src/main/arm/scripts/utility.sh | 2 +- .../main/arm/scripts/validateApplications.sh | 37 +++++++++++ .../src/main/bicep/mainTemplate.bicep | 17 +++++ .../_ds-create-wls-cluster.bicep | 2 - .../_ds-validate-applications.bicep | 63 +++++++++++++++++++ 6 files changed, 118 insertions(+), 14 deletions(-) create mode 100644 weblogic-azure-aks/src/main/arm/scripts/validateApplications.sh create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh index f585f5e7b..f8b2ede38 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh @@ -735,16 +735,6 @@ function setup_wls_domain() { wait_for_image_update_completed wait_for_pod_completed - - # make sure all the application are active, if not, fail the deployment. - scriptCheckAppStatus=$scriptDir/checkApplicationStatus.py - chmod ugo+x $scriptDir/checkApplicationStatus.py - utility_validate_application_status \ - ${wlsDomainNS} \ - ${wlsAdminSvcName} \ - ${wlsUserName} \ - ${wlsPassword} \ - ${scriptCheckAppStatus} } # Main script @@ -800,7 +790,6 @@ export sasTokenValidTime=3600 export storageFileShareName="weblogic" export storageResourceGroup=${currentResourceGroup} export sharedPath="/shared" -export wlsAdminSvcName="${wlsDomainUID}-admin-server" export wlsDomainNS="${wlsDomainUID}-ns" export wlsOptHelmChart="https://oracle.github.io/weblogic-kubernetes-operator/charts" export wlsOptNameSpace="weblogic-operator-ns" diff --git a/weblogic-azure-aks/src/main/arm/scripts/utility.sh b/weblogic-azure-aks/src/main/arm/scripts/utility.sh index fc4040a5e..61cd64f3d 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/utility.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/utility.sh @@ -172,7 +172,7 @@ function utility_validate_application_status() { grep "Summary: all applications are active" if [ $? == 1 ];then - echo "Failed to deploy application to WLS cluster. Please make sure the configurations are correct." + echo_stderr "Failed to deploy application to WLS cluster. Please make sure the configurations are correct." exit 1 fi } diff --git a/weblogic-azure-aks/src/main/arm/scripts/validateApplications.sh b/weblogic-azure-aks/src/main/arm/scripts/validateApplications.sh new file mode 100644 index 000000000..b24db54af --- /dev/null +++ b/weblogic-azure-aks/src/main/arm/scripts/validateApplications.sh @@ -0,0 +1,37 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# This script runs on Azure Container Instance with Alpine Linux that Azure Deployment script creates. + +# Connect to AKS cluster +function connect_aks_cluster() { + az aks get-credentials \ + --resource-group ${AKS_RESOURCE_GROUP_NAME} \ + --name ${AKS_NAME} \ + --overwrite-existing +} + +function validate_app() { + # make sure all the application are active, if not, fail the deployment. + local wlsDomainNS="${WLS_DOMAIN_UID}-ns" + local wlsAdminSvcName="${WLS_DOMAIN_UID}-admin-server" + scriptCheckAppStatus=$scriptDir/checkApplicationStatus.py + chmod ugo+x $scriptDir/checkApplicationStatus.py + utility_validate_application_status \ + ${wlsDomainNS} \ + ${wlsAdminSvcName} \ + ${WLS_DOMAIN_USER} \ + ${WLS_DOMAIN_PASSWORD} \ + ${scriptCheckAppStatus} +} + +# Main script +export script="${BASH_SOURCE[0]}" +export scriptDir="$(cd "$(dirname "${script}")" && pwd)" + +source ${scriptDir}/utility.sh + +install_kubectl + +connect_aks_cluster + +validate_app \ No newline at end of file diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 0545a0ed3..1a1560d88 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -622,6 +622,23 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { ] } +module validateApplciations 'modules/_deployment-scripts/_ds-validate-applications.bicep' = { + name: 'validate-wls-application-status' + params:{ + _artifactsLocation: _artifactsLocation + _artifactsLocationSasToken: _artifactsLocationSasToken + aksClusterRGName: ref_wlsDomainDeployment.outputs.aksClusterRGName.value + aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value + identity: identity + wlsDomainUID: wlsDomainUID + wlsPassword: wlsPassword + wlsUserName: wlsUserName + } + dependsOn: [ + datasourceDeployment + ] +} + output aksClusterName string = ref_wlsDomainDeployment.outputs.aksClusterName.value output adminConsoleInternalUrl string = ref_wlsDomainDeployment.outputs.adminServerUrl.value output adminConsoleExternalUrl string = const_enableNetworking ? networkingDeployment.outputs.adminConsoleExternalUrl : '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index 33468b2b3..e7fafd739 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -62,7 +62,6 @@ var const_arguments = '${ocrSSOUser} ${ocrSSOPSW} ${aksClusterRGName} ${aksClust var const_buildDockerImageScript='createVMAndBuildImage.sh' var const_commonScript = 'common.sh' var const_invokeSetUpDomainScript = 'invokeSetupWLSDomain.sh' -var const_pyCheckAppStatusScript = 'py-scripts/checkApplicationStatus.py' var const_pvTempalte = 'pv.yaml.template' var const_pvcTempalte = 'pvc.yaml.template' var const_scriptLocation = uri(_artifactsLocation, 'scripts/') @@ -89,7 +88,6 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { uri(const_scriptLocation, '${const_commonScript}${_artifactsLocationSasToken}') uri(const_scriptLocation, '${const_buildDockerImageScript}${_artifactsLocationSasToken}') uri(const_scriptLocation, '${const_updateDomainConfigScript}${_artifactsLocationSasToken}') - uri(const_scriptLocation, '${const_pyCheckAppStatusScript}${_artifactsLocationSasToken}') ] cleanupPreference: 'OnSuccess' retentionInterval: 'P1D' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep new file mode 100644 index 000000000..44600e7a3 --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep @@ -0,0 +1,63 @@ +// Copyright (c) 2021, Oracle Corporation and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +param _artifactsLocation string +@secure() +param _artifactsLocationSasToken string = '' + +param aksClusterRGName string = '' +param aksClusterName string = '' +param identity object +param utcValue string = utcNow() +param wlsDomainUID string = 'sample-domain1' +@secure() +param wlsPassword string +@description('User name for WebLogic Administrator.') +param wlsUserName string = 'weblogic' + +var const_azcliVersion='2.15.0' +var const_pyCheckAppStatusScript = 'py-scripts/checkApplicationStatus.py' +var const_scriptLocation = uri(_artifactsLocation, 'scripts/') +var const_validateAppScript= 'validateApplications.sh' +var const_utilityScript= 'utility.sh' + + +resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: 'ds-wls-validate-applications' + location: resourceGroup().location + kind: 'AzureCLI' + identity: identity + properties: { + azCliVersion: const_azcliVersion + environmentVariables: [ + { + name: 'AKS_RESOURCE_GROUP_NAME' + value: aksClusterRGName + } + { + name: 'AKS_NAME' + value: aksClusterName + } + { + name: 'WLS_DOMAIN_UID' + value: wlsDomainUID + } + { + name: 'WLS_DOMAIN_USER' + value: wlsUserName + } + { + name: 'WLS_DOMAIN_PASSWORD' + secureValue: wlsPassword + } + ] + primaryScriptUri: uri(const_scriptLocation, '${const_validateAppScript}${_artifactsLocationSasToken}') + supportingScriptUris: [ + uri(const_scriptLocation, '${const_utilityScript}${_artifactsLocationSasToken}') + uri(const_scriptLocation, '${const_pyCheckAppStatusScript}${_artifactsLocationSasToken}') + ] + cleanupPreference: 'OnSuccess' + retentionInterval: 'P1D' + forceUpdateTag: utcValue + } +} From 4c5968acd69cd4f0d111bea15e1e51e240a44b3a Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 27 Oct 2021 15:00:32 +0800 Subject: [PATCH 050/720] On branch main: set "check application ACTIVE state" as a configurable option. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep --- weblogic-azure-aks/src/main/arm/createUiDefinition.json | 7 +++++++ weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 9 +++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index f5ded01f9..fad419c39 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -612,6 +612,12 @@ }, "visible": "[bool(steps('section_aks').jeeAppInfo.uploadAppPackage)]" }, + { + "name": "validateApplications", + "type": "Microsoft.Common.CheckBox", + "label": "Fail deployment if application does not become ACTIVE.", + "visible": "[bool(steps('section_aks').jeeAppInfo.uploadAppPackage)]" + }, { "name": "appReplicas", "type": "Microsoft.Common.TextBox", @@ -1813,6 +1819,7 @@ "useOracleImage": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "userProvidedAcr": "[last(split(steps('section_aks').imageInfo.userProvidedAcrSelector.id, '/'))]", "userProvidedImagePath": "[steps('section_aks').imageInfo.userProvidedImagePath]", + "validateApplications": "[bool(steps('section_aks').jeeAppInfo.validateApplications)]", "wdtRuntimePassword": "[basics('basicsRequired').wdtRuntimePassword]", "wlsClusterSize": "[basics('basicsOptional').wlsClusterSize]", "wlsDomainName": "[basics('basicsOptional').wlsDomainName]", diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 1a1560d88..e676f92e8 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -224,6 +224,7 @@ param userProvidedAcr string = 'null' param userProvidedImagePath string = 'null' @description('Use Oracle images or user provided patched images') param useOracleImage bool = true +param validateApplications bool = false @secure() @description('Password for model WebLogic Deploy Tooling runtime encrytion.') param wdtRuntimePassword string @@ -622,9 +623,13 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { ] } -module validateApplciations 'modules/_deployment-scripts/_ds-validate-applications.bicep' = { +/* +* To check if all the applciations in WLS cluster become ACTIVE state after all configurations are completed. +* This should be the last step. +*/ +module validateApplciations 'modules/_deployment-scripts/_ds-validate-applications.bicep' = if (validateApplications) { name: 'validate-wls-application-status' - params:{ + params: { _artifactsLocation: _artifactsLocation _artifactsLocationSasToken: _artifactsLocationSasToken aksClusterRGName: ref_wlsDomainDeployment.outputs.aksClusterRGName.value From 8115ec473304edfd19cabe40d92fe1fd61a7ff60 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 27 Oct 2021 15:21:26 +0800 Subject: [PATCH 051/720] On branch main: add comments for Pbicep-dev Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep --- weblogic-azure-aks/pom.xml | 6 ++++++ weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 5 ++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index a1fd1123f..3b1ea52f6 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -8,6 +8,12 @@ 4.0.0 + com.oracle.weblogic.azure wls-on-aks-azure-marketplace diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index e676f92e8..c09539997 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -13,7 +13,10 @@ * * Build marketplace offer for test: * Replace the partner center pid in mainTemplate.bicep, then run the following command to generate the ARM package, and upload it to partner center. -* $ mvn -Pbicep -Ddev -Passembly clean install +* If using azure-javaee-iaas-parent less than 1.0.13, use: +* $ mvn -Pbicep -Passembly -Ddev clean install +* otherwise, use +* $ mvn -Pbicep-dev -Passembly clean install */ param _artifactsLocation string = deployment().properties.templateLink.uri From 1b26d2281bfd79bfa9bea08a65a954a8446c8b48 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 27 Oct 2021 15:27:57 +0800 Subject: [PATCH 052/720] On branch main: test main branch Signed-off-by: galiacheng --- .github/workflows/testWlsAks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index b53e42af3..714abd314 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -26,7 +26,7 @@ env: wlsUserName: ${{ secrets.WLS_USERNAME }} wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoUserName: oracle + aksRepoUserName: galiacheng aksRepoBranchName: main resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} From 1dbc6edd2942056c5a5c06e60a351984ac615f6a Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 27 Oct 2021 15:30:46 +0800 Subject: [PATCH 053/720] On branch main: test main branch Signed-off-by: galiacheng --- .github/workflows/testWlsAks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index 714abd314..b53e42af3 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -26,7 +26,7 @@ env: wlsUserName: ${{ secrets.WLS_USERNAME }} wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoUserName: galiacheng + aksRepoUserName: oracle aksRepoBranchName: main resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} From dfe00c9b7604eb48ad9fb910cb90903335a9034f Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor Date: Wed, 27 Oct 2021 20:45:18 +0530 Subject: [PATCH 054/720] Added RHEL pids to properties --- .../src/main/resources/microsoft-pid.properties | 14 ++++++++++---- .../src/main/resources/pid.properties | 13 +++++++++---- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties index 1a630cb37..2c6e2f5ab 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties @@ -11,12 +11,12 @@ azure.apiVersionForKeyVault=2019-09-01 # Values in this file are read at build time for the other Azure Marketplace offer repositories # This file is for pids used when testing the offers in the Microsoft internal Marketplace account. -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls end=4590f705-3e93-5945-95c3-eeb88b976091 start=7908d405-18b6-5394-988e-fb4cabdbf5e5 -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls-admin +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-admin admin.aad.end=8295df19-fe6b-5745-ad24-51ef66522b24 admin.aad.start=fc7e031d-111d-5a3a-8b5a-e08602237dca @@ -29,7 +29,7 @@ admin.elk.start=3dc18163-180b-56eb-adf2-501f97c88c7c admin.end=08e3f14d-2362-5c43-8269-133a0045d223 admin.start=4b4d5bab-1032-530c-88db-ac3f7caf440d -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls-cluster +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster cluster.aad.end=3fa6990d-1fcb-54e3-95b2-1ccd1ec50e37 cluster.aad.start=a714884a-c4a6-5cfd-b014-97e7618b79c1 @@ -63,7 +63,7 @@ database.oracle=692b2d84-72f5-5992-a15d-0d5bcfef040d database.postgresql=935df06e-a5d5-5bf1-af66-4c1eb71dac7a database.sqlserver=3569588c-b89d-5567-84ee-a2c633c7204c -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster dynamic.aad.end=6449f9a2-0713-5a81-a886-dce6d8d5c137 dynamic.aad.start=6245e080-ab9b-5e42-ac14-fc38cc610a11 @@ -100,3 +100,9 @@ from.owls-122130-jdk8-ol73=bf1d0f1a-cb9a-5453-bf70-42b4efe8c15e from.owls-122140-jdk8-ol76=bde756bb-ce96-54d5-a478-04d9bd87e9db from.owls-141100-jdk8-ol76=b6f00a34-1478-5a10-9a84-49c4051b57b8 from.owls-141100-jdk11-ol76=afc8f9c5-8c5d-5d1b-ab4d-3116ca908bfd + +# Pids to indicate which latest base image was chosen. No difference in these +# between Oracle and Microsoft +from.owls-122140-jdk8-rhel76=0a52f317-8b40-4a77-9f3c-7607fc3ebfb7wls +from.owls-141100-jdk8-rhel76=26ec5cf5-dd84-4764-97cf-4f830facbf66wls +from.owls-141100-jdk11-rhel76=ada2e3e6-faef-4339-aaac-40bcdc4484ecwls \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties index 637d18d2a..aaca8a44a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties @@ -11,12 +11,12 @@ azure.apiVersionForKeyVault=2019-09-01 # Values in this file are read at build time for the other Azure Marketplace offer repositories -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls end=8f75aefd-02b2-50a8-9a6e-feb41176559f start=b446fe15-5d43-5549-858d-4775741cd0ba -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls-admin +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-admin admin.aad.end=d273da6e-9128-5163-a8e7-9f76505ae5cc admin.aad.start=0a77c1d0-cf1e-5185-89ad-230ffe24d0f8 @@ -29,7 +29,7 @@ admin.elk.start=f3c3b847-89ea-54c8-904e-10ff8eba14fa admin.end=057f09cd-6f90-5c1c-b655-3aba168aef35 admin.start=18f4b80a-6ca2-5840-8f88-4e7156ed6db0 -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls-cluster +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster cluster.aad.end=3031eeaf-f67e-5f61-8bf1-aad6006eaf6d cluster.aad.start=cae84e84-407c-5cef-b2a0-cd95d4ff8824 @@ -63,7 +63,7 @@ database.oracle=692b2d84-72f5-5992-a15d-0d5bcfef040d database.postgresql=935df06e-a5d5-5bf1-af66-4c1eb71dac7a database.sqlserver=3569588c-b89d-5567-84ee-a2c633c7204c -# Pids used in https://github.com/wls-eng/arm-oraclelinux-wls-dynamic-cluster +# Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster dynamic.aad.end=f5a60b13-efd6-551a-a40f-3923804e475d dynamic.aad.start=7dcc8904-9a8a-5b71-a73d-6caa9edb78ef @@ -102,3 +102,8 @@ from.owls-122140-jdk8-ol76=6637154a-06d2-4ac0-82ab-2a1d7e391eab from.owls-141100-jdk8-ol76=060d9c3f-cc20-4380-a383-fd20594e5b2a from.owls-141100-jdk11-ol76=3220431f-33d4-416a-8df7-a0fcc23a25e4 +# Pids to indicate which latest base image was chosen. No difference in these +# between Oracle and Microsoft +from.owls-122140-jdk8-rhel76=0a52f317-8b40-4a77-9f3c-7607fc3ebfb7wls +from.owls-141100-jdk8-rhel76=26ec5cf5-dd84-4764-97cf-4f830facbf66wls +from.owls-141100-jdk11-rhel76=ada2e3e6-faef-4339-aaac-40bcdc4484ecwls From 4b7239b54ab492d857b33c3a59c1ed9e87d64ea5 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 27 Oct 2021 12:39:36 -0400 Subject: [PATCH 055/720] On branch galiacheng-main Add infobox with more explanation of checkbox and link to documentation modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json --- .../src/main/arm/createUiDefinition.json | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index fad419c39..68ad34ae0 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -612,6 +612,16 @@ }, "visible": "[bool(steps('section_aks').jeeAppInfo.uploadAppPackage)]" }, + { + "name": "validateApplicationsInfo", + "type": "Microsoft.Common.InfoBox", + "visible": "[bool(steps('section_aks').jeeAppInfo.uploadAppPackage)]", + "options": { + "icon": "Info", + "text": "If checked, verify the deployed app reaches the ACTIVE state and fail the deployment if it does not. See the documentation link for more information.", + "uri": "https://aka.ms/wls-aks-deployment-state" + } + }, { "name": "validateApplications", "type": "Microsoft.Common.CheckBox", @@ -1830,4 +1840,4 @@ "wlsUserName": "[basics('basicsRequired').wlsUserName]" } } -} \ No newline at end of file +} From 6414cf97ba434f01b96b3b60537c974e50749bad Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 28 Oct 2021 11:12:32 +0800 Subject: [PATCH 056/720] On branch main: only one UAMI is accepteable Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json On branch galiacheng-main Update info box to indicate necessary roles for UAMI. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns On branch galiacheng-main Additional clarity and references. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json ``` - "label": "Cluster size", + "label": "Maximum cluster size", - "label": "Size", + "label": "Node size", ``` - Basics blade, T3 tunneling TextBlock. - Configure cluster blade, Container Insights and Persistent Storage TextBlocks. - Networking blade. Refactor ordering, wording, add TextBlocks. - --- .../src/main/arm/createUiDefinition.json | 124 ++++++++++++++---- 1 file changed, 96 insertions(+), 28 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index f06691b5c..871f3daea 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -23,8 +23,8 @@ "message": "The value must be 1-30 characters long and must only contain letters and numbers." }, { - "isValid": "[greaterOrEquals(length(basics('basicsRequired').identity.userAssignedIdentities),1)]", - "message": "Please select at least one user assigned managed identity from User assigned managed identity control below." + "isValid": "[equals(length(basics('basicsRequired').identity.userAssignedIdentities),1)]", + "message": "Please select exactly one user assigned managed identity from the User assigned managed identity control below." } ] }, @@ -69,10 +69,10 @@ { "name": "errInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[less(length(basics('basicsRequired').identity.userAssignedIdentities),1)]", + "visible": "[not(equals(length(basics('basicsRequired').identity.userAssignedIdentities),1))]", "options": { "icon": "Error", - "text": "Please select at least one user assigned managed identity.", + "text": "Please select exactly one user assigned managed identity. The identity must have the Contributor or Owner role in the specified subscription.", "uri": "https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-manage-ua-identity-portal" } }, @@ -163,7 +163,7 @@ "type": "Microsoft.Common.Slider", "min": 5, "max": 1000, - "label": "Cluster size", + "label": "Maximum cluster size", "defaultValue": 5, "showStepMarkers": false, "toolTip": "The maximum size of the WebLogic cluster.", @@ -184,6 +184,18 @@ }, "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]" }, + { + "name": "enableT3TunnelingTextBlock", + "type": "Microsoft.Common.TextBlock", + "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]", + "options": { + "text": "If checked, configure the necessary settings to enable T3 tunneling. You must take additional action on the Networking tab if either of these are checked.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-t3-tunneling" + } + } + }, { "name": "enableAdminT3Tunneling", "type": "Microsoft.Common.CheckBox", @@ -310,7 +322,7 @@ { "name": "nodeVMSizeSelector", "type": "Microsoft.Compute.SizeSelector", - "label": "Size", + "label": "Node size", "toolTip": "", "recommendedSizes": [ "Standard_DS2_v2" @@ -328,12 +340,36 @@ "count": "[steps('section_aks').clusterInfo.aksNodeCount]", "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" }, + { + "name": "enableAzureMonitoringTextBlock", + "type": "Microsoft.Common.TextBlock", + "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", + "options": { + "text": "If checked, configure the necessary settings to integrate with Container insights.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-container-insights" + } + } + }, { "name": "enableAzureMonitoring", "type": "Microsoft.Common.CheckBox", - "label": "Enable Azure Monitoring", + "label": "Enable Container insights", "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" }, + { + "name": "enableAzureFileShareTextBlock", + "type": "Microsoft.Common.TextBlock", + "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", + "options": { + "text": "If checked, configure the necessary settings to mount a persistent volume to the nodes of the AKS cluster.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-persistent-storage" + } + } + }, { "name": "enableAzureFileShare", "type": "Microsoft.Common.CheckBox", @@ -350,9 +386,9 @@ { "name": "useOracleImage", "type": "Microsoft.Common.OptionsGroup", - "label": "Use a pre-existing WebLogic Server Docker image in Oracle Container Registry?", + "label": "Use a pre-existing WebLogic Server Docker image from Oracle Container Registry?", "defaultValue": "Yes", - "toolTip": "Select 'Yes' to a use pre-existing WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic server image, from the specified ACR instance. This allows the use of custom PSU images.", + "toolTip": "Select 'Yes' to a use pre-existing WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic server image, from the specified ACR instance. This allows the use of custom images, such as with a specific set PSUs.", "constraints": { "allowedValues": [ { @@ -373,7 +409,7 @@ "visible": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]", "options": { "icon": "Info", - "text": "Make sure the Azure Container Registry has enabled admin user.", + "text": "Make sure the Azure Container Registry has enabled the admin user.", "uri": "https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication#admin-account" } }, @@ -431,7 +467,7 @@ "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),not(bool(steps('section_aks').imageInfo.oracleCreateACR)))]", "options": { "icon": "Info", - "text": "Make sure the Azure Container Registry has enabled admin user.", + "text": "Make sure the Azure Container Registry has enabled the admin user.", "uri": "https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication#admin-account" } }, @@ -455,8 +491,8 @@ "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "options": { "icon": "Info", - "text": "Provide an Oracle Single Sign-On (SSO) account to access the Oracle Registry Server. Click the link to create Oracle SSO account.", - "uri": "https://profile.oracle.com/myprofile/account/create-account.jspx" + "text": "Provide an Oracle Single Sign-On (SSO) account to access the Oracle Registry Server. Select the link to create Oracle SSO account.", + "uri": "https://aka.ms/wls-aks-create-sso-account" } }, { @@ -581,7 +617,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Deploy your application package?", "defaultValue": "Yes", - "toolTip": "Select 'Yes' to deploy your application, or select 'No' to deploy a default 'hello world' open liberty application.", + "toolTip": "Select 'Yes' to deploy your application.", "constraints": { "allowedValues": [ { @@ -648,14 +684,14 @@ { "name": "section_sslConfiguration", "type": "Microsoft.Common.Section", - "label": "TLS/SSL Configuration", + "label": "TLS/SSL configuration", "elements": [ { "name": "sslConfigurationText", "type": "Microsoft.Common.TextBlock", "visible": true, "options": { - "text": "Selecting 'Yes' here will cause the template to provision WebLogic Administration Console, Remote Console, cluster and custom T3 channel on HTTPS (Secure) port, with your own TLS/SSL certificate.", + "text": "Selecting 'Yes' here will cause the offer to configure WebLogic Administration Console, Remote Console, cluster and custom T3 channel to use HTTPS (Secure) ports, with your own TLS/SSL certificate.", "link": { "label": "Learn more", "uri": "https://aka.ms/arm-oraclelinux-wls-ssl-config" @@ -707,7 +743,7 @@ "name": "uploadedCustomSSLSettings", "type": "Microsoft.Common.Section", "visible": "[and(steps('section_sslConfiguration').enableCustomSSL, equals(steps('section_sslConfiguration').sslConfigurationAccessOption, 'uploadConfig'))]", - "label": "TLS/SSL Configuration Settings", + "label": "TLS/SSL configuration Settings", "elements": [ { "name": "sslKeystoreInfo0", @@ -866,7 +902,7 @@ "name": "keyVaultStoredCustomSSLSettings", "type": "Microsoft.Common.Section", "visible": "[and(steps('section_sslConfiguration').enableCustomSSL, equals(steps('section_sslConfiguration').sslConfigurationAccessOption, 'keyVaultStoredConfig'))]", - "label": "TLS/SSL Configuration Settings", + "label": "TLS/SSL configuration settings", "elements": [ { "name": "sslKeystoreInfo1", @@ -883,7 +919,7 @@ "type": "Microsoft.Common.TextBlock", "visible": "true", "options": { - "text": "Enabling a HTTPS (Secure) port for the Administration Console requires you to obtain a valid TLS/SSL certificate. The template will look for the certificate and other configuration items in the Azure Key Vault specified here.", + "text": "Enabling a HTTPS (Secure) port for the Administration Console requires you to obtain a valid TLS/SSL certificate. The offer will look for the certificate and other configuration items in the Azure Key Vault specified here.", "link": { "label": "Learn more", "uri": "https://aka.ms/arm-oraclelinux-wls-cluster-app-gateway-key-vault" @@ -1055,11 +1091,7 @@ "type": "Microsoft.Common.TextBlock", "visible": true, "options": { - "text": "Selecting 'Yes' here will cause the template to provision Load Balancer service or Ingress service for WebLogic Administration Console and WebLogic cluster.", - "link": { - "label": "Learn more", - "uri": "https://aka.ms/arm-oraclelinux-wls-cluster-app-gateway-overview" - } + "text": "This blade allows configuring options for load balancing and ingress controller." } }, { @@ -1067,6 +1099,18 @@ "type": "Microsoft.Common.Section", "label": "Standard Load Balancer service", "elements": [ + { + "name": "enableLBSVCText", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "Selecting 'Yes' here will cause the offer to provision the Azure Load Balancer as a Kubernetes load balancer service. Note, you must select 'Yes' and provide further configuration when T3 tunneling is enabled on the Basics blade.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-standard-load-balancer" + } + } + }, { "name": "enableLBSVC", "type": "Microsoft.Common.OptionsGroup", @@ -1087,6 +1131,18 @@ "required": false } }, + { + "name": "enableInternalLBText", + "type": "Microsoft.Common.TextBlock", + "visible": "[steps('section_appGateway').lbSVCInfo.enableLBSVC]", + "options": { + "text": "If checked, the offer will configure the load balancer as an internal load balancer.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-internal-load-balancer" + } + } + }, { "name": "enableInternalLB", "type": "Microsoft.Common.CheckBox", @@ -1192,8 +1248,20 @@ { "name": "appgwIngress", "type": "Microsoft.Common.Section", - "label": "Application Gateway Ingress", + "label": "Application Gateway Ingress Controller", "elements": [ + { + "name": "enableAppGatewayText", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "Selecting 'Yes' here will cause the offer to configure an Application Gateway Ingress Controller", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-app-gateway-ingress-controller" + } + } + }, { "name": "enableAppGateway", "type": "Microsoft.Common.OptionsGroup", @@ -1460,14 +1528,14 @@ { "name": "section_dnsConfiguration", "type": "Microsoft.Common.Section", - "label": "DNS Configuration", + "label": "DNS configuration", "elements": [ { "name": "dnsConfigurationText", "type": "Microsoft.Common.TextBlock", "visible": true, "options": { - "text": "Selecting 'Yes' here will cause the template to provision Oracle WebLogic Server Administration Console, cluster, Remote Console and custom T3 channel using custom DNS Name (example: admin.contoso.com)", + "text": "Selecting 'Yes' here will cause the offer to provision Oracle WebLogic Server Administration Console, cluster, Remote Console and custom T3 channel using custom DNS Name (example: admin.contoso.com)", "link": { "label": "Learn more", "uri": "https://aka.ms/arm-oraclelinux-wls-dns" @@ -1641,7 +1709,7 @@ "type": "Microsoft.Common.TextBlock", "visible": true, "options": { - "text": "Selecting 'Yes' here and providing the configuration will cause the template to configure the WebLogic Server to connect to the desired pre-existing database. The database must be network accessible to the VNET and subnets created by the template." + "text": "Selecting 'Yes' here and providing the configuration will cause the offer to configure the WebLogic Server to connect to the desired pre-existing database. The database must be network accessible to the VNET and subnets created by the offer." } }, { From 553974a49891b29bd38f3a383d72b21c16cd6c2f Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 28 Oct 2021 23:07:57 -0400 Subject: [PATCH 057/720] On branch edburns-msft-dd-1426715-02-docs-updates modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json - Sentence case. - Fix statement about base image. - Add InfoBox for base image making it really clear you must accept the Terms and Restrictions. - Make `OnePhaseCommit` the default. modified: weblogic-azure-aks/src/test/setupWlsAksParameters.json - Fix error in parameters json. Signed-off-by: Ed Burns --- .../src/main/arm/createUiDefinition.json | 24 ++++++++++++------- .../src/test/setupWlsAksParameters.json | 5 +++- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 871f3daea..f1c2ae9a8 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -381,7 +381,7 @@ { "name": "imageInfo", "type": "Microsoft.Common.Section", - "label": "Image Selection", + "label": "Image selection", "elements": [ { "name": "useOracleImage", @@ -531,17 +531,23 @@ "type": "Microsoft.Common.TextBlock", "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "options": { - "text": "This value is appended to 'container-registry.oracle.com/middleware/weblogic:' and used in the Dockerfile from statement. \nOracle Standard Terms and Restrictions terms must be agreed. \nClick the following link to make sure you have agree the terms and check the valid tags.", - "link": { - "label": "Must be a valid tag value from Oracle Container Registry", - "uri": "https://aka.ms/wls-aks-fromImage-tag" - } + "text": "This value is appended to 'container-registry.oracle.com/middleware/weblogic:' and used in the Dockerfile FROM clause." + } + }, + { + "name": "fromImageInfo", + "type": "Microsoft.Common.InfoBox", + "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", + "options": { + "icon": "Info", + "text": "In the Oracle Container Registry, the Oracle Standard Terms and Restrictions must be accepted. Select this link the following link to make sure you have agreed to the terms for the desired WebLogic Server Docker image and check the valid tags. The deployment will fail if you have not accepted the terms.", + "uri": "https://aka.ms/wls-aks-fromImage-tag" } }, { "name": "oracleImageSelector", "type": "Microsoft.Common.DropDown", - "label": "Select WebLogic Docker tag", + "label": "Select WebLogic Server Docker tag", "defaultValue": "14.1.1.0-11", "toolTip": "Docker tag that comes after 'container-registry.oracle.com/middleware/weblogic:' in the fromOracleImage option to 'imagetool'.", "constraints": { @@ -743,7 +749,7 @@ "name": "uploadedCustomSSLSettings", "type": "Microsoft.Common.Section", "visible": "[and(steps('section_sslConfiguration').enableCustomSSL, equals(steps('section_sslConfiguration').sslConfigurationAccessOption, 'uploadConfig'))]", - "label": "TLS/SSL configuration Settings", + "label": "TLS/SSL configuration settings", "elements": [ { "name": "sslKeystoreInfo0", @@ -1809,7 +1815,7 @@ "name": "dbGlobalTranPro", "type": "Microsoft.Common.DropDown", "label": "Global transactions protocol", - "defaultValue": "EmulateTwoPhaseCommit", + "defaultValue": "OnePhaseCommit", "multiLine": true, "toolTip": "Determines the transaction protocol (global transaction processing behavior) for the data source.", "constraints": { diff --git a/weblogic-azure-aks/src/test/setupWlsAksParameters.json b/weblogic-azure-aks/src/test/setupWlsAksParameters.json index 0334d1eef..9a2d82164 100644 --- a/weblogic-azure-aks/src/test/setupWlsAksParameters.json +++ b/weblogic-azure-aks/src/test/setupWlsAksParameters.json @@ -37,6 +37,9 @@ "createDNSZone": { "value": true }, + "dbGlobalTranPro": { + "value": "EmulateTwoPhaseCommit" + }, "dbPassword": { "value": "#dbPassword#" }, @@ -112,4 +115,4 @@ "value": "#wlsUserName#" } } -} \ No newline at end of file +} From 164d64e77d48981d3fe29ade67037c914d68322d Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor Date: Fri, 29 Oct 2021 05:29:01 +0000 Subject: [PATCH 058/720] Adding support to RHEL along with OS disk only --- .../src/main/arm/createUiDefinition.json | 12 +++ .../src/main/arm/mainTemplate.json | 5 +- .../arm/nestedtemplates/adminTemplate.json | 74 ++++++++++++++---- .../adminTemplateForCustomSSL.json | 71 +++++++++++++++--- .../src/main/arm/mainTemplate.json | 17 ++--- .../addnode/src/main/arm/mainTemplate.json | 17 ++--- .../src/main/arm/createUiDefinition.json | 12 +++ .../src/main/arm/mainTemplate.json | 5 +- .../clusterCustomSSLTemplate.json | 73 ++++++++++++++---- .../arm/nestedtemplates/clusterTemplate.json | 75 +++++++++++++++---- .../nestedtemplates/coherenceTemplate.json | 17 ++--- .../src/main/arm/mainTemplate.json | 17 ++--- .../addnode/src/main/arm/mainTemplate.json | 17 ++--- .../src/main/arm/createUiDefinition.json | 14 +++- .../src/main/arm/mainTemplate.json | 5 +- .../clusterCustomSSLTemplate.json | 71 +++++++++++++++--- .../arm/nestedtemplates/clusterTemplate.json | 73 ++++++++++++++---- .../nestedtemplates/coherenceTemplate.json | 17 ++--- .../src/main/arm/createUiDefinition.json | 12 +++ .../src/main/arm/mainTemplate.json | 71 +++++++++++++++--- 20 files changed, 510 insertions(+), 165 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json index 5d0754c42..9b7c4765a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json @@ -31,6 +31,18 @@ { "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Oracle Linux 7.6", "value": "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + }, + { + "label": "WebLogic Server 12.2.1.4.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" } ], "required": true diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json index 43d71e9f8..230aa70b3 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json @@ -395,7 +395,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json index aec448257..9b1b3d743 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json @@ -103,7 +103,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest", ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -392,17 +395,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ @@ -554,8 +547,61 @@ ] } } - } - + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-122140-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-122140-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk11-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk11-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + } ], "outputs": { "_adminPublicIPId": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json index 4d384a43b..bdc810064 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplateForCustomSSL.json @@ -160,7 +160,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -449,17 +452,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ @@ -611,6 +604,60 @@ ] } } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-122140-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-122140-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk11-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk11-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } } ], "outputs": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json index d70825b38..3c265c507 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/arm/mainTemplate.json @@ -118,7 +118,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -338,17 +341,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json index 944c842f5..b33edd3fb 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/arm/mainTemplate.json @@ -141,7 +141,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -385,17 +388,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json index ba35e17df..d6f13cca2 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json @@ -31,6 +31,18 @@ { "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Oracle Linux 7.6", "value": "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + }, + { + "label": "WebLogic Server 12.2.1.4.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" } ], "required": true diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json index d0560de7c..13faf2566 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json @@ -372,7 +372,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json index dce13e2f9..5213427b0 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json @@ -100,7 +100,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -520,17 +523,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ @@ -688,7 +681,61 @@ ] } } - } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-122140-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-122140-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk11-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk11-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + } ], "outputs": { "_adminPublicIPId": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterTemplate.json index 514d66b5f..4d5fc53d4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/clusterTemplate.json @@ -100,7 +100,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -463,17 +466,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ @@ -631,7 +624,63 @@ ] } } - } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-122140-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-122140-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk11-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk11-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + } + + ], "outputs": { "_adminPublicIPId": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json index 350115ff1..7e59313ad 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json @@ -144,7 +144,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -410,17 +413,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json index 2df51092b..e1b7cddb9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/arm/mainTemplate.json @@ -118,7 +118,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -338,17 +341,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json index 2bd4811b8..bf82e2c81 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/arm/mainTemplate.json @@ -136,7 +136,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -354,17 +357,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json index d68c8e447..9af2c1c82 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json @@ -31,7 +31,19 @@ { "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Oracle Linux 7.6", "value": "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" - } + }, + { + "label": "WebLogic Server 12.2.1.4.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" + } ], "required": true }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json index 5f9ab4dbc..b421b17b3 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json @@ -480,7 +480,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json index a915675a4..659ea5cea 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterCustomSSLTemplate.json @@ -104,7 +104,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -467,17 +470,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ @@ -632,6 +625,60 @@ ] } } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-122140-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-122140-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk11-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk11-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } } ], "outputs": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterTemplate.json index cdc3682a6..8efa2dcf4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/clusterTemplate.json @@ -104,7 +104,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -410,17 +413,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ @@ -575,7 +568,61 @@ ] } } - } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-122140-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-122140-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk11-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk11-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "virtualMachineExtensionLoop" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + } ], "outputs": { "_adminPublicIPId": { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json index 0ee4f0072..917762571 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/coherenceTemplate.json @@ -144,7 +144,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -410,17 +413,7 @@ "managedDisk": { "storageAccountType": "Standard_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "Standard_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json index dbf9b4c4c..a67cb09e3 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/createUiDefinition.json @@ -31,6 +31,18 @@ { "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Oracle Linux 7.6", "value": "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + }, + { + "label": "WebLogic Server 12.2.1.4.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK8 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest" + }, + { + "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Red Hat Enterprise Linux 7.6", + "value": "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" } ], "required": true diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/mainTemplate.json index ca0a8271c..f3a90faea 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/arm/mainTemplate.json @@ -58,7 +58,10 @@ "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" @@ -273,17 +276,7 @@ "managedDisk": { "storageAccountType": "[variables('const_storageAccountType')]" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "[variables('const_storageAccountType')]" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ @@ -410,6 +403,60 @@ ] } } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-122140-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-122140-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/', parameters('vmName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk8-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk8-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/', parameters('vmName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${from.owls-141100-jdk11-rhel76}", + "condition": "[if(contains(variables('name_linuxImageOfferSKU'), 'owls-141100-jdk11-rhel76'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/', parameters('vmName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } } ], "outputs": { From 108791af7cc9a62b014ac01a8a9a5de639265a01 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 29 Oct 2021 14:10:04 -0400 Subject: [PATCH 059/720] On branch edburns-msft-dd-1426715-02-docs-updates Updates from @mriccell. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json ``` - "toolTip": "The maximum size of the WebLogic cluster.", + "toolTip": "The maximum size of the dynamic WebLogic cluster. ``` - Mention that the images from OCR are unpatched. - For us, replicas are "WebLogic Managed Server replicas". Signed-off-by: Ed Burns --- .../src/main/arm/createUiDefinition.json | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index f1c2ae9a8..8fadaf019 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -163,10 +163,10 @@ "type": "Microsoft.Common.Slider", "min": 5, "max": 1000, - "label": "Maximum cluster size", + "label": "Maximum dynamic cluster size", "defaultValue": 5, "showStepMarkers": false, - "toolTip": "The maximum size of the WebLogic cluster.", + "toolTip": "The maximum size of the dynamic WebLogic cluster.", "constraints": { "required": true }, @@ -386,9 +386,9 @@ { "name": "useOracleImage", "type": "Microsoft.Common.OptionsGroup", - "label": "Use a pre-existing WebLogic Server Docker image from Oracle Container Registry?", + "label": "Use a pre-existing, unpatched, WebLogic Server Docker image from Oracle Container Registry?", "defaultValue": "Yes", - "toolTip": "Select 'Yes' to a use pre-existing WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic server image, from the specified ACR instance. This allows the use of custom images, such as with a specific set PSUs.", + "toolTip": "Select 'Yes' to a use pre-existing, unpatched, WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic server image, from the specified ACR instance. This allows the use of custom images, such as with a specific set patches (PSUs).", "constraints": { "allowedValues": [ { @@ -673,13 +673,13 @@ { "name": "appReplicas", "type": "Microsoft.Common.TextBox", - "label": "Number of application replicas", + "label": "Number of WebLogic Managed Server replicas", "defaultValue": "2", - "toolTip": "The number of application replicas to deploy.", + "toolTip": "The number of WebLogic Managed Server replicas to deploy.", "constraints": { "required": true, "regex": "^(1|2|3|4|5)$", - "validationMessage": "Number of application replicas to deploy, limit 1-5." + "validationMessage": "Number of WebLogic Managed Server replicas to deploy, limit 1-5." } } ], From 3a3c4760a5b3c9bd37190aca38c5dd1acb3cf8dc Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 29 Oct 2021 17:00:04 -0400 Subject: [PATCH 060/720] On branch edburns-msft-dd-1426715-03-docs-updates Product name corrections from @rosemarymarano. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns --- .../src/main/arm/createUiDefinition.json | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 8fadaf019..814d746e2 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -199,7 +199,7 @@ { "name": "enableAdminT3Tunneling", "type": "Microsoft.Common.CheckBox", - "label": "Enable T3 tunneling for Admin Server", + "label": "Enable T3 tunneling for Administration Server", "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]" }, { @@ -697,7 +697,7 @@ "type": "Microsoft.Common.TextBlock", "visible": true, "options": { - "text": "Selecting 'Yes' here will cause the offer to configure WebLogic Administration Console, Remote Console, cluster and custom T3 channel to use HTTPS (Secure) ports, with your own TLS/SSL certificate.", + "text": "Selecting 'Yes' here will cause the offer to configure WebLogic Server Administration Console, Remote Console, cluster and custom T3 channel to use HTTPS (Secure) ports, with your own TLS/SSL certificate.", "link": { "label": "Learn more", "uri": "https://aka.ms/arm-oraclelinux-wls-ssl-config" @@ -707,9 +707,9 @@ { "name": "enableCustomSSL", "type": "Microsoft.Common.OptionsGroup", - "label": "Configure end to end TLS/SSL to WebLogic Administration Console and cluster on HTTPS (Secure) port, with your own certificate?", + "label": "Configure end to end TLS/SSL to WebLogic Server Administration Console and cluster on HTTPS (Secure) port, with your own certificate?", "defaultValue": "No", - "toolTip": "Select 'Yes' to configure end to end TLS/SSL to WebLogic Administration Console and cluster on HTTPS (Secure) port, with your own certificate.", + "toolTip": "Select 'Yes' to configure end to end TLS/SSL to WebLogic Server Administration Console and cluster on HTTPS (Secure) port, with your own certificate.", "constraints": { "allowedValues": [ { @@ -1317,7 +1317,7 @@ "type": "Microsoft.Common.TextBlock", "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]", "options": { - "text": "    ⁃ Generate a self-signed frontend certificate: generate a self-signed frontend certificate and apply it during deployment.", + "text": "    ⁃ Generate a self-signed front-end certificate: Generate a self-signed front-end certificate and apply it during deployment.", "link": { "label": "Learn more", "uri": "https://aka.ms/arm-oraclelinux-wls-cluster-app-gateway-key-vault" @@ -1341,7 +1341,7 @@ "value": "haveKeyVault" }, { - "label": "Generate a self-signed frontend certificate", + "label": "Generate a self-signed front-end certificate", "value": "generateCert" } ], @@ -1352,7 +1352,7 @@ { "name": "keyVaultSSLCertData", "type": "Microsoft.Common.FileUpload", - "label": "Frontend TLS/SSL certificate(.pfx)", + "label": "Front-End TLS/SSL certificate(.pfx)", "toolTip": "TLS/SSL certificate used for App Gateway", "constraints": { "required": true, @@ -1372,7 +1372,7 @@ "password": "Password", "confirmPassword": "Confirm password" }, - "toolTip": "Frontend TLS/SSL certificate password", + "toolTip": "Front-End TLS/SSL certificate password", "constraints": { "required": "[equals(steps('section_appGateway').appgwIngress.certificateOption, 'haveCert')]", "regex": "^((?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*])).{6,128}$", @@ -1428,7 +1428,7 @@ { "name": "keyVaultSSLCertDataSecretName", "type": "Microsoft.Common.TextBox", - "label": "The name of the secret in the specified Key Vault whose value is the frontend TLS/SSL certificate data", + "label": "The name of the secret in the specified Key Vault whose value is the front-end TLS/SSL certificate data", "defaultValue": "", "toolTip": "Use only letters and numbers", "constraints": { @@ -1441,7 +1441,7 @@ { "name": "keyVaultSSLCertPasswordSecretName", "type": "Microsoft.Common.TextBox", - "label": "The name of the secret in the specified Key Vault whose value is the password for the frontend TLS/SSL certificate", + "label": "The name of the secret in the specified Key Vault whose value is the password for the front-end TLS/SSL certificate", "defaultValue": "", "toolTip": "Use only letters and numbers", "constraints": { @@ -1617,9 +1617,9 @@ { "name": "dnszoneAdminConsoleLabel", "type": "Microsoft.Common.TextBox", - "label": "Label for Oracle WebLogic Administration Console", + "label": "Label for Oracle WebLogic Server Administration Console", "defaultValue": "admin", - "toolTip": "Specify a label to generate subdomain of Oracle WebLogic Administration Console", + "toolTip": "Specify a label to generate subdomain of Oracle WebLogic Server Administration Console", "constraints": { "required": true, "validations": [ @@ -1638,9 +1638,9 @@ { "name": "dnszoneAdminT3ChannelLabel", "type": "Microsoft.Common.TextBox", - "label": "Label for Oracle WebLogic Admin Server T3 channel", + "label": "Label for Oracle WebLogic Administration Server T3 channel", "defaultValue": "admin-t3", - "toolTip": "Specify a label to generate subdomain of Oracle WebLogic Admin Server T3 channel", + "toolTip": "Specify a label to generate subdomain of Oracle WebLogic Administration Server T3 channel", "constraints": { "required": true, "validations": [ From 51ed8c87af356badc717eba87e40db800851c348 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 29 Oct 2021 14:23:57 -0400 Subject: [PATCH 061/720] On branch edburns-msft-dd-1427972-marketplace-text-from-reza Subsumes #56. Incorporates changes suggested by @mriccell and @rosemarymarano. modified: weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md Signed-off-by: Ed Burns --- .../resources/marketing-artifacts/README.md | 34 +++++-------------- 1 file changed, 9 insertions(+), 25 deletions(-) diff --git a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md index 9b3c8722c..8877b8a9b 100644 --- a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md +++ b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md @@ -2,25 +2,17 @@

Name

-Oracle WebLogic Server on Azure Solution Overview +Oracle WebLogic Server on the Azure Kubernetes Service -

Oracle WebLogic Server is a scalable, enterprise-ready Java EE application server.

+

Oracle WebLogic Server is a scalable, enterprise-ready Java application server.

Description

-

Azure Oracle WebLogic Server (WLS) offers enable you to embrace cloud computing by providing greater choice and flexibility for WLS migration including lift and shift of your Java applications to Azure Virtual Machines with the smallest effort and biggest impact. The offers empower you to start your business applications quickly by automatically provisioning virtual network, storage and Linux resources, installing WLS, setting up security with a network security group, easing database connectivity, configuring load balancing with App Gateway or Oracle HTTP Server, connecting to Azure Active Directory, enabling centralized logging via ELK as well as integrating distributed caching with Oracle Coherence.

-

There are a number of offers that support different common use cases, such as a single working instance with Admin Server enabled, as well as highly available clusters.

-

The offers are linked in the Learn more section at the bottom of this page. You should feel free to give them a try; the offers are available free of charge.

-

These offers are Bring-Your-Own-License. They assume you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

-

These offers support a range of operating system, WebLogic Server and Java such as WLS 14c and JDK 11 on Oracle Linux 7.6 and 8 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

-
WLS Single Node
-

This offer provisions a single virtual machine and installs WLS on it. It does not create a domain or start the Administration Server. This is useful for scenarios with highly customized domain configuration.

-
WLS with Admin Server
-

This offer provisions a single virtual machine and installs WLS on it. It creates a domain and starts up the Administration Server, which allows you to manage the domain.

-
WLS Cluster
-

This offer creates a highly available cluster of WLS virtual machines. The Administration Server and all Managed Servers are started by default, which allow you to manage the domain.

-
WLS Dynamic Cluster
-

This offer creates a highly available and scalable dynamic cluster of WLS virtual machines. The Administration Server and all Managed Servers are started by default, which allow you to manage the domain.

+

The Oracle WebLogic Server (WLS) on Azure Kubernetes Service (AKS) offer lets you to embrace cloud computing by providing greater choice and flexibility for WLS migration. The offer enables you to move WLS workloads to AKS as quickly and easily as possible by automating the provisioning of a number of Java and Azure resources. The automatically provisioned resources include an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). It is possible to use an existing AKS cluster or ACR instance with the offer if desired. The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, DNS configuration, SSL/TLS configuration, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kuberetes Persistence Volumes. After the offer performs most boilerplate resource provisioning and configuration, you can focus on deploying your WLS application to AKS, typically through a DevOps tool such as GitHub Actions and tools from the WebLogic Kubernetes ToolKit such as the WebLogic Image Tool and WebLogic Deploy Tooling. You are also completely free to customize the deployment further.

+ +

This offer is Bring-Your-Own-License. It assumes you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

+ +

If you want to provide feedback on this offer, stay updated on the roadmap, or work closely on your migration scenarios with the engineering team developing this offer, select the CONTACT ME button on the marketplace WebLogic on Azure offer overview page linked below. The opportunity to collaborate on a migration scenario is free while the offers are under active development.

Search keywords

@@ -36,15 +28,7 @@ https://www.oracle.com/legal/privacy/privacy-policy.html [Overview](https://www.oracle.com/middleware/weblogic/) -[Oracle WebLogic Server Single Node](https://portal.azure.com/#create/oracle.20191001-arm-oraclelinux-wls20191001-arm-oraclelinux-wls) - -[Oracle WebLogic Server With Admin Server](https://portal.azure.com/#create/oracle.20191009-arm-oraclelinux-wls-admin20191009-arm-oraclelinux-wls-admin) - -[Oracle WebLogic Server Cluster](https://portal.azure.com/#create/oracle.20191007-arm-oraclelinux-wls-cluster20191007-arm-oraclelinux-wls-cluster) - -[Oracle WebLogic Server Dynamic Cluster](https://portal.azure.com/#create/oracle.20191021-arm-oraclelinux-wls-dynamic-cluster20191021-arm-oraclelinux-wls-dynamic-cluster) - -[Fusion Middleware Documentation](https://docs.oracle.com/en/middleware/fusion-middleware/index.html) +[WebLogic on Azure](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/oracle.oraclelinux-wls-cluster) [Learn More](https://www.oracle.com/middleware/technologies/weblogic.html) @@ -52,7 +36,7 @@ https://www.oracle.com/legal/privacy/privacy-policy.html

Name

-WebLogic on Azure IaaS +WebLogic on AKS

Link

From a75b9db59ea421db4169ef3951d57fb56510a5c1 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Sun, 31 Oct 2021 16:58:17 -0400 Subject: [PATCH 062/720] Update version to 1.0.23 --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 80a1ed588..b8c7806e6 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.21 + 1.0.23 com.microsoft.azure.iaas From 391766eedb69b30d79074204e12d676ad1060bb0 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Sun, 31 Oct 2021 17:04:22 -0400 Subject: [PATCH 063/720] Small typos. --- .../src/main/resources/marketing-artifacts/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md index 8877b8a9b..89a67dbd1 100644 --- a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md +++ b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md @@ -8,7 +8,7 @@ Oracle WebLogic Server on the Azure Kubernetes Service

Description

-

The Oracle WebLogic Server (WLS) on Azure Kubernetes Service (AKS) offer lets you to embrace cloud computing by providing greater choice and flexibility for WLS migration. The offer enables you to move WLS workloads to AKS as quickly and easily as possible by automating the provisioning of a number of Java and Azure resources. The automatically provisioned resources include an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). It is possible to use an existing AKS cluster or ACR instance with the offer if desired. The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, DNS configuration, SSL/TLS configuration, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kuberetes Persistence Volumes. After the offer performs most boilerplate resource provisioning and configuration, you can focus on deploying your WLS application to AKS, typically through a DevOps tool such as GitHub Actions and tools from the WebLogic Kubernetes ToolKit such as the WebLogic Image Tool and WebLogic Deploy Tooling. You are also completely free to customize the deployment further.

+

The Oracle WebLogic Server (WLS) on Azure Kubernetes Service (AKS) offer lets you to embrace cloud computing by providing greater choice and flexibility for WLS migration. The offer enables you to move WLS workloads to AKS as quickly and easily as possible by automating the provisioning of a number of Java and Azure resources. The automatically provisioned resources include an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). It is possible to use an existing AKS cluster or ACR instance with the offer if desired. The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, DNS configuration, SSL/TLS configuration, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. After the offer performs most boilerplate resource provisioning and configuration, you can focus on deploying your WLS application to AKS, typically through a DevOps tool such as GitHub Actions and tools from the WebLogic Kubernetes ToolKit such as the WebLogic Image Tool and WebLogic Deploy Tooling. You are also completely free to customize the deployment further.

This offer is Bring-Your-Own-License. It assumes you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

From 43008d41b4227e9cdc68127248c10326f5cf8d21 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Sun, 31 Oct 2021 22:28:18 -0400 Subject: [PATCH 064/720] On branch edburns-msft-wls-aks-update-pom Add link to docs. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns --- .../src/main/arm/createUiDefinition.json | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 814d746e2..5a3137cc6 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -216,6 +216,18 @@ "type": "Microsoft.Common.Section", "label": "Report issues, get help, and share feedback", "elements": [ + { + "name": "help", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "See the documentation for this offer in the Oracle WebLogic Kubernetes Operator.", + "link": { + "label": "Offer documentation", + "uri": "https://aka.ms/wls-aks-docs" + } + } + }, { "name": "howToReportIssueText", "type": "Microsoft.Common.TextBlock", From 87f8d54afe393fd2f05061c7358fb6201b74757e Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Sun, 31 Oct 2021 22:45:47 -0400 Subject: [PATCH 065/720] On branch edburns-msft-wls-aks-update-pom Update to 1.0.24 modified: weblogic-azure-aks/pom.xml Signed-off-by: Ed Burns --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index b8c7806e6..10b54b534 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.23 + 1.0.24 com.microsoft.azure.iaas From be5dfc9ad6d34499778dc53a2f7e6d1c80445a00 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Sun, 31 Oct 2021 22:57:16 -0400 Subject: [PATCH 066/720] On branch edburns-msft-wls-aks-update-pom Do not hard code the branch. modified: .github/workflows/buildWlsAksArtifact.yml Signed-off-by: Ed Burns --- .github/workflows/buildWlsAksArtifact.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml index 72610f394..0fa8b0665 100644 --- a/.github/workflows/buildWlsAksArtifact.yml +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -37,9 +37,7 @@ jobs: - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure uses: actions/checkout@v2 with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - name: Build and test weblogic-azure/weblogic-azure-aks run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml - name: Generate artifact file name and path From 1ab67e27dc01379a495bd897fba9b9bf47bfe1a0 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 1 Nov 2021 16:43:37 -0400 Subject: [PATCH 067/720] On branch edburns-msft-dd-1427972-marketplace-text-02 Fix typo: remove extra "to". modified: weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md Signed-off-by: Ed Burns --- .../src/main/resources/marketing-artifacts/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md index 89a67dbd1..10d2ba5fe 100644 --- a/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md +++ b/weblogic-azure-aks/src/main/resources/marketing-artifacts/README.md @@ -8,7 +8,7 @@ Oracle WebLogic Server on the Azure Kubernetes Service

Description

-

The Oracle WebLogic Server (WLS) on Azure Kubernetes Service (AKS) offer lets you to embrace cloud computing by providing greater choice and flexibility for WLS migration. The offer enables you to move WLS workloads to AKS as quickly and easily as possible by automating the provisioning of a number of Java and Azure resources. The automatically provisioned resources include an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). It is possible to use an existing AKS cluster or ACR instance with the offer if desired. The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, DNS configuration, SSL/TLS configuration, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. After the offer performs most boilerplate resource provisioning and configuration, you can focus on deploying your WLS application to AKS, typically through a DevOps tool such as GitHub Actions and tools from the WebLogic Kubernetes ToolKit such as the WebLogic Image Tool and WebLogic Deploy Tooling. You are also completely free to customize the deployment further.

+

The Oracle WebLogic Server (WLS) on Azure Kubernetes Service (AKS) offer lets you embrace cloud computing by providing greater choice and flexibility for WLS migration. The offer enables you to move WLS workloads to AKS as quickly and easily as possible by automating the provisioning of a number of Java and Azure resources. The automatically provisioned resources include an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). It is possible to use an existing AKS cluster or ACR instance with the offer if desired. The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, DNS configuration, SSL/TLS configuration, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. After the offer performs most boilerplate resource provisioning and configuration, you can focus on deploying your WLS application to AKS, typically through a DevOps tool such as GitHub Actions and tools from the WebLogic Kubernetes ToolKit such as the WebLogic Image Tool and WebLogic Deploy Tooling. You are also completely free to customize the deployment further.

This offer is Bring-Your-Own-License. It assumes you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

From a3acc0e48ab12576b316ce7f3d9b19854d176215 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 1 Nov 2021 16:25:40 -0400 Subject: [PATCH 068/720] On branch edburns-msft-gh-17-dd-1428896-vms-zip-generation Update pom version for single node. Update pid from Partner Center modified: weblogic-azure-vm/arm-oraclelinux-wls/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties Signed-off-by: Ed Burns --- weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 2 +- .../arm-oraclelinux-wls/src/main/resources/pid.properties | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index 9b7f49565..9fc179b0f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -12,7 +12,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls - 1.0.19 + 1.0.21 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties index aaca8a44a..664549726 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties @@ -13,7 +13,7 @@ azure.apiVersionForKeyVault=2019-09-01 # Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls -end=8f75aefd-02b2-50a8-9a6e-feb41176559f +end=pid-a63dea86-f8db-4e75-a231-1145d4f3ab6e-partnercenter start=b446fe15-5d43-5549-858d-4775741cd0ba # Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-admin From 2a4e7ffafbbf919fcbc8b07ed7374e62f10f818b Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 1 Nov 2021 16:36:54 -0400 Subject: [PATCH 069/720] On branch edburns-msft-gh-17-dd-1428896-vms-zip-generation Update version and pid for admin offer. modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties Signed-off-by: Ed Burns --- weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml | 2 +- .../arm-oraclelinux-wls/src/main/resources/pid.properties | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 5825d5696..eb26997ca 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -10,7 +10,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-admin - 1.0.25 + 1.0.26 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties index 664549726..52f597375 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties @@ -27,7 +27,7 @@ admin.database.start=6b253477-1753-5eb1-9448-506ab47494d7 admin.elk.end=78d94c2d-7401-52a9-be03-4cf1cc4e8f00 admin.elk.start=f3c3b847-89ea-54c8-904e-10ff8eba14fa admin.end=057f09cd-6f90-5c1c-b655-3aba168aef35 -admin.start=18f4b80a-6ca2-5840-8f88-4e7156ed6db0 +admin.start=pid-7e52c2b6-1acb-416f-af55-5837ff783eb7-partnercenter # Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster From 56eaaffa439a9b7b67cc6504f181eb5b61bb837b Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 1 Nov 2021 16:48:24 -0400 Subject: [PATCH 070/720] On branch edburns-msft-gh-17-dd-1428896-vms-zip-generation Update pom version and add correct pid. modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties Signed-off-by: Ed Burns --- .../arm-oraclelinux-wls-cluster/pom.xml | 2 +- .../arm-oraclelinux-wls/src/main/resources/pid.properties | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index d189a3011..e4311818c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -12,7 +12,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-cluster - 1.0.370000 + 1.0.380000 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties index 52f597375..59b32f0ba 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties @@ -54,7 +54,7 @@ cluster.dns.start=c40d7aa8-9fe7-51c6-86de-27e1b1678735 cluster.elk.end=cb84f8ed-d270-5036-8240-08b6bb4f2bd6 cluster.elk.start=c9bac63c-67eb-52e1-a8c1-2ba57f65cfbc cluster.end=0fa14086-2d46-54a4-8aba-470addc3dce6 -cluster.start=2488df5d-5e73-5593-9d92-37b40999a9e0 +cluster.start=pid-7363cd91-937d-4469-a7a8-ecbeddfb7a0f-partnercenter # Pids to indicate which database was chosen. No difference in these # between Oracle and Microsoft From a1c968588739032cd8da3226834b4cb304ea8900 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 1 Nov 2021 16:52:36 -0400 Subject: [PATCH 071/720] On branch edburns-msft-gh-17-dd-1428896-vms-zip-generation Update pom version and add correct pid. modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties Signed-off-by: Ed Burns --- .../arm-oraclelinux-wls-dynamic-cluster/pom.xml | 2 +- .../arm-oraclelinux-wls/src/main/resources/pid.properties | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index 371fab3fa..4a45fd9d1 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -10,7 +10,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-dynamic-cluster - 1.0.24 + 1.0.26 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties index 59b32f0ba..4244426e6 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties @@ -84,7 +84,7 @@ dynamic.deletenode.end=3eb27f94-d1c3-572c-a7da-0d7f26f6a20e dynamic.elk.end=d154e480-15e2-5cf7-bdd5-6219c1793967 dynamic.elk.start=bc636673-2dca-5e40-a2aa-6891c344aa17 dynamic.end=93da13bf-11f6-5bfb-9b51-7deb152a21c3 -dynamic.start=2551958c-2465-5e2e-8e28-0b3a4babf3f0 +dynamic.start=pid-89d7f595-f164-4cbd-abbb-e46cd0b342e8-partnercenter # Pids to indicate which base image was chosen. No difference in these # between Oracle and Microsoft From e4516baeba49932fbfd622730c8cc065b84da1f8 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Tue, 2 Nov 2021 17:33:50 -0400 Subject: [PATCH 072/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification See https://oracle-ama.visualstudio.com/marketplacesolutions/_git/oracle/pullrequest/2 modified: weblogic-azure-aks/pom.xml - Increment version. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json - Add toolTip where possible. - Add regex length constraint where possible. - Force the user to paste the base64 string twice. I wouldrather not ask the user this, but I don't want to haggle with the test administrators. - Added output for `dropDownTargets`. Temporarily pass to `mainTemplate` but just fo outputting. modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep - made `dbPassword` a secure string. - Accept `dropdownTargets` from createUiDefinition, but just output the length. modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep modified: weblogic-azure-aks/src/main/bicep/modules/networking.bicep modified: weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep - Do not hard code `location`. Signed-off-by: Ed Burns --- weblogic-azure-aks/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 20 ++++++++++--------- .../src/main/bicep/mainTemplate.bicep | 6 +++++- .../bicep/modules/_azure-resoruces/_acr.bicep | 2 +- .../bicep/modules/_azure-resoruces/_aks.bicep | 2 +- .../modules/_azure-resoruces/_storage.bicep | 2 +- .../_ds-create-networking.bicep | 2 +- .../_ds-create-wls-cluster.bicep | 2 +- .../src/main/bicep/modules/networking.bicep | 2 +- .../bicep/modules/setupWebLogicCluster.bicep | 2 +- 10 files changed, 24 insertions(+), 18 deletions(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 10b54b534..b48bf42e5 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.24 + 1.0.25 com.microsoft.azure.iaas diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 5a3137cc6..431843033 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -335,13 +335,11 @@ "name": "nodeVMSizeSelector", "type": "Microsoft.Compute.SizeSelector", "label": "Node size", - "toolTip": "", + "toolTip": "The size of virtual machine to provision.", "recommendedSizes": [ "Standard_DS2_v2" ], "constraints": { - "allowedSizes": [], - "excludedSizes": [], "numAvailabilityZonesRequired": 3, "zone": "3" }, @@ -690,7 +688,7 @@ "toolTip": "The number of WebLogic Managed Server replicas to deploy.", "constraints": { "required": true, - "regex": "^(1|2|3|4|5)$", + "regex": "^(1|2|3|4|5){1}$", "validationMessage": "Number of WebLogic Managed Server replicas to deploy, limit 1-5." } } @@ -953,7 +951,7 @@ "toolTip": "Use only letters and numbers", "constraints": { "required": true, - "regex": "^[a-z0-9A-Z.\\-_()]{0,89}([a-z0-9A-Z\\-_()]{1})$", + "regex": "^[a-z0-9A-Z.\\-_()]{0,89}([a-z0-9A-Z\\-_()]{1}){3,63}$", "validationMessage": "[if(greater(length(steps('section_sslConfiguration').keyVaultStoredCustomSSLSettings.keyVaultResourceGroup), 90),'Resource group names only allow up to 90 characters.', 'Resource group names only allow alphanumeric characters, periods, underscores, hyphens and parenthesis and cannot end in a period.')]" } }, @@ -1189,6 +1187,7 @@ "element": { "type": "Microsoft.Common.TextBox", "placeholder": "domain1-admin-server", + "toolTip": "Service name", "constraints": { "required": true, "validations": [ @@ -1212,6 +1211,7 @@ "name": "dropDownTargets", "type": "Microsoft.Common.DropDown", "placeholder": "admin-server", + "toolTip": "Select targets for load balancer", "constraints": { "allowedValues": [ { @@ -1242,12 +1242,13 @@ "element": { "type": "Microsoft.Common.TextBox", "placeholder": "7001", + "toolTip": "Select port for target", "constraints": { "required": true, "validations": [ { "isValid": "[lessOrEquals(length(filter(steps('section_appGateway').lbSVCInfo.lbSVC, (item) => equals(item.colTarget, last(take(steps('section_appGateway').lbSVCInfo.lbSVC, $rowIndex)).colTarget))),1)]", - "message": "You can not select the same target repeadly." + "message": "You can not select the same target repeatedly." }, { "regex": "^()([1-9]|[1-5]?[0-9]{2,4}|6[1-4][0-9]{3}|65[1-4][0-9]{2}|655[1-2][0-9]|6553[1-5])$", @@ -1419,7 +1420,7 @@ "toolTip": "Use only letters and numbers", "constraints": { "required": true, - "regex": "^[a-z0-9A-Z.\\-_()]{0,89}([a-z0-9A-Z\\-_()]{1})$", + "regex": "^[a-z0-9A-Z.\\-_()]{0,89}([a-z0-9A-Z\\-_()]{1}){3,63}$", "validationMessage": "[if(greater(length(steps('section_appGateway').appgwIngress.keyVaultResourceGroup), 90),'Resource group names only allow up to 90 characters.', 'Resource group names only allow alphanumeric characters, periods, underscores, hyphens and parenthesis and cannot end in a period.')]" }, "visible": "[equals(steps('section_appGateway').appgwIngress.certificateOption, 'haveKeyVault')]" @@ -1488,7 +1489,7 @@ "required": true }, "options": { - "hideConfirmation": true + "hideConfirmation": false }, "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]" }, @@ -1621,7 +1622,7 @@ "toolTip": "Name of the resource group which contains the DNS Zone in current subscription", "constraints": { "required": true, - "regex": "^[a-z0-9A-Z.\\-_()]{0,89}([a-z0-9A-Z\\-_()]{1})$", + "regex": "^[a-z0-9A-Z.\\-_()]{0,89}([a-z0-9A-Z\\-_()]{1}){3,63}$", "validationMessage": "[if(greater(length(steps('section_dnsConfiguration').dnsZoneResourceGroup), 90),'Resource group names only allow up to 90 characters.', 'Resource group names only allow alphanumeric characters, periods, underscores, hyphens and parenthesis and cannot end in a period.')]" }, "visible": "[and(steps('section_dnsConfiguration').enableDNSConfiguration,steps('section_dnsConfiguration').bringDNSZone)]" @@ -1980,6 +1981,7 @@ "dnszoneClusterT3ChannelLabel": "[steps('section_dnsConfiguration').dnszoneClusterT3ChannelLabel]", "dnszoneName": "[steps('section_dnsConfiguration').dnszoneName]", "dnszoneRGName": "[steps('section_dnsConfiguration').dnsZoneResourceGroup]", + "dropDownTargets": "[steps('section_appGateway').lbSVCInfo.lbSVC.colTarget.dropDownTargets]", "dsConnectionURL": "[coalesce(steps('section_database').databaseConnectionInfo.dsConnectionURL, steps('section_database').databaseConnectionInfo.dsConnectionURL2, 'null')]", "enableAppGWIngress": "[steps('section_appGateway').appgwIngress.enableAppGateway]", "enableAzureMonitoring": "[bool(steps('section_aks').clusterInfo.enableAzureMonitoring)]", diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index e108086cc..5ea22eb75 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -97,6 +97,7 @@ param dbDriverLibrariesUrls array = [] param dbDriverName string = 'org.contoso.Driver' @description('Determines the transaction protocol (global transaction processing behavior) for the data source.') param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' +@secure() @description('Password for Database') param dbPassword string = newGuid() @description('The name of the database table to use when testing physical database connections. This name is required when you specify a Test Frequency and enable Test Reserved Connections.') @@ -115,6 +116,8 @@ param dnszoneClusterT3ChannelLabel string = 'cluster-t3' @description('Azure DNS Zone name.') param dnszoneName string = 'contoso.xyz' param dnszoneRGName string = 'dns-contoso-rg' +@description('Internal load balancer targets array. Used when create standard load balancer is yes.') +param dropDownTargets array = [] @description('JDBC Connection String') param dsConnectionURL string = 'jdbc:postgresql://contoso.postgres.database.azure.com:5432/postgres' @description('true to set up Application Gateway ingress.') @@ -148,7 +151,7 @@ param keyVaultSSLBackendRootCertDataSecretName string = 'kv-ssl-backend-data' param keyVaultSSLCertDataSecretName string = 'kv-ssl-data' @description('The name of the secret in the specified KeyVault whose value is the password for the SSL Certificate of Appliation Gateway frontend TLS/SSL') param keyVaultSSLCertPasswordSecretName string = 'kv-ssl-psw' -param location string = 'eastus' +param location string = resourceGroup().location @description('Object array to define Load Balancer service, each object must include service name, service target[admin-server or cluster-1], port.') param lbSvcValues array = [] @description('Name prefix of managed server.') @@ -668,6 +671,7 @@ output adminConsoleExternalSecuredUrl string = const_enableNetworking ? networki // If TLS/SSL enabled, only secured url is working, will not output HTTP url. output adminRemoteConsoleUrl string = const_enableNetworking && !enableCustomSSL ? networkingDeployment.outputs.adminRemoteConsoleUrl : '' output adminRemoteConsoleSecuredUrl string = const_enableNetworking ? networkingDeployment.outputs.adminRemoteConsoleSecuredUrl : '' +output standardLBTargetsLength string = const_enableNetworking ? format('{0}', length(dropDownTargets)) : '' output adminServerT3InternalUrl string = ref_wlsDomainDeployment.outputs.adminServerT3InternalUrl.value output adminServerT3ExternalUrl string = enableAdminT3Tunneling && const_enableNetworking ? format('{0}://{1}', enableCustomSSL ? 't3s' : 't3', networkingDeployment.outputs.adminServerT3ChannelUrl) : '' output clusterInternalUrl string = ref_wlsDomainDeployment.outputs.clusterSVCUrl.value diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep index ed3ce91aa..28c71ada1 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep @@ -2,7 +2,7 @@ // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. param acrNamePrefix string = 'wlsaksacr' -param location string = 'eastus' +param location string = resourceGroup().location param utcValue string = utcNow() var name_acr= '${acrNamePrefix}${uniqueString(utcValue)}' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep index b2bbc5cf6..72253ee14 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep @@ -22,7 +22,7 @@ param aksClusterNamePrefix string = 'wlsonaks' param aksVersion string = 'default' @description('In addition to the CPU and memory metrics included in AKS by default, you can enable Container Insights for more comprehensive data on the overall performance and health of your cluster. Billing is based on data ingestion and retention settings.') param enableAzureMonitoring bool = false -param location string = 'eastus' +param location string = resourceGroup().location param utcValue string = utcNow() var const_aksAgentPoolOSDiskSizeGB = 128 diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep index a79884a9b..29be05b0a 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param location string = 'eastus' +param location string = resourceGroup().location param storageAccountName string param utcValue string = utcNow() diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep index 26d8d2095..148af3c5a 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep @@ -34,7 +34,7 @@ param enableCustomSSL bool = false param enableDNSConfiguration bool = false param identity object param lbSvcValues array = [] -param location string = 'eastus' +param location string = resourceGroup().location @secure() param servicePrincipal string = newGuid() param useInternalLB bool = false diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index fc0cb7e54..de95f6344 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -16,7 +16,7 @@ param enableAdminT3Tunneling bool = false param enableClusterT3Tunneling bool = false param enablePV bool = false param identity object -param location string = 'eastus' +param location string = resourceGroup().location param managedServerPrefix string = 'managed-server' @secure() param ocrSSOPSW string diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index 6586cb833..a4a661dc2 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -52,7 +52,7 @@ param keyvaultBackendCertDataSecretName string = 'kv-ssl-backend-data' param keyVaultSSLCertDataSecretName string = 'kv-ssl-data' @description('The name of the secret in the specified KeyVault whose value is the password for the SSL Certificate') param keyVaultSSLCertPasswordSecretName string = 'kv-ssl-psw' -param location string = 'eastus' +param location string = resourceGroup().location @description('Object array to define Load Balancer service, each object must include service name, service target[admin-server or cluster-1], port.') param lbSvcValues array = [] @secure() diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep index 5c1484294..47200f82a 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep @@ -63,7 +63,7 @@ param enableClusterT3Tunneling bool = false param enablePV bool = false @description('An user assigned managed identity. Make sure the identity has permission to create/update/delete/list Azure resources.') param identity object -param location string = 'eastus' +param location string = resourceGroup().location @description('Name prefix of managed server.') param managedServerPrefix string = 'managed-server' @secure() From b2049568171967e795e180e189e2ea871ec75a42 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 11:14:27 +0800 Subject: [PATCH 073/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification: output the DropDownTargets in subtempalte. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/networking.bicep --- weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 2 +- weblogic-azure-aks/src/main/bicep/modules/networking.bicep | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 5ea22eb75..46e8b49fb 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -604,6 +604,7 @@ module networkingDeployment 'modules/networking.bicep' = if (const_enableNetwork keyVaultSSLCertDataSecretName: (!enableAppGWIngress || (appGatewayCertificateOption == const_appGatewaySSLCertOptionHaveKeyVault)) ? keyVaultSSLCertDataSecretName : appgwSecretDeployment.outputs.sslCertDataSecretName keyVaultSSLCertPasswordSecretName: (!enableAppGWIngress || (appGatewayCertificateOption == const_appGatewaySSLCertOptionHaveKeyVault)) ? keyVaultSSLCertPasswordSecretName : appgwSecretDeployment.outputs.sslCertPwdSecretName location: location + lbDropDownTargets: dropDownTargets lbSvcValues: lbSvcValues servicePrincipal: servicePrincipal useInternalLB: useInternalLB @@ -671,7 +672,6 @@ output adminConsoleExternalSecuredUrl string = const_enableNetworking ? networki // If TLS/SSL enabled, only secured url is working, will not output HTTP url. output adminRemoteConsoleUrl string = const_enableNetworking && !enableCustomSSL ? networkingDeployment.outputs.adminRemoteConsoleUrl : '' output adminRemoteConsoleSecuredUrl string = const_enableNetworking ? networkingDeployment.outputs.adminRemoteConsoleSecuredUrl : '' -output standardLBTargetsLength string = const_enableNetworking ? format('{0}', length(dropDownTargets)) : '' output adminServerT3InternalUrl string = ref_wlsDomainDeployment.outputs.adminServerT3InternalUrl.value output adminServerT3ExternalUrl string = enableAdminT3Tunneling && const_enableNetworking ? format('{0}://{1}', enableCustomSSL ? 't3s' : 't3', networkingDeployment.outputs.adminServerT3ChannelUrl) : '' output clusterInternalUrl string = ref_wlsDomainDeployment.outputs.clusterSVCUrl.value diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index a4a661dc2..42b223e1d 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -55,6 +55,7 @@ param keyVaultSSLCertPasswordSecretName string = 'kv-ssl-psw' param location string = resourceGroup().location @description('Object array to define Load Balancer service, each object must include service name, service target[admin-server or cluster-1], port.') param lbSvcValues array = [] +param lbDropDownTargets array = [] @secure() param servicePrincipal string = newGuid() @description('True to set up internal load balancer service.') @@ -277,3 +278,4 @@ output adminServerT3ChannelUrl string = ref_networkDeployment.outputs.adminServe output clusterExternalUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewayURL) : ref_networkDeployment.outputs.clusterLBUrl.value output clusterExternalSecuredUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('https://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewaySecuredURL) : ref_networkDeployment.outputs.clusterLBSecuredUrl.value output clusterT3ChannelUrl string = ref_networkDeployment.outputs.clusterT3LBUrl.value +output standardLBTargetsLength int = length(lbDropDownTargets) From 17ed573b3d13836e384526f07be92ac1fe837e1a Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 14:15:29 +0800 Subject: [PATCH 074/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification: add tooltip to checkbox and remove dropDownTargets. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/networking.bicep --- .../src/main/arm/createUiDefinition.json | 10 ++++++++-- weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 3 --- .../src/main/bicep/modules/networking.bicep | 2 -- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 431843033..445706005 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -200,12 +200,14 @@ "name": "enableAdminT3Tunneling", "type": "Microsoft.Common.CheckBox", "label": "Enable T3 tunneling for Administration Server", + "toolTip": "If checked, enable T3 tunneling for Administration Server", "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]" }, { "name": "enableClusterT3Tunneling", "type": "Microsoft.Common.CheckBox", "label": "Enable T3 tunneling for WebLogic cluster", + "toolTip": "If checked, enable T3 tunneling for WebLogic cluster.", "visible": "[bool(basics('basicsOptional').basicsOptionalAcceptDefaults)]" } ], @@ -366,6 +368,7 @@ "name": "enableAzureMonitoring", "type": "Microsoft.Common.CheckBox", "label": "Enable Container insights", + "toolTip": "If checked, configure the necessary settings to integrate with Container insights.", "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" }, { @@ -382,6 +385,7 @@ }, { "name": "enableAzureFileShare", + "toolTip": "If checked, configure the necessary settings to mount a persistent volume to the nodes of the AKS cluster.", "type": "Microsoft.Common.CheckBox", "label": "Create Persistent Volume using Azure File share service", "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" @@ -678,6 +682,7 @@ "name": "validateApplications", "type": "Microsoft.Common.CheckBox", "label": "Fail deployment if application does not become ACTIVE.", + "toolTip": "If checked, verify the deployed app reaches the ACTIVE state and fail the deployment if it does not. See the documentation link for more information.", "visible": "[bool(steps('section_aks').jeeAppInfo.uploadAppPackage)]" }, { @@ -1163,6 +1168,7 @@ "name": "enableInternalLB", "type": "Microsoft.Common.CheckBox", "label": "Use Internal Load Balancer", + "toolTip": "If checked, the offer will configure the load balancer as an internal load balancer.", "visible": "[steps('section_appGateway').lbSVCInfo.enableLBSVC]" }, { @@ -1170,6 +1176,7 @@ "type": "Microsoft.Common.EditableGrid", "ariaLabel": "Enter information", "label": "Standard Load Balancer service", + "toolTip": "Create Azure Standard Load Balancer service for Administration Console and cluster.", "visible": "[steps('section_appGateway').lbSVCInfo.enableLBSVC]", "constraints": { "width": "Full", @@ -1208,7 +1215,6 @@ "header": "Target", "width": "2fr", "element": { - "name": "dropDownTargets", "type": "Microsoft.Common.DropDown", "placeholder": "admin-server", "toolTip": "Select targets for load balancer", @@ -1497,6 +1503,7 @@ "name": "enableCookieBasedAffinity", "type": "Microsoft.Common.CheckBox", "label": "Enable cookie based affinity", + "toolTip": "If checked, enable cookie based affinity", "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]" }, { @@ -1981,7 +1988,6 @@ "dnszoneClusterT3ChannelLabel": "[steps('section_dnsConfiguration').dnszoneClusterT3ChannelLabel]", "dnszoneName": "[steps('section_dnsConfiguration').dnszoneName]", "dnszoneRGName": "[steps('section_dnsConfiguration').dnsZoneResourceGroup]", - "dropDownTargets": "[steps('section_appGateway').lbSVCInfo.lbSVC.colTarget.dropDownTargets]", "dsConnectionURL": "[coalesce(steps('section_database').databaseConnectionInfo.dsConnectionURL, steps('section_database').databaseConnectionInfo.dsConnectionURL2, 'null')]", "enableAppGWIngress": "[steps('section_appGateway').appgwIngress.enableAppGateway]", "enableAzureMonitoring": "[bool(steps('section_aks').clusterInfo.enableAzureMonitoring)]", diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 46e8b49fb..6e74d6f7e 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -116,8 +116,6 @@ param dnszoneClusterT3ChannelLabel string = 'cluster-t3' @description('Azure DNS Zone name.') param dnszoneName string = 'contoso.xyz' param dnszoneRGName string = 'dns-contoso-rg' -@description('Internal load balancer targets array. Used when create standard load balancer is yes.') -param dropDownTargets array = [] @description('JDBC Connection String') param dsConnectionURL string = 'jdbc:postgresql://contoso.postgres.database.azure.com:5432/postgres' @description('true to set up Application Gateway ingress.') @@ -604,7 +602,6 @@ module networkingDeployment 'modules/networking.bicep' = if (const_enableNetwork keyVaultSSLCertDataSecretName: (!enableAppGWIngress || (appGatewayCertificateOption == const_appGatewaySSLCertOptionHaveKeyVault)) ? keyVaultSSLCertDataSecretName : appgwSecretDeployment.outputs.sslCertDataSecretName keyVaultSSLCertPasswordSecretName: (!enableAppGWIngress || (appGatewayCertificateOption == const_appGatewaySSLCertOptionHaveKeyVault)) ? keyVaultSSLCertPasswordSecretName : appgwSecretDeployment.outputs.sslCertPwdSecretName location: location - lbDropDownTargets: dropDownTargets lbSvcValues: lbSvcValues servicePrincipal: servicePrincipal useInternalLB: useInternalLB diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index 42b223e1d..a4a661dc2 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -55,7 +55,6 @@ param keyVaultSSLCertPasswordSecretName string = 'kv-ssl-psw' param location string = resourceGroup().location @description('Object array to define Load Balancer service, each object must include service name, service target[admin-server or cluster-1], port.') param lbSvcValues array = [] -param lbDropDownTargets array = [] @secure() param servicePrincipal string = newGuid() @description('True to set up internal load balancer service.') @@ -278,4 +277,3 @@ output adminServerT3ChannelUrl string = ref_networkDeployment.outputs.adminServe output clusterExternalUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewayURL) : ref_networkDeployment.outputs.clusterLBUrl.value output clusterExternalSecuredUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('https://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewaySecuredURL) : ref_networkDeployment.outputs.clusterLBSecuredUrl.value output clusterT3ChannelUrl string = ref_networkDeployment.outputs.clusterT3LBUrl.value -output standardLBTargetsLength int = length(lbDropDownTargets) From edf89798e297a3665bd590587f3fa1c3f4eac674 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 16:45:45 +0800 Subject: [PATCH 075/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification: update keu vault API version with 2020-06-01 Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/networking.bicep --- .../src/main/bicep/mainTemplate.bicep | 2 +- .../bicep/modules/_azure-resoruces/_dnsZones.bicep | 2 +- .../_keyvault/_keyvaultForGatewayBackendCert.bicep | 4 ++-- .../_keyvault/_keyvaultForWLSSSLCert.bicep | 14 +++++++------- .../_keyvault/_keyvaultWithExistingCert.bicep | 6 +++--- .../_keyvault/_keyvaultWithNewCert.bicep | 2 +- .../src/main/bicep/modules/networking.bicep | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 6e74d6f7e..c7953d4ba 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -387,7 +387,7 @@ module wlsSSLCertSecretsDeployment 'modules/_azure-resoruces/_keyvault/_keyvault } // get key vault object in a resource group -resource sslKeyvault 'Microsoft.KeyVault/vaults@2019-09-01' existing = if (enableCustomSSL) { +resource sslKeyvault 'Microsoft.KeyVault/vaults@2020-06-01' existing = if (enableCustomSSL) { name: (sslConfigurationAccessOption == const_wlsSSLCertOptionKeyVault) ? sslKeyVaultName : name_keyVaultName scope: resourceGroup(name_rgKeyvaultForWLSSSL) } diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep index c5dba80b3..5f0a1a064 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep @@ -1,7 +1,7 @@ @description('Azure DNS Zone name.') param dnszoneName string -resource dnszoneName_resource 'Microsoft.Network/dnszones@2018-05-01' = { +resource dnszoneName_resource 'Microsoft.Network/dnszones@2020-06-01' = { name: dnszoneName location: 'global' properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep index c5a2ab104..a00f57894 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep @@ -18,7 +18,7 @@ param sku string param utcValue string = utcNow() -resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName location: resourceGroup().location properties: { @@ -35,7 +35,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { } } -resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${certificateDataName}' properties: { value: certificateDataValue diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep index f32233ae9..5ee932af7 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep @@ -24,7 +24,7 @@ param wlsTrustKeyStoreDataSecretName string param wlsTrustKeyStorePassPhrase string param wlsTrustKeyStorePassPhraseSecretName string -resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName location: resourceGroup().location properties: { @@ -41,7 +41,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { } } -resource identityKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource identityKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${wlsIdentityKeyStoreDataSecretName}' properties: { value: wlsIdentityKeyStoreData @@ -51,7 +51,7 @@ resource identityKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-0 ] } -resource identityKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource identityKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${wlsIdentityKeyStorePassphraseSecretName}' properties: { value: wlsIdentityKeyStorePassphrase @@ -61,7 +61,7 @@ resource identityKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01 ] } -resource privateKeyAliasSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource privateKeyAliasSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${wlsPrivateKeyAliasSecretName}' properties: { value: wlsPrivateKeyAlias @@ -71,7 +71,7 @@ resource privateKeyAliasSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = ] } -resource privateKeyPswSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource privateKeyPswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${wlsPrivateKeyPassPhraseSecretName}' properties: { value: wlsPrivateKeyPassPhrase @@ -81,7 +81,7 @@ resource privateKeyPswSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { ] } -resource trustKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource trustKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${wlsTrustKeyStoreDataSecretName}' properties: { value: wlsTrustKeyStoreData @@ -91,7 +91,7 @@ resource trustKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' ] } -resource trustKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource trustKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${wlsTrustKeyStorePassPhraseSecretName}' properties: { value: wlsTrustKeyStorePassPhrase diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep index 5b02d09f8..86d140d9e 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep @@ -24,7 +24,7 @@ param sku string param utcValue string = utcNow() -resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName location: resourceGroup().location properties: { @@ -41,7 +41,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { } } -resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${certificateDataName}' properties: { value: certificateDataValue @@ -51,7 +51,7 @@ resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { ] } -resource secretForCertPassword 'Microsoft.KeyVault/vaults/secrets@2019-09-01' = { +resource secretForCertPassword 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { name: '${keyVaultName}/${certificatePasswordName}' properties: { value: certificatePasswordValue diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep index eb508ee6a..500f8e114 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep @@ -29,7 +29,7 @@ param utcValue string = utcNow() var const_identityId = '${substring(string(identity.userAssignedIdentities), indexOf(string(identity.userAssignedIdentities), '"') + 1, lastIndexOf(string(identity.userAssignedIdentities), '"') - (indexOf(string(identity.userAssignedIdentities), '"') + 1))}' -resource keyvault 'Microsoft.KeyVault/vaults@2019-09-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName location: resourceGroup().location properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index a4a661dc2..1ae7092aa 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -85,7 +85,7 @@ module pidAppgwStart './_pids/_pid.bicep' = if (enableAppGWIngress) { } // get key vault object in a resource group -resource existingKeyvault 'Microsoft.KeyVault/vaults@2019-09-01' existing = if (enableAppGWIngress) { +resource existingKeyvault 'Microsoft.KeyVault/vaults@2020-06-01' existing = if (enableAppGWIngress) { name: keyVaultName scope: resourceGroup(keyVaultResourceGroup) } From 57a81117b57d8c8097423b6839b402beeea932d9 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 16:48:20 +0800 Subject: [PATCH 076/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification: fix arm-ttk location. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml --- weblogic-azure-aks/pom.xml | 1 + 1 file changed, 1 insertion(+) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index b48bf42e5..71d5e0676 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -29,6 +29,7 @@ jar wls-on-aks-azure-marketplace + ${basedir}/../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=6}' From b53251bae0a094ea2d66bdcda94174da6195eb7d Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:06:42 +0800 Subject: [PATCH 077/720] on branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification: Template Should Not Contain Blanks and add secure setting to password parameters. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep --- .../src/main/bicep/modules/_azure-resoruces/_aks.bicep | 2 -- .../main/bicep/modules/_azure-resoruces/_appgateway.bicep | 6 ------ .../_keyvault/_keyvaultForGatewayBackendCert.bicep | 1 - .../_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep | 1 - .../_keyvault/_keyvaultWithExistingCert.bicep | 3 ++- .../modules/_azure-resoruces/_keyvaultForGateway.bicep | 1 + .../src/main/bicep/modules/_azure-resoruces/_storage.bicep | 2 -- .../src/main/bicep/modules/_setupDBConnection.bicep | 1 + 8 files changed, 4 insertions(+), 13 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep index 72253ee14..061478319 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep @@ -79,7 +79,6 @@ resource aksClusterDefault 'Microsoft.ContainerService/managedClusters@2021-02-0 maxPods: const_aksAgentPoolMaxPods type: 'VirtualMachineScaleSets' availabilityZones: const_aksAvailabilityZones - nodeLabels: {} mode: 'System' osType: 'Linux' } @@ -125,7 +124,6 @@ resource aksCluster 'Microsoft.ContainerService/managedClusters@2021-02-01' = if maxPods: const_aksAgentPoolMaxPods type: 'VirtualMachineScaleSets' availabilityZones: const_aksAvailabilityZones - nodeLabels: {} mode: 'System' osType: 'Linux' } diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep index ac81e0c38..15ae9df5e 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep @@ -52,13 +52,10 @@ resource nsg 'Microsoft.Network/networkSecurityGroups@2020-07-01' = { access: 'Allow' priority: 510 direction: 'Inbound' - sourcePortRanges: [] destinationPortRanges: [ '80' '443' ] - sourceAddressPrefixes: [] - destinationAddressPrefixes: [] } name: 'ALLOW_HTTP_ACCESS' } @@ -148,9 +145,6 @@ resource appGateway 'Microsoft.Network/applicationGateways@2020-07-01' = { backendAddressPools: [ { name: 'myGatewayBackendPool' - properties: { - backendAddresses: [] - } } ] httpListeners: [ diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep index a00f57894..b897c6076 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep @@ -27,7 +27,6 @@ resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: sku family: 'A' } - accessPolicies: [] tenantId: subscription().tenantId } tags:{ diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep index 5ee932af7..73eba289d 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep @@ -33,7 +33,6 @@ resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: sku family: 'A' } - accessPolicies: [] tenantId: subscription().tenantId } tags:{ diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep index 86d140d9e..9bb349e9f 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep @@ -7,9 +7,11 @@ param certificateDataName string @description('Certificate data to store in the secret') param certificateDataValue string +@secure() @description('Secret name of certificate password.') param certificatePasswordName string +@secure() @description('Certificate password to store in the secret') param certificatePasswordValue string @@ -33,7 +35,6 @@ resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: sku family: 'A' } - accessPolicies: [] tenantId: subscription().tenantId } tags:{ diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep index 5e682f89a..c61f5f808 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep @@ -8,6 +8,7 @@ param backendCertificateDataValue string @description('Certificate data to store in the secret') param certificateDataValue string +@secure() @description('Certificate password to store in the secret') param certificatePasswordValue string diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep index 29be05b0a..cdbfd5e8c 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep @@ -20,8 +20,6 @@ resource storageAccount 'Microsoft.Storage/storageAccounts@2021-02-01' = { properties: { networkAcls: { bypass: 'AzureServices' - virtualNetworkRules: [] - ipRules: [] defaultAction: 'Allow' } supportsHttpsTrafficOnly: true diff --git a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep index 2df8f77d0..8bbe56df6 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep @@ -23,6 +23,7 @@ param dbConfigurationType string = 'createOrUpdate' param dbDriverName string = 'org.contoso.Driver' @description('Determines the transaction protocol (global transaction processing behavior) for the data source.') param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' +@secure() @description('Password for Database') param dbPassword string = newGuid() @description('The name of the database table to use when testing physical database connections. This name is required when you specify a Test Frequency and enable Test Reserved Connections.') From c9363dcd35b67006c4f1a500a52e5f959f86cc0e Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:14:42 +0800 Subject: [PATCH 078/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification: set the db password length to 6-128. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json --- weblogic-azure-aks/src/main/arm/createUiDefinition.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 445706005..d08a13511 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -1893,8 +1893,8 @@ "toolTip": "Database Password", "constraints": { "required": true, - "regex": "^((?=.*[0-9])(?=.*[a-zA-Z!@#$%^&*])).{5,128}$", - "validationMessage": "The password must be between 5 and 128 characters long and have at least one number." + "regex": "^((?=.*[0-9])(?=.*[a-zA-Z!@#$%^&*])).{6,128}$", + "validationMessage": "The password must be between 6 and 128 characters long and have at least one number." }, "options": { "hideConfirmation": false From 45ca6f98a71341d66f52cbed2f8d24ab3f91b0c2 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:16:01 +0800 Subject: [PATCH 079/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification: add secure setting to dbPassword parameter. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep --- .../src/main/bicep/modules/setupDBConnection.bicep | 1 + 1 file changed, 1 insertion(+) diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep index 688233cc6..a8be1b52e 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep @@ -51,6 +51,7 @@ param databaseType string = 'oracle' param dbConfigurationType string = 'createOrUpdate' @description('Determines the transaction protocol (global transaction processing behavior) for the data source.') param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' +@secure() @description('Password for Database') param dbPassword string = newGuid() @description('User id of Database') From 48335a9f09cf5ed417fa37c5165b43c849a05536 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:21:11 +0800 Subject: [PATCH 080/720] Parameter "dbPassword" is of type "string" but should be secure. Signed-off-by: galiacheng --- .../modules/_deployment-scripts/_ds-datasource-connection.bicep | 1 + 1 file changed, 1 insertion(+) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep index facd11b66..5d18031d9 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep @@ -11,6 +11,7 @@ param databaseType string = 'oracle' param dbConfigurationType string param dbDriverName string = 'org.contoso.Driver' param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' +@secure() param dbPassword string = newGuid() param dbTestTableName string = 'Null' param dbUser string From c8ddb9439cd46d0fc112ca58c98ba6c4cc90e2f5 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:22:22 +0800 Subject: [PATCH 081/720] Fix "Could not output secure parameter." Signed-off-by: galiacheng --- .../_keyvault/_keyvaultWithExistingCert.bicep | 7 +++---- .../modules/_azure-resoruces/_keyvaultForGateway.bicep | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep index 9bb349e9f..4b9bb1fe9 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep @@ -7,9 +7,8 @@ param certificateDataName string @description('Certificate data to store in the secret') param certificateDataValue string -@secure() @description('Secret name of certificate password.') -param certificatePasswordName string +param certificatePswSecretName string @secure() @description('Certificate password to store in the secret') @@ -53,7 +52,7 @@ resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { } resource secretForCertPassword 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { - name: '${keyVaultName}/${certificatePasswordName}' + name: '${keyVaultName}/${certificatePswSecretName}' properties: { value: certificatePasswordValue } @@ -64,4 +63,4 @@ resource secretForCertPassword 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = output keyVaultName string = keyVaultName output sslCertDataSecretName string = certificateDataName -output sslCertPwdSecretName string = certificatePasswordName +output sslCertPwdSecretName string = certificatePswSecretName diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep index c61f5f808..f09a685fa 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep @@ -60,7 +60,7 @@ module keyVaultwithExistingAppGatewaySSLCert '_keyvault/_keyvaultWithExistingCer params: { certificateDataName: name_sslCertSecretName certificateDataValue: certificateDataValue - certificatePasswordName: name_sslCertPasswordSecretName + certificatePswSecretName: name_sslCertPasswordSecretName certificatePasswordValue: certificatePasswordValue enabledForTemplateDeployment: enabledForTemplateDeployment keyVaultName: keyVaultName From 9f35da9a412f5ef8ff9d9d556c253dd0e2800424 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:26:27 +0800 Subject: [PATCH 082/720] Add defult value to _artifactsLocation Signed-off-by: galiacheng --- .../modules/_deployment-scripts/_ds-create-networking.bicep | 2 +- .../modules/_deployment-scripts/_ds-create-wls-cluster.bicep | 2 +- .../modules/_deployment-scripts/_ds-datasource-connection.bicep | 2 +- .../modules/_deployment-scripts/_ds-validate-applications.bicep | 2 +- .../modules/_deployment-scripts/_ds_update-applications.bicep | 2 +- .../src/main/bicep/modules/_setupDBConnection.bicep | 2 +- .../src/main/bicep/modules/setupDBConnection.bicep | 2 +- .../src/main/bicep/modules/updateWebLogicApplications.bicep | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep index 148af3c5a..2c47142f2 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param _artifactsLocation string +param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index de95f6344..3bd2e8a70 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param _artifactsLocation string +param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep index 5d18031d9..0d2e51fd1 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param _artifactsLocation string +param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep index 44600e7a3..105806955 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param _artifactsLocation string +param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep index d76a659bc..0040005b7 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param _artifactsLocation string +param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep index 8bbe56df6..7c3a58130 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep @@ -3,7 +3,7 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. */ -param _artifactsLocation string = '' +param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' param _pidEnd string = '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep index a8be1b52e..cf2bc72c6 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupDBConnection.bicep @@ -30,7 +30,7 @@ Build and run - Run command `az deployment group create -f setupDBConnection.json -p parameters.json -g ` */ -param _artifactsLocation string = '' +param _artifactsLocation string = 'https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/arm/' @secure() param _artifactsLocationSasToken string = '' diff --git a/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep b/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep index 604fae6b0..9a5a16aba 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/updateWebLogicApplications.bicep @@ -32,7 +32,7 @@ Build and run - Run command `az deployment group create -f updateWebLogicApplications.json -p parameters.json -g ` */ -param _artifactsLocation string = '' +param _artifactsLocation string = 'https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/arm/' @secure() param _artifactsLocationSasToken string = '' From 67ca80941acc68368650c5f2164362bf5cf95d1c Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:47:35 +0800 Subject: [PATCH 083/720] mainTemplate.json must use the location parameter, not resourceG roup().location or deployment().location Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-query-storage-account.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep modified: weblogic-azure-aks/src/main/bicep/modules/networking.bicep modified: weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep --- weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 8 +++++++- .../src/main/bicep/modules/_azure-resoruces/_acr.bicep | 2 +- .../src/main/bicep/modules/_azure-resoruces/_aks.bicep | 2 +- .../bicep/modules/_azure-resoruces/_appgateway.bicep | 9 +++++---- .../_keyvault/_keyvaultForGatewayBackendCert.bicep | 4 +++- .../_keyvault/_keyvaultForWLSSSLCert.bicep | 3 ++- .../_keyvault/_keyvaultWithExistingCert.bicep | 4 +++- .../_keyvault/_keyvaultWithNewCert.bicep | 6 ++++-- .../modules/_azure-resoruces/_keyvaultForGateway.bicep | 4 ++++ .../main/bicep/modules/_azure-resoruces/_storage.bicep | 2 +- .../_ds-appgw-upload-trusted-root-certificate.bicep | 3 ++- .../_deployment-scripts/_ds-create-networking.bicep | 2 +- .../_deployment-scripts/_ds-create-wls-cluster.bicep | 2 +- .../_deployment-scripts/_ds-datasource-connection.bicep | 3 ++- .../_deployment-scripts/_ds-query-storage-account.bicep | 3 ++- .../_deployment-scripts/_ds-validate-applications.bicep | 3 ++- .../_deployment-scripts/_ds-validate-parameters.bicep | 3 ++- .../_deployment-scripts/_ds_update-applications.bicep | 3 ++- .../src/main/bicep/modules/_setupDBConnection.bicep | 2 ++ .../src/main/bicep/modules/networking.bicep | 4 +++- .../src/main/bicep/modules/setupWebLogicCluster.bicep | 2 +- 21 files changed, 51 insertions(+), 23 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index c7953d4ba..1d60323b8 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -149,7 +149,7 @@ param keyVaultSSLBackendRootCertDataSecretName string = 'kv-ssl-backend-data' param keyVaultSSLCertDataSecretName string = 'kv-ssl-data' @description('The name of the secret in the specified KeyVault whose value is the password for the SSL Certificate of Appliation Gateway frontend TLS/SSL') param keyVaultSSLCertPasswordSecretName string = 'kv-ssl-psw' -param location string = resourceGroup().location +param location string @description('Object array to define Load Balancer service, each object must include service name, service target[admin-server or cluster-1], port.') param lbSvcValues array = [] @description('Name prefix of managed server.') @@ -331,6 +331,7 @@ module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep keyVaultSSLCertDataSecretName: keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName: keyVaultSSLCertPasswordSecretName identity: identity + location: location ocrSSOPSW: ocrSSOPSW ocrSSOUser: ocrSSOUser servicePrincipal: servicePrincipal @@ -367,6 +368,7 @@ module wlsSSLCertSecretsDeployment 'modules/_azure-resoruces/_keyvault/_keyvault name: 'upload-wls-ssl-cert-to-keyvault' params: { keyVaultName: name_keyVaultName + location: location sku: keyVaultSku wlsIdentityKeyStoreData: sslUploadedCustomIdentityKeyStoreData wlsIdentityKeyStoreDataSecretName: name_identityKeyStoreDataSecret @@ -400,6 +402,7 @@ module queryStorageAccount 'modules/_deployment-scripts/_ds-query-storage-accoun aksClusterName: aksClusterName aksClusterRGName: aksClusterRGName identity: identity + location: location } } @@ -541,6 +544,7 @@ module appgwSecretDeployment 'modules/_azure-resoruces/_keyvaultForGateway.bicep certificatePasswordValue: appGatewaySSLCertPassword enableCustomSSL: enableCustomSSL identity: identity + location: location sku: keyVaultSku subjectName: format('CN={0}', enableDNSConfiguration ? format('{0}.{1}', dnsNameforApplicationGateway, dnszoneName) : const_azureSubjectName) useExistingAppGatewaySSLCertificate: (appGatewayCertificateOption == const_appGatewaySSLCertOptionHaveCert) ? true : false @@ -632,6 +636,7 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { dsConnectionURL: dsConnectionURL identity: identity jdbcDataSourceName: jdbcDataSourceName + location: location wlsDomainUID: wlsDomainUID wlsPassword: wlsPassword wlsUserName: wlsUserName @@ -653,6 +658,7 @@ module validateApplciations 'modules/_deployment-scripts/_ds-validate-applicatio aksClusterRGName: ref_wlsDomainDeployment.outputs.aksClusterRGName.value aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value identity: identity + location: location wlsDomainUID: wlsDomainUID wlsPassword: wlsPassword wlsUserName: wlsUserName diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep index 28c71ada1..a091a0bb9 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_acr.bicep @@ -2,7 +2,7 @@ // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. param acrNamePrefix string = 'wlsaksacr' -param location string = resourceGroup().location +param location string param utcValue string = utcNow() var name_acr= '${acrNamePrefix}${uniqueString(utcValue)}' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep index 061478319..8127b6a5d 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep @@ -22,7 +22,7 @@ param aksClusterNamePrefix string = 'wlsonaks' param aksVersion string = 'default' @description('In addition to the CPU and memory metrics included in AKS by default, you can enable Container Insights for more comprehensive data on the overall performance and health of your cluster. Billing is based on data ingestion and retention settings.') param enableAzureMonitoring bool = false -param location string = resourceGroup().location +param location string param utcValue string = utcNow() var const_aksAgentPoolOSDiskSizeGB = 128 diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep index 15ae9df5e..b965493ab 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_appgateway.bicep @@ -5,6 +5,7 @@ param dnsNameforApplicationGateway string = take('wlsgw${uniqueString(utcValue)}', 63) @description('Public IP Name for the Application Gateway') param gatewayPublicIPAddressName string = 'gwip' +param location string param utcValue string = utcNow() var const_subnetAddressPrefix = '172.16.0.0/28' @@ -27,7 +28,7 @@ var ref_httpListener = resourceId('Microsoft.Network/applicationGateways/httpLis resource nsg 'Microsoft.Network/networkSecurityGroups@2020-07-01' = { name: name_nsg - location: resourceGroup().location + location: location properties: { securityRules: [ { @@ -65,7 +66,7 @@ resource nsg 'Microsoft.Network/networkSecurityGroups@2020-07-01' = { resource vnet 'Microsoft.Network/virtualNetworks@2020-07-01' = { name: name_virtualNetwork - location: resourceGroup().location + location: location properties: { addressSpace: { addressPrefixes: [ @@ -94,7 +95,7 @@ resource gatewayPublicIP 'Microsoft.Network/publicIPAddresses@2020-07-01' = { sku: { name: 'Standard' } - location: resourceGroup().location + location: location properties: { publicIPAllocationMethod: 'Static' dnsSettings: { @@ -105,7 +106,7 @@ resource gatewayPublicIP 'Microsoft.Network/publicIPAddresses@2020-07-01' = { resource appGateway 'Microsoft.Network/applicationGateways@2020-07-01' = { name: name_appGateway - location: resourceGroup().location + location: location tags: { 'managed-by-k8s-ingress': 'true' } diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep index b897c6076..f0eca1579 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep @@ -13,6 +13,8 @@ param enabledForTemplateDeployment bool = true @description('Name of the vault') param keyVaultName string +param location string + @description('Price tier for Key Vault.') param sku string @@ -20,7 +22,7 @@ param utcValue string = utcNow() resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName - location: resourceGroup().location + location: location properties: { enabledForTemplateDeployment: enabledForTemplateDeployment sku: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep index 73eba289d..99e482729 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep @@ -5,6 +5,7 @@ param enabledForTemplateDeployment bool = true @description('Name of the vault') param keyVaultName string +param location string @description('Price tier for Key Vault.') param sku string param utcValue string = utcNow() @@ -26,7 +27,7 @@ param wlsTrustKeyStorePassPhraseSecretName string resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName - location: resourceGroup().location + location: location properties: { enabledForTemplateDeployment: enabledForTemplateDeployment sku: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep index 4b9bb1fe9..5d99f71ea 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep @@ -20,6 +20,8 @@ param enabledForTemplateDeployment bool = true @description('Name of the vault') param keyVaultName string +param location string + @description('Price tier for Key Vault.') param sku string @@ -27,7 +29,7 @@ param utcValue string = utcNow() resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName - location: resourceGroup().location + location: location properties: { enabledForTemplateDeployment: enabledForTemplateDeployment sku: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep index 500f8e114..e6ed0d220 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep @@ -7,6 +7,8 @@ param identity object @description('Used to name the new Azure Key Vault resoure.') param keyVaultName string = 'wls-kv-${uniqueString(utcValue)}' +param location string + @description('Access permission of the key vault, will applied to all access policies.') param permission object = { certificates: [ @@ -31,7 +33,7 @@ var const_identityId = '${substring(string(identity.userAssignedIdentities), ind resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { name: keyVaultName - location: resourceGroup().location + location: location properties: { sku: { family: 'A' @@ -58,7 +60,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { resource createAddCertificate 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'ds-create-add-appgw-certificate' - location: resourceGroup().location + location: location identity: identity kind: 'AzurePowerShell' properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep index f09a685fa..3c3f6bd48 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep @@ -19,6 +19,7 @@ param enableCustomSSL bool = false param enabledForTemplateDeployment bool = true param identity object +param location string param permission object = { certificates: [ 'get' @@ -49,6 +50,7 @@ module keyVaultwithSelfSignedAppGatewaySSLCert '_keyvault/_keyvaultWithNewCert.b params: { identity: identity keyVaultName: keyVaultName + location: location permission: permission subjectName: subjectName sku: sku @@ -64,6 +66,7 @@ module keyVaultwithExistingAppGatewaySSLCert '_keyvault/_keyvaultWithExistingCer certificatePasswordValue: certificatePasswordValue enabledForTemplateDeployment: enabledForTemplateDeployment keyVaultName: keyVaultName + location: location sku: sku } } @@ -75,6 +78,7 @@ module keyvaultBackendRootCert '_keyvault/_keyvaultForGatewayBackendCert.bicep' certificateDataValue: backendCertificateDataValue enabledForTemplateDeployment: enabledForTemplateDeployment keyVaultName: keyVaultName + location: location sku: sku } dependsOn:[ diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep index cdbfd5e8c..fddf83cdd 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param location string = resourceGroup().location +param location string param storageAccountName string param utcValue string = utcNow() diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep index 416d93452..de32b1dc3 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep @@ -5,6 +5,7 @@ param appgwName string @secure() param sslBackendRootCertData string = newGuid() param identity object +param location string param utcValue string = utcNow() var const_arguments = '${resourceGroup().name} ${appgwName} ${sslBackendRootCertData}' @@ -13,7 +14,7 @@ var const_deploymentName='ds-upload-trusted-root-certificatre-to-gateway' resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: const_deploymentName - location: resourceGroup().location + location: location kind: 'AzureCLI' identity: identity properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep index 2c47142f2..6b2c8a378 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep @@ -34,7 +34,7 @@ param enableCustomSSL bool = false param enableDNSConfiguration bool = false param identity object param lbSvcValues array = [] -param location string = resourceGroup().location +param location string @secure() param servicePrincipal string = newGuid() param useInternalLB bool = false diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index 3bd2e8a70..94da396ff 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -16,7 +16,7 @@ param enableAdminT3Tunneling bool = false param enableClusterT3Tunneling bool = false param enablePV bool = false param identity object -param location string = resourceGroup().location +param location string param managedServerPrefix string = 'managed-server' @secure() param ocrSSOPSW string diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep index 0d2e51fd1..90bb36d2e 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep @@ -18,6 +18,7 @@ param dbUser string param dsConnectionURL string param identity object param jdbcDataSourceName string +param location string param utcValue string = utcNow() param wlsDomainUID string = 'sample-domain1' @secure() @@ -37,7 +38,7 @@ var const_utilityScript= 'utility.sh' resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'ds-wls-db-connection' - location: resourceGroup().location + location: location kind: 'AzureCLI' identity: identity properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-query-storage-account.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-query-storage-account.bicep index e973be8ae..d684a87cc 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-query-storage-account.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-query-storage-account.bicep @@ -5,6 +5,7 @@ param aksClusterName string = '' param aksClusterRGName string = '' param identity object +param location string param utcValue string = utcNow() var const_arguments = '${aksClusterRGName} ${aksClusterName}' @@ -13,7 +14,7 @@ var const_deploymentName='ds-query-storage-account' resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: const_deploymentName - location: resourceGroup().location + location: location kind: 'AzureCLI' identity: identity properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep index 105806955..2a6504abb 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-applications.bicep @@ -8,6 +8,7 @@ param _artifactsLocationSasToken string = '' param aksClusterRGName string = '' param aksClusterName string = '' param identity object +param location string param utcValue string = utcNow() param wlsDomainUID string = 'sample-domain1' @secure() @@ -24,7 +25,7 @@ var const_utilityScript= 'utility.sh' resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'ds-wls-validate-applications' - location: resourceGroup().location + location: location kind: 'AzureCLI' identity: identity properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep index a84b2ee36..f6f4a85f4 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep @@ -23,6 +23,7 @@ param keyVaultResourceGroup string param keyVaultSSLCertDataSecretName string param keyVaultSSLCertPasswordSecretName string param identity object +param location string @secure() param ocrSSOPSW string param ocrSSOUser string @@ -65,7 +66,7 @@ var const_deploymentName = 'ds-validate-parameters-and-fail-fast' resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: const_deploymentName - location: resourceGroup().location + location: location kind: 'AzureCLI' identity: identity properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep index 0040005b7..ebce1768d 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds_update-applications.bicep @@ -14,6 +14,7 @@ param appPackageFromStorageBlob object = { containerName: 'container-contoso' } param identity object +param location string @secure() param ocrSSOPSW string @@ -37,7 +38,7 @@ var const_utilityScript= 'utility.sh' resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'ds-wls-update-applications' - location: resourceGroup().location + location: location kind: 'AzureCLI' identity: identity properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep index 7c3a58130..5fcf10f77 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_setupDBConnection.bicep @@ -37,6 +37,7 @@ param identity object @description('JNDI Name for JDBC Datasource') param jdbcDataSourceName string = 'jdbc/contoso' +param location string @description('UID of WebLogic domain, used in WebLogic Operator.') param wlsDomainUID string = 'sample-domain1' @secure() @@ -68,6 +69,7 @@ module configDataSource '_deployment-scripts/_ds-datasource-connection.bicep' = dsConnectionURL: dsConnectionURL identity: identity jdbcDataSourceName: jdbcDataSourceName + location: location wlsDomainUID: wlsDomainUID wlsPassword: wlsPassword wlsUserName: wlsUserName diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index 1ae7092aa..a25a23ab5 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -52,7 +52,7 @@ param keyvaultBackendCertDataSecretName string = 'kv-ssl-backend-data' param keyVaultSSLCertDataSecretName string = 'kv-ssl-data' @description('The name of the secret in the specified KeyVault whose value is the password for the SSL Certificate') param keyVaultSSLCertPasswordSecretName string = 'kv-ssl-psw' -param location string = resourceGroup().location +param location string @description('Object array to define Load Balancer service, each object must include service name, service target[admin-server or cluster-1], port.') param lbSvcValues array = [] @secure() @@ -95,6 +95,7 @@ module appgwDeployment '_azure-resoruces/_appgateway.bicep' = if (enableAppGWIng params: { dnsNameforApplicationGateway: dnsNameforApplicationGateway gatewayPublicIPAddressName: appGatewayPublicIPAddressName + location: location } dependsOn: [ pidAppgwStart @@ -112,6 +113,7 @@ module appgwBackendCertDeployment '_deployment-scripts/_ds-appgw-upload-trusted- appgwName: enableAppGWIngress ? appgwDeployment.outputs.appGatewayName : 'null' sslBackendRootCertData: existingKeyvault.getSecret(keyvaultBackendCertDataSecretName) identity: identity + location: location } dependsOn: [ appgwDeployment diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep index 47200f82a..6ee6389c7 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep @@ -63,7 +63,7 @@ param enableClusterT3Tunneling bool = false param enablePV bool = false @description('An user assigned managed identity. Make sure the identity has permission to create/update/delete/list Azure resources.') param identity object -param location string = resourceGroup().location +param location string @description('Name prefix of managed server.') param managedServerPrefix string = 'managed-server' @secure() From 77eefab18cbed7efb52b193f52aff0f6dd775455 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 17:54:41 +0800 Subject: [PATCH 084/720] fix ARM API version Signed-off-by: galiacheng --- .../src/main/bicep/mainTemplate.bicep | 2 +- .../bicep/modules/_azure-resoruces/_dnsZones.bicep | 2 +- .../_keyvault/_keyvaultForGatewayBackendCert.bicep | 4 ++-- .../_keyvault/_keyvaultForWLSSSLCert.bicep | 14 +++++++------- .../_keyvault/_keyvaultWithExistingCert.bicep | 6 +++--- .../_keyvault/_keyvaultWithNewCert.bicep | 2 +- .../_ds-validate-parameters.bicep | 2 +- .../src/main/bicep/modules/networking.bicep | 2 +- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 1d60323b8..34550e968 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -389,7 +389,7 @@ module wlsSSLCertSecretsDeployment 'modules/_azure-resoruces/_keyvault/_keyvault } // get key vault object in a resource group -resource sslKeyvault 'Microsoft.KeyVault/vaults@2020-06-01' existing = if (enableCustomSSL) { +resource sslKeyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' existing = if (enableCustomSSL) { name: (sslConfigurationAccessOption == const_wlsSSLCertOptionKeyVault) ? sslKeyVaultName : name_keyVaultName scope: resourceGroup(name_rgKeyvaultForWLSSSL) } diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep index 5f0a1a064..7238c574e 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep @@ -1,7 +1,7 @@ @description('Azure DNS Zone name.') param dnszoneName string -resource dnszoneName_resource 'Microsoft.Network/dnszones@2020-06-01' = { +resource dnszoneName_resource 'Microsoft.Network/dnsZones@2018-05-01' = { name: dnszoneName location: 'global' properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep index f0eca1579..f7de73400 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep @@ -20,7 +20,7 @@ param sku string param utcValue string = utcNow() -resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName location: location properties: { @@ -36,7 +36,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { } } -resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${certificateDataName}' properties: { value: certificateDataValue diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep index 99e482729..9cb0a5e8e 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep @@ -25,7 +25,7 @@ param wlsTrustKeyStoreDataSecretName string param wlsTrustKeyStorePassPhrase string param wlsTrustKeyStorePassPhraseSecretName string -resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName location: location properties: { @@ -41,7 +41,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { } } -resource identityKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource identityKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${wlsIdentityKeyStoreDataSecretName}' properties: { value: wlsIdentityKeyStoreData @@ -51,7 +51,7 @@ resource identityKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-0 ] } -resource identityKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource identityKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${wlsIdentityKeyStorePassphraseSecretName}' properties: { value: wlsIdentityKeyStorePassphrase @@ -61,7 +61,7 @@ resource identityKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01 ] } -resource privateKeyAliasSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource privateKeyAliasSecret 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${wlsPrivateKeyAliasSecretName}' properties: { value: wlsPrivateKeyAlias @@ -71,7 +71,7 @@ resource privateKeyAliasSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = ] } -resource privateKeyPswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource privateKeyPswSecret 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${wlsPrivateKeyPassPhraseSecretName}' properties: { value: wlsPrivateKeyPassPhrase @@ -81,7 +81,7 @@ resource privateKeyPswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { ] } -resource trustKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource trustKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${wlsTrustKeyStoreDataSecretName}' properties: { value: wlsTrustKeyStoreData @@ -91,7 +91,7 @@ resource trustKeyStoreDataSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' ] } -resource trustKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource trustKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${wlsTrustKeyStorePassPhraseSecretName}' properties: { value: wlsTrustKeyStorePassPhrase diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep index 5d99f71ea..2809d5544 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep @@ -27,7 +27,7 @@ param sku string param utcValue string = utcNow() -resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName location: location properties: { @@ -43,7 +43,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { } } -resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${certificateDataName}' properties: { value: certificateDataValue @@ -53,7 +53,7 @@ resource secretForCertificate 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { ] } -resource secretForCertPassword 'Microsoft.KeyVault/vaults/secrets@2020-06-01' = { +resource secretForCertPassword 'Microsoft.KeyVault/vaults/secrets@2021-06-01-preview' = { name: '${keyVaultName}/${certificatePswSecretName}' properties: { value: certificatePasswordValue diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep index e6ed0d220..a51b6882e 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep @@ -31,7 +31,7 @@ param utcValue string = utcNow() var const_identityId = '${substring(string(identity.userAssignedIdentities), indexOf(string(identity.userAssignedIdentities), '"') + 1, lastIndexOf(string(identity.userAssignedIdentities), '"') - (indexOf(string(identity.userAssignedIdentities), '"') + 1))}' -resource keyvault 'Microsoft.KeyVault/vaults@2020-06-01' = { +resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName location: location properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep index f6f4a85f4..3fdc96eae 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep @@ -58,7 +58,7 @@ param utcValue string = utcNow() param wlsImageTag string var const_acrName= useOracleImage ? acrName: userProvidedAcr -var const_arguments = '${resourceGroup().location} ${createAKSCluster} ${aksAgentPoolVMSize} ${aksAgentPoolNodeCount} ${useOracleImage} ${wlsImageTag} ${userProvidedImagePath} ${enableCustomSSL} ${sslConfigurationAccessOption} ${appGatewayCertificateOption} ${enableAppGWIngress} ${const_checkDNSZone} ${const_checkACRAdminEnabled}' +var const_arguments = '${location} ${createAKSCluster} ${aksAgentPoolVMSize} ${aksAgentPoolNodeCount} ${useOracleImage} ${wlsImageTag} ${userProvidedImagePath} ${enableCustomSSL} ${sslConfigurationAccessOption} ${appGatewayCertificateOption} ${enableAppGWIngress} ${const_checkDNSZone} ${const_checkACRAdminEnabled}' var const_azcliVersion = '2.15.0' var const_checkDNSZone = enableDNSConfiguration && !createDNSZone var const_checkACRAdminEnabled= useOracleImage || !createACR diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index a25a23ab5..29242ca3c 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -85,7 +85,7 @@ module pidAppgwStart './_pids/_pid.bicep' = if (enableAppGWIngress) { } // get key vault object in a resource group -resource existingKeyvault 'Microsoft.KeyVault/vaults@2020-06-01' existing = if (enableAppGWIngress) { +resource existingKeyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' existing = if (enableAppGWIngress) { name: keyVaultName scope: resourceGroup(keyVaultResourceGroup) } From 7658a045488df4fc71d0d5c8d36a562e02eec412 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 3 Nov 2021 18:25:56 +0800 Subject: [PATCH 085/720] We have to specify the empty policy to KeyVault Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep --- .../_keyvault/_keyvaultForGatewayBackendCert.bicep | 1 + .../_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep | 1 + .../_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep | 1 + 3 files changed, 3 insertions(+) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep index f7de73400..89d8d1855 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep @@ -24,6 +24,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName location: location properties: { + accessPolicies: [] enabledForTemplateDeployment: enabledForTemplateDeployment sku: { name: sku diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep index 9cb0a5e8e..17fb2a9ed 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep @@ -29,6 +29,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName location: location properties: { + accessPolicies: [] enabledForTemplateDeployment: enabledForTemplateDeployment sku: { name: sku diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep index 2809d5544..82a744e3d 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep @@ -31,6 +31,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName location: location properties: { + accessPolicies: [] enabledForTemplateDeployment: enabledForTemplateDeployment sku: { name: sku From eef083a2317b9779c74a4011640f6269846ef433 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 3 Nov 2021 11:37:29 -0400 Subject: [PATCH 086/720] Most recent version in Partner Center is 1.0.25. Therefore, increment to 1.0.26. --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 71d5e0676..9c227a165 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.25 + 1.0.26 com.microsoft.azure.iaas From c4b0550f8970238b34dd35caceda08630510f6cd Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 3 Nov 2021 12:40:26 -0400 Subject: [PATCH 087/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification Copied from https://github.com/oracle/weblogic-azure/pull/64 but with some changes, seen below. new file: .github/workflows/testWlsAksWithDependencyCreation.yml new file: .github/workflows/testWlsAksWithoutDependencyCreation.yml - Add two properties to `workflow_dispatch.inputs` ```yaml gitUserNameForArtifactsLocation: description: 'Replaced into https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/' testBranchNameForArtifactsLocation: description: 'Replaced into https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/' ``` - Remove properties from `env`: ```yaml aksRepoUserName: oracle aksRepoBranchName: main ``` This allows the branch to be determined by the GitHub UI dropdown, rather than hard coded. Signed-off-by: Ed Burns --- .../testWlsAksWithDependencyCreation.yml | 354 ++++++++++++++++++ .../testWlsAksWithoutDependencyCreation.yml | 266 +++++++++++++ 2 files changed, 620 insertions(+) create mode 100644 .github/workflows/testWlsAksWithDependencyCreation.yml create mode 100644 .github/workflows/testWlsAksWithoutDependencyCreation.yml diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml new file mode 100644 index 000000000..816b05e5b --- /dev/null +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -0,0 +1,354 @@ +name: Test WLS on AKS with Dependency creation + +on: + workflow_dispatch: + inputs: + isForDemo: + description: 'If set to true, JMS configuration for Cargo Tracker will be applied, and resources will not be deleted' + required: true + default: 'false' + gitUserNameForArtifactsLocation: + description: 'Replaced into https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/' + required: true + default: oracle + testBranchNameForArtifactsLocation: + description: 'Replaced into https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/' + required: true + default: main + # sample cURL + # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-integration-test-with-dependency-creation"}' + repository_dispatch: + types: [aks-integration-test-with-dependency-creation] + +env: + refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 + azCliVersion: 2.29.0 + azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} + location: eastus + resourceGroupForWlsAks: wlsd-aks-${{ github.run_id }}-${{ github.run_number }} + dbAdminUser: weblogic + dbPassword: ${{ secrets.DB_PASSWORD }} + dbName: wlsdb${{ github.run_id }}${{ github.run_number }} + servicePrincipal: ${{ secrets.SERVICE_PRINCIPAL }} + ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} + ocrSSOUser: ${{ secrets.ORC_SSOUSER }} + wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} + wlsUserName: ${{ secrets.WLS_USERNAME }} + wlsPassword: ${{ secrets.WLS_PSW }} + userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} + resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} + resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} + storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} + storageContainerName: wlsdcon${{ github.run_id }}${{ github.run_number }} + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Set up bicep + run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/download/v0.4.613/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --version + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Checkout weblogic-azure + uses: actions/checkout@v2 + with: + path: weblogic-azure + - name: Build and test weblogic-azure/weblogic-azure-aks + run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" + - name: Archive weblogic-azure/weblogic-azure-aks template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + deploy-db: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForDB }} + az group create --verbose --name ${{ env.resourceGroupForDB }} --location ${{ env.location }} + - name: Set Up Azure Postgresql to Test dbTemplate + id: setup-postgresql + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "Deploy DB with name " ${{ env.dbName }} + az postgres server create \ + --resource-group ${{ env.resourceGroupForDB }} \ + --name ${{ env.dbName }} \ + --location ${{ env.location }} \ + --admin-user ${{ env.dbAdminUser }} \ + --ssl-enforcement Enabled \ + --public-network-access Enabled \ + --admin-password ${{ env.dbPassword }} \ + --sku-name B_Gen5_1 + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDB }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + deploy-storage-account: + needs: preflight + runs-on: ubuntu-latest + steps: + - name: Checkout Azure-Samples/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: Azure-Samples/cargotracker-azure + path: cargotracker + - name: Maven build web app + run: | + mvn clean install -PweblogicOnAks --file cargotracker/pom.xml + - name: Query version string for deployment verification + run: | + PROPERTY_FILE="cargotracker/target/cargo-tracker/WEB-INF/classes/org/eclipse/cargotracker/messages.properties" + PROP_KEY=versionString + deployVersion=$(cat $PROPERTY_FILE | grep "$PROP_KEY" | cut -d '=' -f 2) + echo "deployVersion=${deployVersion}" >> $GITHUB_ENV + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForStorageAccount }} + az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location ${{ env.location }} + - name: Create Storage Account + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage account create --name ${{ env.storageAccountName }} \ + --resource-group ${{ env.resourceGroupForStorageAccount }} \ + --location ${{ env.location }} \ + --sku Standard_LRS \ + --kind StorageV2 + - name: Create Storage Container + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage container create -n ${{ env.storageContainerName }} --public-access container --account-name ${{ env.storageAccountName }} + - name: Upload built web app war file + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage blob upload --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war + deploy-wls-on-aks: + needs: [deploy-storage-account, deploy-db] + runs-on: ubuntu-latest + steps: + - name: Checkout weblogic-azure + uses: actions/checkout@v2 + with: + path: weblogic-azure + - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Query web app blob url and set to env + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --name cargo-tracker.war -o tsv) + polishedUrl=$(echo ${cargoTrackerBlobUrl} | sed 's,/,\\\/,g') + echo "cargoTrackerBlobUrl=${polishedUrl}" >> $GITHUB_ENV + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForWlsAks }} + az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} + - name: Checkout Azure-Samples/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: Azure-Samples/cargotracker-azure + path: cargotracker + - name: Prepare parameter file + run: | + echo "replace placeholders using real parameter" + sed -i "s/#location#/${location}/g; \ + s/#wlsUserName#/${wlsUserName}/g; \ + s/#wlsPassword#/${wlsPassword}/g; \ + s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ + s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ + s/#ocrSSOUser#/${ocrSSOUser}/g; \ + s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ + s/#servicePrincipal#/${servicePrincipal}/g; \ + s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ + s/#testbranchName#/${{ github.event.inputs.testBranchNameForArtifactsLocation }}/g; \ + s/#gitUserName#/${{ github.event.inputs.gitUserNameForArtifactsLocation }}/g; \ + s/#dbPassword#/${dbPassword}/g; \ + s/#dbUser#/${dbAdminUser}@${dbName}/g; \ + s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ + weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json + - name: Deploy WebLogic Server Cluster Domain offer + id: deploy-wls-cluster + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az deployment group create \ + --verbose \ + --resource-group ${{ env.resourceGroupForWlsAks }} \ + --name wls-on-aks \ + --parameters @weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json \ + --template-file ${artifactName}/mainTemplate.json + - name: Query Application Gateway URL + run: | + appgatewayname=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) + echo $appgatewayname + publicIpAddressId=$(az network application-gateway show --resource-group ${{ env.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) + echo $publicIpAddressId + appGatewayURL=$(az network public-ip show --resource-group ${{ env.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) + echo $appGatewayURL + echo "appGatewayURL=${appGatewayURL}" >> $GITHUB_ENV + - name: Verify Cargo Tracker is deployed as expected + run: | + echo "Verifying Cargo Tracker is deployed as expected" + curl --verbose http://${{ env.appGatewayURL }}/cargo-tracker/ + response=$(curl --write-out '%{http_code}' --silent --output /dev/null http://${{ env.appGatewayURL }}/cargo-tracker/) + echo "$response" + if [ "$response" -ne 200 ]; then + echo "Cargo Tracker is not accessible" + exit 1 + else + echo "Cargo Tracker is accessible" + fi + - name: Install kubectl + if: ${{ github.event.inputs.isForDemo == 'true' }} + run: | + curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" + sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl + kubectl version --client + - name: Connect to AKS cluster + if: ${{ github.event.inputs.isForDemo == 'true' }} + run: | + echo "connect to cluster" + aksClusterName=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) + az aks get-credentials --resource-group ${{ env.resourceGroupForWlsAks }} --name $aksClusterName + - name: Generate&Apply configmap + if: ${{ github.event.inputs.isForDemo == 'true' }} + run: | + wlsConfigmapName=sample-domain1-wdt-config-map + wlsConfigmapJson=cargo-tracker-db.json + modelFilePath=models + mkdir ${modelFilePath} + echo "create configmap" + echo "export exisiting configmap" + kubectl -n sample-domain1-ns get configmap ${wlsConfigmapName} -o json >${wlsConfigmapJson} + + echo "query model keys" + keyList=$(cat ${wlsConfigmapJson} | jq '.data | keys[]' | tr -d "\"") + for item in $keyList; do + data=$(cat ${wlsConfigmapJson} | jq ".data[\"${item}\"]") + data=$(echo "${data:1:${#data}-2}") + echo -e "${data}" >${modelFilePath}/${item} + done + + # remove current configmap and create a new one + kubectl -n sample-domain1-ns delete configmap ${wlsConfigmapName} + + cp cargotracker/src/test/aks/cargo-tracker-jms.yaml ${modelFilePath}/cargo-tracker-jms.yaml + + kubectl -n sample-domain1-ns create configmap ${wlsConfigmapName} \ + --from-file=${modelFilePath} + + kubectl -n sample-domain1-ns label configmap ${wlsConfigmapName} \ + weblogic.domainUID=sample-domain1 + restartVersion=$(kubectl -n sample-domain1-ns get domain sample-domain1 '-o=jsonpath={.spec.restartVersion}') + # increase restart version + restartVersion=$((restartVersion + 1)) + echo "append configmap and update restart version" + kubectl -n sample-domain1-ns patch domain sample-domain1 \ + --type=json \ + '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' + cleanup: + needs: deploy-wls-on-aks + if: ${{ github.event.inputs.isForDemo == 'false' }} + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Delete Storage Account Resource Group + id: delete-sa-resource-group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "delete... " ${{ env.resourceGroupForStorageAccount }} + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForStorageAccount }} + - name: Delete DB Resource Group + id: delete-db-resource-group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "delete... " ${{ env.resourceGroupForDB }} + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDB }} + - name: Delete AKS Resource Group + id: delete-aks-resource-group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "delete... " ${{ env.resourceGroupForWlsAks }} + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForWlsAks }} diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml new file mode 100644 index 000000000..07d38499c --- /dev/null +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -0,0 +1,266 @@ +name: Test WLS on AKS + +on: + workflow_dispatch: + inputs: + gitUserNameForArtifactsLocation: + description: 'Replaced into https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/' + required: true + default: oracle + testBranchNameForArtifactsLocation: + description: 'Replaced into https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/' + required: true + default: main + # sample cURL + # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' + # sample + # {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"isForDemo": "false", "disambiguationSuffix": "1397121054", "storageAccountName": "wlsdsa13971210545", "storageContainerName": "wlsdcon13971210545", "dbName": "wlsdb13971210545"}} + # the request data can be get from setupWlsAksDependency pipeline, please checkout the summary page and download the generated artifact name 'integration-test-data' + repository_dispatch: + types: [aks-integration-test-without-dependency-creation] + +env: + refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 + azCliVersion: 2.29.0 + azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} + location: eastus + resourceGroupForWlsAks: wlsd-aks-${{ github.event.client_payload.disambiguationSuffix }}-${{ github.run_number }} + dbAdminUser: weblogic + dbPassword: ${{ secrets.DB_PASSWORD }} + dbName: ${{ github.event.client_payload.dbName }} + servicePrincipal: ${{ secrets.SERVICE_PRINCIPAL }} + ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} + ocrSSOUser: ${{ secrets.ORC_SSOUSER }} + wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} + wlsUserName: ${{ secrets.WLS_USERNAME }} + wlsPassword: ${{ secrets.WLS_PSW }} + userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} + aksRepoBranchName: main + storageAccountName: ${{ github.event.client_payload.storageAccountName }} + storageContainerName: ${{ github.event.client_payload.storageContainerName }} + isForDemo: ${{ github.event.client_payload.isForDemo }} + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Set up bicep + run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/download/v0.4.613/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --version + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Checkout weblogic-azure + uses: actions/checkout@v2 + with: + path: weblogic-azure + - name: Build and test weblogic-azure/weblogic-azure-aks + run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" + - name: Archive weblogic-azure/weblogic-azure-aks template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + - name: Checkout Azure-Samples/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: Azure-Samples/cargotracker-azure + path: cargotracker + - name: Maven build web app + run: | + mvn clean install -PweblogicOnAks --file cargotracker/pom.xml + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Upload built web app war file + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage blob upload --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war + deploy-wls-on-aks: + needs: preflight + runs-on: ubuntu-latest + steps: + - name: Checkout weblogic-azure + uses: actions/checkout@v2 + with: + path: weblogic-azure + - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Query web app blob url and set to env + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --name cargo-tracker.war -o tsv) + polishedUrl=$(echo ${cargoTrackerBlobUrl} | sed 's,/,\\\/,g') + echo "cargoTrackerBlobUrl=${polishedUrl}" >> $GITHUB_ENV + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForWlsAks }} + az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} + - name: Checkout Azure-Samples/cargotracker-azure + uses: actions/checkout@v2 + with: + repository: Azure-Samples/cargotracker-azure + path: cargotracker + - name: Prepare parameter file + run: | + echo "replace placeholders using real parameter" + sed -i "s/#location#/${location}/g; \ + s/#wlsUserName#/${wlsUserName}/g; \ + s/#wlsPassword#/${wlsPassword}/g; \ + s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ + s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ + s/#ocrSSOUser#/${ocrSSOUser}/g; \ + s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ + s/#servicePrincipal#/${servicePrincipal}/g; \ + s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ + s/#testbranchName#/${{ github.event.inputs.testBranchNameForArtifactsLocation }}/g; \ + s/#gitUserName#/${{ github.event.inputs.gitUserNameForArtifactsLocation }}/g; \ + s/#dbPassword#/${dbPassword}/g; \ + s/#dbUser#/${dbAdminUser}@${dbName}/g; \ + s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ + weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json + - name: Deploy WebLogic Server Cluster Domain offer + id: deploy-wls-cluster + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az deployment group create \ + --verbose \ + --resource-group ${{ env.resourceGroupForWlsAks }} \ + --name wls-on-aks \ + --parameters @weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json \ + --template-file ${artifactName}/mainTemplate.json + - name: Query Application Gateway URL + run: | + appgatewayname=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) + echo $appgatewayname + publicIpAddressId=$(az network application-gateway show --resource-group ${{ env.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) + echo $publicIpAddressId + appGatewayURL=$(az network public-ip show --resource-group ${{ env.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) + echo $appGatewayURL + echo "appGatewayURL=${appGatewayURL}" >> $GITHUB_ENV + - name: Verify Cargo Tracker is deployed as expected + run: | + echo "Verifying Cargo Tracker is deployed as expected" + curl --verbose http://${{ env.appGatewayURL }}/cargo-tracker/ + response=$(curl --write-out '%{http_code}' --silent --output /dev/null http://${{ env.appGatewayURL }}/cargo-tracker/) + echo "$response" + if [ "$response" -ne 200 ]; then + echo "Cargo Tracker is not accessible" + exit 1 + else + echo "Cargo Tracker is accessible" + fi + - name: Install kubectl + if: ${{ github.event.client_payload.isForDemo == 'true' }} + run: | + curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" + sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl + kubectl version --client + - name: Connect to AKS cluster + if: ${{ github.event.client_payload.isForDemo == 'true' }} + run: | + echo "connect to cluster" + aksClusterName=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) + az aks get-credentials --resource-group ${{ env.resourceGroupForWlsAks }} --name $aksClusterName + - name: Generate&Apply configmap + if: ${{ github.event.client_payload.isForDemo == 'true' }} + run: | + wlsConfigmapName=sample-domain1-wdt-config-map + wlsConfigmapJson=cargo-tracker-db.json + modelFilePath=models + mkdir ${modelFilePath} + echo "create configmap" + echo "export exisiting configmap" + kubectl -n sample-domain1-ns get configmap ${wlsConfigmapName} -o json >${wlsConfigmapJson} + + echo "query model keys" + keyList=$(cat ${wlsConfigmapJson} | jq '.data | keys[]' | tr -d "\"") + for item in $keyList; do + data=$(cat ${wlsConfigmapJson} | jq ".data[\"${item}\"]") + data=$(echo "${data:1:${#data}-2}") + echo -e "${data}" >${modelFilePath}/${item} + done + + # remove current configmap and create a new one + kubectl -n sample-domain1-ns delete configmap ${wlsConfigmapName} + + cp cargotracker/src/test/aks/cargo-tracker-jms.yaml ${modelFilePath}/cargo-tracker-jms.yaml + + kubectl -n sample-domain1-ns create configmap ${wlsConfigmapName} \ + --from-file=${modelFilePath} + + kubectl -n sample-domain1-ns label configmap ${wlsConfigmapName} \ + weblogic.domainUID=sample-domain1 + restartVersion=$(kubectl -n sample-domain1-ns get domain sample-domain1 '-o=jsonpath={.spec.restartVersion}') + # increase restart version + restartVersion=$((restartVersion + 1)) + echo "append configmap and update restart version" + kubectl -n sample-domain1-ns patch domain sample-domain1 \ + --type=json \ + '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' + cleanup: + needs: deploy-wls-on-aks + if: ${{ github.event.client_payload.isForDemo == 'false' }} + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Delete AKS Resource Group + id: delete-aks-resource-group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "delete... " ${{ env.resourceGroupForWlsAks }} + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForWlsAks }} From cf7b4f78322f77d3e048e571027d9b890fa7bb7d Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 3 Nov 2021 12:42:18 -0400 Subject: [PATCH 088/720] On branch edburns-msft-gh-69-dd-1429446-remediation-actions-failed-certification Update name modified: .github/workflows/testWlsAksWithoutDependencyCreation.yml Signed-off-by: Ed Burns --- .github/workflows/testWlsAksWithoutDependencyCreation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index 07d38499c..cb811a396 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -1,4 +1,4 @@ -name: Test WLS on AKS +name: Test WLS on AKS without dependency creation on: workflow_dispatch: From 5b54d00b729e772a6383f71155f7978344bb792c Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Wed, 27 Oct 2021 10:40:33 +0800 Subject: [PATCH 089/720] Refactor WLS on AKS pipeline to reuse DB and Storage Account Signed-off-by: Zheng Chang --- .github/workflows/buildWlsAksArtifact.yml | 6 +- .github/workflows/setupWlsAksDependency.yml | 119 ++++++ .github/workflows/syncupWithUpstream.yml | 7 +- .github/workflows/testWlsAks.yml | 350 ------------------ .../testWlsAksWithoutDependencyCreation.yml | 1 - 5 files changed, 127 insertions(+), 356 deletions(-) create mode 100644 .github/workflows/setupWlsAksDependency.yml delete mode 100644 .github/workflows/testWlsAks.yml diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml index 0fa8b0665..fd7a8baa2 100644 --- a/.github/workflows/buildWlsAksArtifact.yml +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -3,7 +3,9 @@ name: Build WLS on AKS artifact on: workflow_dispatch: repository_dispatch: - types: [build-zip] + types: [aks-package] + # Sample cURL + # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-package"}' env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 @@ -39,7 +41,7 @@ jobs: with: path: weblogic-azure - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + run: mvn -Pbicep -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml - name: Generate artifact file name and path id: artifact_file run: | diff --git a/.github/workflows/setupWlsAksDependency.yml b/.github/workflows/setupWlsAksDependency.yml new file mode 100644 index 000000000..b4f2bcd5f --- /dev/null +++ b/.github/workflows/setupWlsAksDependency.yml @@ -0,0 +1,119 @@ +name: Setup DB and Storage Account + +on: + workflow_dispatch: + # Sample cURL + # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-deploy-dependency"}' + repository_dispatch: + types: [aks-deploy-dependency] + +env: + azCliVersion: 2.29.0 + azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} + location: eastus + dbAdminUser: weblogic + dbPassword: ${{ secrets.DB_PASSWORD }} + dbName: wlsdb${{ github.run_id }}${{ github.run_number }} + aksRepoUserName: oracle + aksRepoBranchName: main + resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} + resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} + storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} + storageContainerName: wlsdcon${{ github.run_id }}${{ github.run_number }} + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + deploy-db: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForDB }} + az group create --verbose --name ${{ env.resourceGroupForDB }} --location ${{ env.location }} + - name: Set Up Azure Postgresql to Test dbTemplate + id: setup-postgresql + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "Deploy DB with name " ${{ env.dbName }} + az postgres server create \ + --resource-group ${{ env.resourceGroupForDB }} \ + --name ${{ env.dbName }} \ + --location ${{ env.location }} \ + --admin-user ${{ env.dbAdminUser }} \ + --ssl-enforcement Enabled \ + --public-network-access Enabled \ + --admin-password ${{ env.dbPassword }} \ + --sku-name B_Gen5_1 + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDB }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + deploy-storage-account: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ env.azureCredentials }} + - name: Create Resource Group + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + echo "create resource group" ${{ env.resourceGroupForStorageAccount }} + az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location ${{ env.location }} + - name: Create Storage Account + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage account create --name ${{ env.storageAccountName }} \ + --resource-group ${{ env.resourceGroupForStorageAccount }} \ + --location ${{ env.location }} \ + --sku Standard_LRS \ + --kind StorageV2 + - name: Create Storage Container + uses: azure/CLI@v1 + with: + azcliversion: ${{ env.azCliVersion }} + inlineScript: | + az storage container create -n ${{ env.storageContainerName }} --public-access container --account-name ${{ env.storageAccountName }} + format-db-sa-parameters-for-integration-test: + needs: [deploy-storage-account, deploy-db] + runs-on: ubuntu-latest + steps: + - name: Generate integration-test parameter json + id: artifact_file + run: | + cat <integration-test-data.txt + # sample request + curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' + # copy the JSON as + {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"isForDemo": "false", "disambiguationSuffix": "${{ github.run_id }}", "storageAccountName": "${{ env.storageAccountName }}", "storageContainerName": "${{ env.storageContainerName }}", "dbName": "${{ env.dbName }}"}} + EOF + - name: Archive integration-test-data.txt + uses: actions/upload-artifact@v1 + if: success() + with: + name: integration-test-data + path: integration-test-data.txt diff --git a/.github/workflows/syncupWithUpstream.yml b/.github/workflows/syncupWithUpstream.yml index 0781081e2..3942c2876 100644 --- a/.github/workflows/syncupWithUpstream.yml +++ b/.github/workflows/syncupWithUpstream.yml @@ -1,15 +1,16 @@ -name: Merge upstream branches +name: Merge upstream branches for WLS on AKS on: workflow_dispatch: + # Sample cURL + # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-upstream-sync"}' repository_dispatch: - types: [upstream-sync] + types: [aks-upstream-sync] env: userName: ${{ secrets.USER_NAME }} userEmail: ${{ secrets.USER_EMAIL }} gitToken: ${{ secrets.GIT_TOKEN }} jobs: merge: - if: (github.event_name == 'schedule' && github.repository_owner == 'mriccell') || (github.event_name != 'schedule') runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml deleted file mode 100644 index b53e42af3..000000000 --- a/.github/workflows/testWlsAks.yml +++ /dev/null @@ -1,350 +0,0 @@ -name: Test WLS on AKS - -on: - workflow_dispatch: - inputs: - isForDemo: - description: 'If set to true, JMS configuration for Cargo Tracker will be applied, and resources will not be deleted' - required: true - default: 'false' - repository_dispatch: - types: [integration-test] - -env: - refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 - azCliVersion: 2.29.0 - azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} - location: eastus - resourceGroupForWlsAks: wlsd-aks-${{ github.run_id }}-${{ github.run_number }} - dbAdminUser: weblogic - dbPassword: ${{ secrets.DB_PASSWORD }} - dbName: wlsdb${{ github.run_id }}${{ github.run_number }} - servicePrincipal: ${{ secrets.SERVICE_PRINCIPAL }} - ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} - ocrSSOUser: ${{ secrets.ORC_SSOUSER }} - wdtRuntimePassword: ${{ secrets.WDT_RUNTIMEPSW}} - wlsUserName: ${{ secrets.WLS_USERNAME }} - wlsPassword: ${{ secrets.WLS_PSW }} - userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoUserName: oracle - aksRepoBranchName: main - resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} - resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} - storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} - storageContainerName: wlsdcon${{ github.run_id }}${{ github.run_number }} - -jobs: - preflight: - runs-on: ubuntu-latest - steps: - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Set up bicep - run: | - curl -Lo bicep https://github.com/Azure/bicep/releases/download/v0.4.613/bicep-linux-x64 - chmod +x ./bicep - sudo mv ./bicep /usr/local/bin/bicep - bicep --version - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure - uses: actions/checkout@v2 - with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure - path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) - artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly - unzip weblogic-azure/weblogic-azure-aks/target/$artifactName.zip -d weblogic-azure/weblogic-azure-aks/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}" - echo "##[set-output name=artifactPath;]weblogic-azure/weblogic-azure-aks/target/$artifactName" - - name: Archive weblogic-azure/weblogic-azure-aks template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} - deploy-db: - needs: preflight - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ env.azureCredentials }} - - name: Create Resource Group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForDB }} - az group create --verbose --name ${{ env.resourceGroupForDB }} --location ${{ env.location }} - - name: Set Up Azure Postgresql to Test dbTemplate - id: setup-postgresql - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Deploy DB with name " ${{ env.dbName }} - az postgres server create \ - --resource-group ${{ env.resourceGroupForDB }} \ - --name ${{ env.dbName }} \ - --location ${{ env.location }} \ - --admin-user ${{ env.dbAdminUser }} \ - --ssl-enforcement Enabled \ - --public-network-access Enabled \ - --admin-password ${{ env.dbPassword }} \ - --sku-name B_Gen5_1 - echo "Allow Access To Azure Services" - az postgres server firewall-rule create \ - -g ${{ env.resourceGroupForDB }} \ - -s ${{ env.dbName }} \ - -n "AllowAllWindowsAzureIps" \ - --start-ip-address "0.0.0.0" \ - --end-ip-address "0.0.0.0" - deploy-storage-account: - needs: preflight - runs-on: ubuntu-latest - steps: - - name: Checkout Azure-Samples/cargotracker-azure - uses: actions/checkout@v2 - with: - repository: Azure-Samples/cargotracker-azure - path: cargotracker - - name: Maven build web app - run: | - mvn clean install -PweblogicOnAks --file cargotracker/pom.xml - - name: Query version string for deployment verification - run: | - PROPERTY_FILE="cargotracker/target/cargo-tracker/WEB-INF/classes/org/eclipse/cargotracker/messages.properties" - PROP_KEY=versionString - deployVersion=$(cat $PROPERTY_FILE | grep "$PROP_KEY" | cut -d '=' -f 2) - echo "deployVersion=${deployVersion}" >> $GITHUB_ENV - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ env.azureCredentials }} - - name: Create Resource Group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForStorageAccount }} - az group create --verbose --name ${{ env.resourceGroupForStorageAccount }} --location ${{ env.location }} - - name: Create Storage Account - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az storage account create --name ${{ env.storageAccountName }} \ - --resource-group ${{ env.resourceGroupForStorageAccount }} \ - --location ${{ env.location }} \ - --sku Standard_LRS \ - --kind StorageV2 - - name: Create Storage Container - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az storage container create -n ${{ env.storageContainerName }} --public-access container --account-name ${{ env.storageAccountName }} - - name: Upload built web app war file - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az storage blob upload --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war - deploy-wls-on-aks: - needs: [deploy-storage-account, deploy-db] - runs-on: ubuntu-latest - steps: - - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure - uses: actions/checkout@v2 - with: - repository: ${{ env.aksRepoUserName }}/weblogic-azure - path: weblogic-azure - ref: ${{ env.aksRepoBranchName }} - - name: Get version information from weblogic-azure/weblogic-azure-aks/pom.xml - id: version - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' weblogic-azure/weblogic-azure-aks/pom.xml) - echo "version=${version}" >> $GITHUB_ENV - - name: Output artifact name for Download action - id: artifact_file - run: | - artifactName=wls-on-aks-azure-marketplace-$version-arm-assembly - echo "artifactName=${artifactName}" >> $GITHUB_ENV - echo "##[set-output name=artifactName;]${artifactName}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file.outputs.artifactName}} - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ env.azureCredentials }} - - name: Query web app blob url and set to env - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --name cargo-tracker.war -o tsv) - polishedUrl=$(echo ${cargoTrackerBlobUrl} | sed 's,/,\\\/,g') - echo "cargoTrackerBlobUrl=${polishedUrl}" >> $GITHUB_ENV - - name: Create Resource Group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForWlsAks }} - az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} - - name: Checkout Azure-Samples/cargotracker-azure - uses: actions/checkout@v2 - with: - repository: Azure-Samples/cargotracker-azure - path: cargotracker - - name: Prepare parameter file - run: | - echo "replace placeholders using real parameter" - sed -i "s/#location#/${location}/g; \ - s/#wlsUserName#/${wlsUserName}/g; \ - s/#wlsPassword#/${wlsPassword}/g; \ - s/#userAssignedManagedIdentity#/${userAssignedManagedIdentity}/g; \ - s/#ocrSSOPSW#/${ocrSSOPSW}/g; \ - s/#ocrSSOUser#/${ocrSSOUser}/g; \ - s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ - s/#servicePrincipal#/${servicePrincipal}/g; \ - s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ - s/#testbranchName#/${aksRepoBranchName}/g; \ - s/#gitUserName#/${aksRepoUserName}/g; \ - s/#dbPassword#/${dbPassword}/g; \ - s/#dbUser#/${dbAdminUser}@${dbName}/g; \ - s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ - weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json - - name: Deploy WebLogic Server Cluster Domain offer - id: deploy-wls-cluster - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az deployment group create \ - --verbose \ - --resource-group ${{ env.resourceGroupForWlsAks }} \ - --name wls-on-aks \ - --parameters @weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json \ - --template-file ${artifactName}/mainTemplate.json - - name: Query Application Gateway URL - run: | - appgatewayname=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) - echo $appgatewayname - publicIpAddressId=$(az network application-gateway show --resource-group ${{ env.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) - echo $publicIpAddressId - appGatewayURL=$(az network public-ip show --resource-group ${{ env.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) - echo $appGatewayURL - echo "appGatewayURL=${appGatewayURL}" >> $GITHUB_ENV - - name: Verify Cargo Tracker is deployed as expected - run: | - echo "Verifying Cargo Tracker is deployed as expected" - curl --verbose http://${{ env.appGatewayURL }}/cargo-tracker/ - response=$(curl --write-out '%{http_code}' --silent --output /dev/null http://${{ env.appGatewayURL }}/cargo-tracker/) - echo "$response" - if [ "$response" -ne 200 ]; then - echo "Cargo Tracker is not accessible" - exit 1 - else - echo "Cargo Tracker is accessible" - fi - - name: Install kubectl - if: ${{ github.event.inputs.isForDemo == 'true' }} - run: | - curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" - curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" - sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl - kubectl version --client - - name: Connect to AKS cluster - if: ${{ github.event.inputs.isForDemo == 'true' }} - run: | - echo "connect to cluster" - aksClusterName=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) - az aks get-credentials --resource-group ${{ env.resourceGroupForWlsAks }} --name $aksClusterName - - name: Generate&Apply configmap - if: ${{ github.event.inputs.isForDemo == 'true' }} - run: | - wlsConfigmapName=sample-domain1-wdt-config-map - wlsConfigmapJson=cargo-tracker-db.json - modelFilePath=models - mkdir ${modelFilePath} - echo "create configmap" - echo "export exisiting configmap" - kubectl -n sample-domain1-ns get configmap ${wlsConfigmapName} -o json >${wlsConfigmapJson} - - echo "query model keys" - keyList=$(cat ${wlsConfigmapJson} | jq '.data | keys[]' | tr -d "\"") - for item in $keyList; do - data=$(cat ${wlsConfigmapJson} | jq ".data[\"${item}\"]") - data=$(echo "${data:1:${#data}-2}") - echo -e "${data}" >${modelFilePath}/${item} - done - - # remove current configmap and create a new one - kubectl -n sample-domain1-ns delete configmap ${wlsConfigmapName} - - cp cargotracker/src/test/aks/cargo-tracker-jms.yaml ${modelFilePath}/cargo-tracker-jms.yaml - - kubectl -n sample-domain1-ns create configmap ${wlsConfigmapName} \ - --from-file=${modelFilePath} - - kubectl -n sample-domain1-ns label configmap ${wlsConfigmapName} \ - weblogic.domainUID=sample-domain1 - restartVersion=$(kubectl -n sample-domain1-ns get domain sample-domain1 '-o=jsonpath={.spec.restartVersion}') - # increase restart version - restartVersion=$((restartVersion + 1)) - echo "append configmap and update restart version" - kubectl -n sample-domain1-ns patch domain sample-domain1 \ - --type=json \ - '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' - cleanup: - needs: deploy-wls-on-aks - if: ${{ github.event.inputs.isForDemo == 'false' }} - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Delete Storage Account Resource Group - id: delete-sa-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " ${{ env.resourceGroupForStorageAccount }} - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForStorageAccount }} - - name: Delete DB Resource Group - id: delete-db-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " ${{ env.resourceGroupForDB }} - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDB }} - - name: Delete AKS Resource Group - id: delete-aks-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " ${{ env.resourceGroupForWlsAks }} - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForWlsAks }} diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index cb811a396..0f2021d4d 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -35,7 +35,6 @@ env: wlsUserName: ${{ secrets.WLS_USERNAME }} wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoBranchName: main storageAccountName: ${{ github.event.client_payload.storageAccountName }} storageContainerName: ${{ github.event.client_payload.storageContainerName }} isForDemo: ${{ github.event.client_payload.isForDemo }} From 6b394f4a364b9c2bd80e70e060cbafa63124f8f7 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 3 Nov 2021 11:58:25 -0400 Subject: [PATCH 090/720] Remove unused env properties --- .github/workflows/setupWlsAksDependency.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/setupWlsAksDependency.yml b/.github/workflows/setupWlsAksDependency.yml index b4f2bcd5f..4a2e2df92 100644 --- a/.github/workflows/setupWlsAksDependency.yml +++ b/.github/workflows/setupWlsAksDependency.yml @@ -14,8 +14,6 @@ env: dbAdminUser: weblogic dbPassword: ${{ secrets.DB_PASSWORD }} dbName: wlsdb${{ github.run_id }}${{ github.run_number }} - aksRepoUserName: oracle - aksRepoBranchName: main resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} storageAccountName: wlsdsa${{ github.run_id }}${{ github.run_number }} From cf79725da07da7d637abd02a406e6e8e69e15f03 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Thu, 4 Nov 2021 09:50:32 +0800 Subject: [PATCH 091/720] Polish the sample cURL of repository_dispatch Signed-off-by: Zheng Chang --- .github/workflows/buildWlsAksArtifact.yml | 2 +- .github/workflows/setupWlsAksDependency.yml | 4 ++-- .github/workflows/syncupWithUpstream.yml | 2 +- .github/workflows/testWlsAksWithDependencyCreation.yml | 2 +- .github/workflows/testWlsAksWithoutDependencyCreation.yml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml index fd7a8baa2..0f8df6191 100644 --- a/.github/workflows/buildWlsAksArtifact.yml +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -5,7 +5,7 @@ on: repository_dispatch: types: [aks-package] # Sample cURL - # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-package"}' + # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-package"}' env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 diff --git a/.github/workflows/setupWlsAksDependency.yml b/.github/workflows/setupWlsAksDependency.yml index 4a2e2df92..31665c288 100644 --- a/.github/workflows/setupWlsAksDependency.yml +++ b/.github/workflows/setupWlsAksDependency.yml @@ -3,7 +3,7 @@ name: Setup DB and Storage Account on: workflow_dispatch: # Sample cURL - # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-deploy-dependency"}' + # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-deploy-dependency"}' repository_dispatch: types: [aks-deploy-dependency] @@ -105,7 +105,7 @@ jobs: run: | cat <integration-test-data.txt # sample request - curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' + curl --verbose -X POST https://api.github.com/repos/${{ github.repository_owner }}/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' # copy the JSON as {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"isForDemo": "false", "disambiguationSuffix": "${{ github.run_id }}", "storageAccountName": "${{ env.storageAccountName }}", "storageContainerName": "${{ env.storageContainerName }}", "dbName": "${{ env.dbName }}"}} EOF diff --git a/.github/workflows/syncupWithUpstream.yml b/.github/workflows/syncupWithUpstream.yml index 3942c2876..35c9df677 100644 --- a/.github/workflows/syncupWithUpstream.yml +++ b/.github/workflows/syncupWithUpstream.yml @@ -2,7 +2,7 @@ name: Merge upstream branches for WLS on AKS on: workflow_dispatch: # Sample cURL - # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-upstream-sync"}' + # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-upstream-sync"}' repository_dispatch: types: [aks-upstream-sync] env: diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml index 816b05e5b..a43514266 100644 --- a/.github/workflows/testWlsAksWithDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -16,7 +16,7 @@ on: required: true default: main # sample cURL - # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-integration-test-with-dependency-creation"}' + # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-integration-test-with-dependency-creation"}' repository_dispatch: types: [aks-integration-test-with-dependency-creation] diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index 0f2021d4d..276476fe3 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -12,7 +12,7 @@ on: required: true default: main # sample cURL - # curl --verbose -X POST https://api.github.com/repos/mriccell/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' + # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' # sample # {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"isForDemo": "false", "disambiguationSuffix": "1397121054", "storageAccountName": "wlsdsa13971210545", "storageContainerName": "wlsdcon13971210545", "dbName": "wlsdb13971210545"}} # the request data can be get from setupWlsAksDependency pipeline, please checkout the summary page and download the generated artifact name 'integration-test-data' From ed802ea837a93d4604735384e1cc0e5e381ba6c5 Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Thu, 4 Nov 2021 14:01:23 +0800 Subject: [PATCH 092/720] Support both workflow_dispatch and repository_dispatch Signed-off-by: Zheng Chang --- .github/workflows/setupWlsAksDependency.yml | 2 +- .../testWlsAksWithDependencyCreation.yml | 43 +++++-- .../testWlsAksWithoutDependencyCreation.yml | 106 +++++++++++++----- 3 files changed, 112 insertions(+), 39 deletions(-) diff --git a/.github/workflows/setupWlsAksDependency.yml b/.github/workflows/setupWlsAksDependency.yml index 31665c288..9bf578634 100644 --- a/.github/workflows/setupWlsAksDependency.yml +++ b/.github/workflows/setupWlsAksDependency.yml @@ -107,7 +107,7 @@ jobs: # sample request curl --verbose -X POST https://api.github.com/repos/${{ github.repository_owner }}/weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' # copy the JSON as - {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"isForDemo": "false", "disambiguationSuffix": "${{ github.run_id }}", "storageAccountName": "${{ env.storageAccountName }}", "storageContainerName": "${{ env.storageContainerName }}", "dbName": "${{ env.dbName }}"}} + {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"gitUserNameForArtifactsLocation": "${{ github.repository_owner }}", "testBranchNameForArtifactsLocation": "${{ github.ref }}", "isForDemo": "false", "disambiguationSuffix": "${{ github.run_id }}", "storageAccountName": "${{ env.storageAccountName }}", "storageContainerName": "${{ env.storageContainerName }}", "dbName": "${{ env.dbName }}"}} EOF - name: Archive integration-test-data.txt uses: actions/upload-artifact@v1 diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml index a43514266..392c357e8 100644 --- a/.github/workflows/testWlsAksWithDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: inputs: isForDemo: - description: 'If set to true, JMS configuration for Cargo Tracker will be applied, and resources will not be deleted' + description: 'If set to true, resources will not be deleted' required: true default: 'false' gitUserNameForArtifactsLocation: @@ -16,7 +16,7 @@ on: required: true default: main # sample cURL - # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-integration-test-with-dependency-creation"}' + # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-integration-test-with-dependency-creation", "client_payload": {"gitUserNameForArtifactsLocation": "", "testBranchNameForArtifactsLocation": "", "isForDemo": "false"}}' repository_dispatch: types: [aks-integration-test-with-dependency-creation] @@ -43,8 +43,32 @@ env: jobs: preflight: + outputs: + isForDemo: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.isForDemo }} + gitUserNameForArtifactsLocation: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.gitUserNameForArtifactsLocation }} + testBranchNameForArtifactsLocation: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.testBranchNameForArtifactsLocation }} runs-on: ubuntu-latest steps: + - name: Setup environment variables + id: setup-env-variables-based-on-dispatch-event + run: | + if [ ${{ github.event_name }} == 'workflow_dispatch' ]; then + isForDemo=${{ github.event.inputs.isForDemo }} + gitUserNameForArtifactsLocation=${{ github.event.inputs.gitUserNameForArtifactsLocation }} + testBranchNameForArtifactsLocation=${{ github.event.inputs.testBranchNameForArtifactsLocation }} + else + isForDemo=${{ github.event.client_payload.isForDemo }} + gitUserNameForArtifactsLocation=${{ github.event.client_payload.gitUserNameForArtifactsLocation }} + testBranchNameForArtifactsLocation=${{ github.event.client_payload.testBranchNameForArtifactsLocation }} + fi + + echo "##[set-output name=isForDemo;]${isForDemo}" + echo "##[set-output name=gitUserNameForArtifactsLocation;]${gitUserNameForArtifactsLocation}" + echo "##[set-output name=testBranchNameForArtifactsLocation;]${testBranchNameForArtifactsLocation}" + + echo "isForDemo=${isForDemo}" >> $GITHUB_ENV + echo "gitUserNameForArtifactsLocation=${gitUserNameForArtifactsLocation}" >> $GITHUB_ENV + echo "testBranchNameForArtifactsLocation=${testBranchNameForArtifactsLocation}" >> $GITHUB_ENV - name: Set up JDK 1.8 uses: actions/setup-java@v1 with: @@ -68,7 +92,7 @@ jobs: with: path: weblogic-azure - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + run: mvn -Pbicep -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml - name: Generate artifact file name and path id: artifact_file run: | @@ -173,7 +197,7 @@ jobs: inlineScript: | az storage blob upload --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --file cargotracker/target/cargo-tracker.war --name cargo-tracker.war deploy-wls-on-aks: - needs: [deploy-storage-account, deploy-db] + needs: [deploy-storage-account, deploy-db, preflight] runs-on: ubuntu-latest steps: - name: Checkout weblogic-azure @@ -231,8 +255,8 @@ jobs: s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ s/#servicePrincipal#/${servicePrincipal}/g; \ s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ - s/#testbranchName#/${{ github.event.inputs.testBranchNameForArtifactsLocation }}/g; \ - s/#gitUserName#/${{ github.event.inputs.gitUserNameForArtifactsLocation }}/g; \ + s/#testbranchName#/${{ needs.preflight.outputs.testBranchNameForArtifactsLocation }}/g; \ + s/#gitUserName#/${{ needs.preflight.outputs.gitUserNameForArtifactsLocation }}/g; \ s/#dbPassword#/${dbPassword}/g; \ s/#dbUser#/${dbAdminUser}@${dbName}/g; \ s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ @@ -271,20 +295,17 @@ jobs: echo "Cargo Tracker is accessible" fi - name: Install kubectl - if: ${{ github.event.inputs.isForDemo == 'true' }} run: | curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl kubectl version --client - name: Connect to AKS cluster - if: ${{ github.event.inputs.isForDemo == 'true' }} run: | echo "connect to cluster" aksClusterName=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) az aks get-credentials --resource-group ${{ env.resourceGroupForWlsAks }} --name $aksClusterName - name: Generate&Apply configmap - if: ${{ github.event.inputs.isForDemo == 'true' }} run: | wlsConfigmapName=sample-domain1-wdt-config-map wlsConfigmapJson=cargo-tracker-db.json @@ -320,8 +341,8 @@ jobs: --type=json \ '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' cleanup: - needs: deploy-wls-on-aks - if: ${{ github.event.inputs.isForDemo == 'false' }} + needs: [deploy-wls-on-aks, preflight] + if: ${{ needs.preflight.outputs.isForDemo == 'false' }} runs-on: ubuntu-latest steps: - uses: azure/login@v1 diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index 276476fe3..47357607e 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -11,10 +11,26 @@ on: description: 'Replaced into https://raw.githubusercontent.com/#gitUserName#/weblogic-azure/#testbranchName#/weblogic-azure-aks/src/main/arm/' required: true default: main + isForDemo: + description: 'If set to true, resources will not be deleted' + required: true + default: 'false' + disambiguationSuffix: + description: 'Included in names to disambiguate. Get from another pipeline execution' + required: true + storageAccountName: + description: 'Specify storage account of uploading .war file' + required: true + storageContainerName: + description: 'Specify name of storage container within account' + required: true + dbName: + description: 'Name of the database. Get from another pipeline run' + required: true # sample cURL # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' # sample - # {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"isForDemo": "false", "disambiguationSuffix": "1397121054", "storageAccountName": "wlsdsa13971210545", "storageContainerName": "wlsdcon13971210545", "dbName": "wlsdb13971210545"}} + # {"event_type": "aks-integration-test-without-dependency-creation", "client_payload": {"gitUserNameForArtifactsLocation": "", "testBranchNameForArtifactsLocation": "", "isForDemo": "false", "disambiguationSuffix": "1397121054", "storageAccountName": "wlsdsa13971210545", "storageContainerName": "wlsdcon13971210545", "dbName": "wlsdb13971210545"}} # the request data can be get from setupWlsAksDependency pipeline, please checkout the summary page and download the generated artifact name 'integration-test-data' repository_dispatch: types: [aks-integration-test-without-dependency-creation] @@ -24,10 +40,8 @@ env: azCliVersion: 2.29.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} location: eastus - resourceGroupForWlsAks: wlsd-aks-${{ github.event.client_payload.disambiguationSuffix }}-${{ github.run_number }} dbAdminUser: weblogic dbPassword: ${{ secrets.DB_PASSWORD }} - dbName: ${{ github.event.client_payload.dbName }} servicePrincipal: ${{ secrets.SERVICE_PRINCIPAL }} ocrSSOPSW: ${{ secrets.ORC_SSOPSW }} ocrSSOUser: ${{ secrets.ORC_SSOUSER }} @@ -35,14 +49,55 @@ env: wlsUserName: ${{ secrets.WLS_USERNAME }} wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - storageAccountName: ${{ github.event.client_payload.storageAccountName }} - storageContainerName: ${{ github.event.client_payload.storageContainerName }} - isForDemo: ${{ github.event.client_payload.isForDemo }} jobs: preflight: runs-on: ubuntu-latest + outputs: + resourceGroupForWlsAks: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.resourceGroupForWlsAks }} + dbName: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.dbName }} + storageAccountName: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.storageAccountName }} + storageContainerName: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.storageContainerName }} + isForDemo: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.isForDemo }} + gitUserNameForArtifactsLocation: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.gitUserNameForArtifactsLocation }} + testBranchNameForArtifactsLocation: ${{ steps.setup-env-variables-based-on-dispatch-event.outputs.testBranchNameForArtifactsLocation }} steps: + - name: Setup environment variables + id: setup-env-variables-based-on-dispatch-event + run: | + if [ ${{ github.event_name }} == 'workflow_dispatch' ]; then + resourceGroupForWlsAks=wlsd-aks-${{ github.event.inputs.disambiguationSuffix }}-${{ github.run_number }} + dbName=${{ github.event.inputs.dbName }} + storageAccountName=${{ github.event.inputs.storageAccountName }} + storageContainerName=${{ github.event.inputs.storageContainerName }} + isForDemo=${{ github.event.inputs.isForDemo }} + gitUserNameForArtifactsLocation=${{ github.event.inputs.gitUserNameForArtifactsLocation }} + testBranchNameForArtifactsLocation=${{ github.event.inputs.testBranchNameForArtifactsLocation }} + else + resourceGroupForWlsAks=wlsd-aks-${{ github.event.client_payload.disambiguationSuffix }}-${{ github.run_number }} + dbName=${{ github.event.client_payload.dbName }} + storageAccountName=${{ github.event.client_payload.storageAccountName }} + storageContainerName=${{ github.event.client_payload.storageContainerName }} + isForDemo=${{ github.event.client_payload.isForDemo }} + gitUserNameForArtifactsLocation=${{ github.event.client_payload.gitUserNameForArtifactsLocation }} + testBranchNameForArtifactsLocation=${{ github.event.client_payload.testBranchNameForArtifactsLocation }} + fi + + echo "##[set-output name=resourceGroupForWlsAks;]${resourceGroupForWlsAks}" + echo "##[set-output name=dbName;]${dbName}" + echo "##[set-output name=storageAccountName;]${storageAccountName}" + echo "##[set-output name=storageContainerName;]${storageContainerName}" + echo "##[set-output name=isForDemo;]${isForDemo}" + echo "##[set-output name=gitUserNameForArtifactsLocation;]${gitUserNameForArtifactsLocation}" + echo "##[set-output name=testBranchNameForArtifactsLocation;]${testBranchNameForArtifactsLocation}" + + echo "resourceGroupForWlsAks=${resourceGroupForWlsAks}" >> $GITHUB_ENV + echo "dbName=${dbName}" >> $GITHUB_ENV + echo "storageAccountName=${storageAccountName}" >> $GITHUB_ENV + echo "storageContainerName=${storageContainerName}" >> $GITHUB_ENV + echo "isForDemo=${isForDemo}" >> $GITHUB_ENV + echo "gitUserNameForArtifactsLocation=${gitUserNameForArtifactsLocation}" >> $GITHUB_ENV + echo "testBranchNameForArtifactsLocation=${testBranchNameForArtifactsLocation}" >> $GITHUB_ENV - name: Set up JDK 1.8 uses: actions/setup-java@v1 with: @@ -66,7 +121,7 @@ jobs: with: path: weblogic-azure - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Ddev -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + run: mvn -Pbicep -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml - name: Generate artifact file name and path id: artifact_file run: | @@ -131,7 +186,7 @@ jobs: with: azcliversion: ${{ env.azCliVersion }} inlineScript: | - cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ env.storageAccountName }} --container-name ${{ env.storageContainerName }} --name cargo-tracker.war -o tsv) + cargoTrackerBlobUrl=$(az storage blob url --account-name ${{ needs.preflight.outputs.storageAccountName }} --container-name ${{ needs.preflight.outputs.storageContainerName }} --name cargo-tracker.war -o tsv) polishedUrl=$(echo ${cargoTrackerBlobUrl} | sed 's,/,\\\/,g') echo "cargoTrackerBlobUrl=${polishedUrl}" >> $GITHUB_ENV - name: Create Resource Group @@ -139,8 +194,8 @@ jobs: with: azcliversion: ${{ env.azCliVersion }} inlineScript: | - echo "create resource group" ${{ env.resourceGroupForWlsAks }} - az group create --verbose --name ${{ env.resourceGroupForWlsAks }} --location ${{ env.location }} + echo "create resource group" ${{ needs.preflight.outputs.resourceGroupForWlsAks }} + az group create --verbose --name ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --location ${{ env.location }} - name: Checkout Azure-Samples/cargotracker-azure uses: actions/checkout@v2 with: @@ -158,11 +213,11 @@ jobs: s/#appPackageUrls#/${cargoTrackerBlobUrl}/g; \ s/#servicePrincipal#/${servicePrincipal}/g; \ s/#wdtRuntimePassword#/${wdtRuntimePassword}/g; \ - s/#testbranchName#/${{ github.event.inputs.testBranchNameForArtifactsLocation }}/g; \ - s/#gitUserName#/${{ github.event.inputs.gitUserNameForArtifactsLocation }}/g; \ + s/#testbranchName#/${{ needs.preflight.outputs.testBranchNameForArtifactsLocation }}/g; \ + s/#gitUserName#/${{ needs.preflight.outputs.gitUserNameForArtifactsLocation }}/g; \ s/#dbPassword#/${dbPassword}/g; \ - s/#dbUser#/${dbAdminUser}@${dbName}/g; \ - s/#dsConnectionURL#/jdbc:postgresql:\/\/${dbName}.postgres.database.azure.com:5432\/postgres/g" \ + s/#dbUser#/${dbAdminUser}@${{ needs.preflight.outputs.dbName }}/g; \ + s/#dsConnectionURL#/jdbc:postgresql:\/\/${{ needs.preflight.outputs.dbName }}.postgres.database.azure.com:5432\/postgres/g" \ weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json - name: Deploy WebLogic Server Cluster Domain offer id: deploy-wls-cluster @@ -172,17 +227,17 @@ jobs: inlineScript: | az deployment group create \ --verbose \ - --resource-group ${{ env.resourceGroupForWlsAks }} \ + --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} \ --name wls-on-aks \ --parameters @weblogic-azure/weblogic-azure-aks/src/test/setupWlsAksParameters.json \ --template-file ${artifactName}/mainTemplate.json - name: Query Application Gateway URL run: | - appgatewayname=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) + appgatewayname=$(az resource list --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) echo $appgatewayname - publicIpAddressId=$(az network application-gateway show --resource-group ${{ env.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) + publicIpAddressId=$(az network application-gateway show --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) echo $publicIpAddressId - appGatewayURL=$(az network public-ip show --resource-group ${{ env.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) + appGatewayURL=$(az network public-ip show --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) echo $appGatewayURL echo "appGatewayURL=${appGatewayURL}" >> $GITHUB_ENV - name: Verify Cargo Tracker is deployed as expected @@ -198,20 +253,17 @@ jobs: echo "Cargo Tracker is accessible" fi - name: Install kubectl - if: ${{ github.event.client_payload.isForDemo == 'true' }} run: | curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" curl -LO "https://dl.k8s.io/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl.sha256" sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl kubectl version --client - name: Connect to AKS cluster - if: ${{ github.event.client_payload.isForDemo == 'true' }} run: | echo "connect to cluster" - aksClusterName=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) - az aks get-credentials --resource-group ${{ env.resourceGroupForWlsAks }} --name $aksClusterName + aksClusterName=$(az resource list --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.ContainerService/managedClusters'].name|[0]" -o tsv) + az aks get-credentials --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --name $aksClusterName - name: Generate&Apply configmap - if: ${{ github.event.client_payload.isForDemo == 'true' }} run: | wlsConfigmapName=sample-domain1-wdt-config-map wlsConfigmapJson=cargo-tracker-db.json @@ -247,8 +299,8 @@ jobs: --type=json \ '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' cleanup: - needs: deploy-wls-on-aks - if: ${{ github.event.client_payload.isForDemo == 'false' }} + needs: [deploy-wls-on-aks, preflight] + if: ${{ needs.preflight.outputs.isForDemo == 'false' }} runs-on: ubuntu-latest steps: - uses: azure/login@v1 @@ -261,5 +313,5 @@ jobs: with: azcliversion: ${{ env.azCliVersion }} inlineScript: | - echo "delete... " ${{ env.resourceGroupForWlsAks }} - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForWlsAks }} + echo "delete... " ${{ needs.preflight.outputs.resourceGroupForWlsAks }} + az group delete --yes --no-wait --verbose --name ${{ needs.preflight.outputs.resourceGroupForWlsAks }} From 0cb191edd458821970de34f3aa3cf646ee21249e Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Fri, 5 Nov 2021 13:22:03 -0400 Subject: [PATCH 093/720] On branch edburns-msft-78-contact-me-verbiage Extract current verbiage Your branch is up to date with 'origin/edburns-msft-78-contact-me-verbiage'. deleted: arm-oraclelinux-wls/src/main/resources/description.html modified: arm-oraclelinux-wls/src/main/resources/README.md Signed-off-by: Ed Burns Update README.md Update README.md Update README.md Update README.md --- .../src/main/resources/README.md | 143 +++++++++++++++++- .../src/main/resources/description.html | 5 - 2 files changed, 140 insertions(+), 8 deletions(-) delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md index 777e9a1a9..ecd5bdd54 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md @@ -3,15 +3,152 @@ Copyright (c) 2021, Oracle and/or its affiliates. Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. --> +# Offer setup + +## Alias + +Oracle WebLogic Server on Azure Solution Overview + +## Setup details + +* No, I would prefer to only list my offer through the marketplace and process transactions independently + +* How do you want potential customers to interact with this listing offer? + + * Contact me + +### Test drive + +* Not checked Enable a test drive + +### Customer leads + +CRM System connected + +* HTTPS Endpoint + +* Contact email + + * jacob.x.thomas@oracle.com;edburns@microsoft.com;rezar@microsoft.com + +* HTTPS endpoint URL + + * https://prod-15.westcentralus.logic.azure.com:443/workflows/9024092aefba434c9db98dc2536423f6/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=SggEKOTUpII26Oc6XYVl7nbSgluiYdVeIXkq19LuTtY + +### Microsoft 365 integration + +* No, my SaaS offer does not integrate with Microsoft Graph + +* No, I do not have published Teams apps, Office add-ins, or SharePoint Framework solutions that I would like to link to this SaaS offer + +# Properties + +## Categories + +* Primary category: Compute + + * Subcategory: Application Infrastructure + +* Secondary category: Web + + * Subcategory: Web Apps + +## Industries + +* Checked Apps + +* Not checked Microsoft Clouds for Industry + +* App version: Various + +## Legal + +* Checked Use the Standarard Contract for Microsoft's commercial marketplace? + +## Custom amendments... + +No content. + # What is this stuff? -Useful Links to documentation, video, blog of WebLogic on Azure IaaS. +Useful Links to documentation, video, blog of WebLogic on Azure. + +# Offer Listing + +## Name + +Oracle WebLogic Server on Azure Solution Overview + +## Search results summary + +Oracle WebLogic Server is a scalable, enterprise-ready Java application server. + +## Description (Observed max 2973 characters, not including formatting) + +

Azure Oracle WebLogic Server (WLS) offers enable you to embrace cloud computing by making it as easy as possible to migrate your Java applications to Azure. The offers increase productivity by automating most boilerplate Java and Azure resource provisioning and configuration tasks so that you can focus on application development. The offers cover deployment to both Azure Virtual Machines and the Azure Kubernetes Service (AKS).

+ +

The offers are linked in the Learn more section at the bottom of this page.

+ +

These offers are Bring-Your-Own-License. They assume you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Azure.

+ +

If you want to work closely on your migration scenarios with the engineering team developing these offers, just hit the CONTACT ME button. Program managers, architects and engineers will reach back out to you shortly and initiate collaboration!

+ +

WLS on Virtual Machines
+The WLS on virtual machines offers automate provisioning virtual network, storage, and Linux resources, installing WLS, setting up security with a network security group, easing database connectivity, configuring load-balancing with App Gateway or Oracle HTTP Server, connecting to Azure Active Directory, enabling centralized logging via ELK as well as integrating distributed caching with Oracle Coherence.

+ +

There are several offers that target use cases such as single node with admin server enabled and WLS cluster (including dynamic cluster). These offers supports a range of operating system, Java and WebLogic versions such as WLS 14 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

+ +

WLS on AKS
+The WLS on AKS offer automates provisioning an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. The offer will work with any WLS version that supports the Operator, such as 12.2.1.3 and 12.2.1.4.

+ +

Oracle and Microsoft also provide basic step-by-step guidance on getting started with WLS and AKS. This guidance is suitable for customers that wish to remain as close as possible to a native Kubernetes manual deployment experience.

+ +## Getting Started Instructions + +Blank + +## Search keywords + +Java WLS WebLogic + +## Privacy policy link + +https://www.oracle.com/legal/privacy/privacy-policy.html + ## Useful Links -* [Overview](http://www.oracle.com/weblogicserver) +* [Oracle WebLogic Overview](https://www.oracle.com/middleware/weblogic/) + +* [Oracle WebLogic Server Single Node](https://portal.azure.com/#create/oracle.20191001-arm-oraclelinux-wls20191001-arm-oraclelinux-wls) + +* [Oracle WebLogic Server With Admin Server](https://portal.azure.com/#create/oracle.20191009-arm-oraclelinux-wls-admin20191009-arm-oraclelinux-wls-admin) + +* [Oracle WebLogic Server Cluster](https://portal.azure.com/#create/oracle.20191007-arm-oraclelinux-wls-cluster20191007-arm-oraclelinux-wls-cluster) + +* [Oracle WebLogic Server Dynamic Cluster](https://portal.azure.com/#create/oracle.20191021-arm-oraclelinux-wls-dynamic-cluster20191021-arm-oraclelinux-wls-dynamic-cluster) + +* [Weblogic on Azure VMs Offer Documentation](https://oracle.github.io/weblogic-azure/) + +* [WebLogic on Azure Kubernetes Service](https://portal.azure.com/#create/oracle.20210620-wls-on-aks20210620-wls-on-aks) + +* [WebLogic on Azure Kubernetes Service Offer Documentation](https://aka.ms/wls-aks-docs) + +* [Fusion Middleware Documentation](https://docs.oracle.com/en/middleware/fusion-middleware/index.html) + +* [Learn More](https://www.oracle.com/middleware/technologies/weblogic.html) + +## Supporting Documents + +* Release Notes + + * PDF download of WLS_12_2_1_3_RELNOTES.pdf + +## Videos + +* [WebLogic on Azure IaaS](https://www.youtube.com/watch?v=KZpG280G_vs) -* [Learn more](http://www.oracle.com/technetwork/middleware/weblogic/learnmore/index.html) +## Scratch not currently in offer * [Documentation](https://wls-eng.github.io/arm-oraclelinux-wls/) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html deleted file mode 100644 index ae4dbcf36..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/description.html +++ /dev/null @@ -1,5 +0,0 @@ -

Oracle WebLogic Server 12c is a scalable, enterprise-ready Java EE 7 application server.

Oracle WebLogic Server is the best application server for building and deploying enterprise Java EE 7 applications with support for new features for lowering cost of operations, improving performance, enhancing scalability and supporting the Oracle Applications portfolio.

For documentation on this and other WebLogic Server on Microsoft Azure IaaS offers, see the official documentation.

WebLogic implements the following standards.
StandardVersion

Batch

1.0

CDI

1.1

Dependency Injection

1.0

Concurrent Managed Objects

1.0

Expression Language (EL)

3.0, 2.2, 2.1, 2.0

JSON Processing

1.0

XML Web Services (JAX-WS)

2.2, 2.1, 2.0

REST (JAX-RS)

2.0

WebSocket

1.1

JavaBeans Activation Framework

1.1

Java EE

7.0

Application Deployment

1.2

Bean Validation

1.1

Common Annotations

1.2

Connectors

1.7

EJB

3.2, 3.1, 3.0, 2.1, 2.0, and 1.1

Web Services

1.3, 1.2, 1.1

Interceptors

1.2

JDBC

4.0, 3.0

JMS

2.0, 1.1, 1.0.2b

JNDI

1.2

JSF

2.2, 2.1.*, 2.0, 1.2, 1.1

JSP

2.3, 2.2, 2.1, 2.0, 1.2, and 1.1

Managed Beans

1.0

Servlet

3.1, 3.0, 2.5, 2.4, 2.3, and 2.2

Java RMI

1.0

JavaMail

1.5

JTA

1.2

JAX-B

2.2, 2.1, 2.0

JAX-P

1.3, 1.2, 1.1

JAX-R

1.0

JAX-RPC

1.1

JMX

2.0

JPA

2.1, 2.0., 1.0

Management

1.1

JSTL

1.2

Managed Beans

1.0

OTS/JTA

OTS 1.2 and JTA 1.2

RMI/IIOP

1.0

SOAP Attachments (SAAJ)

1.3, 1.2

Streaming API for XML (StAX)

1.0

Web Services Metadata

2.0, 1.1

-

License

-Copyright (c) 2021 Oracle and/or its affiliates. -

-Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. From 30b445c765b3d1382507abf665ce33fbd2170e5c Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 1 Nov 2021 17:31:55 +0800 Subject: [PATCH 094/720] On branch main: output WLS image model and domain description. Signed-off-by: galiacheng Changes to be committed: new file: weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep --- .../queryDomainConfigurations.sh | 63 +++++++++++++++++++ .../src/main/bicep/mainTemplate.bicep | 22 +++++++ .../_ds-output-domain-configurations.bicep | 43 +++++++++++++ 3 files changed, 128 insertions(+) create mode 100644 weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh new file mode 100644 index 000000000..b384eec9f --- /dev/null +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh @@ -0,0 +1,63 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# This script runs on Azure Container Instance with Alpine Linux that Azure Deployment script creates. +# +# env inputs: +# AKS_CLUSTER_NAME +# AKS_CLUSTER_RESOURCEGROUP_NAME +# WLS_DOMAIN_UID + +# Main script +echo "install kubectl" +az aks install-cli + +echo "Connect AKS" +az aks get-credentials \ + --resource-group ${AKS_CLUSTER_RESOURCEGROUP_NAME} \ + --name ${AKS_CLUSTER_NAME} \ + --overwrite-existing + +wlsDomainNS="${WLS_DOMAIN_UID}-ns" + +domainConfigurationYaml=/tmp/domain.yaml +rm -f ${domainConfigurationYaml} +kubectl get domain ${WLS_DOMAIN_UID} -n ${wlsDomainNS} -o yaml >${domainConfigurationYaml} + +adminPodName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=admin-server -o json | + jq '.items[0] | .metadata.name' | + tr -d "\"") + +if [ -z "${adminPodName}" ]; then + echo >&2 "Fail to get admin server pod." + exit 1 +fi + +echo "Copy model.yaml from /u01/wdt/models" +targetModelYaml=/tmp/model.yaml +rm -f ${targetModelYaml} +kubectl cp -n ${wlsDomainNS} -c weblogic-server ${adminPodName}:/u01/wdt/models/model.yaml ${targetModelYaml} +if [ $? != 0 ]; then + echo >&2 "Fail to copy ${adminPodName}:/u01/wdt/models/model.yaml." + exit 1 +fi + +echo "Copy model.properties from from /u01/wdt/models" +targetModelProperties=/tmp/model.properties +rm -f ${targetModelProperties} +kubectl cp -n ${wlsDomainNS} -c weblogic-server ${adminPodName}:/u01/wdt/models/model.properties ${targetModelProperties} +if [ $? != 0 ]; then + echo >&2 "Fail to copy ${adminPodName}:/u01/wdt/models/model.properties." + exit 1 +fi + +base64ofDomainYaml=$(cat ${domainConfigurationYaml} | base64) +base64ofModelYaml=$(cat ${targetModelYaml} | base64) +base64ofModelProperties=$(cat ${targetModelProperties} | base64) + +result=$(jq -n -c \ + --arg domainDeploymentYaml "$base64ofDomainYaml" \ + --arg wlsImageModelYaml "$base64ofModelYaml" \ + --arg wlsImageProperties "$base64ofModelProperties" \ + '{domainDeploymentYaml: $domainDeploymentYaml, wlsImageModelYaml: $wlsImageModelYaml, wlsImageProperties: $wlsImageProperties}') +echo "result is: $result" +echo $result >$AZ_SCRIPTS_OUTPUT_PATH diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 34550e968..700077751 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -668,6 +668,25 @@ module validateApplciations 'modules/_deployment-scripts/_ds-validate-applicatio ] } +/* +* Query and output WebLogic domain configuration, including: +* - domain deployment description +* - image model +* - image properties +*/ +module queryWLSDomainConfig 'modules/_deployment-scripts/_ds-output-domain-configurations.bicep' = { + name:'query-wls-domain-configurations' + params:{ + aksClusterRGName: ref_wlsDomainDeployment.outputs.aksClusterRGName.value + aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value + identity: identity + wlsDomainUID: wlsDomainUID + } + dependsOn: [ + validateApplciations + ] +} + output aksClusterName string = ref_wlsDomainDeployment.outputs.aksClusterName.value output adminConsoleInternalUrl string = ref_wlsDomainDeployment.outputs.adminServerUrl.value output adminConsoleExternalUrl string = const_enableNetworking ? networkingDeployment.outputs.adminConsoleExternalUrl : '' @@ -682,3 +701,6 @@ output clusterExternalUrl string = const_enableNetworking ? networkingDeployment output clusterExternalSecuredUrl string = const_enableNetworking ? networkingDeployment.outputs.clusterExternalSecuredUrl : '' output clusterT3InternalUrl string = ref_wlsDomainDeployment.outputs.clusterT3InternalUrl.value output clusterT3ExternalUrl string = enableAdminT3Tunneling && const_enableNetworking ? format('{0}://{1}', enableCustomSSL ? 't3s' : 't3', networkingDeployment.outputs.clusterT3ChannelUrl) : '' +output shellCmdtoOutputWlsDomainYaml string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsDomainYaml +output shellCmdtoOutputWlsImageModelYaml string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsImageModelYaml +output shellCmdtoOutputWlsImageProperties string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsImageProperties diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep new file mode 100644 index 000000000..5181744a6 --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep @@ -0,0 +1,43 @@ +// Copyright (c) 2021, Oracle Corporation and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +param aksClusterRGName string = '' +param aksClusterName string = '' +param identity object +param utcValue string = utcNow() +param wlsDomainUID string = 'sample-domain1' + +var const_azcliVersion='2.15.0' +var const_deploymentName='ds-query-wls-configurations' + +resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: 'ds-query-wls-configurations' + location: resourceGroup().location + kind: 'AzureCLI' + identity: identity + properties: { + azCliVersion: const_azcliVersion + environmentVariables: [ + { + name: 'AKS_CLUSTER_RESOURCEGROUP_NAME' + value: aksClusterRGName + } + { + name: 'AKS_CLUSTER_NAME' + value: aksClusterName + } + { + name: 'WLS_DOMAIN_UID' + value: wlsDomainUID + } + ] + scriptContent: loadTextContent('../../../arm/scripts/inline-scripts/queryDomainConfigurations.sh') + cleanupPreference: 'OnSuccess' + retentionInterval: 'P1D' + forceUpdateTag: utcValue + } +} + +output shellCmdtoOutputWlsDomainYaml string = format('echo -e {0} | base64 -d > domain.yaml', reference(const_deploymentName).outputs.domainDeploymentYaml) +output shellCmdtoOutputWlsImageModelYaml string = format('echo -e {0} | base64 -d > model.yaml', reference(const_deploymentName).outputs.wlsImageModelYaml) +output shellCmdtoOutputWlsImageProperties string = format('echo -e {0} | base64 -d > model.properties', reference(const_deploymentName).outputs.wlsImageProperties) From 889fcbae379334207947a274927ae38654369b1e Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 1 Nov 2021 17:33:09 +0800 Subject: [PATCH 095/720] On branch main: test galiacheng main branch Signed-off-by: galiacheng --- .github/workflows/testWlsAks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index b53e42af3..714abd314 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -26,7 +26,7 @@ env: wlsUserName: ${{ secrets.WLS_USERNAME }} wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoUserName: oracle + aksRepoUserName: galiacheng aksRepoBranchName: main resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} From 2c47a72bb5a054117a587fef15a2e4d41213240f Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 1 Nov 2021 18:30:12 +0800 Subject: [PATCH 096/720] On branch main: revert testing galiacheng main branch Signed-off-by: galiacheng --- .github/workflows/testWlsAks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsAks.yml b/.github/workflows/testWlsAks.yml index 714abd314..b53e42af3 100644 --- a/.github/workflows/testWlsAks.yml +++ b/.github/workflows/testWlsAks.yml @@ -26,7 +26,7 @@ env: wlsUserName: ${{ secrets.WLS_USERNAME }} wlsPassword: ${{ secrets.WLS_PSW }} userAssignedManagedIdentity: ${{ secrets.USER_ASSIGNED_MANAGED_IDENTITY_ID }} - aksRepoUserName: galiacheng + aksRepoUserName: oracle aksRepoBranchName: main resourceGroupForDB: wlsd-db-${{ github.run_id }}-${{ github.run_number }} resourceGroupForStorageAccount: wlsd-sa-${{ github.run_id }}-${{ github.run_number }} From 662978e21a114c8993de980d74c4547f17acb0a4 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 2 Nov 2021 11:17:56 +0800 Subject: [PATCH 097/720] On branch main: label lb svc and ingress. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh modified: weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh --- .../arm/scripts/createAppGatewayIngress.sh | 28 +++++++++++++++++++ .../src/main/arm/scripts/createLbSvc.sh | 16 +++++++++++ 2 files changed, 44 insertions(+) diff --git a/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh b/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh index a4d41688d..287653ca6 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh @@ -22,6 +22,10 @@ kind: Ingress metadata: name: ${clusterIngressHttpsName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway EOF @@ -58,6 +62,10 @@ kind: Ingress metadata: name: ${clusterIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway EOF @@ -92,6 +100,10 @@ kind: Ingress metadata: name: ${clusterIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/ssl-redirect: "true" @@ -141,6 +153,10 @@ kind: Ingress metadata: name: ${adminIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway EOF @@ -173,6 +189,10 @@ kind: Ingress metadata: name: ${adminRemoteIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}-remote-console" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/backend-path-prefix: "/" @@ -208,6 +228,10 @@ kind: Ingress metadata: name: ${adminIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/ssl-redirect: "true" @@ -256,6 +280,10 @@ kind: Ingress metadata: name: ${adminRemoteIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}-remote-console" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/backend-path-prefix: "/" diff --git a/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh b/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh index 7f22943c4..ebf3edfcc 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh @@ -19,6 +19,10 @@ kind: Service metadata: name: ${adminServerLBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service @@ -51,6 +55,10 @@ kind: Service metadata: name: ${adminServerT3LBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}-t3-channel" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service @@ -83,6 +91,10 @@ kind: Service metadata: name: ${clusterLBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service @@ -115,6 +127,10 @@ kind: Service metadata: name: ${clusterT3LBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}-t3-channel" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service From 53ddb4de84cbe055c0e071426fe19c05c86f7919 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 8 Nov 2021 13:47:38 -0500 Subject: [PATCH 098/720] On branch edburns-msft-78-contact-me-verbiage weblogic-azure-aks/src/main/resources/marketing-artifacts/video-thumbnail.png - For partner center Signed-off-by: Ed Burns --- .../marketing-artifacts/video-thumbnail.png | Bin 0 -> 263822 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 weblogic-azure-aks/src/main/resources/marketing-artifacts/video-thumbnail.png diff --git a/weblogic-azure-aks/src/main/resources/marketing-artifacts/video-thumbnail.png b/weblogic-azure-aks/src/main/resources/marketing-artifacts/video-thumbnail.png new file mode 100644 index 0000000000000000000000000000000000000000..c10e69547869d51a284f69bff0ab00233fb7627c GIT binary patch literal 263822 zcmXuK18`-}^FDlU>|~Q{>|~=2Zfx7O&5do_wy`lc+Tg}^HrUv<{qE=c|GlT`oauwA zsXjeD-Tllnk&5yX$Ow1{00014N>WrA0D%4{Ld?KH{A&b>rGft%ptG`sFrapd;P~GS zl!cI-5CG5+kN9Tv->2{nl3LCH0Pf;{ClF_L>>L32ER_-!QuWY3>w*m+7npW%3B>_5QveVk z6fhDfiD=lsb(qULf9+paY2o(oFozV3GWFM4onKeGKlxLop?2x2;hyZlJGJt(A8eI% z`~xopZMiWy%xK1$Dlx@cDdfjgd21kbm-aA-@?wH2ja5S`yE(EBq|kD3)MBk zZT_?;$-5s!9SOBMTJ1&p3AJODR7K06AA%e?K>u+7+4qITz7*k`Alqni0m-|kao!mz zP}J`O_>3VN2`%Av!?l=Ax8#8rx3%V?^uONv!(!uEXV4@St|w> z4pCt~uWqt~%E?rW8>!(T6f$z=1gv~IFO=lezIp{hCrVPTOi`c?qmQ^0Y)qep&y}FkI)oP2lAHLyUc}5e$0?*ExhRLj7}1mz80OtsXvrvRXDV z70So2e4v;fg`IDx#8()q>9$;`_k#CV8{J;HB8Z2i$4hX-#ci$dn;Ck@m@x9Ti~A<^ z>gbKu7D;@Rl7_YN%lA0wZ+^>3!<#=$hCRVJK)ZPYxms(KJ%t3dYfs9yzeqk;ck@%8 z@*oXQ?U^G8tN*Oo|Ie(%z5(rq(~sqJlR*elKsY|Lg>A`%BIQvf=&OClMvmiv6Bzw$1>GY-9$~?p z9-V9z+Ta<=Ts*IKoq2HMj3AnYX?8)dUk%p+w3P0Mjp6OpBE{znmZhk`!!lR4+&s}1 z6^Wcl^(7Gd5Y=`tIx#?m6rdLmp-J`8DEtw_fay>_5xJa7DX!$;JaL5dtpE*Bd=3iZ zP3KGtijFpe5FPwwbq?n=TwLdl>SvNNEh{Zsyu>IQl{6mqI`3K@W1RR7Jla@Yzs}kK%PG?~@1m0WnyTBFdO~eve26h4; zYUtaeJ#M3VqNy<@lBwCWahStX99b^h`fiyJ)K#FIe1@c1yUl!R&_2uX&B^xuryGW? z)XHVgcwBkEDud=X%Bk{4bWU=$|t@nUakA3`s25E=v{`Aj7{TO+z*@$rSL`=pha)h%$^icl1Vv z>^6B(=aUap?8S$bWh-Im{9ehBdU#{FL!v&~+QTE5^&Azoz}5X&SQkTlhR--qBU*U* zaKyKbd@^9HH~GKO`mej5iIGNR#H=QEThqQdVjcThC?{^~wvl8O=k(@?tRaK@S*+dBdW3^#YgQySZ>@ZXHVp=>Z zK*7p`j`bA#5X;1Osa#h&iR`wCa(nL0nMo#+`%+%C!Gu?rOdDQ{$$5sWZ)WlV=D~Dm zjg5+p7=~5{L3^9@f%MxS1(}2vh8Lngbm2{ZUH<|5WP6O=LV`i$5js9V0zMP8K?-3v zr!#a<83lo;T>KahB3TDxa_o$|n{fw9g~b1jo>)|Lmlw#UEOO9vU%nZQ`5NdMFm&`T90o8Y$Lxl0IcZN$pAQ?}Sm0OzwLc+A8K6$;O@3PA&ffIV@la6nK z&U2y(8J-h=KGi>Tz(xm-1vdHd40C5Uw0THNI3T~7vy7TTpRgdGh#BcjY#CRJmNP>W zkB!E-9`LLJ86tS!OlB9(u;g+r zcg=uO(GOYT!n16-?l@E0lYmQ&MTc0b2;#a+jOxh}>3-l`26W>d(=>ZCp&@?H!pK>G z3MP6-+$hHS0M$>=sT59mvK)v*CS3D=p0Q=4cY&&^V zkF1iUgT7o4N`072g&eMrVPbS2H7ubDE1Lra)LQ~`*9)vxWW^VuU?kBQu3i$dQhEmu zM{Dg8!mWyFfI;Mjkx6&P`V|-cf9jnEWR+EBbmi zOknZsZ<{!X!OOY+9~tnFJvk`#g~tR66f74Y z@z3${CEeDR5_XalN#2Y(#R`gTZQ;?S&GxIshKDqV+I!f)t4qvs`*PxXX` zaP3?f4IZ}|TaYu%_{2Jj@68}F(%IQk#+gNUMzpv?Hu)Xl&Wg4O?MubAPEtp_X{)<9 zJhvVrJ(LsUg@oh*LX5X9jPgZ!h3IBTpG3mddM0Pt#p>n<+66G*sPuevRp}T-| zl)ITGW-;1IUjV|K4wAMvZ_C}U^?Y0`8YenCl;I;;%X7%-L5|)!Dej^epnP1DACh%Q z>_*5(^hWY-*kzHxi%-*4C8WWk1y*Ye0HG8_IoB!CMEZMrP(2miQz7$Rt|qce9@!{ZLzoQbaTzr0h=Lg!9;V00+=xr5OYQm zDI5P6W!d?0185R0^wGD8cozM4jQv5DzE-emxi+zBC zBJelIFKJurubPn+x6dBg@QpVZr-gJryyK@7r{Dj4eq;{mV0mm+0~nYX9LgMXDvrv; zpOlh)_H|&V+^XO=@+pF(NJ2BPAQH01{25AAgoa!UGdxNc*AggGFg#a+N9fGUjEB^6 z0E*vp%)}#YeeM!Vb+lsTWg&-PuMEvtF32Lu_`3s7-EKNWU2yH8cWEu9d&kPrg|-Kv zE^+2_Cauk49z~^;lG-dy?bxPv0SbS>YZPS?LI}?o69V4cz?|tZ#0>a%UQC2JSkteG zER!xHW8(=@M%FjvK^15F3Lu)a!P!~jAR*cJ7PX7j)&-3Y4_r#bDNH%Igper` zxMlO%{E&%uAH4d;8$;_a&`mzNi7J0@Q^e)7tbB~cd`m$X$NPz&vY=_07Y7;GWu%F4 z;P02);cyZlyMNz-s<6ks;%WPXr0k>4#{q>Gm*+Sw(`&+T^nxaYcP&o3k(`D^rwHT< zsXEIw8}ZSHmJ+6TT#VMBT<0)4V*fW|2>zCEMuQS659rsNP(xJ{;&m{b%Qn7rz4DzQ%w5S+u}Rb7-B4|n zaa}>s$qgwnffFJvX5Ad1WV@mYLr<1OEpCxTT(=RsF`-l~k#evtzYI+y_2Iw*tJdIG zQ%3)wl{wf6+TI0C!4D{wcxaz1c=J?WYdQe>4C|A&t3!YhCR6leU;rA!fk@TJPfP2v z3izO?V$@rI(wco0!SHQ0`G~A3`BLf;&oHT#pPF{Yb$iG-xp0>ECBnBnV6C_PV|cDa zF;cY#_!4h65%r*IO+hTkXN>xEvY_9CBj#UVF{?=i8b9E1Nv*Bj)J3B_Dw&uK9W$av z-mG1O1pij=RTr?9QD&t20JPv6jsNBUrYrzyaW?caKyJopxE)=$m8%|;Wn~(soD$fc zT~;+fPwE%SK?GeOplpmv4=OqTMNUyKlwdxK<91=m(o1}V)%)CpyhjeDoViI zA>$_(3s~D<9;qGzerY%{9p%><4+qvkw6i0yym87rbwpiOAt#VVi*+j{61#r(D@-f9 z0yI367>b_IAO#*1MW5F92Hc;JIjI~~gV%fRlwRm#sxN@0Lq^vL&WOC&+KGBsxAvZJpyFe@U`_NPv!qlB&7D)mz-|bGj z%#Zx{JH6~h2F4&i35vlzZOq$>b-7Ld8qbiFN+%j7O2)uES$_o0`(E=o*(7iW24ih< zzcWs@TL2SqHG7~Z)sFe*8%dC97I$|Jrk>(SC^}k&lup#TheR>bx)a2tbrB@9maz(L z^0#fNNUN3PDMbjuyc2lU%%6)^BW8C<(|dP=dp$yA z3XVC$@Q?`q>>-nd%2};BwBVZ&8W)Qj6qIg*`)b=|1GvCivi`OSG;2AHQ>a<|RqeM% z+AlFfw$b@PbP%^??rH&1lKw`T680IesU<4d(QQS&S^w&(K_M+KTCg8CJE3Nlf}!Mi z_<4zlc~*6T0G4nslv`URY0aTC;_WD+QC_J?hQ&j?SBC$6V4u&+)>k8v(~0Un2|XZx z$w{z*w4SI#>JjoPSMX$%RRDt(_iQ4)dDu=D=K;+=60eu#Q9t+%g{BuJw_Gl00S?<2&(B-RJ-VL&JVf&_}jo<}f1w^+HgJMi8b{+I*T zbp$ClEZz121BPWl#{n@wNcb^$I7pX?p|7G0sc&Y`C@y7WSq#hYzhvt)GL>^-y_1LD2NKr{eh!$=t^cD6O@#8|cuV3o? zeg4jALjLm(6ktf zFzN+O=Preyqu*WSi0lW@Wne3_DU5?KIfQlJ8I*O-qEOgJh8b+C$<=oc@HU zf%;1Es5*~D5D(Hvwc{qby%+;A00`c}l%+*U;15IZ{lsj~5DhBIOlWJH7!)f zHDx&g6+56)(Z9rEY|W2Z|7eOlG$v({Q^z7J5JBLj;9Yz2@3Jpk-OEu#*Idg&QPHz9 zb5&3<@N_I_C=)MwG!G0cA)$mWbk^-!<10ZZ^}z5(Z;TrGhMomMVBdV^h|DF4<>PlJ zHlKN%M%aMinIHfxjqDBrJm9#BBg2lY#K7rhkV^&GNRh%nm2Tl2x&=^?SBWR@s2qes zlZ*t1W#kM9y^4!6(BTTrMo6Pg;J`3YIy0qnQ6@q8zSs4SanRqiGLjH`V?tw?lKMkL z(2oe32j#qB%O=1+n*gDkEWV9Q3y|~xEXD-_zL7xOiISf%1*<8y=@Z;XaF^2*@X>V? z6%{o$Hda<5xJk>%^b&{3S5nW|IE?gtr+)&$+N1eRI2_xuAx_s~$s2D?+oOWr%uzu4 z---f=xUo&s^(5P%&C};m zL%)Q7kWrQvr>|DOvx2Hp`Jk!kS#ZxRLg`G+U`P%6R&< zW%O)60$8;y`0K$>liXUMdfnrMuRL6a2r0s}GrkYm7&xg^cx2_Ynv`>;%NbA)oziK? znTQFtUa`Mk4&Eqq+azR(E&V!jS#H$p4cj2lpZ=vDK5a;VP*fe@L1`cw|Gw$TaQ)!4DUASL)np2umj?a1aYv>FcP%GHmvHC4%Z=mXNQ7j zC{B20iZMMXY@T&S=OL4#K}ey@5bk&TP>M2@ay4q+;f2hrnylNltgfQ8p{Oz{B6s~4 zkRAfQWtx4ym}QYtHZ$L3o1_b3Vu}1#KzhA3Sw)0S$B2$3mdZ8N8&2vV9R$l5;8oK0 zH#s$eJq=o##2>mGKz7_^aD@uRLMo&vvfpPYNN_hwPL_`**H7<_3_ZswO15*Gu7#x2 zV`a(&q9Jl+-9=IjKcrZZP2mcY9^mg`RiwF3m+nWC4keTIlDE& zxdPnD?A79@QvFHFjOQ-j3x+txy$4*>&b{d=n%(8mJ zmwlNtB7r!T@zx#4Dyniqq$u3H^2YxHPm?zc=buNkitu=6vS?wql|?xAz<+`6Qr+VI zU)-B3onL|Q5A-;=Z>M_zBp=Q1i#H=ppa8Ya(8KT2c#z^I^333!oJXe6lfz9)fEGtO zXrzaaDQU73|k;_q%9={KTSFjlrjMqV3b!j8LzR`G zU3r=M)d$*is1|?(=`6TdU>+ibb!EeCRqRnl40?kyTA>b9-cj{FGy(!W$MWSOZh@c# zcO)7>0=OA+0qM%9iWq>KQ4B?L2s-rn=t}E)LUM>yi&uI~7I;s`mUyl)w9sj$ zGsWul2##4~B8cob*-BAvb-X+u*QmP@xZWF0OUv`-|J7|IbRW4}6V5OcM$S#uCimjN zRAW>KQ{Ox|)o`!xqVgfnF$zlp6hhJcsDd8;s zt5pt*(a)DXva-8YIvC2q`N}dIL`O1Cu-%Wlx(`c7xeA^%#oVG&&_WoDph-5v{FQeJ z#<_|AU4FXiPPUT@AI5VP>c}vW*awsr1k|1asG=KF>#hl1cE86kNEXI?oM>z826coH zoOz9Eg2ex48s*v=?~X3~OD*~k)<`cizj8@D9OnQ|7!lCEwY$5vyD$)zgt1M15EN5V zq}%CXWlQ(dvICwR-wpT8$)Qebz3SCVZ8}4d`BB=Dp+_V^u=Ul+(z4{Iw$@s(ENq$u;m?8X zjdQXK*oj{=83qxKg8&m)IYCkn-zWYnX0Eh&3i$e!=OGKPLL#96lK*~y2H)W#GQ;t>={tGf0dw|XVq{Pxo)Dh^h8smvf@lHb97+!0|dPCH}P>g$6f2` zI)VD5t83@hA37$~4P6qy$)40r)!S$?yc&MmZ!SLB_&*2>Ygan)BUc39%|U(%sYWj! zV~+-k6R-qLp0gPP(_5SZ+g%Iq{4dvzf|dRPY>>%%JxKZ!2M`&1y8Z5>Y}jkJ<)F`@ zlcSyH;3OXI!#sGmD1KrnBhn&KYAdYJI^MbB=BY1(*BODAQ=g1gsE{}Y>@ z7eQ8bedV*aXRF&^zSt3}WmaeB#*4bcAa7V4z^`5^zg$tB)t~FXO5a}of$EAS{vM)B z_sn&zMa?Ok1QOGapOzX5{)$ofMds@+4Nz>Qc3McX=#2E<|0?-fNP`mOk3YmUQLz!1 zMAmWF474x>(TGq=Bss@yLzipa3l5h4SN4-qI}L_iV`hGY8vgF6n|+XnV&U}ZXn+DG6Owlw-BSG@%oD`8z9XiO76AiEmCy_Kg2RId zLCg6CtS3^JxagzoZ{*SlmM<%AL^mC31OYkgJ;3}S?BC)wTDIWgj_)O*VzMdAx6OEu zj5HDDliMPqVFOQ|`uOfL%dG)9LW_Zvu1PDwxKB5Lylz(v9=g0?vo4PT2KX5kmxxRf z;b|RDxyb+|dAl{UxQ@{Xd0uX+?RmN~(m(}UOTozBf`Urvy(R^cTZcdgjN2nixM7!umUWY+W`G`42 z{b)a9K$Or#rh&G?W>1CN4Q0{vhm7p;5@bbmzjIK=FbTgfDX>#58(2cw7S2&)DSDjh zIUrR#IfN~yhGLSYMI4wI-Xf$)u^hQPLp7758(A^`+=I`|zzgL8TSZYpd5Pd8&f)Im zH^vrNP(p8o=eD+}!p}FL;Y^=V$RYJuZSjAwoK$cw&jt98pz>ux++@r5Q6NVu51J43 zN=Zf`$f8=wkr1+?va&dYdP_Q>_ahynU(0gGK}QVG#|98~mL`m%4~Tr0X~Zob(*P{y zXIvm*=y5s?Q<~vsrMIv+FaTsJ49te#zO{I>p;1CqWK!XXWlsT$M z$UjT!+3M$w(Idi1c5LvWMj(OcN+&qkUmDxSA(A0ir`RT7C5`+_v40v0O*FYgkLg|; zjT7HkC}q25l)nY`NoWIWC68}a13a%2NajLoXIpyPgx3~nwk*(@5lxhA#}nF7%>%bt z!u&sN#zl6oqjNjxW~i7B)!a@p@FUd3C#%RG94<%Y5#q zT{L{;$(`aG2+S1S4C29t8avWt)lX8&_fA=au^P?{E)n!21zl#dp?|Ns=drWxv@?-Q z4A#;53Mj|86rUBsr^QxDxs{VkP2Kr@;NE zVU>O2BQr2$+kvcLMP9Wx0%l@{*w6KOEcD|Rn@8WH>a>QuCS2i>jSZI3oyxdFe^U`2 z>v(3wfi-VorYtP0C|4LcRjOc6fi@_w1#}Dmin6Z6Y&6$2cJaMT^~y~8Hq-_>ObfQz zz_}T(2hUyv&Pe)C_njm)A{?HE54oTS$eQg>#k#Z~|I2P00^a^%V5Fv`->qBVnN74X zSIZJ{$Au{yi%9-G!xF}7EIP<6Fr*8SEt#&Tr^bX50ima^3D)2+?DjWerP8-XJ9m_1 zom2)02)@gmLDJ#xLF}hNN$}={0L-bDwPqAJQDOu-w+nD|BcPDT<}O%(El^%_6__~J zE?ZE1$E4O@upe;?$>7YFEy5g!;XGptmT(@eclm!*OX9m98?D4dFMdC}C8>gg%N&U+ zDzqeInw4eH<3D;s z8{RJ~j9!q1*IeD3(lHN5uswr@6+yEFk~6T(d8pCSMq`aboR}QgMuqqX&s~LR0U-$b zstX{0qbqegycT^v{8ICO!ap@bKa`W(a@AV!B!`bNzgBz8T~hw^=`N+h-9g_kdXU1 z=U{;-;%}MqK&m+*6*Y`KnybpfOV39^h0TC7T5G#=uk%U1%X}MUSMDw4`m`xH9H7qn zjL-uN_lGExETK(gLp61Zq%;F-LDeX2*o0DvJ0OLXow@BBdGYS$g}}m}b(v|FFs&e$ zA7wCEi`GJJh7H-cn$l?~kX@`nRE2sK4D(>=klY;6>SPxPGbk;?4hbFRE|cpd2>z)Q zvVKcLK_l~kv;;y;s0-Bin9iHOHhSxNchzEKa@2BJdBXI49Sv(LbMq`$<3-iVltnbb z4n)VA^nxlSBoT9kBEwT`dJw!URFb9!-k>48|e4O0!nTCBv*)C1;DAix9TLNJE zhF6$o?r_KvI;2=Z-A8!lM+u^sY=r2$o}D)%5rzy85H2YQ>LlM#j$DdJsHLEJopCU) z@Ut{oO9f~^GrU|7BI;=?FoIYsnXrObzgA$v=o(p2k+fJXz5@PTh;SO=rq}_EBU8K} z(=Rz{h9hJ=w}25c&Q-uj5m(iJQWZEs%=sXYH2T06k|g>}77|H(0b(H73Y5r6ZW_d7 z2n;7F3eI-zv^uk}Z~ol6-ylAZ`?&gX59@6le}*E^$a6Ddw;U<*)Vq33+|Bke&+(hl zT{HkSkslBPSt`cVX zec^s!nh|LrYJ>Cd65%!bBZUZge-Sg~DJg6uqPebMG`HTqlxrqT%4JNz^hXv`I@;fk z2^Ecju7{z>O9Ahvf&D$h0Ty&u4&*EQPJx$x0~g+hw+fwBb^RW8#hsX-Dg_Tv^VO*) zhMG+H85t!odohU^M*EZ^;zCws?`>Zl+Sn|f#zS?gCW$QcDS4ngfh?EP$gZ57^1{}0lK(;A5iO$hxb{BwL`QVcC6H0H#w(4>f34QP!CUlISG0IK@$J?Atx zx-~}(Io|Z(_t0x*(mhp?qQZLY&ENx0!ldEdG_x_8WX*V-y|A(CQk3hIzt$6 z)5Hly(CM*F(95qZXXGHvAkX`RL6c!*yG=`KAKSsvABTtP@7ISKAMw+50apT6Ps!6Y zPxI3?Z%xy6FSpY*A5GIWFYD6`daGM*eTHsqi7Q-&bz|i|m+?!!m+^}q4|=IpV?{Yc z{Te42lOp0hew#O!Z?hc|A0GWL+LMf7c0FY~fw8}q7N9%5gokV(KtA)eF^n()B3C~> z&=`@X9Z=TvHlS{?OzF|($-<&p2r2oGfqHnGUjcK);i_RzKjA3YJw?!vA~Uvpd6@X9 z3VP|T*-CG)?JL&W8{FozVCH2z%Kc`CV&k8w&PQ zha$Y0yzYh1n;*BYpEtRezK4m#`RxuXJA@o0_Bpzaalatw)16WfRHsI;Fhj8GSEQtz zhA_Qa;YuJBr9_S06M}L$Vj82PD-LUt%R&qfE;QY zSP9pb7F2*Iku*Dg{-akC6HYE*EX`T~SrcsxYiy1yHH}jVA$Sng26M2pKssYH8EO2b+n6?4#iN6z&6+0 z3;Xe+@~9rW^>pF)<@sI)4Z>#yFg53l_WnoA;fDh|6wd}`XbUD$@UW>YA*s!lwp~OV z8|xloWF>?YL`&srT>qudLQcRwgcCPYFMwo=N!q&i+btaOwyW0Foboio5j66F$@1Xi z{#s9mXQ)~lo`Kyog{uki{(;u5J1ol?Dyjs28`QZZ=4M;wvfQ#rcUbHVFEm06PZHH~ z^5%^~n8%G-0+VFR8ES7c=;N_Vkz{8RkO}4WW?+L^|A_qB-)T{c6Z@vbwDFyXP$^fy zr~7bai7{5xH5VHX4}Z^axW((5<5K@(M_e>%=8mEigldVWWL$*x63fWo@9F-EAI=?4 zHq~K#^P0bMqwu*OR`cB#g$7T~>2TE;)V0~=J6j2D=!{3{7lLCdzdAt1suBP<2RzW7 zoiTd7;2G9o$aj?{@5D_OlgIkT>UDj;3-gEE_Fs~pY3ox2)+V^*=fCwCN(74fxmS0&Os>;T)Gx?oV|d6cFPKb-RxmKcVG%`6~ti3lGQ)L z;qoxQ0%s<^TZC=$vBdCLgp(3*@<14UW+u8%qg?QCcwF^K8jMI5?GAU+!YpUz3oA?^ z8%qMo?xfxCrZ2Q$^gQIuluGJeMO$e`h*)r+V|6P1UoQ|iH@BP#xOryS4bONMU;FYN z5Z|T5T!PIeaI<7mL@{E$pPV^+O`t3=OX86W@U|rTEvx$K>8_}K9V%Vfrj8LF)OEku zaYFqWw+X_-knJaJcjfCl{ZiL|=g^U@0YzREC;`5e4_uuY*=%Tk^Y^`-z2x`L+tqdd zLHqt{U;TL!d+)u$AK98}XbEMJ+CJ~2jNWI*{1iJ~+f_W)P_m|_a^kaHGf&_cwdI%% z4?D|8a2eu=+lc{j(KO^7C9|hj1Sb+x8@+X~W3p8S?9R2?`YI9mlNa0l3Z4jWcm`^N zq~nBDbQD~9TtE-~x7>mCmS0JT%a^bl`tRY;{VI%}7at8z?J?7H?M6d+p6@lw>*^UR5J4+?qrXX1+t{tZ2DlSxxRxCgi6SQ-$Edr?ylt&C5_3?pJ2ABw8*G{?iIN z6QNf$+6KH(+-Vh1%E+sd_7|K4-jbE~k4JtSl1N7gG{b65q@uFQS;G z8iKz!e+5!-$~YzsJD%S!rKY9sLSyO!MBrU?{(vdaR3YyY(mj-5jSx5uD8I(W z$&laz(**?&fozamBI&|3WF`=`YJtYk5q(?WG`ukxsA=?D{jZ{ zZeeCLzkMlA=3Ia?jq>Ax3ySNc79=tVN9oE@Nje#Q%;xv~EMF&j96UIPigLmUEx5L7 zWL1XvkJu7RBZ+?Ob7=W$$jfz(e)MJ-SwjZ`ay2)=Ug|r2>@1hoHq`m-zf5l`@ol(T zdGLxu5sBNM;1;7o;X<*{IM3GDSj+39Pj z9ZqH^Yui3<=TTp}wwa2>_jQswWNAp-{#|Z+Rjji1lEXkEFxO|!I?m06EMqa$LE{89 zi(meBobBD!qhbs<5&lJ!%BBu;QVHhS%{hAQo%ol4_SpT2g8rojA_d35&4D78v-jL` z&)#Qi55D{o#fYLKa$_e8da7!J4LPWFjKHmt~`%UK}C{~?ld(+c0VoC zP9i{t5m`6spryAWmP85<;%QO6Z;q$jF`VN(j`nfrGj>KG&kM8)1sp_tXHq2({kX4l zLm9ra7g#4`?j%zp`nS@5{~(_4YqUxHb`f{VUbF0fCLD81%;!>3`1ieHRlU2tRqT&h za{6(3dBR&W^q#P}aYhqg*oQ_>&&|UsR%#jtoqqG(5|J)LhV|x_B4^1?s0pMj>&`+j zep*U;8jn67Ynf2l%2&(XViZVT#{5iOvUtyl3{jW*FfFLJrzqX8U(Lw)XTmHBsS3^` zUU86up+vT?8yv-y1b@tk9?F8UW()R8YE~Dy@7oe1ymIEs zQrWg5hWn%l24v+}F=TAsvo%s*qDBAAP%w1=O!;jW>2OMWyP@_s_xqD|@qWvu_f#F6>GA(h^$WEZwySQ%f1W+se`Bu;{2<-O*;8 zwT_+P)I?^i+2+)wl@Wfug|pMws4*ob%`&)^p4nb|i+aBeU!8rUtK}jrG_D4DN;|PC zy`4whlYIe^ft*qso7ZqeEfUW_U8S*1o`2rOks9Ya%|qH(_@FdUs%1k?n?ew}RaaOuBdfZE$4jTu`#u7#b=>z>p0FRIhPCj(1JE(A5Iss8T^F?J7* zIt~ET9TZZ%ico9)Czae%01Ksb54k-yHMye>c6N5ZV`Cc|o5y7j;XTJJq|jo$brEca zW|X`5tF6DsKJJf#78353yleCGsLr@;>5%Wm*o?pQtnHR&SA;gd_O;)pPv_VlAK^lj z!}ySTX%H6Td$}tp(0%Ed@u~1P1XGx^=GodEb9-Mnfe0Y&v3v-{2dMh{S zfs9W;yWY95=Ja7a9=bS{F*b}b!`JS?izP!{S%#Ct%};c4akA8F#lba#A3OBBqobEa zh0S4jq}@4vD!*r8b~aa*l9i2%nfveDU$2UGE`mrwLNz^N)ZxFsVWteuj)+kxT~$Pu zP$s{^)kFG~jU;=px_ubis5pCXZsF8KU@1^|d3iIkx5hz{SB{>REzk0SIPuQT@H^KQ zJsV1Y7+T`2i3RH~9G#p(${h6#mPzsgYm3W{dmT!Oo2uH|+so@vr9;>Waq;b~Ag7zD z%8r6a5OYAx%zoESuc0#OLdJ^J&EIwM!6h_NTWbhg=`HS$Y`>cGe=jg&$x%}hM^Q1h zxIG}F8dzEZ*@uLUuKJJnA&ZNPyN-obbi83%bN-RZ)Z|<$jjF7*KfxrNX@`uuQ56N2 zE(uWnsv5Acu-Oc)d0h*0T%asbZ)C=(0G_{#iyLb`xGAKGU>mCQTs~}umb*t(VZsW3 z6xVQc53xVJ-gZChNIRTf&Yt&e*w5Pb-Lyi0xS@!6WIO~OB0$_;RGJ}^>v2ND6#6ZK z$g8a_d@l-2?It7gtKG*Am>1X~VWq1kEfzDV|JayqUWSk$lpL3lpg{B?>duJj%D*y< zJ)27_pQ{GlEo0?y<~Zg!UZL1w&Nhg_><5`VbHxO4J_wGMPa#BERxUwcuya;f2t`r~ zrx*$7AhN8&RthmcWl$=P!<@><$4EBLd5hr^)NszC&u(KS9i>CJ<>(`g^Qe0Ku&LV30cs63K{pz{K`y`uVn)IK9H zxABYGLeFRU5|RJOdVZJ3)xhXSs!Y|mZ`OEe1O=rOOhyo>XLrz~p2gfi1fSS7;F=<< ztoj(8r30-x*%&Y{ucqoY9|WOlDlB&u%7|7&!#%H70+TpnfxNL`hM_@RpQ4p9>mC5@ zGl-cG&`V8oLe1~vX% zc(%#6ew&bEbN}(Z%iZ~T=-an0xy#R$x=oMAvZ#HwTAkV|gRaW6y@uN=Ye@g+`(OFp zEibi`Y8zY3UaLXgbrtK~g<122hYT(B_H-{NQ-cQGzO&`6 zf7TjH&F9CWnl246`yf9*hTYeiOWJY{7wL68-d~17WAB%080f!np-%r;ZccD+-{e^- z{=%`5)DP?Xm81M@ZLQu!ZSaW@%n>PBr4F$vz8-%Iq=zX?f0 z@9V?k1B$!r<2`Z=ok5GDTGAyUx6{j7Y4^p&c)CswgS%A0)6pyj zl{`UsA6cTQoZPbq=;`6&F)UpC)f+aQ-T=W=N9Qki^z7{PhuyIyx4+}=-#=u&r`#Jb z?30QV|FVJKy@yDlL5h|Xcswq9I8U{Zz9RkP&ydB3=+L`^Lr}9uV(_<`PMyu7Z8K@l~KPW6T>iqe~8-Z$n|BdfGt#+n$tCT7R#h zoE-Ai?MAN%;raUeJLEdw`gl6y`N;*Z&y%Hv#^wHETH$tK)QNTL@cWRC_iwK-uh;PY zZ3kDmuO4P39jejb>hI$H+r`5Q?5%FUTHI0N2)W%}?%KNp3uWkQ>=cwD zd!BwRZQvk>_BV)<<#9TH`y^T(eKrW+g+5(Fj}6#4ZK`-tHr*O(mhR@+ZhT)R+R$3iYq+z4MxLmc-vc=R@+mg?C!XCdcD-b`**z_peye)9dOM+*(^fyv*n4;pLrMUDYr!_`drCph(}T zQH@_>@8EL#_iIk=g@Dt^UwnH8hMS#tM_uY^=b(@&cG}2DcQ3iFuBOxTci1|u9u$vY zJ80gWbHiL7_YY;cU1OYzoJNnQ6Gz)}>~9f$`Etvin9SP3`ao|J-j|EfEtrCD+W~EuBBh)-?1EqGKe!(^igsmvM$`KJ)6kB3MTDxO~n+Z+RAkng5r0fRDSgrSF5tUyMC6wdie)$!<@qFU7W z;ogL{%a+i6;O=oc<0aq159)0jc8<813K5frv4A#TmHQdZCu0jvp-$TF=4koT5mZdj zukPwIf`A7avfcdO&Q`vqx5rD_Ji+K+2%`$)seUzK_eTj|bXCY>=GveA&S1^KW2B87 zK|URSAUKgiPnXXB(r-*}%mOVp&7A4cS}`@tGUMDnzOWZoqDg>A;=>LB26uUh;a(b5e+AMWZ7rCukNt!?O9PWg_>2Md}fY2ej|UpF?I zBXAq(G*y;9vh2jf#H83{*X5j|4SpHcNHe&$@LicmrftUK4G#=-gJ2b94k!77vh=3mK%|y_7Ff=VI_KodHCtus;F-$Ns z`S&uq_pza+CKGb+{!V+q0KK;2Uk*IqoBiZ(e$y8AI>+dx?SB>hnmyOA1Gl&K@{t@Pc_Dy|JGucI=<+%O_CC%)gMW64Z(`>5EzVzhd- z4AfD(%qY!Q*VIH&VQ};3(+PTVGq|FMk$*|;f(it>aFTEJ!N@VfKV7un9$Y5|KE~zY z#Zsz?kObkxeT&cKJ$-nwTlE}Iv*8dIE>1LME~G}0YTNFZY+Y+v*W2TM{*Wp_=A%ZB z=IRpDX{nxfg?=mgWuvj_b^DO(e&!Gbinr2cE~Ab7ec8F+{oAgNfiX^$+~sL_PKf&H zi^hC)MeT3D(=<67bs|2ezT=0@&iAm_i*7!wC|%nQTj~Sw$kF0yUC(oxj$PZexQa@O zhwY|!crE?Cu9$?vSGF7(ON~_6m4ab_#>DKboY%*2R=zs@j_j6Wk>xS2D zl2~k;IFuPI{`ZV96#m^;3&su4(;tr;p2Hof-^KK~T`z9HnjWXFOPh_m>hbf=S6z=q zk!`h=CgjEAX$cv+Dv0l0S>Kq$!XL*@)tax%`|AU3~VlT-`U? zoyQMi{pwCf5_gdivCftqZ^!m!xc}<>?cgb*#Fnb$xNN&#)Ul(X|BfM=n8nM<%yd83 z+q&qgrc&GEH%{2P*=&AZd5g_ZoFL@*YoK!fyZxr)cwDw!gm{0>Q503`<8w19@JH*0>uL?+ zsWk&@u7=C)+jAMYMEv=3gUR94YO8%uZQHW*)|Pj4I>Yb#hgJ3;8`M%sl|L8k2O(I+ ze%R^`gy|V5B~G93v+CZ*PD@-rPH|;6s(;7!<>P3MXMpB>yd~ zPD#L&^Sc1054&0HTBiVn!-du*VD897~;nc0=0%ODkjD zLw^CR8#I42BqcP8O~~*)r{&({kIu$08*2G9f~T{@$m!gxHcTW7x;&N3o`$#93!SUq zsC3VNUeo=y=f{b?4A(6#*6*_O^D%o}v2D$=5`aG^(~u?O&qQii3&;_&NUWe} z8BRJm?Oryyh<$7|VE-|{eZEo2PXO4ThLQPyB2v91zh)Ja)()V7Uqe02nYZ`CjF<&n z#vr-FrZT01S%1Zyd7Yl|@u;(_W8ZoiA1CeXQf2YHhV@HrKSeHDnl_iL9VXt>SJ^Dm z(Rg8Ci0x`M-Ktjc~~=eW{5Z1^-Bw zf<+rV=+I;TF{Sk|W2nz)GLR-%B+Ua-a~s-1@?-*C&mpcnpGxn$e|#USGtg@P@iokb zrGG5y2M#T%TmRggQxBwlj_KyZ@1%lzle^kRi0q`t?d3U_Z!UST_^IBl_lN} zR?Zy>CIP3;uisQR>1vXbCPD6}6ZqTZ!sGN8LBL@x=C@iTjsqumX|xp z`y0NdfoEH#Z2ass&MvF#Vv%_pz7N>~YM6=gXPq9lxKw!2@Ei!NqpK0i??NAv)QyU( z8`*Q!4`s@w4F!;gLWidESbkK=Sto@wI|;-7z)!QU8#Y#)cKeZJ51BqY?nNP($gw~J}_pE*tZD%(JP z@_Iyk+`IZO5mDxCStek9=iMNp*=VPW;iInB)d-%+{Uo$#t4K0kB;d4}Co` za->{D#L!~(N~hUEPRiC+&Zv?ebvx8)xv8?L+V8$`cbCvo#(cZ5gb1OX@d5}RyoE=Z zk69)|`eGi624jiYYHzl$VjERfj?t+#q=~}PUXTs8QS!Se0uh#$#uD>teb%v&C8wnL za&k~@P(S_oFDDxtI>94mJ#!MtbUzKgV7ly5S-e3E0>eP?mbP*xQQK+?wVQ{>ke1_3 z#Ct-^(%7S_TBDx!&Jr(P0wI^9XVq^4pS5+;5M%7BlsX+*C=*fOqh>z8MeJHT04frF zr28Fj)g@6%!=s2VgMBD6769I#j=eZ@|!xJQu%hF=?00`-p7je!oTQgFqw_e`oQse+Y3-!c3%CuNAbd zxnJF*|E5q=s%jua=we*^V>ok&*-YSat)Rd{N##=ZFGP|XnG0uPoK&VsmE+|&Z{Lc^ zPj|%<4>QFQFNtsHW+>Iu-EwyeYghjS3m8q8cMoMyOpV;;Lh^!(Ec61CPEfEbq(frU z`|x}^_RM|IjSiZOG9)h~KJH>#&r>{z4&(?t&MtoTQOqR>?oi-Fgs7zbs-dw!U}7<| z$wlr9pszKwJ7nf0^aDA%#bELfMQf%~?IHPTqN;?nSEUj9La@~aqia#Qf`cy1v!#CK z(+BZ)?<1XUAW*^i0kTF!Fz0r0ZYY)nc$=}i+)KO-lig;}%c4@$>F1_XU2M?x^%F=Z zkg4CL?`s3=P&<)%Xr>N1nD)P-`Di>3@YEgkg^Dcd_?hmf5a;`zY*M{!iAV$xH{p6W zUyQ(W(9fJt^nuL`SmnD+RvA-Apuy1OnNJi>L=BV3pX%+8+WC1!$uSbxs(N*1=9sT7 zxZW9LU{OkiXmzvL!lhX6PvkW@ zisEgK2WfkTZy4<16hRMsfgWV~8!*_e0{voZi3U&6T>xk2217kMhR(|mxZds1M&taJ z&Z4LL%)psH3z_rbCDO)To4c@s<@N=(OJ;^{rBPl&BQ}nUz+LE6kkj?`+(#qFFYzGr zF8@#oufI%zSBbBeo*NIh#Kyn*h+=|OdZYV&FDlE1Aq|XPrNtym%{cOa)284{@K!F`fKf8D3H@)CpFZ ze@Bl^UPREi=?dfbVXJ7Q&=cQ3g%O89aU95q*da?6hos{QqBFwnA_3M<^)WkGO z32%6Tt~vdE*^_v_+IYI^d40qV;N>DZB_l=1ukI{@&+naCKw97{1yM#q8G1(+|Gf;1 z>4fNPg1)MuB*=-XnYe?pWd@`13?1{BGW88!|Ggc7FPr(VyAlD;2g|>Mq13}}q6B_V z(dF3WVjLnC_AKwPguQObNby;b_O}}DzIEJ6JZv)s{M&J*gW_Ks3@UT#5{l8rfuK z<@f}Jr;&r~N7RZ5Q@$Z=WTa%?&Y*O9ryM*^$MyP`8l$@Bora+Tuo7ZB!erk(DBMm7 z!b9?*&^fH@0sU!t0G;fY(ND|mKYSxL{o5(Dn-{NF0vivnFGp0}ugg=DMh^F}JugFV zN8sUK$~SDTtfl!^dPb)GH9V8Q6v;F&x&Acc-G3e#+ed&w<*a$e5Ggkj{h1z+rgZY1 zu77ji&iv>r=i>KJ~9HP0Twebv{Nx09U=3Z zJ&`Gou?d9WF`2vsnybYQN5>N?5#NS(%!_uf6LT{?K#E1mGEQSj3el4NTS{OI^0QN~?W4 zbaByF6rbcs?< z|Guqt@N0zg4;v~+tqAzp(yjgl2nunfPgcOf!06w0>6}Afi}pa`n(RwfVCJno%wbms zi)l>Z&&r@(V;%Z_oFOR#S2O@0~uNDzx-CND&ds7d#W^` z5-tcsjlks7C)P{DR~sAl+Fo#ZPSH+;@xC;0c}Ey|kWa&c)XrbE($N`;80`W=?Gvj? zfnL-zI}fPsD|c|-GBj-+r3Ajj)&-tuE~Uqg1QiIW*4AN*;;9jeqV~-!NT8Jxw5`F| z2U5|xadctOz)+b^N|ag<-UeaZmw0?^zFnc8-Thsbis>I=DdtB-W)nZI86teg{4aA# zwP^vj*;mdN1_He6O^fbFy~DA-lVNW83CbxpuCBfb6dB-1&YZW)9=N_!G` zpQ{oX*X`H6PMJK-Njx9EzNsg=+6zS$1;6h@sJ4Z08R__WKDABas$=_owTgkC{*h=U z&7;-Z6ZqmV7k<^um(JPqG@D5IdeOJ>s3zloV&u85L&OYEft-j2wj6_dC~9rgn#TB9 zvh2B0ernuhH_-uHS7uCa|MTbZ^m+bs_w_(sz}rXm(9D^h{=i|}e*G*@X)7G~ul>uC z!)pEF*%dsHn*2#2!B%cNrs$pGfl7`Y>^K`*7oh`-W)5{iu(ZuVUTv(ZpWVa(dK_d% zV5yPpnA8_+u0NjopI@2WJrQ@`O%wMxza`DFe(M{r-(Qb2PF5b<+w%jC-kr}|M2;Q0 zg=(T=(KORQ2Ha(78)T)Sz7Xe__aUI(Wn*XLUl23Vyn+E-{3e_bM0ozX&D| zvoa)$`+N^);~Dpn!_G6!+jH92yN`hn z58s?*w_NImT#w(2h`+W?`M*G?0&dt$9@3`*JPuPpFb%XjIPPw|0U8waANIZG(B#5T zsi}5$#Pw`!ux|KoAOr5!fwNW}Xz#&R|#GdGLt0b&z=0?Vri)g_~j8bO>O1)RFMT`LxR z)PrP0c1mKfMp$ZJuhxM%$d|r$Jrn0(>yQXsn~f6i2U9b}v;V5pgA0;&Fh#%@peRrxM>C4EYOCjEm+a-a!Skc> zkw7$l{sOOg$~)rtR=7d~)v9U+#pKvKiT-nEXH7cFbO(t~2gS z{G*K}eK6YKWip5uW%Lg%eI*>}je&U(}RxPF5i1 zDQp00@|Z7i|3oGJ4@UKJcN}*Bbs zrsFkuK*DPe6Lg7^P~?dXA|uu|>9N#{W^1xssd@qH$$RR~^t(TAJ$&^{b`S)O zPg$X-P5&*#U$P-^3Qxah2#$4S?3PIJAyKkzUj9QSu*>>eGkEErYH3+7({Re6GtA7Q zGZxvPfZOQgYlvc4G-8?X(1F6!UVLo8<4*%8eb$<~n5R(+`)`x{EjNfm1XC4zVjkRg zv7YTJQ?n?ai$@mjj1b|#o9Vl+M_+8mI-G_Ya>1YqwO$c#ao9gWBsDxsl1B)5A4JYp z$S}Q9*fIpIgf^rG2_=eCeGiZOW9FirJ~ZTl3D_Lz={&iR=(!qe;dswU`&I^3{GgpZ z$N&D?-@{iA0+qNwdNloM2r&7cpdqQalR`Oit=}cSdK1WxV^#%g=YT($vFFh~z z*#3LL9o-k-Ou8(GF!|Cg-4LS!-Hw$+nkkSyd z1&IOi{m7iJ)z#X?Yo0sHuc)iMuc`A7IGN3fp$(=V%q`pF(gF&$g}}Z>!!Bd-#yhb7 zp>gq}o5r~j$zu}(EgA~1HGX04UJ*Z>Ua)j8g~=14^h2U5;IV&wkAc zf32RD3B#smQz3|+Io8-4Lf8je^I3I_qy`O!Y6-}`yVhGcq|pCEap?1PczJE@T_O`T zag#L{xf1JLx3vibd+Uu_;yS8!5Qa<63sim*uW(RSMyE$gnN}^}00%G3r)_v{Om@Gl zZ*J23Eh2yjdW}WYvXY*&XAlrm2)8;p+u+pker<>A19X#VBMu}pSo<5f%Y3n{+&E^t z{y&~+05~}+zj#2xWUHF( z+U)G>rNI)Y2&&wtKM&cpx(TRRuUkZlW9^|SMvBTb!+nRa2Qu%0ag^LuV3rK52B;)PjA%{ZlvJyv*t8 zP*A47Wx!5!y-*uOX>vGP>7v(Pcad!d*8M@cN0bn)ET{0?`iZwT>Jui0eJ*4K6a0brg!+$0~B9uTZ&kP@s77-+rd?y z7whUyRP{sA*E|92>wdoNUnf7v{ot+WeT>nV41M3wW+uyYL8vIB=spo1nNGSr*1iq9 z)LHfTSe5|vYnjiMTiavD!|AHVYotlrCTGA^I~*$0;1GETE_Z(@abIGO`0|INs6$z9 zAy7Epg-9L|Dp@{8)C#-gI1Kd&x#$G+5j zq4@s&%gIS52jA^2HUTh(3>TgBh^&)RAnOm9cUD;r)*p>r8#P{|#-q^~B(v7E>@tMB zWOV%fw%T)}Yq8C>xyiLzGPKpT*>8z;s9Z<*)M&HSu|aEh(NeA9tFe);3^tb4HMMQj z(3By^*U=Rnt)E}238QSSS<2K19f)n+97{R#} z71N6I+TG=W1b9oCiUS(cBZ&fcit!t$^M8;dX>%XfG{rXjcGfb2TiKnDGakl7)y|*U zl)4B3mBSeKcQ)qfY?WVYD8Bza<**2weP6}`>4<;=D6~e&mj_@dbw+-IMBPP=M-K4r6!s9}M4*AG+a%klcAPz1d-Hut;y{Iq4l ziC5*xzeypTA1lFXa37L4D|!boISO+=ir>aMJrA+H-kmJHzHFGh+}HLYn^ck%u?a}f_?<<49~=>68BtB%iL(g&d&o9TRKbn_uY$&Lqi$tr&fcO^SZlR z{&l-v?_?*OzRX#32AMQC>>iDdqScLgAN5y4lN*AQ-xwc6YM*mc3h1}}ySm;_oBsJz zxs65(waqk6)FvaV%6zZq^>BR{y!i=5o%I@cK6!8h)<<${fMdoPB@lB~poq^NI@dlG+{r)z+F|I4)11aCAD0 z3o8;cGTLnTl-0&5(1L}X7}3jJH^dZsc`!WO_S2dID+`2EW)(IVVm&2*WKI*$(<$CV zJ)%s+Ybd z4RTSm#npP+x<{v@E6y|!F^j>&O2`)tC@L@S3ACvwFV|Fz@G?F;`um2MHOP){Uz{@% zlfM%Q{6~HR=RV0>p>SdKcX;_gGVrx+?(D|}%C&eJmnPUA6N3re53-Ma=a~Ot2L+9`B|AvUaugTQrL#@&KY;ck>a%djex80DJm+UXE zmKeUh%Mgrty!c(*-45(rQRh@&Q^Q0alPB(8Ti!u+*`AA~F6Y);$X$O0<4ay#R4yxo zUc@gs#fQsnEZ>Y)-hRBn#&Gj+=ND+%V#>MrL&c;_8(>Ig2lpFOh6stPWGmXjIxx`P zNEM`qYCH(XJv-Ij2ad1S?7;q(hx|YOhTz~iER2f~YNNoD%iE9G5;sqJ+7;8$`|T64 z-524_8+W}q8&6L;CjQRfEe0*JfCu=F^D3q0XND2)v%X-E0I9s6cF4|}5b1KOa_;h& zbG?wHt}zo+iH(I_#%|b%b=sZQb(1su8`e>J0uHNC1_4ZPUM zdLDGzqWsmfZlZp##4r8=?m}Ugm0~JNz~YMI^jfKJY{c{XGZ0I>5CSwb=m0}Q8dEfe zaiW8|-o?okQzmx&`c+n2`>Uk2L=XoKyRERcyQq`g56lHs_e8yeR4UtRa?t@>m;0QI z3<9Q9`EJ*=0$)`z^SjzEpcL`g>y6WBB1B?dV?~i3>@U3&v7W{q1>NKEQ(DHB^;n8S z)T@zjGI()iq2`}tb`Sz0O)oDHvxcxbTTxL9TIS@>xJpOD`&_hnSP^DFpLT5SX=@)J zkz=o~FYB6x3{ijMT87k@F%f=!Fnd*q>$r;8B_l>zs7>yut$gp{DkHVKy!-20t%jwo@$K!{6m?d0vD2tOYY$Z190eXTtvnEPZo8~tt+u!BR209567+#)3i zc8$#$XAvC?LL*55vm59me^OoBEMITC!{%)EyV~6ge7?^v81*)?7>bBs?G9XNgcHOE z{>x8_%hDusub?YT&N9uy`n3A1(9x*)w)Qw9O+nqB89(0v_xyIUd?9($8&spA&(ACThDBa1Z7lmgjNcD}Vwb8742+F^P8Q$KC|t*jodx;& zy=)H@Gj!|DvJi8*ZUF%DWbY2xO;2{^^c)A??A-|l`k7V$o^;3W;Y_TBKeUi#MY z?{oz}5wyxNvI+BCbvxM%1sVrZp#Ap0QWeqRFkrv5aw!lb$2eVooV0i9)YjL>$iquB zFA}jvDxYhx9LsoUZ*N&&e_qV%vgR~|Loi(_OOHOd>v+WKe1i$lRf)|S>P=aJ|EPTY zmkcERZblavx{LlTX7E@~k{+CI(=*|56D8ycdLJ!(HnIQmWu?hQ6LPlF8KC_|dtkFq z-q`WUl^?~L+up3?PokScypXcDgHFd8Q^lX z6FrM35tW1d_hS=Z>l?$Qwz%ud)QZ#DMh|v`Or{K8)F%V&fVpOaYu!6coa)hT8n)1CKo>}rd@i{(eG0+!LQbx$F3|+zsO&E?H2zb2&#lz6IXR)Q< zNaCT%3Nq#h&a%F=<@PW#nGc*@Ss_Sp>|z~w5dK{89eJItYA$>W%MmmlDV>aJbsW9J zpVCqmrBnYu*S#u9=?rZD->zIA$G;7ith&J!{X=aR>0L+Y;_UjpCO%A-8_9IK`4Wt7 zjcp|8TYvaBS$Y4XLaSlKnnZ~#yHea>9HddNSb!5tzTX*dLjpB}v)gQj*MjbJo=|E# z0!Ztw-5t)?{pFZ#+mx>g2%!P`n!aq)Zvz;M?CT5~ExdncQZ8TrxUGA7c#aKtehKe+ zf%KaAf;X4Me;z33|Ax7b#S%Xv;?c?}_%S*VffgAm`zG(Xe8?f>yIt?F%)A1d;TkE7y-N_f3Wm!BpLd5#U7 zGD!gM9BYqL7)=q<=mEO_-oo(&RkrTAwR==PlQ$8{^t#?fe@ysQXKbWxSQ7dnII?c@ zNEyUL+8vI`=$1S8#jhwx*xWhAah9PSOob-x@Be;z&^VEJ>7!E0%5GKN52REQ!_}0O ztv5qDBuq?qcXzdNO~fC{1Qv?yobM|uYcIXlV2(j#D2NwrW>z270GltcqGplzDs@@a z=ZfNyfIL$y2ln;#m8$nAd+T{}@m`r@mmCbbIc$Pzkx+IV?GedmX>G7n8UjXcHUq4SX#; z5vfBB+9$?h7}Q$dbbVUsk$7QxomwgwdcD#Fnn>WsGpqIF-fc~4oBaNSPdb!X%u&Tc z6q5c8Tc%Qm2ek`yf5Wf$ zbGKNzr&xyr20BEq8zw84nXeCXSE1c5b3KL7t4Qn`W0PIc4Sv50x|eh1@21eP%BtA@ zz?Yg6@lfA~g)7d#U&!!A-HlV@&aq#I;(xG;`u8=gIdwmZm@FT{#%sHwd0FoS!Y}Aw zhj}7jo?6Zf^*K;;go!j{6UPYdw%>~dzOLnObh@u)N;DtNw-vs6wV6|IzQ3|HX?49I z_8{oM_}S*3gi^G!{d{TCgS*3~wf>#U65#I&A39^PvzSLPtyq9wZaO~et$BZ>S}IUm z!G^TS>M{bprTJv4r7h-mpl+%9#mK)4VLZ_9J(rIRj3>w>I1fuz{&~u_5Z{!SJhp!e zEr4Tq_v%sdC8e^DM1nFQA$-XDd|I@2cFSyyOI}Xie5Q4Z3T`Xerm4350|^Fe6`GiQ zL0`LRPS>-HGxBQU!-KHu!r-8^cwNWv_Pje?A-ySvr%-O?!?*TYZ0y9e%+EnB@KQX( zy3BY9gIaugJMQU-@K~RYPT#2$YU2#N`68P209mc^8ai4&YHA;(x;MKYAV^VocYE3h z=0T3vErWw{=9QFVK*4UeH#%C{pCY43kT1DJc`-Cx+P=eXq_)5~qR)tKpv1AmTj;dp z!viut8b?RP4<|0(=aZIyKC2)R$KMh7R0If^RaK$I<}LX?ER^}k&c5J7$3}p1O38`92Fi1WF)gyxIYe#> z+%k27nU;Z#5zoK4BuBRy92`LM=O6~t(LwZpg=4^;zI|PS7qRi?5uS@cF(qoseQp=| z0D0So&C$V4G$RTX9+luxekg>Y)Y9=CvXnS^G}4fC2(`}>NZsH`pL3G{^zQVG2V?H= z8WDc|0?eDN5H!zLRb|A%bP!iNGr&HKI709ekBRrQ>fB+s<&ejdQc6`Y5-Nx)u*dc)!+s4bxciPv z8_R>?$bAav#rK}-k{BF+F&BgudZHE@Qrh>bU8Y`uMkW0EIXn2rddTPOSMLw!xazQ{ znQ$&O@+qp;&d0wtNkfk`C?u0s!HV!(s(r-AK1VAp5;xM1$B}<}{et#E+5&t~MK|r) zKCBN)T_DulkFu3xJE6>&4<93m65i%^!6|@niuCi&8FPOxIAiQ7VbO2zYkOi3g zSski-vIhB)Zz8GHe?}_urvEuud?{x$q^g|ff0*PLvl&_b0+6a6)V%53*tp( zN5<1wU}sU4F;8KdZWlL6`&rx^fdN#gUw&`sIidfTH-x^>xS$6ZQy!|PViJcHgQ|wOuFzk;EV)Y!m=1;x zlao-0`9EkZUt=XV-Zl-=?<0pMXY@+q1$Mv%AfC2wSTkKp&J0{23Xp69@h>G+M$w*m zuV=V&aqy7iQq=L_^c2H?AY4le)+uiU7~M3K1^)_&$B(tQC(iin8u@MTUoN=-sLfRB zzKG!kVMq>nu-Q^Mb766qiIaijRyOC)L)6X><|{2^`YoJqBIb{Y-97G)WhIak34uSN z!wiDlm9aHqGA%|M>bTBCkD{vYp+m;Pt+#HT(i|QB$3=rml|}Oi-TekwlCyLD9--;XLo@63^_85`}m*wDb-Qy1M;tXA+?Gn%rUyy8Sf1c1JOzF>5rS z4c|_aP0%?GdC0}@k9^k&Bu?b-9Nwkl`6b7gpr(B0yu63!7@-lQ7_ek;T%e|`YiSxc z&^Thb?4SzV{X6ih@DCEYGCcgp9pVj9{mz0S0rJ3G8*A+^+r0zY{>59q`#^%N_)4F* zSF*Wt$-2?2n3{#c4d8SsLtBpZm$Jkzl)8BU>!Ljnlzl)IRq&Y_bq6$saz zl{zuX9hhAynT_?5KxP0zJj=wq!DjAWSviB9lk;k813nE<$jqFu8<>!$MX1izM8?Lo{z^psFH4%yU4?*hJ{Q;SQi! zhCsGwBQaBkIk$-q>8XI@jP3I6ho|m}q6Wq=fX|@}hkJ$R^b&QHaE4utHX>pMPle!w z5_{RiZUqsK1y{{h0sPga70BQ=XOF|zX$8*Fte20Q>j{_pm<5k|lYV>;czqrmM7j%# zhWLuYcx32^p%Pl;;URila0MJ#iiq&bC1E1G+jPJ&mo&+BBnYq{^k<0D@%aeP>6|9825Chl|aHgYQ6D;gU91Ootb~tX-Fx1bg7kjS$DFUO`$hyrpq) z*Q2c{S=QelCarlDqA$UOWGum5i^G(Vknx%gaxH@dlZK8cOTRk*)zv)9<~ezj1Yh<4 ztcSk#r*d-YcKW;~|I6IycE0o57#S;;8Yq=gMODjnD>Jp2Rx|Z=3q<}qEksD4F@Nt& z-Z=cmzPA&0RpLtNx!V2ic~U`gfQ@zQiRQyx?|gIkYo=bOHOm%ny4uB|3AuPz3+tVuW(FJhh0SQVXw7;oGkdqY3J6PvHWSyx140 zTgA5%(6O{F? zV-qoFx!<+xJp9rxi(77)c8CZnj$*koGLreUCQ|MF*oyZiyUfnEGt~?9@D18y^#iuz zd^JW>TG&78OB*jSi5f^NVG%@}Is6b^D~l2OS(eJ>T*)kshaj61kDiG;Wn{U6x&vgL zY&&?f+$v9x)f>J=nrun2gDxJa<~CEK%%S}eQs8u;gqok^9>0ObC5%`^h-g z75Q!qwS0_tf!+wKLVtDyq#T%}=Dlq3Z3*C&lk^47E62+rm6@`HD(gcPx51RVa+Y* z%?kGnQq5hc$S8p;-9=bnS%yf~T$MdEe^dHZSHVf>ZWJBMD42v3t|XoL*SDfP(GlR) zt?Uq6BtW_)qOMmy0&C{8y?tc^bvTCTasdF)>13PUnH4E|f@%0RW z$jYJ(rWMTv4Fc{>c`b@l!l>i`c4+&RjtRz852x;X zs{_6y3^}Xea8ExP-0f_~N`l!iTil53pt%SRbXwkss;au4e}DXMH$Ixv5&Ww>CPK_BXdrMo3U^OE8$xJ^}nSTk;pCCXSlex-Prl z$xr(YpF`CAsauhro655nSbEJ;-S4Zx!U-~+1YpL?PAT0CJ;~33CS34n$k+GCHiw$Z z`RMrGea0eJ<91J=sa=*T2{oh(sS*G?}hM*Gh;b0b`~j$Hn|3= z?mJdq_C%~XJQ(ogk^zp~glE;Iw%f%KBm88VjOwoSKf;iUts6vJB`J-y4)waKBlPvA zpR>C4^nnsMyoL@#kcv{X!?8G%jjNX+!Mx1j8I4#8`Hyat5a($nl!YdO`b z1t0=>E=7^e0X2H3D&09PCsd*8q7lKvoe%Xitt=-cjFPIg0p6?a&V^@ba8n2lIhMK<2`~#mR3y(;&FNiyN@`B}fGqZJ_zx=B&cI=KBPF383|DP` zJTw7-d(a&F1QAPozed3#91JA_i9A+FGi(MqZP9FY3sG=%htw&%9L^U@Du(P13?PZg zAStXtd_uuj{U9&?mI+=o$l9Td0!Y|HI=4rKA(K0>&!@lX`{gVE)z}pLqLV)b@%j`p z%HsZoj@X7_AMUjEZPM>AsBj6pJt@cmEV6L~iOOzCEGSLHP!MXW*hI_Qz1K_={BO@% z60sABg?4@!UrhA`vM8<&C+@;cVS z@MCykYIsWYc!Ay@A6?~$EAbhbpg=Qi_x@tX&{nX{|VS}W}iPSXyZqd7V2m3Dp& zrdl#8ajYr<7{R63&oR?f@U+_0QJmOC6E!nFhnkh%yt~2}p9NScWDYsBn&46Ms0(nZ zH6)VW$%){+yXN(qssi_t3{}GNrCGsL7NNyVam#pJmRLj7J`e7n3VN+@ORNv92u5;3 zAc}V{2!5yVW?&#Pb^8{R7+Q|YHMtOzwJ=x|$_rkh<;wvEeQfT9gkz&fyYy?#;FQhw zXO#BbVbWEj(x*~$mndtG`cM<=4TxyMUrJA}S!Z%5gLrHuV`UI^`opzlBe*F4RkAym zETMM)QQ%Sy{d_1wn5%%gkI;z{gGeJ(s>GR5Z}u)I)i0=Iz7C1>o*Z0Zz{*Du24M?^ zkcvsyWimp%GCl|-X)0l2+vqrm#nOVT{<*Png9!*7^WZ-K7^FsdQOC0q1tQoz;CMKv z;mt)-(aih4=A$97Mt{~l0AVlsA(6W9gYCXYN28e;=Ey70x0-&*TOj`oR7d>rvI?%* zFaADLrAQe+ikh`iBeooQDyzy*nXd!IlDi*6h|6W3db6g>r-$8fJquztNYP5P^jJ>) zZg43K`yK{hJxfZV0%KI(`P2EmL@jv}iZaw^u}@#b0K7t&VH2=B#QhJ`1(2_YWQCV> z_WuA%hiKBqq!_pk^i4Gd4o}1FtS*HccMfgxv)bv$e|G}{m@8et>kt&t{I_)gZTzrO z8dtEuyjjqwmlGj$gxT)kMGB5(nhn4bQI~{(Q9=)$m!)fR4|lrQD$3jtrCOp;&Yagt zd*C#o{7Z_qO&2R@6!Zn5-;|?~-OIs--QOhzlw^ z@UfPjs=epsAiKZx7tQyp#_+`?t6#HC7q~#zh=NDuG8V6Kh3xf~d9rqoWMAb_#85o# z5=H(j0Nm}U@F+5K*64_Y*s`nRst~)DtQS?lru$dmJ&6zmE)5&ImLV%^y5YbX1ECT_ zEGFQ4rY7R`g(R0?)7O}2&tVEJT57gEdT>1AUbfT;II8?s+NFNTS|TW_EYve{oe_(H zOCi)c%;_lN+6tZwC*KeGj3DBZGkE5>kAfbk@=1RAYmf^D{ND6;kR!-%XYumug^>Ix zlB;7fiI|hoPgwy{psZlLKr}aU#kL^4T1i48-j=oi&^^svACED_)CgkF(28PQVgk~D zb`9zNtKg@fsb{vQ(kl^ZvOrJOvSy`b8AT)f+6&;o<&#mg;0XQ|R9PcKBBv<;#ZejH z&RY;6KJbJ4{T?mNASd$WXEqC)uTOj9We7rr=_eo^j3o_--0QrUVH&f)Hc8HPm571l6Ijh@YPv`i>dv zqY*c7InDb?R9<>E!aKPiDKa>AghAMKn9K8>x~iWTB0s7EB6096tGSH%f8h=t4yy*M z4p(c1lnsuI%O$r=tP)3#gP ze8JCc8C(`j*#U%`P^#m_?B?&&9}gzERRg>NO=_J>CJxuWg@J%AUGqq?SID#`DZDLcS0K*XlOEdxA zO`lmYsDnq+h-xqs@=0QuW`)4md;HOjQNp1i(6}VHLon7Vz;P2}EPS7bONy1ag8Bf9 zq0E1G5b|qacY!igvzRspx5tr73Nfa*83ZF+)1A3SRPF6gBObn3RS!BR?9)P)s7R^% zP(XUPh){A{|EY!oPMhPYa7Bw?E!g!?W$|7`*Plav9PuD__7cu4_F8r-1Ou}q%}>;FID-lt1XneP8Q^NGM?J*b z3bTf&Zxs5ycx|w{N#9x>^CLcx+$@&iA;*gP=m8`emK3Z~aV`v~q+w4F%+>_vju{-Yj zGG-59EVG~hFE%h`!9p(mOB`VeNjh3(VNOmm#yc!$M(pfI8u|3r$`zjn<$VlJ*n@M3t`rm9#+dz?(5MMG;7Wo2 z=j4{!ASg!_0Ut|6s*DPao@Wt_e00wEt|ZSjy)vqh2ry&9VhqLu<*%*HB4A5Js1wL&;ENj@Ob=i3~CC zipR!W?6f+uhHDBFs%=#dy_qDh8TZk9*~^#Z2U1hEX4%n>qbxtGzcQ1}KbT1t>E!3T z35k+b-sOyf^Qyc)+Eo}zp+Q}+JAHT5^>=`Ua}8=Uw5 znlD_bh^~{9Z_`SJ%NiLDytb(XvxU2|40G-DDsY{;A0~0pyPkD0LJf*m{8E+6kCi6- z{DHimNhRkVp>l?Toy7Cq!nN&c;Tr>{>_BrS)m7%-ol@qWZU!EbCC%q%UH?jnOhuZB zoxgx0i=T=d~)NCbC#c(9?nUnx4PAz9y`mgz4IPjd)?dS5Rt7#gNmP>o*EaP8cPkPDwXK14k@Gk@qN+=U=YrZVQ2qjq|r6>?|> z;8FZP<95lE#f0#`hZCHKTC3sl-v^!={I(7lCjVapxO~JFRjMXAsb!(-+3i*EJUuYo zdMM{3$vv@{4*1FLnwdZr2b~f9GCPi+%{Q$5g>5}Ys_}X1H|-C^0#xKCZA2vHq+;JZ3-}Yw!8Uo&iz`_dAws(^^t$ICgkenQBFF2V1m3p_CD!mw{ALq7S5H0o?M^gj}ypOYgSxDOe4fFSTBy<0535^O+ zD}^HmO!L-Hs!3^@TsO;npFogX?H7Rvj_*bK0tPbbA9_vQ;ZHRL2zm|K-gPJ%M5F{36T)ex%m0h1YYY>lNz!fG#+1clhe!uhBa$B%;B6i88vx3%IjuEy=&IYVqO`ezwHLpMt{RM)ium)VO*VmiI1xfM~(o-rX~L z37(>QAoe%1h(j8G;+rCbjV_M*>2iRr6o$t=onqMbA|(r(qJ3h(xswWsp^E*d@dkFH zd)bVTz3A7*IKd}qmWRQ^gZ7*_Pxt3n^*AFlIH1GZYa9XQjkK4QWz%t7E_DO7hFaq&;h-HEp!eZ{bGw{jDBEZV~FfpbLCd%vNrtg zhv{IN;mjE3O;3KM`>FX9lJg^m3{Rl6O=hhElomlAm3N@R6H!{#bOXbH3IKVrk8{cr z4)%IU=0N_)WGc@IPoG5aRGyc!cjiJv+&B%BbkT(|x3Fx{5LM1F1ZiX>Nd?O&X9nxd z%0Lw8hhY3K&;(Z_yuhV>U`@d>bGVdh_^3lqMe#~qF*BlFDjwv7xGa&NAk$vCgMF-1 zl-Xv%Z7pr^q@TGYCmlJr4-5DsR8B28X9Dw?;Sm6no@+rDrLJ0}%^w-`}O*r~5Y+71XVhYll^xs+s?n27~ zRe;=x5HWP|jnxivl~E?lCICi`L*aZO0NxBNGS2Kc^OTI)IkYySshTFmqhLNdh)#e# z6O+}~dlFj5f9ht=8j%mk{dG_PKX-&Xg@Lq*#jr-A<-+(Sy~K%Q;P|)7Nc*Dzxc~0i zGyA|0IU09^Uet0{L5Gyd0Bp=ccmS+o0!oJZ%;9?QUC50lgXwtE43RdDftLTETVX8OiEVy6A($QOs=WyQqJq zrBX;$!XICpxr@&%xJ!!FpPJna%}yyNoEB6y?O@%JuR+Qj^Zs z#Y#XUrMB>vr(BD|9C`qPcI;??WlGAgRsHefDa?k~TfIub5 zeiw`N&0&7xaLbQ@Hu&=Ae)NUZ_h;%tjj=xN?kbz0N@x2(`@{JnfDZh=`rW&F>LpH! zta_q_t4H7;r3v1q-aB@XL{HzF>@}~9jGNxXg>$S1008sGJm^$JPg(*>=V1aN=!J)o?I!>JcE z!qLxP*IEQfHwPIYu?-?b#3yc~;`0SF5leu*3+3ZBjV>J`E`TNG_|uM+5Ut3ZO%*8wu*Mh9cG20UKXoXT{WQb$7pVAi4CV-}$U&g9E>B-_S4ps^t{2VSL znMtY@r_moy$J|)Mne+gSxJe1SA8i|+c5F;hqL?9f>KCvmr{tHY^hyEoMnHCu?gZ!@ z;%7;^ zQ4dfNl)|fZ6%d~`7(VMeh7*|eTP+FDFWd4ZK$^P184_c8e8Nu+8(*cDIoT3xa`h;f z*&;bLMu(89tR%<5puJ+9mG{)|mb&QXfs)XpCzoo0Xz~j3)tQ_q88#)sf$XapuQ}*L z0Gg{AAdLXCIH;@ap^j+|(bYnkbdKaujurQ0u%N%_K!6w87wp5dFF&a`jrF!f$OpVY z&xLwaGG3O$UZTqGDe5l=0})hM)Eo`U#7Hk~?gahqVlOu;fiEx`ir&`TZBMQd6g@pE zMLZ~l(nR_PwY+>MhHF!VX?o0=D+{jPIUiefnAtr&J@VTt`vey={Xvb70N7p9m;ViX zY79UP!1uiAH^2+{KVBv!fL`~9=6BmoxSC!hh$02E@@j1yaImw>h5 zn1s`yh;&N8F4H_>`YUWJ`+4-}3-ylnx=BV2M{cCd*CFcu+H#PS66!TMEGac8B%peV z(h$EM3MBRRN@B+X8U|uF@Z?xf3pA6n>K||PNLd-6hW&b$((cJ1=N0BWvF;W2de1uj z%V)F!xSA5!?*oPR>;w2{pm&iL*G}d2hd6f?@JG1(I#3)sQ>Ft$QGo3%z^E|c6(T(W>*OPTQ9#=j3iMW543Cc>jGk_GrQjoz%<=((zk6{$v4e85byH}6dA z%OHQwxZ>0G< zed1Ew-~KeX*Mfr{pu?SrZJkZ~4Ro$TSILd%d;;&{vsv+x-KpjAKSC$Nwbc}V)c671 ztMw3k;{$@eu;0Uv=>EX+1vFU>3{?WQI~&sqt=Hbp3cuL0_9riVEaTVhGhg`pG&PH1 ztpwj=iU&`0xD)lb58=V)z$2@9M~&I)pfSfBTW1~70hZ~?z(KRheFxM9WSF?VDa*Ry(cD~Z_`yF*hd;s4eBS0Cq=o7)qdqO$Iz5e<} zC5Z2NU#YcEn!SV94We1am95>EUTHV~nF9KX@BP!R;M1;G+&1?-?2Uibr>^Y5aZm2U zk!{vgLl`_87XcsW#OE$!ET5-;hbunsx8G~y&VOX3wRqtN1l0IdGPr1xJM(FX&3fmb z`ug|`MevPcOH~^UkG{;M06OXh$3w&X(~a@7W^O%rhJP9le~1G9p-RzfRY7h3TZ^mr zPcqam^?W_;CnxjoXI3kzTux^I`yImn!rcH4?0OshXUx9_4}}J2y81!$;)P}G0GuMpY<6S=aZdbhd+3f zQ*vYNWj9jb4x@x@)MU1#FA(s`Fn#g==8B}}>L<}hceI*{$sd&#pLtpJIB_x2+2f(3 zg;v10?R5kAe%Mo(0{Gt@veLp`fvf%BW&dZKaIcHs|J$d3_LU5% z8Q7~xkFKckf8YMkXQFj2CJsr|V}p+fgP2Y;oUFEE^abOOf~2Ka3VnBx z9U?bE{VNEjCa4;I>bl%;UpCTaKN8XK-x=TD4pDCbO)AnyB1MbLgM3o2N8JwUlOo?qc3RE?c1UMrT*X*No=Py*rT+h(fC}=F?l}Egq zdf;HlWF((zYAlcqMiRd0*RHS!!VH|B8^^!qh9_(B5D$5AD=JyC1F(+fuUYJyix)*` zMX{!0E~T*9?@b+fC~@d_uL{>bC^QBR5=(y(2=)s%J&R;yqIXK8&MDHAp6C-4i8{@1 zP@k83`c4i&DrlaW1W&Q3S8w3J zX=7GoioatWg%D~wP{CZ04f;<_<^U6Fh`)#iIEva#4<$q?#Rzqt<*#X>-uB-NXaxRa z<`13Dc>qBZ8L{#1h$mW#VnDWrrwg^mGVG9boUP0VfRHnwfWy?(EM1 zpo=L^%aVW^!*|I@2t96v`IByut;g}Q$Ma8@uR!VA>!3^A_qZ)S*#sYZ~=G~CR z1$f2Q4oxt30mh3$#bfad+)F2NkJX_k!chAv*!i*YiRW`w3YMK?N!FayiSJioE5Z6^ z!7!5R_6x^yQS?!AE9)Zk{j$mOvkiBZ2N)>+D(=t~7j6os>SF&t4KN~*c5fQnTPmD@ zMk8erlb;4dOM#VZ<~paOhPp7z$|BS7htDn-1Vmuqy=6%st#p!ykoauSFLg!|e5vda zK064~h8XsQOrF8Oj|mHwvsI8>d6KwxAb%&7gy}?r8haWU_XCO2ivW(6!HR*pnVQH>5ZDlY3RvKwN#m_k52RNY{5y+Hn4(Xr{BSf7IK;?2z5-N~s{kY)Gt&Se zi!%hHR4xTBVeW|kYefTqTgi&@+^m}4Ck|}!7YHk?1uS#DKoe9uc4??tDuTMFJ~Jza z1q^GEfbs$qH*gi8EF-ayv7k4xcwl)l3H}V4$1Nxjc$VZqH_VtQGmIVB6Cv!6Cdm~Z zQpZYGRFL-;)nSPR!`p+k2<$}z02Kg83YirHUAjSn0u)m#0<5u803E^;pwJW3JEu@@ zlh!Bn2dZPnq(P?&Wx!F!r0S;y1V~AX>gRRqX|J|?3uSfsKa=ue$3O(mZY`FdCIPF3 zdMVr3c}tu+9#pzOT=Yc#yOjBL5eVb)2MlqpNNVX89Bz}|rK@c?myNsZlLu1X9q)Qp z0EXq0LucPDmTU_glXozeMg93E7K z-nM?^iH>myd=P%p^t>Fe??h*ASHC-i6YYl~7G`i}o}2^76M#nOFmhzLP)oRMbug0HK&u#0&)9xLvyWhN$w-ehx?)0ek$~c}|sj zQ6cO!Sjdj4Y=EYrfE zYyW2{3k6=rdp@KrU9n~~#TVTEW(e;T+@^Sf=Xf1%!dfQZ+3BUH%cgUA;QQ{f_!?{5 z$04Ju=0oPxbJqa*k!UY#YHCVJNf~Q^6{sSdAP3+>@FPh~dc7rSYc^{ULAy;SWM`Ms z;V5kb@Nj9dXOV z;hg`vNwCdipHHIK9yA7w;SU~#)E7F5!I10e&T)04{DgC2gV<(B^m?5XqU-VAct}Q1 zaqqRvA6IHC6@bgM_?-O_9jCiS?B>@Ve*oEa3tUg<^Ff8@v=~ZDPrsP37FiV*aVqim z!^%0|wrjJux<*&$Zzf1P2pt)JDI$5KDr2o>Iqj=8*LwHE@J za{*YpGMa)0WJm%%uGQmwgDU5&?4^C}0<95buIj1cfpwdXVMDQldT=V$JC zI5J_q6>LQI-qUgSLz zeNIeou{S?|Ud-7(j|d;9s1x?0!2hViJxEoUb2}Y9q^VS>0_NnZ zInGP}Kkt*n?-hIC&Y} zv&Ck++j|ZC{F9MCNkvIni7lHkivcE zy0^=5=Rq#pTWGh7=5zo1X`n=o`FR+|W;y%$2hffQyZMS9cTle9Oa5MfeOUtAF(5USct6oya`8N zw%t@vXkpF+qS`29Lic%CK^7WNFjaVjuEBq~LVg!zrmaqhtGx>()1fZ^t=!_Y@4ugt z-d@nFqnvi2V*+?C)un4@WJd;b^Ttjg!Tl4PQ#0hglE)npGUXll1zm-(A4G0X+H3vS zL4(^N9ts}>Mh4yet69^g>CZ7-DX^-L$|KRREYI5uvec56(1!7Jcl~pR+{N4p?A+0x zJS7=i?3&HpJGIY?SM7aBS(cz6i_Y7rK7Nsb{G??kc&gCtYrjN!&q;uoIM0v47Fn0S z{h3jdL&)04LiYDo>pL+yo&~1FaOnk(PTGLOB+Pd?F`pmra-CaCTtl>mC!}o~JRUa_ zhryQB6xAAcC-yf-B&%%rTYX>dW`f*YYW!-?EiDVpv0&0pZMn6a3>wkm)*gl;>(ML$dt$(s$zs zbXd|ZHungp>CCLO8qM_8)RwvN7n}djpH>jw6uSjtn@2m8bVa!_hkePDxJgep<6kq0`mr z_HqxY8ppx2z?cVs)7T*H+TU&dikpg)hoSb?K(U)3U~d zXoiVyi2>;vjK08{FGRK3}&dt8Wfs@#U zr(@Kz5v#UiHtekVbD!+3y=NnSFWV`vd)B(o4+URmop8GE?xo-=C0oQnvqb%bONqC%@$xw}8tMPo11l{sMu zw{D=jymkJ7Gc7emZyi!4^WI%p26S{bQ{LRb>y%gNK1A2>{WPCA-p|F8sPLl8B`YUw zc6_GeT4Gmgt9oo6sl;@>G*7*wslH~ryQfg?d@st`cAIG2PG+Fn(CWrmZltxov_hsl;yrWRW3EjW47J&4jihO|^#S5i0(q0BL$Sf65J zMpDJE)7+fIr=K+JMp$}nEYQCVNUqyKEaX}e6MJrC_6l8yldsM4S&3Ko=@o+FFlLR= zYUHDaPHaT0RjO6$+Gx|C$^+>hX8#&c=S z?A>+K;#u5U$BiI!TRn~S5EJYYD(L=cD&w@rd2!&$3md=0!;0aIgE-^wXP$0+7Gil9 zg0$^TSa|re3_FRt&*%A6_5B%|qpNnl*<9>$y0`YsDQ00Ap)G5F3|nENuF>Wp zF#EVn``Y2_?ez}3%n5q+QYV%2JEW%THeD^orBYo7+wPvRge-rpu3=I_f_HmE<@cU$ zmq8pz07ILZp!aDL8>?+kQv;KNrp6D9I4b=dAKL4wRL$3}@9W(VXtt$l;-|rOaQCjf zwl}O@$GO{lx#bdxinqPCMEEiZ5-pAl9*4WVG|RG9%k9amREw1+T(*hw;`ie_A2Uz( z_Is9Ym%GU5)cJCA3w+gYmF-owr-Txncl@63v~%(Hq86Qwr&VoqH5y9SyMv3@t^1UBHtmMDOC{?JHfp+iD7b#-r$0W&VsfXpASo=@1;3FnZyVue(u?R+h3;pxVU_><#YY$ zI{IQrl1j&U`Sbns!8MI*;eBxl?fbdX$8#+9q>b}FTkW{*b$8>c%e{px0?(1S5R+~D zeOt{G)9G@>m(6vz!FBwr5yg(4kq`oiJ-Sv&QPE)-*R^-|!)p2JItU+!kQsn*JGC&+-J=7#aqYl_LXW|$`juA);Jm7y7%ik zUCxGQH<_88{U0u`viDgv`0ry!aQtm&pX+yRA$!#8y}4&#|MR=8I%s&l`y;~++0U29 z`x;zxY#F`Ep)I^1HSn-r=z3~)oO~p?k=|wr&Udg)JUNjvIf4+g(rA^%_$wqC***4@ zsPPzFz2=G#JxMIpZ7VZ!4XxdWbi#1rK5KNdEKZL%HEM0j+ZWElv%C0Ta=A@E80M`C zlbUV0vdQkTZ6TJ%x1YUO-M_+)NibK!$r46|S9A~XqKA6AFoyUA-5-j&7z7PMavk#fZW)3- zA1~+me7-)#a`>LQOkJKunUgs2dTCFv+UtuERT_tV?Ju~dv)!!J#tUj#c;ZF3I5WZLUPb5P=w+l@|F8XT4cta%^6=65f43&IWzm z&vu~S>Hd(gfU;nES>aK-w>#hLlDYhNj-R>xmwcN)j4<0@x77`NAFp-Dliv1T9P#0o z0pWdl?%Y(zNx?e}rTPxcOXe<-0CLe>oyzdrD2c9)Ko*vilhFIVM zZ>ts8yzS=~zMW2cyE*vy3=@GeKg?+RDZg?>+N&M3&gD-wp?UUkp7*|rW2Z>?9i1A= zEDu6^*x%+`XuaQ84P^rN10%kEJo8Xk+J1Y&XfC^A!{=B16?n@HIo}OTOctIcH(#- z#r;<7YK`t6fEQH8SQTP_$FQH$nyp{AM^#icnmUH0LdDe)++=B)fybXVuaWQ@mt>r_ zL-xB&+9!ySl;Lh#zcQ5&vhvl{&Ll+rG&TwCbGEwM=gh+_V749LCNi|@*4@upDqJhe zwf6|?%Y?#65`z*p^oSYKQ8pRrFogF&V%B+(SYS6}72rB; z#EWH-5GSvlp~bg18uQPT)>D$(Zd6%HL9u&io8T-W+MFlrgUYD56-3e;`A4y4odL5v z#xN`hTtrubKclhPSecnSAD1)}{r(%ljFy9f;_6NCb5-uGLNX}ku5=8-nyZ*8Q4re%|c9U1W=Ce1_Sl(uG`RK-tCplhtBl$1ypq%iek{ zexKgt?7GpqyAXWjD*I%XzPh^PdvSA1x9$3Q?d3C!yG(0qYaWArQs)QBh5O<24a>G+ z_j0paSI5xl7&;d9PTNVtv(ES8v^Agios;J<1iSeQDZ$$ZVYk^B$hQc{bc3&++2NfC&a{{TWIu8^ zST=&)j(Y-lD4vxgUbF{q;=;7f6*VPAC=-IP0R+xV*Ttp^*p?*Agt!(YN}C_L!cHWP zR`@U*C%u6m*>7b;7VetMo`(@C@Mm4TAd?7Se6vSG4T(*5$7%`s1SzycQDh5d^Ras5 zsUNNvyE^5`_O)Ecoj{?2`1G|Qb-}AsOmLHo^flsD-!?;pHDf!YN>?+4EM_KiBs1TA z#qpDFU^3Mzt(PKj*A4r5QT!L`6JC7)jT5jEJ1<>!OiAKq-Ij~-oQ~VboK>HLzhwoc znug`o2*dK^_GMMxhvgx~gUsxK(R}PJ zkB)lg2;xnqW%>DUuFy9zWQ8mkkw@q(9>_rGA!ltTfdm5Ml{+uyY-SiCwzk<;-pcr^ z*tf0lV(W}^qqhZ41e8b`Ff1C`GNmdz0Cvb!exL~X?GMHx?DGDVLNX;Wow?h(&CD!Pfu;NqG z(lnAuB58)^XZyc>m`WO`$LlXv%=PeU0((3s7nN;HT*MM>1z;&;IO<3~)ZXP-1usI*3eqj=I z4C^r4yJ-mvYtut$V9v-)gw$}Ej>HT@y)0ew4bR!jO)f^xECHM6LN1 zby7Kri7YCeyLmg;29XH-sk!WF466qHX`ZSwDIRRpv|LTsUiP|irTDG*O;k4quj|cJ zH2OSajfi7t&btd_0?9Fsku2*dG$TB8XL>;!9i|E9zAaT5(#Ot_ETc| zE`x^PdfD(wzUJK&5BQSxiq|A+%2_)i#L0|pY#1|=_>E+?Nlx%){1tnyC-Pa~+=Dw6 zZM$B;yy&auR(N#0dR&!Woqnw-v_v~b8*bq}>-wJF$jG4WSu2dR|$?Ccv z!^P4<`2NtT!1-rP@w9H+*CRY{#XXpOK3VDb9|#+;u|A*Ki$@P#pi>C>hN${5eAsD zS$t|5Tk-Iix>?(3)^${>$;--$>Zi2!VhVGKKQH32oGhb7SlvUsJdE1)C}kS6tfR~7 zKNJ}phuIpIPa8MOYBk^MRIc1lLs6*M85v%z(%OWG(&=IMMJ%;vUC&!w`%z36E+e5& z<`z#b=kf7)xVwqQEriB@g`X$HZ$MUqg$AW19XM1ZiabSOa}Kmxnm+bxo_Js1%DrN` zW-OE4CKnPXqW+4@)Dwv90=|6`kU9X>D=!?RHG3S_;J=-u`10 zoKWpkpDffW-yxAgfGC;V>2vZ!An!7XC|t6_BBexd3a^qPm$`Djh7a5RJ|7j<&wK0;(;rbPu2RsaW9r=`6ERb@kjCqEBC$XFtPdF^W@bOuu=KHvO?E8HK zeJ!JziBeEB$WAo|$8xIZEVLgKhbb{TRqW?Q&|}1(V};s$dQ$)f-QZawJiNl2$=kCg zCn*iDE>Pp|;PZ5RZ0mcImKo0pk&!=lmiV_-JOigl60v@Pg`_UOvbd~FgC&VQr9juj zp^=iqn2L04@nGINzR^c)OZWS6DcbjSdiwiq8{VXbKjZT1#5)+43H{pFajm?|I6C+d zaFoWAq^)tv<2e$Ruj8|SqETIao{Ncvi1w~xnm4V%s0H0nbzXY#c1P&D?RfgT>wKDS z^R)#1gH&7GN&L$uT!D7fDP7b-tC8zheRCd1u9QhHo6Sq^0y$ZT?p2>q@Z;V0r|FZm zulu{HujhGN%+d0~f(YkgWhGvb%A=14ZRyPs4temQUHz{zjBvbx392&fCX(wVz8;VF zZQUQnlPz9#1w{=_M10fj4);hCN#~}fav4Q0Sl*li*t5Fo)`u1Lu+?S0j}KGdujfnO zw`V3>U(8;(&?(lUqKX#ZHoenYg@K`%OG8ka9y&9PVn7x;DcR@{j4nnjiPJK}roy57 ztwwi_*Wf_Lg3H2pGl04pc8E$xmWgiLJiy^lv}oG?fGAPddW0BA{ZvtPuiqi&Evsgg z^k%|$@}4(Uu{DA3CO=e`DaFE4j_4DkBjV@F6(!Pga;5E+d4!#+B5^Dkuu#|eCp# ziWjXYK0{;L--dE@9QS3|Hr)2o4nhRSl_J0~tr^80vWOL19|w>VZhRdL?EHqZSHvFmF#4o+{1IAB+rzym#}! zHWMv)zCfjxbC@14BBwJFF^{8^i^N-$lB2=kc}gqFAGAtk9NDd*3SU5vb?q*jmbHC1 zo%e@xcIO(qH<7rr+vDGgX?Z+|MJvi66&@#51r$`ix4KTB_03Uc8z#*q)-GGLFp;f& zkJ?1Q;)5J$rN2KrE9DTBynP zW(7xs02pad$2eK4#@&yzeGg&Tw7oawLSiuVNAIYveeU`zYOGi53T%7)XJ;V+i-C<* zrl#pu8px(ko%%lM$r%(oo}VhnU`D?zjw&_A*_K~qlvL=tPxh#4I?p1gs=Ke=a(c5) z#4@Z_R9uKS>4vV%mSFjCs?zJ?;8qGWifu}-QXj@^x{vBBYPFm%AD3Z9B>yNLeswY4 z-A8(dG%=MBP>^KV7!0@4n+JiwR;=2ZJYKk7%J6kP{VcHkc1U;2vRkAb}E4=+a5^zUY?#~8Xc zyS_vd}gV&l!%am&nlV?#RQ-|C!Cn*l9vH2NkR>DO06b%7??6p@%$(Z~lUI~7rQu(ITDrk4||OFoQ@uAMry?x{_=|Ja(6=-NOG z3$3-0129~BTQ$uQ5fRb${d|<~siNJ%VaOVc&{p!+k*+rfvXw{`&6t$ol~Kv`MS%_Ak*R{>?sN-?j)Q55wJj?cjtOV<8#>bJRF7L_L-!_QXl&p3mtv&;*rH27{P7E zJvurX$|#wb#XV!&$9E}uS%;OCi${RS9n5;PdO<+JFfW5YPnTdLj+2-3NM6M-Hazjn zLf6>Y`FgACqCWAWUW{Vm5y42djpO7QQy$|jMT*sSwafS8#wYIL4lB%IZ4*(_TPZ=( zb|=}(hlzwkWbwqf*YM3WbCJ(pFz4k01%kFs%tX1NN8i_8zXO7>`+!2DX0?&~t&_UDc*9ex6C zPHCD#@|7UE<`*I`V>P$!Mm25{?+eJ*ToHSR)3Ea~_fv}}TJ;*I?I4Nk{?loWPpYDy#iG(TUYcbj|;&4uu%@bc{Nrcg#tOr^|TEYOh#ZSc%JpIn}0^PwTW&cUc}Kq03#NAqxa#;(d^+ zDFM?Imh1wNG4T!!{f#DK=|ydPLgWa zpkFT0cA(%>EGnzIW67+Im!&7yYl=s^SPIl2YX@Jh6c82Ewwybu@o~mx!|TC9WeB(E z;c&a%#7ohJM@20-b3*<1wi0Ce0SrALB1=z{sDy86UlcxX%v{WoO1W@#MWfwMtA{4X zos^eSKMHMPx#-H5KfWQw?`aXUkz`P;zFMI;4BxC7XO)+X^Q3lC)zOO8(B2M$x~EnZ z7){oCWt)f;n>BKp$cV* zeK&r-3D<6n6_K^MGEqz1vhJ_J15zh&Hd3!CnkmE~Z&#a}ziK->od8C>N=E^vO~7oG zoQQ;-)M8oEGMX!;p1iPgOU}qMAAZV<{CaoncpS~+Iak;ax_$y~vvRN*&)7b+%*u9{ zyy!+$RCh)0jaZKmJ;By>KE&ht~yYyciu_iUlJ|^}$ipRQCNK!8zmkc02y@^x>*<#f+uHHYbpzh($)H zqfn`iG|@u7z?SJG%g|T__F>LMYOS@Uk%7Q@a)iHtm?xKU&}hs-Ra7yErqxjmQJE3V zLmc#JR%3L@=nN8VHr2x?rB?QD(&KOwpvJ z8vFU+6^4b1hKPuzsIlE$&Bj^Lf!e#pf9ba<%DV-{8f_bj`SaCBG?$B!vy^}QJjx_9 z>V@fOU0fZaMS=bsN!cnr6ugQl=}KnA!olMHe1}{bBf}c3nnICT7HCesR{U`C5*L7!55XgX^ZRxUL2I&7rw_MjO#{cwjD-hZnU`$4* zc3P+xo%^N=q>IkL_aPiRNaM_Pb>GeW$;{8c3sE_D9UL5d7@w-AiV#xDVpPg-Qh`F6 zx-J$|CA2ll(6W)IZa-Z$z2&wM?bF47S%dVeep@W1%|8(6*HPyRDOT|8<%{6Fn=ro$I*wDzkI*9nNaIX}aXxX%ZH1pybL?5^wTmjb>Fp zZF6t4V!2wo)nmLnKZ1p7IR-m(lZyywQe4WZTD{F@^U2$?0&Jf+j4mb=1fybq3u|2aB5>OczhY|EDhz_s7HwE-X^$$1|nnS zWTfz=aKrmmftFpwfh#lk-Lc)YussW5yx776*8~~l=4qo7bbR>;1?75tk^x9&Q_)bb zId5ggo4AH}zDWIZ9(lQDqt}2EHVy4uk%i8H6{AGm94aq4RmN3b z4pB0VP{3bBW{tYhdZDEAigDGN^)y|@F6ZOwBfUUjSA20ejR@wCx^f1K6~8oHTJ;W^ zlE!wI*C85BM>tjGMdl^^2)QVy_RHFVvN~O;y?*&RtMq2~^K9Jr$UC^jiPV-(&zNlQ z`nglf^xWyu5YYB^P0@?qi^Lc{%|s>nZo}_B4kbb~Q1MYe&56DY8O~$){2a_yak8M`F_{=0DC`(M8wVU-DDlK^Cm6+xfGZE{4 zK=oss=Q0*gBq=`S;e!cFj0ZMa3?s`tTP~*78>w9Ht3Nee4zb!-Nf<1|d!k+|nh#P` zZ8m-|vfHb8=J#^jEzdgz2IDf+8eO;hy4qefpN?>;DjZf(`J1EKOV@`<6M4T@(LC3GtVzNrq zkH;2(wfkjCIwW*Q_y76hCv!KKfI!SJnQLCX(aO=%X!KPsBc)o6&C=L2pQvcCA@pWC zrBm->YybKOI9N*68h4Fo&|G71Ff`d}t*a&1OH;OQqv(8^$JN1zSWC9Z&`a+p`A}d1 zsz-S-eu0#cj>Ts>THY00B(-d%U1zX5v!#v0-Z@i+v7pT9CqEw6+1c6O-@mY+{L=tN z`Yp`;jRNs+-`uN*g8^_t0d=$bHCHONJP)+Nf@8;?O0}>YX8P)De-zndBJ+LC6TfD) z^Dx43$Vn>7Kde7K=}mqXBf)5-MDxe8mF z^q!GE+FzKY+BpI&`Unfm*1dj!E*(4=L0=qiKydLvXmj%MPKzW7m#X(4BIA5%9P7nt zDOqeoBocAu#?Oml0;u9h%IWjW2HHmxbls`E_Z1;;=@=byET8El+TOEi3e7tcbVpvy z-cMhFB%DqWVBQ98C=|crs(TJ9-y-(ty3_C9-g8poBZvyB99$gyVHJm>3m;( zSmu3uc#ProJ};1i5hs1?2H<7gkXBa>AXDe_5E1&-XAPw)x$1+Vsr( z^J{6YmdR!Q(K{h7u1Qg9?zGM1C)zMttOPk@mIvMG1kYVYG47<{&k)#7r&E8i8N+*> zofMB$vwBGC!I!pr(0pdyeq9ee9F4K&`lhA}iefzcwQ<^T-1WBfu2EK}Gz1%CZ?G}z z<|lH|X6&ZI_{cBlbued4we9o0zx&yt<1=-m+=5n=Z|WVV%5>3^rf8A)8Q~}@gO&U^ z1%54;!B9||+bf_g2t~(3Qe4(8dqynG^p)*dmwU;*7G_w++Z?2 zDlRv#{E)HGBd2ETZ7-OJw6C~dfV-M@+cfA|pwgZY0Ej;`1@sOxP+mq|Q%&yuI6tlX zdU3DD_xX?nzg6?-p_0L9;?`4z-O~N~6bg+_eHxkm3kRXsqrr4=4E5&B5?{{qb^p}X zhZPrTZWzjVswFdiSbsLQxSTw~=A?EsIV&41*Op5iM?^E^Y5|CLlE9L9+*nN%{V zx!RTY?V`dR+ShC9C6Sy9NxxvIdr=TF_MBLDv?F#!Kx0Xvn3QE;5TgrBo1HDWO8xZ; z9RFgi$@yc25Iu)$icm9-)qKIPGAo0v>+R@$zB>~ayT~~_+HSolvGDJpR7%%tUno=0 zOL=GRO@O_(Rp;;sUZ4+~w5{?4z#hMJ&}YDCK?kvL&(oHelv*_=m&44fDNMrYS(DX_ z;r)V^(fqEw#94eYtNWeN*OQgs?&NO8f1~eg#O#87hJs9b0maSr+sqbSeRJu>d8gr6 zT>-<4(oI|E<6O!K>2c|Pr?tjlu;x+%EI|s=i3M^7K*hwA0WSCT7sPWIU|v(}n5EnZ7&jq<}0iYdv3q1ZsSQlQ(|Sjrv1zJ;HL zXSrzdW^x57vMb&za$C8qE7R=mDDjWM6!zp@SYY>oqL;Reb@7aRu+lVLX7or{*fOj` z&uC*hHPC)2GV;8Z5coRR6eAy=^%=`5BpipTr}0@a#K6V!7Q2WZCfHjf)WlIH(pKgZ zXi-dBxe=iWG3P(SGi)IF5zSc z9)Eh6ihrS6m_KqXF%a!8Nhv1w=Q}%)5*R70Fq?@h0m~o80K$op@Df#t!8;ZwS>;zt zID|9je-}E+8!3Ej4aILc=jxImYpFCBi*t2GUc*KiV3}8pRMI@7DR-F0sgjj3R?+j5 zNv2~Q(bLx2dw^3;N}2=$K2=l}SNnL&*!h_xp+U1LE0z@>9N^GTBj>(sWsIM z6K&N}QT^c|Mg~^*na>gPww@@A zl9U1#)Qy)${0`Op#y=hy1VfSh9H_6XhIizg3*88vxL9)nGlvrM4gvevn@mZhrz=i= zC_3n%J(%LQsImAcf*~wAKc&`QNKDOmk})N2#*fE5x-E+HF2u~kL(B8^kDZF1>&*`s zxP#?2YZr=kP8jFs2uiRW1VR3eQT{iwE1tEDIug#6 z1F(B&7eb~QTrbzO)}P&dyp44`W9})gzY@l7fnpKg11Iboh}!KJY|(pPHK*1YDF3_Y z$%BL-a=v{HWYL>rpcA@?QZAq;)hqduS7^jYV9Giu;o$kTYgz6h@M}|$76;_3HPTq? zQT72YLcco0uk76h>|tSzBq@8C+F$%F;e-hgNc%T@ll?4qV8l+vnh6>WxNOo87HODI zFpHfohr)~<0kF;+)OY!zS!g05ocbk`3T-U^NkXijni5`5%2==r3J5jo7)rw+;vd4# zE!TGRgU{6qka*e%LuM&bXZ&Mq6Q{@eh9VAhR`9qA(u=bK4FG8`N7CnA5)7HfHJRjJ49_)f4Wp zT`r!+5NGvvQiWFiex#s$Xs`cn%k`TA))iLyGdOz1tYnJm(=k1omg@~?hW zNrmj*UUTes;$wxR5`ajsB`y>p1HYG}O5$Sn!e^eEyDWcEDS>mKXgOI?yi-4OZqMCe}KzGQUfx>Nv(qTDugS)pM&Krs! zeFd?x2BXl;^U-1j{HtUI$>jARW=?*Aqv%m)=n}(z0=tPtrr1|EF)Z0qZPNnYbe5;z z^uNYxSrCfaneS#xkq==iGg8ZpQDa<(kWxfhPRIC%`jHB>z6*;t3URL#@qdc;wiJmO z=1lUrjiwt-WoQ>qn%F5*&%~@?eKGo~Pe&kc92p9GN@0@wLQS!DKI}}6lrnA)g0^Jj z-(yQ zUSB`tOpy5lZ}6QASD-L64__KI{i|vesy192Pv)<-cmVMsvvt&NiRxpNcbS4BwsG4h zXhM)fteHf=;Un4_0C-s9oK9^N()$%ox_0^nl$&f=QAeT8i;a|(IVJ+Tq1asFU<%F<~r(9GQ~#BTUNx@g%0`&NiE1PJJK8YWhZxY2v#%l zb1Cwld>12boIc$9V7u8t|ME1(z!}=40eTJsk@7?kA3cOwUKjk#o&Aq6LbmA7ke0Xg ztXoEmfg!40(mkS7Wx^TI7E-^aCF&DX;+lK?qq(e6vEs;8CiUC_mX@zf%$X`m1779Ac8zc&oi>WB+M*(aW>4`+es`iTfk%>*esv-n9c0{{pU7n$tt>DxW zM)Wqv1QZt{emQJOw-lZ#|GH$G2uKn|>MBShnO4Oicw(Qcw{jGq7sa{l5LShGf-{e& z+WKL`S#6X)WEhD%CWPCFJH24kFIAkSof$2{9-+V(FV*HK6)@?Zn4cW^U|lLWgqa+J z!cJHl<10&Km@Trwn(K`j=1Ae}B*jZk)$$oBBx^V|p6apCT=~tE<3{kIPC7D;hKe?5 zY2Fw`O)_AyAF2}f8imL}6A7z4c6D+3A+oR{v09O@IXCJv;%G4_yPXPVQZ6ON{+6>T zqg!)QD@2+)JabHr>`k&iiQw<+pXaFN`Y=QCxT}*gUvib!zQXBAWm?oDL!6bkp{`Rz zPUBMNdv98NR5?wm88s*GE!O&$(~M3;lRng`tk)o?x_)Do}86P^n z0iG!D3=c$(-x9RRUo=I8V$HnT@M=pHD`~^%&X7tmD1y4?qkhwxa-zUj_b$OTCAO!# zvr`J=r}kP==Wvo!I1kSgnTiZk=Ur|)1iF<{qBD=I1d}428Hy7B?}L z(?1r)h?XhPuz;NDGW}@u=*nS$UNL1 zy|;u)wkfQ&G4Pi;Ad#@Ff}c7%KSsU7;%Ro zRb$1s)qO1y zMdSSrGEwUm#7mDAprl#~ZE1Lno{lgkQ44*GKo;l~V+*m#lV&JxloQd>M3MSAd1TAxlmww@ko$4M;XneGHH3lkQOj5zw1p-l2rFOX42wNj z@bt|L8OHP1V~F;U19l;dVQ#I1=pimtc2?UOVr}^_`#dV7IGLcIo`_w6lsc0zRU;+V z|3N9QLWi#mlVr)oR7YEF6e70A(whx)h1Ww(&5g-ojnWd3g>KkbyarM8DNV(0ZG2-> zEP;~ET6V-3%8%rW?$@+1B0oi)@=O^Rwkz@|tD+zzODv^(=Rg>3B6O0F720Nnn=FYx zaC@;D-%T%Lpfxb7=0$~Hh54H6+?3ntGx0DPf0kH>*Oo~+MvJMEF(nTZ$T+v^Uenv{ zvQ&mDmek_YHc)*I1CIABI8 z#$>%~V|KZATlKuMt+kGS9Faxn6PL#zUnxw_F>sm+$%a(&$jE1F{=eFz4=o-GvzIvN z)u1JUqHnix?6ol_!N33$Nqa!tFumX{AV2Gxd@6GXHBP19!z;S!ef?Bs2>f@k3IM)E)Yz3zjzn+Q^q z4BfW{qy69Id&#ibK^|B|fiUQwgJ3|v6P1h7FZk^@m)}h2A?ClJ(2}HbgM3L-G8Wnu zld$p7kvp}>DKGA$V3MTpm#w!1=U%2@Af?s=FULCevq{O+OUaL&=Yt4F;~Ff%;8-*y zJNI4+T9eDMzm9|oFM2nn|Ku*b<1{`9shg@Z67kORJ5A3j;LyV+iNxqg`!-V??9e5; zyyu9tyfPRU!J`e4gKoD9)7r7@LZ}ciaZ#-DFGbqW>Xv2d!-R+a2CtF+cRHi0r5U(+ zJ0(Gn^zX1YK8rvgK?kc0e~795_v9~Oc*7u}%Q45>uIc~F_#ykaBGG&QJpdp3qwu94 zPVcMs%oK=A7)bl%{N=OX!=d!5f_JbRBJ{@R?RU$6XXqpBVoN7?>PwWquMJJQMMDN> zl`@?bjMAfvb$}GjsW98=sQTWG;>mNY1{V{h?(q~%;}5l!eZBDrk<>}N&%|6BoiObv zl4zc1BT!PRc(CPaTuM;#kzjMQmR(w$*`QM5A)ZH@y zLCP|=uj0*q?>f=Rkhth96%>Hddbd?%qKMZMvBJZTmSxUBfu4oGbw%@k+dcX#+T%K+ zp*tx%+K?;PEynQ!Hb|uXC{tKX(e3n)v-aDcO-OtW!qX&E*oJV)YjMX&BR`Ta*i`@C z4&OcKiw09WJeUoG1J6K95N0(!HYpSJiefXUB2n6%%Bqwje7Lb##OP02L0@3y9rc{z zN^G1yV270P?Z3}}7L@A_hfMF;KYxM+5#}rXMzcN-<0_%g`UljmpE_#%X7ktA|-ZW0L#p+WA@d zuvx8*#tvwy7AwLFGZ8wp;qS4A6pnEnPSkX~4hBkG2P`B0(KtHeD zt`YxR+4vihpGMcMk=W^SwRvu<$cJG&u8}@P$JKfxF#RoHD_h*%P{sx+OUIWcn*KfD z`ih`fM4yp~qe=;7)R=}*-AO^$noxx&Y;ibR`(4d3&!%DNlEB;HrYz~Lsw11}n;5WD z^WS#`JAB(f`80a)TnM4Pd382WJ#?kz3DR9<#Spmv{rYG|f}k*gAdbOmb%K7nrjvJR zwM$Ke3W~$!3jGo*@AbUt<|Lx@O}rFdUFv%;w|XlSPevt*Djh}RxX~Jj&xh5_pE$VB z5CDkTxNxvZ{J$MSi0nIwfh@!g&G#Pi1~z75BVs?OZ<`3Qu)zK!FXYXHxx>m9VrlIxEIe7+EZ5_oSDd#sT_A+Y$ zMN^uqI@F*mw&0<(!v{hs2KJpm+;;Wh2sO=1v*t}~pXvNssqgW={?JAA44!XXpWSCe zR$n=TB-td{znn{zqUY1HtehG-f~G*sy@x@<<$Jvx0Qa5mRoKB7;r?Glgzq++ot-^h zZA+Ta9>8)#RTs9iJL~p)5m73!Gkt_O1km7er5vlf2L2h4_ z(#KS7kpOKmt5)axQf30Nw%ji|DKm^x^UI#yGM~ETIpPIZXyCLwaULy5)@9yCmw(Xn zp)XHzx3UcV{rK_Ye5$CC6RflU+e;Z52Mcu7JNQI0V5GI|p+OBpk@X<9wWJfSM2vK! z25mNrIv2M0cuAn`z>@106j1=p;4vG(Mjgot2Jlnp zG`c_DU%=pqL@4LK1BKqOzrMcC_J6jD`y0Z%Kj#}vjH;og)^#(^OX_!v5y$7}%kT+# zZ1drT1p}?h1F~j8M^*Lr!TAtLBtI-AYx-_rGNL$36}hM-ttmI;q!E3#kg@MIpin^@ zo9SghLu84Yn&1*&96YSEi1IHil}%Swh^pH-IYq5Bg?N=pX@87H?L#4jeUk8zExtS(6QLEDYav z@SBiN-LE-P)^xRA8wyXH#YhGAm=YtcIO_Y>+|RDwo}uyKaz9sp%Y^(@h>iynemJ5sJruj0Ue+09}Ifr_%A z>jLogeXZ8(Xq6^w)cTi0KdJ{WxwY7@fvtw_&pR$eFt5G7!?`RUA0M}D`1?Fv@9q4F zK^n~FoDC=OrpD%DkzzbutTTByU$c}mHvSTaGB6A67tdq!NhH6q5nIdGzh_{}u}ycY z?L{fca|9$Vy&eRG_O>@sp-~g1ASEXwEiUqdarGFKM(_K$^*4=ChsE+TzLc8FtS( zc?N@4u8YabIxIM3f?XjWP3KpK(wYzJ`N|1_m)9t!?$vfTA7|xAURLcHGDRBU@pZj` zj~9c4Tnl$nS2HD}E#8anmvP<;Y`nDI9VHeP#dv`nhnYVy3Ib1$!9SwV1zi^%uW{Wz zt9n?LRn%QP%*5X92SO*3K11KXA6v6*msj9#eoUG;IX?EjJpWnJ1u)~eOOsP`U10-8SVQ{A z8V08CHWR62QAzj~Cl%2c@bHKZoZExFnJLMs2$W%sAu#1x^LPLmZ(kL<7CJ00)+0yC z+n1N~^S>Of?CzQ_V%Y1*2C71%k%>Hb3HrV@`L+Gf^SQfNYN;WHoVxY_(jJUHUV^yk zWJj#OWpi*aa401Jev>ZtJP0y%RY?2>2ppV-O4&R&TBV?L=k9hMm2e3|fXpuyjn>&F z_)wPGd?vC*%~HZgtestC>+8cGPUmn^%5K{&7llZ5M-7cW84pf-efaKPTy%bn@5ktj z$jC%SA(D?DjO%4*%rO<{5N4Ljw3~U(Cqf7$XD9gW|E`-#h_v=bytfT_-IBb=)j%U; zd5)y3iKy3Ef6jbZ_uQ!qCtYvy*a+(6gTEf*bywx^hC?GIIC9PXqnL7QA~6|S8}{^T z5agZIQ+6DJwjOYF=iz>_qNl9f>c5s+1WH3Yow@0)9`m`Dk&Gr1G`vLTeJKvCPI`vY z(DmBeE&|m!;vI`yUm3e5U7h-RH)$)$G_;2zVTr zXIPPy8EL*)WeWgLk#uM+e%$QC%MLhC!P6fB2`cKUgQMEHz8@S_Nl5{u8ltwj5Eq}s zq{~$t(=RrU_3X6{@>3)vB=@t`Cg;K9_Yg@+%A$A$9BD}%`Y6+{Cl<&MjWOD$(!$R; zW_p~RfVpt{t~(1ljT&A}%~pqxcQcU2=b^Qn2Ah@ht{2&nayS%%j5RJB$Lm3l??F`ymxHE(Cv(lIB49nJ6FlqH z6pduINR}szfL4WaBQNo7g8xJAmk}wSwXRGWHqcZA2b8MsS9-a0@S&nU7r)f;F@zy% zsha+-k?m(bP`rjPT=oWc`>|Hz-(){`9O4D%?0kbuudl4E&SpGIkoadK%B-%2Sre&; z1RN)~)h#>{eY*73)HVV>-dx7HE&4+dz&Eh&2z>zjyJci#c%Ba(UFC>)qymroKev4T zzp^4|v-MJos*q`R4d>T(hnjPLhuqHc=HZhEXtKsG6b>95Gb&V_&~hG+ zi!nB-FNvuj!T16qbrG4g&}3E2YQz+qI-3+k<@9H;_MOFI{1x0grm7k}uoWE}8R^;q zL+v8$;peOfX2XcKISG~2WC za;AZ(!S8;~j12#Has=4zJhFY;aDO>NaH?A`US=|v_xT7xBjOhb2mMM;#3aDM*@~S6 z6jXQT%{7#cf(L7|%9xPeE=-1u8H_)k?x3w}r~(IY2yn1Wpnc(-?*-m|V>P(}iYtZw zkeAUDBw}37FLb^32Y@P$>9y3(+|xi9MlC)>C(aM&AQ00xF9xFWJ(a3J$|Hl(?3;^^ z*M%B54nSBX$}u-&p?rAmCa9gvzqqnl#;YOEqhsDX;#Aw}t{Xx(2U zP0Yejx2vt<=&O;+KzwL1V~=V_Xh6p}k*C7>wy1q8NAPYpdiL#2~^_QI%4|uAPnA zv60Q;AnR#OnV|&4;}UUzqGMvMZEbzG%SwPbPt zefBLoSa2}@mgxe1&&1#!<~|s_R$WHmnENnQ8Zt2twq#^h*5~YZ)gTiT!PTtmkl26a zKO9ny>HlJg?`0nxsn03PA!~KGfj`(x_WdRY?11I(>gq~;bhP^$n%R77Y-|jideSh^ ziQ=P3NlD>J7B6xr)(@o-6(J9;QtStV4?fSe9g{7`*I zcU8LGtgNighCSVk9Wgc%)e@8Pn4!f20mF!*PEOHgTWqGHe?g9w~%3?^ai~UW;Sl52DQ{bMbz;360}3*URM9{-SV6yo&?Ne^j<<(!7IK|FnB;)E_Z zvYqx&>{HgmylR0KV zLn2)bf7}LGUzKo35Y)7j5ooV1Pp_|}m63Cuog@!=xjPF#Meo(GS-5ym*}rFZ{9fvP0as6Mvg$tfBVkMB02Owsuj^|K7PL*#>*>(^Qi5Ze=Ae5S22WpTzrj68kv(QQzn{ZKoy#-Rq5JF}Xx~jk z&cedTxZjC1{yuodwUpd@PrM>KGQuDoVpzP=!qBAPeqR&tcH*@2XYjYULBJbFS3|qC z1hYqgea?GGfHTN$Kr%+aq@SSY?T%^NcvU~AC%5)H{;U}&uw1vpTtz&^;_#B?Vcll~ zM?*IOJ?Fdg?oh}1^VykTkGN7%)ryDhQa3Q#IA&WZAZRz9WCPsn(-Aac;=M(PtW^nS%!bh~^ri&q% zC$Yt^ld+12adSCtJBa(t%flm(C%a(Z^Sn2~+D<8Do;w`!WebInjyZ|`ZCO=aUEuw3 z2Yglx$UVU3j~8tR**6n{q#=!Yd0XH+3i9$KZ04ijtANkzdRH+FD~L!-Q`2*^_Y(;$ zo5gr#MTIC%d^Z>*`Nd{|8i%%r@ee)dhE3NrE=REMd2=rf1DCj#_oqvWn&svGCTaTe zau7F5wbgKW+CC5G{MNIjjC$=uk=8@jy@_v;+GRi(l8tw71*OSy#Z#Z-u9r+-GyjHR zf9Y50lSkIR$Bl zj6sx4FZ#92ie*?F&#(;=pV`oGVN}ljh)6qA|2QiP`AVV3c6M?0@J>XfZp3t$66WM# zc7a~Avz#V(@S9uP^Kr$RI}U5y-rQ;CSRh_k%pF+qPbP~06?3t*417(%3*c+Vj6@22&*#9x2thNv15W0qgHsP;G6( z1Fg4`c)aXdqE?Etkvz_~QY9ewLq)BlJlZu?z_59~hw0s`%fv-$Hfo%(q{YM00$qhg z=y8Ojc(%{G_*(lzAY^!{yxh-=4CnZ zk^6>#dj~8pGA1ZiI_X=Pc>{rEpaP-{ZE!I{iw$L<7Fd`hzs>EQa2cu8y^ocss}GWy$<&u^HfJca3q1#5<&}ZpQE!qw-HE~{^8PD zn5~mB5fQz+_u$BOK2`Ad_fISglZK_m`Ij2zV zd1az`cg}@vr=99c-=tfY{T;HoCAGaz6Frl1R#eVS&HFw*GedqMvPXJMASW|I#zL-ITk;3dg${em|b%j_+{ep7CyXqu4ZlBDFv>J`_oRod{!KuD|7M?0z(cstMc2o}1Ha=&NYBd~ zR8x~1In3xe(p*Ro*pgtbLfx0e<@sjfZDq$QG{XGBHQW@2D<>mS zKPY6M#~QTvEsqBQ$BT=L?t}M^fQMca1;LHYD<8s4n{pzmf#5mk^1Q3^X7%^z@4=yn-FdODo%SMM(*fi4$4q*d)V>w@n$KMx{hM%=o}%G*1;>z0zw zmX^9~Z{J|_o;arrXQCs2s)}Az7WZ#az^L_Z)hA~qxX*j3fM?QRCSsHFmHPN4+TWjN z;9vw@{WKEt@KCX0<(Z(<@m6y)^Kzr&@04p1njxz5>@y{QZ$!>yu3Urd@LI`UYSJ)v zMuf$dwc=hoU-x@9_RS32y7HvHo=r$hyk0bk1N+MD?e3DDy7FLfJFIs;Yy^=0MLPAy z_msOQF>^W)`jaOb9!t#2*~loZxJ*Dm0KW<03Qj!)!7w&_j_cDu>OpyEuC)D z^%(^L_YMAs?)PWj)ZJRsLtcat%ezP%FvO|XY_ifoi4^hMp>{@@gcPNPz{&KE|r+jlUL zijI$jl%5@B=Hf=O^~?4S)+GI*{d0=87R!=s)@Rg2;3_Qq-Se_GKfc&&xtXj+jb^v? z(=`=Hok73b{HPpd%pWB50pofs)jkS{+gbh`3$ez4O2iD!A?`L5xn>{b$o=`Y=!X?` zc`;8G3&K?XkZqp9qjL>Pv$vHLPBar26I(px)GH|-c4biiQ7aC$ zSvy)eTKb)1CP;{hYY2wj?H<14mI}Ac@(GnijtZyoM zcCKf6xS55xqW-->Omw6>k6xr$LHhb&k)_oULHQW0-+1<$gmZm5>n}uD6vEqZ!Pl*$ zlAQ6ev8GKdE&t=PlIqs&$dj6$Y|^iXsF?Srx5EipSy{=+*xCt&4HE(@XYMypDq!&E zsm1Bv((NnjH*YX{e!luk8t{BnqQH0cTTMgnu0-&Srtyp@2q|?uID-WcixXp?*@Ue% z7hGPYn)WaYeXr_uLlg`s#*OC)$*yk1cK^$^e<~ne(PTU5?qn>ZfNxaxnP?yJP@lkzToO#>bmDKJIkc+Uc^X*1v;-+IDE$34{2OV2^;jkVE(&#S){A~FAz_YAfJa7UFHkV|q%U<}(_TZ& zSXDQgj*!)9;JL}o4MkC{xSXIIv4uM;K~y68apC5p`>9!neR#4f2B!$7W!?4W8t257 zUERsj8JbQ?vgkFk8ZgDK#Tm@=>Og>4Xb=hlXfWk1UIvXTnrRhCR&ns^xtf_z`qUg5 zH&Q+jvv+Rv28D#9;&ZxAPUeZepnT>teT)c#dKpY|rIg$v)%%)4fB2nRWG+-4O-hy5 zHeQL-da4${IvTiv4145mSKM(~QnnQJ`~-N>jZQc)n@gTEoP>w=Eyf6x_n>xt%hJCr zTEdyDw$22kd{JGac~Kp{Kzlwuw#iF$BPOX$fHqkR|0*3x7%FgIfLqO6moQ5+T2DDp zEQQ`=$@FCl+Cinu6jn{my_Max$ds}iP+dsu-xJcEJ~dSZ+a*Z|Q}*>wg;||OZe9>4 zeT3_GUHuwTuTuDZOg$wvqRxutGDFc6S7c{ol(l@H29%k2lwW+~$N6i!s<|iLIRbv} zr;DFZbk)>g9z=4pJ=VRd0z`>w{lAKw{0b~7d23VSMtq@#V<9ZK`}$wiSJ=nLiI41D zcL{b;c-%SKCxFs3|NA3T$C-vQu94n@<>#2i6g4%vi zt@!pC4=(LSOfiHTB|vZM_W&6oxpGmWkt4GXP;?G}63M?~I zV+1=sT?GEgib9WztCnvh8?|0<`EB6Zy@ZR3C#&amPVa>4EYvWE{b`lSVnV0Mf1n)z zWr^^Huv7x0q`Ep+8Xe^HZB886tw_hA`*N9xsptOMrl#xl zn5YKaZgRrZ{dzh(Y=T43{_76`jTkau9x)}d2+w1{G;wJ(jt>R$^hw8>j*kd~V2+oL zZQMxe{kU`c8lsTAneb9tvCfqZ|8jOg7#H<$MMM2_B*k-d8D6Dsi~m`>+sS;jUXS}& z`yAc6-%Ct(myg7ElXmx`V^uT2HR&jmv4-iC7BhrBQmTfk2+j&esVeM-4Bc(t9rGW| z)Ty06ylYBfln$%4{OCgZ;@=Qrz(X{c2}9~_2~Jzh?jx?UYUdA;+eG7 z@To?jS^L>Dc)dS^fqwgrv*!N+bYKorL)U2#%;+rdxAsDx4y!Hx<5-8w8CbvikET0KDX}bK!%yGo;H+V`$8bTbm-&NkUnU{Pa4?P>#U}?! zQj4_JmHhpg@dIU$i|mED08s6qVm@W z*gd=};KTpYN|DRj+FFTpO@8deOvs`i$QhH3E-?oF+1LXmncew`#=oiuL<+!O3>#oV zPfc}BxGuxhNK@HPJ8iUjcvyPqWmuAwi^E&7ve-H^f0C%40eo_?-+H0fF>;sPRTV1m zp|>aqq2WvK!G#Wgd-0IO4DUskS7~QI>mgSd8GekR&sSunf{a2Fa( zZ>X*A?7iS05@zi7G+hLi-Woxb_gbRBzUnle-O?<3Yk_(+*I>0E#&1HIk5r* zaXro5KYgtZQ_R2wOik`X2Ao?v#jkQChH~5UjRqUgpRq(!lL?#?aL@5tjt2d(Wfp(` znb_x+&@&n%UWI7Kb$*}w*E5Fzm+zk~vYh^;Xy|(#{PH+oZaV3_89!O?;%!#$SUxJj z+Br%4N35fN#v66W^Zy_3vhljlrBW={hrM80)3Bwoq2thX*AKQ20K?XeRx=_5@c#(bZ{x+JmQ|d3hO3J10fa`x;M2WiUY2)z!7EI)kXvbnA@OY4~uafmFVd(b~| zr-A9d4SSx{PEJ?+;IYQhwJ&@zoM|qTn?VVT-cC(X{ypIjhfS$WzAlUb*xZ}LrXFqGHX)GIwv6YO93Srz~0XOMwJc*5Gxi~|; z)@f~I5R56j=WJY^1PDB-#w>tpWR#!eo)tR|(UMZ@aWSww-T+)#TyB*s_P)E-MUzZ+kWVPtz4Oyr<1h1z|bdM#wTYZH1pXzhVdesISy> zo$`WuesJU&9V1fjxy`Y-Xur`w3H4IkYjMWOi zxf#5@avSj74+#diy-Wl+txS--_k@Ef8W+Jgdj>hG6|bi=OwK(i8)_n?3e>ch;3&pS zcB?GY$N6flr`3juHSd!N|A37*FjO)X6hid|ht_pnE<2-wCFf0y*Wr;7VAM-CHrUM& zud3r}yQ-BmF?ybHbf*f|v+UIU{kVGZA@zK3(`a^B!^?>eRK?YUEZ!28x7X@d%oxp_ zGWnzDvWFA7HL=w6R<&Tz_Hu6UcK!~h@BQ}6uWfM3NxG+V=YYT6qCPg5vqjHw{fV|y zMW62=%8KiCxB2DcGR~}``TmScvH7)l>)Xj9RBvO6=IzMg`5G$~=%K=3_39?)ZM*x0 zl$x5M0b55*b(HD+5eF86$cKUV&jJM(m&a_Wl49rZ@bIY)_*o9Cn65M zfJpBH(tyNW;6!r1vME&ZhCRG!ULr zl^E6IV%@LZ4dnctxNfTYG<(f7i6oI7&}2~~&>bjv`0!V({rUdf-hpM@SkNJAT2)pf zFXbp@FqH(EgqC5g#{v9q?$aVIfTHk%zMoU_%2DWa-XEoP=0g&IGJ{q_hp|M==OU2{ zI3P$i3Mnd*3b^wObO6)7g^3Iy>^Nm2INW6E>>x^6><$p|6PVYrz0CcD;^qe46>l>+ zbZp%vnR7KXRCh^-*3udr0_^pzyykYLvEH9I-)Imp!t5tOzX-@FhRl3T!FaXo#OXbd z_u@2rZVVpwxS|3Hbyq`mLHD)bf97l7rksAd7Y4!%RVxQ1Hcsc8K+iK6_~YH zU48R{L)|5%x4ifCF*T!^%%1h*q}ZkQhGNxlvW%dShP_jaKTo#*nQTTBsZObvAZ4!N zJeZxee%1~54*zY@w5_?hxVE%3x3;yodx`+#t`{ocaHgWAXvU}Kh<|#tud)%{R;`%# zfWzWLSTx`bxKUnyWLM3^Kr;%WLxwHfSodP0oetqy`$VGNbBf>+0l1BjD2S+*oXKC# zH{JU!9)xWYIe($3Q1H_!q;|Qrl?d+z9@M$w&f$zob z$E&NI<;P)HSS9-2OKOREE0k;I1g99_0ma6e%I-bgEpM;${r$lVE6oS{I8u?gSa=VI z6dzgaMlNoa`VbHwx6)$5s?gTq!jerFp+>|E3*(mq!b zU;ysK4Kb@Kzh=@(poJ8*!ICt&X+1`1%C3YOd z(Rkkqf=k50JQOhZu3>gohMx=Pg$ht@x6mNsH}_R`)@GJccwBcJQ1JIySnFzk$n3F9 zux{`Gjqu%!Ue!&>Q;vd|7#XS#7fKe=l_>Hl))bjAl$>a22z0m{oH~+2yj~nS-tMK7 zN+iT25(JugeeTX(#@i15mqFD{*#qS!$ivV5?8!~x2*elJB}IIfXUh%__V-ta$6H%} zm*n^!OX3+Ex-NU14Kq;F0(rb-HuSqrY1x_D#)+|bop&t(4Ztvhqu9~YRIj-?jkjZs z9{lgMq|0H`HpiKq4l6Jp*&gHER?*U6G5wKEwIu-;jP}MEYh?-pg< zkGj4Zc!S3f6B$X&ZrDpuAjzGcENPJOb&Wcv&i!al!`#%ACyOzMX|lm*B8su|GS*;q zy+y+#8?&38N@Xgme2v5N(NQI}Q{W<S?)8tyJ zmE6njPPs(D#HSF(o_oTMVsa6&iO7cabu4po8fSF~yl*3@twS?;Jk>mX3KZJ3@ zH891nL-s1M$lib50FNs}s>3G%4^=JnGwr+EQLLb7%wcx?uwD^OPBK>2a%%DhtT$lzlO?0P$A<2jP8ebV;I9K?VBu1yGmfI!c<7#F(*SYn)n44CEs zW4!8(<-ch%^%8!`OZw`{nI`KLJm85YPqG8;)y%XR>2rGPRF#OB%?=vefn$F(o<>QI z;e@2WAj1rq(pL00X32l!TwVke!jtirDHpq3{!FGuyu>%UQOL&@mQ7|sAc}`T zexs_!=DHTTFJZM9Hd~KOj6?%pMZ_AtEqW&IU1>~*vvTdtx?DbVD1a!0GL55)qDEc* z|Hyjh@Vd6J?Kie<+qUhrF&o>q)o6u{Z5wTpMk{EVG;C}%Xly5E?(e*Nzu&pe|7%^> zoO8@M#-sapho@pnBbyd7kcVRxazGug6>DKyp~jw~nf95J5VF%&=$M_-36u z!HH{yP63hYP@th3bNf3|$arLryo~>1@$h%t$}OcNs_dNd)n7&2hw7cHTqJi|^o&}c z3A
Yo+Wls?CKrjhZYMtwpbo|n>#@x)6dQ5k_qHB)K6kQ%IgNux&}m(pNl39WAn zqeX@{m?e*95uWYfIb4)kPS+%t0h5{ zL?#tv+#kp?Icz_?w`Dd<>KF6BvQenv|hbJ)fTLM4!I2r3L(JRrHS2PH|@ z{(g;VeEZ*L<-$p+=(6Ll#4Rp!c`!+5pb9ZRd*86mweqA)jqmXK`u8zeq_yqK6*SJ`n4w=Liu)MK6?}oswc~q}EB} zP@Gt1r!vN4^>jK*Qn~6gHlxyiC6gBy0YS)#-=Q?s88~J+ z+1`f!k=#UPfZG8cm0emHQ-!%=4W(f;73@S2KZc5O+<8h)){b|TiU#VxfHOhov3WqM)-pZ z1vHaCm-65_SE-LE3Esy1Xn43n)KoF(#C*Q}5UQHR-F{3@WwbDc;w4os^!14}xk*O< z3A@e-U+Tw-GZnnZ?zk1Wq29LsWSSIYWg(pE<8Yuq-CkLL=d|_5%^ck5)uL8@cF3v4 ztyXO1(eyFQSe>S)6?hu{+Vu@kom~0#xb(f^A@%H)#CKa;Uo895f016YCPNr&)wvwq z(PB)q(E2UJrS-9!w__~0rcUVNptYwd#Oz_$q)GQLT|WvH8zKZDXX+4Ife~}tFQ0Ja znEg4bW|ezR8B%*zJ5XdUS(aRV4LKCxq+??i2-nI$zigenkJG37mS8?6+Ga$4N>kM> zU5@YdC3-=$IscmBQm}A}bnV2g@$Z{0P#^fKP|{o|G}v@Lp`BT@zL)sdzJNm%Y)!PoI8o+`I@Y>U~78a~n(^rx<&X z`kNp}_e#b2{RjyvJ25505M=14CG**vT0K<<{~M>?7(wr>|9>-1KpFxRxuwtC8B2aB z^`FZ_IPmGaD{J7#tT4}RsB)Lwz~vq_TT0J+YG0MZh*Fn09$1g4D#j~u)iG$caI-?o znzb%}AY#5)r49S0P0fhPOa@149hJFnr=lqurp^_XDvKyRlB&&C z5PfpV-3x>z2AOI5J|9szs?)DSt#o{iviLGR#vDr_@7cWPe<(v&o=iL9y$5Bry%PX zm#W1x=oB~#RTC3$BIGNq(&`jsWlF-zJJ40KRS4D&q5f1Kj7RbXH;qZSe$33 zhf-U8T0y}{6lR}Gg=8*vX+I&v$yP=kY@4$D_S^%-N|-tRB9!kp+0CF|Nq{l zj3M`Zzi&jqqdRYQte@XY2M!Glp^=MGv9jWF+dL@}J(Zg%+RWJ^VEVg#h?l8utTk!% zR#jDHl_{vGMnsG?p6$LlUd7M-YHOFmrqWF|Qp3c)nUY)iqow>9k@FH7{#HI#;pg1P zN0!|bC(fb;MTl1NGf2|Ik_AG{K_M-tay`W|GC`D^&FHGZBM12Sgg^?{(iMsK0`)rKi z5&kEr9`MOe3qj17JDQlBB;)c_P;o@jp{AxTEulhx*Fa-bNF$&3Pw1Lw zMda)=R3sT8mq37a8z1XSEb767iyH%oC2AaMYHMrvr*ds(g*$}cV519-{wSr&XaqBs4Efp+N8Jof$*Uj0EH@hz;%YF&e;q`}a03M8ixV#S|e)kQ7rJ=G4pV zbD|$TZD2TNA6|ni=VCe3Nzf=D-yO?Y1^3TR4NEjzcXoGq$7`yqF5m*!yS$_J?g%A? z14P*eZPCS0!4iHo_PW{=+lp;hmC?Wn(&^3EVs^N_NaPWaj7(Q-Pu6IkGtg4R5cR!= z2(D;gT1!m2vzF)?S1o!f5}8aZ49kILdt zb$iB=$LJ@W`|l;7Y z$2>fZ4QP`447p-0+f7??{CoST~@%S#-i7BcvSh`ZaIe4Da=GI zDxDDy42}Tu0Z)5-rk_E8>Jex=w6?aIJe(spU%E}bJa0gt^N zR13ImHtO_S4<_@4{jT&~$Ny;)BmooofJf+e|68eR8@1em){qc6os0^*)ec9$>-x^_ z`@_dS6L!2_iSWosg|Ca)!aipwsTr8$+d;>QP6L%^AkT0vX^UOpl5!+6%o?2pX2Ze7?j>C z8|vKjZ*6YILD6P?Dm0f$9&oe0@!fwiN3^!3CPz`Y7ePqk zkoVtxSHd;0m%39ZXaA~P*;?iO1yEa&hV0|Wek3L$ii?j=#ZKeRWfc|-O)Mnr5zEvV=|f6QM$oA&b9Yoc7`tG|BEjmRi#H9?QIHNU5vbI7{+v0@@qW#Z1PZ7k~zOc0oay!9wGzfZx^c;MXU^3PG>GT8&ek0h__nm6?`vX(Msw zbBmK7hHES9hfdZm_kL}Fb zHxGOkBU_^Ab!T#3|KAJshM6q-8k&Zs#E|n1OVlT+byYPBw7dhFCi5qk1Q|FS;l&5x zM_!st9YXn_!zDfC3?ibx#Kc4z8d&*kxGk$kuD(P$@#uK0247vzP6W$`%f$*!VgkRU z=%lHX7k7=EHI)`iiki0C8Hwsuw3UfOyhtnVfc^rQU9fu#>w#@OSkTgf zzX{!(R$WfEeBs2&C9RpYTeS2KXmdWi*WBN<;5h)+}h=>?F zEh~#4GnvErh0sC{6z49mtlVZf*L3*Hum(z2^~iwn_vg~hG2lWK zEwXI^A658R6VmN9G{CbU=Q7kbz+WESKi^WU+mK=s4j}C!+^%w(oyz6^U$6}MYh#T5 z7Dp~fM+1$(z_s~I<2H7B{y|bg+#@nktZ>hhi;tzn33%ipI&4~*1H8+Sf< zwN{SJY1!mRDy&@P2|HzRW4uY8GD22UHK;ooRlSVUM6oRC>9 zJ9pZY*`N?}dG2M+faOr8{;ted+r8+5v{d6k@#t``Oaa(lnikl)CNzUMvBpL^TECds zCh4zfYdab?c5kh%%T`G{BsgpjCAExFR7B76@TOD-a9Oy$MLk}0xp)k$C`n&f zRBZS>kzV#Lc3DMkK1;6GZgvff5PE&1^0%ft-{`HcYT5%N441w=HTIfX`ur*yOR0HT z=>opfMZ?JWr>ota)y;0(;g4)SLnV*MHRH@$`jdjL6!h%sl>wDUX!iQ8!1SBr*@?a+ z=>lx0(<&Tdq7(@le6{vn&EYtkaL8FtcCAi5+EXGRYVtW>?+fXJ1P+MnEBCw8Rpi9) zmSak?Gasn1&Zn09{Khk)pPv4V>y}ki(9n*MRR>4G{d*E3z=WqA9KWGpB^yE-|9~!b z8V#*P#E!GNJUQQ94f;qSR$FTiOc}$qB0F06+i2-vKJ2i0|5GOw~lx!jPxs9a?4f-jg`V2)MC|f>eTTmyolP z;qj?F&x}!G1!chJ=gXG>ib_CtoK9tAz$#$W=1kUa5_ zu(>}ZVu4>13s(O8z+}5`DOcW~$p7xUJ(#{{IfggW=;ET9QsYpIjkSZqO@L1>8u-w3 zG}o)w;i;eLybfq{OZ0qXq|EbbYOW91BL~F0Zx>2-b_S$l&emHkrkg&(BgbX18Z6NZ zKldQBh2AaTln={Fy^>W}yJ_*3 zczwCf57b{s5FUCGRhjut1m5#nwG?%=9u~C_a9qY(><^=>i!E{NZIRX|ow81J(=YM8 zm1bkk`@XEy-!E~~$^FQvV4_=L8YdFfXAuyQ5}+6A58i6)PC_RCw-Oip0R{>(Fj)9@ ze!E(*;^+p>O8d)El-7rY8r4>2jC9X-{f=cvqVN4m(jr4N8gofcsWpqm5sdBD5zb$< zewlUJ)i`!8(-K~3mJ?ZyA2nrXfJD5zNxdX#n{=>ka&GF>s=8pel zdU>OOan!Q3^p~US;QAg|H~W=SUMq&JiKVrr1j=2MjSa-OiOsPeBa!=YWklRb=mFsX z33NqP*^a&{fbp3a{olIBCierbDP^c2JzY-L)Zv1at*Pus);V+W17)R%<2Y>G{uA)k z^Wm9uq!XW^ZEom{bvhDcpj6u>nfyQGsQ*(_7(hp&3^nvHFBvn>3|*FrI_{dW8~d3k zsN=O=U$hP*{vi_LO$Y&!}w@z0|^-cXA8}Cq<%CvA>g9-OW2v8L`+p|5D z_}@4E{tNje?iMIBjXM2usj)h^v`bxd?M3&peA@OX86^RU@Boa+x}f{sDbK(p#n(f zneQ+GksmTx2+3JJJE}l)LD1qg&wadG#8uy0MQ6xNHbb$i^X(lpOJl?2qJC^Q+6?7C znZ$VCyIrC*{ZFQ~1rHkn_mvuwWWzGrvymmYg^CzQw$-L0m@(lU51FjBYT=^AccC<; zIKVfhG7*H*B&GSjOE_&H)}}0obJX+qF+s=DoE+1sB$RNJ*KC0;?T__x{@OC|wt3jrlNNbZ{g{Ksov;_zL8TnNy+uj>0>X*3OX(NJ zv+bQN?&+8SC4l+%I`%*Y(~_0f`{bjcXaTt$(}x0dPWA^xdd2KCQeSdX&6qIy;}V0& zC5f{j#PXzEsoGZ8M_-ZT|9t@-#AY6u`!gJ=7zg9b>?$0ITC9H1;R~sxQg}{Ctwc2( zlM>Gg(d%p=<ptHA9jLB+fN=ZFN47A@9$DTF5)SwLimc_(&>I4HOnZP z%S$5~TUB3p$Hf1+hCG;;IwrMJ;8je)#^_JQ1OSOO^@`qX>)JO*v!cZAx%S~H8FGfa z-sn7;JS|e0F4q2dlV&O6 zoa>OJ8~tl;r*&bY^?l%->{rst!w-YX_A&G1#=_5UyRI~rY^?(tmNqJpK{AbH2hP7h z{RliNvYJjO!G~y#oXDV}^)oyh=l`>Tso~^lKu#9#@GxNn;tQr^ni5vX`iK$FNAC{2 z2O8MODc||#f@OtdI~3|ZNC{y?qQi^0jN4by1h*B@YBgEr(Cswg{T%7Hhfn$utSSW; zxv&BcckxG0&lBH+VU2A&ldnB~V&l}4W$Cov480vXt#EV=l==lkE-8mdDjG3iK*vnl z(O8Q0p?$^ddf65McN0qrr#)AGrgp(sT1z)#^xUD!_c^Q;+bKgS31*xxqXtaWJ0D59 zI%^ajqmF%gw!3Yt{eRv*N%{ds-04W2JUQ6#bBcVR%4C_9{Oy4wuBRjS?ZsS5X>oj# zc%6H>erA1&MhEPk*e6m=Yhs(K8iVv=R;zb_EZ|ucc$$MM{xl<7^OG743~R1jU5VxI zq|2~`nXy)kaNh5bfcA+>mRKk-9#Fb8d>J{l9yLN@f z85eTS3?f}QJ=65ruNX9B5-?&&GOLwe41RddpIbUP=actk=rM1CjiKu`B?b+6cOaVe zBJ@6gh}jkIT1vJQj~~2*B27G#!?(bWmi#&j&foZ(MGAU$2Im*Gh9-);&ul7AoU6sf+P`fRL z5>^PJIn|yQ%V%q0ttz>0Z$qwm6KXHS>NSHl&>aOcRH~)!JF*4&tnBE%zooI&Saq`G zmPa%_k)i2_tZ{pA8mLNOyh$fX&p4I1>*v*{1=^G{r76sbQssd9baBw}n-;J0<9b#kn#S6n6y(>AF^&3ttn z^AgcmZia{xdGFq1P)WYJZ1w{DxTU3~55Ez^A3JMm1RxvqnoBAwMmVOSJvAnO{v;A` zEdpzp~{DKy4 z<=ljP6NZ3zzk2*kJM&@=BexUSg2%4*!nktP=6sWt^trJ=hgcj6j-HbpD2gL(psABA zlKw&6-cnP4hrby;tTrKj(xr8zy{masY9Qpv-XgCoutl$#0>s>JL{b^NEgol$kme`{ zjt;`05n;>}frKV?8I6hN6R~2s{0}=WqV>e#O|bRHtz&@DaM~iUU9i#!q;|qDQvLq< z77(!Wow~Fs-nMA5D++bHMEUP!si6)8-QJ4ciC#T+BK&oy3x{r*4LR{O@$BrOdmfPc zCI5<)bPOqavF30d*lfOAAdO0v#+KYtV7q+2gg>}xIa+kZQC!uis*Jr?#PWq#SvE0l z?5m}yo$aT32EZ&cxUUZo9fAoiFE7Ok z+0&(_1(zn>QlF!?;3pX$$Z+M=yq6_4jvf@CG2h)BO_3*uJm)ygL4s08T{DQ}dXEEH z?0ML1QWxu?UXE3*%MyI zWOVW|W6^a4srEl=C@DjuZZ3SfmNzLD3TFQ%M*TUC`?>fh6Q74~xJ&^4UR%z}P~Wau z`}UR?>E|LY*^1VOeVex!3)oGoLj`!u_;s0P!5GxjRils7)H5kt)xP-gBp@vsmCF>M!I$)e?Ex=90b#oIz0oeIxB??d9GU3)`j#OtKszDXm{5Bh-@uS zuY7(c67+|^i}13=7v8J!uE!Qy40i++wCItVS4L*zlD?Y9e|^7twd{tM#p^iLR&|~| zEGMSXC9by|Y|Wm^5-UL+D?t+j?$0%Q!@@s-S*0;| zY$p0T#ItuK4!OR+IFOynl-J#ejM+upM>Dz}Wb^(<30KB!s z?BHyD9H?KnIj{G45d*Hx;x?yGkH-rKUr4VEbo8ac;anp6Q zANXD5h|wd7e?XJ0;2PEq|09KQJPATLU+qK(QX^lkj#tb6UU7#7mf)cWp+9+Obcy7J z7==Pbn-_*`q6Z-5sh3+^%@FV5Z=FWL8>E@4UAwc0;$jCA=?`To($UpCUxm2xJDE?$ zF1FFyoVgxnS~w^HPzNbi+XhV2Puby_T$oCvJf35yr|>Vie2#0uGfQXRcc3{n5|uVa z2&dp6Ni4YiN2>XaL@sw5Ga6U)e^*@}_bW)=tHpqF<-JJW9kDlwZjSN*S%l4{1%R$AKnlp%Zq3o)7#lv)5@ulCE|UvQh@S3F$8Ayt1qB6C{0QOENVblIrG2#` z7n0y-OG~=Cx~89E!K3u=mZZUhyDvC{4)WKXj>{VQ`eW3>p_K<}yPRei;9d1?OqB~( z`G1;HfJanBE4rFA0p^#ktL4FbPRxeb2rjOjyuewdYd<;}$)IVYPOtY=++(0DjU)Su zT@dF(9-GG!-rK=9;oSHpc{QNAb~O34NRB=8sV|MY)#kg*8mk|-Ji+4&uF~P z%W3bsj1km-rVS+wy<~-ho=)L+A?a&FY4Ow3Y3YVWzZo0UvX}VQg627b3&2ZYi68)3 z1GE5I08L|7R@Mc@$r63NPvin4<_I0x7H58pjl=-5F3V<@jZ3h;o%2y~&(7>%s`M~z z`4Qr!9V4Ta_Izsw%M?3{n4W>o2MrA^Eh8PH=peI`3rbtxV=xpy#Pi}rHn#~t?0CFB zn6k(NaG*6c(LN+6-+*4x3D7IX!p3fXH|I}CNZ9iOs~!fHKG>m;kp-MIGip`{cI~eeO7M-ixJb_m{>BY3jL{ThR^uQo`;M!NW7c164 zO@g7w^>OgSUars?qYU2DK=lX7ewJ`y-=HbI7KDpShuo+^@KjxTLQP- ztxBv{&3ZSDXKd2ErSumRS*{Zui8K|});~JF09?1*s!UF{%ZN*K9P!f8!3$wP5;pw<>baZq#IW;3=gdei(yl8A`XrMvJ_rg@nv?*@N zd(J2NLY1k zy_nf20oS^n!CYVSY3H8{Dcd&)B&1?^OZ>%(1pr5-vG)lHUQ~sZPQ4%@!FI4TNlXaX zjM|`H^*((Pvzg4>_#R-P1LiI%{|5)m2Xxmjv(Q3ev&N26+nD>PI@@Y&`ZjQHy}G^s zpq=D%dg=Y_Z%Bde?t=I9q8}3IJYUXUZuK$G1LLRb)-UtfDWJc>xvL##6d4QXnD$0e z-vJ6fBxGc4EG$J`b<+|e;o$|rZFrE#q+&O81b+BI!BEz)Of;b8Kr%9_d>SPuLju%zr z)E5#mKhIH8QV#=3UI}v$KxwqYVq%n)dScG|6PN1D|?a91@EE z?*M?bbm)rmnvj4(GVs_=kr(Fby?q2;a^xdqfr`3*scu!gOD1=-zqN3{u*Jcng ze1#MMkWT=gEFei3ayqkAPyUR(=#I`5|@ykA$qq+iHX~*PkL2PS0_dvvqB~4EsS|lfoJftmkaMOa*{H7uAi4WUC7n+1k6n#dI0JlsnI(l1H;2iQt&@$mHXqx z^Sv%y`cX|TGLE-tJRyS}im*qXC^zRKeuP=!TdA12yX^xj9&Gt&PKyyh;7Ukv_Y%)q z5PE%kYV_5W677dPxhtQ`M#9u2xq;i3|I6hlX6WkU;^mL{PZ2aDl4O4okl1^TPkLmS6vl4?ko2sa&pf3!>ib+3P@3w%u-HJd5AdQ(KVMVAf zKVmt#0pDX3HCy8tFek9TL`q6YNgcD(3WEW>4DdxtGv`B$UISXj)>|LLQK*2?8DRwS zY#>S>sVI$keTT`4lrw{mvEX-F@m$MC8wHn?l&r0-UAz|CBD)u}H`#0#g;5hEp@T&v zBNx=sE4u>+X7YaHnr0qP3=kfjAaRhsTaGo+7`OCfyc~v@yx)@Y-=1XFx&FcE5r5ID)f2Rq3PHhuOb5e-8?R(Cp40hDpIO=%b3ZKei|V zeBb{&4p1S;j%578NYBF_EC6aNnc=W<=_y3VQ#gW9J^*TBO#gv%<5Q zK9=UT_6RJ&NK#>cM~vyg1BSvBS>ljb!W8)lRu{t(%a~vcQRj*1#V(_C$r7&VNXLSj=HcM8SseXNOPY&pu1q2&UjSCu5SODBr?E{Nb3MVU8$; z-vS-#YrX{7mk%vvTAwgf*`F+PJB?4~)wTT&TTj)_4&Ev&_kD^`(vQL!8Ttd9)Z{{* zhk%Y9J_S1W{(Q4AJ3AJlV^ARhiHC!U38^-V)>K2-ZkDDEC(86*vYTUMi@a>W2=a`G z!xTcpd<0InpEXO`l*IfZl2t-3kct|LfyAx}7uGz1lGFU5A9^WL+c)V+T6^2x7sW0) zb(8|%JUR3k&!X9cUycS zsF;3h$Kn2ddZKXO8(}$t`OngAQ!zsfG2J^rpd+P366OcxD1}HsbG`oy>>Q2UsIWN27c@s>pSPkU!CbD+GrbcHi$^SJS(3@PU#@&nBVUqnR^uVJmX8R$033YefYa~XKgdSB zPwr#1O-?|czPh@a;O>G$1kPt$AXeQIat&5_i`EzYOcth+xVLM=ZAOx>3mhPv}QpOpX~bRE4~;YXK3!rnI|@P3X2Gk#&!p zB*>QE2bDkQ15{|;Eo|16 z9zX7uT>?;Xyl9S#Eb)wnZ|K3FU}+ljhZOAjZR|f_?j@LHEW>R=fjIgRoxnlmACob7 zog`x)7J(6@Z;|`E*_ATQ4CFeLv{W;(3`mz%u-}qXwPm}}XFd8ZxrCuzl;MwN@Rv~C z?nWsQz${c$P`A-@ooGeb0*%8XBPFA|J39|_B!AtsBAoyo^dXTmcfx@@;@cM(b3MX6 zjim^whhVRs>y+8BB$-z9%0{A%>DH+0)l7= z4YKh;aw1nuF?9_Hb)vi(+Q~8c#yvUYmW<$9i|YnJQcmEU$wDkUUSai9?Vw<-XTmw# zjx$BA>ne%?NAc0V#sT1VZUjiYmz7ygxNr{I^=14a754s>E$s6PpkFMy0GLh5Oi$_6W4 z?Z^K2f4{r`slgrBJ(*fgA_(?@5k{ZBn$K(n668gCVdCeB;uh&llVDh4xtEg~80au< zW?fdJCWO`z(p4XcV>W}YzMC801?*jxnwkw4oge-DjJdn%(k_dk#DPYVk)x4{CrV2x z$y`ykf~@SHtMc&*mF#fiNjslYpkTN6BW10ba@xKvS!`KKOu%su-L=`kSp@-cOVrN^ zhC^&=7PHl6YJ_DE;C&3F+yglexDL(6mSj^pw@n6w=D%%5U{&AG=BPyfmYZv006>7 zLf!)F%xM6{Icbc=8^z||`C3loJ$_nq(Cw@;`>%Xq{8nrg8#flY@I+#M=gnTyn1?WE zc&bH!J@yRfC8!`LX|Tn|Vo7@^+}T+r@!D9$lUa z=ox7l>uPE08X4*;dSrFwtaPROYGLLKb~HeYRsiNI=H{c7ybz;qp_;$@-fr0)rAnK2 zch}IVIlUBAREB7_e(`S_0ahWv<-6hS)sSrsK~wU3>`wsWnk0m7bcb`5=xQjg!@wjd zhr)vhoD`9h3>Sjw!{0>yjlX}rN+cPmK=V2Bw+r|Lvx(sutE}Gs zt5LE56lqeYY#}cuIW)Ktc=Etdf&}avUTeWM4zVwi+?DEuXwa^%(c~P`gP-75i&Qw6 zrsV{Xg6_9t$V&`?EepC5>qcON?B~gPH@`vH7`953`t(a>fj`oA`bPB{M2F-}uemr}x zgh&@kP-H3U3tSxwzX`XPC8qIU(t>Xe2OU%8SRvnUu$Lp zHVz%NHJ~7CduQ;ET3WGK7c`JMsv*|n6j>9(F#e>8%b1e~zTPhWGw(%m%(2ALHQn$J zy4@8a8ZRe_&%A#ZVo)9y6eEJw%{qenQ_%Bp8u0h#eHx*?W|BD7eEmK*`=QJ-5L=3+Xkl z+xQEW6PH}Qa>mxNxAN%pAj0S+_7e$N1gb55KPKF$%88XL<_NkRrsJm$N5VbPJM*$3 z9TK$^eBphdxYWdN#$)~-{&f)17Kj&Z>7p5sP{^55kS~|wn={SOhsTg#sM))~_1 z<@$=qM-z!-ZUoByamqO~m!X187!bs)1yDB;q5{Xo_BXs5=E))eC0qdIs#J$wblDGb zt-|o5m^C$l)}c-tsaRySEqh*s2Y)m(QIu-W_K$!zQ4u(K0u+vu-xqKrh-!Wc31NxQ zIBKE3?6P0FB5!!ho@hVtwhx`;N=d^w>RL6f}|cY$ITv= zB)BGcrsa*hJP}vd2&eH#w39JMn?Iz}nDK`-KHRSazEHri4q~EgU!cvebdXcHB8aK? zFOov2=S&B*lo9Ln7b*L`;Gmp8ze3La_A9*V9T_|iY_qIZ?sP^zV9yhGdE5B@jA4}n zhqc|bL|Z?OI|Oj;r(#;PwLNp)fs62RcGfxbuX|FXQN`o4 zGcvM`*ggNPZ5%tBga3YPcejI*DBTZGCB3S80*^bKy3DRt)g^M@Hb=@QaJd#A7WC?t;WFs6E-}L@D za6TfG!A7c9-Rwpf>l^gh%>mG%u5aA?Y*~Un+Y{g7d$U?iO@fQ3lH<^|RSJ3G#}k%4 zY$kGqJr;mVns~Ke5b@-78JRH#RH0eqCUV%WSd4`_UV~OeFyW}VP{v|#$<~BW(BncQ-w8ANtbiP~ zD!1*A8}mn1c=Vty-%~Sjb8cZL64ZnN8r%x0&VR75hfpf$MQj|&9GUCw4*2O<-Zms; zob01&LFeD^OTw~#fpN3G?h*jD6Ym7lM5Cw)g@C6;lUg$6#&o4E1)Mk>oHhPG$;@A= zLAsBGU zzRJS8V@?q3HeazkCa{QOSON$&0 z!B=U87hqVD&k;msbIsMLg_;T#jvxJ`JYoSr;rI096Z$XL|KXlMi%fwyhpOkaN;ngrVjs|-^} z62Ji!`M`E(ukMSCLGa6AWidoKZ2&v?$0Bf0h0)m zgnW(!S|lLj7lNqzAF#^P4nRFvjvWUV_tGDdhNp{o#DW>!lw)@VVoMqRN{zXSA(3!ft2neT_)+|r!BcS*K@zmDjbhPsRf)@LcY9&4;0c)DUn}X{jES9Of!8d!_NKY9{7`|#gRz5bgYl?k{ z|A(lzjEZCHqD66ccXxMp2yVgM-2;Ij!9BQpaCdiy;1XPdLlfNHZsmOMzPksE!5^Tz zs(SCW=9&V6OAh1=52C)kCeV{me(q;6MkMP0lGhJK%mLrHj%(xz?#5S^JPZ1OHk?;y z;qw`PQl~X`nO;Dg&iH=54}X{|Z2C7~(>j*)>wQMybguWW(8Fx6{?+dp$!LW5;~rRi zA>!C3Gj?uyL!VJOeTahCFWIJscTh2*Cp*xByU`lC zghvYB04$@CG$vnZlro_LV<<&Xs$7WIt0PspM_^voF7qX)b2tvV=+&olT|v<5w1#Z% zyHDyfrzxw$#p6fxk+?rO4+`9D#RG)c+^^fMRivdmRt1}g!qOt$Fs5<%lKSzu(9~U; zAUHL$ZCJZ5B}8^$goKrMY@n47fr@5lS<+LeE2I%uV-*Mn`0X)?-o`=VS1cv7dCI0YAhz;!!MYc3`vO1(qfxF6 zjg73muddNzlMLI`(UJ?XP7+{#l6Vpj?W*)8)3fnx!9M8(^T$~ZQoEQ*h6_Q}=}4w* z=KGT7g(IIA20{@{X@4PkL%qd%q0S|-t`M8O{(xcwg+_C4wEll#W_%)@+^o(g8G+Kj0Kg!NiI^`c`h({1NMs4I@pTGIU3rshZVU2?t^2sjt9Wf_0KAJ(G!NnA2XX? zV6vYre810uEYq?ZEwHHY(AWmgxppRq9ER6=>kq| zM^E#C)~FkKmxL;2ZZk%GXr_MLDn}UT(p}&j%Fo^yX$)u{q6nmA%ZjM?)8UWC%F?wR znhiOvQq#dV6|ONk*hBDSN_@=do+KYcG3$3h*kSLhRt$HDIX!hqWuNXRpXJd?d)!Y} zS2ks=-)zc2z>B25=1I0e%d7jB*!VQ%3};R1_qYR$%UsFSW6M_taVTf<_!bW$^9UDF zI>0{1u}bjd{iNV>+Kn;t95;PD-T0#3o7H&UzAXBaBHC6~+DhL?kh( z|5}r%@a=>E@G61c0M)Jqf0FLH$AtydDIXMC@T#jNgXMNMk7rh_>cE#F7|HYl_OE|c zOE3tfW?}>I0^HaLv#1A=IHZ?;b_vWpLp5gx0=|||>`>Q3Wn72R613V*tJ_eb(de2) z0gABU)nn#ci3o+wzPr%uLfS_;-F>m!sWg)WH!R`7 zHYPSzj!1bjA?(p3Uk!Werl66`X&WfYeM3wg zq&>>ITBDnzqiE9Q`DJ*~>~-0gL=F1&QrH^`@I>sx4y^$5`Y)_g{IJ^@OblGxl9jZ` zU+Am(!Vj7W>G#KbKy)B@oe%8>p-BQ2qx(?z+GUt}Sit`bhYedb$nA6k$^i6c_nQpD zftlfilt}LMKzmE*=xD8ZqD@ZJiRrWPB_u2IrvlL_qXv~$qqD4oGEuB0=I_@xpXNl4 z17|CEou-8^-deZl$>xw@{C_?JBhvS{mk*$o*l@d8)2v*oHQKxLib81d6Sci&WR39y zT=n6R({;F-Y**FZrm|)_{RW>w%$b0xGdXo=pR)dbq?JXWE%E z?xFS)K89ShEQY#b`g-!9TirjL=d7-#u5)l?du(6qUJjw}0IJGB6?*Igs!iDCP^Y&W z;}43$0*tuuQhFjE(z^^z_xpTW#w^YVW%mZA`o6VAGDgkbwW8Ov%)pLd;|DW?BZHzls!z9(2pW z-kpDO+4{-MIcK+)N@N;6YDCS0N4$67CCwklxC_6uGYmK;9Tlhj+gh?OqPx9rK($@h z7Eavx@`^O7g9{}hO? z8e3V@A^*M|W6fYr72JHP4v*jN-aY^wVmsU@^V2aIje?DfB)$rh>+%xhC08^Z9It0# zrxw9L(s8{~$p0?I8RuaJLE->sf_*TD4k8aw_F@yg8p0H!KT2S@U0C>JzTM2D#4%;( z5L@G=p+FSisF22D+26-s+qR3~bcK-^4aZKm3y^QhCBR14y$ix^B@zqW0jtnuBOm4y zpyr(x7sE*h!w*spg3QpuIke98_1JJg2*X>p(OE% zTGCU>K)Ff$Cpp?VTB(3-G-7(pn?<_47Otd~c4FGv8hQ-OVkbM>rMyS#Pqq^iMYuo1 zW3yEA-g0y#Z4l4kUo7u%jzkU3hcPO<-|pA{Rlw$DNPerDm+F@Ee$a8nj+(vGXyqfuss^I?1| zCpSKBP=a=j$w@y}5q$~S8Bf8hT+VY!SmD2vnm0DoN;o^JbMQQ=y| zJX+>?Xh;YzeV&u<=3wD$RU+$L<>kbAZ6fP!8^D!!kOkU>Ker5};)`@Wust(~bl z-RLk^BuB)-w4CMKlffx&!569;N`;B+o0xt%!P>iTvixhwE1U-cuW!kO{L3wSaJ+z1 z@ekT4ww?VxKM(de_dlUL2K`BJB%$HDCIGIT!S{t?hOc6!H@U8v{}!*j4NjGsb;9-C zJW>c6Ek2yAH9e3Gmdpz@;Pe-Q#Js>u;J*O9?>ESYR6ZfAMe!_XdE_Qjg+F3}nZq@p z>z!@psui65B@tBVrs_sLBN@mj!%i&>&_h=0DU(J$zktADiTY@YHI=L&rN`w$QTgG$ zHtR_u&UDMZN--{xRGIIs9F(o2r3z=$NK!A&QWHro>db{xojjum|O z^q@gRm+rQ?Dv%5#1)hr*Z+`C;ks}7!? ztRpPoL%_*Do=+JbMP2XK@8UW)&(W2j=u9<%Id&V;D3o7iL$^M`oq2L&;We<@V}t3> z#XFpJQhSA31IDh~^Ik%_42X;ht;WWfPcC0?W@t|-cRvP6-vcmRpxIeUdB8CbDGy6z z*YcRh;pP2a*0&@CBRf1N7k-;ZK!5jhxDFZooZ<=SVtXHHF%WzxOlzMz^qk|#;)n~4 z@YR07hW7jdEyG8H3rXQ84+%g;1RSCrxaZ1H@#CL{v&VykiiZL*Mz2k_@#E?#aB7W1 z=y7S?Ca`5!D#FS~B;X-D+>+-7XMO_#l$HnMDL`cE2tX>#qDpt^a}*moq0}3WBa*@B zI(8EWH#|oALG1lJ&XKoNO+_LEB6od+t&E^Gshbp`Iy`Nh`LzhgCKeWqS5N<&>dzyP zB_bu32^ssXU)MV46F<~H9w1;eq8};C1drU&H^vttgy}tmE<-lPQ7DrQ$r~K@2Dlni z9ee-JP-6m${RsFpuk=+thor?gS=MwOX9QmP9D& zA)&XSdZ$ooQ5YFYH4EcR3O^ave|qMnGTysga|Vz4xx5eoRC~T z^s29JKh-)yc=Z_7g8e9InL+P&S1Q{;Q~{~5vN04|n&Ux$sv9IKk2mly{0F^X9K4iT z;s-B)+F_1^i&%J#CI_YA3@Ak6^-#44~2ir6Jvf3P(reB{2{U z6q#^JnuoF}o>Hm6PoT#CwijoHfwE!bNOnmP(%w+Pwy0C1ZvI=JR^OE3CMo|nA)bH+ zrxsy0b&#lLdPw}3PCR;)P`cH2o~9(Rm<4AE@z$c6%J)h}xZOx)f(D;IBXIg`J==Fz zyfnvUe;D_tu+zXdL@fs<6g^rGp-To-+^3KhB%*Brn9+U-64X5b4kS$c*FFQWBs{Dr znV+g?3&4>T2jY34oaxgoC`-fu#e$l!S@SXR#}KJh@{=k3fhXz9K%JRxWi~UG84?U7 z4ZeUOK;k|DMtQv{w1^x0?&o~luq~*E3~!+Q{RlU@!|^ivw?S|V9;ZK}900mie5yKX9jh$Uk%P94&Pg zyMf3+geh?}uK)PNyeEm*y$HhRScWCqM!-e3?Nby^oz&lgfBWuOk$K8nk#uQUN^Bd( z{y+B^0G?ze4Dm}!M~(-SCaW@lTf;RG))dwceN~9~B71qd!&$MP(35?-H4=}ylN;QZ zoKGQdyHF@-e+3i+X=A&f0;o(Gv=P{)JIZivq8xRcHtfw*zS15dwXUfAj2Xm!^Hdx{ zf^xrV%Z4+kjD>Oa)ShYdMwn1dH*2%G=1^G{VdAbS^VK1B z7-df!^MLeidB7m@kV2%^TW+$;wH+(Km=v$G8a| z-^g?mUGzl23LGQ*j6IH-J9;>=SbOm2i&4!re#>RnZ}ok;TRzBcJXWaYk6F-P5fAbt zE-#FffKbJ#kGu~}{5>|`WBw8t3`4?on&)x0et)+0?J{2cOrRx>j0he#B^97Ki{1sb z%#|CokUJMT)nJULtm(}4UZElD%k@g1T|=`9Lkk6XEC zSBNq_yeu4o-oR^F(L(2?)Nh?r%W6HFMWCI#(bVQwwy^<#@?dAAEkN@aY=j+_0OT$IzesVZ8#JDK^mLJ9LK$sxon= zTziZx%m*q~KhuV&f}f|6<+XL1;5kNs`M5so2|4K}rQkkc3c>6~;@{5Z&sSOBvL`z`i}2VogL&&6)I&$B#zur3E|iaejqH;5NfT`X zTYHwWJE;OEK_|46O|feTJGYJj28BpArE5*8Z0NKRMu&4(AD`?beAr`@JeqwL`|Og+2423 zwud4y2Q>JB?PO+{$Xpgj7=M71L?l8S8%}UmZeMnW{tJz9<#aR7TXZ3z)c`g7{l-_S8C3*s@5Z}-6g4s(a zUOFk#!fxaxQxKcC+_caK4k-}#aUFgDO>KG1`fY(WiB7u|YCUFNa*FqKxzl11q^Xcf z%KJ4}St(O$u~jBiHhOZdINxgY!Wyg2;B|6gk4}OGM4Zcp4n)M#8SP#%-Z*hbfwQ7N zvC~iDA_hdlu#tLDC%FRTL^c;4D9TSOO94DWCD;p)x5J^HEw)q(ye zzcXIcbvvg}MZqMFO#{xsKrlCM8`OHn+dLcH?~nwLwp{?n0Fi&P$E2hPw{zqSE*X*=51GEm{u)s3 zl&XJ;)#0|DCKCE}kHu~+Np^qZFo5k~r0hJcLL?gx$)0rgr&^!)>6BNBz*MhZ&MVJ( zqr?4bcens&78=3;xgDnG9>z*u7e5`RI7$|rC{p(HQVJb^k2rA+XAqL8MgE7vU#MMLoSScn18k(fHn zr{cfk*zlK1T{OgSua8Mc_SnO7wX1ac*(I>Z8S#%56q~pFUcNLHz?v7SlMz7aC`V3C z17pmf^0Hx{5DOtPv5qp}vo18JFRh6&1= z*XQtD7U74cw+>LY_dYUTRAMKMN-bb*7785ed*`AC-C`GaTc{z0{I zXG>F?#r!WN{Z=d&0iKC5LpJ~SKm2Y82rbE}$@|VNBHxCjnVFdx85mMg>&jybL&Cff zKM4akKGNf>sB%Vw-$uu7!2q-Vb@#C^?Qq+{DqUbvEShH6_2lg>&QzA;^!kvM-EzxW z{$RNO!&&P@D${C*rNS4}&zmJvDF+9Cr5xtNVnWvu7{@01^Bd_>=TE zQ)Wq*hcfk0n zJnrXe-J3K`DWOVU2NG`3)aSx2PruufB3vWyy;bXxuIJ~@CiA80C`dfTWud@2sCZKY zp#Gtn21Q1NN}&z}L5*?>{8X8xEr2Db3IOLou={6oXGW=k{#=NF@Blc(6(WoQ8SNMz zqcS`TrUh2AzSMgF)P0l|>yWC6>O2%6;l1MppAcr#&rVmBMbfNzigo`SWVEaLwt%4d zOu56A%ZqkbBsKAUhXZ@Mf_1s|&uBgst(%Yz3=#q^drjQkvhR)5h;xW4QJrU;p5ich zTP#LK1W^5AW;U*rS$?j+yd+;shX4h+O0X{xlI-E&Ki%fs;-MBmQ32c}Wtq9`#fT`2 zoqF&3@Y2VHa`oPqb3rZE(7j(V=3g+Zx5c6jnrzUGa=7hrqE^)^0;hx?;XPI zvc#-Maz%|>kN^s`L|+kR0~=Z@cxt08jbb_((F(j`kb~-{Uak)y<;h0&Qhr-P zKTJ{vaC)i}#ZoH09gUz1FEdFTqL%xkh76TwhrbvDM^t`(9d$HFE?o=0OAgQBOek?*7 zg2eREE??i#4h%6Jn=z2)B!k{+H5Zt$PmZ3hHtNzMW#ESlu(RAle}!vBTgLd^z=Thx zAI3eXXNIdIPuyoqCmx2>+5)S?mQ6?}wFuZT>OxjoboA|1x!^QL{6;{8kBGDbBvAYo zm$b%8~l zoiBS2f}0}VteF>sdgh(F*0JmQQg^Pd=YM-+^9zjSEH+hd56f~uLl%V7ygI)_G>enlC}7ZeGJ$Ha31wGD*>KcV(q9D+m(ze#3*o{`zdVa42ktCJ*z z10K%cgkDDwx&%P!Y*9Z_BypiolXVzwJ0Cowv6V4Xvxnea>u6y)96X4k^nPNcGaJOx zi-`toaZEJW(ZpMl6 zaKH-gP$>V>>zXQ%z-X@0S60rZd4qtNVCD#Tb9!OR2VaQ_wZ%+W z1>DL2Rbz+a$xey5XrY4i7^iUQ@{uuw3bfEiEoKJG{13pclFf$frL=_WcX{+7t9TMYvRZu~loV zXD8pva?G4}wKu|S*x+zg@M*qO$$qOxvav*Im4wv)cBdkxa;?d!+wS1UpX_Xw96>j* zWE@;pgSI?{(&=jb)_PK^_(Q-(&f3!2-s}{3job?zwod9hV{K>@!hV0+DC77fe9h&m zQW(j@z8QorVq&pl+*kw^jisoIh?Flw8&p?Ncl+AQla+%%Ths07@vFsjk3bE9Yl;Sc zwL7(rUm(=4DDgm}xHQ2N^?U6LgyhFL;0rs{S?t7MaH@><)~eE7F8Fj~rJI5D2j(Xx zEfrKLr#LFt9RNdsOi@qBPC<26U$ft(+?zoBBc{SY4Z(wcg^3Oi1%^*$EAgifTxrN< zj5_VIYWMdr{iM0=Y@Yb&zwF4N(4liz#pO5gpt0hV{y$bz>vg;9O^#bFN+T_f0?m#a zjp{E}N(~GAJ6BE4>m9yXOT=p}C0&wPT83+_C%@Yz9X2bGGwaa+Q&bmf9oT>6qc~68 zF)-7_c!&Hz0BBy}&={KSmt&Cx>XBO{)2S0!5|&02D7{wp zHUTxm=nc}0IZTZ-Gmz3b5oeR$S2=CeTvyM;WqE%MauhgUZyy`i)bDJWaLhS#UavU% zbw{|)J#qY}W-8klRB|k?lfh!!V0t^Gu zDXGy&MZWVjKVF`-Zdvhvo}kQ~8b;IM2`Q3-M?%O6A*)g}_#xpXE*=)i+w<}6^Jf}K zZ6HMq98xESFC3I3;O>2pqMc5r<)EyLBFrJ)mU9r33r^s7leLBR-NM?M706lwaNT~k z5|~3wXfxDGh_|ofR1J^lgNKi#_NW4X$t>^?=SNQSkQ*b{QUtlg&Av+U>i}4o@=<30 zE>5&XS`HxEjWFf$2^@s_09)F$EzOahjZ8yJLIrp2nq@U}pl)&p+?F?k0g3>*=A5}< z$<>WLBOv=BnYLJR!NUAEFKpU_(t>c4l9UjGiSVBt z#4!QqRMX-Zctmb3gtZ$1yIT1zLpt?m$4Hs*h~T1L_-qDo0TGG2O60Ln1YxtvOS;HG zp%p}bNZb-9N^tEHwnW9j%yG4M?n=30%C@n)1V&O%SukPkD+w0C0YD9|-q5?)=U6e*SQ-L!XG ztZPWX3t%f9d?L+sv6;;w7K1c{8Tu=WBAm)=Bn)V}`0DddPRn!so+GJYRg%nOSoSXu zHTI8asP)t#16x}|g(i3$tbWKK5hq5ac}aM6&x2TLj0k2st#7IU&u`GaxmO) z&(_o4f+{)$g~;oW!)J54x(4WJ5t7P^zfF6QVB*c();C`A|H?zCr3fgG&aoWKtIMTK zn8(-_2oO48a>ilq&I6b0k|Nh8Qqb2OoHLZzrq<$6xGhRj9`Gc)vC$+v_1t!=K_>5O z&%md=KUry~7Ze>Y^zbzu9dl3P zj^qX#zjx39V=D2Nee`xExAhih-q$)w&IXS1v!z1)o7Aa!j(Im%x95vx(NbGwJ#Rfb zZ#$2q)0VR}WCEcwIVa4!wbCsaFRdhp=9RZV93TkPX_-fmwp7l^>B0BjcC)}z+Da=t zHfMnp#z#0%O#Xxi3PfBd1&x;YeY5=r^xNI3v7{%U)-7$?_UMRirvInMnfL86x-7DV zg;hvlLdjI7`}thCoHEK)_j@zd-Q|?s98~>eRn>|yv=5qnV%FZ?<+XRv&a8^)M^%fK zJOYHnm9bNYSFUpALe|h&BG7Og&k2e@{g?F4GMF-@mGW{e7@)8ECGHHQV=AH_c(gVk8n~FlNn4lacvvf zg&>%p;2~dy4r3=G;J|&%=&@0#lhFC4Gdhba-!}JyWwh@7%nb~vz2Q^Y=n5>Zk$xCiJeH+= zX1l{G_;JEMLNr*GFoHzDF|i^>9)*x(107CIKq)B$OX8VVJ>((lS|-VHEC>JSn#sLt zQ0J&%s{6v@_zG?;CQR7X?_xQ0u|*JD!_4$%vD@TPtxxJc8}KK9c9>A<%J#nUx%@cd zX_#{*AmI-Oi#%IO!dfX*^P_x83ciIGr5wr2SRt}?gI+vV?JgZCXs2=Xv)^%fDbOoP zrmrq+RK!(oJKh!5td}{GP4NvHdF3vrW#z24yPx+%dh;mUNch4tmpvpb25E{^Z^92F zg{K=?1&W&@Ej85O3AV7?C#xeW2>>&Cd=zR``9Bi+eTjwqoUv&rf~Rb2yS!rh2*rrf zF)*2Iisi-e3{LRL^w!4Pr0~rLO$jM9QwQ>l&t{Z$!n$WoyBddoXoCIh>N6HY!H|nn z6!94|zI;xn+H`T`w3op?~n)db-W(*$_lM{>?4fyAqFfJ5kgq zSQi4mEB0%YB%y-e4aDZ6?A$e?8H*wv^0u%mM>Jd>aYHW?SB2BZv8VHkaQ_o_wF^z+ zEeF76{mZ3nPQ0r>jkCY{CA;1;T6mPgx}#izxq2lyJsf!fqG>GH3TXP7tiCg1!qQby z637MA$JdVvmRYcYnZ+GMhgM`VCAiig#q1>z%S+PtW9ZuMe?gy4;KZ*TU;9OVoi~K~ znA_r+MFU4U=5l>=qid^(&;wC`Z@MbpB9}ZLg2b`Xmm*Z5D#4%lm`(C~h8aRty=K=# zz79OMFi9(U#f}ihHdgL7>S4&LQ;0m?w0WD(gS`gyqq(86jpMtJG>m$=1cvdB0K%vC z$MBt5`KAPMB$ZvaSH(yIO$x}OY<%lSMJ^wrgJjx_FTuo6we z_%C9Y1)6RAmP27l=bFn4Z2c|}N&T9=-G1BBB3*3sP|s{@VE?XYw~)Z*)aXT%((2{R zFHMj7;Vt|d7@BmyKcDzNopf{DWl}RN*r~eD>a@1j!1v+prQwEJS|05E@|Bp%u>L70 zM@0Z~sF_O|;?~Ghv(CvpbD+YQ+DZg!^hY3+P__Ferc3+Hrr+nHn-@^w0DW};vsvV? z{yW-)NYzTPar=eZ1OrLREXWhQ3h?Gz5>;pNN?bSqKsUFp@_FBYpLu_q^AJ&?5ht&( zr|gphIez1_Ech);M?fFr-TS&T($nqj?zl*?xP#18wfMraGO<407C%eAK95}%N2fK@ zTf~-mP|VUje|HQ!eO^U<9#=7g?ox;veFlTSc28u2+*iM=uWgLAwBTb{jge~`Z}?gD zzVGjqFbt~j$>nqt>R+iaPW%hz8Pr&B_tSb<6oH5B8oPC{4EBiH>bM zSUTi@`FH675+>I3GMvPlsnjc6{eksM{g^ zRu$AuM_{oHn#uwI_*eiGARzcvjl=^#gsRwmvoyW1q0NEo@y*>f5iMpJO!YItl>-y9 z-@|-Wu78IA$s%re*XGepno8#LjU{E=+3zm7`DDGOk(U^ZOCS&dz*p~5^_}YF?Ss#N z-Qp=^Zw+Wif%+fi;{%9Gx5r+@FEHkL-}tuWJ10j={Qa_@4GrPsTrznwix>45bWY7tiOY)PaSvhO|oZN7yKw)oVDA;PLb1442M1_W$@dY`DyUHzypZ)@)I9XIntBxv8G3_{IN>%9pzHS!b<#=jBke)?d{0*8dAzO zB(rN)j@NUB6xD6ba2Fzo>F;dIV8A=1jlIGz+B3{tZ=Vi^&qhM`eOAJZTm=sMT!C=a7)qIRBMIX2HR3E21@i{YV%6Fb>3#1}t zR4=l$W0g`>2?ZF8KH*~cg|$A&YV+!Ex=KAcji6pq=I5<&1=1IjVakhI@BMD>xUSCK zga@tYcZaJVQwQzL9N%u(FMcLTL`dsEjsmi9Ot|qZY@V@lctKabAIqkyB{TEIa!EJJ z0#$iMm!h@bT|VsRrG2$8bL$yNzPsHc*82Y3Rq6e>-}9cZ@%VvI;wN>qPw64VJ*Le^+rZ1z!;(foKcu0dA`!iegeq`#nl1p=q+vauQ!pVo6 zd)GD>A8+nkt`>8HbJxde*16C7QQAnZ?>IcM{y`BMhOXKj7-Z83T~=kR3(ub~c~L-G zIp8xgF2i3WRpCLipEF46|N3PtkvbR#dCm3$%C&9vkWiS#xW_=`-mKBMyn?kTzl(_u zlAf7)c&z%C^+#j?BG$S13U$C+lu$v^3VUS^u=;?S3LdAdMocw)g6=_dV2dcsgFfS5x-6Bz^+q zdEgEv(6y<`rh|`EQd|u6O1~qkdfyAJO^Z+;i=ok;FST$nP=@-T08hutsG@GnZ?i!Y zV)xgt!A(D$+5mUfIutTDJIoC9{8(@yWCS_%6b#(7^d*{+_oFey6 zXZ)pNtfpC5WYe#AHE-fO#{ZaDi|aMk(a<}Ofho9F))_jCtZ-gMhK_o;SU=juygx~* z78zxhU5RtNRNjP(Ic){^Q%0Gra|az9_+IwIN)-$_ZUM}vz-?fEk#Db@@6cgUf~x}P zY@35X)$k9vxPFGJdAe4=cVKZiTGe9z9sM5n}J+%~s@aQ7HKp0WhTYmjqm`~*2q~LTs|1GEVqi_7G z%wcx+fOz{KRdEyCiH)GWjyv7Nua3xU7{kDDpp<>jvZ>%SIDCehl)zRj8%q-ZHh861|t6bYCm3GT;B zt~>&FVxxZ+he>Bv`C}tqbAc?cw5`n(m<{Mae6GUrKR0nv^sV&&h^(*GZ486FoRvgX zn(x)NmeY_iv{Fq4_pv)(D4)vYMuZ90Z*e$UuH6!OUdNXTHaLS;-wHJ~sWT+I09(!l z+u|=VzX1Uc;cFd>l5Pk3ozYK@=THw!-haAH^J{(fMMDS$G=?7lP3Zl^ z_#+5hO%3y;5}pWUMNIk~!Xqwt5*MmX>>~t9u?JuqINn}3Ebc#bFtL3`Y}RRW*_kU= z7#lp^SyZDY*zf3Gstyz%RQ(3QZpro~j%Wn0i+0`d=xg;OwkZO5$6eKnr%U#$4$^^T) zNR=IjZCnz*+0-sP?`#TY&8&v6Tdwrub&jLy6?v{`%(vemo?3_*RSk z;0SoZWq1lh8MS(0y@Y&_D_Xp0gf@Eih! zOn$X0Z@LwgUEs2h95RM=h6au^R)uNu=4bVHUnIp8jwI0tyi)*0Q&YZ6g0A76zp!u}K{au% zuA@e6WUNCyw4h=jeVnzRkn|owTSrKHGLvC1%Mn7Lj`u*Lkm{U7qn-4)pZJX?&EmW3 z*a&S}7h`+K27M7xI>ztZZ}*@0MKZoNLoF@`JI3XWm>l*^F2n}7mj58=0^T{sH=1Z0 zBr2kPf{U@o#163mGkA8wK)WIdCh|-u4{548=h|#PVUwq=9HvNVNq6yCjAY(rpbyk-(ij$qZsbt&RJD;?I!Ak)23L9=r=z z#M^l)=$s$Bbq~9}J6ObVRphsTNo;zR!8a4A>brSOR7k5%RYZDI=u7Mv zFJZA7^*kR4D%<5^C_RLz7fQV{=~4e$tr&jr>Cp|sJl$~g-rN*gYWIE~%8kuZDeeP?OAJv86Slb!jw zElsJFAXi>9g49H+*JJB3kk`}JF^${&VbjDhW;q_t>4SHh*hHR9Zqst(9Lm#2d~&m< zW?cbIG#~jU@dOj+*CI?OJi#Sz-zN3vEzwN?+O(u5yrFoPmGxAV@?GN(V7T^nuN<7G z(K()1sF0QU+VIG&nOc?Sf%s?T&DhhvE!1=x>5iIAu8%!YvG*M%!D2hX;=oRfl6zt4 zPueSyVhoh;Pm>{i{Hv!|rOa0Q)VK4Cd*`FL67K@=JIhj6fkMiRL}9pT;WkQ`6ku0< zi2eIX0AtE$>Xb@cVuVJso%<%R;q&5Wb?@nBg0rwkCX&j9Bfg z_Uc5t!dzox#fNaH^C=*K;w$)ogKeKO+Pb~N&Q;MBa<&z(2=2&2(7m3pwG*dZFJ7WH6YQ2=@YIgwCAdQb^#_+P|vy}A3{gffOAtoq|g13x9j{8 zm4%U?3c41m#xFl^PElPT{2?`v!O!0<*xLQF&tgl08u{hrb|?D}yxii2hs$|C@l}Xy z+ei-aur_ZWoOeQOcILx5tkJ(K5lke(dYyt`py6{@>a{jsp~&*Z8RJ~Z&p9AB$^4LM zBE*U}&%TL@RFvSM3gs3ilCJyaHg!4TsMKdJiinrm<`QoA;9hN`Yh8@4C8PcuU^ z5O!kgbc!uQoF~JKRF7(>P<0iPB}jC7X;$C)r+5LP8^j9uq18RDbSbedEqJOf=t!g% z=fKLLYJXPfU`qNKn~%#=$AX$;b7-Qxq4%DmSN%-Fm4EL!j-tX4qj^YBZs&Ab=&}XY z!q1^r&mUsj0Q76dhdtXZ7j5!wlkcq=Wz8gf;K+Z^5fU=E8}^Q-52EO9=C)kRLqYHr z!|_-;jjC($o1Tb=GklvkO(S?rkj5_MJ=8MIc_Xa*+>kZfPVlPLCduCadcpcMI>BaW_ z#g99l6?a4ero7HqY%-od@g!~6f%lM5I=Hl9i46@f2$~bWz=Li+ggeU8scR8x5_99WCOsJvW>4N3R{l_bF2NU55EvQgHzY&$9M6|vdqec z%4G)cL%6p?$KXC{_MO0Mv-@-3?(c}WcQ*PTH|!;%*7Xo1cU6WyL)zJ2-1Ls0nCUle zp;c_aDgNMQh2U1GAmfqo=Be)LH-de*9SLmbop&|?)}?)bR7DKD55cE^9LI>9srhA- zaETs;E(Ez{VfRi8aUK)KGd>ML0<&DI)_hddF&dQGDZ#!@Obo?@cMd*AXMemAliHA* z15jpNC5kZQzZIMV8R>9l(%DbcwgaWp4gUE<8U|(^+V1En@%z{vOB6IEK&1x)LuJk| zh6E?%GRmUAS-C$r*vQSUU0%wCeKRJwqxEtqNGoT&33`UL^X~!pyhx6qfZR%PDxJA7HHLd3%?Tf zo5WWFf8U3|PXAJF$?AH;>}E3zeH(C$EhwPixJRL&^lD#2IPfU#$K_3oSnC&DgbDtY z=ZE;)1T{R#3ArH{FC=b;6^8CoC*^8U5UGmo7ok7u$(<=q;tE zMY;jT2W(dbWM?0#_pQ61BpRx-xn-v7zki4KN+2dhC62x$kTEx>)}F%fk_iRKt_`{Y z7Vt4CvGU@=FBWYxJ^oK>yAs5buZF*%ko<^E+!IeNX|i#sj6JJvG?06@;w)Tus9eq| zKkxn#=RRv7j_`!|)0cpMO3=2X7?cv(r);bRBM1lYVJ|sD@xOcDjf8%0lDH__-Jr??xXPxlY-V{1UvFuj9RaVaXykN;qVo z7~nVo0a01-v#iB<=x4{-7%|kMPs%3(P`KMY9iMh`AHOd=XxT(XIw;3>6P)M2PtR;! zFa^i(@UVvw2boudJ-Ue(EC4>)UzdLQ-UbSS??Lu}(($yj^{VW-PuD->9bSzv4s42% zqL2t^|3qeFh5BjWt!+8_d^w;q|G!@>tE+pI9~U2ek(dU-~RUeCg)aMcIB*L3PD;eU6L zFMsnx=@z9JU)h z0n}9=z+81=V&VYv_Z1t|%Jy>Tj~_pV0k;;wj`?h@`EsW&Ow;<`F7m%sC(}>U!KhtB zRd;v~klR({9_z15}?;5ytn_qzi(1^ zC=qe~1Dg@>I{H}2JqLO|R=7v^Zo)gtz64pQfxMmw>f_(HdcJ!#w8wY965~E@(=I7= z=d-2-k)Jth>;eS#4(ud>2ifso@*Y5<)jl#du z;2Jbj(Hdy}`%cVu(M&LKSxo%zTh<6M5wXoqPPwguihrkqqJ6u9x;?&Y>3{b&&nVyz zvtE-8;PC}~l7^nZP+kFXNHnpa)+SoZzFFDU3|T$|O-^c}nvs^4j=@}krv04)r(P+x zfJ|XZN{an*_1SDO<^X+pdB;W#e7R|F=9%=}%ud<2k0HvAai}LB=EPT|xwbER`^EU= z-Atg<(^EjNBY*~{Dhof*JCG~Ru`-1&8a!5tYHJNCWjI%p_T2ztEUVK_yc(irS@(o- zdk)nA;;ME}02Xhn%V-d`8DU}BFAeH%FQ@MXm_cKW-~+RCG4xs>Gm z3cYVS&=Yn%DKnD*0h%7YH~p_at273LfvPGQbpsd!0|N(FTS|;6aO^roJmM>g_{s_r zk{u`VK&`;11t{>BY3B9Z6GAxr_Xy15(FGln_3cw{r@3-q(D&;P?$i-K1&6(&u<2>l z=nwoQi^fXP!@QZnAz5A*+)55;Mm0OB4d4bg18EA8>y zoSWCDrzOWvQ+my3OWoRhnR-O`wRBNTD+C5=czU0)nC_v!uPQyCi_*m>>gnjD=jM`z z8cI>Xm(vbG0#GmLZrS)>7BN6YC;*fg7l2UY?g=Y+6&R0vSj{1|p?%zsvSlA^f+W{&$`VBWG@E`fep@R_L;8!{6oD^jX(-0r@o` zM?r_1VuyR^CD_6&hC+Sez#tp4EleHbor#Ac%@PX>3rj7iV57S$n@U}wI+#WPP#!i0 z9ERg1!wdn-9KeA3<#8{L*LfP#EeFyDjDwT&cT!fC8(@%QWobDEYgR4r|Gx&{hhSrT z0izpRVJ_7~;^-YBDa}Ay`sP3lFDkNLAV27@ zx)Utr&bLEV5rMa^$UqU}D-ii{RE0%PFXHVjGb4Q9%kD0AelE}Ph}`+_mCP`-pTF1X zs6Pce`u5960lvdRIfONz(H(@?uYj=y_@Y8mddzI@r1yYT$HM65r?)@70a5+4m|!_r z3yRX-tgNi|jeb`r$fu-dz)Jym;W09PvbMH1{p8yL77nAKeY^X%@&P^Pd(XZ3MyFX8 z35h_UE;fz#2Gs!YlR-@2(H2l-!pC7BR#sr$pMCip!FG_JfQ$;S_8eU@L>pn(14%qL z-oUGKZS)pnNZT&$5!wEE)InnTRv0V>d{>4NR%|GT3iV^E;~b`gPRj(6-ka+|X`(|v9C%HPMjcCbFb!D*ll;)wAUgSD?mG4}9U z7#^O3gJWW1qG>SCKB^f|$`TghvW2g2#hExdnrmumKtK>V`A@>GoP`R5FG(P{e1x@H z6bRDuM;b7~rNw+NDEaL0c-+>(JFo6K6_Iui#E!ZVEoKrZPl$=P0pIPU5eT+{^P!2? zqV?pr(x*$6Z<+xEB+shv8XHs!l~lH1a_2>8m&2?wg+n3Mh0c%Pw;xkddV=mRJW}Bq zD}=k-Vj^dqP$lh}Fwrrw|1InQ%DIa!i>RsY(4V=jj&AkAxvErOTa(;r zsy8zydl$3lwO@w)%*i9gfG!C>D@AwGNADo#K zs61!NA+Qh6a|J91-bvhU;0gkC8%QNF=dmOE8g>D*%h$K<^LLTWD0)->bI9xSlkHK? z)-CARm@1z_FMjevr1=Q0Heg3htO57k2cac!%>+i1s90nRV4VS3jNj!{BtRK|an=U_ zna((v7~&@4M0y{)3X$_s=WCF)jb>b3ea~&Z2V*w2&{m35s`L_z#>Fc0D|iuYLfO}x z5m>wgnj(o}D(F7UNObiIp&L#h0s`bFyqkE&_ml}0Eup%!RKF`gY_(?TpV|i6Frt}U zIKm3~!c{k+`EQPC8B5$^{L6>u^7KSEe)j_G8G@f(pu4}XIyxI>bcX6?S@5;AwL#o~ z`V84zU=}*n6FxR}=I}(VILSdZD!nRWbPFp%@c0{%+V*muI+O#yJ_ zEiJPCOujuKU~laT2C(+x@3De2-Q^sJ(C@264%_b3o7cRSodFa+K5ReT=IQ7wr8F2v z^=0}?Du;=#hQ?&E3aQ066qHza7@Cf*ZUC^I2PE=Gz#I*zgNA)WQ;i64YJ6vf<9gn& zy;NKsy{MDAO~}m!E_X<`M}R>Gj2yg$q%JBLlZm39G43st>pGE&F$FJ<2;vVZrc`oA z1zF)Gje!}`k&J=C`x*C2Qi{p`zuTDZZaBUz`bqJ4LB`F!)b~^D<7-o-!_o3ug^6c& zd}5Ri#77q{D-GJG#&Z6UD3a&WblO^44`N4j!p?;zXCooXU_LNY`<%mjGby70j!A-G z;4Tj~$9RsIQCAs3c!hN6+n5+&z|F+Wj-8raj?SgAmVzwo{Y%vU`V6psKa`XZMiad3 z&5G{Mv=Wq37o7a~X5Pg_F|Ox z`&qTSyE_h`QmS#4@%+;rb1gh8eGDHViGb!-KEGV;W0UI?sGx4}#ZJykD4D9l?h!h5 z^1-t@|AC;?pNS(F)$@IU%Ay?_Ui3#vcH=Tr2{UixH`3)?eICx zD9}d?y$&Is1!HC-*N^7_x$gwBsE3UX=F;Aab=GVq`Kre7(7N3-ac!6(#Qdgi(f3TWeTx(M)p_I6aSYmUm!*c`Ikt~c zFECETWs%Ql$%$K(1ciQ9`>*5+>?#E1Cu^S1 zRh6`uJNg>D9Ch;33xnmCwR^Y|>U;5|XOu9xjV@jNynVSTyUQdBDW52Ml3$*8T)YWciFF zm$~g}D1Hj;Q9cjW;t7if9?)Y$L;I8Yg}x&CfxkIxpE%5Uk*p|WyjzLsh zisY0;B{yX>`7;~)=wJeAvFKa0pF=8KPs!;-(LJK^X&WZ0i==~?@Zet+6&I6`kl5JT zYSSgs;WvfF2TNj5L_N#LCYq+A8kvU!4LyDx;Gpn3&SBk!^#b>Gq&CC)2FQtSAj%uI zv)?eEorz4;=#A8?*p#Q~U*Qo^YL38&eaLlfaSfc{p7SQ&dzH=7K?cR2MNh{-$L9?$ zzh-Vd$U6SO;1XBt3@_^lxUoC~H8DfLIU_gs51@U30GB@w(?!F;p(1eExw+OZjonB9 zkb|06ePPct1%Rt#$B%-yHC`9{i}B*uKfoa&cm?x()nqrd32x)^%MZHS(YzgC0|LAv zYcQ#Owh}?V>999f37#zAbKBaR8XNn4ixuQBY$yc*R3H_CL|C)8s`X;Yk(9$2GB|__s%~Dai%?u~Az*-S-|4c__RvoN+mDtls0vWo4z>0Sn6D=Fd_*3|NM%(Q5MmVtjzCR57QyA^{Q4}(UmVLh?*wv%?;HMA9>!Un< z-?41Lp|_w)d?5j5oq&j4CO*#dAl7*>EXW*t?c%~AOnwi%T6&M(BV)Xm#kwDqxbK1Y z9OE9WfdhPv9?y8fX!rp&DI^`Dc885i!hgHEU@J>^sss(Z3mSSX;ftnc`LvKO=kp6 zK8f?N=w)jL>b+BAXq|P<3?oOtm`!_i?^@}mOuw?0X%nz%DW;l|{i>v}GVr(~DSR6E} zz+M0t?%=6Vh&NgEp~&~R%hh{)tC_HVH`)KEv%*;=stb`=hrMjSL$#w z+-BSLnlAu7deo-Y_viMzg!Tv3)}vm`c;Q{9^drDT*cP)QdH|k!K|hgAD+*Q`Xpp;Z zRt`Bno@p7g$Vej2kY2ogFgX&~7;8BOWyrj%3oQ5q^$+I2)?>@!6PL$rXpInI_QQg3 z4ZJa8;!{gnQ|s$1l#eZVrj1w~VXvZ~iakPGi#HE;;grgk56^*__U40&YSU-7-v`U2 z+&3S8fV~n|E4lLrkk)#NxdXtaE0s0}-P#yUsKZ*Pm}#%&ySLl5ua7tX+;si1WO+vX zUb%t%Z*-N6Yz7&iQb-xH=9PwgkA=j(Zd%LU{t!t?$UZpDLYx)h1?xg7gpS>J0 zU&0TBODHo&)d5Qe2QV2r6?9XJqOgu2BS~T^CH-ngV(cfA42U|G*el8(3#IK~t`I_d zm1w)99|`Y<6!Vkai0>t-^UN@U&*-*~@yHQFg+ureE5k$L9tr*e2aj3pi%-BCeYHgW zaSLVt0|_ov3Lfpd$YBR!VJ5$$ZoAikxzHcrZ3{}dyb$gdh9R;?DAgV4QX?J}V#hJ; zechEmWPTH^g&9xr%zX=Z?&Ac8Mwobv^Q%kT@geO4DM45V*p2FIfq(AI_^E+|9f%;3 zhHb6LDT8eoaGCC*%}1S%QI;tYcn@@cUH8|HWYvDll+CZadyq-79tpfF{06SkAhPBW zh@P@VW4H(-R1?}x*2WRPG~YM?uD|o-wps9~HpU*`C+@(%uc1Pm5ife8nB@a(@qtE} zs24p_;`dh%+N#T7O>hf%fTHHj0`HDC`d*5El&nmYf;MsK`yt?ukB^5dKK2;ncC&n< zXc`@Q3{0o7`9yyfCD9BVX$iBlvB`c0p1kgpQm9htZ_ana$tkG}3=H&4eHaNNq2O>w zbr^s41!$~M-k#jw-84JQVsLl6!SRlAkxvB!+A|Qq*XWS7pS6Rw??LD{D}4y=cvfmZ z{XyObI9^11fuS|wI|}a6uK#+O#{2*z{qg9J%Y#(e%D|#KS`mc8fCs^sQ z8@J$@rX?kXVqNF^fkc(UcJL`u={^9%(tRNRDk~=^<m^R~8*fzrmT*jcpS73@rV- zLvXl;h`j=?aVI@Txl`S0`j4yhL6T=y2k@6@fbN`ZI8*jck`W~nNVfw3PBaMXegk9H z>B|Rf9YXGrR_mf^Q4lv1k_{4g$i!uVWBrG`MXdUk7Bb!sKv3J2-edLP8HQ&P#S}20 zX2+ggknkjZFy$E)NaD#NN!wfizljSkTukq@3{;o^8_ktj0fj)*B4>DA=Sj^1ZoIrIS0jaU|1mxOsm0Cy#t2D zr4rarb{M#%5xoxyL1-a=hqKcs zjm)K=UNpIKSI{{7<&$Et_bzrG8q zG8++Q&WA=9)I4lDZ-AbGz&I=Lj5QRJwWAW?4!C@rsW1I~(cJ}bR7c2k8Kj}wnB7DvSy$`qlcR+ zroBzY;!%vTsrt$jZB>Jco0J&c&4u4xt1fmv1Db%27oRXh-;p7l(Y+98K?V~tDRjaQ zc#K~Qq@LhszUM#Tq1!4G+qnGJy!BlI)E#j1Ctx(p{Ts>x1J;95Z=gXazH|}VI=v~7 zePwzs9+4|VcmZ2Ypo_u`r{Ar1j$VjbrfWpDC8$?!c-lib$q$L*wC9oyq__CVvw&#v zInOE!FPI8GS*982KYjOW2c?fdXI1Fhd4;kgL)-8@1e4>^AL}8KXHn<@aRjG4z$PNM zK#Kxc_SgvKQqrmBP=UvVsT^A)mG8ohkcukZo(eGOl@S}FjdyOR8vXdK9(YY?0z4K8 zw`;^*^8L;c!3^) z>@yx*>T+S9ni$cZV`}z`tpjQE<@hg7J{a)Lcxv`?9xWUWxI*i2W9C{D5`S)iNtx_O zE5cSWyB>qR9J=1C7oE(_lZpgj1ge4q*v6yope*7|*^Fnr zL{64W5cb?X0}>g4B54AMwFFPPCE)HF3MEj)XK?!zLwte_QIy^Q{Q`5O?DqDyrV6J+ zt4Ix4#~L{G1jI?MpgwO??Tn3$0pyJw1qU|`SK3t}?=j*J zOy4Wev5^uJTie>YE;T5LFRD-{NJWf+=7-A&?P-uGC#ViKXl^?XD2D|Q!xfW^L*XYn zR=z&Tf~L6}L9rSLB|ybUta^#Ljz_5Bs4|_f^YsNUPXEDWF6#i`&ykRl%It&e2oaF6 zhc)nhnuLo!^sFZGS#(SW)MTkg!x0%Sg0#l=e_rMnc z@YZRikLdJCC=Y>=Oc8oA8HK3N$rd>3Zvi+TiPmGeA)WN(c?h|*F36@~IaDa1_LNk?V?y1-baB0&JQ%1ZuSEYI0axYXN6m6TR-hhL~E)vYA3;-7Et-) zkoMnsK?Np9!98jSssto6MM_Cu)I>n)0|%Zt(~pO?uXLRs#FX@53qByVZknYlpt%Gd zN7n!aA$Io!_aGVf32>*WpAg;yTFD2ONMN!Sm|vn0PyJ(Tc=#DOHgbX0f2K>@&#Lxc zAto|0rNjfs(F7-{`GE?gses>oy91t62MB}Zw)ruc4~`O!Y*Wu!$XNjRsHc!3E2$^CII~s9*Nub6o+YNjA9kKXmBe^tl}4{mkXHV8TQs4E%%u zG}e8f4Ng^Hk_kYOY+VppM$T)4_2R+9GH(QQ^yM7}EDp$Dm-g|$eL{!(?3Ut=QEcoY zhxpJrx$P6Giv|{0NsBoCdI;M0A7rvR6>CyaAVZ^9If}@Jv{*~_N%~^!A_buJb{CU49>_A98n1A z@ZY2*tSa=XP56oV{wq>UHrrript9iC zy%%2l8Xz8|aW|pr!$P!OWJsfQT_4H9ok*%CxtOqh_&it{>(GZ;r}Rs-R7_o*B}*ss z(6fEL_3YvshXL^y`7$(HmLX5nOK1!>C+f9=Br^?8!bk0 z*3wdBHF`2f&vVXa_$ndTFPl%&OGf{ANg)}n^9<8jk(fL!ee1x;2iIVTA)Kz8IO-kI z(ur0`2h6y%Y=JXH%aO{oy0W5lz3e|MS}|BW~-vF|G^Fj1$hyK z>y<{QS5N7JlZkc8;8db#uvyUFM!)e#-{dl)v0#sqFETu@!u(n)C;2H?dvL|tA&ppej*Sots5=5wAd@CsfQRzwtl~b2cY2+>LL3-VODVuKc~bi2i4qa$7Gn6ylLFK&hC3OV_bx;+z)!VD~EI6Z93cj~NCfjYE`3~uxyaYb$ z1Xcg{3&^YE(E`q3mB~?X38LZdnExZgEYwSO%(x*?#u}PAJDAs`(Nbchq$KO2$h051 z1|bU+FEYw9=4b?)I1c0NQr%65|44(aFxT98lFVhp&9l(Bv5;y&iz;C(oj#QC9~A3I zcJ0#tsZ%|x@SDXbgywtMVt~MiD_+f6&_y)Tw&od>i&pVQ&ce&Nd^Um#VH8sYTDf?g z{ZWy&=9f2D#YFidbKC!YmM9|R5pa+8$D;yyodtu^t+dBixF9|LU2iPC3)3R@{uz3b z?Yr1hw0Ga@)~-ZE4WUHqtnn;Albbml&}F=PS~v?;Sxv!1+aoG-sC(KY z7wXN9=}B(+FVUvPaU+&sd+t$xpOPW|ff5hb0&>mT`MG=n7^!?6%Mla7A}nHHeza&B zh^VTNip;I;=i7H#pvl<}6)U;_@P%M8xaN&UalllKjnT0A+;-|!0=r=p$` z97hzg$SF>4EQr8FxXRQR%hZVXs+3>$P86+OV!sik&9Si3Jf%3ramz+?BQDg?Obat=$A|aA$>;9)WPT_) z>%Jm}=JvAxbgMn7={iGU_JhWaG`D4i|~o9rp1eX>`T`mXWp%zNg4rcVoRrCwQ~)r1cmk%WFkgp7Lrrs=-2IQ-cx)+|0L zw*TD1Om>!3+u(`7hcrOLiwaYmt|s-ZTCL#tMiHxP1E~nu3vBi}R^TnvlsE{}Kfr@w zJILOK3EL(J>+yTq#QamPFJ9nL9rz)zF;f$GzvM?+FrUwJ5VJ#|T$x3BZPYJvveV_N zXit8D)IpsqsD-Z?Xbmgx*ljOvl9(Ztcp6S&5-SGl!pD(iy~FB#G>qZmd-D_3$fux; zIzBgI+9^`sS%W@HA*;JpyvzflZTn&9@3YOE6J=^@g1(!;N$za^ThL`UX1Bj*MMu&m z*LOUMJ|Jbp(WykeW1l42H$*Tdh;u>n#n75*W-gq0JZn}~QEPcweH~M|mAAb04O4dJ zF>C#}$8G)-arM-}$CEd0+%DX9T$}3l-(?xHoO#v%TVGLeUZU`E|g7|qK6D_fdLSf9K8-%GS2@19Iu#3Ib4#z=(uv_@4>b}|oVlmWEsi>IB@n=XN z)G3;V{>qS+LONeVSve+|Y#%u)g8tezfe7A4jBAh$_f2@eWjmpH_cTTXy+tl3*_Xkt z#@)GdesoCX#nL1m_DF}mbR0Var_IkbNuCA%D2d`n_2U1I^ef=yjx1EJKA=-0zUKABTRmq68)F0&g$s>Wh%8T#~ zTC(wpr3vrvLL_`*G;HyW48<&gU+E!|(2; znZ%Y$-EkzQJda`;cv@@rDE*b+iKcDSN2{|&d}?kx%FR@b!nu-v540SdfYi$3JM0%1?9*)luoZf}UK*D9G(&hAF)4%3KTDpY@8YKNx2j?EYH!aQZ;;CL9# z0wT#UB5VmBBM~cH+Nx#e`*#VT3NBQLZz{LML%9KdF`@vu-NZLkB5muGSAEa34Irr1 zHcyzRYmFY<#fP$0j)*5Kv-v|-u}a4iR`T=Ks5dwY<{7(}w*ay)u^VMdDr&mC523QIm?J z2OJq(u`6OSg4Nh+U9hm41g-7{&57s2+J^S+bZTGzdx(HafCjGJ8;T4BaS_rzZvEe} z!~Hg56kGTRIOyeMtb0bF8a05BK_ET9O~us0vE>Ei`T#FF19_WdSSa5XIRTvp+|%yC zrEz3r1n=nP?(f@jD})MhJRc`nTg3)k#=!iBm4idA^h>mfx)2uDF2UBkqlJdm_-!L%NXWeYBI{2K2wclcmMhZ}!c4x0?yj3`m)3S5@>@jn#XZh*(# zf@@iIN+r2hH(OUggS*k<%(hW)N+M>wOQ+eJz^=LA)k?$_qZ^UN3;)y8CG(m(h?>0o z_Rih)E6mpgTuvfhy2_M6g3_E4H~YLN4;OXt{4;@9B0x{CNMOjABpp{fnPAP{gNrIy z5f{0CZf$`~5}5Hl*ni^(0CY~bLjNJnwHjPs0K!^YUQzLoNokLq2=WedZ_a?Qyz4gn z$%EHExE((*&yte9w0hWHhY)~pItOs043?C9v}phkdJq5+|7?d0?FtO^SEtkY>9Z~Y#_ui%It+`X?q-F8Quk|?()*oQW_vBe^SMxpk$*wXX@a7}+x25=db4{Zg%!*n z{H-`ZTvA3-uw`E%*GZxRb^dQ)_KuuAX`Z3&2(YVC^61hiuH+0YlXZtpWzS%k64dJ7 zt_QSyd8u9BqNCF(Q2mo!fj@g=15th7t5>jP#j zR%9PBF){dmerp1c7_9Jx275wAFif*s?YNR7HJJfJR1j8t0cQH(n%mmi3U~uV7I33f zJXVS?Umk;Dh)h1-Z4(5h`@q@Qo{`qD?`;H_Il!wUMEj~vPfqeWN7Fc60ZuE8AZj^) zRUv%XaSD(V0lUdOaOON7U*H94<$!jjJQ=td{S@c1IAv`Z#ediEhZkPzd||ykoPg(M zz)S{wiiWNpH-6y$ zy(8>6$A-pB*$$u-^q+eVAl4YT_d`s4KZ4m{Hi(TxvHd`=tbw*wID^jrzmo{O+Rw2= z3)hwiB|6uAeQUk?j=+_qY$ge^GhB6Kg<8m*vLPv?H6Q=HS8na~x7b8_1!{mY>KVWM zv`}kVqWT`;b46+C(8x$g50o@VDFQYg0EnIT50hQ6K<2AVj7&|zSortMjLw!E*}@gz zqV<-7>B)ES2x!sao2;{fB5&>jY)>_qkP0J8E#rws-gHUV7yn0#dT3tEe=CTg)o7?! zC6+!VJJ*%h!I1aMj}oK|7QXJaaOEqy7i|%K4(WH$`_vZ$#S-=f(0WS#(Q#h+U@%Oe6s;J~B4uG+&jixD>QElB-bY zc6qb`CNf4XZWa$<NZLR$u7csR~3aYe#VAbL~MyoDe@7V$oBm>r!QHfZPb5p z+g=R50oEoZ_lth>SnxkT0s&ILZ|;I6*Q4m;(#8F+0bHa3utWN77 zLhW0;4wk@&+!tJoM-xPib_!NM02@)9U6z{;g5VLsp*YnQ7${V^cW2bP;@Wlh!x5xs zzCs%PghEk}%E86Y$r--{m|b^(`8R|~EXY+#Tu~_|NWOp1rET-~W<7$1v7(jpGtb1r z!Q#bWFx(t6)-o&~P(@pK$Z#S;dK41^Td`SrD6yn)5vQVdWjk>Ur$$?Fu>evmWn5oh zUj{*-RtLu_s8T505$FJ^y$2g>0uw~Xfq#|Lpsom%EW9PaO8f)n*2z13!6DK?zd>#_ zaO<$Hlz2Jz$~Nyqj+Mpr)F!L-0niF$3ccI};Gdw) zSUQ-UgT0v*V2>s^02N$){S72TCp2dqG=IRxf`-mEDLe(4oK?gB9Y!_HGSbwxNIH&M zrC$!=STSJmnpkp$u%^_&u2ORkCP9MpazTHwM7tT%SYP@fxxP-j7LzXx9}>rJejgIx zUBH&g?kmKp>_Eo=*1WUu?(ZA0t>0&6W`Y6(=tjV^Tx$VjyLbBEfU#Z&IGd6M9p@gf zu^M9sqXxTRxUp2}epz*0U0qO*ExI%uF%q4?Eb;k1u1=qOD@*2!JNLINErPw1mOROM zTL9}nn6G~PHT?vzW{8N0@-Bepzp}J62=Pnec(5}Br5(3mHV{=m!RkZ$%O?%TU5HNR zHH8-cwv#>8lqo3*?bmX$!9lr>+4l*v_l2efRVRv8Cw1(9sN1cSd~7k!AOAt|*Syx% znS6}>L4g%_f9lnrvlP-SQMN(Sh`Vdgm}Zx!kkoPZi8wFmM6*!d z1aN!sJf{$gqI+DBcVIO&3D2^{-ZXt=fsV}p2hR6qS53UU`QU5YpLOi3Q2%?Yg_`k3 z#l^%ZS7Zv)iLl2DBEfVwVi)kKH`DY`9Uq4CHE_d(*HdI9(&%gSo#o>jp&g_ zS8!nXb6bA;%Fo|Wy0=vmI<2p0x`upX2r$wL+zC~$4o8bss zzxN84^3Rzh4MYSpdnZujKqap}vVctlGgPGmW)(Pu!3?YxROpxA27sO9F`&9OLrN@$ zj$F`AacX*2gD(q*|IcSdaf{<-g3k3qd14P+;gVDJk~r>C8(c4IrDMKo!4PsmT45^cks-$!8h4{!zpb-WxH8KxslANfp zk_1c}|9?=C+YG4=00`c>JFg_>bJq||cH1w4&cA5a zUq6dbPhCF^ZzC{=7gaCKaT8~?mqg{KZ@8}T_`u2c$afdek`dw>4S$;Zh?gv?|?(+yDOI?_NmC{c5WbB{uBK z$Kx`N(rUkt>pIlAy9j!OdgYkL&yCA;Tegx)UOSluzZPtLYP>hqD|-^0YGCc zk=xt=CU~)|M?(w6eE0)Equ})vt)Je9-L5F8zUdg@*lli(B>`_3Ija#H4~VFm(j*BM zoE?c^Up~{2OFP!sN{Q1Og4eUMFHvzcBtnzlrxeS2GoyP24)6yc>XJsS<1EY&-`Tn&~nA6z(O+emM8M=pC!tI$hN^&BA1Toi^_%J7amr zW-R?WsgsK(b^fb}x!>@c66d;|ILGI14vGue9ziot=4~|0W`sjMbH!^`o|Yc(EY63O zzKs~*Lml?Aqcq0&_C}p!y&Rb%_!5z}H3-(Edv}abb?0b?d^~;tqiGE&bI0gkb~Ouz zJrIzyUm_HhrsG`wL^T%~M5f^x1KW(rE0tDAKXAE34m zBV5Q8Cdx{LT4BOX?av%40fHGt7u!SU#&2~xm;Co5Am*_6UYX1g31GYb?-z=;+|b*# z*rP~ex*&{N4rZ{YO!d624oc{lj4zcUc6+0>-5Cx(lC*>o7F&&Yx?joOd(z#{L0(KM zGW@o6j~twTlI99WQSE%Q^sN^Mg0p!pqB7KuWXy<;oK*_xMo#nVaC3)mt%P)=G!G+7 z62K3)D?`5mtQ;E8S-Sy6#m1|lz1l*kGSq+t5mqg=4T&IcZhu40Qslt;=kHhzf9*pG z#T;_3L=b3s&H)ESQ(T2Ww{+JD+~``l)&+c$+Rzs8HVl!Gpf6K{E|>d(j1b(~Wn!0o z2F;&(H?P!wUyT1$MHKJAX{)OMWx?b)IDhW>lkQo;ZZ&rK&sRkbhdGb-Q|KwXS?k1TZuev>EHQIBnmds2&)~4#F zHkz05097U1x3SyWn7pjFo~NiOS?=Pcf#;hKi^eZ?)DqhMrtKaTq}^#)ju+6 zzz#)-*ifw6F?N)K?l7n@MZ6B(ofV~?%}g>LZ=DNa7*|Tw(Bk{>tddUCwr<%FgS}N4 z-r`EO`aIthuYGnHmh=ceUeF*$zK{Q@!>5T1ZGOy6!n9qS($t3F^0Y7|y!k@b<3M6r z>fg#n*syX7JmSQt)9Q4rat(f5{wHsS=d<|OVwWEkbl414l`)r{LyX+{Uoxh-^=^Ti z5XT1a@~BQdtKCrj>ohqJ1;S<&5z4S7Q`CxSt5OnY-F77g^OQvmF`Zf6?H9w0c^NI5 z5Tlg0jNVcq@DM^8bC1=*^Qw_@TD82TSZEZhTVeU!tjI8-&C5_pBayJjn3$=-#sw2j75>Q59CPGxj-nwN{rW?F9jC_plG~3km z3x8B))itBN^;2vgPbp=JXqItkgZn%t>%^7-Cr9g?(f=Gsz9p%Mi??pA3~%F&{*C*2 zBKOE1L_Sp~Vzuq@G%AT&?KUrwQr!7<%0Ag+egu>hiJ~$7jSkhF#m1RBv#l4#w;Wz* z{f94`BeurR1Jzodf#lh|)eA@TVT`X7yOxp&H?x0mu(4~pY|efz3ySfIO-O$KDAyWJ zTk6<CpWC+i4Gb+bJKbp^hXu$b@K$L8%1_(W&$)+}IVRUT$nY zz;sftYa{66CdF{Lcu!OPc`&$qr{dbp`amdC(f>t>erB)ca0NsM1-5JlF^VZ@?5fMP z3W`1`#qlv0Dp zaNKx7+>guUm{`fwELdA|-KmOZ z4Pk`~0jpe@;0`G~xTh)%uV^I_?sK+Cb5RikBV%}nmhoN=Y_;9-&#a3fcowDLCEF)=eUGw`AMiW7sxgB2a)P)vCA?g7swyMb@~g6r8%0Vyzk>3qCmePWM>^R9>yePV}ONb`kTgKluW>`6{L@lz^#6Fs3IDS6~vmcm1thCF+fLd zB5kC^ACg!IXT2*?JXseNcpG4sBDj8vgs_{aXomKLvAf(j=?S&fDq26tp^fNGRMfwV zT$59F#FO|TqLRr^2m90C+#N8OLEtWaU)XQaRV<)OcYOdaoCynbs-?*LYHQ8!g!&0D zjyx4_rnTG|5$U3Z0%h#@lZ`PV!oIrFvF6r1Qo8DSUj9-nAsGQiS-cEaK|)5OBHyO9 z18Yh^Ol?wQ#m7pslqr=Eows)`sBM%5rZ1Ft5KK~vs2v-K`6XwW1!tJx=!RJg25A>1 z_bVD^l7q~y2>(kxf%>4>1z5!{4%X zJO}|%A6W1ajIo=FgDB&1sx;*#6 z@qNEb%1eIKwlI~iL$IDtYdWiQdH8Belr1ors*am)HN0fX{NCj|7e0bGdB09OUk4g` z$T+*_ZXXwa=r4M1LKaqf+67kzN{r*`>F1O9XVS&*)zyaxnJOz(&u{p#-<38h^yx3} z_SNOZY+l(`ymu+Lm3*Gp_EP%HpnyM=zlhl-R`I?`s`6UQcYoJR3`^HY8ADb7qo^!? z)ysXUM;w2N;A;j$OCZ=tLgWn6j<@d@S`>5~)X=d%v)aTvhp^IK)YqXX2trVfTZqekNF zDRhdb%)^zsjLo|y&)Nladx^6h0^Yw=a(~1+_1r<#p-fSM|7l|?v_!~B|VYBZH}i4%uk4LP_J@*^coE-^|m!lNltFp5aU1op8B35 zRj!Zi@V*9%@#p!bnlie|aEeaKG@H?9!`E@T(5%K-)oGL7EvRaO6**VDA+>}~1i+(5 zkn4Uvz@}JGOOY-nJ2g{8L=i)%)zO~R%9=3do2Y$AL)B|dh_T~}ax~5{q|U*T(bpu} z%IUoUcBN5wWt*^zGdvZYQHPodY@yoI@u^<)SHp5j3`m^|y9lG@ymGz?9YP~RJ7)3R z)LV*oBl)s_n5$V7aqJ1A~3&WBobP%byNgae+G;>t5_|~TRMh#r> zT@{ozlVzVMrEEXei#`>wh~_PuYQ=0+p)%HpSH@;jt7|IyAYZ5)+!#<(PDh45yMZ`2 zoxDPXkwj-<^PJo&R_sIiJ5Hb+`8f6@I>)j;n4HJ|B0X!^;a7-tm(I@=l1EX9Z5mFB zIYGr-7FtG=iB9^>UUIR+yNWQnGX8gjEYc3%e{qXuVwTX|ZeNZBKRS6m>RGOV+vLEr zbIHGOm*|$F)$&odx|G0qS*0X6R&1p>>%HuSMS4&g;R5~#5#2a3`Mo&JY<@{}AzFdGCptahuLdyLLnf6io=-w{BNI0? zPljz*^efIjX{oj&e~06Pl)?8l6Pdk~eyvmypFuEg%;+^OX1H<~W!05i1x?XI8T?9n zMK)NcrCK*v)TTjQb3N^oJ;O)_CXc(EJ`jJcN$6rZR`~nP8aEl{`Djc%q~55jTMOK1 zqrGg4{OVeU=gA!xY)Z}5w4cf=qGMIGs*<*Q9F*iuNrh%#e6YFHjo&3WHN+l%ap`WU zf*Q)^4l-zWz5nW>DH_2Lc&fs*0a8-o`{^U!es+7+R%&42{pb1b0B4$3K35i%zUKF0 zUmGG!+o{?Lfu;Wc8uw|hFu&PYY}l*sz0VrL04wPq3ld;QqU7ESk#p~XsFah+t}b@4 z)b^V&3O_iJ%p$>J){6v&dXIcR=4%Yy!<8f}c5>G=4j*v93oN`{V~IgT(5(^<>7l7S z!t${n1G`HI#_*Si33&Ij{HF}?6}v4>3{P9aqr#=bI{0c0A%tFIUQ87vGGv3L5@a}f zVLDMT@!KKkS(k=Ray^+0xZ%a$5MnjOnF{6*R>si2ri>sltSX*@&W}U6o45+}+dVO8 zUm4c5Z)IPHP<4n9$QW=1c4CF?MqS%*4Uj?te>^%5>)TlD8k<<_c;8VVtZBxy3zL=o z&7?MY$C}{rj-CSN%U3N`%R6Q-5lx0LrH_`Srm>UFBh|a@O%T&W7Nr6~FGnMnG!0m8 zS#or#a*sJ9roPIHP~YW@TF}8Hd1;v>*&M}LY4hGKo`o@Y(tl97OL1oUaq6RQy~SLQ z$~4ff#YeDO_w4ZIuv0tmGlgc?cJYWk<73GSSyon-R1Sjtc^>SLKpB|O!t=ST1 za@H16=`>Pn&PTFD)7aOoCT>3AEheJk$Z#3Xb87Y75surbE}+6BMfQ(l$D*a zj8wG21YTF_4?Dbs6w{0<7e{Tb`+6M|HTWJ8Fh7xR<-xik%cE;(a(`zv;7|RveC}0+ zF;oas(NyC+M7p3zL}y%9|9djL!*~Sub57ezEuuZx!!%xscvm*aa@}u-GQMKP_;z67 zvER7wgt6)6YM4Q$3K(Eu^TbNH$VF!xKVUA^-524!8mr-o;@w+~fKyfPr2vRxm6*m9 z3`(knAq09pl)&6ZSyp~WY-68rk@|(6 zV&Lb*%};esFe&A9-$!lTng#IzH!|I(bJ1#Z&TM{7Vc#-F*=v4%Ljn)Y9jGz`FRs4J zZm<2}+V*Z<72Zo*tdYe35(4QJ(62W0zuJyy+?z>bDC2B`^edOe$%1^okZt1JxW^@E zTpU_~ANInB%O!p=-g^r@r(rxYXrnE>G}fPbHmkKa!w(IDJW;w|&wK{;EuLsQiBHyV zzOI=Z4uR~wre?YHznAQ;-t92m5B$-C3Y3c4v+{&hNJ@?sZxCi(D|h&R*5+Mn{?UTw z>;gHH0WeqiGA_7+X7uMrA1)vyR~WgrewtzlW{GHcadlGNm4$~MNpu7Gs>*4x&_H)P z1!h&97fUb|63!;^eArItb*b=CLOBneO$;`Pj}Qe`nFQe^YVJx&24%7{E9Oqx>p4>S z=477{vF9fvTJuh)6%+9l6S&04D>sUQ$y(xXa zqzwAsADm&F*OkjY-=$QTb}&FKt}|=KFbZj;`&Y zwSN)kDcuz_1)KptfqS?-N(RU!dXHHHflW#K$R!p0c}OJxfK@0)WS`sWxuf94-fW3p zGc|}BIb5sP>!KE`?!1kGjOxkGzImnDQjpa#3l(3qbkg$+9%z9!J(aurJfdh4T-Ix&<*6YO^s@LxeAOJwdN8LO8zI&Z|_qF zh2ibtjj^6(x>MWzG?7A*YcS(b! z2!eD;cZ1U1Dbh%Hhjf=T(jgrpNOyO4cXxf8=l$`Gp)v%<;c%b(?7j9{b6#^eAt5a> z@oN;UBt3ElSwgrWmZFjRT&U7e^00nN$AFkKJ)wOFjO5k`r zZ-6pMI~KFT`$E!Pd>X}&-Jko)VC`c^2`b8ib>nfdMftzYpDWr99X5<+E8II-) z&izWjBH3v1oAbW6<5K4I{EfktiT#))g2rb@dfa&=+>B(jR`#M z$$`4z{idpP12FN%gLP+TLcVsU)$!Ge!q|K{4k$u7`wu5Arjeq{`Zti|@u4|H(OfyU zz`H@pX{(>f?+Ji0D5PKQ#Hwm)u-7HLfY_~+qrsPL4T(C5Hd>gas-OXOF$WbF)l!PA zwklv#RTI%6&u>%gb1_U#fF0RTI)gCsg)gnXU$pA*KN)srK?hwPE^yGZig;-T!9seH zn_sspO_AEcg%n+BWhhIN-Upl2FdAj9)d-4YKHD3@7pj~H#Ecf?m=P~tq{&Mqanh@0 z%E(`85nDS9;SBEv)5&jLeVoq{cFX7aiHSg+k=5x)iZa}e0i2|c^To+=TdBdJT% z47(TC%f6;FaxAgNHVT2uy7gjLbQ~-ph%x^X(v$(b${?7eJST^UzSQ6<+i4+ejM`d( z6iv8@zXtLm5A9U4p{gpUF|#;}YN67(K?wa*A^IRIDKlBli&t$iJud8HMm$8usi?5f zRbsXm7ZuC~O34wO2#`vs4ND`zwQmfPBA^hm?e+jp&0umiXN8>SwAo#i2~Y;{8Eq1L zsjAj!RfR@n?k?xYBC$6lDjXGXe@{~1c_`O*`zyxZy^hyO@*pm_miMcz>O+mAKM$PT ztiaW!h!&Bfp!JLsB%d|okwzIgE{dFPcfMY$!m^1~x5LM)nB9353t8^x&Z~pz9h+fO zV%kjFdb1=qPsmKhT!9E3-TX*Hai6{YkvBOC8f(|4SA9tdiEnU>b4>+Bw&=elk5FC&$B9(2{q9I#v2b#1KksnB@Zt-*U30Nf<9X0q_*G#C)*MU|84;C z0TPZEfS0agXF9H%UQUNay3RDIf8sGB%x1N|7KeT#nUo{tjVYu|`9|Mh7 zg@K#{7n7mY5m+bthlleM)r|oa<6x$|e586p-(6VjU8FK?GCNh+DnevWZDHXzAUaIF zTH!_lV!MB~Yr@kDV0I5=I^FXkU(>pQFBq&U8gD0MlbL+WEr%v)6H>+m#5bwC=KZ2<$K zCIoS8n_X&pgotwdv`eyN}7ge$idoXD{jTzNdj~)MYyD2$}G{H=Ek8g@x6^ zqt|_$*0PBp;1h3V&eLP0ru%q*{6NDPLGlFj#qo)WIcV^-e6zpWZA=p01)<4Pvie^8 z2xP51DpE@B7dH2M+(qx7Z_(-k<^=!&0SaK0TB&;8x=q-92qEf{x(5fl4`(<)jOoMn(hrvpT@5rg`s#Y=PZ7+^?RKkw@=-KafYq>|uVMjk< zBH7G0#MIvR4;bY?o{D7LbJE5SzAZ&z(E9h-^5SWDxvN%zH85+4^}*|6(SD@zFf0ri zoKKcrcdVX1?j(aF19BaYL3>hI5?wymvZ=EN(6If|b2DpC(yQXxtt>6Id~6s|rPF%` zC3@4=w$dZ9Tz&Y?_V9bp_V)I8^}ENbfa8DrIO@G)@*j8H+g4f@%EK7oC~2rpw$V7t&BK zuh-U4hLOV%vo=w|z#5pQrlDEW)Ye8}r2J%fCio@0ss>yjc4n*rmJc7`b#vMFw?i*> zTLb_Zk8J*VGfobn6 zS>jfbo)Q7#&8&SJ#Hp0!x{geTXH>;|i`$=-c3qC(2yXHoTbfcmO0*@Nm%zHNHcS6} zQwpF4zdUab0X>@6&QZO{J@JfOPn796AO--XV>8fP8&9ShB!0DFQs%N=ECAS#k#y%J zlLC{0Br{WqoxybXo^-^($u}E*2XHSCgI{e*jp7&j2fr|86tx_1Cli zC0@B?D3Zk7)2K`!)fXL;!e!hW4d^ts;UI(iJZz-pTkJ$GXg=&aLJxIY(Oc{6FO#Sy zAgpFM5s{|RhHk59v2H5yjbYoctwy;$Dd@Fg1)9j+o87_dF+A9rFXIXPPCwoFiKsN= zdEGHDS5QhUU;^f8zr8Q2DUoNaX>ayV$fK?TzAqrv)9Y2{04gLnB&D)CM^67vr2eqa zvGRGo!EB;xi*|cNFH80B$Xmoq`p%ViKF<|T1?wkcmwTp_m{U%zOCaX1N^tEo}bLXZhC0} zU*ni(EK%48pl`;T(5v*SFAW00M& zK;F;SIUf8yX|mtz!drPR5TMtn3NVGMeKnEbsA->p(=1~!R#3+ZK#XOcG#=!Djmudy zUkm>P{PXCgpyJj6cp zYErMEp|Zx{cl!C`P|qlZvp?y73h>7f%;Yb7W^Xsyziok9E-Lc zfVW-f2{0PeO-FSLi2&^l08#B(Aolth+)4rIp;m%dy2SG7ulahQe^jZjAe1J^G*%#& z30yGkS`D?ZaOfn17nooDpOq6lLCq%8Hh2j0H!A$5mjV>CG!U|H4U(>V0Q> zyWNHv|Ech3JP+9oq34g&@#38iG@3pFFy@;FqY+cbB!G75AYdd$k~2}GXtj7X*YaH< ze-3{$z?`rw2e?^C3Jk~@-I!<#G$j9FY)!3%eSfx&R!mH#8E3j_)B2-e;bBa6>?l`t zK^#rVhm0M))6}Tvp1gKj3x04ok-hwk6BnBjGuNW`;v*o~>vb;mK@Yf+h@6eYqn^#~ z9gMd}Qk}=oK4`n%fg8o?4kXy)4(nyLeAa~YT0_r0(g|+Q#--QV zJ!c)^ey|+xWgR(O@z!G;>iYCWRAf!x+#Jwu!(G?CUyc^DpLQ}M&{dTSrRhxaZ&wH- zJP=upvZPVB&oA#{-1g|295{mILtJcF;i<@o;Kck^|448??^(hb0b0dm)m9c93|0eM>5>gpc%y)htB{oid) z*f8G?QTYg7DT?7$;$xFsw^!OkZeN0$w%0_&jGo>R!f%!*Lm# zhUXyP2UNOwRpTeoIL%My5CjA%1)1H$_^#UorZL0Z7l(lD#PXqlCc|PZXX^(r>x08f ztat{$-RQGF>o_a@$}V3f4Rdw@vh!tA zarY3uvP8&fT)`-S&terINWHWZECvM*m&-C@&g8x z?v;jFDs&jHJb^dcPm%~Wxr=-Mt+D=ZWXkhYtR8bx={7AcD+0P~t2cOu?lW5tPkXUX z#|?HXD|+)Su32QPiW%7gh{O{)9*wqZemU#ylQn`ZUY>nMi2|$ibn~B_4nN@OdGtBX z=sNEKby#Ve&iBtIOua(RdtFJ(wi}LMGtpL1VBR*&ETpgpmJ`RrNweE*iXap|AA=nF zZSJjZiYV^&(Ko?pgiSA~9Loq>RCc#c=bI(o4{wEG>y7|^#1)rmlB?PjY`;H5f{5dn z0^$~#?Ny7PYn|qK9CG-HvY*=Til_z&^Gs6z^BZENWuD2)k-=}O@--v%^9c-T@f=r6 z;bk~3vhR>MEd7CBalIhO^x%HVoB3z9kiB!aL*)ES6RhL4cW1^`#*w6qvGoU=E6bd- zCL}1t9~`eT6BE0!9EQ`l0DXpNmZ?zzi1e>Fq7W&r7o7FlpFp$rHKY_^Nd-U%@ItMH znzr`fhW(`sBQOOVfyL1qAix2QS0Y1hRG6eYfDjrUWi`9jYpD?wm6^NmpLPE_(Nm7| zp{sH-8G!wG1@(lO%g$Iq;Z61?Er5Z~Ta-H<%wLVmFnYdHgWb-$LeJ0r{QLm5tgZPC zEghW)5KDkXW~Sa|1;Bq`{td>`<-5UyVU`B(nrZ~w!6moyl=wwfTs~rg;ja;M}09C9_H0EfuqZn54_{2n!CIA)DC0&VV zxzG%VfBVo5`V5u}b!848tRRsQw-7|WBhGX(nVZcjLtD%d)7jNjnwquq8+P^c^ew&% zN1a8l5S`|d-gS6>yknC9@#b_{Amvi#(2Ibx77%GHr;2e7(~qe|v&)o(+*M+chd)Za z{vNM?uL4WxCyHW8vVLl(4o>nWs$->p%Q={=I&Jr6al6^8cD?vohz&3H*9mkW%%rxm zg#6X<3HAv7e6hQ~-s9QWA;`<4w9>36uj=WT)6f9sty~rA!skZJS|YYw1|1%BV(A8c zY?QGgv4O-l+?TGvk;ne+6g&#N4EL%}8!?Y#X+TTYV4m}!c;;^Lf^U&)>-owmI^5a^UwKivV>6bSeh+2tpq2wX45x7gk1yu!s#-Lq{Xx}&xe~0Gez}=h=`x*2}=de znN)LJRtq&NkekH)_X0jxmW6*evZ(%>wKK3M|O9tl|FV}po2 zY%`bnD*Fjz;q2YO4LlBDb4ScgrA;VQ-6BC#*!EG+YS#PFKo94Rb-q$!I`T-b1=@E2 zG_E9#ZJ|O-yf8(JcMpp^_B*6Sl_In`G8?Yot`0N-?LltLB-NlB7}NsGahoX*t?TN#r*2OGz)puDUy$fZGZNa7&+ZK zmcO}5J3Q7;xL@tr^&2dux;B5wi5dQ)SgoiCq%{&KC*#eYZjmc9Tpac*8R?{tZ0<7Vhb zsPEH3bWBKV_}EBgCQDV%I!l$|uL~^T8hXEa_5fFkIveMJ$l!ce;%xwuf5`1jsfLJs zT{rNu?Ml)Xz9}``G(iBQL_UKpV9hM$eyWx#Q7ccpskDmg-Hn;6Tq5!3R@bf<>dH-q z^*aFvKLWp)%*++w!>YMNF<+~%5XE_RTl-y>@-ucl7SyHB@o{pm7-7zdW%nDM&5kz* zH!k1JsIeDo%r5#>N*vY&5bg92|?`Y2U-De6o>R=zA zukQn8KC#EsaB$#B53ZZ)Vq;BUMV!a38)kDi7O{LN#-E>`Dp4&TSFiNg>PCI*--h93 z#B;H#-V6s<0Lb@m>xx?_0$KJq_K(F_a4qOPV*PG}(XNHSsR#pC#6r-(v~R7k~ZnH$s81Y5xK$ z#TOeokmtOvZTAmKS~Z)}OREbLoC26oz9P!8(#-8L@8eo@Io>M_z5JF% z5Q5!CeE$5r&u;N`_~%rOh7#IuKl(e~QH@8U@4y$yE5enM-7yIDPerdkPw$UWk}Kao z+updu#Eg^_u`+cP)Jg;K9EGXR{4!*ejk+1zT1a(G55qi%Ur2Vrm@C}vyY$OHk-v3T zo}$>?4CbAfx#{c0a`UuDK|tx1z0?yT&3t zAti*tn=@@Yq|R)*rlLZdFY~hAtk7PsLlFyFPNE%_g!O2lz95k)@;0M~tBrXxu>h(@ zwG%?u4Q zCp6WW)dVLI&?RD9BX@{g3mHe=_lDq$EQ*NwePYw+m6N86xv9;u24Q8){r+C*EEh4cWRuInRR zjHa>yIc{ zKoO3Evu|MsJ2(dF?Z?GJg%4@AP)dCoJ+3C1%BXNr5NKBT4`v1FpVmi3K73BD;9^8a z`y4e{99fGW>2S|N@~(HouQY!0jdXR;z6=*{ajz9yd)4Nhzc+!4lM}8AW!LGG;#0g* z9oYqd2v#FEIvm@926ClW?7Zx_Ga)C?Y_}CU7~Tq&sMpk+_~qw<1u5VUv?_19cN1#+ zRFcIuR6BaM&yXVM@^xkx@sRVa__6LY+;V~yRd&ErnCX26E0^;tl6ODL zA8q|E@T_XGgl*s3gsS++PqZR_gRUft+i)mFn~IW^j~)}r^gajL&9Py3abtyu$K-B1 zC)CGAhUtE4(siWy_L^J-er*~;s@b==wpivem_|wc$VivO{(_!k#bx3PsmCp3WpMG2 z!Vf&+7*@HtqtH7UKbfzZ7x&AdCm%x~vF|4(qDp)l&A%S}E7f&OH0u)BHQC?=#{z(o zcDw$w!|>;FJS~l=8TZmqknNhBY)V|jT1QZI^S>F;{ts?U{o(1t6)dZi?dG){EOg=q zxf&MiQE%Jzn}9}V^PlVVOHD<|vpk1eck3$v6<(#GX(IXbj%lafb~Rvi4!ZU&i0OH~ z^}$Ns=7mU%;0=fwha;Eg(W{6<6TAalu}{lGfH zD?%<81KK5-fL$El1R9Z|q4Bd((ZFKs zD?E9FgeKjv_Z2iSf$e6HeB%Li7%l{n$N_FB80t5Kog84;v(rxv(bfs_oE0c*FOy?p zzJq0(L931qWc~mMcXBXXFHnF$0YHDf% zEgIm)KL!BSBnBPJ?ZZjv!!EM=%{iJ1)$?;htgyrc3L9<(3us?(@~Y%`g;kWA7kmZT8{H~nM7Ct%F${DK(SB zAxhB#+qU*Vgd($Zmt=%#aaD1uV4I!D^!v;Gr52kP&+EOh{4WQBp(YTLG6S3sY4#a! zuNILB8O=vWPcA09K+`zW^*#j*!nRD%M%8rJwD}H7t1Bf&{G?5`_9-Pg;O z5ot6o^>~d}cCTK6*_6lAmFRH&Yq!b|K-?3s@md~^-RaccC^TE>^s`28rDOC~r0q}E zqF(-*E%*^jSb7{Y;c}eDRoZAvt*n`&ySq14;#|Ew#9=+3oRn1HiCKiAii?+Uc{q0w z^wyg5X0aN?p{>gB7G%l7Y9UYloA@~=w{a9SYu9uQ_59Yt~hbL%F)GV^c_*V%L?ea{(Ii16?b@T#O39YeBX=#=eftd zolKE6GHV0Ak0#oegt%pZp&^f@cCksbBbtyQIr>YNKOAm?H^JYnep$2WXi4s03bXUo zjMBCzvspJFe(;~~`d7UhEB*0-qVyd>a^ATO8@KCt?yI#QY=8GB-p?X#n`^->FKh6s z`X$q4F2+eENgw>8m+0@bgxfG=csT0!Kuw>b+Wn7!))oNH9G z)>3TY8Q{EMwGS)*h`Al~DGGA)^Y`RNIlY54Yt-)u4G<^C>R%N_Eng=SATD+{_Y$^4 zoNSh=RIJ6n=IeO|BCpl12pCJ=AT#jaAITNyUIwc%-VekjEngg>+p9X8FVUsXrkX;> z`0__?pxZ$Cy~am@QRb_T4FExvGell_7ngez+4fHlH!om}^T~RVI+l0G2P7hH3IRUE z2$%-Ea=Ah6y$TKbzW_xetQW!s_85L7#5qJr@{)oyyM9m(%LP1v4FIe2)KZ>YldYcu zK2WgNpO-bOU-Z2(1_<&=^~jiTbL-L<(CIB)?N*?5C9%x(ye62$9-5WHv-Jnu8IEUW zDO+^+Hd(@Xx2#2Q5+KLE2a>!t`c-gK5OY`)!RW#mBj8_y7VZIfb-*3usV^anDeChG zRHfAMTK;?p*ZX#U?H~cA;`Zd$q%q(%W9|XU{fDymXfHnyBuGp#{a(HsYxoSqvrYkClcPtRbFu28KQD0Br;y<)y>cM2QRlf0yCvLH$4JNUUxWZ zyw9B*yxE{oT6yh@ySTRpAmVA;wt>0Z6__vQn&u|OC%(=e@bv7=6coNohu&BFc|AP< z(tagK^w?Q)eo0{^U0uiql;Z`fmKDW{D@O090Tnep)CiDyq;5Ttj}lq{r)rp1YqAap z$loq-GSVZxK8!_b=^p%7WpT+-1LNbX3N%HR<CLi_`IE`kM~&rT_#Ja)$< zM)*%WNJeSQ%t8rD^joDv^J$eGiA??co=0m=CC$6zibES*>I*!&thD8HXoK&X zT&PyAgT_(85p0L6{#^e6q`1_tOe>1-xPf(;_o9F0F=zou1q~bzDM?VrivBtO6#IQ4 zl|?^l(bSLq-#OwZdHL4gRemd#Q?i%hi?nY+N{I*`^4<|e-0}&~EwS9E7uoMH4EIS} z&FAJ+G_cXv&UwFFr#gL^aJhY$3MtJ{WJ{9x$zQ7S6@X_%>p=_yp4_**nFD%iY8SBA zKVKFIlxhC~vQ^T&Gz?>)xdWQa4^(7Gz6>PZk7w~1R`q5RL7W*`20$f}$!dxgkcblg zv$YwJprY?V6JevR3D9rWT|z2o$PG8n{6FPbVJph^E|+Q5gFiVbvLFS?3uLr79L-;W z*qUFjBbyhn3bsv!m{kyHhM`1Bp``LSAA`bk2s-w+LgZG(8)N)|FC0sv>Q1k0=j^rL zi;?)uhL5*rr;0zgHx#W$V_#wU*V>*}Q!uEYnBctzU6JPKIM8I>%#D+cokjC~4X1HH zq68&H-#x%sqmxGdwI#l0Dg@l$a@}UacfNLn>k+S$WALU^_MI%pkCDukf00diOrWFu zxNQeR%YZ_}i4i=InL+i&0wMzt;=tKrxbZv0Lb7(aCGG>OaBIIYqzKQCr=tErWj&~X z_mg;Nbnd?Rnn6Kr1V4XOK#>Q~*|>*K_5+O$HDEF0Lidk}6zt}b>&XB3m`GZ`X*G&r zFh7p*w%1;awf)QGO&gg%Nq^oN=u&ur5+1P35StwMCf{2PHi#;ZlG~X1XxPR>6 zB$e1}XyVpJIixCsfOxr-5*1QL!yXC@6#HUtk0YcI@y;a`YZWX3`!nT?D5hY?uOP$6 zriFZ|v0l<#Hb)Db3?D!?=KRRVC*ql^%zkCPo5WyLX#KNFL_=Gpe-M{h2`Az6y9ott z<;gl79^q@hGT1?7Cnr@iGYx~ay2Zu(QD%fP61(+djj0#6RXw6!kzkaVUviIvnM{g5 zdV)zkUBF<{;dqiO8uN$CyM0PX8#Y!x_N8)~=tPw=L!EC%Dhg6&VkXqsDx~u54tnaS zLdK;r)O+}|ap6z}Quda;!~N#5aY`Br0CG@RI5?;{$ciEFEdg;#Z=v!D+XB-jJ|QuS z>cfX%R9cI-R=WW|t9V?d$@+fhS(%7Ya?{dIZ9~y{CYuYjO&^vX);Qp+!Ni83R`GP= z|7MYVyQ?4;->ZUCgl=?@22~a>cPqzHPRAIWzAr*GbaG+jt?HzzsrfO89H_EW*Vi${ zJ7p~=WS>yqRNx>tPznug52jx{yPvFpyq=-d`ca!}Rle`D^RH9On!O1*{;kb65qO#G zjQnqnBS~=?Im-lzidQ-cDuVXZ>-4myQKBLWq~RIn>^P#txRO99Va#S)bkv>IL+Rom-Mh{25L#rOQY5;>O3W7B~7IU_WGP5~4 zBT*dBoEaOhT4b#68qmK*SlHR~K=3V{k6ogMlvLREKDyN8;79M?Cg0+4b_`hdhyJ_$ zglx&yodM}2$jSjT+J7oNLBp@!fkVF4==Yy%t@lwvMjuD%|2PZsNu;fg;uNx~r8n-& zN1m#$8(>^L-@WKk(_iR%PtB?6dCZ#ipzv(}ctgzN;I-4th(=E%tK_VC z1jJ`#g&^os`STyQ!3$+7(cQ_S2~d9g1>hRMqzf^HW{Hji*%%$h86M|SvwM*6M6DP8 z(S+T%;C2^8BQN3Yv+dM-K2HLHQ+q(dL&WRCB-a4+teZ#mD9Q>5b0P|6 zz!zOR-$-P|K`66O3*4^yyB22$1XY0Mwm_P`A?WbJ{BR&I6?s1vQVUWOh2H)=L;Nb( zUfBZrck8&8R75H47P#5u=(62Eys4GXtgVm1hSyJ#Xa|FD2fC^iEg>9`lp~D}#b6K-6K?fUb*|YyFHQL8H=!#M7PX@B^h1VZR#REfD>82S zR7_knZ(p&jPnR(R8(Z5tTB?l_FPK7IrzhtD!uDpLL7B%*(#4+2v6GjVUuQk_vEGcK z=jU~;qKt`~xSLblVcKF^{3N!a@%s9vJW)HGMx(N&H1UIK2=ryg=e8{QjKqv(7?!M+ zh9PCjA~uBF+*beW(s@F&_f!o>tA~N{C;+Roh*=9ka1~oJ->kq%9t=`1hCs}>6dtuN z1iZ&`4YojuM6+q}R)QGw(96iOD}=a;iKmB~+X*6u+X)#l4b;b32-@pLrx}%*s_Vu? z9UPp4dP7K2A;C9!(n-tYK=vQNhB>})dE$NIdg0>Anj#elakF#rec;c|wcU1eN<(~w zUG#bf`Chynkd-Rs}^3^s8e=+G{X6!hNCdxBiHn3aV-^ zV__;Y29*$2c&BLnI~9;akkZ~IdGTo-9jyRVO-^B95&5sb+VBUZiNopiQ797s+@INy#M%;t~L48j=cv?;bC98CVHmMsVQO1qPPuo&SUEMciQ zEcN1iJqO!6va~eb!aeY67nn9j#;K_z3Qz-4o@~LU#pe$|!f4=9gNXhe?YUi-r89U-c1)986D^8@5Z3>3&%#J6}uZ z7e9E$!1>lN_gW*tBLwh?>>vvB6Rd6q*h<542x2!0%A#4lmw)?1OxTW0PlH5@hem=f z0kx}@K`b!%iwqTH(|b8<2>4F2)+nA>5>8`gh=FUMmJi-zH|fWA*$RjjEifbve0$d( zW-E;rXe*DHjm4gK|Bk2<@WWntyF(l+K&@+PB92G)jhT&6v#5(7(g{8fHnw26OAs^R zy{lBh;cvA(buM!%Uo|IcN5fSdJUkzAh7%F68MSx9Lp5PKruv4^b9744#SCA zc5ds@%-{L$zo4hl3V+C^YH2=gEs6y?S#6Jn)@P=Uf8y4*+0c735k!B1Vw#HNV7sZ{ zoZ$=(X7Eeuh0WVUb<)iG%A+v3r#_?8Ul3FZwJ%{V_>YB5v|o+nD-hZFe2*|Inb@zD zjT7224M+_<4`XXRsT=|;$SM)sz*qlFh#B`U#-s}8a)FiPYxqfCyzYy;VU0B*pSXy` zgO_$|Qq!&ln~#3d_5dCuGf#PVI%jk^{h|4-6U|d0PLnM((#}~d^h3#EP!XaGdXGg~ z0JW%W7?0~42CbIUs-u)0D0pGXa6?3CVZtne)(DLLB&an?_yEXD5xB4P$Hu>)q{Rd= zSs>bN;~=<<;&IL3ssv>2@)X&iJdvtVk+MpZ<(>DDl!_x6@4h4wFw!i%oTigAe+SBJi zj3rhq#PCcgG8|krvo;p@2Ojt5CRcwroyh`co06%ZK==cehvaYpl?i5A(b@_TpM!7j zJe-U>5=oRZwdARH_K3dCs+S#Z2s}?$Mtb#QT(wElH#5oee8x^vwFoeQSTg2iS%{cJ zY06brx9e3)j~edxYP!uBf60xlOGP- z8b_y8Nd_o-pj2J<)+tgr@R~h-MPmZiv#;rXz4rvvkP}tiMTht#(PFi;{z#pdX0Wcs z#M?v8(#n}}wn(p~*c@TYhij{y9>lao-qLL!Gou1bv$h~;Et-K2SSXqRL&W!MHn^3x zCU$;dX=uLq$FmuIs_&^oqn)j3BB9H*G5h^|Dm)6__pARF7e-o#>c^N8g3Q|o-O$^! z4aydo@O?>ZE{y0;oDGL&23#=tC%~aqScUx#gALK6l)0B49u5Y^VRv*bCyb%JP~=BX z3WK~KmGFZBPIfKo07d(4*SkJRBR$(IhwLSPC}=H8$}j1>luS(WJ09eG~uA~Bu> zJb}_*n!e(__*ZTMzaWt*(S`B-Yx({XJu>Lg$4{_dsfbSthlat*cco$-ip0u5aaDcZ zf`wdy7fJEd_IEN}QM^`tlN-Q&XgTP!Ev22_^%Y*`#HsQz**wDA$Dp&~SxuYeHi$MT z@D9ELeh_2TzF?Y8N{Y{5s6V>tON5r|C_*XwBtd(Wej44Zsd+mDE&_}nch-F6KHP#d z8|OY8r&SW#$=kPCSN7b0RC+!eLF@T;K-Wesag^E2I6c}(O}gt9F`h@Zas*Edw2Utq zw$ao99H%iaM3l*IqdePoAL7{LWCQ|6Lnxt*7;mth7^=odm z(ofSFOLjP`Rbg?kXf`x71ol{@v|E!aC5#i>PeO7VRJJQYf?gK0SY){tU zJL63JceL=B=do$5@;b5{qB0T;G#2*PDR#tzterAboiJnBGwLe`X_t`E&}iX;cNb() zcyO{UBs%$@@tIv0NA(3hv;0l;Vu@HWdD>x9MlNDFJY)RpQCB7ic36ZcxQY?6`1H>x zgkO>sX38A3eY&kD*F|$oGlkEo)2J_6Xaq8LrK zU??B$YO8s5W#;{ReX(BBlo{mWz&>L|K4aV(m)u`1>*jAJKQV6F=C#hHi|*ilqbW^r zD^n^r64=N!-LY%5RjfZqzUzNhmbb!le>O8-iOm{of4gk<`?oNe9{-{2*ZCr)sU~#- z^Ja6+riNtL^~Px8zZ{o#dqvqwuGucUO4llHHUnkK{dGq6d!ffz(ENprCNI#n|M);j z9}u7@#0iNP5Pc0BHs_clqAFnbc@pMKRXPvPdPl=ZQW(&lr)gV{q~SyK#j`ReLv=W; zN4lLVzreR=ziXK~W*aK7aTQt`yb>_%ZK1{LALV`_T~_!szRw-X@QfYa>W$Jt2xEEK zz{Wn53e1vHaLTI?_vtv2sMy8npa1rcwCx^bY#%osF!VQXhf~zEz>wM7Y+0trH#2Pd z2IICe0lw@Q=vM3opBc}tDhUd-Q=q~W)Xf{#&RaVDC3YgP<-Ci6I!iP@>ic){u`Dyx zw+(8uQgleR#Xejg{&|A|QFOXMFWDvHlHHaAZy%YlQJDfgtME{W{9z4_#wQ8B8>={P z;s9mv-FWgXI$11c=czX&mpamMA!OH@uA)gjPnuI|`cGK$!gv&Kx%v2my^KRckuia%B}oT`c^xI|>EGfz?=m=auMQf;3cn}@@x zTJrr(hIk=^T5ZbmGkcfkP|w4rqVhGEm=#5~Oyolg6J;&*L?lmr#ob6rM-+4CkYock zWsq?G1iegqLea;cev~e0ido`xIm%vm1^zJ&iI0@L&#F8}hJ(I|TLP`P82XcMWi5X3 zxZ{%lN#Jsmrv|Ud4x2jC+eZrZTCn*-5hh4)O=*yE#?=r(y8!n(nENNK*r{cu(N_7B z;&kP5!84~0fea+zHU5=J60JbcTC6hj)fC?S`fZOB&-$#~>NIC%<|iMVy;;e`=PGob z1?jU(0ahQKoXe*x}vWaQG&kx4oo>b_Fs zAk?ZO4jDnh2&?a%N#KmaT3U#bME8KiL|V#iwp)epJUg8}kq)5|4pWlgDcMOCDq{3i z#AnYybC&u{Q@6hAKAH+r&cx8g#x1gbGYd#fk@fjcSNbPqTCUm-M5I>5I@-!6v(AxV zpxW*r6TJ-}kYUUx>aEW>Z>kVhaiFrP~e=o}JrM&&a ze5xy(#2IE>&%glAb_nLMcf{9Z;Ki}5NE>}-OHq>KE5wwtLR>!a@)u;r)Dpi#Qu-I3 zo4-FS}Blr!D913jC=0P!}ED{Ph(ZUnitVsjASK zXLI$TTeVVDzGs}ro#pog;=wvfp*7*Q1>?qL_O%M&#^ys{0dv(Xg)OIY|B}dSRmcnR z)`!Ul7K)v|2O?i%Tk69X?4Qi%x!L8mVN&+8>y_my*C|c=vB{5pKhi=SMx&#HVS6ZB zPmZBOu{ZL)Hff(|*Ajn&I0{BC4F%#u=2J7q#X$(w$?Sh{OxRU)>PF1;{fGF!clLG| ziqB^XiF@2(m$sTIEbJ+jX;-0BYdNkctWjBg_J;YJMyDRr!|YoI_5&CHjW^lSQ-3ps z8O`hD`|n%@U2%&DtxhICVTZChAF~sB4ihCDDrK*`W}QisjrSdrr@PwvhVNF{q7-Q_ zm_WOsWn^$!#Hy&G7_uC8lXbI3)Du--#l7%aaL;po9*In>ZV}EBNtu2#a%R6;33j4Y zg5V+Zg?xFU_1EKLjy2rr-n+IfRem`n?7~e?$$E&zkLu7jMyZ#NNi!%fB_DT5-o3up zAk|RcT&5%tFf>iNPhQ z`kg=W{mtEaD(j<+so**8kbQ#;UN6q%68)mAHPHIi!a6sN&^NcR zivnkc!!C1lEAmF&_qBT1heVTv0?&>t(iy4^*4LQ$6O>fU>leV~qd?II-vcn2pHL-` zFxfsRYW>yJI=7{Mz5l>U;Trz>Ht`j-wI-)i`R~DCP;(97DkhF-)%(K?Vf}C=WS(5# zPFZ43>_GL@JHjL0DGG<3-0}MqF3&b?%1ohrEMMgnxh#MEafD*fDEi#mu3U!cCk2eY zS#xjVc7=mbc(+ubRfrfU@w!J9*nJ)-Ia}T=(Z4>qpa}?Q{99hbkd42B^3KW^VxLKU zITs&9=R}J^xEV#G*6VXbEdWpFzh4GC&DT%t;15|q@aRZ-{qMi8pS2ZXc?(02UsN*u z{q?H;|95L+uq{G3rAd%NzaA#Q=d}?|H&QuU5Mlg~@vJ=Ygg&UsI<-9qUX=zam5f;s zX@Z@j)x?=Fg4;h+^_M*pB2~G`Y0YnMSU*PDa0koH2r2jO1nP4p*HxXCKT~z{W~lkw4^P0wx;liJK@7I3Gw6b;inIrHfQ{4 z7|8qVvy$0aUF*xKrWVX?@-(!xalDS*D=VZoLHMms5gorP57N1VhlXRdJ`)7Xk_c$3 zYy7TMnKN1sZw{_Si#V(2u_WZv?9AGthn|@;CuLDcY0RncP zO56E#G~(F#Xx+cw_Rr&)&L%{(HJZfTKIh3UMmNuWN;ZE2_$a4^{-7QCif8}L6(jrR zHB19mvDa7hYtPqeU@$N-G0`YfMS4ROoW;D_1QV76R0EtsQbI^fjXyweM>sdPcAHEk z4D2`;YM~)4J<+c*&Tpe+oTE{b38pA039M!i6av>kzjrWcR)ZF{onDZbJ~*mH4_B~k z_s~In5q7Rxw)EKjH)=LrwM7uC^A1aY`n_p`4h$aWe}@q8O80@341I{;prHG^JB1$= z954~S;n6@r+S%PLErf(&QNI9EK$%a4g@tW9V@K53PH+DlUWUkociRJ!edzA)ZfB=x zx@^H=KPyB8U!RgG;Wr5A#P&8tjs9A*hkkx<)41t3LHbHrj-#{GB^_0+58d?wkEvs% zb&Q1V$1FZ~UxZXur-5M%4Xewrvh}oL&Jsv~{{bT>7AB^0ER+y523!Sr^ULJ4>9>yN zeGiK{^i&tdl&XNHQIh%&o`0)GlgoDyZW|jH$H!leg|Lro#aC2R1cXD0e%R3ol^}K) zMBRX1JvvYF#gGC660}ICv1AdLuUp_|06QHXP^6##|t3X_{j7d)B1OZ4u z-H`m5ibfdR7}|8&4YsX5kYLD}|0`Z_RPq}cDBMcCU!JkohpS8m?yryDVqrnobLyp= zu6k4fls+OB6}UlZc0c=8I)6pg56*8IJzs87P0C=~welUS%vZIdc=rpMSkpbQOIKIH zYwUD7)wztwvo9-BXCqychl595apwOBJIko5qpsW2UD6%W9nu}rf`D{4NOO=DIEPfa zK{}*Cx&);Jq`Rf0C8eZ!H)A~SbML2n{lpLla?aWRz4uyc&fm=I&lX{EB)kV>OG+Rq z1DR2=@xXEda!?8<=7A(MYjZpUjf0hSq2BJbk`h|#K~`242)dxP0AwTtcb4d=sQu}( zq;yRLA{9hZ?@k5F!;P1uox!Py;p|7GJ^Iu@wd|WqgNcAP@6-f5tWWysPj)%(Y5iP9 zQ?;vcDTT>r!4M>f6TQs3a!Td6L}+|H3Pd|8ZD%;I67!e6n~waNM6&~f@E8{iRVTw`sc%Fq?pYc4`ER`AYp-1Uir!%&zOfMjAhjj^y$| zK+nxZ26GX_XWZT0MJp77g_})D4NJgMrsONHs89~Ux9<@}Un@pVLKuKwN=Fx<(!g}2 z^d3xz4|=DF%pDdnlbJTx?{S=pzDO|BFA0*8b@cT=Q0I%{C&o*=2?{IjXcGkYK=aTO zGIZSFL+;ff*<#aUaDAiBf=2(2B*A5yFlNfE!XrFW22&G_2 z-&-s!G-(W0o8?Y-IxemwAg68tFLP*U2ng2^hXR3n29yL~9CHPR<%D>6@o8xh_3{o5 zf51$P+Gh>+G~TWo;v#sVL2G}_zqUJei0oQMo_A&pOBLYozKiaP@A)QYdDJP}m+fT2 zH%41IwFm46FZ?eLM5&|76rr2dVH^E%dfM93SOzRxK-gz!V4&>s3H*OnKpE)9f@ub> z;qR{@2M7>DvVZZ!$es(`VVFSS)&?}@6FaRSM~Q`tOJU&KJMd=M;)Q68Ct6VSUANU^ z8lqhUB2>=pcXtP4DM-bPQWE}-{&?0bRzazrNw8f#Wl^hNUNPdP^Jxenq)6Kni5&tw zD1C7>G(#zzz>x&u9gY2TcAiuUMinq1C*ju5dvgS)P3eg=72XL2ok~ihNO%g2v}^# zZ@xS@Qy+^ILu9UOmB8GP{{qG25$3$;61ZaqbM**0c!eN=^$x-9-1QWi0X6q3UN*mT0dyrIOI6@Z?j1 z+YuyCLS#0qw+RGQeez{;@>$&EeZzXTyNor75)<>h044A1_MZwNmw9PHTv^1s`-H4P zMCVr-Js4vzIJwv?19jbhnUI7{Bd5lz4#qBOpye&c->%a5b8s`0sAtd47}ufXE)v#w zZE&vT=aXZk?gA+WI)rxPKb-W6fClE1UJ(|G8^OV z=)6!pg?@>%hD64~LxbE=Nzc%P$fHS}m>wi-ClP%N1vhJc6v8JU6V@T;x)NN`7|U}k%@9-EQ(!>5%riJ1dP|te=QIE z4rY4Dy9F2|%z`tkYrJ->-g@{MIs41&@kqs0#luIMHv?^Au(}raj_}T zM9mp{sEy@Fgaik>W1apx>(3XLFv&nnq09)}4SBL9#R!2i$M=P2ob)(fm-0OrH3t3d zC3zB4DpLDe1KFvt7A@rlv5&s{)o=oB^KBTJjCU2lnRo>rfcg)hH4I^Xj zXnL*P9G7hj3sTKUXN`D@862;Tk2A?IIw`4+PRi}S!=)yhimBLvyWGI;SFWpHvSmu_bhgt*EJp?gAADEtjyrC3)e)`Nzs1N(y-EAV~RZJtHWoX>}9p0+emU`@`lyBla^^an;J;kXM=U9mB zK&{o@5`Z+dTG`121}gNqUw0;FW~Qb17PMDV`V$XNgrL6hI$jBRZ{R^&)ti`^)E0Cs ziDjNXVvU%^#sc;3zdS5CJsU9ohc?&>_QUm_2=Co-cx+7dEMdCdxBOLxjf290ce@jX ziDtC+$~EYNs3&SdE5i3ZxC^j!Ze*LHBJPf>$wdK2p1%t(i!bsYNVXH$kVw>&AuNbn zEH=U>+M__VmV}O~_PwUM8n%-S9f9^{h=X?dqWN#Vvm$YEgJo0 zJGTl`5=Ms$VF?S$iFJ4qnxZf3VNJ#GF=B+>FtV^2;uZ1u%x3qVKDn|8x8zq!O1smw zXF$#@oZ$O>OM39ebKjj`W?#+$Jd`bks@*+3dxe-`o9kaDL!>I{Hrle;C?(HNI*-td`I@M7G<88+}V|*yX-k< zlAx){p%H1LoKJHbx-3)OSi@7Clw;S8q46(*D-NQ%At&hmB8zLdb#; zPz%{=4K6@*#)Ay!JwJ_XFSmIG{X6u2yzO|jkm~V+NxyPSzXvYQn?FO`&p!Ndcl_Mf zd*(renSi>2Sa;8uJHlmWE~FX+Mq zJ2T)@iVzB)i+{w_B}t>iOwDpTJ52RP4e75fr%!F3Q91gYW{ao-oRp8m{ zUasN<$Ep|c;cTE<)K|!<<0Zus*0Q#?POqrAh75$}t^SZy^S*mnO3Vc|`i(eAwx5bg z4jMw~4)&YAQuqAcN4S{VkH&6%9SxtYL2<<6mtR#=gZJ$K`muD1+pxjy%q+9g7ITb< zvs;}9c*#w`czEnA=;8O&*d$I#erx>t@7^e9U3N;Tk^8?D+#NUWN56c5`Y1a^-Xt?S z`{JzqdUZIf706G|nQXBsn90@DbuR%@D zN3F3fQ)n^&<+5Doxu43}ao=>c<9jw4M;WH>L@Z7)@>*)tq}j#UR-rGoLlAIi*SnE1 zZO1Y$_6y{7h*DVYQ%5ordO_l6;GM-0fTw5~n8vEVJZ0>-7rebS0M7BSixCF{f=R3z zGVEO`C^@lrR_AVKj7ZhgA5aly`km0mV8GTYp>Lm8eRleu^&RiSGLou{z5OnDh!=J& z(fYpT3z^edsXnX!;QKWr3ab@9)Bji8(4U*@1KD?DM$%KL50~CM78=BPN2Z3jAJd+ zrVq7-AkB7pq49SZcpohDO5#ZZP7#3E-G^3^3unuUWNw)2;p;9aF3#urVv?EDwjO_G zv?8wPRvAg1bcVQ@!>RgRO(;dCZe4SQJT3^Q1#{8*xGsTF=eMB8K;d~G>9gq;eWNO) zw#((_Rmu0e<9l8nT?NYsV_3qE-fj#7dyj!;5%2wts{oW$V%qk$FzV z2q7b*j9mHj)fEjT2ugBMFDK>Z#ud&0<6ShF7-UmPxlmdIHN9%+n3^lg@Yx1=fttLZ z-woh_akHn8?drSgFi9u*5Mn%s~zb zd(&rKc-mwWXj}64xTj^2z4pv|;zBgQMST<$KOk8X=J@5S-#+oBx|+ND#AH!W zG>y>11h~%b=0^ZS=tl;oq__W$mX(m5K~}6taz>;@Pg@zjLyQ8w&5sFck;K_nj}l;K zsc-pgeYUN3@Rp5&uTlYY)%ItrDS+Jr5m%Dua61#&nXd1qDoyGy=WEZElbDv>Hevwd zptV(m6oY7Mt0w97cJ_O~udZ(0&bUir=1q0euCA;EJ)K>!|Ni?Sm9snkUCzs^Dfz`? z3ku?A z6(@yD$N3;jLO#D=I0_&Xd=)uB>0yVuhfMh^C9PeTiHYe|IuG4eCw!Cj-;0PCXTOe~ zuy-0?J`#3o)i5yNC~t4o@&kP+gF!O8KlO&zPk}5`5feInDIZ8vd;Q^nj%B41Lp00w z+G@MG=rvQ{I}KSFvpsiT9r3egyuken=pD1$_KKBf)1C92RHKn~bt3gU42(>5b0f($ z)aK5wsCt(tJ1)Ww7w-_wBC;juYK*QQhKAsTM0SblhljDEX1W!T$5K-C$SK;JKe4dm zw*7U}MI?@DsL9RGD)4E-`oSk6=~Ve8PKBFt{1z0~ptG=^BjKN(E7bVA`!OS~Bq)?P zDmK>E$Ws-e$l^F?X6N}ia68p)R?<89)Uxx7m+EM}b9eXEwdGaMRIj3E(GI$}K)err zXP6bN|FHpQMWwRVC&Zm5qFaRYuW-h@gLz(Y@pe#QNcf$1qFZ%BVc?5{5 z*S3Z?BGZy*@JD~I6+gM!9o{kB_w_7c_wKPVZb``;43wJrZt@>Y0p~vx09a5^NT^yz zi#;evDsx0vTffD!HxjsOT=r+H^6BV!RCdNPBP7anDrQ0Kqsu~_({Az89QW5T_w~4DH;J)!Qfqr82Z2O-7xFol{ykg>_A-t2{u+3`(6crso ztCEDmw6r`gUU+l`=YqbF(Yf}kSFhZZJ}emD9}2CS6Ud8LU>CG%uyK5jB6$R~cdX2l z0vVFtUgr7ASzM_r^C#r0q(bqaR}%B_Vz5P zBUPEr0LPA26?#D+_gl%3{J==R)xyG}^dh6t@fMdf-tS}$lrZMm&+*DYpsKJRKULKO zIGIfNT(Va3BHYt6(?}=?lG2k~ocEi$rB*ybQ6Y;>I80=|O^+LE z0^noLk5{?5xk*gKFB5Am@-4vi5SU-PG$MGyZ+9MThN~I)BL#cE@j`&bqriT-Gx+jg@toZ?QN{W=*du#qsMX zEk!fJXWF=O-=HNXBP*J!?@}czlNLsS8ypBHa7ERIw-MZ3Xs%rEMe90$iC8BLTXTYz zErZ4}hfQJ!lVU8jvYN^IzE?E63`4kAP%P+&Pe8#>f)~z7f*Y3o!DZM|ss_mfDt+XkvVL56 z4+x}YR++k)SQ4^{Hj2AzHgMbrZhE3Fzl5{&=N-|=FMBHh)esP~(CLU$h^jj-Z@?Wf zmPU#ipYj|u=0TpW2q!0Yrc0qU0ZTuBGHG(nhm2r$FD+vbtoa-=V$zXiUkq=ufoANkl(98?>400;1jSr3-i zI|)czS)}IbHD-~8G~*k%>Utbz@c!nzhX^11wqS4_Ej9VyQ&U-GeS> z^d7G^ys><;Mpds}cMcZXP`5{Ft@^8o_hHG1fG7QrT!R}!A%#PH z+!sSprMnNNLo0q~BZH@rA3nJ0zflb|g6xi49H3T`f*Bmr3ls%7TP8ul5KCEu;q6U9 z=e}sNsr-NlFiTrw3F!p8OwHFihlBZAu%Y6l{!h-1yHh z^{5!)p)h!6s&DTu5%e?e?+`b0#S+(O5H}Vm{$o zLjW`s35THaIID7~yQiC#D1(q$zHP?PSi5r0f}ixN|M%r=m7$)l?%FtX>h(?SdEF_5 zGOYI91`mvvm@s;y;kWq685n_n>$UVc6=EA2RIvy=6Gp+Il<>QRLZaoWOi3sSo$Bk& ze8K~x2`+22E6~x`{?z^-N6ye-vG}_FSIEnwXo7BNvehBxS$*3Ho%V8 zpu_{Ufa@%nZ?$6Xt0x@n2{O7{0s|`GR)Y2h0YU~KTuKx-5sv8P0KgX63rR9QYq#d3 zW!iT0E`(uj4k%9r5IlP=RW&dBY^dostOgu^D^!eC&)|Q%Gnze5Idx64@$YyQoLjg8 zekM9PV5Ru;_}A!CO1`rP$6KL7?2oz*`*qn$@t@@l4bv8OiX)Mcr^z9#@vZi2oq5ns zi8inNESwUnGqWIzIx{eDaCdhHKJuZD1Oh?KT5H{%L5X?r!fhtlif*GV!97LB2Zs-lsInHXU_dU|8oXL64Z_wG1dFa{o4 zx1aI(&WjB6NX+a`68g3Y-BPqQi^d~?gYZLD>X^!f3E#d3U7gTrV_CWF#8Lqxwi#%| zQ{PU21_=ozWmZm3;Q7yI)&_=JUx6VBbpF;)tQrk*iYb2x?${(qjpd~(Ha`FsQ~&!X zdN`}GZBJi}ka5sGFn-3^zyb!h{FG0OO9I7sGd>CtRvNbv@7NW-V56&XJT5JLxpNpq zA?V{&F#1!n)#CU$&)XZMUljba=st`Qx>o#T>pMM$Rsu%u>ubS<1Aw#wtF7q&^wDTk zDOj?n-9|AQ)3yd*X@C5-8ILIaHDamyt!WLMe5fMEvyMFfj7Q87L1;;c_2|*K* zK)HAJ2qCWIF`dRVUZdQ&X66j&JI2%F-boBAkZ`O7{M0$RXVjt!etCMg?5Y0 zCL=hhSo-PaixB6(l)(H>%_P>A$IWC6S6AKOPV5Uvz zRb|uRA`TVb%judSwX?9G>LY{WfoWDF#k`ESI4 zpjZ8&K&H#WbDrkDXzIh`(6aw%L}{lhC?#?2N zTd<4`4SaZbg&Ntl>d^yF0%IyHQ`?_?e1DUB+-w+Azz|{dYsDTmjpAc1LahzApi|!4p+0;gc^o30X5R zIgA_795)0&%YXS|PU`AJP6h@O&bRRIt`h-+H9_Yk1qJ!-?BS4GvoUaA(9!F-x!JEW zYBs3%YdoLeiO}`oplGqGQWA*|j#--=;tKKgS~_elq7scZaNMAAweYfdZbv!RsqT0E zCn!8S83&1=Ualjjzw2#yL=+V=Ev!3C^%FXoPsRfq|r%?^X(UwMFISiJWGY z_lIUd_fj0~!ky#Kah1LgbafWmP#UaV#d%0&AtRUIloXjrTxSftDHcE7EfkJi6DJ^` zTCT9Gez->+rw<^UwB|oQToU3IN{jS9S?dB6_Cl-OD=1F*TL@ib8&6RQ0L6fTi5c{G zk4ySh-=Jm@hei@%h(rAmd<>Uo|LP4nXLNKz7KVBbsCWto_`wrAKCUruq7UKYo8-$3&esaI3b4T!8%JAO7PNUDVpzc)eg5&IySw1DjxT9K*z$+cFzNg-k9Oh` zL%m&%3(G~Pno=MRv1B?1Xvk0ryU|9**x+G+LM7nbUUZa;XW7K^PpD*9VA7{gAL%vS z>{&)NEG*VRl_Bye=%&{*D<@Cyls~y;zNKm4Ai#-~IRckTUFm}qSXQ7_$6b6TR4OvQ%&$>UQR&bxmCi{PImJ0D0s8MYc3Mj}W0YT<)$@S;B z#o=P}KU}nvv$I^k!^SD8JGbjon`>lbEtDJ-z#@!pk~Du(;{+QPj(G}h`;D7uNypX3qSk&%JJ zg?bWyy&;#?jv%Q%h6c^WGwPK<{M~zyCv=)t%l}f7cosHDfz1Cd?>w;VcbHW=tD^yUJo(_YAiRX*ngCJi*E>vZqq#a zygw(!U3DfvGZYs7+fx?+>aOjP+-BPmL$OCIk!R1=->=Vh-Sket+cLy%98iQP&}SMO za=tPk?F5aVs-=eTPq3{rH3$VM9Agn982(w9u36K%f|(&8{yl$A?~dPjhlP&K%E>7s zsR2!)Vwa4iWs-Vhu0e}GS*M6@)Bf6Ep1Ebi{24y};7V|9{i;(anSr*peXV}po1*bT z!8ll{kFl|nzC9_9jz-7~@@(NL46fTfHsKeS13M>s_*dKLyfxaaoi(@lL*fb>Q2*ry zif%jwH-g&XCnoFZsk$X6l*?V$v^M#Aixr`wg1n`>N8ReRhxu7|u!eEBsoL-72PAmBYNGEBI!#yIgwGY| zms~!_^eaDs6XhD4LYMvRW@L)*Tjm+~H!r^_?tE z!0myET%VeF3WriAMdnxxJ>4&Ey%C{LHzhvqpF({8VMugaOe1M z(ys63m0iz}7x;|StNYpFSezc`Mb>P`==TJ4E_#cZGxNWo|Kz@u@}km3rSey9Tr`de zLHWhQ##T{|u;A@(QLC!LLgZ1y*IL|GIl{=K`kU|iIz><0(CMIhqq9b)AaW4n2AUft zjnqWoukRzu$;D9l?Dr&!&=R#t?Izp-nLsrH6#d=87Qy57`P9?3^br7h`X3(tfm5bS zA*?onNWld)TgJ>#cQ8|RNLA-!4~@S_n$)no3|+|gPD$(tD%~%paXB`e#WQ`q{j0un z*}z9+)?_K-8pK&Jzs*Us!vU?Q$H@o+fEj=t>&U&h&+my?WMD4DN5euhe=VuW7cm73 z@0NJ}9K@S2kLF4}f}t+B(pBGF?nmW2@{{$@KQ}KXCMN0a>+do?SZ+S9jox?=Z+)LH zpka3TTL=;+R~^D2KrUg7(VZa3e|~FF|NZJTs<-1IWBO~#jBW4wMxy&h{4K83U5({d zB%6moWJE*$x`mKh8~UO6ec|3yQF&i`9v9p#drmJqzO7Z<(yH*mIQo)G^ucv|4$Q$7 zm@Q4QNQK?NWnY-RQ2Lcde-5eBO5OGTW5E5zuxnooO`IidTbEqKXG-xWX7Fe_uhm&9 z=RtE_c|}K#2mzf(V7do*2B!L18oLgRs%!xi&?$Jg;iIzhNrAR-GL4eR_&3EkjfY-a z*xEstEe5u#Y>qHtuo$tjJ|Q@?f8?`^F-LHkd5NV4RKgBMFq<+g$Qtx?^(@5SKvIb- zDq`*%XZ zI!tAIUgMcAVU2^1ZBb2D_j(rZ2a@@crN0#g&BMm(XYzrMXzd&C zzTf>}w?9>+@#o(%9}HDxu0cWlQqo&)AlnU%lEy{%&IID1J+#kLC`c$oDTF)QTh7Z(prHcO2}#42dq&RyB&V}W zF8;(#KR_VJ#aPK2Hg25#(idlS7aT&b-TC}CX`^IhWc_h8$FtwWxaW{jV?U&ar02VS zzp&jGbfykCpLi;IiZhEXFcpln;`sA|GAU+<(r+(XKad~e^Aj8y z^UYBx+4;T?JH8bFniiX!Z|AMzy41fP)D6|(J%YXGsmcW5JV2^?0YW`1fr@FpJ1qW* z{R*4T_P~Az zL`L5MJKJZ%;p9nA0Mw^oIHM@0B=i2ExTK`VTDBYqv^1Am0Ajg6h614f&9dY{?%Byt z`nU#ATC2;}Qxt(nHaRb#kqJY&*`%33HxNJxQLS{6lWnkB1-4r4ajSY zjEd4^JzoPt2=9Y=SjKZs4K6C%`fEV+mL>xz@3%f%EYp4f`2q&ClAG&AVm=_#AO~z4 zKcM%RM=wCTGE z`Hsg2e_!8gpk@{I{BsUM5^yO5u`E$S=-Ao!L22{yEId5C;57-S;W=P<<;$4cF)=XE zqKiH|1&SIuG`0^G8vUz>RzzN+n%#`5sY)`Qhzn2BTsM|X%y?O07D|@~+}n9%I(z5E zM>vU!P{a~!VK_#H7V_B=hF4>cyl`v9`d{fOQOUX3Jt>z5VA2pod<|rLwEXU$V`IuF z-J8g0@X1*!$f)H#{HJWvh$_LgUtN|(8(zJ9iG;*cuDK2T5Yo_OTF#<^u2o-CTQ z_B|gj_o^_@n;LvjZO|jt!$naD<~=cd0S)nfw=izD(!c}U9K*xHIL*F`v#~`!)JfQ4 zPg)j(Q}Pe!XaxXrKF<{{jbyw3KNpU;^nj<))p|Gu=ziwmX)1-O;Z?9;gvjIHY68Us z(5<6q>zM@z5N{qF9DsFad1eUGxbLpd0ROGlRh9zjsc%MaHf&QlyuQA!e+Y8VjI33V zeG(Aq-#^XBlEl0YJ}}+@b~)f!?p8IgsJw|&VLw6el(<>8=c!SsXoXfld8C6ZLXv_B zX)(N`**TyGdda_l;C7SkJr!2&pzO%PF~w4~;IA#p6@k$*JbwO+i<=-`OgAg;~|GRqS0?C`8jbak10 z|6t+tv{VSXz@*2|*BWYFS0%IBA3^?Cr$UihFmXV*qgodvS}dABi?hc181M`LP%h#k zN*+}VFLrbuuBOZC?Ncl-Fq*hAozzLoNyRP-*IB9cCm`6;4NpuID)tB#S_Le3X}$%K zLBba1`7%e|zuZv;@tyF&SetGT{e@Ojpu}%erBD_`O?S#F4Rt5g`S}{xu5gC>&#^6b z>&OTDy9t2DPbjtvz=d&OlS5XNp!{5u(ygS>M&|%V#P+6HpN;_R4p>{BBca!NcORsQ z#q!Df7d&%g>Jh=s&?M2{w#Q3;1j$S9ce1_5-QzhpIm0wfw6tWuz1NlI9lwC8j2>O( zK5EiPYm&bBAWNkgi1EXuDFWW|tuY9LlPRd1@^HT6>gKS$sM@d7m}g8E1(s_%jX^$-$sGMaSQn9pLi?~6po*=6cQ5=w$S3D zqIxv)x%n;nrF>5rMwO1}FJ%!4$nqwj`@Q97c(}POLLx^7ENN`8yic7D^RhW`x1C)< zoK3_U5bm?EKU&;1i{mW#4(>EW-r=CoNi zs92*ikZDn6*NVkNHr*h!@svmdKWnLFyrr?WLP_5Y3dB?N1OlclIGBMD&I72_| zhKEC?!O*mn#y#zV{l#EWYgqMe>)pWMH2zXU5?&Xk zza?FydFZ}7m?)Tuy<;oPlgV-ifMrjdV3a5lf5(6biLDPau3+1*F?vo<&-;47MH9nE zTNPQFaG?ES)~E&sj1+7+aC21rRPlz9&HB!V3W?Z(2nWwTJ6H?Nm>{NTL`R~8pb)+W zW=+s2S8W>8$!vnBB(KzUbZ~G0Qx1e%zgP7e_2xUGBPKFgObPNpD!*Bc?&b8=dVB&P z2Fl#hyx-Z-IePlvwD%X*@YN*v=!KoWA^IclESg{b`Sa%2{V!2bQS@>o{k!q;@tx9_ z?5xR=9Cox~X!!9mlv6Bt#^&Q!Y2uC2eCd`iO-)yTRG4RIH^C6mmLI;5+%aRqUfW|+E-c3nX|K?L^*MQG;%|x1Pi4tMODxgR5pI1mA zgWM@k#QWC5=nEDNnhal$1@Hs`%>w8H>Qd!^0RV-fKX+vaH5$Eu*iU+Pz(W2w2>&D90w2~(b2)w|HR7>%BZx< zIRJ}nsgKwE;!*}9##E% zc?-));$@+SE4(C~Cre_N~ATsyTI+&@L0}S`W z+NcyaV4^Ze@jpv+{{UWlZhT8SX6Ctk0H+ zHX#w#SUkK0i(WMlhySP4kIx#L(~h5*q@+61(@D?k-s_)#Ok2=Q`?x{y?|V|CW^x;3 zn%o;p+h*}=8cb_FmZ1f4YvPmaPc_&}stfw9JwEq8i{o4lPH-**Iyah3I<@aHO3y2h zv%*j zb#_BMyL2(DWn8TYY=nzDW7V)a$3WDF zK(rCC%gw7sFtrD4YEE-l5lPb`5VA~?&v4XaR`Y`?*6oorRzLcBxpNQRYL@T0x$u{rrd92pzyqx6ov0SVUpDcGVV-_ylNS!@Gg9AC( zk7Xw<@kTvx=2|+%xQM1#D`mJu+9Ox$&;RqClzDBu-bbigCF_}Mi8S)2($>wKHP0rd zpuM6XbWn?q6U&^H^3m#9XSQ6VTbjW0NUrWeXnDx)k)||`_GR5EH)RX6qM?Yl^g0B> zmdUY}({6!q6jF1PXVGSyUCbu1x;e3qWzNj_KLpCAXIe7 zn(uF5QhY~2r2SVkjQ+QXKl^`pkW9-%{!*z!1khG^s2f-jQ(RzccPPcQ_r5#>tMAOI z6AW+QRFR8Kze(fUhp_!x*Wq#m@Ii)-jUQ|jQzOHQ<8@eZ8m;7imaj+Zm$sb<%mHIvKBF^3Ge>SxJ)VD7~Fi=>}G>BHS2 z+S&%?6VX8DFAZ)K&j}6&xK>p|5NeD^uG(^0;%=m4Gxukr+gF|jXxzNUS`$p z_*D!U1vcqhNUYn>qpxZ3$_!}~F=c2nht;3IOO%R!tVpalFKj8tza`YzdwPx#a}mn% zXDja3u=HwLE5L`sh%fB*g+91Y@H`$23csf2vJ;?@A+nnOd?_Q}lrL zxem|UcPb@$gvxo%eZx|E-ulb_l{}h55aY$6%>O<_Iw|x2pND9k45+isV`|<)*2y}D z{kkyL9T;b?+MmHKv#Qug{X|GsX$ne4U_hj4v%U>|&^+hs)nXnTfN?-sxG&LFkMQFW zh_*_!1(1B=8Ore7s%gdZf*$2D4+XJbBRy1AINW(kw;tLhX-k|#nD?9A_U0Cli(}M%~fAO9g{m! z!3CqKSLrKIkWAC4PFPLVFsTPm{%F>f7+)TKZdiHtrI9J9-!Y2 zmp5xw^}~^qf@fL6+kAmqr^Auf)*;CX!14t9+h1(a@tr zj5mzDwzDlz;|)~46`ciD`u@C)B<}H8Ezk4@Tq&0QDp|*s?l}gl?gSFg9>1YaH^aRQ z!8R{eGo5L%ZAO^hHG2rEaxmh!$WFIQL#fo}Ov^YlUR5XwFXfdM8JY97zw3*R>5JyK zSqv}I0&o7&m#^Q+b;z{`0{*yuhWc}yaIKjHO%dbrYvp~f%{v;9Ny03(ggxEKmaSy4 zVP|hStE5WbJ7a$kljlW6X2nwaw8-D0#gd5lnp~S0AwG%VmDKfqR@PCnSUmqpa5+D1 zH0m52A6xBLdRM&0sxRd>#sUaNYtVCjTAO9{f7O&kq15##51#ye)}*7u3D-fA=uBzR`nRB>AVzZ5@y!7k?!Ajd!Jps7 zRB$oyjI16npaBqdicSQWE4dw9)L$k*NqGX%w78WGU0*xF>ICNDbUSX@{`1#Q3>8eu z`EQ|{QfBta@COg}dgE~8(FKf8jGiaL3c&odmNmmy@=vcdIr7hts}XgqLG|<@|NXW! ztvzh|R;)AL>qK=YwAE3{z~UA%Az8vSUgl0NF!RrNL5fYo%2Fyc@J3H=x&GvV;ahCS zUw_}nc-^bq!mFk{!fhXp0Y>aUKYWKqcqupR7_KL$MmTE=$62Lz zb)_IaK%R~@j7bfuU{z|-E(n+2W*DRH-uQB##QU1Lg94GvaQKplIPL!+dH9*JdDgQG zV@xV)7X`@cb&a;&wzci~hA2PTTvqbEs5Gm8W0k@{@!_uK3!?`(cR;gZU`nH|zFyNH zsy8t$ZO5(U@vYGRz8m1@@{?ivhod9TtWS#`k_R-Jys>ObHLSEDRt;NlXs&G$l^pua zJm(0e{EZGXz|s3DAp!o)iE%CBlj9E{E>usaX{MQ(?+^IZq<69T!kNB1eo zf1p9&L#fA%X5}kO=AL~1WBK#%<3+xoOFW3AA3d+ks%`eFW{@xcIH`Glspm6uoY|!! z|F%D3nhPq$hm#&$5W%MZ_1zwrApt{;tzc$R3o(|1_w`m9=uvB)&e6O}8LexBu6R^Fa;g`jjP_9c$3sn3>B418^Y2%`Iybx4hW}QH`LUpFhwgvh^-; zTbyOn@Cy6j-u%*?WBycw2m;bh#^rD&K%_aa1o4Cb+Rf8{oZ&zDS$SY!AhE+8P_(1T z1tPyEJ)xNXcljLeUikUl0Xj}mo*`|mA6e%?m|bAk`lgg}(M%VdmqP=wYGp^@V(I6P z0T+7MSYKVV>sDNN_cY13j?HT$#^1GuKzi;#A3+rieT7`I7Mw=M#?pQp3fe0kk2zg$ zc*mvahK%N|P9^#m#cB{spZ<4k0d5s^#$g1&fz;I0R8_@>VLkK!p#Uf$JgY1g**S1x z*~BGNf8H(ftBY|+*#f+Q!hE-Sgu0`^{F&Np)-J6_e68V5Nwc(4MXgwNOUv?54oOel zhHf)bSy%{`R5D5(QxYpQ(@ZEB=v3=uO07y=z8m@ zD!XrOnC|Wtq(e%&B%~2(Hb{q(3Mh?qNjFI7rdzrMq*G9&1Zf47Mif*8eCPh1bKdW~ ze|%#&hCUB$xc9#Awbq>1yrL5TYqbPA&n5S^TFXuvXOMaMuRZ;RvNr(Vc|HMwNFpul zl#eLz46H{)75|mp$zuU!5W9L3Dq0OP&u)(bW9%9P*aBsUy$*U67rjfT)Y8h7a2c>;hojs4lqJM>sCmHp{lA1N~f?Z2p&2E zK^o66c#WVetRaLLdEAv4#VPQA@3|n}=q^ZAL7iPs;2HCjP=$!3sEezoCR zQ>C{I*iFs9yE+$=e;0*Oy=r9a_}1&2X#ROkNER+pT2cHJ_{iV^8C?VUnqKf;Z5wzyfmF!)TF`MH z=p6t;1O4h}U{E5BGzkAv`U4_=O+J81i!3KAYaZxev9Wl5`Z%K#5W=)jZ>#4A87+o~ zaw<4mNwNfR??n(jJO`j+>vR~Ss4&o?KwSt(1Wtg**?rtks1i*SrbMFh6ijjewN{Bh zI_mw($e`l6ooW;OK3|$L_d~P+NRa<)lZL-$buEc(YEA5Cof32t`(Dj0Hk)_O?@TQe zd`ep`!VH|wI@J7oxlnnd^118$!NvFAW0R_xJ0|M*0uBKWa-ZJId1|}xW2w8I&35Gy zb`ezKLZx9j*PUD{78V6SXCMY=0}^FAzZJ#5dcDhs*IO3zToQ5yK@Ng4TG7ZUDCmZN z1Ns~YVgkIK55>6qOMr#M(i7nrys{gNB^S1^6`4+70+9dL?wl*I`swuqffA24WQ5)!U^wAg?jzlLF1z}dbupxGfIAy^EF zPOlgg?^c`C+E@a7{u@%U78@P4y}etg%30ai(2b)vpHXsyxR-DP6q$Wz(a!QVy`eEI z0eEZ`;*E-bggQ1U8hclW|MwQyZpgj#tovl57Hn3eYWKyR9_xN+=&qEF*Vg`AOsRsQ ztc=lrZ=^*&Snkr}{OY1HT(tAmc%jIWE$)C?I?F&+=p_!oq#!hfFbH@|Y|;AzCg3r; zd-tWd>pVyS05i0CtlaA$ii+rlspZhnkOrYYT`>5uc&OY;fIej!&Y(to{PrDYdoo5w zlv9uN9{(yCnoe(Xwg#_jBehU}mtui#)d2%@9>3+yVkb)L{pS=Dp`pL~-2s9mo{er;1bRC)nB9 zKal*~XE2+1dFz^g;V}>9Za6|KT)@xee?4h_#SckITlP7f5{J>Xt0&5CJa&4U|M~!z z^xGXa`A!m7<{8=R_3m~?$q(IQybq*$3q{=IQ(A*YK6nS-BxQQrv}jwWX;Pv73bGPI zF1}ntIv*VM-SU z@+;wzoo>5DR*o;}OrS1IiQ!OAVX7Ma6nTGnBU(RqBn*2M_>Udo$9@nVqmIr7pB(s&SaV|0UPPD-UYH>LeJ=^zc4)iC>s)gEk8yr z0jODQ{rerFur(N+uv}NwFcdV!KS1RB-AS5o7hf&uujxLb#8Sv5an;Z)^_1NOEXiZuBXSJ$8J=Y+#p-b^v)xZYvJK9 zLK3an9EurjOwxkpYeF?X-&z>XBqLn0@3Yk0UI+xu%69>kiE(QY`1sPdr7aoUFA4&)C2=;KO5QIBApX^+}<;kf+l?Ihg{d-&dVjB%?c^0%yOsXaWD?(58YluC+CDg6nYE`!@ncTT> zySi3B&V(NDPp|v(yK`}k`9RvFdiK6lWm~52ou7ej<2(!TI0Z|zRvq2hsj2!F7Rz8f zx6oG4ZHrcC*?HD5!mUj`E_(b=Kw1HTV5rp~)byw4E< z3p#;;uP*{gaD)@?Mhd~k1#>Lnr@$q90U4-rP~pUe+e*XFIrc#8>?eMM*ioRQqv70W zWD$2Ug6`ht2K&gxMNm$=up@bRmyNCpo8qFxqg5gm+6E7Hf-QR3&|oNhg_?;;8wDlbHX) zOobWj2cGwPMO!j6GhYrfKI*Md%Tq*a`L@<`OULuu#Ml_5$!hQLPiZ+6TcS;oJKcM- z2Aig5x#H^Wa_-PHpfn;EBf=5Y60R!d0$Ct)Mg_3VRvN+#P}mOK6k+TN+krK&#{ZnW z?W~0nPo16pwZ@gI=LjTamt9+a-Z2_{TsZ@dDkDkt^p}@+j_1eFd_-^5hcnZZdv2#C zN*E$_%bAzz469>%z4EqG@6u$-6f>JxM!xzSayMaK_Fzu;Y3981tc$l#V9GG^!FxY> zIqYpthmQ0`97%r3kU)B*X!}6IV1b<{cbx#HiZTt7OlnlIl*40+Hew^|+HM+OBs-RV zqXdx76+G1iRLAP)W zB4uynXLqpMHAD}N!U^HHn}6x+d{IlQ4lqciFG#XUyfI-*=!3Xql3=dUy?+tFL!d;B zCYCyS63IBsLL}EtUeWcIl}*_}n_3eu4x5Su9gA-!ji`U@4h*U{RLi{Z^!PX=R|-=$ z!)gdr`z-}Y`^RcZUkiW8WpEH0>c3;Ph)%C~?#V60DwIu;A82H3+$VJe#f!g)n~`37 z0%XWTK@0F9M~L>&yPkk`E0hgvyCPDYj9*TgC$b1D{AMy;a5y0j;%*wcF|BT1lvP8M zCf1PdgGf!k;%SrO-l>!4>i==4H--`GA;sam8rJR+*><1R774IMj8{Tow|gT#;pcJ^YF!XKchb{7$W zxiK~&jbh&989W=1-D;;<@~8|S>j8F7<>dDdf1o`DocB7gb|0s|rt6h@-}utY$K|JP zt=rrFo!b>Jb(eVMkbxY6J?~P{aYkKENth31YE9lx%REP)oT*G6THwxj;Fy`6qLR_j z7@?=up`yR)Xf&&e;6!Q}+*qTdSwq-t>Ly-5SvF$+<)xs%xj`SUz1p`ofj0AM%|D0Ld1R;vTZ$} zW+yOJ7R5jZ@k32TMT(l5VFIxxIqrX^`miUaer6!9R1I4T`Y{RmP|z9Q@$W?*Kjk{sS1N7oHXi`~X@f9xH zFSqcM?od4t+E=8)yKL-yGu!3{TneuA9mu^`7eR62VE?zZ&gj`Ba$iVhw4j4~>Vzg0 zZ1a8RQ_G&Qsiio~WI=bbxw#2~vL}$R3Ob*MNoyZ8w6z1Fv$Hk-`}Z$c=wQ}ULVd-U zgLQHgU}S0vhowmx4c@K}v*Z@4JQQ4Mu*a2HURYS*g)$O0L+8DmWm!1n0sv)!BbAn% z+!KU;P*&O1nO@1=0m>e9+Ibw{Q0QbNM*xrbffhhZ!NoE=h#Am<3}y?MrJ4#yCl zs3%Z8{(g=ZTJ>3S|Ni|uB-Q!vlxCy2hQQC4j6uJE1W_=s0!J94cq>1@-ymEhqog!M zAT;hiZD1X^gt2*Qz2ej+SZ-iQ2zRfnA037Kn3P1x#i-_fM~ncw&Q0_=iqlvDq{q&! zta})km=KfBLo*(;dx^zTU#>l4bDd5qoWX9f36V@Y#^G2uCT5Cu_xmp}r;C1FC= zwR!%{_5@aDCci1FwgB(fRXE4LiSKlP72J<^vT!plKlWS!LFEw}^*eWuUfGbVAjB-% z(gLb4h74wKj$O)=eDuowZ!ApWXdyhmys0hRCY(Hl65^sMV~ zcK@tJBS{I!Q3n?g;e3I6)XbBao&Cij1du+IY9Alqp8`1Z4e!cl78E3Mkn!;Hf)%nz z%{LGU;yCk8-EU%(Mi&b6K6(*&sHv;VMK2JIdhC}Q>1e)k1+5u-yiodrrM3@*o*%GU zo&tLrio^wDkp-Y=>4}g)b@d&!c;FDhvw%H_ip)B?- zMMa-)fd@hY{Y@l&zp=3~2qp%4ht-ljlM+1W7TP_(Kv*jDG)a~$`cgOa=qu#-0Auh0 zP$4ENDzy#VaZpUT2{&nciSz#c{@4Ga2*Z%ij^*rDD%iNdlzn|7LX*eZ>X;>v;Zv}k zy?w)_fLUXtLh4YodIMbK2w*o^Sy`vhjt#`_ zdvAiI--R!@qPME$<9Yhr{taY1qb1XAkI_z`-mW9<)??|x_{Q_|?EqFC(J8J@)L}EB zNF%i3Epz6}_w7Y$YS<}R7$O(;m*?r}5r%&O5NJT_-|d}_i6S4y)cryB8~BMRL$E#p zUOv8afOIxO?;~;-;o%Adqy}AW2TTYI3=C|hfI~wmE2{=}D8ae8xp4)|Gy*;@3HNgPj!_I70Boo5 zmwtm?@Tp`W#vd8=L{*Xmcw9(q*tB0M$~4T#&M=x;ic{E)Ws! zh>Wq5HM4#jJy`dRrYpnfdmgjRX4$e~s7UNnfXa&<-i5oDdDp@g*?%~MehAAEMXM%x zAd!cOfl>dSlZy-7oRd)y(BVqw*NNvSr(gIl?7!Espr^q)g7eZE2+=51tNwlidb%>T z)In5qbiZyHlc&|7H0cRmn5kfNLSQTkpyqG|4OM#MI{Osuz(nZ$kV6%Vn}CB_OX7A#vbkBtB*R2lgs}%Y_qc+3YXa&!E6m6GTCE z&}Q05f0VFj_`r{QlY${p?fmvLC|79khs(WUwGNvc(bxkK8&4{=a55S=ko}!#U0UcT ze4ey=`n2edHJzbM+8BI5sKC}J6rC>*C2(}J#9FTG3~t}!S7cko-b7I7Z5Z~-ru_0t zH`^fb`Yhx$oehp>)CT0ZkvkoiG=b zdI>wpOlyqcdcExcY=;2pCR!4!E4tkW!~q0ZD342E1hv}Ijlpg$g>jt>pEFUsZ#yPY zZxv%BH24=Yd1u*mGLowHs>4XpRzVCtvTCa17x|IKz}O)J7MlQmg&uwdYm`^b$fg2z zM#CYH*VNG+y(sjQPrPaMhQeRtjW#Ht*g;Ht`oOl}RAf7)&?`)+jSnRl1fCN&w=MN5 zHqYRHeH2E(2qE3-oAppx$p^#V>$T*5k(g3Eed#$54JLhUzZD2aBG4Cx>>3n z!Fzxh2h+}$VnCzUoPm*%5M7`UK|~%5D)!_$5tW-n_5#t3Fm!RI6R`D1Hx|A5o+YfB$tP7xO?16t zTNxVU6jfdoZ#QX*(r{P173n|gBRJOu>xj@5wldqxy-D>yTPjkkR$z7cg>|-BVH{d< zZl3bOmk%+ty6`alx(R2o4T@f8Yyc}QVVc;;YF%($5YuRbuPrFGO&7AA8DuSVb>G3! zkmMf|g?5ihVislWRp7e{UGZJ;$TP?vX$1Sm{{nt~#HQV8JAhfGIB#l__D#kRnh zEY1&sej3>46$jm1(_H?)!|q-g(RH$iVv5Gv@l)Q*+YBII?e1OKvqa-jF*;$HInOYS zM)O6d_v^+3iiRS6Q5ts}-?PrpgwC$)=E%;_UmUCA6=~^9ouSivNq7By>uCMG_*Ftt z-ypYa)pgiT*#4IPzkkv%Ue@9`>{ANXHoiei#VA_zlXI#HTm-6hUV{{i^Q|C6$4}FE z8)Xh|ZhH|95dG@+$mF1!PRkl;XS{Z; zFd0uXqDDO|5Id9Y(CUxi7eUr9f~0MYX!Q!ye&v|JtvF)2{^jsg5UmR@WeL{5 z5XR+7oC)`WS8{`0J8D})LHux3zj*ONH-cb8 zqk_Q*Tmhn@qM){tVmoFVQ$XY6=a0ZVX?9d0Qpez7L)WSZZ}lE4{-CG1o`PA4<`r8- zCrDO7#NDPfZK*hH$?{OhY8@`-C`ro--`^PH@Z^w9^w8=Eqc$zHj~FMfR8XI@c4}5)tt}!v`h_a-b%7qgV zogb$vuh%04oTGm{6{}@(kZosLe=+P8$+y6EA;>F zV;w9@K!3K9UepUyEpP*V?Q;-UAkW1WjZuicBse&FM^QylF?7)_S~*f>00taL!#E#D zOIl%zEpoz^&FICT&x80|35sfT$KF?aq*co+gkKDi&dw+Q`IS#wI^F__X~Pg{CH6*6 zfsI(T`d@fnLH-X@=FAd ziJr@eg@6ZSBQ@~|3~&Hke*yOCY(OF(`L*$fh_RPP&ob!>62pkkh~^}Ue;NoxRSe2S z+=;!SLVxFghAX=-zwqxH@mG}bH9(9o5gK8^XUtK+RHM+ai!c3E#>0k@$|o#5<uh`0LZbjbs|-We5fXFnrL%*c2FLi#Vm^w}qv*XfR5v!sCC?@(~__^n^h`t3>`f!8{sUd5k;0sSy9w5;(}S+DLTjpH{(0s+8XAR_5k$gWFAbk?{DY7D6pZa(Wd^ zZx+0HjIa|Bp@}i?96Y`xyn+8aC)B(?B5vwa?Gg)2_ulVOMi5War>I@jtboQNuoLot@1#6ZSD#IFyE z^zYy)Nkc=^FYy9`>x(p~?-mX|_?v%+1yxn? z4X#uxQ=_UQY@>$WKrf^gFu?~cdsnK7z8_*AV({%=M-G;M>s`Y8~&!F6QSSkyK_%&EIp!#H9~e- zL;Hj-hD;49$Ew*YOE=KY&$$u2-!KyJ>(IRc0c{#*vVUCdv(8}9&&d;@-scg<;VM@) z&~kxi_g~eLpN^F^I`!d+7I5I)3{lya4gP@nb*1Ad;hbI zua7?7*j#v{&baooY#w?c(JG$T85Knym3l*;4GQB<1lL&zyYMQCz8Mt7^_MDB$7@IZ zLiERnipB|2S0OC4jP#%Iey89xqq#MtPgQ%k+96ql@7thl~U*pPnSk^jUxzB z^;I|i^S%GMa{P~A0-~; zR|y-{Kj~BksxrzF^9>3P1JBziH0dl3%iiiPqY67uUVYUM@HV3U-%pdzsG&WhUHyZl z8hv#f1{E|Q-v9INw$Pu*B=U^CS1}q;^BJ{I9u_`KiHta;!d~Z8G4Cihq?lG=jl|Nx zWXcfg_YbPY=Hembouy`>qWTH&eHS3N?{EE+!>F|3SjYKUEy(#lclnq_`~Q8z6u)?0 zzvZ#tF;HIpWEb||cNukEMt;w(XJGKrqdq1h{dUxws6>(pVI+J~EB9T#`z-^#c`lbS z#%@K(7o;`G*mwBX$x*~fcYKV)|J=TehDo+{`Bu&2SJw3RtkKaoRR5x=X~Y96qrmi646X`0J~R3MWml%emBep|<`iQn@_<2Ropzm zyoYt_>1ttr>>3bPpW6NZ#8Cq@5tKVlt5PlQ)N=B7On~X#!a@!d#^CIgjT;b6V!VkY zn+l??lr?&hrAGn5jbRa66+jP@m+yZ4Ish`(e6A?*n`Nk}s21EL&f~u&Ds^B~>j_4C z1g@pQa0hRzo_48wok&rI%#Y9m!=@=1@?Q$RcVOn}8q%*b*r+rL|;(+0ItCX0vEgvphOb zHir;<=aSeIx8}L%C-u)7E&{;&b>*Qi&N`@nKZwTxzGNaLZPUX8pH7o6Q$`O=3YPUe zFHC|qTaFl)Gh~m zlmv-pwszhoxhoO{2Hu=>M#Fq%QSJH7+q`zhP9d{QNSoA~>i6P_xSEQF^2j$I`F!2l znZC`zG@<{z9n?jEnT}!vkQ2bU zyl>AnYW*C7Q~!JTi~2YXLNF0;SA*xBnA@9k`2zi44}0-&R7@AP-NU&4Il!`v*x6Mw zQafa8RAOGJjO>4nsRk=D@Zmh)m@v} zWDxYa0Yuu1{6{YJGEh~$h6sszd1$E_z@>~3YlEkBWI8Y`4Y>`|Rf818sgquw(lPwe zy(EE3Dx@MORb=OWN}=M8SL0rDPnn`SE5Qtc<_FJMe}~sjks|&XI+n7>gSTN+qf_;# zVM62+O0P>x_CJeeR7kYrX)BY^$8jPQ(nN7c*>E2^h4}Q{$>zV^-!ks6M89WF;i}y) zYC1k@2L$b;^=k|=h_Ux~5%!&eVe0}Lx!Xkk;y6@8Spq|Uo{jja@gkp8BYBV~0bv}O zqhXssYRhOiDPXE1JNixa<(wg@M76gvFd~Jc-~=68Lb@p8-J=B}Bi5*S<))Ri{sCPUSe%9BZ-C;5>hRXC&e}pl(e@Q#sQNZrsAoIZ6_hln&Kv?jVQ>YgJ9MA4 z`rx$lj}};elrrFC&d28hZ~{Qk<{e&JAUOvA_f;_D24|CN&^_|<;#UGQGa5#kKU!$9 zS^CHfa$BhvzE{<>1FCB2DWdC+)r8S7o->yjZ~1O=76`wU_7#193*&r9uHS@AH6i8cix1{I^uT z%zrU%J=Uw}pJcX(?kE^d#{KbgO4EnqaUNZRwxt`3SnO&3f zJGTCJPFt{#VsQhS2vcMbaD$6HeJ1F_B?WBTzrKID2F`_%14J;@xh2^B(}0d|2EY(8 zX9K`|JVt{79QiRx@|YXwZMycMA6;fMOk}mH zn1rLq_05cC*`zI8Xa4jpL=nk{dS7?d3BF(NCEl(ZfgQe6KBTmxsKqTA!08!v1Ft=2 z&p!_HU*Cj}43l_n+LrTIl7K1A)W%rDV*6`Z4cJzdi`XA0Zr!dAl$;(-DhnBV#r~EB z{WmTn-XpB&x4ZUwwckpW9Dkdk4SlVhh*KUi=+|CoJ|^On+g?Ou(34H3C9a3ZWRduz zd;a2E3DQhm9WU(NR(mchouMa^TPHlO^Ii+xL2f&kEi{g@(RAyW*U_SfDfFlOb?W|mr;?z=bq03B}{BIIo1XY_O4 zeC^?SD^h$@NQ%|eUPxTZO(roUwKS2f##HY!mddx=<-^I0y^X=%Pg70-ql7u)dl?9*F33F7**#p*w{`oK%zgUC@WQgLPy@E7f_OhYa-`+N$p6)RaXY<$6yqrIktY=%)}6$^;p}w=Xbs5Lxw7XTLTPdLZzR88 zR(dQsO8@Yf2K$=lji-N9a4kolK4D=`?%rmM^hu)Sr)q$hQ8GHZislcy2#M*CZ6X`4 zqd}3*X|v~5-X_kcTUqH%2jvosZq&MWV!5_u4EsG2t!c|!<=-us@6Z#veC`nC5ffMi zkZLpwjpQ5*kH&Alm%}vlfl$q4xf2Z&6B;6$S>hJu!}cDahZo3rpTinC>O4|NAB!~7 z5CtMPfMP^;Aa{5TVhFO>O+p%h*k{i=0I;*wU`&*{&{ll5Ns-@!!f3I_9|J8Ncm@h^ zo4qgea5RO5U^ni03ZS7zxU`~iA;PG}qIj&jaogA|DPw_vzbfhLHuL0!^IB>42WK8x zGxIbvhiQf<5`SAv&xpjN*)Ll}0#vGbFv~RUd|tbZJitl%Amrq|DCF=I7@_XiWw+p=9WR3{Xi>=E5qvKq1!~ z0HzUdDIwNp63)$b7#pVmw#|mh00ojg*C~g&WUw%1iy*L`FT{>e@;=`rk z@$qD2pq(8z{lUh|eKY4{s7qm25H-4JV~Rmql&7I-$6+Ip-@3DfnO_&$JtcY%u|KL6 z7_J>p_6a|+Yz)Ce?HwibS|QjHVh1_z7Wa)2arevIUum97$CS#gmkC!>c9nX{r=)H{ zkXpouRaw+Y@hV4N<|MpC*`truyNi&Zq!45D9^*I%3lM{+7SdH5cuJzC>f6FwbkB@c zLK0Ws+g1zQ;H_$nS-f~nUnJyn?(6Hs&P;MkGv#^TlR12s0)WUNhZg(3$CD>wT}nzy z5QGatC`*gM!QS31Bv;lwnnb}zH}RDEVIcko_y8+luliJum8=;{*v)w}t?fmrk+WfP=4vIVZBdYz5v%un?^rWCYsa%5 zn;<*s=}h*&W!e%1m8GDFg+y>U;n>|h_#D47Ba%w6Z-)iqtv@=pHFjbkVUcTxWZ{M0 zw0}g604agU)|~hp0gX@*#4_DRiUWrD<`LcpZDT#5=N?*PD+TgQrB6_QA0Z z-DYVsAA%SAEBh0^h{6)nUIkvy#cB?;7%z?#73%9MRs^@&oI=qP0*V?huy%R8bAMFx zW4e`Hm9;;M&S_w9kDQ@L`++!bxqBv6Ha{TVj4b@|<3}>HY!+DD1C4onTnh_@!c|M? zm@K>|!^6j?7k8O0QjG^y1qd%%AFl9~W6vJ8rw`Z&?{9%*?iFmqkd))$;OGeRJvM?9 z0eh$+2e`<4c8Ra`iARgf6n)GISKc2+YZ_jAC21`Cb51v64p}$QzW`PhP#QgE(qbY;fK{Y5f|JHJx@451n}07Qd$*kIJrT@w_yh%q zcYwn!d0-t|(puDsd~@vC=k}pgI~&Xwzx3q83uVN`sn7U^0&wk2s*O*0a-<*MS5iXn zNF^tkL#f2nVE>5OKqXnD9EO0JjI^4Z-&^%DLfF&__kKIScwm z%=_Vq^xX{Qx(^;Nxaso$)x4j$x;1={(i(iZ?sS#Ye*9EeI?&s`cJ(dzgX^p zv-*{!Z(q`^Jz-XzyvOgso%7kzRBPy}^8u36WoZ9Gr^sCoS!Z+Ars=kdxT1eZX8P?K z_Ltg{bs4BuZBm$G=y{B;2*&8YtOgz>f?-ye3#~eVap*XPRF~0=Jyi>lM@UQP?$F82N-iP;7VgR7@A|#6U`kKVs9D`Xl*JXyQiffgB%C zYo`fqndfsx!JZ=YGN_~|Kol=Pj^_tFLvVY2B>KFbAP9!Qz?`%I!@y@zk&!@m zWV{Ael`z5n4I(CX4pGq)NP-&{Q|m0g^D-#e%VT23R#l1t@j072cCD2IuRIqPnEhoown;QZg#K1*xMeB| zE}wh5wA9b(f6}Vv+;WPZXQlqqth_$!yuWWZEgaC2yBMFP@cpFcTF~|!?hF5eFmCJa z(>L4-zk|-kM1Op`Ac~9C+t`w#$l$q`Fl> zI6O5it)amCEc{{@53%({v|ZK7@XaTOpZQ8Lc$QivGEQh&ovw$nq5Jj(Uq0N_$(Irl z6x2;R#ds~i&+iJ@N!l7V)wG|XGJyySSSJFvm?u9UB{HS8@(ar>eptW>+8X(p z9^5hD<-RUa=wQBa7-)&Sq=-PUygi9+mEJdxAXh8OynHU|Gje^Hqhn~-^aBIRyL{BkayTi~J)H>=6qn zA6}o`^_;Q`W9S~*4V5Ml!416i+;JqMo)$7uO*#$hT3i;t?9C(>jFChg5aHg;YZ-FP zdIRdo$CI1)9(5jMEj@Y}bV+<5>-#J&k&u8GKOv!+F`?q){8ROh?n~+S+yq|%?OX!f zY>S8OV}A8)&EHGAH)Nb!yYy?{b*}a4$3siZaLnpjAAa4cSz?(jQ^_FTIN(2TtTzig zPnQ5*P+nF>LruMLJB%G`UN0cv*-iR{fw;IhkmUsXJ{78v@|AdH5dsc_Rf8$y z1%`#snb5X*Lg@%tO$oI0)YFv8Mr9-=vk5}UMv+Fb#+kT^)EJfF8HBUfeP^jul?A%U zBG44^{L#nNay_~Ir95INO2Rp24T@8{_S>h{Wu=zvrv#j^d=|Dy?}MTJ2L-&6=%|Rz zN_ldObv3CjCu0U84i!D?(Q|wbY5$W=(DK;2&2*+q39~biq&exOdp2)+6J z8A$AO_IQ1<=Wqf6M{yCw0cIr!&wmuN@}>VaJwr-p8YQ2QQrJnsy2u0KOK?LJklw?2 zNiW4FbC*T?lrY|T=Fjy4ws)2IQ%=ths^&f`9*kkVdMfdOC__$=tpDBia#-idUME#4 zmEy0_FskeEshDFMddi~VKNu$jb9)iz&Siyb-A|sv0D73{(zbS+i7g4b%mWZp&sN0y z3qC<#+(38pil-HNgA&DxZr7P56V%>+WOAihJx@c9{WsA)REDmAp9KClqS<`QA>*mJMg#>}szsF!{u!OE*bUuKJe9h(L15ZNkOztoEk|l`p@q zO4p~|&;tU@b_yDaeXD|ZuRbicn8#bXZu`^>^$8-neB|$O+RTg2Fy-1dFD=sk(Bi8m zEn(@Y2qC43`nNb>d!Mc|O;*4s?+)SQCnVa_j1U_)#BCjfU-e*pgqi;z>_3#lNl#pw z8Qa{C;v ztcq2@Fc+1RlM@sBDfJnH_zAoPby3wSlD!Kak>H-Res6X2ktd}su~ zQ6A-Jsuj<(Pa?c;D_SVWBPTkfPwfnZoCKBKP;^Y-_??3m9CA6}$GlWeV$#&sR-w{i z-A^V{n`c)`Nb$`8g4`_1MR>K@nX;9S$`86RC}N!`zx{!O5Db^&8EzozZBTx=+Y?IZ zQ2a8mIT=$`0)i-&)~BaVRW%R7j12myKBYe>>NzlOr)X11@$iuQn?XW~Q+nUXpK$IQ z$P}>-I*HjyO@h_`L9~MEJ=^7?@~Hr^i794bjr;FkB=(^~0a4V4qag~XGgvVe!A~jF zPQbDe(5&RuzTN>IWh;+?Rki)7<=+^-!WWQ*9#(n;2&qYRW>)3$vPF$FIOorTn`m*5 zY2-%R>o?eAK4MRh)O_WU zTh_qatXX-MkT5u{ZepwQ0!^h;x0sM9{?Xib@Zi0BEkkFNo7UOyOj(;j^Zj`*ZST?*gB>wbsVYxN z*P1fLvz@x1I@BZ|{|*a~#Us@ouWPKPe!*VyEjyI)*mUp|4=mZAWs-Ulv{F{ECvm_d zP}}-xF=ElH>G9>ZysN~)r>DmYWy~>eC+EXO{~ozY{A=(W`Rpxg;i+=k#3atf8xQP2OAl2tPTR4kyy zsB8ck{0dr*HK6?fU>?(tI-)+0`T;FX9`r|2B>lI;L?Y5T8{h0!RezhpkYoZdD7*?* zL@@X&I?(h#L~+~tp~FB)Kk7A7Wpyl;_1}T-IC15-9kB#Xtp2JnJ}ES>FnLnSZx9a| ziA@qEwY#xE(1aU?s!!p#XliQO@lDg41)bR7$OyY3ea?5`PXN9vKxtDEK6kq`TsWy8 z)ke8N2Hyugr@K5ThgI9mJ_$8(+lL=8)iQ7s(S*E|DyOKp@4g5E3vkd}bpZRxLCN28 zJ%uwRJ-sQi$$o_7$+dplNDH87{yYEJWAe)4nU5Og^%9VE;VCiNO`)3FV!T$|Pq#q9 z-ppHw&V{*zWu=+vsJoZQ-cgw<}P5`i59CeC#{b@L2& zf>R5JV{Pnjr-T^UC_04lE;yWgz1I36!yssBzVFJ@F6v&V|Hz9=+~fz_0_Kf&L%BU# zd^Pu*yl2iV{~F8~BtwS%*FF}(YOfkZxARe7u`~VRJ)a}%Mz4cPug9e->H2yBtY0>- z68g9DNFQV_jJM=^cP8Js-0Qvi@+YQ|kfv_Y!opUNx7w=3=P9<1ne0tZ+JA3qN}9)C zeQ+iYUh*ktQV6(EG(S(HcGacI$S@N(E3f)^IEv`l8hvBW*;BK4`gXTFYR)aS!Fh3S zv0Y0$?zQh>jkgm<0uGb+skvpxoM+>@QOlx%o{@nvz98GJgUUe*||I`rwCaZQbMU0^LhhEYu&kiwhx2<+(rosM`$@*FCv8A>9wf(nMN z3X(1laLVTcs(G%b9495!@GTw3&1ujf!C>loJaph})H*^OU)e$+r|E? zn5Wn`i58VeU9jk9$w^{CqU|xB!Rz!2Mv6)Ta&keyqjcy(=OYc}m@QgKA=nm68^DXf zPQu|9QPdQ4m?HdUmjXdph2b=)K=WwQYf0$QS6XlyuG!M{qN!opA%_PCZScZIM@M1f zun*OYvrvrK^a|?>J){${8w782sYk0_^f&L@EGz4%rBPZe*yP(}g1tWO_9^J9)`u2) z{q|cGns8*X?Gudxo?0_`xGjx|ly;;J)7+uhcZJz|2 z7wA{d{a6dyP7ZOE9h9^bmzSWQH_1>t0n`j_zw&yIeV7d`_Vg{5zR~i#pAe!S9oTWp zUcP)s&q(FOF91Qu*N;5zpY=`DU_Pgh5gpeW$B2NL-{44V{IiF&sj~`vd~CCH$X|rV z_E}7lFUCsJ;}pwT%elCF>bKi_dqx+IJs%9^|nW7Z-J1m*I1` z$O$%l^}5|P+h>TgGL?BHE*4;HH1r4|Hg|*60ZQ|u#0%A z(v{_s&$pb6pq&b(4JEdk+>26ovFsJQ$1?fd0X~{q8cx~Et$|-1FhxD;*R~t!#K3Rf z)9DGNnziVk#KFGm3f6|z>wf}Gxf7A1R_c=12BVWp_qS; z^6ls6CsY$C8jT$2C)B136INm~v#?;Iph(Nhy9e?|6Q1RIi7|!SRUixP>XOSz71sVH zZseqB1tV=jTEWOaxQsYw9Q>5l?w&D9czfSb=IHu~k?Y4B19iX*2IlPLtl`~KNSF8& zc?q$DIHbl{GKJS%Hln?6d-vglov>n+kux=0vl0@-I7TV=Q^3e5+L^cjFc4)~WUp`$ ztEM7LzwoodYg>amG|#6;a5V@gJy_Le8(=Ycu;TZpr={7HXYyaYqZ~vtCi`=p?L<`? zBx9@zxdv1Y?Z2@J7|?B4SKx#LzVQ3s-@n-2N8XvZ{{u=nlvonnJWPHZ*>H1l^?QKh z7|AdrmheOJ*yfr{=`=MGyD@b1c9Eh{LYskQ&k^Qti_jtcAC}H4psKFj!gP0cx1@AQ zccUQP9nv94cXxM}bO<6yhje!d(y4Tw$@iZNZxCT`_gZtkF~&2*k$#^CveW$B41|G3 zggXbSC8rUVZ${c(>i!tf!@wuJ3JPLCt?50K2||_r3vP_)dK@C6N+MtXR7NOj3?tH! z(NP+<(0ZZ8A;{L_j9pj8qY%w7q$Af`cLrw5?8SRD_dvT0#=4e z>crqpsG@#X;Wwcs+Le#WWfgcS?dPMFo;R<(*20}LDw~0Y6KS72by07>LJuDn;(9dKnBUseV^>ip zz|0diW*i=k5D|+s&qoTbRQrWa2|Yb6M=K-sESe5O3N$^h4jv{d3I_J`^X_DbAi8-& z>`h0aoY;bnm8O_$mFUZ}xoUeksn14r#zrsCgc4Q@o<=VL&mG>d#IAMT zIXvz2#=HXD0b0#ZiUq#DPGZtYnwHaz-~PHj^0rzHBP0FgB}7dqz)T46^2`36ef+U= zS{WyY@3ZsdWH%y5!iCxtB4)kx^|n5$J|Ossjrfz-6V!Es;6=-cT-5h?2F#UO1dcuJ z!JN)JLtxh&>x&YIr@Ly*BFZcx@{01R+i-*lUQ16(ngN81!~jwR4I%PtH$5#jS+qtB z52RpNC}ON@&I)ma(;s}V3iR%4=^>ye&IQf|2}=!)InV|H5FA9%9q{jTw_yul%EHlC zgb2}Wi4sD<82#!&j_1Zj`30gvlDV~&UX6l~=$sGW9In=BE@ZpHR8=m0yQ&KHSrk{2 zf=d))uA3AIGaTa=tOrfKPBjAkNOnF5{!HwO5o}Aq*pih(WK&f2;DUwIkd%}Jk%aigUE31fz z2oWuS!p|&25cZnxGQdJyq{A|B4aVdMY!QrO zN+dd%R@M;Q>bBgzI`(F&M)3xg4O&n3$~hWU&4g~sejV>ri#WTQO#P%}Yn_&>=lbvJ zyGx5z53cy(?5s+mJ)YscmMTjS5&j}0O%WS&hrtj(Jt8SYQWy0Cyx$e*`q&KWNiB+( zYTRtx=DX-wnHTlRGpVL_12&tx$zb3H}5_=|!X4rh*Poj@% z<`tFGlG1}DBSTD8(`FWVHX8*=%2o9r1dSnxjfM(^bYg}#er|p+HgE1foed6^$!8A` z%Uo>T1o-~QNayTa$2&qU`1jX>ESfYXDz?qj4l07Ab`Rfl#!@uP#3qO$K1O}SdJ*8( zY@9Q0{`gTtW0~tXY}#`tVm0ZRQp`S4x1jo1Cu^YZ9p9daU00@_d@Kbx;cLXCp-4c% zZV$-mpvb7hnLI#kf%&@eniaBn40uE1?g;dp(Dkli-9Nybda)4f*(RaA`IwlH)bhW6 zMS%k4e5{_)Xcs~N$}BL`LNwlm5`Ve{jl~dA0D)9@41-oN2AUUKM5HkiA*7v z_s&OF5l)(U7SugVOzMnh2w`KIA3jK$Ac!FYFn<>m8zW;yc{xDYhC{^%T*Zpggt?*e zF2mP5v*I)F<20d@Si!eea07-Dx#wm8cyL{T@~f9X!n;snYWsD=0oH_{!C1rOvXFMl zOAlV+lOqEnGBU9D5x@*ZIYq&h#nHsW{=X_zc;JI zoem==m`bCP`dpk3g@?C^upEFKtNSTaDXEaB2e;q=9c}xyI`_dYkhUJA^pkBRIW3R( z;FsEzQ@0qLQpQrti>l@snSJ1*gNQA1RF#7Khyd;2{?&KbpU(wT_vDJgLc70D>2l_6 zs@H#*-%NH2JNCIOa_jP(S)~wc)W3I@%iwR%uQOHWvvK_`Idy;K=XNsR=3O?=aCdk` z9A|DGN6xtzzRbtfUqYM3<3J?jX!OCVE4QOUIjmXcn^};up<_cG1zW8{Em?mEt#ugs z4e8{gCu@yw3N*e*+SMsJEKro-$;jcX%+3Dj z-N)j>n+gx)><5jSxP(MeQBgh276#lKkBi^^TEWK3T||c%AbL6kDna?Po3lBxw z0p4wxf4He|$rAs%gWzl1PX(CyI4#Fl+g#}ThJ>W0fn>=L=>C9_+)NSV(knnTyW2P0g;T&B5zPS7&H7ppy$UxcR$;_uzy1TjPf#ftD8G`XHv?D35WY6E zZVQUEpyK;QHTItc7y~?+g}|R!zSg{8u+rh}ksN>&M6+lGQ3!H_!%d3Hf#nZazrx1B zz>X3b2kvj{3((L=cdE8}UD+hVR6{lc*)niPT>+CH7-r=Fi`fSKYP$zpWDdX!JRC1I zPN{;iLfGR4qFvtO!xCny@mFd*KW&F{2Go)K;gau;~=L zL@U33l_UoQ6O%fz&`eDInNA;X*Gmv0%08JA%=%bqw(u1`& zQk2cr-_t*zmuDLl_Uhs%qoehzdo|Q%o#RBT=mP~eMlatdNR+|vRMkXioN4J;wwU^Wq5~OqL3%@dpuz85)kx7Nn z!oOF)zdEbpC2~Jowtq|baJ{di_rdAdO2;{?cxV1%iC)>vk}NJdmW`!m=v_h%25}HH z6n8Sae-^>(O$9rzl5SZCeb5&tMb-kk06p;1>zBJwIkEQ2fGjgT$`vQ5AS*W)%_aHS z0v!t=12N`dSK0ZEVtX$88IgL}kqgLE>D}XBc@A`3!S+156S=~a(Z@zrG_2o$V{RDn(!o`H=mOu3R8rjAk^OFJKFF$fs{-tu7}%h}Lo>#51!`>@f7N!RtM zvP(kF2HLSqR=lUD0g1M#$jH4@cq4o^G1mb+W|7ovnF#K0O^jEH{$N6Bl-~k?SwWa{ z@dGScCfbQ8H76Y%T#WQKy@0@dVHB%)k_kk9*6UDK&|cZjz@lCBIYXcGY;s&+PquvPey==fi#WQL>WFqoRjSpXKFiC z0R(UdXCPHT-Gy$kj6Mh0j_K8W;ZmNu1fzeY4(b(jme_%RH$~Y2wiav##gP7{kS1>a z=QjmvA{F&`hHOqw5h(#x-eJwU&~?>wWsT1r6_UGW}F-aYIDpfFI-kR}C=k9dx?znQzJS{V)2=&N66d+v`bM5$=J+(d!8RE#G^|I9U- zn4{t2#JcUvs`E^rae}Wvn6w9TEyKzFg_^_z)kt-F+#{FYmXt)OaxNDNX_BET*WR8+ zf-xiziE}v`8Wf>N&5{s;sr0=KrjdnZe}33 zLbathO_hMTl5SfGm&VCvbfoBI3cJc1mu4rbr>2P4^iD@Y82lY4>MRPUsuL`VWyzeK zVHBW>b5MX9vPy$86vJ#JL51{bKTNs7rY>tg$UJPL8DG9THt0*lhxUIP2pvEmo-9dWrBnCCIC_pJ_a(36 z1|oiiZ{iu!Zlhz}+w@HTIJu9mQmdcow4vln1nywH$S}9l@ZO@|U_^CaJ&VV1B6F3x z2{vtH@uIhb4B2OoA3aAMb{nwgesFAPt5rWtg%kf#hZCceLZ*M-^TE?%#$3t}b9HSZ zBSQKB`}hbRu<@TI>mf)xCzdh!op)qsVXMNGSpE6GF%v+4i-s5oc=i5*R@~$x%F~>Y z%1dPf1B_&S4d<70*O?9XJQh2RWft`h@~i2L)Xp=7U)M!vhKoczZ(}9f&5~f+nHJe> zFz{dF2IIlF~k6=1|Z@JBKQ)xLAO zp>ijACwr8S<{G}YIfkq%!l!7|>@9r>oi+;{;Q$v+cI~GzMV@bM!cJ;6eFSOxiN}#d zXz;o#%VT)n;$Ki2Mj|)S;E!~45|a|M@m#vdkM~{SAD^3&KWIt+oJfnuh#R{eA78xX z+dqs%=Ekd{re;~+Mr~F+PBK=VZV6!#OcKTPv8UZ_qhMYM~3nI`!)ul@(?89G^W>UArKd5A0o;w*%^UFmF? zJ`gKe+1z~fKJOl9SCg6+ep7Oa@W@GLA7+|$nIymLYB5U52uBw3yCRP1q+n=o8&j8S zmsYp_?6-E&iM~t$GJ)zT7EBc=&vKtcq#daA-UGyeu5+9&R8&;Irz1mp#m!TA_}ri8XTQSi z)mLZbdjH;{%_!71VvBlP6?kP5vLjL;smYLB#T*Wa`8Sm@IbRe1*I;R}xp9PKwk{=e zqlfBev+L&_Q7z8{m9uwGciu^+Iaq%cnCqPsmunG1npv1qV@Fw8?S?K%~ZFW32_90A@Rt!_8 zC8}hJ8oq#;7M_zu#p%^RMfv~1F7=47laY0;=t{Gy#9 z&8u-`4q+<9$YXSxbpU*N)$;;V?aM#E=LrzadPTbI8qsmCR}fRLEGx_BdAz*vwKw=wL$DUeu95ocJN48Kt%~MO2_>A`lT950_a{< z2y7tP_XQxe&G1Q!GZn`xRMfH=e&e2CFb5XkRq}u$Z^TTQn4?+uzjhY2=%}8Cz$?`Jy<M`UE;>A584%7hMK+{Q$0w!9SLhf~ zS21Fz1OdIjQklu)r^-r@5H2hmn!4gN^i`3Det4v%jx=72n*mi|sa&W57lE38e7#>5 z)y_nX%Oz4`AfvCec&%?>I%S7yq19vc`@X(nP@cp%yMOdaGtVtAiPtDF836nGN;(GE zSv>-_5?WN1!(W;<66F&;sK?X0Tue@+%Gwjt>aoLiz(jQdw})LiJ#$ zFg`vGPv!}Mok7;W<@ibehk?V+iD55=qz*bb>#}W!9Pzq7653;MTElBFBIE?Bl4EIp z;xkZJ`{W_;?(<7vwxngLwxboVvy)NNDO!Yh1KebtB1U6;{V7%qAbBDLe~6=Rwf<)j z)jM_Iv@kpGv*n`F*WcH69EgQ=d4{JChU%`iveW7h_LT152nFlvt|`RZqoN?BdfwI> za$*G^W@`FT=&@5}{F&uqhxwsN@l4TN+QQwVV<10}Xl3kU2$LWkHw|q+=3WOqr_+lx zgJolXI-oQ!9Ey&w^2HE8w0BF7c=6juE~6)eU~iT1@C6CXOI`<}2sIp7J`%LS6L%RM zENT*K4hWuMR|-c7n7V_F=aUU9_%N5KfKD<5n7W$U+Olr;^L=?GC8@xyzhf9{G6HDo zXb5fA5!O@l*^&#<3D)&=?%T7=wEhopWe9&J3u%j_0;!@~%_AWM(;{sWB|T)k6%?XI zjLC&pIRR zIosYLRfvRzJ2dtu(KS&o|K6=t*Dhbtqh-l%MkF-*dTTb9!rFec?(bb*m&T$5b!v$% z>G?HEfpg6KqOEZY@Dp;8G z=E%eryJ0~K>uswDzhoYkndJr7$DR!|yb3z1Y3u6&BtH~!0E=x~tUR{dVOUifRonJy!5?Z^YjJmU>>D%FBCQRadvqFQxY%rQ_&@++$x zJ&$1w9y?{&C>)n^OqW|xk_66a2^0f98uY|;S^aCaA*Q$eQ zi`11NqZcu}q{=cmb2o(bchbia1!Ag?2AdiV({sC-+-wa-m%74z;4OeRqzMsw6MtIW zL;anSts9h}E_@4!L`i1&82Ll%stu5$Si%P>qW${{yc}bxSrFx`o%q*(ncXo2WGlmJ zus%F>?aP7x0PwR|k$otfY6$NmPT_^sUiJ^b&$e_#`4V)fLm?e$0e+83t1y((r+{5D zy#zmsLwUA9GIZXVRLrGqp8*}jHMF`o%OZH8M@SC?tdn!^1p>L7-7C45y}H5J5xy1Z zg?H&twLgN1{g=4~`fRT{(sQ3Ke+gjiwfvdB4sbEoD}dd`5ASWWzwi_aN=`LnFjA@c zr<POW^&k$0$tvc!+ z4}^rB78=!fNi{jR@|r2jK5h_Tyv1kV<&}mA>wS7AqYHC+AH>1_^%Mfz2W_OAb3e2o zbtp3aNQZQ4k}%r*hYf0HG`8b96Nxq7d_$3jFyw~w_|CTg>&pl}E%4&qE*_pF{8 z-v59l0wRne*2>roNO0evJjG08kqfYXh1c3AbMPCP3qH+8M--<2@0WttL*(+L&-VJX zIr?RvUn~0?t&0}>_3C>4`%iD-d{>n7;!VHgteL)k4{;F3EH$)r`s)k+?_2cTUT@AC zUK&@_%SG19MaZcnXFgv1{kDOg|6QXzrs=o!ChP>WK_uhVAs3vopj;?D8$=h{p#w?} zA741cpi|&2sQOsT%ETldy<~TKmU5Aqf??0I5{^kt2B@3B`A0E*``0l}TKb&^^Yxce z0>;{`wzis|&i}g&z?Iw0h^`{W72Bzm%i2r*tbSq}D-=P%#8e$({lkjF}SF|uEmli`H z`cdb__0YVkpJuL5|GdM8QlcfSb?_)V(~4Pd|2}9Gl`6)u=n9UV#qQDj5}}yxVnPC@ zfXO1hY+}f>fNWwk0ZJOORRpT4D7RZt3W%~yn_zTw43%~-|DoGk&sp=v zrMl0irw|gRlV_4wOOj}Nl^Fb3a6!2z0)e~66sm%VJ~AE*WGuy8{=cc!xSWtvj?j_2 z_N9tY7ebBjZ)8CCdaoDQ34(T}@4mwCU!V!2A0lcG1?tLK7g^16@i}RBzj1 zep!KwPW3!vki>*LX~6vnrGG$YZPYpk9D!_;=yrWG6O4IDY0V#Tjif>19=;+e3=JGL z_kwlo#3$LJk~6pzXYK;&D}(Y(g>u6t!h22(_1*@$wnAc)e-t-hWO#S)f2&1L)SxCG*-&NN>U2k_jG|msQ0mQ_V)I+wr~0; zS^3z*?X0curqeoIH@gDJ-l3Fm{r7+@o|B5Z-WLpoO7Slx+Hjfj(8IHmW5DqOENH*0 zDntFx*4ei5y1H3g3ccjlcVE(e7`Q5l`YO`Bv01>^yQXcHJA3lB*Btc7x5KfE; z2rIDqwxTu;0I5d#+rNL)DW;1?@Ml*cOXpuCx|A}*b5JDg3J5{1t*#2)%H%^T>4VXE z%oiAW8e8Y@i$~r2-_?xm#2^Aw zp_Z}m#KpLA)Mw*O61k_MU~|nh>|M&(j-3~^yjT=uF#{<}s(V?q$E-Bn>~q#|r7R~- z{-q^<45w=(|D}t&w1=fr{k21f1$-zLkUZG7=}NT=-hh5A^0_h?9z+)sHiy`yD#%j${sWAP0?)l;=csrAy;B7@_aN71Sbkv^X>s-zt_to)CKTM^- zUbt4_sdF=z?;YuiEc)!9#CiODzUchv^JTw!44(Ile}3z|`?27c<5_JrtjC7KYmTFE zX8YXpg6%S4%C>&&FD`TNkYeY<;*Bdm|7~8RoH;Pn*a$hb6xOfBB+JHyEJx5e@nvTr zx8h;c12Xn`eDsQm<2V4uZ$kgs*%5j;ZUjHQqQW?k4c;9Fp4;snXV1I5KkvXZ;RWo=cMsDz38)@& z=ds(}`qw!^F9@Ge?r60pm%xkwJc3>>$X^1S+Ksvc`}!nNz{nGD)ySXrWdMad^fxI0 z{Q{A*FEDQd6V)x)yMp{UaOnJeI&lD@bikF^;<(kbysU%L4_s4eBUi7MH$VWx7y$E# zym(uHd}AP|uWxH39P4Er)p(uuU`Ax1%x{H&nK;PB0s>nOx5E#L`de2Q^3OY%c%=mPsGBY+aLLenwlCi;bS*TeP4n~wto3q7 ztm`us8FJ;M9?`v>rFTEHL3_vM3b_6jqA~ZC#*&ZEXOX&|W}ZjGoT=>5p^1bXEzq~Y zrjM&oDozgeXNKufoNkZ_Z>|hN2v-b;!&SqgEiTUHk-jTDQV)^#x0*>qv57TXK*3KaAj$6s#4GUTA8L)_?Sr| zCybO;7S1JPCuXE%q~+!i;$~@jeg{;(7_tn%W7i6k#ywm!ycBM`><8+h{Yx4^F2JUd}igLtZAtie#gTk@GJJvah6Y7V6N15k(!TW zd=91*w<|ZOwY9apoB=@rrtS!c{QVwQHo#^NC?aV(?ty;|DN(*9{1FWr2G5&RMmi6LF^j1sf~a*nE|f`lOzkc*2Lk8XsygXePaFX z0UoEoPYZ@BMkY)wEIwe;w~t0iBaltyDOL{4VbMr9Ce4~04KWQu(t66igDj}c^bTO8 z<5ToHLk_?@q#TcdUO-#G^f?B}OyYy#v9SYgeI;UP-hf5mGzSpq-~`1CN_O;m`J47L zzZc}vA?Ltn$-19!in)qx`?9H1Jp;%+hsh-L6gE(6hmPNYrR%dx-UCTPQ7^!M7vZac za?t)&>AG!fA7u{crQ0-eV*L#{N-Yp((;$Ux@U!Y`6^bsRdAVqoZ z!!{Z>ENm@B3uCFYwiQBzn?Xf4b(=;7HS_#K@UC)mZ&eE{tcTV)`SEE@pu7lV>j4v2Aw#l155*V2czDfYM7p&&Z{3We z#7gP0mqHYEAh9IyM-F~tB4i!MZURvZOXBL9F7kX42WIP{Y=KpJ`uZKN2h(8Rxt+PY zyBkX`@($2HK#(8+L?`<|Y_dzp7Ild{9jGv%YFzGDk)VkV`q$Z5S@~Z89BY}34n_Cm zlM#*am%21NSv57x9`?6&LOSzNtCG?KmmOz5D(GlXBm~8r17u%c9Q+=1(|5D8vjK}2 zWeD6}H+544`X1|_>6>ciY=B&ob%3d7w{X+55O*%JiI8a^KoqT$~* z@#|M$esyJ~7oaDT`CO`@coQ4}DW37!uaq~GJ|YiG6XPJeZ%ez;B8GqiYW@r8V+g3Yw2S&pvoRXtu)iE0%}n z!(EVXSg+TiqH%vn!#6|yJq{P*pGZ)@52ihm9cwa-@nb_1ujk68s3O=U6Otvefy z-N((_-!gct@+m}{zHAkawWE_WFt7bM$$!HGFi4jJRcH2(RudQKBFilo+iQ$%rj>%w zmg5U}dHfFpx@TO??b}%Idm5U|M{=`QNi^E`e%RkcxJdQiQNNAF)u5xJwSVz^0oe;S zL@V!Sob{9su5Ma1XWg6b$9~>!h-AO>=q7(FB{kT`uT)64+W~3*5GyP<9O1Fbf%)%Y zs;6;$U(3&OW#z0>Ut7bCh^&sGxU?*nr9yUM454azq_&gS?eBgEd~D4Zhq=3khQq_< z^mLf)qg$=AG2@`+jkdkM%DF0$d&l0TnUH_GH=SbGIfZ;LcO-K zz}Afn)Hoo2RtAa$8C1c9berN1%S{KbymrvuINnW4O+5iy4^(|5atE-pTv8np?=$@a z4gfwUDlga?x@u~Di82t z%gUU-F+SARA`;s&IoidCvp)}pLD^$ zmqxK06)i__flHa#S`9UFoPm0T^z*Vfyv(46_BGU(cpC1R(a_-T^gpw^IN+o$BUKI? zw)cEMz-2T?8pwn*9=+8HC1t$db;Yi~COLlLX# zlhfz^#6JqB-nUyntMAHxbk5Kt@7Z>Q;A$w4XTc%6ppU&3y{9e5QQI?Q)$HB^|B6CD<<<7Pn+tnCJPs9y=sN@P;&%c{-wp zN(u$8=UCVvq-=t=tW+$=p#0Nn{kE2k^xq;CA@}p!i)wGQIk#WA@p|e89hMuNKfUjx zsAX_S_`mFo9{gi(0)+nGE+v0(%@xwt?7ub0w4WT8hNT z$~hBmnI)FG3DO(`GjP_=0zn$$gz50_{x*JXzPtiQzI-HZr2rN|50wo5ruhSeF8=TQ*HA)g;#W$);QUOen-O4GoRxm^dy4N*)XuS$}U#Z>Ff1 zCw2IsL2&^5^yDN&1xhX4TWG}1EecfJDDK25dt=X-ovtqL09%A>@I0XhNnT%DTM6U| zo@xJ531j7d@sv@WJ+H-p<`)KSVX)de7?xr_b#Z#=zI;Vb6DyubaRQlu=x~`12KXa@ zVH0PP5TjH);O~Xk!}MRj1qi8^-}pao!5;+ks3^2Jd>>qV(wt&Y;#*Jp<(qC<7fBR) ztA6XFm8R5*J9=b0lcWa( zT?5&WG%uA(tB~3?|8gEC(nkQMAF^_|PJB-wzeEfpBfX~=o`~%}6izzXLS&KG^GuuF zZ8iL|@VESXS8=b?*3}k@RjoTKkw8-3r>BJ@}Btj9P|Kci1=h9Q?_OG zjQT{}rB7i>DzQ;T=sFZ@+I2zUUoR1dEKaG)eP>!&O+E~y}apoU2crAmO%!B0@# z1|G$G(DQolV<0$}>zM^NfU$BpLbVjKt&L57;HDP{Le0+^N>5Ja0-6*vk2XEoTHJ{q z$8V|>Oo2ku?vf^`s^ZGZ%HTM}D*D5xZUbkT?*Ar)`-hd+IvGB4EUUmUhlW#nm-b~aqOrc^xFra!T59Rn7rQ1@})VVPsc`DRD>ar zCy~*Vj?M}Ap`wjjcHva0ba3(+>FKw?Ln92*(ZOWcHE)R_ueVL(z@?agIg8&~(cMI^ zsToWiei4Bf=bqK*M*`i)WI4{gvG4CS?D1?Lvte&|?&f}l(zSkq)z09La0=`(I4(vf zdz{J@<KGiff_=ac`6%+VWcqSJmz+Xi?5i3ti(H|U(L$;rP`P+)MS;F z0xFXwwm7y2a+n1cjx~M&*E=`2K;-A7CBor5e#COLbyH^xulB*U(`%R@XJ>h@FWF{^ zFlB4WshMBv92htkmoP)X^i5PSY|2FA;_k<}W0C%@qiX+w1QJa@`rrr zRC~W!!swK{!dDFp^KP5BBY`{D6;iY%71nZ*a>2}d=prtByli!O@d+h>-)nB}vNvAh zpx@J51fhqv$ULN64l5t6?;zL45il>>xEuFKWiv$kiS1nwAje{9X-SQ*BM4#;K_}4E z)C4rkalk9vzA1C}<(+ek6}G)Zz1Fs)>>)G^Mfz4QDW4<6*nmM(wah<0UOYXt@2su! z2&y91_Vyj1=>+6u3ULY{#}h|JQnbOepO1flfB$#j{Os&yYwWB8q`bf7`uuz-gs4i; zUNj+jh$-7W3e^Yr5qU*uIFwy^%Pw0~~ zv$8l`)u`vg`?$`#pwW#^#ZDMvlzGEku&0W84Y6E(QOJFY0PDRzP&Ga~J}vi4K}|s~ zJ|0a~zR?G*u|Nr&W8)airF#%L8KSEfph5e0NH?8p|r<9Tq-xqo{R zS6bVjI>5Vz3AN!+uxMl`P{oW%csiESZlDS~ZfWf+jxOG50voH6GRu4#gw1@Lzrl0L z+HPUuWfLiRY{GdNn@#1B8mL-5@4_>G?j9C>kQ42?Z z!x|_xOIf(BARJ`mz@U^3jzjkCn!u_QAz6R`)_h&gS>QgbX3`T81S+{ zBpA@SJBH=kC z%20%Bye{w^6=bWxzMZ4TR5RcypvvH*u~Ru|Lwb#XHQnjY7vD=^`M8=uA=v?P(WZy4)S#FmveUEgZ4)&3Jc|3#%Sa6I;^>r=!A~0zZ?Y3 zu7ctHG>A(1JIXm>2dEhLmj_@b{u+TQy}i(R-Tc~Qz7D~R2RR1V>u%0AUe>@|2Mi+p zv0~%mL_oAN2t}mWQz;|r$0;=Ko{e8 z-I({Z;Pj zZpO>eB`uNRD3*}sx_huwQ~Jt#saMYJe1NU`wZ3A9BM)1MRW7|h7b}WQ0|v&@XhHA|dZ?p{^(XIF(dZd88xrr%acbis|Io$N{CR z9PLfu!V!-`AT(Jn6&EizJnrc4z!?j)kjHL+^1nFmEG*mU-*EQ+scTpe%7TfKl2?+8 zbml*{zZ_zp&kjRyBLWN1A?36@53MV_8DYblZ0TaGy?PmY_t-DcKDS+ zn;l26W8NX|^0Y8FcXM_9s^5+mhz)rhm=X9Uu!9D7Q=yAROlWu(Ak#<$-BH@}SvEYk zQHO?DbX$G^@TDwVzQXJB101S80C}Uz94g<<>d7_~!Y(h33r5pT$XyeV3|~M}-)lG+ z7}Y%iIqKtqieF$?=nFJ`8L&8+xPhik^+!3>Gp`DD9G%*oVoS+Ez}6sD69GmQVR}E99#|SEBLj@Nk$}@aZPxomW!l;M*2F%RR6C- zOy0-AhzeY~A85Gkuu}NatY^bl|LsL7L`IRgdw0DFhJx}g_-G$h#)-o1^Lu})DLHs` z)=UkT^@HZz2eBF?4en|gbW#NsCFJ`Qf9BiOoCpr5_`Tvo4Q;f0p@xm9v3%aurDaxl zOnBO=o_{gUi;9zTrp51wWH$V^4^-ui;F|Gu{us+sGKDS+I7*bqL-^me%E7lcK+2wP99jcb@T8#8zj~- zx%>O)Tq52M%mv7Sh60>k+~KJJBin^8hO0$Qi#16%7o{}a+qLD`h3VYBCL3x}ps>Yl z?4YQKlE|X}y$NV_MPB}iY^_t!uF`w*F~B_I(y&f%VhnA)hLFunPg9H(#EaatO@Ic~ zhXHRo%|H!W1a--&*cCh7-~+S>l1vPbYL(SkTm7c|mN+Ol|Fp5r*XT!$%uY}LoymKC zO(A|wc6v0HHPPF6?Z(0-S+Tl6NNL~#s#4UtLJ1^I5QH@U{^%m?XB4)3upR8B`+g7F zMya9A*ES98)Ftkp@W<_;yr`#4u~kP|LalzJer7kqF;@DWt0>e1VNBo@SrA8HZDfjl zfk5rA)Mv`ZPIi|c0SS3ra*SZ)E+*8(+S66l!FUhIq9G^)ml7AU5DbtF?+wt(;7?9Y z_I>v$@2~w;WddjN9Sn(86`Y(d!2EFQKL6&h9y*YD|0KP`!25(-m+2JNx+w19 zkLTT8JPwRe1r-%X9gfXK?199Jfg|C0EfE0^$wCIHH-S=^CQX8QOfaM8Gidp>2gN`QC~kOA9ncVC9t46hq%U$g+I`}U(E3* z^SA0F5$j2zGImHn(WYR@XMiw?hv7JV{pvfZ(|{*#T3yqsKs zZ)xIG(Ig~8bf=6@`d^~U#T`f1AhZ+AEQLT{t4m%lSM%~UbXudB!|`051WP{lAGk}aZFW^$40OC2Uz85IUfPf&QXQ2J7c z;ubc)gE_QKWh}xYF%aNL@!o6dBuZgTK}GL5EnOTqp=A}9(#yG&#-e%fEM&8hiBwW> zEXVSU=J7BJ|N33Qs?-oHT{h4vP8zd^Jdwx3{DxIc!Z@uT>&OV3EmA%rf-EVGbi0mU zl2Uk})A2C)py;nY9_25}MV6lFevcZh&c1^>p4mCT)Llxxp#C7G+S5JSH2cS6!rH!^ zbx7Io_W4f+V?9q2fhn(fNf}-LcjiQYo^3nX!t{*nD1DV20BCeWd+`uv=-v10q5r{d*+eMp|ZYV}$M&M>7Oq5xhf; z47@L47bO5W8x$FoB16yAqO{ba?W)xBrTXCoCYW&HeF36R({w^2x5^CQB8rEwZ6dcd zlVo8qV|PK_6Oa(b*nF!-Kg&wdZX+!Oi{eO%iAbND8(C%`Kgp`+@vJyY#kD6yA3FkKxj5t+W7u_ z0Tn-}Zw+sI@arndCi4@!H;H@OstIyE{Hv;}Uag}*n{EWM%y5=WUH1!EH#bN`e7}I= z=4IpM=H)lS0PzwrjEuT^fg+Y)LX-FFQN1pcf(k(xMkrmT8Uw6M>8-)LP*8- zO_tw_+5X(=BNLl%IfoC!)`b1ZQ`UH&u8IFu$I0(;Wzaf<`qVHpOkNe?x7G}0bn|o_ zp}5pnwdFOtlZQ|4oVNJ}eD3uQ|0>UsFd5--s$xh>nW;5X^8GLHjjq&K`^XuaL)KD=q7gTt9acTq#lj0TpfphF9qCjYWYS_rCX zAv_}Z8Y{U=He&uz&?}%rOJ?^E3jF@^0dZQ$^i?u#ha>tU%XLi^3U?kPfw!!5Z}poUmzmIVaY~;& zyQq6|TxyZ1=GRmd+f>CjQSTVL_>B{gu-898DSV|BZ9Q7&BMN_Fh-prCr!ouXCmC0Q z)c(-BH2IrATG5O~tQ~G!hu||c_6?Z*whQFzEC>5vjZ@H@QszCQqF?wxzj z*=O&yers|Cry`X%}_M^Wm``09dizdV)!k2V~o#H?ovSQV+a(W8{Bt9PS z^4@n`Kd(oCI|xGZwX6)qZuMlw-p;h99_|Qa z29XzYmNa}t;Y18v?eV;t{NM692^7CTq|I~+b8;=}N(t{*z8Trc;n#}_krc*-BG2h4RNYy`P@?5MJRuygT8pKK2s z*~#H^w{;;=bFlYa)wRQpkOqv?lDHjpDwT)jtuPF57N5hlae5KmI2ibW-OHktl@wPIgw;JF_C9;gl*z8%Zt>%7>mA= zYi})clB~92N!;VVv=gZ_`$Fw!b1tWu8t-^W8{0?I>5e1P#3$sC4na(B4AC&})2Ik2 z%Cl8OdP_lT=lAS3AEdNokpF-Du^iC}q0aNXk2j zyohTOynj?*#(Z>l+?_2dY&X-9Q$$2yw&BbeltTYZW=OnZXyC(bMrS%OE9aq-f!sOS zl~QqPrfiXlDs^-Q1GflaQMJ=Lmtzf5BlPyn#PqKx0{Z;cq-l10La&pF7++BmFFc^V zU3WRKQj>{k!`tO>5$Y$o7eYE%%T$)+soE-14vnWOI^VrjH04Q-C|5TIy*(NftJ@1+ z{YIxp+XzL@+IiHOHxaA(`-Q=`m>|c<=iN$a22@7oEe;zq$_eXCCAOwDd}M92LHzKy zPC^I%yIYrM*^Ml3!DBw-_h$+C(1cmRH=unJ8{R>GhkhtB|KX#ZD6E(p;)f1JmtO|A z;uRW(OyTC ze1|!BEKky3)P1Rti*zN@14vE~HQzUHaQX}#S;1}i==Xwnb~b|og`Y&`Vmp#;kI8+1kIh#YaK;B8>PpH}i{@rd>A!e;ecDGIPvH;R>w`b1;hnjN3TN|h znLv@_p4%`|zuw+};TyZ|45Ol@P|a)-L`!_M-Hjuw^-tV^&KftO9kuGK>p$#7fv?SHs;a6g^%E(}Jci73E`nASAa9z5^)ua0(8?;@qqsx< zuaw={k<)S5!|$+}_Z8&v5gmu79mRwRezkXJ-3wg?=JN(uv{$SELK)J>bdCX&NdXc* z=L|&0D=N+dh`~{&n+UOF7x?s@5Z{?DztJCkIgu7=d%cE}rJ>K%03)*5Y`ngn#U0blfRP|XiVP1y(!TYW6K zUPw?uo3F9fwiZge2sOUJ7Wu58gDua^c6-T^Z_8#ZpE-eQkx zI%*hiL+YraX&PfwnFB7r<;dmmqo-J_1?>O-?etd{%Cmc_=BB2@-ZARgn3E4Z%O71c zVJF$gs~*WsUb0l;vqP+hXLep0wgmk$#!bo}KC6T+oIMLNk}0)GnV@g53!Ua1_8q|q zxmYnie{yAha4hUDW=#99Hvc`*&M(gc1r;R3>?H6n_Rk>zOl@}c3Z4t9fS^-4qC>1& z0u6PiBb(HE?+Jc?Fw1cS-~=$F1roT{?i|&EUi&6Jkou6qVVItrTzq~IAfH?9*5nW* zQ;to57eSOfUmM0WLle%RgiWtyYL4?m%d*9Ud5GVSnY3R>Sq7)@_W#?y@7*;t`9@hsN=ztCN&|TsQM@B@@KWm~w zbCMFAOXjX8r{pK6ei}gTwNz2A&0i_z&8B2OZq&Y`WVM4z{Ph#uc~Juo*ODfLG)M9J z-59p*KJZjQxM<;4!7ke0dgz~b{1)=N**A_M4*o)&dh6s8!5PTjPKoFY+ulj-puRFk zv(?(3?yX3M&!Ez2B&ao}`S~;3)x5VylJUfq?iywH;3IYq2qgmn5zhlM1X6$1hyk<4 z*bo(qK<3E*bVvSyaGU|h<_-Qv?3fv%MLhiPqSQ^a*p8)DH8s^QKUf#AH3!SdaqTnE z?N8`&dC1Dw%iv8w%?MN(6iusw?5KifdLm9K(c^|H{AHvXINB`(ZF=^Ur^O=#R?Ec* z3u;Nv(dU|kx`8c1Xl^W*JEEBBRmzIMiQx0g^`__E@IB1>%E~98W$8sWiOtEuV$8`d zCaWhb<*`KjQxP=ptbWn*a5QFzMfmQt(th1|;q%uyePZo3%>{+?PYbRGT~y#kAtSOx zEj%HX!_Wu*lg$X?u3mnxQ4cjOE0vb>nXC3eaz9zo)%JDSsr>fvlU`J4i`%Dgh1wm2 zPPEnL7uOH4qs5!ygz~Y?^eGGQz&2_dn{3etwkKDhlcU+?Jng5O&wJKMpT;x`F9#MS zybQV;1w&gklTKQUJN0qqP}d@BSB!I)Onu_ZQhz!O?PW||NPk}7Q&MoO#JbL#u7~Y9 zei5vWI@c|`P_-`azvD;WFWIBm6&`o=q>%H-U(iO!h+&p65|x7FHW-o?VCvxh&h204 z*G$xp0wX}DMI84OTW`K!{d2G$;q7-y-NbZ@>Ph9g-4c1#NgN7&gNvRlT#42CtGks^ z_b)<)Vgph~$Ezw4)_Cl3JHvZW$pqSz;ZzR9a#+S$p<7=9ab_HwGKB5cp6ilCQXn^g|S$~DVx$mjT&e2hE;MsI*tqw)<=#id# z7Q3Ob%agg*0Uo>ry7=tzA0aX|k8KnwI9`8Jm;nXpaPI?ddpGuFY6OeCj`9VYcjvl7 z?$WldF4i7inued_nK_tOe{!H}I}xRU zw_$5FvK+|HS6SwG>f{vA%SBSjB&}oBQraH>){Jb1KE+oG<;0Gt(b_>O!uqg0pk5() z(VIA|+TDnRmUt|m*1Ba$j?K-Cb~3rE_S!xr>?$zW%q@9f0yZ{fMuwul zJ+8s+cVS{<`(|L$uwvo@xK5q63+1V)sfC4fKED@=GuRgdcJ}9&mikA+qoU-{PlWYg znPB#B;U9MZ4a5kvSAo{7#eOBg$d)H9zn}ogUAojGPvYUxHv+*?AcFf2$O(S~6?eM< zM^IfwL&Fuwvl*Y7N})qJoXQlw>O;crSeFs%aUuh5cBxw4fsGE8ZAoO0%=)(K0l1JA4RuJ{d0pr{#`4{ zN@)VmTcuMSX_Q%n{`!~eOq%q!=5pP2Bd}wIAQ-D(+#$3W*RINTvq+l1!B@{~ zRR1{GXV$355=0Zl6NNB*lIBu8s?=NWc`DA%?j@XVgh7h-UG9aQF%_QG?+)FIS|o( z1~Ik0?l_*;+kyl&*Y?Mcrzldv*&1yZ$M@UUiwg@<-#8Xixy|L()G!+>y4t@?e**ED zRAx7)$Z9#_syPq12QFZqGr#aU>*dYXzsIeH_fuU!FAoIpBYVKo$q}+a`h;!^A=(ns zO!SkO*VX$_T-Y(}DA=FW@JhqAM9h6DvjmkV<=gU5MZGc(TYRBFOX52tA@*8ASu9!5 zD~H1pbq4Z$4&$!BU=pV6>gp!8pfx%gD!DkSowG}_whOv zH*d&A=v`znp-t}r9&5SXE9I%FbZ&OCg9|r-aGZzYG?K(UKjYg^flux=C2H7fyOJOE zRPOxgJv6nF+Tq%&ahtl7Hs%hBunSd6Y?O7>EmhO>$S@md%NI`P1a#A}gQ{~wR<3-Y zs9Hm)v-6y!f8sguZV~arN2H6<6x2cIGu+h{ zInSi2?|*hfU2~@RQ5w4JtJ3uFTKu_8+3I0U zs1EWPt1$Hi1$r8l?m~?tW?U`^FVtjpl#BV}o6<=7XXo-CcX`%z*qF#xdKbmoyDxzf z`q$dO`vi%O)n($rU)K2HJZb?HR`ilLZE*esF-wdU!_kYg!tV*?+Tp=t!6H3a1t#Yt zKfnY-RZ)>^oV*u34>353$bs=8GP`el`D3vE3$6q5z-xwt@b7gY=IS~+VT$mzN<}cQ z##?t`ti!oleP*F{&u1A@ z%9rE&NPvI(`%lJ)d>xp_Ozh0>Ab;W#On?S}{_hH8MphcM)^~Q2|MD6zTycilsB$-= z$r|MikL6kdBZ`+CNzn{Lu+7E;6h~gPFYXtl-MS_&{pUIs!FS>$*_E`^E!){_*tP4ym9(dZ)YFs@_~RE(6M z!gv`FkMLC~TEdQRgatVdI#Zbv6BO1m@ua;nYf>J)x0#t|K#d#kV-)|@1Lh((do_Q5 z@ESkbo`rD}3x8S>w((8#iGj7rHS~dQFSzi3O6r5&dx$R|$)s6F-nKiO=m0*s9aX5z`PN2w1)n1khtf{c-t30UhWT3Z4pA9CZeAvJl3=z!@Hc|!1 zK|V*8WP6S7xd86Tohw-Or}F{#@_Cpzy|QBSmy2%DOjlRe!GS&A6u0;pM%dVhXZnqb zd&3qEWcxC~%r7iZQ%su4$szC-lQ7{r(#Rs);A^^_tqYgNfsOp~(&Y!Oi#Gkf0NfHe z3#?(lJ>&*k(af#y`}gkvhSk#4l&7FE3gpQ>O7e6!YrxN4&`pg3oWL#4}h z{03|XZa}RR*3%>X{G>gChbNZ-^qiEudRi;qjt_;vVpHG)qW6@Pl+;Ra-%1-9QTXsF zH(>UZ$rAPB!`R|1LU3_hf49#_&L&)c6th0SmF%fiJ0z zxfQ2V)sblxaPv(UA>?t7wg#U++pE~SX-2yKX!ddaIl)2{mlq_%B!RAkVhA;ZI~m!l zRT6!-qVAGcZZe)4tJG8*bE!j2okmWZK7OfaMn$BpiZj<(|2@u)Pw8o+RTFtftM;@1z_1aiFZxEpvaX%BoMGl-{8534?;+_{&fBS%uA;!v8=*x2sN1_ifo`KS;!ET8o zk=Ogy9yvb6$P494d}B25NOJS;?(X*1efQE+6a?Yy08-PzrxuVq+P+cU6z96;Z{q`K z0tciC461z$_jHns&n96Iw~UGqFqx2+X4A0JVRR0#ny5Ds*}T4gJr9ho*N%>k1_uX0 zi8n_$7XF;1Ew&!!-^0PiCi{mV0wKM%y!iQO63Ag7xiW5@6EuOzPaN`_BBEhtDxgBvIGBK7FNtA`IrvJe{x z<;9`W=szV+0%k)rbU=1EAezO3YLluyFV7#fBn8k0W~|ar0Y%SLm#d#zjP9k?E20A6 zdj1O5GK740i*M^8gSljyQK>+}`Ha;*pgDNMgfswLAfAANEkuCq>qQ-^fwr&b_rz7m z8~JTX4+7@~LEipzwU5>1aBzB{EC$a7qvg4M5dPr@gM}qs`T)c&S?;iQgrZ{Fv7VU# zFhK`ciY=7C!@vD5svD^V|338fE9F`BkNL>udih znp#;w^+Tl5@RJtP$*bq~Uool?;}QhBcX#X$hr=$S4)P;Fx_x|NrK zz8P~yOGkE&9yu@HHtuiNtrkZYHa7Cg;WMh?LGxF3oYPg~QJQStX!D>U#bl**n>Vr?-Kx6ivo?jny9E}H{;Qk4;tdfvsjaK_3{sEb#?=&jg;!k(pa z!1B)lU^*r0U9Z*Qu>^Td;!7jmG@xZcbS1PKh z$wN3uR41^+uCeK0K8ufU$96g2Y|qZ%jvX8CcRe^>(|guVlOAwgXwEQ#Mw+i@_k~0rbVh&L6$EaV z&ChF|%qpMY^ju_?iS!}_sHXwcyO*B4{2)LX>+9?9e96~&_4=Y~2t%f)nPz@6&91};>6x9a z-jqBehV`6oAwAFz$EkFv#2JUOu@WEBPQ;HDu40}^G&*fP&4ZBM1rF4i58NwdN}r0I zhw~9-y0qOH<-Zh6NakJu3wR@G6e}yMH?VednVV*I12Vu@BB2eU1?eR#)$%@y;Y-uhWG;5Yc#} zzxp{eI;&pTjLvTUHtT^zfBl5oLP^NCdYQH&tE=Z{7Lp7@%1DxPW$Dobe+KEx&a8Up zyu6$3GS}&z{E50_#hoFM=)~-9s<38N{oBQsyX7cdt%R_0=N;)|MoL`*O1q)k*4Zn& zB_|=*=5JOl=Px}irt-}9EA;!ULam!#xi5>R*w<%?>g(xl;b8|cyx#7wYF~aIk`IZ( z_z)o@^r`r|KgMG@vyNYt{a9jCLt~CDqFBJgWNotmD%Lhay6$uB`JReM043>$yh41P zB%c0@oRe)_jGYqA@40Tg~sGeFcZaP zCR=?RU?ON2VLOq~_ALIY!j&fXb>kiZyru7O$L~_Rc7B^!4eg?p$G_l=7Fw8oe+`lOYE7N@Rn=pAbehKFRb@CMD9;J=gPcT9)K<#GawJ**p+$e!G zVKx`d%$M!g`TMyAeQ6eyrPfp!^~VS|aH#N1@JD-T@3VzJ-(6fyNpyca*7gw$okKt; zY+DEHa+6VDxrg;e&<_@hOs6mWHMnPz-Zu;0BB>+G50w_&NFbz4rZ zr6I#k?yysqW;Bu0`QJBul>x#eNwtK+bEx{D3SusNJ{-dRQ>uhGS5Sk0(%I}B! zfD`c`)mp!$Jb31La*#ICTQL;MrfG@?+u+XOOuTk)_W_Nm)IZ`^X;bT<#sHbf z7ht~y8G8x9!4>oGE+$6oRtHE;R|79K7%uZ;LGp*xNURcn+J zJeRyC?3U>@_2%Vg)5;L#7czHLlaLHxgt*)rdl3>pbp0p%^=H`NX;mj%#{KjFqw3HQ z48GgzsNPY-CA7>qnaM$Urjy)j%nyVBxsOwS5n#8!L-#R#TrS&A^-(Am<_ zc;m7akoKE1y~S+g`|dYc7&F51*Ctzz1G8rs2r{o+?JkDv`tC!DQ3@K+E@w?%PbDQw z%e8oYE`chax*zA|*Uyfku_mh+*PHYix)w9G8Cc2HLTwZKDUd_=Co_bdcGihqe-flD zvgwNcs18mLS?`6SMXAM!eNY`M`%y9*|AW2O0$T4gbapacS>&78L@7} z&#ABGx9fGdjI03`b&3HinSx&9`N0V(TMbkm*UPKL483&rTMgZ18^8rl#s&^xcD6Rn z!iBk`T^eku3xl~Xg@xknR9m(Uw8gk;4d3Y6mySoqCn>~ucv(dzaIcXNa4QePXUnRfpE zSOnrYL~%G+^*%_e`it3ES82OR2V_Gpp-^YE=LiWvl$o6(p2K9$LiQ zH@2yiq%{`dREiMTl2zQ?_yp=AC~OCAWPZen zft+OVdpYWZH`*2Wrin3~sbHz40f^cwp-lh0r*+Ewo-@TexY&LI-LN;RBjxl`4d3MXc#dn{Yfz`IU=I(EvsIT~kJ=iVyUIIm z9)7>_)n#i}&q>^_)s<_RBG*K~bs5i*J@ zQ4NsGimg|#nN6kY^}YeoY+{m@r`C=ApWu+i+d;|N#`>4Sv~xC1U)g?kL@qP`kk{MA zzW&6uO{x*=)MDzkdU<(ud8IJ)l}s&xo|(C+xvObq%rSuls=hU?tF8BfzFb?YDa=ep zhIZDx||#hQC4wP?PuFr+P{c+vUO$E!qL*NCZiP2LOl zgP8B#>>Yeul{36A6P4;sl$0YV1x*dOzWF{1O)^K3CM{Ek`8LoqFmsfao{HamwzPEj zjqW#feQ94HUpxZ+e#?9zV)8aaW+&mj?QcqPE*ilRs~4H^B*?72ek?o~l~(WNeneK_ zJP^2*Om+WOT<9B!P>388)F1zf?Is1ZSz7RKT|sN2@eCBLCZ}8q37&T#@)zs(4`aUP zwY=wkB9;3GfWoMEgRrEin3$pUiA)Fvh)Z)MBg63|NgdshFcAQW0S}W|BGi%3-Iac+ zpx(Yl%zysZ?644Dv`cA$0&GuMJQPX@a~vY~?w`647e_|tnHlIp@Eor+@#K{XgE>|q%EQ(35 zp4VlCHIM#_mP4JfBO03jVljj(D!+Ux<`Tl0sUIuQ>bLigs$5~KVnVha{$6VR?(N%#HQb|Xc!g*R?<18u!JaO=<49@^+Q+-$xYPDqZSAF3R#(w*?f))HBswnIw|pCIA|y%?`vcYph1{-}OY6)PVunL8 zdhA6U$B8l~Ru3_=#XWrg?kYJtEmJ0&C*aU4#i|4(@he>;t}}8E%a%19VX6-ZwG-?SOt3lvB}BlsYH~R$hL~kJr!JO_5>rv z<(Nv&P#hll3TZW4c@;N<&^7ZqU44>v`rySsBe_`d3fUG76}sPw8u){c|(p(t@u-WY9u_?sjE$u{(R63)ULU$Ic2K zTErXwM#Hy{kX<7EHL4gOOP0BKy}iqXr0*8NFqmgS z?$C8!XN&&1%K0ZshSIWzF%lOW3(*nWB0``c?9fewIN?@vlG$I%)#<9M`}HvshR#tQ$ax)TTTsEM{6IZe z%eN*t3Fo$nw~eQ3?W(KHuV%_^o=g+D36;2;ac%u zUAHD36flDfO1#Rw8-^c*ml-9nF(DZ~gQ$37uSwkXV)+8slVlf7CWyN6T;w?&lU8pS z4uiPBj0bShTeQ}Oui%-g*nsA-EHzL=d;i%>Im{rfRbQ5y_`09%?X1pa3%py#01|`s zP^2}vgN}M6CpME^J3Kz_+%B?XV=9BMQf`l{sn2DP0Z%8_j3{Fz<%aS`MaT49u-f6& z{@l97#2_9Mm!G=QpCZEFtU>9fsR`e5p&Uo;wK6(ct;M36JJNi_^B>73Frts#%xwbFaaoBJMhMX-UB9P0iEMGafnKcHdU~(@G?xfCTeS zUBVvwd!NH;)yRmFfKp?@&T4^iEerwg7*hoeVmZ^O1_AS^BSAkk_qR>2tVBG!I$_%* zl7g&g&y@K?tatOx%mKpm>}uHDCM#3ad16AmR;+vi-jy8(Dhp3CLqBjb8{WUp;&N2s ziY#A#8+Sr|PQ_yRX7ThY^)%k1#eSo8%NC#VtJ7hS#)`IvyWTj%?FF64SZuFzIDRrk z1Wl+kGs*|BLUcIiY0Qc{&#}Q)WIjHh=1^2tQl0CJ8m(tQlXb`D?$K9q5zL|S2?>|x z=X)Maux9QaudSCs(~sIRj)FmhGhhW?fNKYxOw==09455apAj+uoA%-QUh&AChKo>FSBGe2W@kqO=L?mf;BVlO zdd`03(x7KxFgxQG-|JH!0urC7#KA{>6)p?BQdB=@1B1*3+W}cQT&zVVBzh{eqktay zA~2?5LOL9gq@oyv)edW^2qS`bW!Xzhs#@#v8<#Dc3hCMbcx@`1{nXw=CM5(;dYZEDKzc|^j{4WCMVP3U=7Wt)DXvrgG7Jb9IQitsCza#4jHm?#2Cc*+ zGghuDnwlR!x~lt&z4)AG;`26Pg+@9v6jrLCJT)zyu<;|2CC?1$1&h>|Ml_c<)(+?P zcIU&2ujiuE*#W~fzuYKJt3s*N!S)JKqn3@uWtuP%j#|+=hX(k-=f^AC+6LFh@e-&$ z!R39gA1$>;Utcc#Rye8VBxjjWit6|}x2(0FZso6OUU3})lHf!1FI{33f&`R!A%WHG zR3c*ogIC@5n)+MItDE0bWKN$<6!8h!(^Jy2p>xQj{qo%`A%DdiQ;9VkhUbVqbSBC^ z%qSD6tk#`cTUwecT1k}1mT2n(-LMv1Jq#|#-=OxhHnhua;2i~4PC^a?Pmsm%96bQc zuaZ_&s-HiL8ekrvj$d}Fa#*=~9XWw_z*z!FKNwZhuR;7)0en~#u+bOxZi4!u(b12F5Sy9-kx6ipr=CLsrQlPqlVp8#tlmEsrE22iWO z)9M3)oDNJb)MgyE7tPKAy)48x1B6~if|d(NN3mP1GW?^46GCvyOc{=q?}Z(5_#xZKUo}|q+b6C_z0ycuK&9_ zRe25BBgD^gaCFS(HV@fw42^%r5_0qU{BGX@-~1S~{&R)v>;TcMKtAez^LJNhqCkej z?r_|c=oLEb@@HVB1+ExV1nfXQCisD;9jq_Q-Crbdp3~W%_lj5se*T*!Fc^O?@t`|w zr3r=RN*H_YAQ))w>eXAIxSa!9V6IE25hp`8z$KVz2X5rKOOw(9iPA9;U?7aS{CoWU zI!F8wcyhx0FD6Gu(m;~~gv@2B?K}BikrqnbPksK$3yjD?%2Bj^^I?PQ;5TL}tgXdv z_?hrp94u${_d3z8s@&pa3oS_SBhE85Hy@?g0bt@;zzATT!io*Rv#9y+0_&gOQ>DU3 zf7<@KPnrv-7~m`?!pdvjm&)y)V1}<>j`gJCAb!>uRKV!lpWdig_l=CBW~KSq`qi8J zEY~5+p_ePE3sAqrV8ReCD5`mCL|+KI_heGiR@2?tb>sEXYP83up_uvTa%l4A3-w^a zt-l8|3THN@4nkhnIvuC2?b9U?N182^#GNc2xZ&*Rt)So=06mOrr_$$lM z-zSfKB@%mXE9oMlH61OEha1X6dvw8YrZH?}%$3Xa9|IT6NW{EU4D1bzv}X?jPV)Pp ze0+TLsP)r?IMHMrZFWyOjZUWzBKm9V#-A^Z7AVEtPBc{wH}d7szMJQ(x3H9b%*xL4 z#?0pA!0k7?uRLU&N{VC|e!9*-B(KWu^u7fWs?CP)o4fPZA&Zk)?J=7zpVb2T@1Lr{ z{(;Y7#OHJ}jIM-ze5?;b?zKMTvAG&Zeb&>?)ivZ1>~8Ba-`c@lxLGKWkJhxbybM~u zPE3pzm|E%MeZV3QgGQx!4ULP1Vu{|~nK$t_o!6{UK?S-gVU31gxv_V8?+nL%s`-0U zRnm3AoFTW`<}j4m>YC}!%CUa0DuS2bx*BOiPR`!md>UDg%9_kJsun%;G49}x8xYG| z5)D$q1X#Jh$>tO3q0b$XVn&y8x!hG!xd!I#I0h13lTc=nMNL>(y)yJ+^ZNrb6HZh? zSSBR@;aMgz*y(;e-r++(*D*hFNtm|lK`Sh5%ELh_zpkKYr1v;NjV;(3u&5@Su!`ZG z2g~wCNB+ofbKt{HW{y1>cMXIcTQb@Vu)MBa;Uk~qw=~FYe;4Gx6cIVB`x2x9%M~K& zWU`>~&dQ3R&j;1S;y9VtjFdqF8++aIrexFWp9Ecl1ojbLWppe{nyQs9rk-54E=r6t z`PE2!w^f4$igZ28GWSTB3e|7;Q@B;CZ`=*0D_gx-wX8UF{a$|3UWvS^Ji>zf{cj;D zNlBex!20~sMt$OPekYrJdwWay?`~*H;$H^^K1_6!7;fYW2hn|hj&T~l>tbnL0hzYb zRd0@*N3zI7fW-cJ{$+BT<<-BgYZoto8#pbRf!2xC&$-O zwk*KvFzbC3fR_%iHVxkh3*Jr$PIy0R;LfXAL5!nrmz`hFpu2*FZj+%Sb8IG~u|eU) zLK#jnr~?mBq+<96<%uTPqgXg{yoAm_&1&mjQj}MqYmoIen>DO^=+B zeq<6Pe9QLk?IVd?opC9gucWdQT@>;+l#mSm(MN$h3q@Ub&P2g|mdtAnq#~f3+kK0r z$h`yAI>0LQh^0$>5udj&w3NRePD~Wzfk8osk5nv#Ddh8#TzOa$=xdZ1C~}}#+zb36k*j@*?8}! zmk%GT*Pb%RD}lQ-vR+sv{qHeu!Y%%KBK$ieFX_e!dqRX1UFWdrigG#i38H@i+js~E zwkg5v!ZzV`Y8l!jdcA{$dI746i;Y1#i!2(oP!)R_YV%$O+)Y&P*GUNJoZ}XZ@GJ>a zgr{Q;!7}m*tR^KA*>TI*AN^tyW?s$CAV7*R8_Z{7 z(2_6AmeVhI#FTPYg2lvWKM6RR$AktqL6-?*@RP~)=JP{p2hHAUWk8!uw6s`7@b87+ z*DT1}5NKD*S^nZk2vclNMk}HYSriB_Dn#J6=7J4d8VxhhOv=g-r4L3kp;q8qU7LHf3d=ghYR19NK_ta7MRPXGFTU`rR%R!_8d(SvPq%Mk3 zD-SF4=pxi23|e1-6dlM9ip)6X`j$1}T9!ZSLsmO1OD4}M>{u!sUJ`15hSJC@^x{vF zirDrYoc#Kbj81RQpRw#fp}}Y4;pZLgnvT;Jaxn0zNKnxxau?>n$mF%xlw=@tg6mse z^m7Or(VTP z*1l>3swHDx&&*rUU1tr6Jc1+>v{U(jX4Oll zP0=<9ze7KFLqx;dJpDgjAaf;;Xe0i&(qz+i$T|$B-MKGMd9I@tV7LVN}r&KLeB=tk^-dh)7WN?mf2v&M{Y z=!S-R?9k?5Q4zzqp(S-Q>luw9eM3o^2A8+39`@136QIkNloX48wV;kfEANvI*G=VD z7#pHkLA-ElLM4_~=SSd&>2P|OX$M^4)kc}~as|tweE#5OguKqVtI4%T@C|I^b zZo6*AoK0)Hk-TNMGbi;#`q4{5)ukjtvmbELFV^ou$ zB|BJs^(^(2+w&CfER?nz)0Pu_6#aCtkZ6-|D3 zjqC)omZO+6;7EtuP*UlCZ$IG-IV9qaY5 zIuAqZ!lxR&RNhqTmd5X8vc?!06V2=dF9OM@>`*g4wER12Z`htxB`W zp0A7KKU>wx$``a!N$qNaSyAz3u01=P<-WfvyCw7iPh-Hj_%4L|d##D$oOgywzAjGH zYQ9)Zo((TsqVF_OT3D}Dk^TK_x5nIfXts)3&4CFg`gAtMVY6&v5xdwl4S>Vs*QYqG zsNf_=#2JnabfcH&*_A9(tx8r7u;oGSQA7P5Z#aIMvJbUJi}u5rTSOXw)1Wh?|8aC? z47fhwFakvQQozpYiX~Kp7KmQ*(?Y1ItiHz2t+;|-({SXt!KG})w zmy3Zyq0!NcEupaZ3qLTq4$j}lVk>$0H8eETt>i$uKoLZVZ;T3Drtfmr)FF1Y++qJL zK1SBiS$~NI13>LUh7oD zk4HYQaOJtbrSG#vKV5Yqx33Kc6mom15V%sZ$R=+fa5Y1I zg+#Xv*Q+}8*FNvyQBC)VLS*N=NY`#|bey$piMzIYY^c5LZLc@CaG|H>3jc_7LlPtY zYuMXgluWh+62F!;BwFj5>|+s&Wvs2k-inZ&_gE+#1K?tIT#-^&O&Y(|qT%rp@p4m-gSae&Ul%BB&nWkWnpF51<8-KS`ws1O0Fx~V80X$}@U95HfM1G&q zH|Nnm-_-OEbWW6*O!5z$x+g%AEp=m{RNxMx3*QfL`f>{h5M;=lCTrq>vQUi@xNjqQ zxbaL8Y6lsjR8|opLon)t1Fg2Xk#SuE86`52#N2cZOm9gi7rNG$GBP?J$tE#^#+Q;BaSsF&(UHc{9kDB5Y3JU^6l>QRvFG?E zIXM~g3yl5!pkSAjh$GWyCYNdye@RGS-c;N)DV@xBabtZCQfI>ue5BZLN{6zSJq zb37N+==JTu*S-cM%0lmk*}0-zLfD-D?-had7`vzuAMJcv672M5p6_xp7i#800-fo2L2QzKtFZ32TjGD+vV zK`rK8l6*>*|2+K98_>oMNJwqH*``T&emFBTupSG(+l3q90yj0UN*CPtjsb4Sj)x!8 zN~#?U%UStDNE6I@53jRN?iE?<|J>2*mmq2eoSXnQ&ugF6o2AY!4?a$(Y7x+KjsAc? z1!LF3^IP)m^mLL{Zfo=sH5v(RSsf9kzj^ocr+!V_s!C2sSzk=t6L{>q;n3k`R#%U1 zyqH}e)4!dO-P^^esdw_D4n9cwe4N@Girfhg;?r5FT{wicf6SFR_JKvO9-$_^xe@3W z%WiBPc;-0HaStoyNqkiXz$zgh5OkC4D`>x*%Tn8LSF)l^U`C_!Pyr{R;^ZG49^U&? z{gfr`!#yUrlww7^0MFG0IN4bbzq-MndnhJCo;oTl9o9dU#!gb7|%FkXbG`Pvge>Mi^CuaZC2c$VpXx+tLIHYz0tPyPa*;3lQ1w7?>_L^tPwiLD4uf;Iyykf zoA&`JRrY*9q`>ftX{b{n1fbH2$paCCzsJ^wK#C`*SmrSmH8p=8?oiSHD!)%zO4($L zo^lst2It!xK#D8g0WkEjsi_j8)rI$h{hKCSVLQ)0FfcL+^(keY7NblW63>Q0KIkkn zo$5In4olvADn=&jRKhaCZ&MR`;_=?9IHOp^&S<&*v+o=t^86hOB=oC7@0FhKZ;L2k z!+^0RCCKB+vC49{^slcXwJ|9ac8@BxFTwYnvm@{%3IN$R@ z>cmwj^Qq@9Xtvn+`&S4?);&eoHWE?2(m=O~@G+IT8IjgkWGcTQT)2nYcJAxLlAmM{1yr)9 zPzUPT(Xe*@%&mq=9xFL!YFlA?*`|0+E`zjZG+Ssi1M{p%@psSJzMN48-vk^bYfFC6 zB%AhIBAfIhX$AD=j#${7#Tx5(KA33uxcVgl@WFPx9g3s&H8TgS4+t&g|0Vf5c`4%+#s4l#-2K#T(us zD}RrW_Vp|)GyTCa~x%@_HGe4iooYog1V7VP>A)%}O!F?`}4^^oxmzmLs$YBvo}5 z#iM)egS86l|F&uge*A=X_`D%2ZrSK!!1TPu{%Ns11*!SZAWg|WjQR(;NIesAUFg7+WqugXzk2qN- zV2b2-+l^j1`ULeX25G@e&1_^)^#K|OXAmi@OvD8zL}*;^#ND#vO35e|d?agdwtLl1 za9J?(QdbxY-ycdY4-M-si|zk7y(UTfFJ0_xu)C%2BG%6rO7@P>cxCmQxaTpy} z8N4(UeD$p)X`tb2w4Y`}{H&RBAQXLih_!*a!(NG+tVdzCZTYFYv7}DK78R9n%~D&L z7r|i=B$ePKG^LcXn8et0Ght4bo!5{TeczmzGIdQ7SQ`XE|ND(nARK@h%NZ}@*F+d& zCQ=odf|DntYow`J^Vw+RnSHg~6Uq)Y^5H`#luSfCe`g$K^KD&uPd`R70aPX z30|rf$?95b?sM#+0dZVos0{KqW+6Z5YZ}cKtoG~K|fwbmJ%8BF5STr)2YR_FM$jcu{|})%#noPZlF@+irxMay z&Q41B_MmqQbc}<52#2@yK|=j|M(6s?7z+-=r4_It ziR)(^z}~97q$CvaUve!J@dkujBL%bkbUE)76FwrVb#{>KxYYA3qRssg3X?3A<2PFD zJh7Eh2%DiuEjm?BHN}zQr8d?1Lht!Y*Zwy$vw7LsVgIN@GrklK+60YccMNu~goL2~ z4t}pu&P_99q-1_2nIkkrU&r$mCUxBDx&^T~uQg+{Ljs})f`?L!xu1inMy_ntNQsrD zLNQnN`XZr5f1})BBMsV4$dH^W5s_EqmrqL`4txPUhhbQNTf6@IGD^L2_|M3PJJ5fU7w(@pgR7Jf7@Ej|4_hre_v;TIKqXXnjM*Vpq`E0WfyU6iCC zdE4UD@g3Cv9^yyv-U@TR|F84MyDx{X#@Hi^n%dePV0S2DFYZ$3`jtAX!|6LAGUTP6 z@B;oAWfT{FP_`TcDwDd>>tihV+vFemh^kmwQhdUls0i^8F8xdg*$6r`SP+3ZCLNfWGm=iZ9eVuL1!OMCBn>vvt}mi zDH>U`h&a0sz8eRGzF0-s5r4kIz{T~dJ3ae6KAj&m;UKtllgv|@1(k^WOA*?ya?!DF znZ$IQ{w1VZ&`TzN_JGh|xuUsVAueRjFuVE0w7bN&?50m#j>BUc+ja zlb^d1*@QgC>@+4^r-oh&jHg-{j-GQ2Q0et2V%^}V1)?qHNC&5}z~_W?VB$qB214QBg!loh zNkBnpYOJOPoToh|9Ck1VQc@}N^aCb(=vf*ENMI~DKM#iy-wQ<(apbR3tXV?6Hh;r; zd35`jLTpt+ZYcpn1%nV;g6Vri{PbWRb4H;z8t4d&sqQBO*>W>6EAqgcUU)p$<{Jj- z%;~H>DD>6(XWJV*x3&h9X45ipgmerH6%`dgEts)${ee6YQF#I68ASoMxT{NWh!J3C zkAY(9I|%kwG0)G(9XRSh{8_IEqm(VR%Epf&| zPNhD-_CZ-*Yq9w?nO!PpjA|*NyZ9~?Y`jp>1g~P|ZzzyvcplkIsOf2QhDvDBVi(9` zGbB|xO;H|L6=%yLh2MM0SOri4cN4!OeOLav6MFbw;|wKtu8K?fmmJlwL+-e08C)si z>k@3O@ShQ1@#vFeKdr_gU=+bT`a1DL1nhZ15!q}d=F69Z)y|Kt+;>rov#eDirh1Zk zX75HLBE%KtMLVOd@eGDcsAP~34p4A!cA*Y5-}g`&{~T#}9Ftf_zik<-4G1IJGaW{x z{!Go%q#MF$^_rZi*K9Se(Oy=MGkZAvVAYnNq&bI}g3tB8EF2$!5=&8^YV2n@SvTCn z@ce*GvC(gf`Xv z{&z|U<~~MnZ=QkUvhQ+QsI;`yY@5@SOjB&+60|g*??%O5dh*y&*obOWU|X>&odYoM zK^x#%P@XR<8?H+MX*-^rl+;wXB!p(lsK&s* zzWls~9q$8xTT|6;%Vjo@yR^NXkewA1^*5mUtG`JkjfyD^Rz5tZX9EC`z$N${{XTr zgWtr-hL-1SxaD7Jv$lmVwYqu@Pq<#R{5k-9?24ak@GO;ew`!$po}mtzvX+ur`9-Hk z#mw|3PsSzethbqSwM z%t55bJ`k99!JV^>p8<{2ECam|5Wx~3l_c9@{dqj3A@=X-GAkAuY%`e^^7BRV1r-Q* zIv)k=vt{tTcRA$b+}curDaD=?%t|wT4L#ZtG!vCVFMnZiZ)K^&(X&ljW@l$-@tOue z=}bAQ!9Cfa*O!N84yugUNxZkW2W5{Qw2XWYs}z1?x^Q%Ty4LdRMSo-v8V~A!?247O zwZbl2FuW<}FOeDmH|Tcy&P%QiRGB2C(-}vEDHMdu_koad>9<>BIYI$RI*T=*;ltlhPi^~ zX$rws=aJzi&o~T>V8rEkT*EEmuD`{Zo8A?s$I@vsj#%Gpf1o5^_6^SsN-9#^i7B|B`{LK(oV4fknlUfuK3w&pOQSprLXz zT(%oOIVI%T-|w1c>oqb==iliwDo5$O+2!tRWZ%Ul*tK*Lu$Pejm`HRg=-*ubiHlE+ z>`nIuo?e^vPb5nJ4+m!{X%%sKC{;mzHcnCwqwO2rZ1uM8TL1Y`27>2w!BqDRC6l0- z?-#w*oW#bSi@$6~d`{ne5A=ML3_T^L)%>27p4Mx36teq~yX7mbJbgb+ z1TAMJ^HRb|_L_bwV}#6hsfgSU{f=$5?X@%l4>B)`aWcMfHspxC^rQCE^`3uQRjF^% zxD0r||Iqs^NGCFN>Lxx(R3LDBzU(x|sgB~B!Zn30$Q$ME_eD96@r!#fY6L;V7far^ z@R$P~z!v~ChyjP1g$A82)a0cvxGSnf^S?APSrN1Tti!qoWm{K1sNY3=f+khFC1Du13FkfrWq;08upo^QYosSkWPn z;k^Lj0I9!U)I;zk$kd)=30Mx?gYe^c)?;FeVvFNML0!OtFsw9Gr&t6CQu{}LhSWrr zY=!$D8E#6#Z;1k=4K;@rOLgQCidRI>$A9;Q|9rMWkY>HP;g`Ux#lK%c&kRpAi)gp| z6Cg!D|4C_EPQqa-PXI3p{T8wB54g~5>yt3Vx+e_Kg~5mhKHY&t)~td{3~1aMu@mKK z8|i#V2S;mLdAT)sdb@}=p{<~SxiC;A546cPJc3qVXs}5hB8uq;>n{HTVHe)ySE8U_aA=33G*>njsi5ue#{HZTyr%nmxza9B|?+p-YWrA)1F&5<={5?*c3C)AqD zOf-kK6f5)k3IhY(&KK*|6$9<5=39{n&LqO2|6b#c#=ypNJp6g{d?hNLp(v{do z!jpzjyr70AP@Dhzcq@e{m06<9OqmHW=jY@+2knn63+VYv8!*fiL|-}RVT=%0Uuz|N zgerWy2Dcr_j0S_YLl9%j5^^2G5f6dVeM=k$))TDqx5|P4OP_gjqlDhSc-#P7D&G2* zUl45J?MDv^3S_a#4DfFltqbi@nF!@aixj=&&c!Mt{V^2?rJOW6H`wn>YGEsw4w|Xg z!T2FY4G`PLYcfL-K1;VSz2;KN0PjX7w)Qm+j-v1Wq!26-B~z%g3&rBm_Sf<*cD(=5 z%Ecw}ckod+o}7~g|D)23Zggzd)3l6_076CV1hYNqQ1dZb4Xn2PC4y=`TRyji^$TLnb^laX{`H=MLLVTs<|Q-_wX#T%Eazqw8p{M9d;4&+U7)cB@FAwzu6%y z)dF4~L26OfYzNXDvCHhY2_)HZlESb4l?V~l>oo}r(6x2es-`TB=je<%8upp5rCLq& zJd4{oxkqt)ICP9zunsW2pGV4I^H?)8)9z<}#J`b8nVxTI*%QLbXBP~je$BT@fcHmt z$$gK<50g^gZ8P@qmA}jOhSE-2%XoE;;8XFw_??TZkDY~I>GwY<5pfe7v=vP)ySl5n zEtvUrsg8+EnhY!@Y8&e~_#cak9tf@n##)3h3+}yV#(*7b?SwvWe!gpYyz9Y=C4!`TBy&&kKSvF)9Q@nokMGGT$@LKtG21_4>B?ix(elS z(*P5LVnmRo)`|Mij!6H(b{+VgsnIhTxw!C7k&O7t!i9rv!zV&mXUX)^(th0z$wM6+ zd2_d!3V^CkM!=r7(0Y4;QPxh04pD--YhZ50tKg89}?#_pQp-j*e0Y zZSZCAdJ0U!FnvgSvB_{Lx0dhCv3}u9lo9Y=a2gRYei|QF?5wb5@K@s(uoZ5m;#^9^ z-P$b*2Pc>$w6u+}5Q6myjC0mC9U-JTK#*(^6$Q_S_?w9YywpyFU&oVhfnn-ro5BD> z6FOh2dUY)=EgQH7UFI_4O!=hV$=6CWyN~@|l?G{%*-#5%9$?g)ZPTUEA`^$K zardCL4YeX$M8jse(rHU2K~gDfzSO;(Ig$g>Kg%q_Eh>ka!8;M5FM&Dke((sxBrH2T zJwx7uR1~HeA*W(xL&NCe1t|K)gJ=yH?#Z`%o){>TfzC9bgmJg0yb2|Zgg@^rVWiCb z3@%wQ)WNRVt|6R-)UJT_WsxKjDgObX6?P;#9#i^)0=Qv=p8Y5D8F}gG5b%i0yMUc< zQVQ^Ov#gU}+0CNc6Gyp66pbD(OH(T8wL}!Krm$J-zllIlFqFQ5X`vZVTw_foy+Z79 zf^}A!{Z11h;@NWCifXN1Rat9UI7EVA7sorW^px`2o;3GwwM%jR4-zunz~XgtA~Hik zO$~FpG<@X9qcki;)5k603vQqGwFJ{e^%H-DENlHO$#V>d~ z?~;hLmAftW%c}4ub$}3(|0k|_nx@-@`$CI`m4fn&0-1p4$Je5~LH}jl#dCWx8m;WE z1>LQte!Uz?9GjUK%i_25hZ(hNr)Q{GWj(Iiug+-~xFoU$M8af!_x(J!I!CndI7Rl! z0x!AK=-Q8q@!6U-t*vby-aU_4!SUr3n*cK&i@)=un2*<{{`X9tq`I_(GVr!^m+`h&`7 z2M~@xL@W20e8$oF7(&d5;fCIbHce^mGW;5y0g@{p4=tKm!*~lXe%^O6&T_`LRVnV0 z+D^L{^AXu1;rPt5k-ivh6LGz*we=(Z@$Og}P}ymuw#shHe#Z_LlnIXg!p>b(T)YjI zX316G;^J*#NE_(>pfF3KxJVXw@5BJ!UEjlDO+-Y5EetuaqBv40acv6jz`M{sNjC7( zg@Ay7{lh?Vx-EiT+R@Q55iw8UO3cfHo1Tfdg!kR+|NeT^uBdU^#$W+-wwq7B5Vv#e^?< z|KcBGWV(7A8-fx#@)@j3%$QT+x+sgF1c0EQ)b5IN+-IxA)KqZs@CE{_4CPbR*)XGH z&0dE;{_f=&<+QeONv}+f0skihA&KUJE+&92rx#=|zs1Q3!2n(jb82cT^gVbp01@?@ z7kADJtq)|&Blh>LrFT-}NqJChP+{}DCSkE_e63IN=ZWXDh8oeR=;+C!zb`H>f&-Az zWHoem*V3`1q!v(LC_9toQQ$vn$fU3#g)ZPoE+u>QuU0#bm&T2%(#t>vY0p{2sq1P&6Fb!z6bwR-`yYS zifvAfy|}cp0%Aitr#cmhcMN{|+WckVL-Grytii4X6hwyl+Iu$%N?gqILP|Vn$uAuj8KA?3HVg3-%|MfnHNYKAu??& z$)* z^BZ_Of%_X9DR@n}B4Qf-AtB+#br-pJ$A@PK*|A$V<1VroqbT#H4OR;eHEuHhDupEic?(mIY-j9^ z$%p~#ji&YH%SQ^)A#kk*L6kYrG(xAbJm2~1!qAvG%%x$TpaNHbzWhz5I~jLLVpbG9 zNAzs0t!bJ+eTrx+C;Ap`T_pHz9q2@0B7k8qX}krJD@b)AL?7$Xq+eWAT}Ytb%T`Yc9=!Cv>tR@;(LX{R%J%xAx5jx5G)(-zO`@cOL;%4B$9r)q~BW_pK-1VttK)z&P^fR_ZSeMzh6(1Thhe#g9EV zz=}b!NYID;HbXEqPo^*{lNf`=z=v}W>!sr0a0c4>%3DA_c$%~kmHN{ZOcKf@kqu6u zRFXD$N7X$3^Fr{FBX+k1|7{-(6MqYVNGE(R=>h1$7$18eTa~X#KFdnDvPd+LUQBEk z#s3>j9$onTVGR#&=ck3miKm~TlG0Mdcyp?IU<1-d`)&8Z?+H?3A~rUsDK?5&nj~U@ zlD46Z^?L6fiL|fi`izPt%qVj)H(w{p*^L8lh5pn91?)Y7*IaGz*1TVul!Tw3q%@(Z zsDd}8p=a9gRYPWs2w70YTE@>Xed_&Z_pzNKnrElI^)Bl|8nj2ud|}_6yeY!mG(JHA z9<->RSa$>x#~%^i${!#%ZnDoO>U~r`)=jX~w|##^EEKqNaE>>sk|*r5KB@0Di5Y1b z_f^nm{CI3(e=>_lsNZyV_53v}Z`{ytT$K{jP_o!dhS!Xhv1O>%H)sm66V&D9tE2JL z2}yA^_0_*!ycFrvhW1)>AV_6>3ehobYZN!*>&qj{roQ%y*0LH<)&lnW$#2s>G=>QJaQXv`;*J1E6?#ZN0Z+1b}Q*F{8L3P!0=? zdZ4Pe5Ko0k$!Y+7p9nirJi+|{TLWa%d1~&u1?eQqGi>aEc&rt;Tt)~Dq)!?sgvoJf z!-PV(<%8p4=%^5L+w1wd#g~RhM@wO`p)k`Z%d2sR@|hY5kS~=8gt^V7mX$dm_rAKS zho1_pg9HTW1qFfIUl91&DkqMvOU{u?8Cx+=fq_SLe z(`S40Y5UZ47MGiJ%zoip1)tWOG#s5jsKHA`fcdAGkPz9FjG}KAN&BncW;oElrfIP% z%F4sEuy{$w@-eVjxry?$1H(FohJJTv+h7-%x?!{AFhFRUK)f1&9~#^gNdjtGW8f}s z`T@)ZBISc4&4`*!6MFPsBPK|oVRQv8LxGdTNi7!Pw)y#3@!3BgVsW|a8Wzf`+0&9qt+Kgk9zyn%{_ER1 z<@yzOXz<79U@(gEvzL)cPf@c?Jm-x?X^CtC`?s+PQFWa#>YdD`U{+^>aVvhV>_tSJwTCwe`8H=;Q1=V%0IxN~E=$vZos9b!4U* z5l+d|8b7qUtM|EYS5`6!+~g7S$X-nn=QnyQj(=gQLL*94Rr(+}N$qS?CsuYxz{4n+ zoNF~kE`E>Q&u=nykb^L0{lFG!3s%`&_uC8&CY!+n6UMC+@Q_((Eh?r6Molf$5 zH-V`$*|1n9Uiw#T=LqR}wUduJwfu%31k0+M)^*QZFxl2;WCq*ELR=W}KWcxqm+(;k;R`T~pMB^D<%i4e&F|v!_KEl{oaM^_Y3F0G@(RKyb3!1i!uy z%;dq%G81x1uM*aQUG{|vbsUi>shH)%4ZjAKwie_#%wJ5(3v~|GX8oY=)8CuG0y-}cra)LAtK{>58#`_D4$>`!UA2i z9N?l#E#e=(1;c(tFZgDJZ!T6U;g+1i&Pd|R;bcNxTQAX?k&1DGN5xJ0k9ICK=i_xy z|3$X*^FrF@Q$?t8AXP6}l%rHCDi;kgwy$nY_b- z#+&VNYMbT_q1Kx8lA1l7;VNE($y2nmo!#$)199_Jt4TunNN(a^AgVM32}VJQPy;nn zyDS1z{AAFrCWT&@U8$4q_ka2FC5_?jJe#>97L)}hpcHMmhEg#o4i?^(k=^DH}m)fyB6@)_lwDRn(>1?zaXHzy1Lfd+z2qL=dD?~tsb{&r*o?2 zDq!ROESXT8@$hUF|C=LSehMv;g8kg|b!CpEb-fld6J)o=+ju*=v^n*3R*t-#cCRjMU;RjWNzSUGVho{oY;2QSyRY#V4dR2aQTp8=cREj$E-Ji}QO+oSVXrZf1c&l9YBlTX zq`kGlagR{Bf2*rk{z}q>IWB%K6@;K|3GWO+lDhx+&za2Hakj!ar!_T)$mh>}RYN}= zT>WAvIJ`vy@zZj14FRNCM`v#Bca@XZJKNhVe4Y{d_*ePw3=Q3@8yl&_Cf-|_Fd2I} zfq+jKLd)3;k_EU-@t+aHA-vmc;*!E(1q`&B(qM5$fBH7)VF7^7I3`(lwt2;sQ$<7m ziO(=g4F_(cy<6?|<3r6B^kAlcctNDHkApYR--Fy`((Gm7hM`b9bw_#zh9M=1Eif9Y zs;&+V-2mh$f7~(&rL84XqP8^gPmC_Z(Kz1{q4VM}r9QJV&i#LR4I;Rc6>J4Q;C#ST z%mVQ`xyJ-^TjyO#xNo$T`pACV&uN8EwC2DQoq~=bj`D$DwpR;bSwKL55uzpxW>IKJ za!q}G&pZjBW89ED2(Z6dpH>>)VPz87^GZEVF%K8by!d}R#gT_3UeL1-mmt&Qf-{$* zMp~b5@R}oDkz?D}qN}j5M5*f5J$IfxzU!Z&Pq3GL%5)7t(hk%^nl0`R#PiLEVz;%d7S8SA3^j7U`ZGuXFEsIPhe1vq%iZiUo^ z(uKmwc~}Gy`(v7vjw*hx^Ah;8}>^3qy%8kOzIsK%@NII09oZC+h}QORQFVn=tpSbnrWtiREtRL&;sCJ4h3kTP4_b9*V2 zA5>})hQO&Ch!dCuc{ynt5ADz?jUl4vA0|^ZS`s5{!HM0pX%GKy*4ry(wx4>nYR&E_j>9+0Zt1S2n)Cr%a}nfN2jG; zlR0KFyuCN`WC+>%XoOSx-FCNlw;ae(D!-;P@|mi%@DD6~b}JVJxEQwoYxnZr3~+V= z;4*P70|Gg}wA-3@dUL0Mr0d$;-nVStT+UE|{JeD`b6LmU#Kze3yln5~aD?@I&(u9E zT36QL;K5lr4FbzBQ*hAF_*A8+VM!=(xmmL~BPNgoLdM`0SdP$UZ2Tlv?z$q#9TxIy zjyE)pdRpNam#PHRh-T8b_zEb#;soj_ALFWra&BmXkCD~Xk;w(zAfW$hhkL@KST4zk zA>orU@auB>0ER-SYz6p}z&c?@T!E2h3!e>3!^)0P zS!kINRT4rhsi7i|s%7R;Id$KgLbFNYt_h6^sC%2T+q$~tP3YEn~6-FC~8d39P7AJfQj^Yr#XA`r)3Wc8kAxs!V z7quklZ6zLrgs5S`SlaOu%K4~Lz>jmT6{}7dDF~;N%O=7jAjU9c-L_U& zPF&%06@7fCS0Q5=sAq3pqOay;t&ZZ;qWQC2g*-nWKQkrufIH5bhuiBgyk|FjarK}K z1XsSMrer0PlclBQq#n5GYx9Uu4{pw#CVz}CJNW(c(%70)gmZdhnfO<;az6hXF)jgt zA69(X=J}YJOOAvHkmiN?ozhY~=#@sAxkU+`I#^B94uj(RP)Yf)T*5cij@+-d-8|zV z{cd?fIT^%!)MDT1W18427OcN2M7!y^adFkAGEuMR6cFbZU>`N=mAUZ$*vsO7<9xHI zz{wt^lA2ml;@&d9!Ir?@{jne;IX%UmSBaDTS61F6IeC#nY`YG2rn9Iy2^?YzGD zMgBY)Zo;Fo;oX1zy|=*~W&ATe-H*HO?$dVrs?#LIk^GPln2_-B)*j}-@1^}aP- z;Meryf2t==PDj-&vvwskJ|m-C8u{7TOoqJm?ceM85i#SY-nX&1QSrRyVd-`$3vwLo zs?I~#b(JtF&m|Zio1C1HA8LozJXo38+Il zbw(YE0dRT%=!R|*YuJlKR=EUS#MR9$)(zEuns=p(_f;DLY$L!I+Ojt=GD*AkPM%1mmWfT2R1 zOjRoy<8}ZlO~UeJMcXP6Jwfussa#$Q7gdtLvG`%}i%nR-9+41kVi~ZvLT+Y+NETb@ zb`|<{@6QBzHBi9masPI_G0zv5e>&>FU+KSF*mN_5L}9mA2EnL#F%$<#MraC};}*`` z0)7|v#^|44*@Qo!AGm2UIo>^=Cjk?EQjkALDG6tK;n5uM1Q1=F9HvwjA&Ui~;P&&H zKkMb_2K)K?76d)t8@~T+H57>AW{`{7Zp@VSLO1W6=zXQlyfy< z&YpJbl2X8}r@x`2yBofl2ot}YIBFpzt-rRmr-&+OX`EoS(cX{Xx(VT?+$yj2m~K+u zyyLo=J_6y+P=|!%O}A#wzb6ANm67P8*H2P7CgcO+J8ZfvqqP7#I*3}0Gq72K9zOwnG&I@GAdxp~VR_!B zERe+YBbP=VYqo8Ja0*308KT|f`OlUCPsFcA%rPabdBZLuK#wh=U?j1IQbu=+G>Ufn zTh;o)s6*e~Zh!!ZXIsQ^qlF}h`r7&RMeL`S zk%OmZOqWOhL-6_R>?{atqc~rKE2yQbYtzJ@Vtf9uWJwaL^oMsJDc=Mv{yx(Vyz-F{ zNu*P&LpEpUG=Uw-8a9=Jv`m4_C93unQ9m_{2-{!q9^ErBW@0djN1{p5qjyFv@{?u2 z+})jPCK`Uch#unYhCLu>|M2`bLdk2xqelDOFlEGqnJc}~|2RMMd8IIra|qKptJgi< z&w1UvTpUL1a*_*N-xN?xe-J(C=K}z+u*b!MPfsp3=MDZ_PT3N;$2&y&)Hn3|$#jgt zu#giF1>5xgnehA^SYS>{U5+>eBGy6RTD($cSV5;!^4%39#-OuD8UpWU>QZ^52r%+3 z3wx6q{afj9L`+|uS_~*KD>iWUet(EI(Td=rSfWadh2k`Qj>hn9PYjwZKJ1PYU`ha^=irw#>p7y4621OY+SzJv8aD9#FH{~n<#_+S=i}K)S7L!eJV{83aWZRG;+=; zonV%MP6t2~lT8#%+Q{HjW1lHu3PH}o$w%JDqx;Piie9D&IpY>Z4u#q-t;f}GAv7g= zNB?D$;P-qOAH&NOyB$M9ZJ~H`=ASAR4X z2jL~KmBK5ZgGHle?iv4=cK>;PSm{s9Mzv2& z(q_$udH(MgAQVZWZl$y6n)6V@)~-Orc(Bm}Ts}P-&XALzqY^4Km4G(y^`*S}u}0_Y z-rvW6f7|fU^4_Xz@IWtK{|QwEe+y{SFZEV7JHc6;S4kCBRlh$24Bt)+10d(uZ}Pz< z$9?*t>7Q;9KU46zEYF>O-`q0-Lr}3d7qHI{a~4PYzk3@M@W6x012s*x`6Y?AKT5t?eH+`fpFI z_I!@pxugnRygS7A-ZZhGMkN*sdDZX7$WgM7MZk>El7>dND`HMonmD`sTWgV<$$Qu5 zzqiqG%&xQ)hI%iE3I9>O;@QcB1s|0e9!cN9TF6 z{&j)#m!*}Z$n{!9-usH-KSw_o-kPUj7dG$f!#MnF{^F*WLg4xD)upd`zpn&5q8@_( z{;=xmmU*==5!%v;g~u7u*(9<28s87^p*=T|vjKPm4Wn6u4-i^xOesLZP~qFKd|04& zYg$ag-ePi}7S>i$o@iqVUb;MFKD7JD+7n8W)O|-WGUIO|G}6w@as6F9xw_yYZgg?P z!bubXloDd!p->71oGy;JtJ)mey!w~*-K?!qsdwLGYa`Sy2E|l@-|tg#dAaK!r*5?7 z4M$u8t82j~Z4Kzk{lB00L~i5EKpA3`x;L)TFa+O66t~s^k-!GOIibd|k#MP20zyKM zXz%Vqm+b#0Y~CeoZ*PNLE)B)!wd}P*p9`*f{1qDHEij-dz(Fd7(Fu5`zq1nD_|9c= zYoL`*p0)#CEc&{t8Mu|;c7UpRE;c!Y`0_))fw zi1UaKo+@o5wV;w2!7zP-RN7E)Ywp0t1+G_K=R%WNaa_h5DJ6+N)5&lcpOWkLJp-uHaFRZyF2OFj70r;%9nvX09qHcyM}My&b(}PUc(WL z&vUiBU~;=P|LcNT-nE45iqRDn6-}IyIHFF}pvr(j1bb|k3*9<{2yeId1P;lhTcd;T z@MtR)Pqf`^1^wPq`yFAxT|)08iWP3X--~CG{4pya`~bT?!tqo>wIeKo>%p+!_zA*k zQGepv$!(aV^V{tGpmfyQ%=;#OC*Fz(mC!?-RqbEjf(2p-)NK^HX*(&NDDw5JT9TH9 zd0S$A)_x1vDgQO^%e~~q``?d{6~-tIsMggOwbazkmKp*H>@i)VHmIYlP+rZLcM71O zm~L=Mnd&lTT}JM|i9u^n!Ki-FcJ{PBrFy$S<69*levOM4@$Sza$BOK`QRcWSJ$*=% z`~f^}N;c;7>K>Hjt6WPQg7c!~!ky=xz;ro`hX?1}_Yo<`+xs=9`b7Bezhf}d zEegra&21t@hOB0$Ze>(UbZDVXab#@X=WouHC=BEYXzw)ZmHCYPzY}mrZcA@<6z~;EdAig!ad!M1gt(~}jC5C(vjJcz)9>s=>V$sT+!E0b> zQAF~Uu8*X=h~HKgd=loi;5w_S6wH!#?70vj(4h15#EHF!$+W`zil7Gu0oDeS&xlNi zPThx#A19S35uic&cr28+y<#Bj>~irLhOl_f=P-WIQ#n_1BF#=%Vv;EC4wto0{b%_c zE*r0d`ALc^o-1#rchoSADu#P!E*H4#v_#o%I_6}V?zQ|bS)(kvV~wzo##YL>7lpMM zV`acL5l)kQ>=visBP*W%v1 zCX~T>PRo0Hw&pkj=Y7cK0CC-D!Ves}#uH7=zPGQ0GC%FE#P57zdp+0OV6}MfsbfpP zhPyJVP8IEdBZ^^yXUnFFTi3{FV4l4A2U!9;97WVmJfgaR-K?g|=F_8Y^Z-?Dc%6=e z_EIy*!S$W5lZkTpIn0Do1HioP-0A^aBID za(OvR&X&-sAu47-6)8p8~mD2QcQF> z6$V~i1nF+=qnfGAzBS~h@NNZ7(j=Qd-epL8h(peA%&pca-5Lf&cTT~bVkdgu9E$%v znTF>rG(xK>d8=idA@<)D}1qVl>EZ?0b4)QV|l#Am9B>rKPJBHjBJmuy09G?JZZ> z<-lmkE?VpmR336Xv^hzNvzEh#G!f6TN@Gj2N*2!!42Vlf!PBFvr)*&}De{9A|7H19 zn}>&5ze>WC*N?!_Fv`CN9evlg0M)tHYNsh{jp*-DCv2TLY{V#vLjs!4J4P;&=CZN? zj5#wgF~n>POCNnitPIOnP!W31!M-kJVqUt02XA6z7z6v~mTu|MzJ{lj793!^bNeZ) zww@4){|*{KUS*61X;118<->y5LmF7V)K5=iB~f|_=6n6;`k0=RGdDLUbDkj&gE#CE zThbSj#O5=MUGKFO^cCeY)(($rmHd|KXVDtY|37K8@nulPii5?@wxcLtnCnbz924V{ zvOAA|`lBXa4#v~pr>Ccf%e6!q*~nW89D=bnQ^s6wv(a>4KXQ@^nQmR|wMBWdtBO#p z{WIes#?^n=b!&q1(%WYdru|(EhUa(6qN|k9XrPrt#8cm^)tOM9vsb{agZ}^L;R(Ls zn|;$Ng=fV?o1?zAx><^43Udv!L;d1F3c$^8`pt+m^gnl5_clg*cz76a^N#pcHH<)H zbOIdei?a>Kt{S>z`v{x3i7Cli3~HNk|CX-OL#OE!6thb~ksQttC2DADYU<^T-v^uF@@GUNWjFnjs-4otoJVA|tINK1KYCRif%$4)g zzKY>c&*{bo!%=D5H!1N)ajTdA{}H^5-2Br}RRuPWh3(TJM37%d6Hr3bp3Q$Zn|*E% zi&fLp)8F5BW4!T>eVw=ZRi9lI1o+8FNka#zcK$21rX=P)(0L82CskEd;Nv3Wj|iui zP*VsDpR!?e*IgXl^Mmt?A_IZLOE8coXuJfBQpPUCMKQKrRLqnGeAIyxV;uBIJ^%ce z()1?G>`qZuRzBYBr~K4+)7Ef)ITMeomZ>9=0jV@Tu9r~>ZvvN16>K);jPt{$;oatF z2HQpBXj)Y?yehM2PiRP8OSU@CZo7^}3bK#md!`waVR-5PebZ8eAH0IwJn+o+k0jen zdc0l1XpSH~oigaEDepgWw#*hPIR2)DtP~${v&whc$IX?j(Poai!`7wFSyafuYlG%Z z$Lnoq=Xy3wTl#u}`O}~f4T|RJ6{9erF@G@tNr7G#Zt%QuCv(+~G&MbWhvJ4gi(Imr zH&R_P2wTr+cKn+QTgZM%u1`?zmi{{T_zJi(M1LLNCmYSqZh&v}TDirhR8Z?IE|;f8zXJ@ z%&zRG^}?kMs`Ka@E$-9mTk9}ZXC#sCr|JoPz15XdQX$qfEH&D)@@Tdg3!@e!K@Qb( zw01dthj*~Be%%!Ykzl3H>bF2Xvt6>h8_=my=`}!W_<+;+wCwyhgD@e%H6z?>BqNp) z4fdV4i}ES|hnvqzb$|Fg^Bw=xj7?49$+R<+42YFilfI3ttkiU^RSwM}2<(6NC0f}r z*o=Hxm(Y4%o10@f;`}MqvF$HqX-(;XW~?Ui(=h^28XI! zPu>Zq>tdD)KUIp~wl&u`Uh_#TCas$YV-KG|;j}B-k+KR!ye9M}_WP zU%V0i@@zU%!Cx>gVQet2K(HiPV?PcyfZim}?%64;kvg4tO!LcG-BL&a** z9BYNI8oHxC-z6f!g%lT4cYIIi%#bkB+!`?ZNY5|2WTA?bqelhxIoyPel%j9?9*$w= zMoU99v|{GvxY{^qU3lot!29PyeX1Xxb>hD%^I_5x`I*Vd@U+6h!lb3)2AEPowt)yV zw7w!Ryz#ggXtHq-N?P=IRe!?o|9P($Yr5~pVu1C3n*@ZyvDo1iM7;!vVEn4nkVSHqGf|+&o)) zENVy4hh*XUr_N7M*ae|uF$VQmqarC5>ixMUU3f}cr->zv?VB9XOo}hi40)Q5ohQ#v ziY`wPPLv7*%O*HnJD@=w_v{s?<9*ws`?w#l^S;36`2_&%;ei@qgtyIQhrQtC-cBEb zHoBMXB{2C7L`|2PQFWWy$r-8p6HGC6I(A+L+RAg5P;z)aH!{#NvJdS*Qz@|-jES-( zD6<4&D&e7v$!H+Z%CsTSZXX0bz!hu5U;{6zVkXk)^m+`LbVtnS^ae_Af+Wa5L?xDg zufD!s99BNm61e6hJW1!aPa?hh_s?f&QFA8P%z=}!;llNiM;W#fYEe4z^SMF@#ws2| z%MoQ36KG~u5*JVXg+|!kN!mwcj#KLB+>49LN0W*3d&Y~##g?!O<>iz91Pw>S6C zLiu@5s#ZQ5jg$FY*2s5(pEv|c!`TdOb(=DhCrj~Nj%$-g!KezqSc83pmZL-@jX%q= z(S`O?tdJ%81jGwsnBHd@$!#x~^QHhHQ?JE{E-oE1i;;nPI8X=};C6~)HAQ{gGB^QI z@IEb$X~cJ875G9)ZPSLPQQ)ZQGz2iB04gj-FTX25&j#StS%63*2!*X3rv0~#xjDgy z4+eh&k>s91Sj1{z=1fFqGw&(p$m`O7TX>nzas_7TWU z#fN^;g?y>kA60tzw)gV){LR+Oi!YAK%Gvqmqu`??xj&gYY~d3?Ez)}&Q>z^md9P$>7k&UsV+fE~Fe1n9ar<3!H8WRn- z!}#*F-J&-gX~MR_m+t=hkTGok36+Rht>=X+1MxFK1H5xvuW>lFFZ6a$6$(1~(!v5D z5)ziqM8oOLxVl@j+W?Py%hAzIU`TYrosC8~aYhP8Wn$>j(%nNDgp#pAhi zB6!;Y=$&t9^1%a_{=`@`8u3Do1WIsr0u`ASdZdkhjg#!7k-QgzbJc*&lwtYHWeC0= z6C-1b7Kv`pZvi&8V{ujn+mbm;gOq~2c4Va8x^`IQprO2ml|*ht=|-~8GO{}Tb?8&7 zHKoQxO5C1p#anwzx($3fWf>o+c5>e867nw{Mhy`gxQvR8RIVm#Jv9(XmsK@TEoqK< zfgX8DVPXG~GmxUQg})^Zq~rjKe?U?H{rmTaD1zl=Zb>~oJz3dF00b~MH@D+uI`myJ z05XlPokrDzczp_JZaO+SJx(XtLdaBz8JY}AaT{<1DFw^fi+kNi&qk-K%}m=XF)}dZ zcwdbIM=Kj(!~x`r7}daL@?KEJA^5_xO97zp2|ZJ*2_GQd66nDP&5o;4l(1^I{&QT5 zu;_L^yq^2L|LYN=eTDmGtg#IzPGY`)iQyM40%*;{F24X>e85+k5M4L%J{NSnq&@hz z)=pgzzUABXsH&iwOw~3yI~A1?9DwP9z5VPa+c1?H z`S&1(sqaIYX25dZAHnCN={Mj}x;qE{?7seS-q_Ss*B!m~CtGCVyONSxwRS}A*8y=c zv5TbsImB&VpC7LQDAQm}&kvsxnj250P611rPGt@fg2@beN{8S2vkZ6glSCP2tvWEJj>1;Q^inckT+&l&J)_o-QUFzt-3=5S)LNTu2jJLUH#&F zzpda76aQ*2UBgRJ>FK(}qf~~nNcdCGH2W z+utS_SdD-;PVi^QBv zufBePE$oFtQG>shmVnb#w>;qI1zcReff@S0=o}^i1_UAa24KpgU}sk|eK2o*z?5;du%8N>Y2Xg+-<$)1*ad^kY4!f8FK1Ii>ELHT z0ve5Roz|x@Y1Q1Xex#0mdsiuH$1JrU)G)`c7E^XvS|rdE{VUZL{6x6*eY>6a9R2*> zf!ePPK(Z7RP`=Otii14(|aC zW$=_7T$c3f;?$6No8R%^#_QlX*LO>hCR{D)XI8(ejXC{37AJo6YWAOi}=zcG~s$$ zz*v<21WQ9JOChu3)5)_@6hD&VP*rB9+fYsT)&Ck^+MEYwV6T=bve`cxsZzqgtJrdC z6qQ_5+1Ql^_qI0kQPi|lTm?e-GujQh%l%E2ZUNxda8D!ol4--Y@d8`}%%r+@Nkv1OO(~+=+A#L?P_=igvN4l8R_d0{ z%KBdxEo1o?53O#mPYWq3xMj8n4`6!-5L%BIGHSV;XeESeOqpKuP_>+ql8i{htUter zzIkPho%>!n!)fx!lj?|sv{tjXhnQz3tA7r*TD5MM=OnP7x93#nYzGRZjYoI}mP!bz z)t=1GOd7aqWG#$l#;DeJ^?8qY#k=qXy%vf>S^-nZx&T3VREWuor;{2$y1H|Lv`kNo zM)j4G6Sv_6kfh4W%6fV}4Gf5=si{dyjsijFK#?D=hhZ*SGKVOLPHG@5+z%uVZ@#qs zv3>atey^yiI{W)KwEdeD;JU0=mzA3OBLM@L6Tl~G{B7A( zKx3~0EXn?;KLq`9xNB-_<2%YFhGVH>D}j$ zwlK5>9RPLvGmq}cQq6Gr-yhpN+lLU&0*;UBgU7&eh>bx?S~@E;lPwrPgE|xe8b3fv z%!;53gv9~7MT{P#7$_PN1$RC!;C0oi=8xkzGXdf<#t@<-W_~WZ5Ii(i5*SFSbpnzc zCcb!=>PL40tPhES-Oz}H9%9JCOW?GGOIt9R#Z44OMplupfbf~1Q@glfo)NuN1HPjC zV=-r=KdZiA zpo9dWeKAH2O>b?|Se~4AKnU3leR_ib`#u6tEy^n@^5JJ_8%evOwY!Nb8|Hg*>Y?Bk zklgX~2)7#e;T`6oFRuLswj*9HF0=<8_Yt;NAxq$vxr z*6R4q51afsanJi6hqgCIv&oS4@q;ILPj55%MiSqht0Ssg{HaE+1vgi>yRc<&m;wiQ zpT2h|jLt}Ni4j>q<05RZc5oXR8G$E+HqanjpN{amo>SN+dhahRg;RCPk@ztzuU`v{ zh>&mehM)^LSY<+m8pncDbp-p9gC`ZH9>*jsGY-jTcb%!L#yamrzaM1{mOjm)gNN@_b%(b0=T1jqbe&=iCCD1}(LlyESJ%;=Gn`#7rd z>X-HR1NDWN1H9gd6<>?OF^(Ssz^X5hHuZfkxoH{Ah8`vw78W4TY^2v#jByqQ+hUa%jjo@mR^rN&UXJZH6%G6y;o|dTwaqGCnXM5m-5*-E9DY zv}tW(Y)l@~0r@n%04!`2qInWqir>Bp#rDAlJGuh_H~Adyl$~8c@aWBewVHHbOYmC& zm@_zh&vyjqQRNFMB6R||hf-9nfaizfiW);qs#r0vN>>wgNsW@FCQUW2d9@IwKU1@M>@K_OuncG zaabaH5il$M3!MB3>UhLnY8VKp3Bq{9c>WT6ArJ-3Wd!d0Y4~xlzFLY-fRV+REtYAU zA5+>owvZ5uo0kAlAu;`x4c~xkCkO@`jg~U{8&kr#_&C6Z^7QgzZ-Hn!RC&--sckG% zuR>6bqEPn;okW92k)~!^M9A*_3^tIrZ*4lcx=^nnt~V*h+dp8smK$Nw(zGxz(b-91 z>yV>L+pA(>Ri{VbdPA{S7RuMxvC#n(wBvh*BwX~r*_Dj$hSAYY*HMYMHcOBr((4`G zdVo2-UFYQx;2B^`=`Zf=B<_m7CTkGn@bUEI^;KhIB|iZ)ZR)Q;08y*=qay%0eA#1V zZy@7!Mu5HS0B{n=t{v={o7@&a4ks||-^toP^dgE9LD^<|9+QRB9F|S244}tPkIV|M z+!#2G%0i)BBZD_`=z01;J-1@Qp)XSnMhU_&D_S8Bd}zDuRb`6+vT&wvKIo_Bu`K8+ zu03sSK}OMh9t2K{dr$lYlxty6P@uTv1YP5nqKNbak>`t<^ywfysjNZUG#UvZJq?S5 zg-9v#8wL0dmdKHj!)2{=V!CSWSf(B(V(<5d`mybZ_)TP(XA-X+r47PJ0H%3dTM;@n`TMUs!AokKbrU4%KpYy2h~2 z)lrlSJUYpV`T4}en3TN3V_y45?--jicr=o3buGr_AM_tSkY%^0rzIWKh9{~BiRWQM z^=@7qia1Du6cWUSUeyS*Hhk}AB9QSpE_o7U?i6({Sun{x&eUE$ni_4qPJvg3`v#PM-e&R98RV|ZoFrtp1 z|$Hou8-b8`c*I;mp6v{hHz-X1SJjQZ~+ zq^5>GdH_`p9kRIn^W7N+^#vIl^aikTT}YBE0qjR4?n_`#&VBxUpnzD!Ie>^nNdlX1 zu<5nCzb}-w&AkT*Npw40nMLS{aUb}BQt8^A9}ooLdlQsuC_@G5bhv`hjZPTVs=a|Y zRonKX;(sCSLvkfbJ^X>Gxx6k&aOR{hsesMxLHharJgj$E;EuhK%&X2~j#h%|LE0Sm z4xbAE*|Ld!wNI_((`vTv4Sir1trf5M+qx4AL?t%?Bsjn^){eY>X4CQ~lms-6DSr{= zBT~O<{x5y(<(w9F)Fb5EM13uZnKq!Lr7s^1ed9O_P$|nqj ze{jnBdaObOEc|}-qZwI(NSPW*EI8ayM!1i~W%KjORh>vfDs(u3m4j^k$=|y=JqO2d z8C7d(Xjz!jShc!|KX2BXq^Mj3l`}Fh&VBxspV)MjT|vc5>Wxy^6r==9bPCYysIScY zXSph;Hj!%g-5Q>gMc2mmP8gAvPP=Zmx>^Jh_ZV1MtLy8D;D3&euUSXDd$9HPyxr{N zz7TBVz5e9B=i7Kh+qX5&Zy*n1@7cNE2MTA*Vv84oO*g2HND^CX>tJ>y%9g^ypm$tX zYwJ^h7bt8d2O>ON3Umk3& z_InG2^c4u^NvM_>JMrpRxOU(w1yHy3efmwCww6&w=h~wuDLw7b_UUX{>qCWIL&oo1SLOs$-f?K!Ji;R<1Y?ACRU{l7%iiSLom zJN;f>jfSJfqUF}m0v*KfksB+bqkRtB& z*Ngd|wCI_b2&7+pRuVE)+FW1v_EX7TuLco&9iOCL;SX3I`vS#PS3ANq`P!G4ZV8qy zcxb~zAO-I);NjrlYJ=~KKVF3+(iykf03inUM0wEHS67?C;5494qJYdt7KFLN&BX2| zPqi;mV5X+=?!G-)Iyg8G7As&%E}A|F>JIS_e(|>rIQFjzl+8nMrk_wCLfI7Q`!f)_ zc?bRzEDt3cYYJ`%o(E~Hv+)%ApF?38#Oe4WoS&Qka&4mHVX=JQx-5w>z2Hd$;hEhF z&MnS-oJ>?A4x(G=^j-qa{w1N1+Auu?&RCUGYbhxte*JlHi`)b}4-7B?BU4;ycVUd> zL1WKWaW8*4baQdp0&nT}9t~m!a7R%^DTXBkVFuzOr{?lR(o5wKno@TY6BnOx4c0&%{}`o3WQftg=p6&EVe zGBSL)d$=ZhCLtlBOgK1ryZE&V>3Ryv3fkJrs;Zirx|+($;a_6XeqhU-MFJuO-qiBJMHbYUn^Bwu!Qm9ATZQhr&O{TnPeD^>XHZHDt#lG z^$~^+^1HaLdEdtGQQ#g}pNjkP)Z%;6^0)n@Iu0<-JRtVQL5eW>>b$M_J=+1!n+pJd zf1w0vL`=Z+I2yMTP|uHc8>L5oBY-kf^&s1)92gX4a|s=~5dmOWmkZ_IDnh@D&9Eu) z$;w#8yW188lwFCS$WU8hM6fS4y67{ITIf&2aIoRZ4}gQ|xqTf_aB`}RKC$7#&k+(h z6%tN-Nq64PUWf;}dx8D1DXT;%Zj1$Xz_bab+InW?{@%C%zi8XhiG z%(mU)I`z!ze7U2eynOSf3>|39`EGQ1{ax?6#75ufaClw)Tr$mIFl$<8(w6Pz#?oOT z+*?StLgnS@#3bbDzMVs2b-voRP1Rz<%)&yDdGSr`Dfz;j?dA=>giv$Uw)2k zo3TrKGw?pIgP|sU1s!6QLK`2MQVAvnAg%MxfK5`!bpf{``TIG_(WCEpTZlAX>x$ zY$q2Q7f=t#HG0suAmKwdWGDaNhFdNhb-cd5{s%y2Dfs?4{eDUI?ojje^x+}%A4={K zfS~0in6uSnLucIhy-mMA0&Z`=y)j%4bkypKis$j3m+=w+THKKPdiu|4W>i>8mh|Ob zb_*Xgb9Zx-$HWk(7WsWdR5~8k=+%-!wT@ZB#QF))I6|#n$JlxA0QJcb3H3gPz#Tc8 zD-gM9G>rC8{Srs=PnBQ#FL(O^pm7`Eq5+xCgMb6=zUKX@1^_R;$Yaq(_4cC^e+wS2 z6TzeOE`mfcS_lrz;^_buT)OqsD(y{HiTu=k*QXgH$*P84&X)=NEpx${y>v% z`aDy@F3-?0dG}AFpKb{Vd;r>1C^oK=9|!~jnl`le0K{So9!`*70w_(q3=Hy*(!PnG z+cM?5EHu(>LX;F28S*> z^-OP(Y9 z@so41MlJUHm0wEQWvZB@CZ3TC7A@*9G=khzC9S2+UPax0)pG}IEPRW==V zYf74lF{7g?sr!gg1q0LKe0Mo+mu9p(`QYTY%ZSzH*p!n+wPd_+#>JX8%U)LM@qHjgMKV4##yCOe zb7;3S7S=HVx3(4hNX28KAEj1**V~?pnX}R~YQ+O_u$Uw1zTi;sao$${=@59^^oeOoyX*2X?mIs} zK9+Uh2$Id^|QdJyO3nUi)D%vKrML z%F#eFV=!}u>GDgZA8x<7_#FYW5x|uB2w)x${BFek8UY7B zN2p!YMh{$`FNHL@VH>J}P$U!MD%d%aLH!xN2-jQF!mPEGv_>oVg^*n1*C2RAJIzRa9}MQN z|2;JCJANHh|!#Dd~4ab>}R%a*1fMMFT5NS*!0#8D=>j zNJv81$&xy8+IT%z)&T_OG=JNX%|BX6+Sh*oHg;mh1_4=HuSbMX-W78p$9=3qS}yYKNh zS|GGy{X0t4DjAd+h3x8<-;T(}Y<`F^aym@8fSCqg*L~|>m(aJsK4(Xq5$K4%;`$A% z$3;>yHQkzDkO|c+MbYm74*Lh@-tts&3~AhG@4}LTple8j+ttM1P+^SBosP1Xt1+-N zD)d=y%z6z?rFq{O%9?AIcbRl4Y?n2%_2^B~f*DkcPg~nOSFZR+``!Xgppw3uiiz31 zgJ;6sti25Zv>nNhKZWs$-SLB4fnTP?E2wvki|qc?8+aS<&g5fr-cCBIBZP{EeO|C^ zc@#da)>o5iUm`*&m*@J%uyg;R0lGY_pOaWQ6JBhiYvyLCEEL*IGs{y<_!xU6zIEBs z(^S>MLRUfmJduHgo`r?J%*veK@#SRabePV{bWrqjt#;gCrFbMjVPwm(*wh5|aW6LKEiv&|VBmIl zZ^GX$SEU&J26d%umM}UP@9hzZ&54!8LNbnQUL~S|>~gvgSkc~iV%6jvP#i19 z1hc;1epa@A-7X+UqO)(((A4wF8g8Iy}fJ5F0x-m_-nRAA>aD?;utZ*BBliUf-nu6%e=C_sg^a)J=)Mjxc6w zV$$1B&&nDWE86rMZm{kNNE0Y8E`}pb(EJI<6#)0oYd^yV?6@zc+_i>-NY*9`orkUnaTQp7_zZp4-i*Qa8$pNeRZwo56d%9R)cB&w^b z2KB`#r2w*=zB2`sP7L%UcR*pZqBwU8HtmCdG@&Gt&o?Mq?~*Cva-1B=CMQ4~;Jd@! zXl_`l)~G1guI$8*gQQux9qiUv*i&YdSJu!|m%rCJywjvLXSec#De2f3>$5^Nv|bQr ze_Y__K-i(pB6GvT{Mi2rV3-f(QUGMP(c2)-%-o#P_wNN{C@(lV?amhe8YWQBfa2D$ ze#!{{#}oVW^#EdY84RqF8a3PL7CyuRs|#PKBI~@NU;m z36rZhIe})6>B`U5Vr93xp-Q@4Lt?u|2KX08&Q5NXS)IZ2yY zc$ipvW)3oZyKZtpZEU_jU2ZMzGMgz6u3(H5j@-P3KPDt%RIT^19!=7zvh5BuPxqNjz@Uuy)k~8GsBFx5_@Jt@3#ShxrALMx3-Xtsjg2 zbR132Ftjg3scDV#&A*+7fe*r>r=rp7sqt8>qVj>|`CIP$Vitf!ZnS=l1RDPpW8+ao zgqoi|eL_NNsKv+Ht?~TuD5Y~fW}*W4=$Jkw^%fk~YOM>p)m1i*9M!h8xKuGQ2kSRW zd|$Rq!8NcS;N#yvIXctpvJ}-UFUsZ~|6NV*uPuZoKeJJnxRYg@Qjr~V}lm6A6{sP;bR~bgCsi_H+ zEL2vYi6G6xP>NwH5f;}Q!p<;Y4KNG|D@g(0DJj}<@FxJwOsvK4enIX`&mbaQi(Az3 z$94qQTzOX_ma7gwka z=o8>t0bS>Lm|p-RJRqvgW;Hk&@c01o>CHm2S32MGTG3YZUVY$d)P}M#RUjjqrKJu^+$AaDu7XYt* z^p+-C-&#Kc(n9+OUOhdboC(wUqxEiWr`jBTH^b~HjfD$wihB^`kr*{ zjH#Ecsid#m2k*nor_bV3T@Ht*Sz)#O_p0J{UToBO2dpiUwu-gj9#vsy`|9oFp-yxK zdd;|8q!%vz;vsZs-wHrMa=GTOO}!mGNFVc^4VuSJkywy)S@H!-e|z6W?2j3B0m1~^ z9|&b#4ULE|P)G5TnV2ALY5i>B(!PcSQOV|&e%qFXBMg=ttC}_r??-PtrAY;=vx}6^ zUk_rrn-^rWpKBW~wUyO{RIG5t1BQ+zAiQ-m?BP)k&}~e5b$m+ zEiJe>-^#(HMAQ;oAfnBF&&*PDY8$d>F)J=ETFyA<;bI3Ia@0{scbtPJda4?~6x6)7 zZw3_w?-1t5gqv$C7EiNeB4_5faW10qO@1Dj{gjW6yT3s*=<)G2Fn7BUj zt6D!-#1W>C4F4xF-VnQ-VXS)IO(r@fEe!`4QSf*lZ{V?q4GYA>fJ&#}Oi3a141s2k zLJ2^03Q2>5d;~%tUjAXqDHRCWgej?MoOb|aQT#tp8vsJd-)wg|`P=<$8$M)~;{oT1 zD+Co$`awE*TR`kzUkZD|T_P+ifJT)fVk`Ug5NO5zJJB9NrLuj)MED0WadCFG2Kr2~ ze1HAZAAx!jeI7*+UI5*BR^In2N$+JF9{{k2`=a9I@h}9?Fo>Yq@6W6P_81Z*Btuf9 z1AxBDCTz61n@>8hVjD#%qHJZw_*-D!U!|zOO^8_9`gM|fL*)AId?W6zQnLvOx3A=B z{l5Di7*~U=8&E55FA&(n^3>!3XyKo8-~0EsjrSr z>1T#`wk3jNL-Gb&15w0w_tNx+{MktfM^=CExdA$EOz7Lq-XJ0_>sBD(fQ^(*4sb%T zpDLnv>Se=fLI#FI4yDAVCNoVK4I~fKeq|P|O8tt&Z|CPN+1W%n#lf6Opm1g|Q7yD- zc-+&x zfLser-?$lonAzxgYx!ah`f_bY49N9-0B-%iiX}pFcjN7Bt@vf31YI>Upf_q@7y#6yp6be9y!$*G&OpBsGK`KhPROE$`PkS@meGsey4aj7)<{lXRB8WE zYNb_q^{v%JY>wlSC{H&fGPF>r-FSTj^fUb(ZX4}3b7R;Cn&_n7HSO)&Z(eqo%)g>o zNxUxt_@3d#EQzvyIXS`&4;@=sov%AdgNb;(520VE(^8Tf8ymTtn|xkoy`+E5-I4K~ z>vo~ybSSe{>8QCPY;k>^j&-RJdfu5NBVTYtXK z7Ep3K-VM?7dP+(=_6ijfr-&e8U64aT_dea~8W!Y7R%~~jjO@MyX|Z*h?WE$uww?dr zzkfSQ!nIOUQBIDzN5e5TtJY~a#qZ($y(U;|dlp$Kvo>((?x0BV(i?P6Li!_p*=26> z?Hf-`DO(TS?Lu0dfaAtwcYZ)>s;iaiWvTq%zh{ioiMD?l3CkZg{I158J6z6+Nvh{h zouf=V61)s4FVfyO1b;t+U-_DCLfc={-X9Ds#h!xhH6R@wg}BQBly1Ps`=z;y)!LTI=xYG7kwx^E=7)t2dcE?r^mmm1+R@ z(4I+SL_nxP3c_e7Z;L~A!>i`MZsL-o#X&hNf9sViJueQFLo3}pfS6-dHHbL!bayAH zm`Qc*Akm5#hGzX82AaDhs z<}W2i&!3lO z-7}8BjDE~8YMJ*5(qvX2yar8V9T-HpOFQ}H@MU&Z(Rb&o-XO-{RzJqzWglH%uV_o* zd%_^u-XLZeq^d)-erP>G`wIjGru6d8NFPBMI(%JuIg)rr9Hce!&xckaN-0rNCEl@t z)86HNcVU=cOQt4it}Be%%T-U-;X-KeLXapfC|tI1Y~>!*Wtbz31K#1IG1GN)Qx$s} z3CU?`Mv-ekblLXjHdw-@g1^bijRG9JygXY(A=IH^vDv?Vn`kZm(bni(WHGIm7FbSN zUdphaI@sSAcs^|a*76|ghpvt1uXHNZLWPEAy55(fZyxRS^`Ek@fe(+-0yu)6fY?Ja z_f5#`>%qan7iJHu#mZid7z>i74BG$!&znO492VxUv~4}fJPpU zWd?U>D@!jcq#WF>O!`|<;D_j#^&xNns?FiD?rwogK!%JU_5cjjJb;4EN>cmAvec_Y zB46QQ3^wi*KL{JLWFhBADhorw^p0CcJv_X4Lqk2W96ilKj;6U8*$n$#m?vy1yuYW{ zQ&?aC_{oLwPc;q=)BKXQZd+w#0ml-9lp4#DiZUx1A(54}g}}vnN4zWd*>Zb%`7#Ty zWBn&_IC!~So+HQQyWj16f~>Zd1&(6v%At@1-oKUZ;4a^+h=8a+t0^~IwQu4 z@~iLP%cZZC&YIVAx-av$WV6cW=B~uVdF{h)$$8S5htVdk6tOI`*7TSy#->z7cv1BQzZNzW8Cgb8Cw2^#$4FbgX zS*mKlLWpBuV~0!=~C7d}B5V~&S#ju1%;b;b6ReN>lTF*9$lmx6`ao3Z==%32c(TVRM0j0eJe?Vb^QIb%)9 zqkc9XS*RjfTs{2-PnL5H`#NdE>}A_iRn*wp_&X&hDp$!m@ihdAW|n*A)!M5Pk*Tl3 z6jPKhVkNL@bN=AR=v(EWR%OoWz7vs&2a=cF=WWV;5U1!X7hwe=?4#Q+O$;(m;B9QPqPX5bRQY|CE>y@K=Ye^HiNr>nm-3MHCCr_UxLFFX^(T{7jd*UA z0_F)#lh*S4X{u?(fbLRUpfx--GLv!Ygr!lK2-cPc3@*&i?&iIL(a-lAPHML0Q9jJ` zL&xH3wd)Gp`Kt8pwRQzFzZb9X-gbH}t;qJWOwWtO_(T!WEHL2Ju%5*D&8D>5Z4R1I zK6c=f5FMmy&LIYdqvk3bz5YH?V&P`1f~sb}!QpC?F+I9`$YLv4ng(GSg+NpcC5s$K z!yfm3vP5;Lk0#I(VxpG`GhL+`jB7OZwHasSn<8<5jc6 zmbsDLxn2Oug*|&deRs#h+nacsu!$me+u!ah*77wY7{HnKS^iSSd*N0)Dp?iK;tpw2J1* zz;zww@M=h5$X-y>2Bp(WDBCQT*`ibmG+~h%Kw8>3B7IYkzD(O;zm1WMz{Po7>eJ9} z`tcn)&S@b`U$KXUlo3qesOeJ+Sy7LR%@%oGZ(UYEYn7w<|2KL$(! zLY?p5gsIuZkL*7Q)UYFlAx(L`Q%X(Aw0gDg=fG#P|=5V0$2YBk5?=jAlm=kao!#E z`hJzxQ+dzh&{fY-10fF&S1S-Yd!-)39qUy5%ytn3(1oeteFR$8ES#3(iBoaUTbFij zP0jW;`HeL(0&o|b`--UJ96k)co6s^Gi`|HoTBT2_Bhqo>Ht|A_M7<4jgrCIbiWBd_RqKUbSF+^~$Y{|msVo2h~L%slq@ zqjBu?@_;%Jf;hKTu3M*#*5F3^IZVoh3p3*tSHIMD;1bY3E%g#7b#rF&a#GxJvj_o!XXUNCvM-XdF#*t-qiO~Ubk^@|OxC;*DvG*jcI%gEK z`VS_Mor1zEUWgz8G2sWN)!%JLwk0t>9Rys*6W+MZ#jYj_T?fDM5ztWOlXuMw(M;UT zKg-4x_R^NUz3tcV*l6jy={a8ZnuNEx3D*#*>i4F`hx*3H}hpi z(iaU~D@M}K&?)I>Yd)na4ST+|}*=dqUH2a+p9+ zsrju^*YR#C7oBPrxxXSzDoCRi==4Dko<$w(gexdXavaR^?TAJv^+QVw;Q6cuTYh$j76+7 z-y?{ivJoR-vWwMOc!!cq{!WqTCXu2LEHzG)!AbU7g=04kCUY3+Yn(FN%qt6rON3+X z6DXb4L79rd$gprp3T;MsUZ$6(b*>=ySIZT41~-Q~&yOy!=6e74mr5nq4y=!ZFzU_u zU<6VME$^r@wUVL7y2sl8{RtX!!nlZ9lj&kqWRy}JGtE8oDV3O0eIX3BiA{xQny-?1 zcE-sgxHUmRzV)adD?lF0Q-V|p79oMHZV+lpYo}~{%4Cw{9lGg>L%+Y~)p6$m7wf-l0si)I6+66r ziiy8AM$<#}82e+(5G}c=nxdo1G`g+!pr|PlT6XrqI4!6{5)s3PcC#zI!(chYbd7n| zua+m*&~_7)(O-qh^r3zkE-`t+({gScncw3NlhBC zT1=xR+TjCtnL`X{o!;SW`_laZ-wZR3rd1|K%hIy^FHsiL4mc`ZAgBmHN}wc+*afTu zNMTjxe;ok#p_hPt>UM5qsB^u%D(ofJq+E~`PU#-(0}7UU@Ye9OFljN>@$X*H_|EQB zj>XA=j@dDIAZq}rkEi*I)wk?Z3&oS%(|x*Ikrj|>O_)XacW;IW0{sm4xJhQGUvI#c zr^PRTX!|vGrH|vAmSm2`qTusBjiJAZch-jnwzJ%r-p0Y5hQrCME|B+r$3q_hgiQ!} zHRq-~k+}Q(tgRG>FC6_!uiX<0mV7kqJIZ%OMa*sPZCw5BA%oc(h-+D+Q7VXolAIAG zJS+h|YQ7$7*gHnw*Gp9QmVuhyWUJ%RBO(mdq6fIkPiAXxBiqGyCj;fiQ$+DNb9lKv z*R|O{K`(eiW{|67Jsu4l={^oj2Q|KI8>r#aP#oyvD~*1dK@Uu?ck*j}qD*L}8xTxp zbA1nOFm(g7dVzz}AtIZsz1viRmzUEgxsSM;CAq$tW)l?4)&+dB7}pUS=fjWjo05QI zV)_hM-)F8gqhBqcxw}@s!#r`l{84{(Y=>wf&!(7iZjsE-(PVH(Q%0)?FA7xD+b9}6 zk>`soX~UAJvDgD~mb(Nu;dTw)=F*SgMwhX|$o;wT=3%qt&5h1v3!UnI4Q_;kagfDE zfFbu!B0O;I__5~1%?WbH^o3PVHOUDljGt$BoHn zY^kw}Hq4!F;t-z(?MXC~;hBAT`QBY*o zAW*w4m>xI!A#(9~_)VrFRtRy|DM{mCGfM|ksf(+nEr(!gbBd#i&+@*Qq;?1cOa*Q3 ziCnvH7|0Nve~oMY$uSHwDzE!bxP9Od2NE^_^&XHN4kW{hdUwOrMuhwP8t_M&=E%&0 zG9nrIq=K>GZ$@LQKL$GzsYFbG>Yh3ZZVYmWgieB-j#Tn13Sh@4m!5{5BNXXI`EAZN z{^XH5OJ3jFy(L z0@C2TUjeR6cl|&F=lKN1=Oa|?%Qc?dS8Pe+xXE4sxA1QnXJTrXPRip(=(23mY)UcS zyq#8u5NF8!0@0mCFEcn_Iie~?IKY}Hfy&EoD;2@PmXO>S$~iU`c|h501z@jmaMA0V zro&AFV2S^%$%!J@o+bT;b>^^msU9A1?!3{Yyzmub25eRDBo_Kiww=5sg+wB@e?*Fa zA7&g`_DTzled$ECW>+qFjCL&Y$FqJi%7`s!`%(?^y9_f2yUlaqJ>WR>-_2$?q>Qqv z!0_e4wc)a23X&{X)VBr`Ck0b-5?+1ZcdZ);uE;`M3iZ{MvMK7}0j>tH;*iwpv!HG$ zkYf;#k}l>#!qpM_I|F6}2M2c5gFPgGcH)F!+=iEhM{ot+rbMPKp#AT4#2AQyMAQ## z-BLK`jR^b4oB7Ws8Ik{(Fq)U5t&W8cM(XgKcvHj|Yvjxk;AB+XcRj%GW|U-OqBn>5 z-@9QjVaEa8feJGrI*S#qYgiN3Q085}jLt>9iF>=5QVfBMqw=Nxr|`xIrTzsjS*#wO z^yW7nxC9OI%Wd*sC?cnhXhS^A`X6efxbrzLDs^ZPENFwZ+By{OMDo2b_8Z%zK^y zt)B^AMgfGfyJjF^IwO*fS~_(w`%>~x?BUQFLMM;NSbF5%V0wJu#n}Dtu`|*i+wKhq z{!!#bo2?2G`1{26f8HQrjHh=@;3TWT>tOwGZ0tE85o2H%oW==b&1kW=`%{8QDI@GK1o0=TK+4-h)HxkED3lSo z$lF8&P6z$uzAWKMgR`iHD+AnY`(m8``|l78M-vX2XCeuWLGiHc)CiskgxklArIIKZ z(g-~ptdWL+E$P5`KdI##c0{87Jyu;F8ufo}Qwid~d>`xrRL?Pu1^kp-kRo324igix zDruczc`E4;N|~4>j37ODm|Vw&v?Ro^98pj`{nh)+aS)5B15)5z z-+T?79BXZxT&VFu1q^#wbWDt7V)EvOp}uLI`fuBoW;tpxoK>2ivZNR_E&DF%K-~8FbrDZ$5oT1iDNj%L2$?+kesg{K$RxP0Drnv49FLqhWLp5!?_`tH~v3A zoYJB790%q9mGzckQAX|BFgbL?NJ)1$D4l|Ugmit&;N&V|? zGC?W($fEM9f##}?=8n$mgk()+ss<-Iiip&k^(@FnX-C&MadK{b0{>ITHIXff(XGsSPf6o-_AWb6d};`R=R-hZ?vdyH6*3xXpd2xhXZ$?8d9&P%gm+?Ume_B!d# zyR%WcQ>OD(eBNHU`Sv!ZR5YQf&r04?4!$H*DPN6PSP=HT%J)5qw!c{c{sPg!ZsW>J zq%2fjzeKvhQC?nNSC?d*z2W^fE{is6BBZF1YQRZf|0%i~G?e7OK|&mxUmzUSh(Hl> z%~#Hp9aUHy`?y<}pXnq(It!El{;eYfafO5r zFq0|>v|lRhVUS4qaGb{I`uHeK@d)JNWQ4nlLv^phZT=tuQ zD)G8VQsfhM7gtxLz|M**RCbC1uGnq?d{oMS{)Qg)(|j0tQ%X2_On&Z(koPP&7Oelf zs_f8ly-}c=6|mBTpN=xh593OSw28Jc2-ODi2c=HEW5R}H9MO^RJ6UmzP`8^&1BlVdS>4xY%wj3m<4D^ z(aP;?ZOO{Xbu#(>Au86=VSy6=egWke7d*E~Yo~ zQ@#S~*VFtl4Aq(9@hVBJIxM01`23cys7XPQ{voSWKW9Vx^{bZr5o*QVGJBvmo*WKA zZxOPF_J?s(7S_HWLoY{0UJeb*3VJmi+jv_j^Ts$|Y9c}7YNwI*{JK{zfI0AkmFkqC z@53cfY>$y8tv8qJr7VV6O)q?lLt%fS%15>wzkmN zTPp0AMAQI~shnb9?YIS)cK{mBIpExQEO+>)Je9&e#T3ohV5bQv3}XZ?ccT6 z!W9eUVthU!jH8q(R4Dxh=DGqmd79VAQ2~4BI>h(p;sRj8@nb(fA<{| z9mS`*!>fveN?dU1bG$74)_B9pPbIuhoI+e^x#*(fv5AgO($|{QlgdDV5L}5cKS5SJ zJUrzvy>-}w(^D4AYt?dMaT9lK?Uxar*NXhc&K~?zTd5Qx+Blxg+;#NKD{B_)PlY^o zmVZ?v#b&r4c2~c6^-1{s-gwZ|=HKYz;D+X*2pP1ltFzt1meXNCt2*P(x>Nu@JRF32 zjZS7(R!mi<+971Gl#~t+4=v90&PJvWjI)631~!(G$ZGNCl~-F`T^#^NleGW!Z2$X! zXnxQ|4Gj$)=ow!H?DWgGhT!=?mugQ;r0ne-Ld>~6x zZgQF4ewkjZ0W3jy_+EMgVY&y0q#w~JCY{RnFX3w@QaVgrR(9Hdg=YzVwDjZ&PbQ8R zDc{ol9p4zB>9b%oPu&(s%F0NjEQ?`2&VnK3++0YafZRs;ly$-nP)0y}>WPl(6ZsaI z?LnqlF0Ocw%aUC%rKb{%3vKB%dSSmL)$uVkGxfk_TKfKCOY22@y*1YdZ@`D}ISaRaoy(FLx~CIOYUeaTQwt%on0LGPICnUm>EmD$f$BcQ`|w9@?` zvSesTt^p+4F&#Zme*XYO^3Q!=*Ceb71+M{Ao2(b3NkYf ztUGnWNCTbUu%5AeC7`x|M^IEsQKk!o;xL=)5@0woV?P=lw@*=Y0ZYZTDZTpw|I{I- zWnW%gG@tK1>eqzEn96@eQ01O}&<-%qzOR&4pi8j@4t5+&K*z~EoM`RzvS#|m?}`)i zvZl^x>pR-*R}46j59WR@uU{!BoTUxEu_Z8PiR5=;%EPIRgO7UH>tWKAgy<6TJDPHz z@2{w%7aCYhO-;3I>r~HZwN?QZ$<2-f`-`LmyA+rFW&F1Bj%q|}=`mX!4 zwSZcmKh_9>Q$x`M`VR>6Ahk9DX3s_N()HqBk-v>2;wblHqPKW8$6&=(+{Xds)WQea zuIO2zQfHvoZfSjXZe(Pn3Z)YuN6EZ+QOUZs0*r6=&c>8P72!blAzTQ4aA^iIp3HzN zNV3YycntY2COoy~c;*v9IH>1AlpZtu-95qpQ77SL)TNQZaz=Q(!@>Ns9?p^Fo~g}# zB97h9+`?PrgZdy%LgRa3oX?>S$IEuw-TmBJ=JtaPlJxA0r{o;3$D~zE?sq;Tzd?U$ zMyiJPtm83mXc;wdn|nc0?*C9{Sfq-X0Q>7tH((4&RE&aZRGKR$hB;FrBE3y=YG8AK z9z^=G@AaqcOys_KUdCZ3b^OiGh~m<2K)Lqp&qtA6ReZO$%6Xhbn2iD8-SNQWlm-gq zruzU3jahjI&?J<>Xv+XV(rkFq^@JkU(CfGtpxy=t6)dkHAaCbpD5Ir^a)-A3v5y~cWt`d(jN9*u_99Lpw62~M7fhmiXe0CJ#v*0zM7 zE^d#mZ^LwFV9dT_uW=l|dtp%}h8rs2M52QBnbYfc#rim95INeKv3?({%;OG*>%L7y z#O>Jg@S_pmlUVYgt*m^P+xqpbnVen9di7A=v;D?rM7h$RlzS{PFUyy%sPH;UOwnC? zxH)lENz1MpAM7%w)XWEr2@EIdC(d7JHN0HUDDDbG%d!bsisEpYxA_z$;Jkq z@4@J}3HZCw($ZFl%LC%YFZQDdfD}~0icU9T z7xwHf8+&(;b5L%CRLLV^m$IeONj_e@@qERH^RzBM;QU4CR|>yhxPvrL*z~4r-r{L| zywe_OJ^&#DyF*)BTgb7kQ^pzAMmva%%hoCFxG-!M1F@wXaODl7HpBfkTpprzL(B?h zM+>Uac&_>v4aN|HbFm6T{9*pH+M2rgc8g*};y~SsA+#!rsGuP7+oRNS-%GSt=P;Gn zF}u+ec(Bg9iksUizlO}Qp2*xJV&`9o90INfqzFg6j{T=)fiQq+Z0q8}r=$lH(7DV@?Ki=hR|-@#o{?hO zni(SzKE_-$bk}5a7Qfo|&-C!kKEW_g3~GSvbPlET4oYOJmDm?uD3Y1uAhow}5wyC;uDZz$zdN^;K& zk~=9-i*D6TYCVT3>9?CKdkR%%=4vxR-RK_yqlzH@MC!R70}x8 z+Lg)9Y7El24e@@TWi4nd5zGs@s0e4|!}i%iDxU%_?uVJr-pR;k z2wr5uwM7iQ-Ssjw>E2%p)R!c`0~5udE={aYE@CRABq!Im0O2X@vPY=&i8bQq%r8X8 z#f6EdU0NnF~l$4z;GL{bENUY(?BFU2R^b>tMIObTVc$B)G(+g*TQ{FIR)%*nYp zH-`u963Kd!7AT52h#HYQWS7`oMI%=v+Q%eC_nYk%Uve%WMKKDx>`hnrz?(u6eT$}% zA%O}l1$4OYOMBP~9h17UPJb_xPO$GlynK+!$Tll%pwpy&X*Fs|KUQCNOoAGe++!;T zu(5JskuXX9%q8J#_GHIN7uh|+;FlPFPJZrm-F$Sh_t^d#ACHqM@WyS8QtDa!b?#q- z@p)5mBtBkV@!&%o>Gxc~|z;kUHG3s_&mjnV5stLRsyN;|t>)s49i0WBda0-T7C>>4>2^*pZp z)67?oXEla|DyA6FXP6-BRv+Be{N-fw8y5iwkD((u*}UM1tv7D*1VqKSekS9Ug}6_f zDE5(p8wKTbFPAhK2{{_VjX@StueSj^4@3$l7uFZ%3aL?nNKTal`_EO2MkJyKVPl*% zXuei51ivSg3@)O2@vR6KQ*u-c4JnW^b_z`;`Um1yA+nLJtv+y4Ycv-9;!)U7_bkPx4vKyp)ab5O(QhSrYHaPsj@j*bSjh6%-Z z1&DyN@5}aY{VQ&y^p46`^77pU97Trj_W&^MSL!sQzS9U5p113T8YxRF;) zhbuWNojKxp_V9Pg3}JPMaFjfFh?mo+CN%CXTI+$6o2SQg#gYR{zkWUA5eRY=NQd<+ z3L}BqVn19!DRdS?upw%<<}2eenZblE;3p)YoJ zcfq}0kDDKz9i5s(l13`!6%x|Z(1=<6$fj>)W%Ei=UKl|Bf4}hY5%<&;#J#@q$Z-;E ze!jcAQ(aXRkYfaBP98c<3wEI`WQ3$Pc6MMx9DB4rG{hk1*YMcSQngbp3GtRyMm$uE z5@cHwNKqnST;TVQ9Dq-#s*%Ud#qr6B)7}M;ZeIgAE4hHf^2t~Ebbfo8`x@8xUia5a z_eU3@(@(#=G3wgQh)#T(*F!@4fIC%&oFf$yYHlah81?%v+n-p8RW zY$#}GX+a-F(_yBjre+l$+C4qdRmxEs9aT*kG~OA-r<$M|W&&c&JsLm`;1qOaPJs7V z(7DXr#q{*?8u=n{Ed@RLMW77f<@1zF%pE$QL zWZS?!ee!*M#v)5PF|LawgpZ$x=jKnoXm5;IBK@>I2Rx9O=@Do=o781Dz6p6VC)Y%z3zHAB~_Dvm6B+z|8J>AP`ulI$m5P>(fEcF;gD^ z)jH7I0L7!K>g%6=ZFg-4Wn?2kNQmM-;vzmlKR3EoCDt}0e=5G+-j-!&V?1{gR#c3} zK7Y61^Vn6fvxE-34w8I>9^b;ng}DQPi?t=k^wJVmCrqoFvKEY7M^@H23!VS(((!+Q0Xvc9zoP~f*mR~_hy4Af)&d>+hll-X zsX$Ewj_JKp<&b)8SeI0OQkVROoLoR1+}Yi!VEhufH*8gtglLz_Qr>p80~`)Y+pnA3 zumAeqyA}u{FMs;<>A{#PU!z1z1$3QJgDGx2JUu2$4P&MD+~njKcLl`75laa`<1qOt=#)rKo$Na3V>%4 zj$4bMUGh-JhO)4-4(+?Vk-WLvch`u@?d@;#QPb0#Uz&>TaD}~(jjkNAGi-W)2`E&6 zjg@2MAaOek1U+_^myI-CpFpshMao6e$dbEvhSOcMFlfd7g4o!YPLSX-GM;YnWJ*6) z7Mz~RVK6crCjAnRGSnvjnMeH_Qa$OEQf)*AlGH+koMx0M9P3mm;6|>J02%6kQq)y$ z4?h`36Vo|f!f<6$1dH~lT@56OWmZk4zpuY9)vL_S&UOIlW?9|j?pewrORxV<-;d$N z7WVh zf#Kb{Avj**0}iehmTvV6t{#klRv<;jxnf(n5>i^41xcX8e!A8Nuvg8Zc(GZfn%ObR&9 zadWlZX~qv2KXUNsUyV=kFFSlpPR>Cf*MCl^e8Xxjv=yk1mPYU|Sdst%ndHF%?v644 zymXyd_0PV1`%Bk}tadzN^J??|nHg8Y(!nQkhOyYu_*{$M-1$5HhOY6j<0kt55U6si zf^biFUhKze3t=C1?`L|{NwJpQeHMndi8kYq8z)|^G4yAc$c^e-MgL*q-!RlaY-eY; zZFzWf>8(AZowxfYu3RLGojz2*Xo3JkP3ncGC-`>&QW-fUCngOLC^4wa1%;ugD7$Do zjP9EqR~v*KHxm;oYGGDpW$S8c1?FBH-MEZo52# zSEe=3qF8UcOiVAM+{%zmIadI;3RKo8L0-ybxi#KfvZc*jwsQPT$p2SJpv zlH-h1$5s(!e_0IE9I!B(mXSCVi_b((M0D=a`syRMATwI1lg)edp^gFuhCXn<1fpp8=U~NJL9WH7HzMzwDQSb z5qn5B0}%C|EtxDUV~c8OyYo+;gp!sYhdZ{9Xr^E(>h&$s9;AwiM}4he`Fno8>MEal z)5BAAgtZ2H zd6~Iu#H-%-;we8U{7e!&7T8HctXTWlWfhHM^)dy04}jd=+M73h!Eax_e93_C)cjg? zR8^Zuyh4k$pwqlsLqlz2<9AGKG%ys*tF0vL^DtZrI3zk}{wSF>ny5~k)=mTpd@P12K zQ4!<$CU7_ovze_y$>{Jzw{%IQX-;~(KeHq_ZT{1TkND{;3p2AMk1>R1JW6KfX3%~7 z`gMJ@S6-9N&}I5*r&vXEu^>G^Keu3Yb_E4D_viZZC30l38Ix%q9==s&j}`;`?@R$h z<|6|mx~(43-9O3*(~*Q8;~YPqjG^=?ZVHnBhhjGLQR+aPfrrT$Ym-9-oz<^mLK0}I zwF#uxIj}&NpNkv*HGEzvC8o+dyu+*lU8OpJ1Tohpl^Tj}4;-r#^*9!zfN|9qC0EOZ zS}eEtJJ#rCD@v788eHQ6n$Olt+#!c%J(aU4yoTvbgIbz8;~xhVfUl#?q9H4>RSfbg z+1GKI@hVzxIqszzx&{Vh5ueS&(3%(GQ{%VaH|o8z@X#TCNtu?Bp|7kQm(V3e z%twG3%00^M^zIb(}ZKt0Fhd{4W; z+j3dYvQ**Rj1Dh+9&Z2i^3^8+|L2$dsT+AnUp;8F~1T=sV?ufs@z{0Wz?w;O5%_^a{ovWj?f8?BL`~&>7J;*RA4r9<`UI&-e7uxoH!Ib@5;h+4 zZI$8<^P9bBn4#DCP^3L}Dp~?pO6TJ%23}rXdPxXjua<-ukO-R>;z)mC)L3$1EV~Jb zuzphp5{|rit-pJN@LsoDVN7$naB2qNt8nvn8Rtn~@~XQiYI|44Nt?(cy6>=lEs(+t z#_=aY$M*L*N4nXoDw1wKf$S=C^t_u`u$Z-qAnP> zPzXgvprfN350$QcB0woji2gujJ;6%A!i{OIjcm=5F9Y265DDxhpjXKbcG6mmAjd}x zOiT%kll;#)PLyQ|ByhkdW3Iwj(zFT3rlzrxC`sxTGGVi1#grh zkIXo*rASybT(IB-7jp@dXNKSg6-wdLpzv~PO4v4l^Cby2(p&K}`Lo)7;d)JS|0S3E zOri5F7?O(+V>rY-b~_z~KO--Ohi@crD0B2_&}Wb)Qum1C&ePP-dGBTlYejGS6N#r5 z`m>g`IlNZngp_LG4vy+_62z9+>cHc@Gcfkr@OoEm6C3`_eq@h1YGjX}ztlhcErxld zkCXVT9i|XNZ8I)j8tRyiKR-gv3Fe91{k!K%|dG`rxKiZ?JY7-lCMMpvr^0=qmi zx>2tSq~fKSZE~d z^;&qY5w>gs!Oj!JY;#VI5{-1y1j)`gf>!%lV@t6Zof5uev+DjG`Cb)Q0aBASDeqW* zF>N)ffgHcA!h;zu#kof;bwei3+C>_Uf-fSWI?%YCMOC2~$Ki0j~o&Jm+p) zUj-JjJc!J3O06%i0;HM+Gl45?5R`1VBZ!f9aW-tSEdnX;0;M90HT@>6UzNsx9 zS2K6mwdJurtF~?b-ks?*9$pdSdbyj{-LM&F!Iz$)pZq)PY33&=)%Aev?_&vJ<<~-R z6G40SfYkf|bGTF=lIk&~()8OTX)_$FgEgnvAy{@tjQC&(8)HeHW-CG^5A%jQb+t~( z0M=msv%+H#5bD%tWX(kuiOp~Ps=c8^yt-*tnlDhP@kZ za#?BNy+W&KGzB#DhlO8x%(y@Y`nT%FAi_wBc7AFyl-i@Tjt2TIHy42IhO)5+-{XDk zTMJ(6GQ?N_rRMbbAAld(Uu*@keoV)^1)#q$CIa6g)o~E$ayF)sXW_RA#F@zi*9|=2 zVwl`uHB!5(L4WnH&Vlz9FDiytHt4}a}Q6?FKE{zUhqBXHag z2ws0~9;~US^Ut@#8`sX6!q~BBU6y zaLG|P!X!xds;u(O_rvz%`X$dhLD4z>y*KGuoWD155IEug5OIijg;eU4PWAJuFB%ox zN}b0%e%nvWpC|n$G`J|bnQA6Uex2D z8)VHV*SVEy`g}cs8kEYP?B=S!&Ql>nU5ej-u;z6*TTa?};!@FXyYb@`4KhQ|>`sbf zGrV?el$xCU4KI8*>c=4r{d*a(G7|0mGv$@5mky^8r&*Bdo49YJbR!6_XU(hSc94>L z3hn)0LC0_utbCTu91lPT&#!%5OG&RP+r8QKaCmrlaJW3R^t6Hl)$wgz(y(dtz;L7?ComWh+g!HlrQfQr(TR&9Ju69 z3*Rlf`W|VxXr%3g2Bo4;*4P1k9#ro6SW$=cs~nn4%lQ|OKbt`5{g<+-x`qajWA8{3 z7aAQ!UaFK$*V=xr=Wm3v%zEk7_R-LX=xe6iD#{|n?ptadpUF0GNaYY)_qrIuK-vFE z#d#LBViD)~3|`>{N1=z?$eVE0rpz8DrIq4$XjYRZ+;F9`{i8#TG=(_M=Gb(XpC~0F@GXV{t3uJOk-w|MuUPvkNZysd z;}fb#_9Ku0kZCQiSubi9(!+Ai;|)7p>aiEq zT7IhcXDz+NztG2MKDcicT%hB0BVP}UW_&_OVpK$$5;4+YWasKIyL#&FmCwt;YqSzmzQg2B>8G2vt}FyQD4weVquX}T z%YG82#gJAFua1^a%@Sc;Ok?_`LFrS=&#@V9K7sewF&K8~rpB7}AF!nyw8VAyB|4}O zXmMr(8<}o=6xYb$c)<8m0N90>H6P42IKBa;j;E)mwsz{kI%;Sor8y=^fdCf32@CFeADw@>P-Bz_g#te#&@9?G#Wo!d`rSYmxAPi4F zi}vK{@&%3Xr{wc3?mD}&;SV!Yfz)Vjq_x{e9~z~LJ@PDTStw>h==n=a3AL;wU)je@ zw#n6~1&XWX4Jl4`+>9lQVaS*(3l&}|4rbr=L5WlAZqeEU9c8~bC3bq%ELj>Akpq4W zW?nyaI8PX;R`~2!9v1L7=(iEXcnIA_Plv22{A!%+`q*Ta4F;XLp)V;eqa9b+63lBh z**YJ*aKawrLBGUvx9olWLc}EHi}<_K?<2S0xkbIt z_9ZDhaiAFimi}YUW}vMY#6^-!psEIx4{?Yjyr&SEtVw1tEj!$8p=X)clNyibt1|FC z&%(Mx(zm5=eC{tU1d_GZA$l`T6-D`{_$4Pr7YP($J;s|k5p`{{Qg#0MFt*;Weidah z>aa?Y4vNw}9y)rPQn$yk>o^RF?0FIWe>DA8h709`z4v9~ygD6}ao}?k4qVLg^G&}z zzX6t$xuP_g?W0^=8}f=HR)?ttTH0pSb2Q>roUlKbI;lqM1LrX=Zf}T7rgm+?$c2@4 zq2Aum)%EZ4@-mk1MK{=B&q!kclIZ@d{cZ}7Lg!{?w6(NSfP~r9)ZcF;_SxePI_?%( z-gQMq5$zn1bhq2HDPJ&T1HeW>2DBV3#K_gBPoJ{49CZQYQ@HAMKR}aJd_?dq79Gw>?98C%Wgxb{T81K$L@i98O$8*mYS2A$6w{KdhJBNJ^<;&Y{zp{JT zxH|_k3zyfqQ{iL7`4}e8#f0cBwB#*S&!MG3ebv=-VYij-lvzNWa*15yKQveQ(We-v$0EYqqVIA<#8XA*5 zJqW8nM3bCn|9I_tWlx!lv$Ht7D8L#6%c-HhJ~4huFl$4VwYFi#M^)Fw zewHW)?b^)D%>PJ4^=%BLQ%X&h14BH+cJFJKtPv#d>x;EmcHKG_fH;3ZF1C|H@?T{H zTuGa}eY?$E-V$I2&{a&GxZ!a#$^sQZ95Tr)1In}0P%AeePOMpO;5}zsFTT~a2Q-jh z<>Mt=LinPqEGv!|IA}u3Q4(6=q9j}J%V0ha9sBntU^xDCVRx@NNwh3XB&6eqRIS;| z6|d{~@lSton~2f4&!Db}?v>$fBId}creiS(3vS{^mwcoB|C@(A%tHQWyz$?eh%D0s zo9BNY4`iM&#z-V!*@^IA-TC-9e&C}4yUzbH`24@-p8wb2^S>sa57U*$2Tf9>QO}3o zK=70QHT(<+|MLHiUpR2U5RLy~IP;$e7}gwvp9+3_bbW|4`tO6P@PEBTS92^i{gOC5 z4U#D398#mcMmYjzJlZk>pmUWFCE)t3Rw9YsPTyv^?=8}kw{CK??0N50dWzhKdy1Zh zdrp>@mf4eAADoQyzZboVU&!*=%e+2l3BII}IU5p(Q^M;7Cf&Zb6H^A>XA_`lE-^E^ z@8W}0)x9DnQp0S@AysHKl!lqQbL@s43d_T!#v>)KqVlV!rw7cM!6+K|CIX{5pxHo- z8Vp>qjNaDj08l)(KPO;x0I%O{U@xalUi9AC`Rokr{B_D*Kor8Bn?}&-jRqwyG>IYc z9|W(*c@SS%NKli35_V7ou4M6>O_Jom$vpGv)8Z3W=F`%N%VdJfWOet^A{$5bvi0E% zW&`i*n|JJ)MdjOinkxl^)ll;$Wg!i;8N(CW?StlntD8;H`^J0`*D*zY@m;E?9=x=) zi1K}}EEm)W3Or1IRH6SWMl;d~ze+Zz0WQ@1*vLnM1;C~Y)bSuZ7{QwjSVL5tSx`-$ z@$dvy-Q;bl7i)k%^#X7!R_+2e*AG@?_5a9J57iG8z0Bu~7K@v%lexo&`Dcelq!Er; zBzAK5s{G;Pjn~pw&BgNIj#`EQNfjp4(X0mh^+a;*%ioeDulFjXG23ZMCvZ`mDD0}8 zs@|PCISZa~u{M{XWjg^h9~dxwE9wNHZk%PcqBBACuMm(~l&YV@xc*M&xwl3Ra!z1? z!UA*_d#uz}2qfs??>^D9M|xyOsNB@e*|k-N3Egw`XZVw8HjXZ7)?H z_LqRT^p)YEmvZvX653P@(_E%SvoVYcWie4PZmpR&0dP3`Pg0@Mt6*wEDWX}TU z@F1`Zrlh@K=DB=#d+mC-2)dcW8G`jz6HNJI;q&lFnD_()AWC-wZi^^4_n2M1B)a65 z#KHOBzxf5(Apm9o))!ooGQ;@vG%`_($Jx&5<_L8ah-LUI^~P_Km>p8|+q{TO2;oS0 zv8S+qv>~8YPRAql*jUke&M_i|1J~Jcbi~n~TiCfcPl`CL zagPgJ%b=bWjc9suuyo`Q1Hk7=V`Qbk&$H&K?7c}F-8^8+`=nh-MSVz_o}e}YUdWjPEIO~} zN>^}94CWV8Gc!lnDAZrn)2LQk+uP#sp!cY}2@pOw&j1YVx%Ky$rzPu&dJ9iXP~Ppg zA;?GKpctj?TBDV6tr(j9xshToXrSZ>j?bVqm9nw?&-TC(#)a!+@kXn8^ip zZS3|_-}|L-?kDNGf(LDH<(mfbWJi64uQwXGpD1Mrz1tX{;m&9K)OGUbvO0hGld!YL zmvY~+v>e=Wfx zUM3Gq>TaH1lE@o2ujLi^cGuADCyemX#4eiiT}x9SA$eqDB$|*&r^x~9l36H?FK>Z(4+U} z`7+wVQXb{=`ZYWnLBD?uL-7^1fSptYH@Y-k9f_TRsFhECjP;Tve)K?zc-5u(uxXdA zBm!tFvW>_hFeu?4qnM0r^>j*pr)_>`(I4;}Otd}an!7S2sx{WO#@5GL3qi7Ky!VQ2L_}KorFxSq z!N5?!7jb9}YP(OdI_J}tl6bAN$2a|VE71!0N1qsa@6r$iA^ z;j`#yN6-(7li#Uz0*;dLY#jR+3jh74)ZM~(7njr_7Jlv?YWaxaH>^KF-r8;D z1cZuGenV%Z_2tyN3M5)vwVk!;f-5?+aA=`}WWy!P*LC;?8dBJ3=qQ0CxXw`pI3Py09z9& z_CUy;?1qVF8M5$0G1*~h`dKa$BP#Xw;_FY&1G?WQXvVWI_TjXs3vi0q)uAB_{}wIML8??MqE4hD;x-^>@9bEWjQ#_^ zKQ@-bNZ@cg{{0s4+=C&00;i=Ssf8g_X35^vl$K`+6yRq*XIO-Y5pp_Xb~%SUPY=N` ze!HJrx#|ActqstsqPa(}_|@6Cv%M9d=`D`-*3jgwgSQa8*O|Sd6@`M{;qB+33C4+v zK(yA6$Dsv_9Ay7i;|7TUJpdgzEc<5;Q_I8&%vtymIG&i4_su`$9bQuGhr1N}-w%dM z;|^O=WL>8`QO;6@ErBhSx>?Aj75%@fqDR%34$LNA_<$Ma2{Way);1xr{XR+AF0mCk zAx0mZCmydp9NoWn2G1KrX1G0Po;hnq?mLC~HI}Q{F48C{5@K;pAu?Dkt~W1%^`FSt9HHA=+1WB}ZflICS#<}wMAC_^z*>)XxbjOIEh^kbXvYX46um{Mh7KBtKP z`DkJ8Qr;Mo>NVqpgHkZ?+Bks`ZhtP;{qMq`?rLg$d{S1*)^2uv^(`-1{>)Zfi=iqz zD9AyUH+B)Z;IyK@MzbTgYd|K#C!k??S!rU|pTn{BFP6C@Up$G6!^skD;9}j^36_7j z4?~_x=7^?bsi5!f&y^6GU@hqC#X`IHP>jkcZgwXA*4xa~ZhHy#;_vRWGwrOhjtPMcjL0+D>K#fcdmKnl|q$A2AoZ|dZicFux zh}(bjCDq4^1p05lU>385rgET(F1EKJEj9IR{hY-e5zXEDXMg|7%Hzu10KIWr75sGE zI>!F0latPz@Lwn{7+SYls%g{hOxs}QXdWEa(BvptRv9EFAf6lJa) z14O_L=wUfWV}1d;UUI)r2nH$0Zhb@zGyGvf5Y(k$lY;g%aw;f-ZIdY}skB**{Smd} z@Ktc7A~ix<`Isa6g9D_;+&}Hk6&&f=<-zBaTYKZp`~6$*;JM+>p?M)VI2b6DKR`{H z2Hq%ZXh7cd85wZAg)NB~sK^Z>Pzm~j4nZKg(#64n3&2&wPc1a$WYIzVQHHD`Jtvi$ z`(Z#+zej?yIN{ui$`Foiz41aONS7Gn5Ax$De^~gA3jj(>0l%hqxBeW*fy8I~gY<={ z93@(UQru0#0<+d_E(a9)4Z%?%?i>CO=GmKEUIb}W3>GbXR==(KeIi~a;!yRi>GSh* zETB<$e|HPgxxlLRMxXX}z$@PR^%;Qb2_LLQs@xn)0EHG3xYxD|<`{rv{1*s0gL`E4 z>~WnuEX>s=xR-HDaHXa6QR~3Hs05sQ46h6syqfZk7w|rMTmij#x}BXey|U6~EnVN7 zvdX%~W?zSr_WJTF4#8ftKoJ5&m5Bx|3Wc}i#KK%$aQm5AStIE&AH*n*PP6Xkch4l2 zB!(m=H`dpUmoUkM+^+s?A0In1tdx|n)X(XICIV1JE+GTNeBfLj4j|hPb`&aduCDcC z+fub&l06t`tq73~Y|E$lWKd$_+{d`V!npit>&Z(z`tU=TH}He7CVz#w16CZ+Gkzn$ zz(Abjq{P*9Eew;#dT%$3&+QvE^NYGHoeT5ZqX!|%HO~)}!O_cd z5C;8RsCoNZMMVWjez%`Teo$tpaa!+x@WcbgnXAu9G3|T-;v4jBM1d|PXr>6FH-dYz z>eL7TY{uVgkymv>v%EYWBX{@4Nui*?|HGK{5iBm%pqk!-``%~6>9dg7M5BtQFuSZ*31yj50f0-nk zseO)DrIGb-iPixMxp*QiF%cd^Pg&UypKgERP(+-tzP2_gIoWQy0+x?2-F7IAm*ILW z>+a9b9Lczz`OJoR&IPz=SZ*$qZ)CCH06*1>D*oz@_I@<~4CC9`qG;mj;VO=A7**_l z&OkJjsX&kU!@o)j3K!@Uh|~KncHP>IPPEBCS`p-NXW&~SJP4+<&CYo894bGQOgd<# zj#mt-;%kQ?46Prj^KkO>Kj}ws+%ncquA~Rs-mbp+>sQ2U82K;n+@sckY6PG%FS&0% z?THVjwYun`7lGZ@)zvN5ki*uzyrcn$Q}#^n^BLgzWdT~h0U|g5jr0v6*fVFEKh}mM7U{w-B+#=z(_!v{qL;psg-weaZy(%xSwYCO9XsxH2`^@7^(N#;LiG$ zTWL(|t{v|UCqNOpn?9GU{z0o0xA_kfH#q?|^$6}>&c)`OQC2Tx zWPm|A0rCQvjzy`!oq^69ue zDn1;Yb~-wPnNmhY`ng0X~eG7`_wVId1@T43XEQ5 zdx}8df~o?N`sx-Un;Ulh+C!-owb?@(zETcrG+p=D?P?*=o10@pHZ_BOf)OM2dcbo zE*u4zfNK8Hsd1pdPvO*u6)`9f4`}rX7op`>rt7NjJXNGqZIS|VrJ*I_ow(Sn;^L^` zvN)k$5(Eot5AwB7kyriDb|bzVko{MOF58JZ83P1JOtq zQ@dR&?@M%d3oN>?i zvxi(4;W@1(Q6$2Dzd(jE!(?+ZOa?EJS<#kJawl$%-m8oKd9(=~<12J?qVNTuB1j2srMDDc$#& zU$Ds9dUi%zK&BrV`8Mo-`WOE1aL-UVTy>U<1xPV{4mtRjkC;0^bcob6{@Am#s#njk zihMS=?voy6MxHE0K|98k@X=gyVkf<7ndzA0-Rgzz?+6@jm~Kd5Dg^64C%7KDYytx9 jpg$R3p&^F&#XW5O`4ir|9sZ{<;E$a2E2%OGqk#Vp@g Date: Mon, 8 Nov 2021 18:23:42 -0500 Subject: [PATCH 099/720] On branch edburns-msft-78-contact-me-verbiage Apply changes from @mriccell modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md Signed-off-by: Ed Burns --- .../src/main/resources/README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md index ecd5bdd54..9e74722f5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md @@ -85,7 +85,7 @@ Oracle WebLogic Server is a scalable, enterprise-ready Java application server. ## Description (Observed max 2973 characters, not including formatting) -

Azure Oracle WebLogic Server (WLS) offers enable you to embrace cloud computing by making it as easy as possible to migrate your Java applications to Azure. The offers increase productivity by automating most boilerplate Java and Azure resource provisioning and configuration tasks so that you can focus on application development. The offers cover deployment to both Azure Virtual Machines and the Azure Kubernetes Service (AKS).

+

Oracle WebLogic Server (WLS) on Azure offers enable you to embrace cloud computing by making it as easy as possible to migrate your Java applications to Azure. The offers increase productivity by automating most boilerplate Java and Azure resource provisioning and configuration tasks so that you can focus on application development. The offers cover deployment to both Azure Virtual Machines and the Azure Kubernetes Service (AKS).

The offers are linked in the Learn more section at the bottom of this page.

@@ -93,13 +93,13 @@ Oracle WebLogic Server is a scalable, enterprise-ready Java application server.

If you want to work closely on your migration scenarios with the engineering team developing these offers, just hit the CONTACT ME button. Program managers, architects and engineers will reach back out to you shortly and initiate collaboration!

-

WLS on Virtual Machines
-The WLS on virtual machines offers automate provisioning virtual network, storage, and Linux resources, installing WLS, setting up security with a network security group, easing database connectivity, configuring load-balancing with App Gateway or Oracle HTTP Server, connecting to Azure Active Directory, enabling centralized logging via ELK as well as integrating distributed caching with Oracle Coherence.

+

WebLogic Server on Virtual Machines
+The WebLogic Server on virtual machines offers automate provisioning virtual network, storage, and Linux resources, installing WLS, setting up security with a network security group, easing database connectivity, configuring load-balancing with App Gateway or Oracle HTTP Server, connecting to Azure Active Directory, enabling centralized logging via ELK as well as integrating distributed caching with Oracle Coherence.

- +

There are several offers that target use cases such as single node with Administration server enabled and WLS cluster (including both configured and dynamic clusters). These offers supports a range of operating system, Java and WebLogic versions such as WLS 14 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

-

WLS on AKS
-The WLS on AKS offer automates provisioning an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. The offer will work with any WLS version that supports the Operator, such as 12.2.1.3 and 12.2.1.4.

+

WebLogic Server on AKS
+The WebLogic Server on AKS offer automates provisioning an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. The offer will work with any WLS version that supports the Operator, such as 14.1.1, 12.2.1.3 and 12.2.1.4.

Oracle and Microsoft also provide basic step-by-step guidance on getting started with WLS and AKS. This guidance is suitable for customers that wish to remain as close as possible to a native Kubernetes manual deployment experience.

@@ -122,7 +122,7 @@ https://www.oracle.com/legal/privacy/privacy-policy.html * [Oracle WebLogic Server Single Node](https://portal.azure.com/#create/oracle.20191001-arm-oraclelinux-wls20191001-arm-oraclelinux-wls) -* [Oracle WebLogic Server With Admin Server](https://portal.azure.com/#create/oracle.20191009-arm-oraclelinux-wls-admin20191009-arm-oraclelinux-wls-admin) +* [Oracle WebLogic Server With Administration Server](https://portal.azure.com/#create/oracle.20191009-arm-oraclelinux-wls-admin20191009-arm-oraclelinux-wls-admin) * [Oracle WebLogic Server Cluster](https://portal.azure.com/#create/oracle.20191007-arm-oraclelinux-wls-cluster20191007-arm-oraclelinux-wls-cluster) From 89a49339217888c647d68dce8a5a523fcf096c67 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 10 Nov 2021 17:32:05 +0800 Subject: [PATCH 100/720] Re-activate pipeline for admin offer Signed-off-by: galiacheng --- .github/workflows/buildWlsVm4AsArtifact.yml | 77 +++ .github/workflows/testWlsVmAdmin.yml | 507 ++++++++++++++++++ .../admin-ssl-post-deploy/pom.xml | 2 +- .../arm-oraclelinux-wls-admin/pom.xml | 2 +- .../arm/nestedtemplates/adminTemplate.json | 2 +- .../test/data/parameters-test.json | 2 +- .../test/scripts/gen-parameters-aad.sh | 4 +- .../test/scripts/gen-parameters-db-aad.sh | 4 +- .../test/scripts/gen-parameters-db.sh | 4 +- .../test/scripts/gen-parameters-deploy-db.sh | 4 +- .../test/scripts/gen-parameters-deploy-elk.sh | 4 +- .../test/scripts/gen-parameters-elk.sh | 4 +- .../test/scripts/gen-parameters.sh | 4 +- .../test/scripts/verify-deployments.sh | 12 +- 14 files changed, 608 insertions(+), 24 deletions(-) create mode 100644 .github/workflows/buildWlsVm4AsArtifact.yml create mode 100644 .github/workflows/testWlsVmAdmin.yml diff --git a/.github/workflows/buildWlsVm4AsArtifact.yml b/.github/workflows/buildWlsVm4AsArtifact.yml new file mode 100644 index 000000000..63cbedd36 --- /dev/null +++ b/.github/workflows/buildWlsVm4AsArtifact.yml @@ -0,0 +1,77 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +name: Build Admin Server VM artifact +on: + workflow_dispatch: + inputs: + pidType: + description: 'Specify which pids to use, oracle or microsoft.' + required: true + default: 'microsoft' + ref: + description: 'Specify Git Ref if needed.' + required: false + default: 'refs/heads/main' +env: + refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f + offerName: "arm-oraclelinux-wls-admin" + repoName: "weblogic-azure" + +jobs: + package: + runs-on: ubuntu-latest + steps: + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} + - name: Checkout ${{ env.repoName }} + uses: actions/checkout@v2 + with: + path: ${{ env.repoName }} + ref: ${{ github.event.inputs.ref }} + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + + - name: Build and test ${{ env.offerName }} using ${{ github.event.inputs.pidType }} pids + run: | + cd ${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }} + pidType=${{ github.event.inputs.pidType }} + if [[ "${pidType}" == "oracle" ]];then + echo "using oracle pid" + mvn -Ptemplate-validation-tests clean install + else + echo "using ms pid" + mvn -Ptemplate-validation-tests clean install -Ddev + fi + + - name: Generate artifact file name and path + id: artifact_file + run: | + cd ${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }} + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' pom.xml) + artifactName=${{ env.offerName }}-$version-arm-assembly + unzip target/$artifactName.zip -d target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}-${{ github.event.inputs.pidType }}" + echo "##[set-output name=artifactPath;]${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }}/target/$artifactName" + - name: Archive ${{ env.offerName }} template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + diff --git a/.github/workflows/testWlsVmAdmin.yml b/.github/workflows/testWlsVmAdmin.yml new file mode 100644 index 000000000..944c002f3 --- /dev/null +++ b/.github/workflows/testWlsVmAdmin.yml @@ -0,0 +1,507 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +name: Test Admin Server on VM + +on: + workflow_dispatch: + inputs: + enableELK: + description: "Specify whether to enable ELK depoyment or not." + required: true + default: "false" + # Allows you to run this workflow using GitHub APIs + # PERSONAL_ACCESS_TOKEN= + # REPO_NAME=mriccell/arm-oraclelinux-wls-admin + # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' + repository_dispatch: + +env: + adminConsolePort: 7005 + adminVMName: adminServerVM + adminPassword: ${{ secrets.WLS_PSW }} + dbName: wlsdb${{ github.run_id }}${{ github.run_number }} + elkURI: ${{ secrets.ELK_URI }} + elkUser: ${{ secrets.ELK_USER_NAME }} + elkPassword: ${{ secrets.ELK_PSW }} + gitToken: ${{ secrets.GIT_TOKEN }} + location: eastus + nsg: wls-nsg + offerName: arm-oraclelinux-wls-admin + adminOfferPath: weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-admin + testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} + refArmTtk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f + repoName: weblogic-azure + repoOwner: galiacheng + resourceGroupPrefix: wls-${{ github.run_id }}-${{ github.run_number }} + resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} + userEmail: ${{ secrets.USER_EMAIL }} + userName: ${{ secrets.USER_NAME }} + wlsPassword: ${{ secrets.WLS_PSW }} + wlsDomainName: adminDomain + wlsUserName: weblogic + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmTtk }} + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}} + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Build and test ${{ env.offerName }} + run: | + ls + mvn -Ptemplate-validation-tests clean install --file ${adminOfferPath}/pom.xml + + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} for test + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}}-dev + - name: Create a new branch with development pids in nestedtemplates + run: | + current=`pwd` + echo "current=${current}" >> $GITHUB_ENV + offerDevPath=${{ env.repoName }}-dev/weblogic-azure-vm/${{env.offerName}} + cd ${offerDevPath}/src/main/arm/nestedtemplates + git config --global core.longpaths true + git config --global user.email $userEmail + git config --global user.name $userName + echo "create branch $testbranchName" + git checkout -b $testbranchName + rm -r -f $current/${offerDevPath}/src/main/arm/nestedtemplates/* + cp -r -f $current/${{ env.adminOfferPath }}/target/arm/nestedtemplates/* $current/${offerDevPath}/src/main/arm/nestedtemplates/ + git status + git commit -a -m "hard code pids" + git push https://$gitToken@github.com/${GITHUB_REPOSITORY}.git -f + + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Validate deployment templates for different combinations of service integration + id: validate-deployment-templates + run: | + bash ${{ env.adminOfferPath }}/test/scripts/verify-deployments.sh \ + <<< "${{ github.run_id }}${{ github.run_number }} ${location} \ + ${{ env.adminOfferPath }}/target/arm/mainTemplate.json \ + ${GITHUB_REPOSITORY} ${testbranchName} ${{ env.adminOfferPath }}/test/scripts" + + - name: Get version information from pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.adminOfferPath }}/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Print version + run: echo $version + - name: Generate artifact name + run: echo "artifactName=${{ env.offerName }}-$version-arm-assembly" >> $GITHUB_ENV + - name: Print artifact name + run: echo $artifactName + - name: Output artifact name + id: artifact_file + run: echo "##[set-output name=artifactName;]${{ env.offerName }}-$version-arm-assembly" + - name: Generate zip package path + id: artifact_path + run: echo "##[set-output name=artifactPath;]${{ env.adminOfferPath }}/target/$artifactName" + - name: Output artifact path + run: echo $artifactPath + env: + artifactPath: ${{steps.package.outputs.artifactPath}} + - name: Unzip the package as upload action will zip again + run: unzip ${{ env.adminOfferPath }}/target/$artifactName.zip -d ${{ env.adminOfferPath }}/target/$artifactName + + - name: Archive ${{ env.offerName }} template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_path.outputs.artifactPath}} + + deploy-dependencies: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Create Resource Group + id: create-resource-group + run: | + echo "create resource group" ${{ env.resourceGroupForDependency }} + az group create --verbose --name ${{ env.resourceGroupForDependency }} --location ${location} + + - name: Set Up Azure Postgresql to Test dbTemplate + id: setup-postgresql + run: | + echo "Deploy DB with name " ${{ env.dbName }} + az postgres server create \ + --resource-group ${{ env.resourceGroupForDependency }} \ + --name ${{ env.dbName }} \ + --location ${location} \ + --admin-user weblogic \ + --ssl-enforcement Enabled \ + --public-network-access Enabled \ + --admin-password ${{ env.wlsPassword }} \ + --sku-name B_Gen5_1 + + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDependency }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + + deploy-weblogic-admin: + needs: deploy-dependencies + runs-on: ubuntu-latest + strategy: + max-parallel: 1 + fail-fast: false + matrix: + images: + [ + "owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest", + "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", + "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", + "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" + ] + + steps: + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}} + - name: Get version information from ${{ env.offerName }}/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.adminOfferPath }}/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=${{ env.offerName }}-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} + + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Get Image SKU + id: image-sku + run: | + imageUrn="${{ matrix.images }}" + sku=${imageUrn%%;*} + echo "sku=${sku}" >> $GITHUB_ENV + echo ${resourceGroupPrefix} + resourceGroup=$(echo "${resourceGroupPrefix}-${sku}" | sed "s/_//g") + echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV + - name: Create Resource Group + id: create-resource-group + run: | + echo "create resource group" $resourceGroup + az group create --verbose --name $resourceGroup --location ${location} + echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV + + - name: Prepare deployed parameters and test script + id: prepare-deployed-parameters-and-test-script + run: | + repoPath=${GITHUB_REPOSITORY//\//\\/} + sed -i "s/#location#/$location/g; \ + s/#adminPasswordOrKey#/$wlsPassword/g; \ + s/#wlsdomainname#/$wlsDomainName/g; \ + s/#wlsusername#/$wlsUserName/g; \ + s/#wlspassword#/$wlsPassword/g; \ + s/#adminvmname#/$adminVMName/g; \ + s/#skuUrnVersion#/${{ matrix.images }}/g; \ + s/#testbranchName#/$testbranchName/g; \ + s/#repoPath#/$repoPath/g" \ + ${{ env.adminOfferPath }}/test/data/parameters-test.json + + sed -i "s/#adminPasswordOrKey#/$wlsPassword/g" \ + ${{ env.adminOfferPath }}/test/scripts/verify-wls-path.sh + + - name: Accept Image Terms + id: accept-terms + run: | + echo "accept terms for " "${{ matrix.images }}" + rawUrn="${{ matrix.images }}" + publisherAndName=$(echo ${rawUrn} | grep -o ";.*:" | sed "s/;//g") + imageVersion=${rawUrn##*;} + az vm image terms accept --urn ${publisherAndName}${sku}:${imageVersion} + + - name: Deploy WebLogic Server Admin only Domain offer + id: deploy-wls-admin + run: | + az deployment group create \ + --verbose \ + --resource-group $resourceGroup \ + --name wls-admin-node \ + --parameters @${{ env.adminOfferPath }}/test/data/parameters-test.json \ + --template-file ${{ env.offerName }}-$version-arm-assembly/mainTemplate.json + + - name: Verify Network Security Group + id: verify-nsg + run: | + echo "query nsg name, will exit with error if nsg does not exist." + az network nsg show -g $resourceGroup -n ${nsg} --query "name" + + - name: Get IP of build machine + id: get-ip-address + run: | + myIP=$(dig @ns1.google.com TXT o-o.myaddr.l.google.com +short | tr -d "\"") + echo "myIP=${myIP}" >> $GITHUB_ENV + + - name: Add ip address to security rule to access the wls machine + id: add-ip-to-security-rule + run: | + echo "query existing source address prefixes" + attempt=0 + toCreateRule101=false + while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-101"` && $attempt -le 5 ]] + do + if [ $attempt -eq 5 ]; then + toCreateRule101=true + fi + echo "network security group rule NRMS-Rule-101 is not ready" + sleep 1m + attempt=$((attempt + 1)) + done + if [ $toCreateRule101 == true ]; then + az network nsg rule create --name NRMS-Rule-101 \ + --nsg-name ${nsg} \ + --priority 101 \ + --resource-group $resourceGroup \ + --access Allow \ + --destination-address-prefixes "*" \ + --destination-port-ranges 22 43 \ + --direction Inbound \ + --protocol Tcp \ + --source-address-prefixes $myIP + else + sourceAddressPrefixes=$(az network nsg rule show \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name NRMS-Rule-101 \ + --query "sourceAddressPrefixes") + echo "IP of this machine: " ${myIP} + sourceAddressPrefixes=$(echo ${myIP} ${sourceAddressPrefixes} | \ + sed 's/,/ /g; s/\[//g; s/\]//g; s/"//g') + echo ${sourceAddressPrefixes} + az network nsg rule update \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name NRMS-Rule-101 \ + --source-address-prefixes $sourceAddressPrefixes \ + --destination-port-ranges 443 22 + fi + + echo "Allow access to 7005" + az network nsg rule update \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name WebLogicAdminChannelPort \ + --access Allow \ + --source-address-prefixes 10.0.0.0/24 + + - name: Restart wls VM + id: restart-wls-wm + run: | + echo "restart vm to make sure security rule work." + az vm restart -g $resourceGroup -n $adminVMName + + - name: Query public IP of AdminServer VM + id: query-wls-admin-ip + run: | + echo "query public ip" + publicIP=$(az vm show \ + --resource-group $resourceGroup \ + --name $adminVMName -d \ + --query publicIps -o tsv) + echo "##[set-output name=publicIP;]${publicIP}" + - name: Create environment variable for AdminServer IP + id: env-admin-ip + run: echo "wlsPublicIP=${{steps.query-wls-admin-ip.outputs.publicIP}}" >> $GITHUB_ENV + + - name: Verify WebLogic Server Installation + id: verify-wls + run: | + echo "pubilc IP of wls machine: ${wlsPublicIP}" + echo "Verifying Weblgic server installation" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo install sshpass + sudo apt-get install -y sshpass + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${adminOfferPath}/test/scripts/verify-wls-path.sh + + - name: Restart remote SSH agent + id: restart-remote-ssh + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Verify system services at admin server + id: veriy-admin-service + run: | + echo "wait for 22 port" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo "Verifying WebLogic services at admin server" + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.adminOfferPath }}/test/scripts/verify-services.sh + + - name: Verify WebLogic Server Access + id: verify-wls-access + run: | + echo "Verifying Weblogic Server Access" + echo ${wlsPublicIP} + bash ${{ env.adminOfferPath }}/test/scripts/verify-wls-access.sh <<< "${wlsPublicIP} 7005" + + - name: Deploy DB Template to Connect to Azure Postgresql Database + id: enable-postgresql-db + run: | + # Generate parameters for db template deployment + bash ${{ env.adminOfferPath }}/test/scripts/gen-parameters-deploy-db.sh \ + <<< "${{ env.adminOfferPath }}/test/scripts/ \ + ${{ env.adminVMName }} \ + ${{ env.wlsPassword}} \ + ${{ env.dbName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }}" + echo "Deploy DB Template..." + az group deployment create \ + --verbose \ + --resource-group ${resourceGroup} \ + --name db \ + --parameters @${{ env.adminOfferPath }}/test/scripts/parameters-deploy-db.json \ + --template-file ${artifactName}/nestedtemplates/dbTemplate.json + + - name: Set up ELK by deploying sub template + id: enable-elk + if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} + run: | + # Generate parameters for ELK template deployment + bash ${{ env.adminOfferPath }}/test/scripts/gen-parameters-deploy-elk.sh \ + <<< "${{ env.adminOfferPath }}/test/scripts/parameters-deploy-elk.json \ + ${{ env.adminVMName }} \ + ${{ env.elkPassword }} \ + ${{ env.elkURI }} \ + ${{ env.elkUser }} \ + ${{ env.location }} \ + ${{ env.wlsDomainName }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ github.run_id }}${{ github.run_number }}" + echo "Deploy ELK Template..." + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name elk \ + --parameters @${{ env.adminOfferPath }}/test/scripts/parameters-deploy-elk.json \ + --template-file ${artifactName}/nestedtemplates/elkNestedTemplate.json + - name: Delete Resource Group + id: delete-resource-group + if: always() + run: | + echo "delete... " $resourceGroup + az group delete --yes --no-wait --verbose --name $resourceGroup + - name: Delete ELK index + id: delete-elk-index + if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} + run: | + curl -XDELETE --user ${{ env.elkUser }}:${{ env.elkPassword }} ${{ env.elkURI }}/azure-weblogic-admin-${{ github.run_id }}${{ github.run_number }} + + cleanup-github-resource: + needs: deploy-weblogic-admin + if: always() + runs-on: ubuntu-latest + steps: + - name: Checkout ${{ env.repoOwner }}/${{ env.repoName }} + uses: actions/checkout@v2 + with: + repository: ${{ env.repoOwner }}/${{ env.repoName }} + path: ${{ env.repoName }} + - name: Delete testing branch + run: | + cd ${{ env.repoName }} + git push https://$gitToken@github.com/${GITHUB_REPOSITORY}.git -f --delete $testbranchName + + cleanup-az-resource: + needs: deploy-weblogic-admin + if: always() + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Delete DB Resource Group + id: delete-db-resource-group + run: | + echo "delete... " $resourceGroup + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDependency }} + + summary: + needs: deploy-weblogic-admin + if: always() + runs-on: ubuntu-latest + steps: + - name: summarize jobs + if: ${{ github.repository_owner == 'wls-eng' }} + run: | + workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${GITHUB_REPOSITORY}/actions/runs/${{ github.run_id }}/jobs) + critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-admin."))) | length') + echo "$critical_job_num" + succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-admin."))) | length') + echo "$succeed_critical_job_num" + failed_job_num="$(($critical_job_num-$succeed_critical_job_num))" + echo $failed_job_num + if (($failed_job_num >= 2));then + echo "too many jobs failed, send notification to Teams" + curl ${{ secrets.MSTEAMS_WEBHOOK }} \ + -H 'Content-Type: application/json' \ + --data-binary @- << EOF + { + "@context":"http://schema.org/extensions", + "@type":"MessageCard", + "text":"$failed_job_num jobs failed in Admin Offer's workflow, please take a look at: https://github.com/${GITHUB_REPOSITORY}/actions/runs/${{ github.run_id }}" + } + EOF + fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml index a219d21ef..b3045df78 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index eb26997ca..d27fdb49a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 pom diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json index 9b1b3d743..85408881a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/adminTemplate.json @@ -106,7 +106,7 @@ "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", - "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" ], "metadata": { "description": "The Oracle Linux image with Weblogic and Java preinstalled. Semicolon separated string of Sku, URN, and Version" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/data/parameters-test.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/data/parameters-test.json index fcee237ce..43a7f0e5d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/data/parameters-test.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/data/parameters-test.json @@ -33,7 +33,7 @@ "value": "#skuUrnVersion#" }, "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/#gitUserName#/arm-oraclelinux-wls-admin/#testbranchName#/src/main/arm/" + "value": "https://raw.githubusercontent.com/#repoPath#/#testbranchName#/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" } } } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-aad.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-aad.sh index 0f6ecc87c..77a4363e5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-aad.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-aad.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-admin/${testbranchName}/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db-aad.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db-aad.sh index a9100ecfc..a530910b5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db-aad.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db-aad.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-admin/${testbranchName}/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db.sh index 4ecb474aa..713870abb 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-db.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-admin/${testbranchName}/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-db.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-db.sh index 92d382f0b..e33770d4e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-db.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-db.sh @@ -5,7 +5,7 @@ #Generate parameters with value for deploying db template independently #read arguments from stdin -read parametersPath adminVMName dbPassword dbName location wlsusername wlspassword gitUserName testbranchName +read parametersPath adminVMName dbPassword dbName location wlsusername wlspassword repoPath testbranchName cat < ${parametersPath}/parameters-deploy-db.json { @@ -37,7 +37,7 @@ cat < ${parametersPath}/parameters-deploy-db.json "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-admin/${testbranchName}/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" }, } EOF diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-elk.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-elk.sh index 8f7117e13..fc1201ba2 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-elk.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-deploy-elk.sh @@ -5,7 +5,7 @@ #Generate parameters with value for deploying elk template independently #read arguments from stdin -read parametersPath adminVMName elasticsearchPassword elasticsearchURI elasticsearchUserName location wlsDomainName wlsusername wlspassword gitUserName testbranchName guidValue +read parametersPath adminVMName elasticsearchPassword elasticsearchURI elasticsearchUserName location wlsDomainName wlsusername wlspassword repoPath testbranchName guidValue cat < ${parametersPath} { @@ -37,7 +37,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-admin/${testbranchName}/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" } } EOF diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-elk.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-elk.sh index ba2c65e85..5272afd64 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-elk.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters-elk.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat <${parametersPath} { @@ -11,7 +11,7 @@ cat <${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-admin/${testbranchName}/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters.sh index c4ceda175..89c381623 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/gen-parameters.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-admin/${testbranchName}/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-deployments.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-deployments.sh index ff6aa6f84..d57bb1b89 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-deployments.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-deployments.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. #read arguments from stdin -read prefix location template githubUserName testbranchName scriptsDir +read prefix location template repoPath testbranchName scriptsDir groupName=${prefix}-preflight @@ -13,23 +13,23 @@ az group create --verbose --name $groupName --location ${location} # generate parameters for testing differnt cases parametersList=() # parameters for cluster -bash ${scriptsDir}/gen-parameters.sh <<< "${scriptsDir}/parameters.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters.sh <<< "${scriptsDir}/parameters.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters.json) # parameters for cluster+db -bash ${scriptsDir}/gen-parameters-db.sh <<< "${scriptsDir}/parameters-db.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-db.sh <<< "${scriptsDir}/parameters-db.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-db.json) # parameters for cluster+aad -bash ${scriptsDir}/gen-parameters-aad.sh <<< "${scriptsDir}/parameters-aad.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-aad.sh <<< "${scriptsDir}/parameters-aad.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-aad.json) # parameters for admin+elk -bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-elk.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-elk.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-elk.json) # parameters for cluster+db+aad -bash ${scriptsDir}/gen-parameters-db-aad.sh <<< "${scriptsDir}/parameters-db-aad.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-db-aad.sh <<< "${scriptsDir}/parameters-db-aad.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-db-aad.json) # run preflight tests From ff8bcf0def1f485a3fdcbdca48f3848ded363be5 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 10 Nov 2021 17:33:45 +0800 Subject: [PATCH 101/720] Re-activate pipeline for cluster offer. Signed-off-by: galiacheng --- .github/workflows/buildWlsVm4CcArtifact.yml | 79 ++ .github/workflows/testWlsVmCluster.yml | 935 ++++++++++++++++++ .../addnode-coherence/pom.xml | 2 +- .../addnode/pom.xml | 2 +- .../arm-oraclelinux-wls-cluster/pom.xml | 2 +- .../deletenode/pom.xml | 2 +- .../deletenode/src/main/arm/mainTemplate.json | 2 +- .../test/data/parameters-test.json | 2 +- .../test/scripts/gen-parameters-aad-ag.sh | 4 +- .../test/scripts/gen-parameters-aad.sh | 4 +- .../test/scripts/gen-parameters-ag.sh | 4 +- .../test/scripts/gen-parameters-coherence.sh | 4 +- .../test/scripts/gen-parameters-db-aad-ag.sh | 4 +- .../test/scripts/gen-parameters-db-aad.sh | 4 +- .../test/scripts/gen-parameters-db-ag.sh | 4 +- .../test/scripts/gen-parameters-db.sh | 4 +- ...gen-parameters-deploy-addnode-coherence.sh | 4 +- .../scripts/gen-parameters-deploy-addnode.sh | 4 +- .../test/scripts/gen-parameters-deploy-agw.sh | 4 +- .../gen-parameters-deploy-coherence.sh | 4 +- .../test/scripts/gen-parameters-deploy-db.sh | 4 +- .../gen-parameters-deploy-deletenode.sh | 4 +- .../test/scripts/gen-parameters-deploy-elk.sh | 4 +- .../test/scripts/gen-parameters-elk.sh | 4 +- .../test/scripts/gen-parameters.sh | 4 +- .../test/scripts/verify-deployments.sh | 22 +- .../test/scripts/verify-servers-lifecycle.sh | 2 +- 27 files changed, 1066 insertions(+), 52 deletions(-) create mode 100644 .github/workflows/buildWlsVm4CcArtifact.yml create mode 100644 .github/workflows/testWlsVmCluster.yml diff --git a/.github/workflows/buildWlsVm4CcArtifact.yml b/.github/workflows/buildWlsVm4CcArtifact.yml new file mode 100644 index 000000000..09f5a728d --- /dev/null +++ b/.github/workflows/buildWlsVm4CcArtifact.yml @@ -0,0 +1,79 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +# https://oss.oracle.com/licenses/upl/ + +name: Build Configured Cluster VM artifact +on: + workflow_dispatch: + inputs: + pidType: + description: 'Specify which pids to use, oracle or microsoft.' + required: true + default: 'microsoft' + ref: + description: 'Specify Git Ref if needed.' + required: false + default: 'refs/heads/main' +env: + refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f + offerName: "arm-oraclelinux-wls-cluster" + repoName: "weblogic-azure" + +jobs: + package: + runs-on: ubuntu-latest + steps: + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} + - name: Checkout ${{ env.repoName }} + uses: actions/checkout@v2 + with: + path: ${{ env.repoName }} + ref: ${{ github.event.inputs.ref }} + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + + - name: Build and test ${{ env.offerName }} using ${{ github.event.inputs.pidType }} pids + run: | + cd ${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }} + pidType=${{ github.event.inputs.pidType }} + if [[ "${pidType}" == "oracle" ]];then + echo "using oracle pid" + mvn -Ptemplate-validation-tests clean install + else + echo "using ms pid" + mvn -Ptemplate-validation-tests clean install -Ddev + fi + + - name: Generate artifact file name and path + id: artifact_file + run: | + offerPath=${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }}/${{ env.offerName }} + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/pom.xml) + artifactName=${{ env.offerName }}-$version-arm-assembly + unzip ${offerPath}/target/$artifactName.zip -d ${offerPath}/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}-${{ github.event.inputs.pidType }}" + echo "##[set-output name=artifactPath;]${offerPath}/target/$artifactName" + - name: Archive ${{ env.offerName }} template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + + diff --git a/.github/workflows/testWlsVmCluster.yml b/.github/workflows/testWlsVmCluster.yml new file mode 100644 index 000000000..172d1433c --- /dev/null +++ b/.github/workflows/testWlsVmCluster.yml @@ -0,0 +1,935 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +# https://oss.oracle.com/licenses/upl/ + +name: Test Configured Cluster on VM +on: + workflow_dispatch: + inputs: + enableELK: + description: "Specify whether to enable ELK depoyment or not." + required: true + default: "false" + # Allows you to run this workflow using GitHub APIs + # PERSONAL_ACCESS_TOKEN= + # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster + # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' + repository_dispatch: + +env: + adminConsolePort: 7001 + adminPassword: ${{ secrets.WLS_PSW }} + adminVMName: adminServerVM + dbName: wlsdb${{ github.run_id }}${{ github.run_number }} + elkURI: ${{ secrets.ELK_URI }} + elkUser: ${{ secrets.ELK_USER_NAME }} + elkPassword: ${{ secrets.ELK_PSW }} + gitEmail: ${{ secrets.USER_EMAIL }} + gitToken: ${{ secrets.GIT_TOKEN }} + gitUserName: ${{ secrets.USER_NAME }} + location: eastus + managedServerPrefix: managedServer + managedServerVM: "managedServerVM1" + managedServers: "managedServer1" + nsg: wls-nsg + numberOfInstances: 2 + offerName: arm-oraclelinux-wls-cluster + offerPath: weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster + refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f + repoName: weblogic-azure + repoOwner: galiacheng + resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} + resourceGroupPrefix: ${{ github.run_id }}-${{ github.run_number }} + testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} + wlsAdminServices: "rngd wls_admin wls_nodemanager" + wlsDomainName: wlsd + wlsMsServices: "rngd wls_nodemanager" + wlsPassword: ${{ secrets.WLS_PSW }} + wlsUserName: weblogic + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}} + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Build and test ${{ env.offerName }} + run: mvn -Ptemplate-validation-tests clean install --file ${offerPath}/pom.xml + + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}}-dev + - name: Create a new branch with development pids in nestedtemplates + run: | + current=`pwd` + echo "current=${current}" >> $GITHUB_ENV + offerDevPath=${{ env.repoName }}-dev/weblogic-azure-vm/${{env.offerName}}/${{env.offerName}} + cd ${offerDevPath}/src/main/arm/nestedtemplates + git config --global core.longpaths true + git config --global user.email $gitEmail + git config --global user.name $gitUserName + echo "create branch $testbranchName" + git checkout -b $testbranchName + rm -r -f $current/${offerDevPath}/src/main/arm/nestedtemplates/* + cp -r -f $current/${offerPath}/${{ env.offerName }}/target/arm/nestedtemplates/* $current/${offerDevPath}/src/main/arm/nestedtemplates/ + git status + git commit -a -m "hard code pids" + git push https://$gitToken@github.com/${GITHUB_REPOSITORY}.git -f + + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Validate deployment templates for different combinations of service integration + id: validate-deployment-templates + run: | + bash ${{ env.offerPath }}/test/scripts/verify-deployments.sh <<< "${{ github.run_id }}${{ github.run_number }} ${location} \ + ${{ env.offerPath }}/${{ env.offerName }}/target/arm/mainTemplate.json \ + ${GITHUB_REPOSITORY} ${testbranchName} ${{ env.offerPath }}/test/scripts" + + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/${{ env.offerName }}/pom.xml) + artifactName=${{ env.offerName }}-$version-arm-assembly + unzip ${{ env.offerPath }}/${{ env.offerName }}/target/$artifactName.zip -d ${{ env.offerPath }}/${{ env.offerName }}/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]${{ env.offerPath }}/${{ env.offerName }}/target/$artifactName" + - name: Archive ${{ env.offerName }} template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + + - name: Generate addnode artifact file name and path + id: addnode_artifact_file + run: | + addnode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/addnode/pom.xml) + addnode_artifactName=${{ env.offerName }}-addnode-$addnode_version-arm-assembly + unzip ${{ env.offerPath }}/addnode/target/$addnode_artifactName.zip -d ${{ env.offerPath }}/addnode/target/$addnode_artifactName + echo "##[set-output name=addnode_artifactName;]${addnode_artifactName}" + echo "##[set-output name=addnode_artifactPath;]${{ env.offerPath }}/addnode/target/$addnode_artifactName" + - name: Archive ${{ env.offerName }} addnode template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.addnode_artifact_file.outputs.addnode_artifactName}} + path: ${{steps.addnode_artifact_file.outputs.addnode_artifactPath}} + + - name: Generate delete node artifact file name and path + id: deletenode_artifact_file + run: | + deletenode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/deletenode/pom.xml) + deletenode_artifactName=${{ env.offerName }}-deletenode-$deletenode_version-arm-assembly + unzip ${{ env.offerPath }}/deletenode/target/$deletenode_artifactName.zip -d ${{ env.offerPath }}/deletenode/target/$deletenode_artifactName + echo "##[set-output name=deletenode_artifactName;]${deletenode_artifactName}" + echo "##[set-output name=deletenode_artifactPath;]${{ env.offerPath }}/deletenode/target/$deletenode_artifactName" + + - name: Archive ${{ env.offerName }} deletenode template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactName}} + path: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactPath}} + + - name: Generate addnode-coherence artifact file name and path + id: addnode_coherence_artifact_file + run: | + addnode_coherence_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/addnode-coherence/pom.xml) + addnode_coherence_artifactName=${{ env.offerName }}-addnode-coherence-$addnode_coherence_version-arm-assembly + unzip ${{ env.offerPath }}/addnode-coherence/target/$addnode_coherence_artifactName.zip -d ${{ env.offerPath }}/addnode-coherence/target/$addnode_coherence_artifactName + echo "##[set-output name=addnode_coherence_artifactName;]${addnode_coherence_artifactName}" + echo "##[set-output name=addnode_coherence_artifactPath;]${{ env.offerPath }}/addnode-coherence/target/$addnode_coherence_artifactName" + + - name: Archive ${{ env.offerName }} addnode-coherence template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactName}} + path: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactPath}} + + deploy-dependencies: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: Create Resource Group + run: | + echo "create resource group" ${{ env.resourceGroupForDependency }} + az group create --verbose --name ${{ env.resourceGroupForDependency }} --location ${location} + + - name: Set Up Azure Postgresql to Test dbTemplate + id: setup-postgresql + run: | + echo "Deploy DB with name " ${{ env.dbName }} + az postgres server create \ + --resource-group ${{ env.resourceGroupForDependency }} \ + --name ${{ env.dbName }} \ + --location ${location} \ + --admin-user weblogic \ + --ssl-enforcement Enabled \ + --public-network-access Enabled \ + --admin-password ${{ env.wlsPassword }} \ + --sku-name B_Gen5_1 + + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDependency }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + + deploy-weblogic-cluster: + needs: deploy-dependencies + runs-on: ubuntu-latest + strategy: + max-parallel: 1 + fail-fast: false + matrix: + images: + [ + "owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest", + "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", + "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", + "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" + ] + steps: + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}} + - name: Get version information from ${{ env.offerName }}/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/${{ env.offerName }}/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=${{ env.offerName }}-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Get Image SKU + id: image-sku + run: | + imageUrn="${{ matrix.images }}" + sku=${imageUrn%%;*} + echo "sku=${sku}" >> $GITHUB_ENV + echo ${resourceGroupPrefix} + resourceGroup=$(echo "${resourceGroupPrefix}-${sku}" | sed "s/_//g") + echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV + - name: Create Resource Group + id: create-resource-group + run: | + echo "create resource group" $resourceGroup + az group create --verbose --name $resourceGroup --location ${location} + + - name: Prepare deployed parameters and test script + id: prepare-deployed-parameters-and-test-script + run: | + repoPath=${GITHUB_REPOSITORY//\//\\/} + echo $managedServerPrefix $numberOfInstances $adminVMName + sed -i "s/#location#/$location/g; \ + s/#adminPasswordOrKey#/$wlsPassword/g; \ + s/#wlsdomainname#/$wlsDomainName/g; \ + s/#wlsusername#/$wlsUserName/g; \ + s/#wlspassword#/$wlsPassword/g; \ + s/#managedserverprefix#/$managedServerPrefix/g; \ + s/#numinstances#/$numberOfInstances/g; \ + s/#adminvmname#/$adminVMName/g; \ + s/#skuUrnVersion#/${{ matrix.images }}/g; \ + s/#testbranchName#/$testbranchName/g; \ + s/#repoPath#/$repoPath/g" \ + ${{ env.offerPath }}/test/data/parameters-test.json + + sed -i "s/#adminPasswordOrKey#/$wlsPassword/g" \ + ${{ env.offerPath }}/test/scripts/verify-wls-path.sh + + sed -i "s/#adminVMName#/$adminVMName/g; \ + s/#adminPasswordOrKey#/$wlsPassword/g; \ + s/#managedServers#/$managedServers/g; \ + s/#wlsUserName#/$wlsUserName/g; \ + s/#wlspassword#/$wlsPassword/g" \ + ${{ env.offerPath }}/test/scripts/verify-servers-lifecycle.sh + + - name: Accept Image Terms + id: accept-terms + run: | + echo "accept terms for " "${{ matrix.images }}" + rawUrn="${{ matrix.images }}" + publisherAndName=$(echo ${rawUrn} | grep -o ";.*:" | sed "s/;//g") + imageVersion=${rawUrn##*;} + az vm image terms accept --urn ${publisherAndName}${sku}:${imageVersion} + + - name: Deploy WebLogic Server Cluster Domain offer + id: deploy-wls-cluster + run: | + az deployment group create \ + --verbose \ + --resource-group $resourceGroup \ + --name wls-cluster-node \ + --parameters @${{ env.offerPath }}/test/data/parameters-test.json \ + --template-file ${artifactName}/mainTemplate.json + + - name: Verify Network Security Group + id: verify-nsg + run: | + echo "query nsg name, will exit with error if nsg does not exist." + az network nsg show -g $resourceGroup -n ${nsg} --query "name" + + - name: Get IP of build machine + id: get-ip-address + run: | + myIP=$(dig @ns1.google.com TXT o-o.myaddr.l.google.com +short | tr -d "\"") + echo "myIP=${myIP}" >> $GITHUB_ENV + + - name: Add ip address to security rule to access the wls machine + id: add-ip-to-security-rule + run: | + echo "query existing source address prefixes" + attempt=0 + toCreateRule101=false + while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-101"` && $attempt -le 5 ]] + do + if [ $attempt -eq 5 ]; then + toCreateRule101=true + fi + echo "network security group rule NRMS-Rule-101 is not ready" + sleep 1m + attempt=$((attempt + 1)) + done + if [ $toCreateRule101 == true ]; then + az network nsg rule create --name NRMS-Rule-101 \ + --nsg-name ${nsg} \ + --priority 101 \ + --resource-group $resourceGroup \ + --access Allow \ + --destination-address-prefixes "*" \ + --destination-port-ranges 22 43 ${adminConsolePort} \ + --direction Inbound \ + --protocol Tcp \ + --source-address-prefixes $myIP + else + sourceAddressPrefixes=$(az network nsg rule show \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name NRMS-Rule-101 \ + --query "sourceAddressPrefixes") + echo "IP of this machine: " ${myIP} + sourceAddressPrefixes=$(echo ${myIP} ${sourceAddressPrefixes} | \ + sed 's/,/ /g; s/\[//g; s/\]//g; s/"//g') + echo ${sourceAddressPrefixes} + az network nsg rule update \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name NRMS-Rule-101 \ + --source-address-prefixes $sourceAddressPrefixes \ + --destination-port-ranges 443 22 ${adminConsolePort} + fi + + - name: Restart wls VM + id: restart-wls-wm + run: | + echo "restart vm to make sure security rule work." + az vm restart -g $resourceGroup -n $adminVMName + + - name: Query public IP of AdminServer VM + id: query-wls-admin-ip + run: | + echo "query public ip" + publicIP=$(az vm show \ + --resource-group $resourceGroup \ + --name $adminVMName -d \ + --query publicIps -o tsv) + echo "##[set-output name=publicIP;]${publicIP}" + - name: Create environment variable for AdminServer IP + id: env-admin-ip + run: echo "wlsPublicIP=${{steps.query-wls-admin-ip.outputs.publicIP}}" >> $GITHUB_ENV + + - name: Query public IP of managedServerVM1 + id: query-wls-managed-ip + run: | + echo "query public ip" + publicIP=$(az vm show \ + --resource-group $resourceGroup \ + --name $managedServerVM -d \ + --query publicIps -o tsv) + echo "##[set-output name=publicIP;]${publicIP}" + - name: Create environment variable for managedServerVM1 IP + id: env-managedserver-vm1-ip + run: echo "ms1PublicIP=${{steps.query-wls-managed-ip.outputs.publicIP}}" >> $GITHUB_ENV + + - name: Verify WebLogic Server Installation + id: verify-wls + run: | + echo "pubilc IP of wls machine: ${wlsPublicIP}" + echo "Verifying Weblgic server installation" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo install sshpass + sudo apt-get install -y sshpass + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.offerPath }}/test/scripts/verify-wls-path.sh + + # Fix failure that caused by remote server closed. + - name: Restart remote SSH agent + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Verify wls admin services + id: veriy-admin-service + run: | + echo "wait for port 22" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo "Verifying WebLogic services at admin server" + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.offerPath }}/test/scripts/verify-services.sh $wlsAdminServices + + # Fix failure that caused by remote server closed. + - name: Restart remote SSH agent + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Verify wls managed server services + id: veriy-msservice + run: | + echo "wait for port 22" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo "Verifying WebLogic services at managed server" + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${ms1PublicIP} 'bash -s' < ${{ env.offerPath }}/test/scripts/verify-services.sh $wlsMsServices + + - name: Verify WebLogic Server Access + id: verify-wls-access + run: | + echo "Verifying Weblogic Server Access" + bash ${{ env.offerPath }}/test/scripts/verify-wls-access.sh <<< "$wlsPublicIP ${adminConsolePort} $wlsUserName $wlsPassword $managedServers" + + # Fix failure that caused by remote server closed. + - name: Restart remote SSH agent + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Verify WebLogic Managed Server LifeCycle check + id: verify-server-lifecycle + run: | + echo "wait for port 22" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo "Verifying Weblogic managed server lifecycle" + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.offerPath }}/test/scripts/verify-servers-lifecycle.sh + + - name: Deploy DB Template to Connect to Azure Postgresql Database + id: enable-postgresql-db + run: | + # Generate parameters for db template deployment + bash ${{ env.offerPath }}/test/scripts/gen-parameters-deploy-db.sh \ + <<< "${{ env.offerPath }}/test/scripts/ \ + ${{ env.adminVMName }} \ + ${{ env.wlsPassword}} \ + ${{ env.dbName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }}" + echo "Deploy DB Template..." + az group deployment create \ + --verbose \ + --resource-group ${resourceGroup} \ + --name db \ + --parameters @${{ env.offerPath }}/test/scripts/parameters-deploy-db.json \ + --template-file ${artifactName}/nestedtemplates/dbTemplate.json + + - name: Generate Application Gateway Certificate + id: gen-certificate-agw + run: | + echo "Generate SSL Certificate for Application Gateway" + openssl genrsa -passout pass:${{ env.wlsPassword }} -out privkey.pem 3072 + openssl req -x509 -new -key privkey.pem -out privkey.pub -subj "/C=US" + openssl pkcs12 -passout pass:${{ env.wlsPassword }} -export -in privkey.pub -inkey privkey.pem -out mycert.pfx + agwCertificateBase64String=$(base64 mycert.pfx -w 0) + echo "agwCertificateBase64String=${agwCertificateBase64String}" >> $GITHUB_ENV + - name: Set up Application Gateway by Deploying Sub Template + id: enable-application-gateway + run: | + # Generate parameters for application gateway template deployment + bash ${{ env.offerPath }}/test/scripts/gen-parameters-deploy-agw.sh \ + <<< "${{ env.offerPath }}/test/scripts/parameters-deploy-agw.json \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.adminVMName }} \ + ${agwCertificateBase64String} \ + ${{ env.wlsPassword }} \ + ${{ env.numberOfInstances }} \ + ${{ env.location }} \ + ${{ env.wlsPassword }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsDomainName }} \ + ${{ env.managedServerPrefix }}" + echo "Deploy Application Gateway Template..." + az group deployment create \ + --verbose \ + --debug \ + --resource-group ${resourceGroup} \ + --name agw \ + --parameters @${{ env.offerPath }}/test/scripts/parameters-deploy-agw.json \ + --template-file ${artifactName}/nestedtemplates/appGatewayNestedTemplate.json + + - name: Query appGatewayURL of appgateway deployment + id: query-agwurl + run: | + echo "query appgatewayURL" + appGatewayURL=$(az network public-ip show \ + --resource-group $resourceGroup \ + --name gwip \ + --query dnsSettings.fqdn -o tsv) + echo "##[set-output name=appGatewayURL;]${appGatewayURL}" + - name: Save appGatewayURL for app deployement verification + id: save-appgatewayurl + run: | + echo ${{steps.query-agwurl.outputs.appGatewayURL}} + echo "appGatewayURL=${{steps.query-agwurl.outputs.appGatewayURL}}" >> $GITHUB_ENV + echo ${appGatewayURL} + + - name: Checkout WebLogic-Cafe + id: checkout-webapp + uses: actions/checkout@v2 + with: + repository: microsoft/weblogic-on-azure + path: weblogic-on-azure + + - name: Maven build the web app + id: maven-build-webapp + run: | + echo "build the WebLogic Cafe web app" + mvn -DskipTests clean install --file weblogic-on-azure/javaee/weblogic-cafe/pom.xml + + - name: Query adminVMsver DNS + id: query-adminvmdns + run: | + echo "query adminVMsver DNS for $adminVMName" + adminVMDNS=$(az network public-ip show \ + --resource-group $resourceGroup \ + --name "${adminVMName}_PublicIP" \ + --query dnsSettings.fqdn -o tsv) + echo "##[set-output name=adminVMDNS;]${adminVMDNS}" + + - name: Save adminVMsver DNS for app deployement + id: save-adminvmdns + run: | + echo ${{steps.query-adminvmdns.outputs.adminVMDNS}} + echo "adminVMDNS=${{steps.query-adminvmdns.outputs.adminVMDNS}}" >> $GITHUB_ENV + echo ${adminVMDNS} + + - name: Prepare the webapp deployment script + id: prepare-webapp-deployement-script + run: | + echo ${adminVMDNS} ${wlsUserName} + sed -i "s/#adminVMDNS#/${adminVMDNS}/g; \ + s/#wlsUserName#/$wlsUserName/g; \ + s/#wlsPassword#/$wlsPassword/g" \ + ${{ env.offerPath }}/test/scripts/deploy-webapp.sh + + echo ${appGatewayURL} + sed -i "s|#appGatewayURL#|${appGatewayURL}|g;" \ + ${{ env.offerPath }}/test/scripts/verify-webapp-deployment.sh + + - name: Add ip address to security rule to access the wls machine + id: add-ip-to-security-rule-105 + run: | + echo "query existing source address prefixes" + attempt=0 + toCreateRule105=false + while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-105"` && $attempt -le 5 ]] + do + if [ $attempt -eq 5 ]; then + toCreateRule105=true + fi + echo "network security group rule NRMS-Rule-105 is not ready" + sleep 1m + attempt=$((attempt + 1)) + done + if [ $toCreateRule105 == true ]; then + az network nsg rule create --name NRMS-Rule-105 \ + --nsg-name ${nsg} \ + --priority 102 \ + --resource-group $resourceGroup \ + --access Allow \ + --destination-address-prefixes "*" \ + --destination-port-ranges 1433 1434 3306 4333 5432 6379 7000 7199 9042 9160 9300 16379 26379 27017 \ + --direction Inbound \ + --protocol Tcp \ + --source-address-prefixes $myIP + else + az network nsg rule update \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name NRMS-Rule-105 \ + --destination-port-ranges 1433 1434 3306 4333 5432 6379 7000 7199 9042 9160 9300 16379 26379 27017 + fi + + - name: Restart wls VM + id: restart-wls-admin-vm + run: | + echo "restart vm to make sure security rule work." + az vm restart -g $resourceGroup -n $adminVMName + + # Fix failure that caused by remote server closed. + - name: Restart remote SSH agent + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Deploy WebLogicCafe app using WebLogic Management Services + id: deploy-webapp + run: | + echo "Deploy WebLogic Cafe to server" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${adminVMDNS} 7001 + bash ${{ env.offerPath }}/test/scripts/deploy-webapp.sh + + - name: Verify WebLogicCafe app is successfully deployed + id: verify-webapp-deployment + run: | + echo "Verify WebLogicCafe app is successfully deployed" + bash ${{ env.offerPath }}/test/scripts/verify-webapp-deployment.sh + + - name: Set up ELK by deploying sub template + id: enable-elk + if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} + run: | + # Generate parameters for ELK template deployment + bash ${{ env.offerPath }}/test/scripts/gen-parameters-deploy-elk.sh \ + <<< "${{ env.offerPath }}/test/scripts/parameters-deploy-elk.json \ + ${{ env.adminVMName }} \ + ${{ env.elkPassword }} \ + ${{ env.elkURI }} \ + ${{ env.elkUser }} \ + ${{ env.location }} \ + ${{ env.numberOfInstances }} \ + ${{ env.wlsDomainName }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }} \ + ${{ github.run_id }}${{ github.run_number }}" + + echo "Deploy ELK Template..." + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name elk \ + --parameters @${{ env.offerPath }}/test/scripts/parameters-deploy-elk.json \ + --template-file ${artifactName}/nestedtemplates/elkNestedTemplate.json + + - name: Get storage account name + id: query-storage-account-name + run: | + echo "query storage account name" + storageAccount=$(az resource list -g $resourceGroup --resource-type Microsoft.Storage/storageAccounts --query [0].name -o tsv) + echo "Storage account name: ${storageAccount}" + echo "storageAccount=${storageAccount}" >> $GITHUB_ENV + + - name: Set up Coherence by deploying sub template + id: enable-coherence + run: | + # Generate parameters for Coherence template deployment + bash ${{ env.offerPath }}/test/scripts/gen-parameters-deploy-coherence.sh \ + <<< "${{ env.offerPath }}/test/scripts/parameters-deploy-coherence.json \ + ${{ env.adminVMName }} \ + ${{ env.wlsPassword }} \ + ${{ matrix.images }} \ + ${{ env.location }} \ + ${storageAccount} \ + ${{ env.wlsDomainName }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }}" + + echo "Deploy Coherence Template..." + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name coherence \ + --parameters @${{ env.offerPath }}/test/scripts/parameters-deploy-coherence.json \ + --template-file ${artifactName}/nestedtemplates/coherenceTemplate.json + + - name: Output addnode artifact name + id: artifact_file_addnode + run: | + addnodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/addnode/pom.xml) + artifactNameOfAddnode=${{ env.offerName }}-addnode-$addnodeVersion-arm-assembly + echo "artifactNameOfAddnode=${artifactNameOfAddnode}" >> $GITHUB_ENV + echo "##[set-output name=artifactNameOfAddnode;]${artifactNameOfAddnode}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file_addnode.outputs.artifactNameOfAddnode}} + + - name: Add new nodes to existing cluster + id: add-node + run: | + echo "add two new nodes and enable app gateway" + echo "generate add-node parameters" + bash ${{ env.offerPath }}/test/scripts/gen-parameters-deploy-addnode.sh \ + <<< "${{ env.offerPath }}/test/scripts/parameters-deploy-addnode.json \ + ${{ env.wlsPassword }} \ + ${{ env.adminVMName }}:${adminConsolePort} \ + weblogic \ + ${{ env.numberOfInstances }} \ + ${{ matrix.images }} \ + ${storageAccount} \ + ${{ env.wlsDomainName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }}" + echo "deploy add-node template to create new nodes" + az group deployment validate \ + -g ${resourceGroup} \ + -f ${artifactNameOfAddnode}/mainTemplate.json \ + -p @${{ env.offerPath }}/test/scripts/parameters-deploy-addnode.json \ + --no-prompt + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name addnode \ + --parameters @${{ env.offerPath }}/test/scripts/parameters-deploy-addnode.json \ + --template-file ${artifactNameOfAddnode}/mainTemplate.json + - name: Verify new nodes + id: verify-new-nodes + run: | + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) + if [ -z "$mspVM2" ]; then + echo "Add-node failure: new machine ${{ env.managedServerPrefix }}VM2 does not exist." + exit 1 + fi + + - name: Output addnode-coherence artifact name + id: artifact_file_addnode_coherence + run: | + addnodeCoherenceVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/addnode-coherence/pom.xml) + artifactNameOfAddnodeCo=${{ env.offerName }}-addnode-coherence-$addnodeCoherenceVersion-arm-assembly + echo "artifactNameOfAddnodeCo=${artifactNameOfAddnodeCo}" >> $GITHUB_ENV + echo "##[set-output name=artifactNameOfAddnodeCo;]${artifactNameOfAddnodeCo}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file_addnode_coherence.outputs.artifactNameOfAddnodeCo}} + + - name: Add new cache node to coherence cluster + id: add-node-coherence + run: | + echo "add new cache server" + echo "generate parameters" + bash ${{ env.offerPath }}/test/scripts/gen-parameters-deploy-addnode-coherence.sh \ + <<< "${{ env.offerPath }}/test/scripts/parameters-deploy-addnode-coherence.json \ + ${{ env.wlsPassword }} \ + ${{ env.adminVMName }} \ + weblogic \ + 1 \ + ${{ matrix.images }} \ + ${storageAccount} \ + ${{ env.wlsDomainName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }}" + echo "deploy add-node template to create new nodes" + az group deployment validate \ + -g ${resourceGroup} \ + -f ${artifactNameOfAddnodeCo}/mainTemplate.json \ + -p @${{ env.offerPath }}/test/scripts/parameters-deploy-addnode-coherence.json \ + --no-prompt + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name addnode \ + --parameters @${{ env.offerPath }}/test/scripts/parameters-deploy-addnode-coherence.json \ + --template-file ${artifactNameOfAddnodeCo}/mainTemplate.json + - name: Verify new nodes + id: verify-new-nodes-coherence + run: | + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}StorageVM2 --query [0].name -o tsv) + if [ -z "$mspVM2" ]; then + echo "Add-node failure: new machine ${{ env.managedServerPrefix }}StorageVM2 does not exist." + exit 1 + fi + + - name: Output delete-node artifact name + id: artifact_file_deletenode + run: | + deleteNodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerPath }}/deletenode/pom.xml) + artifactNameOfDeleteNode=${{ env.offerName }}-deletenode-$deleteNodeVersion-arm-assembly + echo "artifactNameOfDeleteNode=${artifactNameOfDeleteNode}" >> $GITHUB_ENV + echo "##[set-output name=artifactNameOfDeleteNode;]${artifactNameOfDeleteNode}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file_deletenode.outputs.artifactNameOfDeleteNode}} + - name: Delete nodes from existing cluster + id: delete-node + run: | + echo "generate delete-node parameters" + bash ${{ env.offerPath }}/test/scripts/gen-parameters-deploy-deletenode.sh \ + <<< "${{ env.offerPath }}/test/scripts/parameters-deploy-deletenode.json \ + ${{ env.adminVMName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }}" + echo "Run deletenode-cli.sh to remove nodes" + chmod ugo+x ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh + ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh \ + -g ${resourceGroup} \ + -f ${artifactNameOfDeleteNode}/mainTemplate.json \ + -p ${{ env.offerPath }}/test/scripts/parameters-deploy-deletenode.json \ + -s + - name: Verify deleted nodes + id: verify-deleted-nodes + run: | + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) + count=0 + while [[ -n "$mspVM2" && $count -lt 10 ]]; + do + echo "waiting for $mspVM2 deleted..." + sleep 1m + count=$((count+1)) + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) + if [ -z "$mspVM2" ]; then + break; + fi + done + + if [ -n "$mspVM2" ]; then + echo "Delete-node failure: machine ${{ env.managedServerPrefix }}VM2 is not removed." + exit 1 + fi + + # - name: Delete Resource Group + # id: delete-resource-group + # if: always() + # run: | + # echo "delete... " $resourceGroup + # az group delete --yes --no-wait --verbose --name $resourceGroup + - name: Delete ELK index + id: delete-elk-index + if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} + run: | + curl -XDELETE --user ${{ env.elkUser }}:${{ env.elkPassword }} ${{ env.elkURI }}/azure-weblogic-cluster-${{ github.run_id }}${{ github.run_number }} + + cleanup-github-resoruce: + needs: deploy-weblogic-cluster + if: success() + runs-on: ubuntu-latest + steps: + - name: Checkout ${{ env.repoName }} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{ env.repoName }} + - name: Delete testing branch + run: | + cd ${{ env.repoName }} + git push https://$gitToken@github.com/$GITHUB_REPOSITORY.git -f --delete $testbranchName + + cleanup-az-resource: + if: always() + needs: deploy-weblogic-cluster + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Delete DB Resource Group + id: delete-db-resource-group + run: | + echo "delete... " $resourceGroup + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDependency }} + + summary: + needs: deploy-weblogic-cluster + if: always() + runs-on: ubuntu-latest + steps: + - name: summarize jobs + if: ${{ github.repository_owner == 'wls-eng' }} + run: | + workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${GITHUB_REPOSITORY}/actions/runs/${{ github.run_id }}/jobs) + critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-cluster."))) | length') + echo "$critical_job_num" + succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-cluster."))) | length') + echo "$succeed_critical_job_num" + failed_job_num="$(($critical_job_num-$succeed_critical_job_num))" + echo $failed_job_num + if (($failed_job_num >= 2));then + echo "too many jobs failed, send notification to Teams" + curl ${{ secrets.MSTEAMS_WEBHOOK }} \ + -H 'Content-Type: application/json' \ + --data-binary @- << EOF + { + "@context":"http://schema.org/extensions", + "@type":"MessageCard", + "text":"$failed_job_num jobs failed in Configured Cluster Offer's workflow, please take a look at: https://github.com/${GITHUB_REPOSITORY}/actions/runs/${{ github.run_id }}" + } + EOF + fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml index 08f42daae..ed84222eb 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml index ae712bb1c..d6cc8a0f3 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index e4311818c..662c5793d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml index 1a1a99e71..452b0ae60 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json index 3ce5476e7..7caab00e4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/arm/mainTemplate.json @@ -69,7 +69,7 @@ "variables": { "const_wlsAdminPort": "7001", "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", - "const_outputCliCommand0": "[concat('export resourceGroup=', resourceGroup().name,';', 'export deleteingIDs=\"\";export managedServerMachineNames=$(echo ',array.join(parameters('deletingManagedServerMachineNames')),' | tr \",\" \"\\n\");','az extension add --name resource-graph;','for machine in $managedServerMachineNames;do vmId=$(az graph query -q \"Resources | where type =~ ','\\','\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project vmid = id\" -o tsv); nicId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | extend nics=array_length(properties.networkProfile.networkInterfaces) | mv-expand nic=properties.networkProfile.networkInterfaces | where nics == 1 or nic.properties.primary =~ \\\"true\\\" or isempty(nic) | project nicId = tostring(nic.id)\" -o tsv);ipId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.network/networkinterfaces\\\" | where id=~ \\\"${nicId}\\\" | extend ipConfigsCount=array_length(properties.ipConfigurations) | mv-expand ipconfig=properties.ipConfigurations | where ipConfigsCount == 1 or ipconfig.properties.primary =~ \\\"true\\\" | project publicIpId = tostring(ipconfig.properties.publicIPAddress.id)\" -o tsv);osDiskId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project osDiskId = tostring(properties.storageProfile.osDisk.managedDisk.id)\" -o tsv);dataDiskIds=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | mv-expand datadisk=properties.storageProfile.dataDisks | project datadisk.managedDisk.id\" -o tsv);deleteingIDs=$(echo $deleteingIDs ${vmId} ${nicId} ${ipId} ${osDiskId} ${dataDiskIds});done;echo \"List resource Ids to be deleted: \";echo ${deleteingIDs} | tr \" \" \"\\n\";echo -n \"Are you sure to delete these resources (y/n)?\";read answer;if [[ \"$answer\" != \"${answer#[Yy]}\" && -n \"${deleteingIDs}\" ]]; then echo \"Deleting managed resources...Please do not stop.\";az resource delete --verbose --ids ${deleteingIDs};fi')]", + "const_outputCliCommand0": "[concat('export resourceGroup=', resourceGroup().name,';', 'export deleteingIDs=\"\";export managedServerMachineNames=$(echo ',array.join(parameters('deletingManagedServerMachineNames')),' | tr \",\" \"\\n\");','az extension add --name resource-graph;','for machine in $managedServerMachineNames;do vmId=$(az graph query -q \"Resources | where type =~ ','\\','\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project vmid = tolower(id)\" --query data[0].vmid -o tsv); nicId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | extend nics=array_length(properties.networkProfile.networkInterfaces) | mv-expand nic=properties.networkProfile.networkInterfaces | where nics == 1 or nic.properties.primary =~ \\\"true\\\" or isempty(nic) | project nicId = tostring(nic.id)\" --query data[0].nicId -o tsv);ipId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.network/networkinterfaces\\\" | where id=~ \\\"${nicId}\\\" | extend ipConfigsCount=array_length(properties.ipConfigurations) | mv-expand ipconfig=properties.ipConfigurations | where ipConfigsCount == 1 or ipconfig.properties.primary =~ \\\"true\\\" | project publicIpId = tostring(ipconfig.properties.publicIPAddress.id)\" --query data[0].publicIpId -o tsv);osDiskId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project osDiskId = tostring(properties.storageProfile.osDisk.managedDisk.id)\" --query data[0].osDiskId -o tsv);deleteingIDs=$(echo $deleteingIDs ${vmId} ${nicId} ${ipId} ${osDiskId});done;echo \"List resource Ids to be deleted: \";echo ${deleteingIDs} | tr \" \" \"\\n\";echo -n \"Are you sure to delete these resources (y/n)?\";read answer;if [[ \"$answer\" != \"${answer#[Yy]}\" && -n \"${deleteingIDs}\" ]]; then echo \"Deleting managed resources...Please do not stop.\";az resource delete --verbose --ids ${deleteingIDs};fi')]", "const_outputCliCommands": "[concat(variables('const_outputCliCommand0'), ';','echo \"Check if application gateway has deployed...\"; appGateway=$(az resource list -g ${resourceGroup} -n myAppGateway --resource-type Microsoft.Network/applicationGateways | grep \"myAppGateway\");if [ -n \"${appGateway}\" ];then for machine in $managedServerMachineNames;do backendAddresses=$(az network application-gateway address-pool list -g ${resourceGroup} --gateway-name myAppGateway --query [0].backendAddresses | grep \"fqdn\"); if [ $? == 0 ]; then beAddArr=$(echo \"$backendAddresses\" | sed \"s/ //g\" | tr \",\" \"\\n\");index=0;len=0;for item in $beAddArr;do ret=$(echo $item | grep \"$machine\");if [ -z \"$ret\" ];then index=$((index+1));len=$((len+1)); else len=$((len+1));break; fi done; if [[ ${index} -lt ${len} ]]; then echo \"Removing $machine from application gateway, please do not stop.\"; az network application-gateway address-pool update -g ${resourceGroup} --gateway-name myAppGateway --name myGatewayBackendPool --remove backendAddresses ${index};fi;fi; done; fi')]", "name_scriptDeleteNode": "deletenode.sh" }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/data/parameters-test.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/data/parameters-test.json index 29c7c0238..39a8a494c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/data/parameters-test.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/data/parameters-test.json @@ -39,7 +39,7 @@ "value": "#skuUrnVersion#" }, "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/#gitUserName#/arm-oraclelinux-wls-cluster/#testbranchName#/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/#repoPath#/#testbranchName#/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" } } } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad-ag.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad-ag.sh index 2f0fa0410..37c40e24f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad-ag.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad-ag.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for AAD and appgeateway testing. #read arguments from stdin -read parametersPath githubUserName testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName +read parametersPath repoPath testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad.sh index 20b12e72b..db5eedecc 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-aad.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for AAD testing. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-ag.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-ag.sh index 485570dc0..0a6025d5b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-ag.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-ag.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for Appgateway testing. #read arguments from stdin -read parametersPath githubUserName testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName +read parametersPath repoPath testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-coherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-coherence.sh index 17e5ebb7c..07344b18a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-coherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-coherence.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for coherence testing. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat <${parametersPath} { @@ -14,7 +14,7 @@ cat <${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad-ag.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad-ag.sh index 42a4703ee..cea13e849 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad-ag.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad-ag.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for database datasource, AAD and Appgateway testing. #read arguments from stdin -read parametersPath githubUserName testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName +read parametersPath repoPath testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad.sh index cb8e77dc9..afc89061c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-aad.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for database datasource and AAD testing. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-ag.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-ag.sh index d3ea23c73..ebc43be18 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-ag.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db-ag.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for database datasource and Appgateway testing. #read arguments from stdin -read parametersPath githubUserName testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName +read parametersPath repoPath testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db.sh index 0d2219a91..ac3189605 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-db.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for database datasource testing. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh index 1d1db3bb3..b3f521dcb 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters with value for deploying addnode template #read arguments from stdin -read parametersPath adminPasswordOrKey adminVMName adminUsername numberOfExistingCacheNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword gitUserName testbranchName managedServerPrefix +read parametersPath adminPasswordOrKey adminVMName adminUsername numberOfExistingCacheNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword repoPath testbranchName managedServerPrefix cat < ${parametersPath} { @@ -47,7 +47,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/addnode-coherence/src/main/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/src/main/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode.sh index 8fcfaa3f3..d1786ac72 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-addnode.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters with value for deploying addnode template #read arguments from stdin -read parametersPath adminPasswordOrKey adminURL adminUsername numberOfExistingNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword gitUserName testbranchName managedServerPrefix +read parametersPath adminPasswordOrKey adminURL adminUsername numberOfExistingNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword repoPath testbranchName managedServerPrefix # do not include admin node. numberOfExistingNodes=$((numberOfExistingNodes - 1)) @@ -53,7 +53,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/addnode/src/main/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-agw.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-agw.sh index 4c4f9d006..54324a9cf 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-agw.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-agw.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for Appgateway testing. #read arguments from stdin -read parametersPath githubUserName testbranchName adminVMName appGatewaySSLCertificateData appGatewaySSLCertificatePassword numberOfInstances location wlsPassword wlsUserName wlsDomainName managedServerPrefix +read parametersPath repoPath testbranchName adminVMName appGatewaySSLCertificateData appGatewaySSLCertificatePassword numberOfInstances location wlsPassword wlsUserName wlsDomainName managedServerPrefix cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "adminVMName": { "value": "${adminVMName}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-coherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-coherence.sh index 1f33c2df6..404be466c 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-coherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-coherence.sh @@ -6,7 +6,7 @@ # This script is to generate parameters with value for deploying coherence template independently. #read arguments from stdin -read parametersPath adminVMName adminPasswordOrKey skuUrnVersion location storageAccountName wlsDomainName wlsusername wlspassword gitUserName testbranchName managedServerPrefix +read parametersPath adminVMName adminPasswordOrKey skuUrnVersion location storageAccountName wlsDomainName wlsusername wlspassword repoPath testbranchName managedServerPrefix cat < ${parametersPath} { @@ -44,7 +44,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-db.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-db.sh index 8c0e60eac..6ff6e8b5a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-db.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-db.sh @@ -6,7 +6,7 @@ # Generate parameters with value for deploying db template independently #read arguments from stdin -read parametersPath adminVMName dbPassword dbName location wlsusername wlspassword gitUserName testbranchName +read parametersPath adminVMName dbPassword dbName location wlsusername wlspassword repoPath testbranchName cat < ${parametersPath}/parameters-deploy-db.json { @@ -38,7 +38,7 @@ cat < ${parametersPath}/parameters-deploy-db.json "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, } EOF diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-deletenode.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-deletenode.sh index fabf25ad1..92526df4e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-deletenode.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-deletenode.sh @@ -6,7 +6,7 @@ # Generate parameters with value for deploying delete-node template. #read arguments from stdin -read parametersPath adminVMName location wlsusername wlspassword gitUserName testbranchName managedServerPrefix +read parametersPath adminVMName location wlsusername wlspassword repoPath testbranchName managedServerPrefix cat < ${parametersPath} { @@ -29,7 +29,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/deletenode/src/main/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/src/main/" } } EOF diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-elk.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-elk.sh index bb6f5e0da..1154e80ab 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-elk.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-deploy-elk.sh @@ -6,7 +6,7 @@ # Generate parameters with value for deploying elk template independently. #read arguments from stdin -read parametersPath adminVMName elasticsearchPassword elasticsearchURI elasticsearchUserName location numberOfInstances wlsDomainName wlsusername wlspassword gitUserName testbranchName managedServerPrefix guidValue +read parametersPath adminVMName elasticsearchPassword elasticsearchURI elasticsearchUserName location numberOfInstances wlsDomainName wlsusername wlspassword repoPath testbranchName managedServerPrefix guidValue numberOfInstances=$((numberOfInstances-1)) @@ -43,7 +43,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-elk.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-elk.sh index 69f57c1e6..d3efbf4ea 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-elk.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters-elk.sh @@ -6,7 +6,7 @@ # This script is to generate test parameters for ELK testing. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat <${parametersPath} { @@ -14,7 +14,7 @@ cat <${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters.sh index 90d8fdfd8..21ac4c371 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/gen-parameters.sh @@ -6,7 +6,7 @@ # This script is to generate general test parameters for testing. #read arguments from stdin -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -14,7 +14,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-cluster/${testbranchName}/arm-oraclelinux-wls-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-deployments.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-deployments.sh index 9b523eac1..3dadbf8cf 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-deployments.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-deployments.sh @@ -6,7 +6,7 @@ # This scipt is to deploy the Azure deployments based on test parameters created. #read arguments from stdin -read prefix location template githubUserName testbranchName scriptsDir +read prefix location template repoPath testbranchName scriptsDir groupName=${prefix}-preflight keyVaultName=keyvault${prefix} @@ -28,46 +28,46 @@ az keyvault secret set --vault-name ${keyVaultName} -n ${certPasswordName} --val # generate parameters for testing differnt cases parametersList=() # parameters for cluster -bash ${scriptsDir}/gen-parameters.sh <<< "${scriptsDir}/parameters.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters.sh <<< "${scriptsDir}/parameters.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters.json) # parameters for cluster+db -bash ${scriptsDir}/gen-parameters-db.sh <<< "${scriptsDir}/parameters-db.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-db.sh <<< "${scriptsDir}/parameters-db.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-db.json) # parameters for cluster+aad -bash ${scriptsDir}/gen-parameters-aad.sh <<< "${scriptsDir}/parameters-aad.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-aad.sh <<< "${scriptsDir}/parameters-aad.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-aad.json) # parameters for cluster+coherence -bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-coherence.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-coherence.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-coherence.json) # parameters for cluster+elk -bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-elk.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-elk.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-elk.json) # parameters for cluster+db+aad -bash ${scriptsDir}/gen-parameters-db-aad.sh <<< "${scriptsDir}/parameters-db-aad.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-db-aad.sh <<< "${scriptsDir}/parameters-db-aad.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-db-aad.json) # parameters for cluster+ag -bash ${scriptsDir}/gen-parameters-ag.sh <<< "${scriptsDir}/parameters-ag.json $githubUserName $testbranchName \ +bash ${scriptsDir}/gen-parameters-ag.sh <<< "${scriptsDir}/parameters-ag.json $repoPath $testbranchName \ ${keyVaultName} ${groupName} ${certDataName} ${certPasswordName}" parametersList+=(${scriptsDir}/parameters-ag.json) # parameters for cluster+db+ag -bash ${scriptsDir}/gen-parameters-db-ag.sh <<< "${scriptsDir}/parameters-db-ag.json $githubUserName $testbranchName \ +bash ${scriptsDir}/gen-parameters-db-ag.sh <<< "${scriptsDir}/parameters-db-ag.json $repoPath $testbranchName \ ${keyVaultName} ${groupName} ${certDataName} ${certPasswordName}" parametersList+=(${scriptsDir}/parameters-db-ag.json) # parameters for cluster+aad+ag -bash ${scriptsDir}/gen-parameters-aad-ag.sh <<< "${scriptsDir}/parameters-aad-ag.json $githubUserName $testbranchName \ +bash ${scriptsDir}/gen-parameters-aad-ag.sh <<< "${scriptsDir}/parameters-aad-ag.json $repoPath $testbranchName \ ${keyVaultName} ${groupName} ${certDataName} ${certPasswordName}" parametersList+=(${scriptsDir}/parameters-aad-ag.json) # parameters for cluster+db+aad+ag -bash ${scriptsDir}/gen-parameters-db-aad-ag.sh <<< "${scriptsDir}/parameters-db-aad-ag.json $githubUserName $testbranchName \ +bash ${scriptsDir}/gen-parameters-db-aad-ag.sh <<< "${scriptsDir}/parameters-db-aad-ag.json $repoPath $testbranchName \ ${keyVaultName} ${groupName} ${certDataName} ${certPasswordName}" parametersList+=(${scriptsDir}/parameters-db-aad-ag.json) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-servers-lifecycle.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-servers-lifecycle.sh index ddd61c149..5652faeaf 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-servers-lifecycle.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-servers-lifecycle.sh @@ -29,7 +29,7 @@ for managedServer in $managedServers do echo "Verifying managed server : $managedServer" isSuccess=false - maxAttempt=3 + maxAttempt=10 attempt=1 while [ $attempt -le $maxAttempt ] do From 2239a892eb7eb9c55b492644867ea2f1c93b6930 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 10 Nov 2021 17:34:49 +0800 Subject: [PATCH 102/720] Re-activate pipeline for dynamic cluster offer Signed-off-by: galiacheng --- .github/workflows/buildWlsVm4DcArtifact.yml | 78 ++ .github/workflows/testWlsVmDynamicCluster.yml | 786 ++++++++++++++++++ .../addnode-coherence/pom.xml | 2 +- .../addnode/pom.xml | 2 +- .../pom.xml | 2 +- .../deletenode/pom.xml | 6 +- .../deletenode/src/main/arm/mainTemplate.json | 3 +- .../test/scripts/gen-parameters-aad-ag.sh | 4 +- .../test/scripts/gen-parameters-aad.sh | 4 +- .../test/scripts/gen-parameters-coherence.sh | 4 +- .../test/scripts/gen-parameters-db-aad.sh | 4 +- .../test/scripts/gen-parameters-db.sh | 4 +- ...gen-parameters-deploy-addnode-coherence.sh | 4 +- .../scripts/gen-parameters-deploy-addnode.sh | 4 +- .../gen-parameters-deploy-coherence.sh | 4 +- .../test/scripts/gen-parameters-deploy-db.sh | 4 +- .../gen-parameters-deploy-deletenode.sh | 4 +- .../test/scripts/gen-parameters-deploy-elk.sh | 4 +- .../test/scripts/gen-parameters-deploy.sh | 4 +- .../test/scripts/gen-parameters-elk.sh | 4 +- .../test/scripts/gen-parameters.sh | 4 +- .../test/scripts/verify-deployments.sh | 14 +- .../test/scripts/verify-servers-lifecycle.sh | 2 +- 23 files changed, 907 insertions(+), 44 deletions(-) create mode 100644 .github/workflows/buildWlsVm4DcArtifact.yml create mode 100644 .github/workflows/testWlsVmDynamicCluster.yml diff --git a/.github/workflows/buildWlsVm4DcArtifact.yml b/.github/workflows/buildWlsVm4DcArtifact.yml new file mode 100644 index 000000000..2782f3bec --- /dev/null +++ b/.github/workflows/buildWlsVm4DcArtifact.yml @@ -0,0 +1,78 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +# https://oss.oracle.com/licenses/upl/ + +name: Build Dynamic Cluster VM artifact +on: + workflow_dispatch: + inputs: + pidType: + description: 'Specify which pids to use, oracle or microsoft.' + required: true + default: 'microsoft' + ref: + description: 'Specify Git Ref if needed.' + required: false + default: 'refs/heads/main' +env: + refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f + offerName: "arm-oraclelinux-wls-dynamic-cluster" + repoName: "weblogic-azure" + +jobs: + package: + runs-on: ubuntu-latest + steps: + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} + - name: Checkout ${{ env.repoName }} + uses: actions/checkout@v2 + with: + path: ${{ env.repoName }} + ref: ${{ github.event.inputs.ref }} + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + + - name: Build and test ${{ env.offerName }} using ${{ github.event.inputs.pidType }} pids + run: | + cd ${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }} + pidType=${{ github.event.inputs.pidType }} + echo ${pidType} + if [[ "${pidType}" == "oracle" ]];then + echo "using oracle pids" + mvn -Ptemplate-validation-tests clean install + else + echo "using ms pids" + mvn -Ptemplate-validation-tests clean install -Ddev + fi + + - name: Generate artifact file name and path + id: artifact_file + run: | + offerPath=${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }}/${{ env.offerName }} + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/pom.xml) + artifactName=${{ env.offerName }}-$version-arm-assembly + unzip ${offerPath}/target/$artifactName.zip -d ${offerPath}/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}-${{ github.event.inputs.pidType }}" + echo "##[set-output name=artifactPath;]${offerPath}/target/$artifactName" + - name: Archive ${{ env.offerName }} template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} \ No newline at end of file diff --git a/.github/workflows/testWlsVmDynamicCluster.yml b/.github/workflows/testWlsVmDynamicCluster.yml new file mode 100644 index 000000000..5aa2ab930 --- /dev/null +++ b/.github/workflows/testWlsVmDynamicCluster.yml @@ -0,0 +1,786 @@ +#Copyright (c) 2021 Oracle and/or its affiliates. +#Released under the Universal Permissive License v1.0 as shown at +# https://oss.oracle.com/licenses/upl/ + +name: Test Dynamic Cluster on VM +on: + workflow_dispatch: + inputs: + enableELK: + description: 'Specify whether to enable ELK depoyment or not.' + required: true + default: 'false' + # Allows you to run this workflow using GitHub APIs + # PERSONAL_ACCESS_TOKEN= + # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster + # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' + repository_dispatch: + types: [integration-test] + +env: + adminConsolePort: 7001 + adminPassword: ${{ secrets.WLS_PSW }} + adminVMName: adminServerVM + dbName: wlsdb${{ github.run_id }}${{ github.run_number }} + dynamicClusterSize: 1 + elkURI: ${{ secrets.ELK_URI }} + elkUser: ${{ secrets.ELK_USER_NAME }} + elkPassword: ${{ secrets.ELK_PSW }} + gitEmail: ${{ secrets.USER_EMAIL }} + gitToken: ${{ secrets.GIT_TOKEN }} + gitUserName: ${{ secrets.USER_NAME }} + location: eastus + nsg: wls-nsg + managedServerPrefix: managedServer + managedServers: "managedServer1" + managedServerVM: "managedServerVM1" + maxDynamicClusterSize: 2 + offerName: arm-oraclelinux-wls-dynamic-cluster + offerPath: weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster + otnUser: ${{ secrets.OTN_USERID }} + otnPassword: ${{ secrets.OTN_PASSWORD }} + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f + refArmTtk: d97aa57d259e2fc8562e11501b1cf902265129d9 + repoName: weblogic-azure + repoOwner: galiacheng + resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} + resourceGroupPrefix: wls-${{ github.run_id }}-${{ github.run_number }} + testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} + wlsAdminServices: "rngd wls_admin wls_nodemanager" + wlsDomainName: dyClusterDomain + wlsMsServices: "rngd wls_nodemanager" + wlsPassword: ${{ secrets.WLS_PSW }} + wlsUserName: weblogic + +jobs: + preflight: + runs-on: ubuntu-latest + steps: + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmTtk }} + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}} + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + - name: Built and test ${{env.offerName}} + run: mvn -Ptemplate-validation-tests clean install --file ${offerPath}/pom.xml + + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}}-dev + - name: Create a new branch with development pids in nestedtemplates + run: | + current=`pwd` + echo "current=${current}" >> $GITHUB_ENV + offerDevPath=${{ env.repoName }}-dev/weblogic-azure-vm/${{env.offerName}}/${{env.offerName}} + cd ${offerDevPath}/src/main/arm/nestedtemplates + git config --global core.longpaths true + git config --global user.email $gitEmail + git config --global user.name $gitUserName + echo "create branch $testbranchName" + git checkout -b $testbranchName + rm -r -f $current/${offerDevPath}/src/main/arm/nestedtemplates/* + cp -r -f $current/${offerPath}/${{ env.offerName }}/target/arm/nestedtemplates/* $current/${offerDevPath}/src/main/arm/nestedtemplates/ + git status + git commit -a -m "hard code pids" + git push https://$gitToken@github.com/${GITHUB_REPOSITORY}.git -f + + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Validate deployment templates for different combinations of service integration + id: validate-deployment-templates + run: | + bash ${offerPath}/test/scripts/verify-deployments.sh <<< \ + "${{ github.run_id }}${{ github.run_number }} ${location} \ + ${offerPath}/${offerName}/target/arm/mainTemplate.json \ + ${GITHUB_REPOSITORY} ${testbranchName} ${offerPath}/test/scripts" + + - name: Generate artifact file name and path + id: artifact_file + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/${{ env.offerName }}/pom.xml) + artifactName=${{ env.offerName }}-$version-arm-assembly + unzip ${offerPath}/${{ env.offerName }}/target/$artifactName.zip -d ${offerPath}/${{ env.offerName }}/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}" + echo "##[set-output name=artifactPath;]${offerPath}/${{ env.offerName }}/target/$artifactName" + - name: Archive ${{env.offerName}} template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + + - name: Generate addnode artifact file name and path + id: addnode_artifact_file + run: | + addnode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/addnode/pom.xml) + addnode_artifactName=${{ env.offerName }}-addnode-$addnode_version-arm-assembly + unzip ${offerPath}/addnode/target/$addnode_artifactName.zip -d ${offerPath}/addnode/target/$addnode_artifactName + echo "##[set-output name=addnode_artifactName;]${addnode_artifactName}" + echo "##[set-output name=addnode_artifactPath;]${offerPath}/addnode/target/$addnode_artifactName" + - name: Archive ${{env.offerName}} addnode template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.addnode_artifact_file.outputs.addnode_artifactName}} + path: ${{steps.addnode_artifact_file.outputs.addnode_artifactPath}} + + - name: Generate delete node artifact file name and path + id: deletenode_artifact_file + run: | + deletenode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/deletenode/pom.xml) + deletenode_artifactName=${{ env.offerName }}-deletenode-$deletenode_version-arm-assembly + unzip ${offerPath}/deletenode/target/$deletenode_artifactName.zip -d ${offerPath}/deletenode/target/$deletenode_artifactName + echo "##[set-output name=deletenode_artifactName;]${deletenode_artifactName}" + echo "##[set-output name=deletenode_artifactPath;]${offerPath}/deletenode/target/$deletenode_artifactName" + + - name: Archive ${{env.offerName}} deletenode template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactName}} + path: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactPath}} + + - name: Generate addnode-coherence artifact file name and path + id: addnode_coherence_artifact_file + run: | + addnode_coherence_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/addnode-coherence/pom.xml) + addnode_coherence_artifactName=${{ env.offerName }}-addnode-coherence-$addnode_coherence_version-arm-assembly + unzip ${offerPath}/addnode-coherence/target/$addnode_coherence_artifactName.zip -d ${offerPath}/addnode-coherence/target/$addnode_coherence_artifactName + echo "##[set-output name=addnode_coherence_artifactName;]${addnode_coherence_artifactName}" + echo "##[set-output name=addnode_coherence_artifactPath;]${offerPath}/addnode-coherence/target/$addnode_coherence_artifactName" + + - name: Archive ${{env.offerName}} addnode-coherence template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactName}} + path: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactPath}} + + deploy-dependencies: + needs: preflight + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Create Resource Group + id: create-resource-group + run: | + echo "create resource group" ${{ env.resourceGroupForDependency }} + az group create --verbose --name ${{ env.resourceGroupForDependency }} --location ${location} + + - name: Set Up Azure Postgresql to Test dbTemplate + id: setup-postgresql + run: | + echo "Deploy DB with name " ${{ env.dbName }} + az postgres server create \ + --resource-group ${{ env.resourceGroupForDependency }} \ + --name ${{ env.dbName }} \ + --location ${location} \ + --admin-user weblogic \ + --ssl-enforcement Enabled \ + --public-network-access Enabled \ + --admin-password ${{ env.wlsPassword }} \ + --sku-name B_Gen5_1 + + echo "Allow Access To Azure Services" + az postgres server firewall-rule create \ + -g ${{ env.resourceGroupForDependency }} \ + -s ${{ env.dbName }} \ + -n "AllowAllWindowsAzureIps" \ + --start-ip-address "0.0.0.0" \ + --end-ip-address "0.0.0.0" + + deploy-weblogic-cluster: + needs: preflight + runs-on: ubuntu-latest + strategy: + max-parallel: 1 + fail-fast: false + matrix: + images: + [ + "owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest", + "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", + "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", + "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", + "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", + "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest", + "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest", + "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" + ] + steps: + - name: Checkout ${{env.repoOwner}}/${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{env.repoOwner}}/${{env.repoName}} + path: ${{env.repoName}} + - name: Get version information from ${{env.offerName}}/pom.xml + id: version + run: | + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/${offerName}/pom.xml) + echo "version=${version}" >> $GITHUB_ENV + - name: Output artifact name for Download action + id: artifact_file + run: | + artifactName=${offerName}-$version-arm-assembly + echo "artifactName=${artifactName}" >> $GITHUB_ENV + echo "##[set-output name=artifactName;]${artifactName}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file.outputs.artifactName}} + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Get Image SKU + id: image-sku + run: | + imageUrn="${{ matrix.images }}" + sku=${imageUrn%%;*} + echo "sku=${sku}" >> $GITHUB_ENV + echo ${resourceGroupPrefix} + resourceGroup=$(echo "${resourceGroupPrefix}-${sku}" | sed "s/_//g") + echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV + - name: Create Resource Group + id: create-resource-group + run: | + echo "create resource group" $resourceGroup + az group create --verbose --name $resourceGroup --location ${location} + + - name: Prepare deployed parameters and test script + id: prepare-deployed-parameters-and-test-script + run: | + imageUrn="${{ matrix.images }}" + sed -i "s/#adminPasswordOrKey#/$wlsPassword/g" \ + ${offerPath}/test/scripts/verify-wls-path.sh + sed -i "s/#adminVMName#/$adminVMName/g; \ + s/#adminPasswordOrKey#/$wlsPassword/g; \ + s/#managedServers#/$managedServers/g; \ + s/#wlsUserName#/$wlsUserName/g; \ + s/#wlspassword#/$wlsPassword/g" \ + ${offerPath}/test/scripts/verify-servers-lifecycle.sh + + echo "Generate deployment parameters..." + bash ${offerPath}/test/scripts/gen-parameters-deploy.sh <<< \ + "${offerPath}/test/scripts/parameters-test.json \ + $location \ + $wlsPassword \ + $wlsDomainName \ + $wlsUserName \ + $wlsPassword \ + $managedServerPrefix \ + $maxDynamicClusterSize \ + $dynamicClusterSize \ + $adminVMName \ + $imageUrn \ + $testbranchName \ + $GITHUB_REPOSITORY" + + - name: Accept Image Terms + id: accept-terms + run: | + echo "accept terms for " "${{ matrix.images }}" + rawUrn="${{ matrix.images }}" + publisherAndName=$(echo ${rawUrn} | grep -o ";.*:" | sed "s/;//g") + imageVersion=${rawUrn##*;} + az vm image terms accept --urn ${publisherAndName}${sku}:${imageVersion} + + - name: Deploy WebLogic Server Dynamic Cluster Domain offer + id: deploy-wls-dycluster + run: | + az deployment group create \ + --verbose \ + --resource-group $resourceGroup \ + --name wls-dycluster-node \ + --parameters @${offerPath}/test/scripts/parameters-test.json \ + --template-file ${artifactName}/mainTemplate.json + + - name: Verify Network Security Group + id: verify-nsg + run: | + echo "query nsg name, will exit with error if nsg does not exist." + az network nsg show -g $resourceGroup -n ${nsg} --query "name" + + - name: Get IP of build machine + id: get-ip-address + run: | + myIP=$(dig @ns1.google.com TXT o-o.myaddr.l.google.com +short | tr -d "\"") + echo "myIP=${myIP}" >> $GITHUB_ENV + + - name: Add ip address to security rule to access the wls machine + id: add-ip-to-security-rule + run: | + echo "query existing source address prefixes" + attempt=0 + toCreateRule101=false + while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-101"` && $attempt -le 5 ]] + do + if [ $attempt -eq 5 ]; then + toCreateRule101=true + fi + echo "network security group rule NRMS-Rule-101 is not ready" + sleep 1m + attempt=$((attempt + 1)) + done + if [ $toCreateRule101 == true ]; then + az network nsg rule create --name NRMS-Rule-101 \ + --nsg-name ${nsg} \ + --priority 101 \ + --resource-group $resourceGroup \ + --access Allow \ + --destination-address-prefixes "*" \ + --destination-port-ranges 22 43 ${adminConsolePort} \ + --direction Inbound \ + --protocol Tcp \ + --source-address-prefixes $myIP + else + sourceAddressPrefixes=$(az network nsg rule show \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name NRMS-Rule-101 \ + --query "sourceAddressPrefixes") + echo "IP of this machine: " ${myIP} + sourceAddressPrefixes=$(echo ${myIP} ${sourceAddressPrefixes} | \ + sed 's/,/ /g; s/\[//g; s/\]//g; s/"//g') + echo ${sourceAddressPrefixes} + az network nsg rule update \ + --resource-group $resourceGroup \ + --nsg-name ${nsg} \ + --name NRMS-Rule-101 \ + --source-address-prefixes $sourceAddressPrefixes \ + --destination-port-ranges 443 22 ${adminConsolePort} + fi + - name: Restart wls VM + id: restart-wls-wm + run: | + echo "restart vm to make sure security rule work." + az vm restart -g $resourceGroup -n $adminVMName + + - name: Query public IP of AdminServer VM + id: query-wls-admin-ip + run: | + echo "query public ip" + publicIP=$(az vm show \ + --resource-group $resourceGroup \ + --name $adminVMName -d \ + --query publicIps -o tsv) + echo "##[set-output name=publicIP;]${publicIP}" + - name: Create environment variable for AdminServer IP + id: env-admin-ip + run: echo "wlsPublicIP=${{steps.query-wls-admin-ip.outputs.publicIP}}" >> $GITHUB_ENV + + - name: Query public IP of managedServerVM1 + id: query-wls-managed-ip + run: | + echo "query public ip" + publicIP=$(az vm show \ + --resource-group $resourceGroup \ + --name $managedServerVM -d \ + --query publicIps -o tsv) + echo "##[set-output name=publicIP;]${publicIP}" + - name: Create environment variable for managedServerVM1 IP + id: env-managedserver-vm1-ip + run: echo "ms1PublicIP=${{steps.query-wls-managed-ip.outputs.publicIP}}" >> $GITHUB_ENV + + - name: Verify WebLogic Server Installation + id: verify-wls + run: | + echo "pubilc IP of wls machine: ${wlsPublicIP}" + echo "Verifying Weblgic server installation" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo install sshpass + sudo apt-get install -y sshpass + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${offerPath}/test/scripts/verify-wls-path.sh + + # Fix failure that caused by remote server closed. + - name: Restart remote SSH agent + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Verify wls admin services + id: veriy-admin-service + run: | + echo "wait for port 22" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo "Verifying WebLogic services at admin server" + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${offerPath}/test/scripts/verify-services.sh $wlsAdminServices + + # Fix failure that caused by remote server closed. + - name: Restart remote SSH agent + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Verify wls managed server services + id: veriy-msservice + run: | + echo "wait for port 22" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo "Verifying WebLogic services at managed server" + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${ms1PublicIP} 'bash -s' < ${offerPath}/test/scripts/verify-services.sh $wlsMsServices + + - name: Verify WebLogic Server Access + id: verify-wls-access + run: | + echo "Verifying Weblogic Server Access" + bash ${offerPath}/test/scripts/verify-wls-access.sh <<< "$wlsPublicIP ${adminConsolePort} $wlsUserName $wlsPassword $managedServers" + + # Fix failure that caused by remote server closed. + - name: Restart remote SSH agent + run: | + echo "Restart remote SSH agent" + az vm user reset-ssh \ + --resource-group $resourceGroup \ + --name ${{ env.adminVMName }} + + - name: Verify WebLogic Managed Server LifeCycle check + id: verify-server-lifecycle + run: | + echo "wait for port 22" + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 + echo "Verifying Weblogic managed server lifecycle" + sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${offerPath}/test/scripts/verify-servers-lifecycle.sh + + - name: Deploy DB Template to Connect to Azure Postgresql Database + id: enable-postgresql-db + run: | + # Generate parameters for db template deployment + bash ${offerPath}/test/scripts/gen-parameters-deploy-db.sh <<< \ + "${offerPath}/test/scripts/ \ + ${{ env.adminVMName }} \ + ${{ env.wlsPassword}} \ + ${{ env.dbName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }}" + echo "Deploy DB Template..." + az group deployment create \ + --verbose \ + --resource-group ${resourceGroup} \ + --name db \ + --parameters @${offerPath}/test/scripts/parameters-deploy-db.json \ + --template-file ${artifactName}/nestedtemplates/dbTemplate.json + + - name: Set up ELK by deploying sub template + id: enable-elk + if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} + run: | + # Generate parameters for ELK template deployment + bash ${offerPath}/test/scripts/gen-parameters-deploy-elk.sh <<< \ + "${offerPath}/test/scripts/parameters-deploy-elk.json \ + ${{ env.adminVMName }} \ + ${{ env.elkPassword }} \ + ${{ env.elkURI }} \ + ${{ env.elkUser }} \ + ${{ env.location }} \ + ${{ env.wlsDomainName }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }} \ + ${{ env.maxDynamicClusterSize }} \ + ${{ env.dynamicClusterSize }} \ + ${{ github.run_id }}${{ github.run_number }}" + + echo "Deploy ELK Template..." + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name elk \ + --parameters @${offerPath}/test/scripts/parameters-deploy-elk.json \ + --template-file ${artifactName}/nestedtemplates/elkNestedTemplate.json + + - name: Get storage account name + id: query-storage-account-name + run: | + echo "query storage account name" + storageAccount=$(az resource list -g $resourceGroup --resource-type Microsoft.Storage/storageAccounts --query [0].name -o tsv) + echo "Storage account name: ${storageAccount}" + echo "storageAccount=${storageAccount}" >> $GITHUB_ENV + + - name: Set up Coherence by deploying sub template + id: enable-coherence + run: | + # Generate parameters for Coherence template deployment + bash ${offerPath}/test/scripts/gen-parameters-deploy-coherence.sh <<< \ + "${offerPath}/test/scripts/parameters-deploy-coherence.json \ + ${{ env.adminVMName }} \ + ${{ env.wlsPassword }} \ + ${{ matrix.images }} \ + ${{ env.location }} \ + ${storageAccount} \ + ${{ env.wlsDomainName }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }}" + + echo "Deploy Coherence Template..." + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name coherence \ + --parameters @${offerPath}/test/scripts/parameters-deploy-coherence.json \ + --template-file ${artifactName}/nestedtemplates/coherenceTemplate.json + + - name: Output addnode artifact name + id: artifact_file_addnode + run: | + addnodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/addnode/pom.xml) + artifactNameOfAddnode=${offerName}-addnode-$addnodeVersion-arm-assembly + echo "artifactNameOfAddnode=${artifactNameOfAddnode}" >> $GITHUB_ENV + echo "##[set-output name=artifactNameOfAddnode;]${artifactNameOfAddnode}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file_addnode.outputs.artifactNameOfAddnode}} + + - name: Add new nodes to existing cluster + id: add-node + run: | + echo "add two new nodes" + echo "generate add-node parameters" + bash ${offerPath}/test/scripts/gen-parameters-deploy-addnode.sh <<< \ + "${offerPath}/test/scripts/parameters-deploy-addnode.json \ + ${{ env.wlsPassword }} \ + ${{ env.adminVMName }}:${adminConsolePort} \ + weblogic \ + 1 \ + ${{ matrix.images }} \ + ${storageAccount} \ + ${{ env.wlsDomainName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }} \ + ${{ env.dynamicClusterSize }} \ + ${{ env.maxDynamicClusterSize }}" + + echo "deploy add-node template to create new nodes" + az group deployment validate \ + -g ${resourceGroup} \ + -f ${artifactNameOfAddnode}/mainTemplate.json \ + -p @${offerPath}/test/scripts/parameters-deploy-addnode.json \ + --no-prompt + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name addnode \ + --parameters @${offerPath}/test/scripts/parameters-deploy-addnode.json \ + --template-file ${artifactNameOfAddnode}/mainTemplate.json + - name: Verify new nodes + id: verify-new-nodes + run: | + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) + if [ -z "$mspVM2" ]; then + echo "Add-node failure: new machine ${{ env.managedServerPrefix }}VM2 does not exist." + exit 1 + fi + + - name: Output addnode-coherence artifact name + id: artifact_file_addnode_coherence + run: | + addnodeCoherenceVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/addnode-coherence/pom.xml) + artifactNameOfAddnodeCo=${offerName}-addnode-coherence-$addnodeCoherenceVersion-arm-assembly + echo "artifactNameOfAddnodeCo=${artifactNameOfAddnodeCo}" >> $GITHUB_ENV + echo "##[set-output name=artifactNameOfAddnodeCo;]${artifactNameOfAddnodeCo}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file_addnode_coherence.outputs.artifactNameOfAddnodeCo}} + + - name: Add new cache node to coherence cluster + id: add-node-coherence + run: | + echo "add new cache server" + echo "generate parameters" + bash ${offerPath}/test/scripts/gen-parameters-deploy-addnode-coherence.sh <<< \ + "${offerPath}/test/scripts/parameters-deploy-addnode-coherence.json \ + ${{ env.wlsPassword }} \ + ${{ env.adminVMName }} \ + weblogic \ + 1 \ + ${{ matrix.images }} \ + ${storageAccount} \ + ${{ env.wlsDomainName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }}" + echo "deploy add-node template to create new nodes" + az group deployment validate \ + -g ${resourceGroup} \ + -f ${artifactNameOfAddnodeCo}/mainTemplate.json \ + -p @${offerPath}/test/scripts/parameters-deploy-addnode-coherence.json \ + --no-prompt + az group deployment create \ + --debug \ + --resource-group ${resourceGroup} \ + --name addnode \ + --parameters @${offerPath}/test/scripts/parameters-deploy-addnode-coherence.json \ + --template-file ${artifactNameOfAddnodeCo}/mainTemplate.json + - name: Verify new nodes + id: verify-new-nodes-coherence + run: | + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}StorageVM2 --query [0].name -o tsv) + if [ -z "$mspVM2" ]; then + echo "Add-node failure: new machine ${{ env.managedServerPrefix }}StorageVM2 does not exist." + exit 1 + fi + + - name: Output delete-node artifact name + id: artifact_file_deletenode + run: | + deleteNodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/deletenode/pom.xml) + artifactNameOfDeleteNode=${offerName}-deletenode-$deleteNodeVersion-arm-assembly + echo "artifactNameOfDeleteNode=${artifactNameOfDeleteNode}" >> $GITHUB_ENV + echo "##[set-output name=artifactNameOfDeleteNode;]${artifactNameOfDeleteNode}" + - name: Download artifact for deployment + uses: actions/download-artifact@v1 + with: + name: ${{steps.artifact_file_deletenode.outputs.artifactNameOfDeleteNode}} + - name: Delete nodes from existing cluster + id: delete-node + run: | + echo "generate delete-node parameters" + bash ${offerPath}/test/scripts/gen-parameters-deploy-deletenode.sh <<< \ + "${offerPath}/test/scripts/parameters-deploy-deletenode.json \ + ${{ env.adminVMName }} \ + ${{ env.location }} \ + ${{ env.wlsUserName }} \ + ${{ env.wlsPassword }} \ + ${GITHUB_REPOSITORY} \ + ${{ env.testbranchName }} \ + ${{ env.managedServerPrefix }}" + echo "Run deletenode-cli.sh to remove nodes" + chmod ugo+x ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh + ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh \ + -g ${resourceGroup} \ + -f ${artifactNameOfDeleteNode}/mainTemplate.json \ + -p ${offerPath}/test/scripts/parameters-deploy-deletenode.json \ + -s + - name: Verify deleted nodes + id: verify-deleted-nodes + run: | + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) + count=0 + while [[ -n "$mspVM2" && $count -lt 10 ]]; + do + echo "waiting for $mspVM2 deleted..." + sleep 1m + count=$((count+1)) + mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) + done + if [ -n "$mspVM2" ]; then + echo "Delete-node failure: machine ${{ env.managedServerPrefix }}VM2 is not removed." + exit 1 + fi + + - name: Delete Resource Group + id: delete-resource-group + if: always() + run: | + echo "delete... " $resourceGroup + az group delete --yes --no-wait --verbose --name $resourceGroup + + - name: Delete ELK index + id: delete-elk-index + if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} + run: | + curl -XDELETE --user ${{ env.elkUser }}:${{ env.elkPassword }} ${{ env.elkURI }}/azure-weblogic-dynamic-cluster-${{ github.run_id }}${{ github.run_number }} + + cleanup-github-resource: + needs: deploy-weblogic-cluster + if: always() + runs-on: ubuntu-latest + steps: + - name: Checkout ${{env.repoName}} + uses: actions/checkout@v2 + with: + repository: ${{ env.repoOwner }}/${{env.repoName}} + path: ${{env.repoName}} + - name: Delete testing branch + run: | + cd ${{env.repoName}} + git push https://$gitToken@github.com/${GITHUB_REPOSITORY}.git -f --delete $testbranchName + + cleanup-az-resource: + if: always() + needs: deploy-weblogic-cluster + runs-on: ubuntu-latest + steps: + - uses: azure/login@v1 + id: azure-login + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + - name: Delete DB Resource Group + id: delete-db-resource-group + run: | + echo "delete... " $resourceGroup + az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDependency }} + + summary: + needs: deploy-weblogic-cluster + if: always() + runs-on: ubuntu-latest + steps: + - name: summarize jobs + if: ${{ github.repository_owner == 'wls-eng' }} + run: | + workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/${GITHUB_REPOSITORY}/actions/runs/${{ github.run_id }}/jobs) + critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-cluster."))) | length') + echo "$critical_job_num" + succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-cluster."))) | length') + echo "$succeed_critical_job_num" + failed_job_num="$(($critical_job_num-$succeed_critical_job_num))" + echo $failed_job_num + if (($failed_job_num >= 2));then + echo "too many jobs failed, send notification to Teams" + curl ${{ secrets.MSTEAMS_WEBHOOK }} \ + -H 'Content-Type: application/json' \ + --data-binary @- << EOF + { + "@context":"http://schema.org/extensions", + "@type":"MessageCard", + "text":"$failed_job_num jobs failed in Dynamic Cluster Offer's workflow, please take a look at: https://github.com/${GITHUB_REPOSITORY}/actions/runs/${{ github.run_id }}" + } + EOF + fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml index 6368bab6e..ffc539a09 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml index fa5f9f898..9c837c679 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index 4a45fd9d1..cd6a39da6 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -15,7 +15,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml index 1a1a99e71..1a86dbfca 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml @@ -11,13 +11,13 @@ 4.0.0 com.oracle.weblogic.azure - arm-oraclelinux-wls-cluster-deletenode + arm-oraclelinux-wls-dynamic-cluster-deletenode 1.0.1 com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 @@ -27,7 +27,7 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk - -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/"}' + -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json index b39cca347..e06824bf0 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/arm/mainTemplate.json @@ -77,8 +77,7 @@ "variables": { "const_wlsAdminPort": "7001", "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", - "const_outputCliCommands": "[concat('export resourceGroup=', resourceGroup().name,';', 'export deleteingIDs=\"\";export managedServerMachineNames=$(echo ',array.join(parameters('deletingManagedServerMachineNames')),' | tr \",\" \"\\n\");','az extension add --name resource-graph;','for machine in $managedServerMachineNames;do vmId=$(az graph query -q \"Resources | where type =~ ','\\','\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project vmid = id\" -o tsv); nicId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | extend nics=array_length(properties.networkProfile.networkInterfaces) | mv-expand nic=properties.networkProfile.networkInterfaces | where nics == 1 or nic.properties.primary =~ \\\"true\\\" or isempty(nic) | project nicId = tostring(nic.id)\" -o tsv);ipId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.network/networkinterfaces\\\" | where id=~ \\\"${nicId}\\\" | extend ipConfigsCount=array_length(properties.ipConfigurations) | mv-expand ipconfig=properties.ipConfigurations | where ipConfigsCount == 1 or ipconfig.properties.primary =~ \\\"true\\\" | project publicIpId = tostring(ipconfig.properties.publicIPAddress.id)\" -o tsv);osDiskId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project osDiskId = tostring(properties.storageProfile.osDisk.managedDisk.id)\" -o tsv);dataDiskIds=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | mv-expand datadisk=properties.storageProfile.dataDisks | project datadisk.managedDisk.id\" -o tsv);deleteingIDs=$(echo $deleteingIDs ${vmId} ${nicId} ${ipId} ${osDiskId} ${dataDiskIds});done;echo \"List resource Ids to be deleted: \";echo ${deleteingIDs} | tr \" \" \"\\n\";echo -n \"Are you sure to delete these resources (y/n)?\";read answer;if [[ \"$answer\" != \"${answer#[Yy]}\" && -n \"${deleteingIDs}\" ]]; then echo \"Deleting managed resources...Please do not stop.\";az resource delete --verbose --ids ${deleteingIDs};fi')]", - "name_scriptDeleteNode": "deletenode.sh" + "const_outputCliCommands": "[concat('export resourceGroup=', resourceGroup().name,';', 'export deleteingIDs=\"\";export managedServerMachineNames=$(echo ',array.join(parameters('deletingManagedServerMachineNames')),' | tr \",\" \"\\n\");','az extension add --name resource-graph;','for machine in $managedServerMachineNames;do vmId=$(az graph query -q \"Resources | where type =~ ','\\','\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project vmid = tolower(id)\" --query data[0].vmid -o tsv); nicId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | extend nics=array_length(properties.networkProfile.networkInterfaces) | mv-expand nic=properties.networkProfile.networkInterfaces | where nics == 1 or nic.properties.primary =~ \\\"true\\\" or isempty(nic) | project nicId = tostring(nic.id)\" --query data[0].nicId -o tsv);ipId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.network/networkinterfaces\\\" | where id=~ \\\"${nicId}\\\" | extend ipConfigsCount=array_length(properties.ipConfigurations) | mv-expand ipconfig=properties.ipConfigurations | where ipConfigsCount == 1 or ipconfig.properties.primary =~ \\\"true\\\" | project publicIpId = tostring(ipconfig.properties.publicIPAddress.id)\" --query data[0].publicIpId -o tsv);osDiskId=$(az graph query -q \"Resources | where type =~ \\\"microsoft.compute/virtualmachines\\\" | where name=~ \\\"${machine}\\\" | where resourceGroup =~ \\\"${resourceGroup}\\\" | project osDiskId = tostring(properties.storageProfile.osDisk.managedDisk.id)\" --query data[0].osDiskId -o tsv);deleteingIDs=$(echo $deleteingIDs ${vmId} ${nicId} ${ipId} ${osDiskId});done;echo \"List resource Ids to be deleted: \";echo ${deleteingIDs} | tr \" \" \"\\n\";echo -n \"Are you sure to delete these resources (y/n)?\";read answer;if [[ \"$answer\" != \"${answer#[Yy]}\" && -n \"${deleteingIDs}\" ]]; then echo \"Deleting managed resources...Please do not stop.\";az resource delete --verbose --ids ${deleteingIDs};fi')]", "name_scriptDeleteNode": "deletenode.sh" }, "functions": [ { diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad-ag.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad-ag.sh index d86171b37..6773ab675 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad-ag.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad-ag.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read parametersPath githubUserName testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName +read parametersPath repoPath testbranchName keyVaultName keyVaultResourceGroup keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad.sh index 9460c8b6f..6ede32509 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-aad.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-coherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-coherence.sh index 7a5ccd8b5..f783961eb 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-coherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-coherence.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat <${parametersPath} { @@ -11,7 +11,7 @@ cat <${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db-aad.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db-aad.sh index e221a85f6..e875e9d64 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db-aad.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db-aad.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db.sh index 00a9c2246..4ff1b9ff4 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-db.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh index d33c6d560..aa56e86c2 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh @@ -4,7 +4,7 @@ # #Generate parameters with value for deploying addnode template -read parametersPath adminPasswordOrKey adminVMName adminUsername numberOfExistingCacheNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword gitUserName testbranchName managedServerPrefix +read parametersPath adminPasswordOrKey adminVMName adminUsername numberOfExistingCacheNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword repoPath testbranchName managedServerPrefix cat < ${parametersPath} { @@ -45,7 +45,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/addnode-coherence/src/main/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/src/main/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode.sh index 33aac06b2..7ecd81abc 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode.sh @@ -4,7 +4,7 @@ # #Generate parameters with value for deploying addnode template -read parametersPath adminPasswordOrKey adminURL adminUsername numberOfExistingNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword gitUserName testbranchName managedServerPrefix dynamicClusterSize maxDynamicClusterSize +read parametersPath adminPasswordOrKey adminURL adminUsername numberOfExistingNodes skuUrnVersion storageAccountName wlsDomainName location wlsusername wlspassword repoPath testbranchName managedServerPrefix dynamicClusterSize maxDynamicClusterSize cat < ${parametersPath} { @@ -45,7 +45,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/addnode/src/main/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-coherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-coherence.sh index 69234a45c..0a831b12d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-coherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-coherence.sh @@ -4,7 +4,7 @@ # #Generate parameters with value for deploying coherence template independently -read parametersPath adminVMName adminPasswordOrKey skuUrnVersion location storageAccountName wlsDomainName wlsusername wlspassword gitUserName testbranchName managedServerPrefix +read parametersPath adminVMName adminPasswordOrKey skuUrnVersion location storageAccountName wlsDomainName wlsusername wlspassword repoPath testbranchName managedServerPrefix cat < ${parametersPath} { @@ -42,7 +42,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-db.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-db.sh index f9f865935..e61e08ad0 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-db.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-db.sh @@ -4,7 +4,7 @@ # #Generate parameters with value for deploying db template independently -read parametersPath adminVMName dbPassword dbName location wlsusername wlspassword gitUserName testbranchName +read parametersPath adminVMName dbPassword dbName location wlsusername wlspassword repoPath testbranchName cat < ${parametersPath}/parameters-deploy-db.json { @@ -36,7 +36,7 @@ cat < ${parametersPath}/parameters-deploy-db.json "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, } EOF diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-deletenode.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-deletenode.sh index 42fad97f8..aecb227c7 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-deletenode.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-deletenode.sh @@ -4,7 +4,7 @@ # #Generate parameters with value for deploying delete-node template -read parametersPath adminVMName location wlsusername wlspassword gitUserName testbranchName managedServerPrefix +read parametersPath adminVMName location wlsusername wlspassword repoPath testbranchName managedServerPrefix cat < ${parametersPath} { @@ -24,7 +24,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/deletenode/src/main/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/src/main/" } } EOF diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-elk.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-elk.sh index 63435730f..eca50c83e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-elk.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-elk.sh @@ -4,7 +4,7 @@ # #Generate parameters with value for deploying elk template independently -read parametersPath adminVMName elasticsearchPassword elasticsearchURI elasticsearchUserName location wlsDomainName wlsusername wlspassword gitUserName testbranchName managedServerPrefix maxDynamicClusterSize dynamicClusterSize guidValue +read parametersPath adminVMName elasticsearchPassword elasticsearchURI elasticsearchUserName location wlsDomainName wlsusername wlspassword repoPath testbranchName managedServerPrefix maxDynamicClusterSize dynamicClusterSize guidValue cat < ${parametersPath} @@ -37,7 +37,7 @@ cat < ${parametersPath} "value": "${wlsUserName}" }, "_artifactsLocation":{ - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "managedServerPrefix": { "value": "${managedServerPrefix}" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy.sh index 21842aceb..250093e30 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # #Generate parameters with value for deployment -read parametersPath location adminPasswordOrKey wlsdomainname wlsusername wlspassword managedserverprefix maxDynamicClusterSize dynamicClusterSize adminvmname skuUrnVersion testbranchName gitUserName +read parametersPath location adminPasswordOrKey wlsdomainname wlsusername wlspassword managedserverprefix maxDynamicClusterSize dynamicClusterSize adminvmname skuUrnVersion testbranchName repoPath cat <${parametersPath} { @@ -52,7 +52,7 @@ cat <${parametersPath} }, "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${gitUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" } } } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-elk.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-elk.sh index 228d52673..59e43dcf0 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-elk.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-elk.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat <${parametersPath} { @@ -11,7 +11,7 @@ cat <${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters.sh index d72b0ca56..8ae6600cd 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read parametersPath githubUserName testbranchName +read parametersPath repoPath testbranchName cat < ${parametersPath} { @@ -11,7 +11,7 @@ cat < ${parametersPath} "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { - "value": "https://raw.githubusercontent.com/${githubUserName}/arm-oraclelinux-wls-dynamic-cluster/${testbranchName}/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" + "value": "https://raw.githubusercontent.com/${repoPath}/${testbranchName}/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/" }, "_artifactsLocationSasToken": { "value": "" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-deployments.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-deployments.sh index 860ca7668..68c7d0c89 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-deployments.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-deployments.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read prefix location template githubUserName testbranchName scriptsDir +read prefix location template repoPath testbranchName scriptsDir groupName=${prefix}-preflight @@ -13,27 +13,27 @@ az group create --verbose --name $groupName --location ${location} # generate parameters for testing differnt cases parametersList=() # parameters for cluster -bash ${scriptsDir}/gen-parameters.sh <<< "${scriptsDir}/parameters.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters.sh <<< "${scriptsDir}/parameters.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters.json) # parameters for cluster+db -bash ${scriptsDir}/gen-parameters-db.sh <<< "${scriptsDir}/parameters-db.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-db.sh <<< "${scriptsDir}/parameters-db.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-db.json) # parameters for cluster+aad -bash ${scriptsDir}/gen-parameters-aad.sh <<< "${scriptsDir}/parameters-aad.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-aad.sh <<< "${scriptsDir}/parameters-aad.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-aad.json) # parameters for cluster+coherence -bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-coherence.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-coherence.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-coherence.json) # parameters for cluster+elk -bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-elk.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-elk.sh <<< "${scriptsDir}/parameters-elk.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-elk.json) # parameters for cluster+db+aad -bash ${scriptsDir}/gen-parameters-db-aad.sh <<< "${scriptsDir}/parameters-db-aad.json $githubUserName $testbranchName" +bash ${scriptsDir}/gen-parameters-db-aad.sh <<< "${scriptsDir}/parameters-db-aad.json $repoPath $testbranchName" parametersList+=(${scriptsDir}/parameters-db-aad.json) # run preflight tests diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-servers-lifecycle.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-servers-lifecycle.sh index dd6282746..ecdd69027 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-servers-lifecycle.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-servers-lifecycle.sh @@ -28,7 +28,7 @@ for managedServer in $managedServers do echo "Verifying managed server : $managedServer" isSuccess=false - maxAttempt=3 + maxAttempt=10 attempt=1 while [ $attempt -le $maxAttempt ] do From 4d251483626ec19fe9d4cb8792f852a585113f8f Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 10 Nov 2021 17:35:44 +0800 Subject: [PATCH 103/720] Re-activate pipeline for single node offer Signed-off-by: galiacheng --- .github/workflows/buildWlsVm4SnArtifact.yml | 77 +++++++++++++++++++ weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 2 +- 2 files changed, 78 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/buildWlsVm4SnArtifact.yml diff --git a/.github/workflows/buildWlsVm4SnArtifact.yml b/.github/workflows/buildWlsVm4SnArtifact.yml new file mode 100644 index 000000000..bb57b9271 --- /dev/null +++ b/.github/workflows/buildWlsVm4SnArtifact.yml @@ -0,0 +1,77 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +name: Build Single Node VM artifact +on: + workflow_dispatch: + inputs: + pidType: + description: 'Specify which pids to use, oracle or microsoft.' + required: true + default: 'microsoft' + ref: + description: 'Specify Git Ref if needed.' + required: false + default: 'refs/heads/main' +env: + refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f + offerName: "arm-oraclelinux-wls" + repoName: "weblogic-azure" + +jobs: + package: + runs-on: ubuntu-latest + steps: + - name: Checkout azure-javaee-iaas + uses: actions/checkout@v2 + with: + repository: Azure/azure-javaee-iaas + path: azure-javaee-iaas + ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} + - name: Checkout ${{ env.repoName }} + uses: actions/checkout@v2 + with: + path: ${{ env.repoName }} + ref: ${{ github.event.inputs.ref }} + - name: Set up JDK 1.8 + uses: actions/setup-java@v1 + with: + java-version: 1.8 + - name: Build azure-javaee-iaas + run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml + + - name: Build and test ${{ env.offerName }} using ${{ github.event.inputs.pidType }} pids + run: | + cd ${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }} + pidType=${{ github.event.inputs.pidType }} + if [[ "${pidType}" == "oracle" ]];then + echo "using oracle pid" + mvn -Ptemplate-validation-tests clean install + else + echo "using ms pid" + mvn -Ptemplate-validation-tests clean install -Ddev + fi + + - name: Generate artifact file name and path + id: artifact_file + run: | + offerPath=${{env.repoName}}/weblogic-azure-vm/${{ env.offerName }} + version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${offerPath}/pom.xml) + artifactName=${{ env.offerName }}-$version-arm-assembly + unzip ${offerPath}/target/$artifactName.zip -d ${offerPath}/target/$artifactName + echo "##[set-output name=artifactName;]${artifactName}-${{ github.event.inputs.pidType }}" + echo "##[set-output name=artifactPath;]${offerPath}/target/$artifactName" + - name: Archive ${{ env.offerName }} template + uses: actions/upload-artifact@v1 + if: success() + with: + name: ${{steps.artifact_file.outputs.artifactName}} + path: ${{steps.artifact_file.outputs.artifactPath}} + diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index 9fc179b0f..7dcb6556a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -17,7 +17,7 @@ com.microsoft.azure.iaas azure-javaee-iaas-parent - 1.0.12 + 1.0.13 From 813558d588975339d2057d0a2748a2857a1e8398 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 10 Nov 2021 17:36:05 +0800 Subject: [PATCH 104/720] Script to setup/teardown GitHub Secrets. Signed-off-by: galiacheng --- .github/workflows/setupForWlsVm.sh | 228 ++++++++++++++++++++++++++ .github/workflows/teardownForWlsVm.sh | 103 ++++++++++++ 2 files changed, 331 insertions(+) create mode 100644 .github/workflows/setupForWlsVm.sh create mode 100644 .github/workflows/teardownForWlsVm.sh diff --git a/.github/workflows/setupForWlsVm.sh b/.github/workflows/setupForWlsVm.sh new file mode 100644 index 000000000..4651c8257 --- /dev/null +++ b/.github/workflows/setupForWlsVm.sh @@ -0,0 +1,228 @@ +#!/usr/bin/env bash +################################################ +# This script is invoked by a human who: +# - has done az login. +# - can create repository secrets in the github repo from which this file was cloned. +# - has the gh client >= 2.0.0 installed. +# +# This script initializes the repo from which this file is was cloned +# with the necessary secrets to run the workflows. +# +# Script design taken from https://github.com/microsoft/NubesGen. +# +################################################ + +################################################ +# Set environment variables - the main variables you might want to configure. +# +AKS_REPO_USER_NAME=oracle +# Three letters to disambiguate names. +DISAMBIG_PREFIX= +# URI (hostname:port) for Elastic server, leave blank if you don't want to integrate ELK. +ELK_URI= +# Account name for Elastic server, leave blank if you don't want to integrate ELK. +ELK_USER_NAME= +# Account password for Elastic server, leave blank if you don't want to integrate ELK. +ELK_PSW= +# The location of the resource group. For example `eastus`. Leave blank to use your default location. +LOCATION= +# Oracle single sign-on userid. +OTN_USERID= +# Password for preceding Oracle single sign-on userid. +OTN_PASSWORD= +# User Email of GitHub acount to access GitHub repository. +USER_EMAIL= +# User name for preceding GitHub account. +USER_NAME= +# Personal token for preceding GitHub account. +GIT_TOKEN= +WLS_PSW=Secret123456 + +# End set environment variables +################################################ + + +set -Eeuo pipefail +trap cleanup SIGINT SIGTERM ERR EXIT + +cleanup() { + trap - SIGINT SIGTERM ERR EXIT + # script cleanup here +} + +setup_colors() { + if [[ -t 2 ]] && [[ -z "${NO_COLOR-}" ]] && [[ "${TERM-}" != "dumb" ]]; then + NOFORMAT='\033[0m' RED='\033[0;31m' GREEN='\033[0;32m' ORANGE='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' YELLOW='\033[1;33m' + else + NOFORMAT='' RED='' GREEN='' ORANGE='' BLUE='' PURPLE='' CYAN='' YELLOW='' + fi +} + +msg() { + echo >&2 -e "${1-}" +} + +setup_colors + +read -r -p "Enter a disambiguation prefix (try initials with a sequence number, such as ejb01): " DISAMBIG_PREFIX +read -r -p "Enter owner/reponame (blank for upsteam of current fork): " OWNER_REPONAME + +if [ "$DISAMBIG_PREFIX" == '' ] ; then + msg "${RED}You must enter a disambiguation prefix." + exit 1; +fi + +if [ -z "${OWNER_REPONAME}" ] ; then + GH_FLAGS="" +else + GH_FLAGS="--repo ${OWNER_REPONAME}" +fi + +# get OTN_USERID if not set at the beginning of this file +if [ "$OTN_USERID" == '' ] ; then + read -r -p "Enter Oracle single sign-on userid: " OTN_USERID +fi + +# get OTN_PASSWORD if not set at the beginning of this file +if [ "$OTN_PASSWORD" == '' ] ; then + read -s -r -p "Enter password for preceding Oracle single sign-on userid: " OTN_PASSWORD +fi + +# get USER_EMAIL if not set at the beginning of this file +if [ "$USER_EMAIL" == '' ] ; then + read -r -p "Enter user Email of GitHub acount to access GitHub repository: " USER_EMAIL +fi + +# get USER_NAME if not set at the beginning of this file +if [ "$USER_NAME" == '' ] ; then + read -r -p "Enter user name of GitHub account: " USER_NAME +fi + +# get GIT_TOKEN if not set at the beginning of this file +if [ "$GIT_TOKEN" == '' ] ; then + read -s -r -p "Enter personal token of GitHub account: " GIT_TOKEN +fi + +# get ELK_URI if not set at the beginning of this file +if [ "$ELK_URI" == '' ] ; then + read -r -p "Enter URI (hostname:port) for Elastic server, leave blank if you don't want to integrate ELK.: " ELK_URI +fi + +# get ELK_USER_NAME if not set at the beginning of this file +if [ "$ELK_USER_NAME" == '' ] ; then + read -r -p "Enter account name for Elastic server, leave blank if you don't want to integrate ELK.: " ELK_USER_NAME +fi + +# get ELK_USER_NAME if not set at the beginning of this file +if [ "$ELK_PSW" == '' ] ; then + read -s -r -p "Enter account password for Elastic server, leave blank if you don't want to integrate ELK.: " ELK_PSW +fi + +DISAMBIG_PREFIX=${DISAMBIG_PREFIX}`date +%m%d` +SERVICE_PRINCIPAL_NAME=${DISAMBIG_PREFIX}sp + +# get default location if not set at the beginning of this file +if [ "$LOCATION" == '' ] ; then + { + az config get defaults.location --only-show-errors > /dev/null 2>&1 + LOCATION_DEFAULTS_SETUP=$? + } || { + LOCATION_DEFAULTS_SETUP=0 + } + # if no default location is set, fallback to "eastus" + if [ "$LOCATION_DEFAULTS_SETUP" -eq 1 ]; then + LOCATION=eastus + else + LOCATION=$(az config get defaults.location --only-show-errors | jq -r .value) + fi +fi + +# Check AZ CLI status +msg "${GREEN}(1/6) Checking Azure CLI status...${NOFORMAT}" +{ + az > /dev/null +} || { + msg "${RED}Azure CLI is not installed." + msg "${GREEN}Go to https://aka.ms/nubesgen-install-az-cli to install Azure CLI." + exit 1; +} +{ + az account show > /dev/null +} || { + msg "${RED}You are not authenticated with Azure CLI." + msg "${GREEN}Run \"az login\" to authenticate." + exit 1; +} + +msg "${YELLOW}Azure CLI is installed and configured!" + +# Check GitHub CLI status +msg "${GREEN}(2/6) Checking GitHub CLI status...${NOFORMAT}" +USE_GITHUB_CLI=false +{ + gh auth status && USE_GITHUB_CLI=true && msg "${YELLOW}GitHub CLI is installed and configured!" +} || { + msg "${YELLOW}Cannot use the GitHub CLI. ${GREEN}No worries! ${YELLOW}We'll set up the GitHub secrets manually." + USE_GITHUB_CLI=false +} + +# Execute commands +msg "${GREEN}(3/6) Create service principal and Azure credentials ${SERVICE_PRINCIPAL_NAME}" +SUBSCRIPTION_ID=$(az account show --query id --output tsv --only-show-errors) + +### AZ ACTION CREATE + +SERVICE_PRINCIPAL=$(az ad sp create-for-rbac --name ${SERVICE_PRINCIPAL_NAME} --role="Contributor" --scopes="/subscriptions/${SUBSCRIPTION_ID}" --sdk-auth --only-show-errors | base64 -w0) +AZURE_CREDENTIALS=$(echo $SERVICE_PRINCIPAL | base64 -d) + +msg "${GREEN}(6/6) Create secrets in GitHub" +if $USE_GITHUB_CLI; then + { + msg "${GREEN}Using the GitHub CLI to set secrets.${NOFORMAT}" + gh ${GH_FLAGS} secret set AZURE_CREDENTIALS -b"${AZURE_CREDENTIALS}" + msg "${YELLOW}\"AZURE_CREDENTIALS\"" + msg "${GREEN}${AZURE_CREDENTIALS}" + gh ${GH_FLAGS} secret set ELK_PSW -b"${ELK_PSW}" + gh ${GH_FLAGS} secret set ELK_URI -b"${ELK_URI}" + gh ${GH_FLAGS} secret set ELK_USER_NAME -b"${ELK_USER_NAME}" + gh ${GH_FLAGS} secret set GIT_TOKEN -b"${GIT_TOKEN}" + gh ${GH_FLAGS} secret set OTN_PASSWORD -b"${OTN_PASSWORD}" + gh ${GH_FLAGS} secret set OTN_USERID -b"${OTN_USERID}" + gh ${GH_FLAGS} secret set USER_EMAIL -b"${USER_EMAIL}" + gh ${GH_FLAGS} secret set USER_NAME -b"${USER_NAME}" + gh ${GH_FLAGS} secret set WLS_PSW -b"${WLS_PSW}" + } || { + USE_GITHUB_CLI=false + } +fi +if [ $USE_GITHUB_CLI == false ]; then + msg "${NOFORMAT}======================MANUAL SETUP======================================" + msg "${GREEN}Using your Web browser to set up secrets..." + msg "${NOFORMAT}Go to the GitHub repository you want to configure." + msg "${NOFORMAT}In the \"settings\", go to the \"secrets\" tab and the following secrets:" + msg "(in ${YELLOW}yellow the secret name and${NOFORMAT} in ${GREEN}green the secret value)" + msg "${YELLOW}\"AZURE_CREDENTIALS\"" + msg "${GREEN}${AZURE_CREDENTIALS}" + msg "${YELLOW}\"OTN_USERID\"" + msg "${GREEN}${OTN_USERID}" + msg "${YELLOW}\"OTN_PASSWORD\"" + msg "${GREEN}${OTN_PASSWORD}" + msg "${YELLOW}\"USER_EMAIL\"" + msg "${GREEN}${USER_EMAIL}" + msg "${YELLOW}\"USER_NAME\"" + msg "${GREEN}${USER_NAME}" + msg "${YELLOW}\"GIT_TOKEN\"" + msg "${GREEN}${GIT_TOKEN}" + msg "${YELLOW}\"ELK_URI\"" + msg "${GREEN}${ELK_URI}" + msg "${YELLOW}\"ELK_USER_NAME\"" + msg "${GREEN}${ELK_USER_NAME}" + msg "${YELLOW}\"ELK_PSW\"" + msg "${GREEN}${ELK_PSW}" + msg "${YELLOW}\"WLS_PSW\"" + msg "${GREEN}${WLS_PSW}" + msg "${YELLOW}\"DISAMBIG_PREFIX\"" + msg "${GREEN}${DISAMBIG_PREFIX}" + msg "${NOFORMAT}========================================================================" +fi +msg "${GREEN}Secrets configured" diff --git a/.github/workflows/teardownForWlsVm.sh b/.github/workflows/teardownForWlsVm.sh new file mode 100644 index 000000000..6226c1010 --- /dev/null +++ b/.github/workflows/teardownForWlsVm.sh @@ -0,0 +1,103 @@ +#!/usr/bin/env bash +################################################ +# This script is invoked by a human who: +# - has invoked the setupForWlsAks.sh script +# +# This script removes the secrets and deletes the azure resources created in +# setupForWlsAks.sh. +# +# Script design taken from https://github.com/microsoft/NubesGen. +# +################################################ + + +set -Eeuo pipefail +trap cleanup SIGINT SIGTERM ERR EXIT + +cleanup() { + trap - SIGINT SIGTERM ERR EXIT + # script cleanup here +} + +setup_colors() { + if [[ -t 2 ]] && [[ -z "${NO_COLOR-}" ]] && [[ "${TERM-}" != "dumb" ]]; then + NOFORMAT='\033[0m' RED='\033[0;31m' GREEN='\033[0;32m' ORANGE='\033[0;33m' BLUE='\033[0;34m' PURPLE='\033[0;35m' CYAN='\033[0;36m' YELLOW='\033[1;33m' + else + NOFORMAT='' RED='' GREEN='' ORANGE='' BLUE='' PURPLE='' CYAN='' YELLOW='' + fi +} + +msg() { + echo >&2 -e "${1-}" +} + +setup_colors + +read -r -p "Enter disambiguation prefix: " DISAMBIG_PREFIX +read -r -p "Enter owner/reponame (blank for upsteam of current fork): " OWNER_REPONAME + +if [ -z "${OWNER_REPONAME}" ] ; then + GH_FLAGS="" +else + GH_FLAGS="--repo ${OWNER_REPONAME}" +fi + +SERVICE_PRINCIPAL_NAME=${DISAMBIG_PREFIX}sp + +# Execute commands +msg "${GREEN}(1/4) Delete service principal ${SERVICE_PRINCIPAL_NAME}" +SUBSCRIPTION_ID=$(az account show --query id --output tsv --only-show-errors) +SP_OBJECT_ID_ARRAY=$(az ad sp list --display-name ${SERVICE_PRINCIPAL_NAME} --query "[].objectId") || true +# remove whitespace +SP_OBJECT_ID_ARRAY=$(echo ${SP_OBJECT_ID_ARRAY} | xargs) || true +SP_OBJECT_ID_ARRAY=${SP_OBJECT_ID_ARRAY//[/} +SP_OBJECT_ID=${SP_OBJECT_ID_ARRAY//]/} +az ad sp delete --id ${SP_OBJECT_ID} || true + +# Check GitHub CLI status +msg "${GREEN}(3/4) Checking GitHub CLI status...${NOFORMAT}" +USE_GITHUB_CLI=false +{ + gh auth status && USE_GITHUB_CLI=true && msg "${YELLOW}GitHub CLI is installed and configured!" +} || { + msg "${YELLOW}Cannot use the GitHub CLI. ${GREEN}No worries! ${YELLOW}We'll set up the GitHub secrets manually." + USE_GITHUB_CLI=false +} + +msg "${GREEN}(4/4) Removing secrets...${NOFORMAT}" +if $USE_GITHUB_CLI; then + { + msg "${GREEN}Using the GitHub CLI to remove secrets.${NOFORMAT}" + gh ${GH_FLAGS} secret remove AZURE_CREDENTIALS + gh ${GH_FLAGS} secret remove ELK_PSW + gh ${GH_FLAGS} secret remove ELK_URI + gh ${GH_FLAGS} secret remove ELK_USER_NAME + gh ${GH_FLAGS} secret remove GIT_TOKEN + gh ${GH_FLAGS} secret remove OTN_PASSWORD + gh ${GH_FLAGS} secret remove OTN_USERID + gh ${GH_FLAGS} secret remove USER_EMAIL + gh ${GH_FLAGS} secret remove USER_NAME + gh ${GH_FLAGS} secret remove WLS_PSW + } || { + USE_GITHUB_CLI=false + } +fi +if [ $USE_GITHUB_CLI == false ]; then + msg "${NOFORMAT}======================MANUAL REMOVAL======================================" + msg "${GREEN}Using your Web browser to remove secrets..." + msg "${NOFORMAT}Go to the GitHub repository you want to configure." + msg "${NOFORMAT}In the \"settings\", go to the \"secrets\" tab and remove the following secrets:" + msg "(in ${YELLOW}yellow the secret name)" + msg "${YELLOW}\"AZURE_CREDENTIALS\"" + msg "${YELLOW}\"ELK_PSW\"" + msg "${YELLOW}\"ELK_URI\"" + msg "${YELLOW}\"ELK_USER_NAME\"" + msg "${YELLOW}\"GIT_TOKEN\"" + msg "${YELLOW}\"OTN_PASSWORD\"" + msg "${YELLOW}\"OTN_USERID\"" + msg "${YELLOW}\"USER_EMAIL\"" + msg "${YELLOW}\"USER_NAME\"" + msg "${YELLOW}\"WLS_PSW\"" + msg "${NOFORMAT}========================================================================" +fi +msg "${GREEN}Secrets removed" From d57f6c0d13f0e0f9bba6ea6c58a4c86792d86935 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 10 Nov 2021 17:38:01 +0800 Subject: [PATCH 105/720] Revert changes that used to debug cluster pipeline. Signed-off-by: galiacheng --- .github/workflows/testWlsVmCluster.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/testWlsVmCluster.yml b/.github/workflows/testWlsVmCluster.yml index 172d1433c..10bc9c358 100644 --- a/.github/workflows/testWlsVmCluster.yml +++ b/.github/workflows/testWlsVmCluster.yml @@ -864,12 +864,12 @@ jobs: exit 1 fi - # - name: Delete Resource Group - # id: delete-resource-group - # if: always() - # run: | - # echo "delete... " $resourceGroup - # az group delete --yes --no-wait --verbose --name $resourceGroup + - name: Delete Resource Group + id: delete-resource-group + if: always() + run: | + echo "delete... " $resourceGroup + az group delete --yes --no-wait --verbose --name $resourceGroup - name: Delete ELK index id: delete-elk-index if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} From fe7c34c47a996ef839936c86bb92f0df785f744d Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 10 Nov 2021 18:15:22 +0800 Subject: [PATCH 106/720] Clean up pipleline YAML files. Signed-off-by: galiacheng --- .../.github/workflows/build.yml | 526 --------- .../.github/workflows/package.yaml | 75 -- .../.github/workflows/build.yml | 1003 ----------------- .../.github/workflows/package.yaml | 77 -- .../.github/workflows/build.yml | 841 -------------- .../.github/workflows/pakage.yaml | 76 -- 6 files changed, 2598 deletions(-) delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml delete mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml deleted file mode 100644 index 20da05267..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/build.yml +++ /dev/null @@ -1,526 +0,0 @@ -# Copyright (c) 2021, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. - -name: Build and Test - -on: - workflow_dispatch: - inputs: - enableELK: - description: 'Specify whether to enable ELK depoyment or not.' - required: true - default: 'false' - # Allows you to run this workflow using GitHub APIs - # PERSONAL_ACCESS_TOKEN= - # REPO_NAME=wls-eng/arm-oraclelinux-wls-admin - # curl --verbose -XPOST -u "wls-eng:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' - repository_dispatch: - -env: - azCliVersion: 2.6.0 - adminConsolePort: 7005 - dbName: wlsdb${{ github.run_id }}${{ github.run_number }} - elkURI: ${{ secrets.ELK_URI }} - elkUser: ${{ secrets.ELK_USER_NAME }} - elkPassword: ${{ secrets.ELK_PSW }} - location: eastus - nsg: wls-nsg - resourceGroupPrefix: wls-${{ github.run_id }}-${{ github.run_number }} - resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} - userEmail: ${{ secrets.USER_EMAIL }} - userName: ${{ secrets.USER_NAME }} - wlsPassword: ${{ secrets.WLS_PASSWORD }} - adminPassword: ${{ secrets.WLS_PASSWORD }} - wlsDomainName : adminDomain - wlsUserName : weblogic - adminVMName: adminServerVM - offerName: arm-oraclelinux-wls-admin - testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} - ref_javaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - ref_armttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - git_token: ${{ secrets.GIT_TOKEN }} - -jobs: - preflight: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.ref_javaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.ref_armttk }} - - name: Checkout ${{ env.offerName }} - uses: actions/checkout@v2 - with: - path: ${{ env.offerName }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - name: Build and test ${{ env.offerName }} - run: mvn -Ptemplate-validation-tests clean install --file ${{ env.offerName }}/pom.xml - - - name: Checkout ${{ env.offerName }} for test - uses: actions/checkout@v2 - with: - path: ${{ env.offerName }}-dev - - name: Create a new branch with development pids in nestedtemplates - run: | - current=`pwd` - echo "current=${current}" >> $GITHUB_ENV - cd ${{ env.offerName }}-dev/src/main/arm/nestedtemplates - git config --global core.longpaths true - git config --global user.email $userEmail - git config --global user.name $userName - echo "create branch $testbranchName" - git checkout -b $testbranchName - rm -r -f $current/${{ env.offerName }}-dev/src/main/arm/nestedtemplates/* - cp -r -f $current/${{ env.offerName }}/target/arm/nestedtemplates/* $current/${{ env.offerName }}-dev/src/main/arm/nestedtemplates/ - git status - git commit -a -m "hard code pids" - git push https://$git_token@github.com/$userName/${{ env.offerName }}.git -f - - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Validate deployment templates for different combinations of service integration - id: validate-deployment-templates - run: | - bash ${{ env.offerName }}/test/scripts/verify-deployments.sh \ - <<< "${{ github.run_id }}${{ github.run_number }} ${location} \ - ${{ env.offerName }}/target/arm/mainTemplate.json \ - ${userName} ${testbranchName} ${{ env.offerName }}/test/scripts" - - - name: Get version information from pom.xml - id: version - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerName }}/pom.xml) - echo "version=${version}" >> $GITHUB_ENV - - name: Print version - run: echo $version - - name: Generate artifact name - run: echo "artifactName=${{ env.offerName }}-$version-arm-assembly" >> $GITHUB_ENV - - name: Print artifact name - run: echo $artifactName - - name: Output artifact name - id: artifact_file - run: echo "##[set-output name=artifactName;]${{ env.offerName }}-$version-arm-assembly" - - name: Generate zip package path - id: artifact_path - run: echo "##[set-output name=artifactPath;]${{ env.offerName }}/target/$artifactName" - - name: Output artifact path - run: echo $artifactPath - env: - artifactPath: ${{steps.package.outputs.artifactPath}} - - name: Unzip the package as upload action will zip again - run: unzip ${{ env.offerName }}/target/$artifactName.zip -d ${{ env.offerName }}/target/$artifactName - - - name: Archive ${{ env.offerName }} template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_path.outputs.artifactPath}} - - deploy-dependencies: - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - needs: preflight - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Create Resource Group - id: create-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForDependency }} - az group create --verbose --name ${{ env.resourceGroupForDependency }} --location ${location} - - - name: Set Up Azure Postgresql to Test dbTemplate - id: setup-postgresql - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Deploy DB with name " ${{ env.dbName }} - az postgres server create \ - --resource-group ${{ env.resourceGroupForDependency }} \ - --name ${{ env.dbName }} \ - --location ${location} \ - --admin-user weblogic \ - --ssl-enforcement Enabled \ - --public-network-access Enabled \ - --admin-password ${{ env.wlsPassword }} \ - --sku-name B_Gen5_1 - - echo "Allow Access To Azure Services" - az postgres server firewall-rule create \ - -g ${{ env.resourceGroupForDependency }} \ - -s ${{ env.dbName }} \ - -n "AllowAllWindowsAzureIps" \ - --start-ip-address "0.0.0.0" \ - --end-ip-address "0.0.0.0" - - deploy-weblogic-admin: - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - needs: deploy-dependencies - runs-on: ubuntu-latest - strategy: - max-parallel: 1 - fail-fast: false - matrix: - images: ["owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest", "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest"] - - steps: - - name: Checkout ${{ env.offerName }} - uses: actions/checkout@v2 - with: - path: ${{ env.offerName }} - - name: Get version information from ${{ env.offerName }}/pom.xml - id: version - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.offerName }}/pom.xml) - echo "version=${version}" >> $GITHUB_ENV - - name: Output artifact name for Download action - id: artifact_file - run: | - artifactName=${{ env.offerName }}-$version-arm-assembly - echo "artifactName=${artifactName}" >> $GITHUB_ENV - echo "##[set-output name=artifactName;]${artifactName}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file.outputs.artifactName}} - - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Get Image SKU - id: image-sku - run: | - imageUrn="${{ matrix.images }}" - sku=${imageUrn%%;*} - echo "sku=${sku}" >> $GITHUB_ENV - echo ${resourceGroupPrefix} - resourceGroup=$(echo "${resourceGroupPrefix}-${sku}" | sed "s/_//g") - echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV - - name: Create Resource Group - id: create-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" $resourceGroup - az group create --verbose --name $resourceGroup --location ${location} - echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV - - - name: Prepare deployed parameters and test script - id: prepare-deployed-parameters-and-test-script - run: | - sed -i "s/#location#/$location/g; \ - s/#adminPasswordOrKey#/$wlsPassword/g; \ - s/#wlsdomainname#/$wlsDomainName/g; \ - s/#wlsusername#/$wlsUserName/g; \ - s/#wlspassword#/$wlsPassword/g; \ - s/#adminvmname#/$adminVMName/g; \ - s/#skuUrnVersion#/${{ matrix.images }}/g; \ - s/#testbranchName#/$testbranchName/g; \ - s/#gitUserName#/$userName/g" \ - ${{ env.offerName }}/test/data/parameters-test.json - sed -i "s/#adminPasswordOrKey#/$wlsPassword/g" \ - ${{ env.offerName }}/test/scripts/verify-wls-path.sh - - - name: Accept Image Terms - id: accept-terms - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "accept terms for " "${{ matrix.images }}" - rawUrn="${{ matrix.images }}" - publisherAndName=$(echo ${rawUrn} | grep -o ";.*:" | sed "s/;//g") - imageVersion=${rawUrn##*;} - az vm image terms accept --urn ${publisherAndName}${sku}:${imageVersion} - - - name: Deploy WebLogic Server Admin only Domain offer - id: deploy-wls-admin - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az deployment group create \ - --verbose \ - --resource-group $resourceGroup \ - --name wls-admin-node \ - --parameters @${{ env.offerName }}/test/data/parameters-test.json \ - --template-file ${{ env.offerName }}-$version-arm-assembly/mainTemplate.json - - - name: Verify Network Security Group - id: verify-nsg - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query nsg name, will exit with error if nsg does not exist." - az network nsg show -g $resourceGroup -n ${nsg} --query "name" - - - name: Get IP of build machine - id: get-ip-address - run: | - myIP=$(dig @ns1.google.com TXT o-o.myaddr.l.google.com +short) - echo "myIP=${myIP}" >> $GITHUB_ENV - - - name: Add ip address to security rule to access the wls machine - id: add-ip-to-security-rule - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query existing source address prefixes" - attempt=0 - toCreateRule101=false - while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-101"` && $attempt -le 5 ]] - do - if [ $attempt -eq 5 ]; then - toCreateRule101=true - fi - echo "network security group rule NRMS-Rule-101 is not ready" - sleep 1m - attempt=$((attempt + 1)) - done - if [ $toCreateRule101 == true ]; then - az network nsg rule create --name NRMS-Rule-101 \ - --nsg-name ${nsg} \ - --priority 101 \ - --resource-group $resourceGroup \ - --access Allow \ - --destination-address-prefixes "*" \ - --destination-port-ranges 22 43 ${adminConsolePort} \ - --direction Inbound \ - --protocol Tcp \ - --source-address-prefixes $myIP - else - sourceAddressPrefixes=$(az network nsg rule show \ - --resource-group $resourceGroup \ - --nsg-name ${nsg} \ - --name NRMS-Rule-101 \ - --query "sourceAddressPrefixes") - echo "IP of this machine: " ${myIP} - sourceAddressPrefixes=$(echo ${myIP} ${sourceAddressPrefixes} | \ - sed 's/,/ /g; s/\[//g; s/\]//g; s/"//g') - echo ${sourceAddressPrefixes} - az network nsg rule update \ - --resource-group $resourceGroup \ - --nsg-name ${nsg} \ - --name NRMS-Rule-101 \ - --source-address-prefixes $sourceAddressPrefixes \ - --destination-port-ranges 443 22 ${adminConsolePort} - fi - - name: Restart wls VM - id: restart-wls-wm - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "restart vm to make sure security rule work." - az vm restart -g $resourceGroup -n $adminVMName - - - name: Query public IP of AdminServer VM - id: query-wls-admin-ip - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query public ip" - publicIP=$(az vm show \ - --resource-group $resourceGroup \ - --name $adminVMName -d \ - --query publicIps -o tsv) - echo "##[set-output name=publicIP;]${publicIP}" - - name: Create environment variable for AdminServer IP - id: env-admin-ip - run: echo "wlsPublicIP=${{steps.query-wls-admin-ip.outputs.publicIP}}" >> $GITHUB_ENV - - - name: Verify WebLogic Server Installation - id: verify-wls - run: | - echo "pubilc IP of wls machine: ${wlsPublicIP}" - echo "Verifying Weblgic server installation" - timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 - echo install sshpass - sudo apt-get install -y sshpass - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.offerName }}/test/scripts/verify-wls-path.sh - - - name: Restart remote SSH agent - id: restart-remote-ssh - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Verify system services at admin server - id: veriy-admin-service - run: | - echo "Verifying WebLogic services at admin server" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.offerName }}/test/scripts/verify-services.sh - - - name: Verify WebLogic Server Access - id: verify-wls-access - run: | - echo "Verifying Weblogic Server Access" - echo ${wlsPublicIP} - bash ${{ env.offerName }}/test/scripts/verify-wls-access.sh <<< "${wlsPublicIP} 7005" - - - name: Deploy DB Template to Connect to Azure Postgresql Database - id: enable-postgresql-db - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for db template deployment - bash ${{ env.offerName }}/test/scripts/gen-parameters-deploy-db.sh \ - <<< "${{ env.offerName }}/test/scripts/ \ - ${{ env.adminVMName }} \ - ${{ env.wlsPassword}} \ - ${{ env.dbName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }}" - echo "Deploy DB Template..." - az group deployment create \ - --verbose \ - --resource-group ${resourceGroup} \ - --name db \ - --parameters @${{ env.offerName }}/test/scripts/parameters-deploy-db.json \ - --template-file ${{ env.offerName }}-$version-arm-assembly/nestedtemplates/dbTemplate.json - - - name: Set up ELK by deploying sub template - id: enable-elk - if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for ELK template deployment - bash ${{ env.offerName }}/test/scripts/gen-parameters-deploy-elk.sh \ - <<< "${{ env.offerName }}/test/scripts/parameters-deploy-elk.json \ - ${{ env.adminVMName }} \ - ${{ env.elkPassword }} \ - ${{ env.elkURI }} \ - ${{ env.elkUser }} \ - ${{ env.location }} \ - ${{ env.wlsDomainName }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ github.run_id }}${{ github.run_number }}" - echo "Deploy ELK Template..." - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name elk \ - --parameters @${{ env.offerName }}/test/scripts/parameters-deploy-elk.json \ - --template-file ${artifactName}/nestedtemplates/elkNestedTemplate.json - - name: Delete Resource Group - id: delete-resource-group - if: always() - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " $resourceGroup - az group delete --yes --no-wait --verbose --name $resourceGroup - - name: Delete ELK index - id: delete-elk-index - if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} - run: | - curl -XDELETE --user ${{ env.elkUser }}:${{ env.elkPassword }} ${{ env.elkURI }}/azure-weblogic-admin-${{ github.run_id }}${{ github.run_number }} - - cleanup-github-resource: - needs: deploy-weblogic-admin - if: always() - runs-on: ubuntu-latest - steps: - - name: Checkout ${{ env.offerName }} - uses: actions/checkout@v2 - with: - path: ${{ env.offerName }} - - name: Delete testing branch - run: | - cd ${{ env.offerName }} - git push https://$git_token@github.com/$userName/${{ env.offerName }}.git -f --delete $testbranchName - - cleanup-az-resource: - needs: deploy-weblogic-admin - if: always() - runs-on: ubuntu-latest - steps: - - name: Checkout ${{ env.offerName }} - uses: actions/checkout@v2 - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - with: - path: ${{ env.offerName }} - - uses: azure/login@v1 - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Delete DB Resource Group - id: delete-db-resource-group - uses: azure/CLI@v1 - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " $resourceGroup - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDependency }} - - summary: - needs: deploy-weblogic-admin - if: always() - runs-on: ubuntu-latest - steps: - - name: summarize jobs - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - run: | - workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/wls-eng/arm-oraclelinux-wls-admin/actions/runs/${{ github.run_id }}/jobs) - critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-admin."))) | length') - echo "$critical_job_num" - succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-admin."))) | length') - echo "$succeed_critical_job_num" - failed_job_num="$(($critical_job_num-$succeed_critical_job_num))" - echo $failed_job_num - if (($failed_job_num >= 2));then - echo "too many jobs failed, send notification to Teams" - curl ${{ secrets.MSTEAMS_WEBHOOK }} \ - -H 'Content-Type: application/json' \ - --data-binary @- << EOF - { - "@context":"http://schema.org/extensions", - "@type":"MessageCard", - "text":"$failed_job_num jobs failed in Admin Offer's workflow, please take a look at: https://github.com/wls-eng/arm-oraclelinux-wls-admin/actions/runs/${{ github.run_id }}" - } - EOF - fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml deleted file mode 100644 index d5152bb4b..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/.github/workflows/package.yaml +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright (c) 2021, Oracle and/or its affiliates. -# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. - -name: Package ARM -on: - workflow_dispatch: - inputs: - pidType: - description: 'Specify which pids to use, oracle or microsoft.' - required: true - default: 'microsoft' - ref: - description: 'Specify Git Ref if needed.' - required: false - default: 'refs/heads/develop' -env: - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - refJavaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - repoName: "arm-oraclelinux-wls-admin" - -jobs: - package: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.refArmttk }} - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - ref: ${{ github.event.inputs.ref }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - - name: Build and test ${{ env.repoName }} using ${{ github.event.inputs.pidType }} pids - run: | - cd ${{ env.repoName }} - pidType=${{ github.event.inputs.pidType }} - if [[ "${pidType}" == "oracle" ]];then - echo "using oracle pid" - mvn -Ptemplate-validation-tests clean install - else - echo "using ms pid" - mvn -Ptemplate-validation-tests clean install -Ddev - fi - - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/pom.xml) - artifactName=${{ env.repoName }}-$version-arm-assembly - unzip ${{ env.repoName }}/target/$artifactName.zip -d ${{ env.repoName }}/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}-${{ github.event.inputs.pidType }}" - echo "##[set-output name=artifactPath;]${{ env.repoName }}/target/$artifactName" - - name: Archive ${{ env.repoName }} template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} - diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml deleted file mode 100644 index 6c11a2d93..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/build.yml +++ /dev/null @@ -1,1003 +0,0 @@ -#Copyright (c) 2021 Oracle and/or its affiliates. -#Released under the Universal Permissive License v1.0 as shown at -# https://oss.oracle.com/licenses/upl/ - -name: Build and Test -on: - workflow_dispatch: - inputs: - enableELK: - description: 'Specify whether to enable ELK depoyment or not.' - required: true - default: 'false' - # Allows you to run this workflow using GitHub APIs - # PERSONAL_ACCESS_TOKEN= - # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster - # curl --verbose -XPOST -u "wls-eng:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' - repository_dispatch: - -env: - adminConsolePort: 7001 - adminPassword: ${{ secrets.WLS_PASSWORD }} - adminVMName: adminServerVM - azCliVersion: 2.6.0 - dbName: wlsdb${{ github.run_id }}${{ github.run_number }} - elkURI: ${{ secrets.ELK_URI }} - elkUser: ${{ secrets.ELK_USER_NAME }} - elkPassword: ${{ secrets.ELK_PSW }} - gitToken: ${{ secrets.GIT_TOKEN }} - location: eastus - managedServerPrefix: managedServer - managedServerVM: "managedServerVM1" - managedServers: "managedServer1" - nsg: wls-nsg - numberOfInstances: 2 - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - refJavaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - repoName: arm-oraclelinux-wls-cluster - resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} - resourceGroupPrefix: ${{ github.run_id }}-${{ github.run_number }} - testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} - userEmail: ${{ secrets.USER_EMAIL }} - userName: ${{ secrets.USER_NAME }} - wlsDomainName: wlsd - wlsPassword: ${{ secrets.WLS_PASSWORD }} - wlsUserName: weblogic - wls_admin_services: "rngd wls_admin wls_nodemanager" - wls_managedServer_services: "rngd wls_nodemanager" - -jobs: - preflight: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.refArmttk }} - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - name: Build and test ${{ env.repoName }} - run: mvn -Ptemplate-validation-tests clean install --file ${{ env.repoName }}/pom.xml - - - name: Checkout ${{ env.repoName }} for test - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }}-dev - - name: Create a new branch with development pids in nestedtemplates - run: | - current=`pwd` - echo "current=${current}" >> $GITHUB_ENV - cd ${{ env.repoName }}-dev/${{ env.repoName }}/src/main/arm/nestedtemplates - git config --global core.longpaths true - git config --global user.email $userEmail - git config --global user.name $userName - echo "create branch $testbranchName" - git checkout -b $testbranchName - rm -r -f $current/${{ env.repoName }}-dev/${{ env.repoName }}/src/main/arm/nestedtemplates/* - cp -r -f $current/${{ env.repoName }}/${{ env.repoName }}/target/arm/nestedtemplates/* $current/${{ env.repoName }}-dev/${{ env.repoName }}/src/main/arm/nestedtemplates/ - git status - git commit -a -m "hard code pids" - git push https://$gitToken@github.com/$userName/${{ env.repoName }}.git -f - - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Validate deployment templates for different combinations of service integration - id: validate-deployment-templates - run: | - bash ${{ env.repoName }}/test/scripts/verify-deployments.sh <<< "${{ github.run_id }}${{ github.run_number }} ${location} \ - ${{ env.repoName }}/${{ env.repoName }}/target/arm/mainTemplate.json \ - ${userName} ${testbranchName} ${{ env.repoName }}/test/scripts" - - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/${{ env.repoName }}/pom.xml) - artifactName=${{ env.repoName }}-$version-arm-assembly - unzip ${{ env.repoName }}/${{ env.repoName }}/target/$artifactName.zip -d ${{ env.repoName }}/${{ env.repoName }}/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}" - echo "##[set-output name=artifactPath;]${{ env.repoName }}/${{ env.repoName }}/target/$artifactName" - - name: Archive ${{ env.repoName }} template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} - - - name: Generate addnode artifact file name and path - id: addnode_artifact_file - run: | - addnode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/addnode/pom.xml) - addnode_artifactName=${{ env.repoName }}-addnode-$addnode_version-arm-assembly - unzip ${{ env.repoName }}/addnode/target/$addnode_artifactName.zip -d ${{ env.repoName }}/addnode/target/$addnode_artifactName - echo "##[set-output name=addnode_artifactName;]${addnode_artifactName}" - echo "##[set-output name=addnode_artifactPath;]${{ env.repoName }}/addnode/target/$addnode_artifactName" - - name: Archive ${{ env.repoName }} addnode template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.addnode_artifact_file.outputs.addnode_artifactName}} - path: ${{steps.addnode_artifact_file.outputs.addnode_artifactPath}} - - - name: Generate delete node artifact file name and path - id: deletenode_artifact_file - run: | - deletenode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/deletenode/pom.xml) - deletenode_artifactName=${{ env.repoName }}-deletenode-$deletenode_version-arm-assembly - unzip ${{ env.repoName }}/deletenode/target/$deletenode_artifactName.zip -d ${{ env.repoName }}/deletenode/target/$deletenode_artifactName - echo "##[set-output name=deletenode_artifactName;]${deletenode_artifactName}" - echo "##[set-output name=deletenode_artifactPath;]${{ env.repoName }}/deletenode/target/$deletenode_artifactName" - - - name: Archive ${{ env.repoName }} deletenode template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactName}} - path: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactPath}} - - - name: Generate addnode-coherence artifact file name and path - id: addnode_coherence_artifact_file - run: | - addnode_coherence_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/addnode-coherence/pom.xml) - addnode_coherence_artifactName=${{ env.repoName }}-addnode-coherence-$addnode_coherence_version-arm-assembly - unzip ${{ env.repoName }}/addnode-coherence/target/$addnode_coherence_artifactName.zip -d ${{ env.repoName }}/addnode-coherence/target/$addnode_coherence_artifactName - echo "##[set-output name=addnode_coherence_artifactName;]${addnode_coherence_artifactName}" - echo "##[set-output name=addnode_coherence_artifactPath;]${{ env.repoName }}/addnode-coherence/target/$addnode_coherence_artifactName" - - - name: Archive ${{ env.repoName }} addnode-coherence template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactName}} - path: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactPath}} - - deploy-dependencies: - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - needs: preflight - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Create Resource Group - id: create-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForDependency }} - az group create --verbose --name ${{ env.resourceGroupForDependency }} --location ${location} - - - name: Set Up Azure Postgresql to Test dbTemplate - id: setup-postgresql - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Deploy DB with name " ${{ env.dbName }} - az postgres server create \ - --resource-group ${{ env.resourceGroupForDependency }} \ - --name ${{ env.dbName }} \ - --location ${location} \ - --admin-user weblogic \ - --ssl-enforcement Enabled \ - --public-network-access Enabled \ - --admin-password ${{ env.wlsPassword }} \ - --sku-name B_Gen5_1 - - echo "Allow Access To Azure Services" - az postgres server firewall-rule create \ - -g ${{ env.resourceGroupForDependency }} \ - -s ${{ env.dbName }} \ - -n "AllowAllWindowsAzureIps" \ - --start-ip-address "0.0.0.0" \ - --end-ip-address "0.0.0.0" - - deploy-weblogic-cluster: - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - needs: deploy-dependencies - runs-on: ubuntu-latest - strategy: - max-parallel: 1 - fail-fast: false - matrix: - images: - [ - "owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest", - "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", - "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", - "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest", - ] - steps: - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - - name: Get version information from ${{ env.repoName }}/pom.xml - id: version - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/${{ env.repoName }}/pom.xml) - echo "version=${version}" >> $GITHUB_ENV - - name: Output artifact name for Download action - id: artifact_file - run: | - artifactName=${{ env.repoName }}-$version-arm-assembly - echo "artifactName=${artifactName}" >> $GITHUB_ENV - echo "##[set-output name=artifactName;]${artifactName}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file.outputs.artifactName}} - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Get Image SKU - id: image-sku - run: | - imageUrn="${{ matrix.images }}" - sku=${imageUrn%%;*} - echo "sku=${sku}" >> $GITHUB_ENV - echo ${resourceGroupPrefix} - resourceGroup=$(echo "${resourceGroupPrefix}-${sku}" | sed "s/_//g") - echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV - - name: Create Resource Group - id: create-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" $resourceGroup - az group create --verbose --name $resourceGroup --location ${location} - - - name: Prepare deployed parameters and test script - id: prepare-deployed-parameters-and-test-script - run: | - echo $managedServerPrefix $numberOfInstances $adminVMName - sed -i "s/#location#/$location/g; \ - s/#adminPasswordOrKey#/$wlsPassword/g; \ - s/#wlsdomainname#/$wlsDomainName/g; \ - s/#wlsusername#/$wlsUserName/g; \ - s/#wlspassword#/$wlsPassword/g; \ - s/#managedserverprefix#/$managedServerPrefix/g; \ - s/#numinstances#/$numberOfInstances/g; \ - s/#adminvmname#/$adminVMName/g; \ - s/#skuUrnVersion#/${{ matrix.images }}/g; \ - s/#testbranchName#/$testbranchName/g; \ - s/#gitUserName#/$userName/g" \ - ${{ env.repoName }}/test/data/parameters-test.json - - sed -i "s/#adminPasswordOrKey#/$wlsPassword/g" \ - ${{ env.repoName }}/test/scripts/verify-wls-path.sh - - sed -i "s/#adminVMName#/$adminVMName/g; \ - s/#adminPasswordOrKey#/$wlsPassword/g; \ - s/#managedServers#/$managedServers/g; \ - s/#wlsUserName#/$wlsUserName/g; \ - s/#wlspassword#/$wlsPassword/g" \ - ${{ env.repoName }}/test/scripts/verify-servers-lifecycle.sh - - - name: Accept Image Terms - id: accept-terms - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "accept terms for " "${{ matrix.images }}" - rawUrn="${{ matrix.images }}" - publisherAndName=$(echo ${rawUrn} | grep -o ";.*:" | sed "s/;//g") - imageVersion=${rawUrn##*;} - az vm image terms accept --urn ${publisherAndName}${sku}:${imageVersion} - - - name: Deploy WebLogic Server Cluster Domain offer - id: deploy-wls-cluster - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az deployment group create \ - --verbose \ - --resource-group $resourceGroup \ - --name wls-cluster-node \ - --parameters @${{ env.repoName }}/test/data/parameters-test.json \ - --template-file ${artifactName}/mainTemplate.json - - - name: Verify Network Security Group - id: verify-nsg - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query nsg name, will exit with error if nsg does not exist." - az network nsg show -g $resourceGroup -n ${nsg} --query "name" - - - name: Get IP of build machine - id: get-ip-address - run: | - myIP=$(dig @ns1.google.com TXT o-o.myaddr.l.google.com +short) - echo "myIP=${myIP}" >> $GITHUB_ENV - - - name: Add ip address to security rule to access the wls machine - id: add-ip-to-security-rule - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query existing source address prefixes" - attempt=0 - toCreateRule101=false - while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-101"` && $attempt -le 5 ]] - do - if [ $attempt -eq 5 ]; then - toCreateRule101=true - fi - echo "network security group rule NRMS-Rule-101 is not ready" - sleep 1m - attempt=$((attempt + 1)) - done - if [ $toCreateRule101 == true ]; then - az network nsg rule create --name NRMS-Rule-101 \ - --nsg-name ${nsg} \ - --priority 101 \ - --resource-group $resourceGroup \ - --access Allow \ - --destination-address-prefixes "*" \ - --destination-port-ranges 22 43 ${adminConsolePort} \ - --direction Inbound \ - --protocol Tcp \ - --source-address-prefixes $myIP - else - sourceAddressPrefixes=$(az network nsg rule show \ - --resource-group $resourceGroup \ - --nsg-name ${nsg} \ - --name NRMS-Rule-101 \ - --query "sourceAddressPrefixes") - echo "IP of this machine: " ${myIP} - sourceAddressPrefixes=$(echo ${myIP} ${sourceAddressPrefixes} | \ - sed 's/,/ /g; s/\[//g; s/\]//g; s/"//g') - echo ${sourceAddressPrefixes} - az network nsg rule update \ - --resource-group $resourceGroup \ - --nsg-name ${nsg} \ - --name NRMS-Rule-101 \ - --source-address-prefixes $sourceAddressPrefixes \ - --destination-port-ranges 443 22 ${adminConsolePort} - fi - - - name: Restart wls VM - id: restart-wls-wm - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "restart vm to make sure security rule work." - az vm restart -g $resourceGroup -n $adminVMName - - - name: Query public IP of AdminServer VM - id: query-wls-admin-ip - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query public ip" - publicIP=$(az vm show \ - --resource-group $resourceGroup \ - --name $adminVMName -d \ - --query publicIps -o tsv) - echo "##[set-output name=publicIP;]${publicIP}" - - name: Create environment variable for AdminServer IP - id: env-admin-ip - run: echo "wlsPublicIP=${{steps.query-wls-admin-ip.outputs.publicIP}}" >> $GITHUB_ENV - - - name: Query public IP of managedServerVM1 - id: query-wls-managed-ip - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query public ip" - publicIP=$(az vm show \ - --resource-group $resourceGroup \ - --name $managedServerVM -d \ - --query publicIps -o tsv) - echo "##[set-output name=publicIP;]${publicIP}" - - name: Create environment variable for managedServerVM1 IP - id: env-managedserver-vm1-ip - run: echo "ms1PublicIP=${{steps.query-wls-managed-ip.outputs.publicIP}}" >> $GITHUB_ENV - - - name: Verify WebLogic Server Installation - id: verify-wls - run: | - echo "pubilc IP of wls machine: ${wlsPublicIP}" - echo "Verifying Weblgic server installation" - timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 - echo install sshpass - sudo apt-get install -y sshpass - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.repoName }}/test/scripts/verify-wls-path.sh - - # Fix failure that caused by remote server closed. - - name: Restart remote SSH agent - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Verify wls admin services - id: veriy-admin-service - run: | - echo "Verifying WebLogic services at admin server" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.repoName }}/test/scripts/verify-services.sh $wls_admin_services - - # Fix failure that caused by remote server closed. - - name: Restart remote SSH agent - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Verify wls managed server services - id: veriy-msservice - run: | - echo "Verifying WebLogic services at managed server" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${ms1PublicIP} 'bash -s' < ${{ env.repoName }}/test/scripts/verify-services.sh $wls_managedServer_services - - - name: Verify WebLogic Server Access - id: verify-wls-access - run: | - echo "Verifying Weblogic Server Access" - bash ${{ env.repoName }}/test/scripts/verify-wls-access.sh <<< "$wlsPublicIP ${adminConsolePort} $wlsUserName $wlsPassword $managedServers" - - # Fix failure that caused by remote server closed. - - name: Restart remote SSH agent - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Verify WebLogic Managed Server LifeCycle check - id: verify-server-lifecycle - run: | - echo "Verifying Weblogic managed server lifecycle" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < ${{ env.repoName }}/test/scripts/verify-servers-lifecycle.sh - - - name: Deploy DB Template to Connect to Azure Postgresql Database - id: enable-postgresql-db - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for db template deployment - bash ${{ env.repoName }}/test/scripts/gen-parameters-deploy-db.sh \ - <<< "${{ env.repoName }}/test/scripts/ \ - ${{ env.adminVMName }} \ - ${{ env.wlsPassword}} \ - ${{ env.dbName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }}" - echo "Deploy DB Template..." - az group deployment create \ - --verbose \ - --resource-group ${resourceGroup} \ - --name db \ - --parameters @${{ env.repoName }}/test/scripts/parameters-deploy-db.json \ - --template-file ${artifactName}/nestedtemplates/dbTemplate.json - - - name: Generate Application Gateway Certificate - id: gen-certificate-agw - run: | - echo "Generate SSL Certificate for Application Gateway" - openssl genrsa -passout pass:${{ env.wlsPassword }} -out privkey.pem 3072 - openssl req -x509 -new -key privkey.pem -out privkey.pub -subj "/C=US" - openssl pkcs12 -passout pass:${{ env.wlsPassword }} -export -in privkey.pub -inkey privkey.pem -out mycert.pfx - agwCertificateBase64String=$(base64 mycert.pfx -w 0) - echo "agwCertificateBase64String=${agwCertificateBase64String}" >> $GITHUB_ENV - - name: Set up Application Gateway by Deploying Sub Template - id: enable-application-gateway - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for application gateway template deployment - bash ${{ env.repoName }}/test/scripts/gen-parameters-deploy-agw.sh \ - <<< "${{ env.repoName }}/test/scripts/parameters-deploy-agw.json \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.adminVMName }} \ - ${agwCertificateBase64String} \ - ${{ env.wlsPassword }} \ - ${{ env.numberOfInstances }} \ - ${{ env.location }} \ - ${{ env.wlsPassword }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsDomainName }} \ - ${{ env.managedServerPrefix }}" - echo "Deploy Application Gateway Template..." - az group deployment create \ - --verbose \ - --debug \ - --resource-group ${resourceGroup} \ - --name agw \ - --parameters @${{ env.repoName }}/test/scripts/parameters-deploy-agw.json \ - --template-file ${artifactName}/nestedtemplates/appGatewayNestedTemplate.json - - - name: Query appGatewayURL of appgateway deployment - id: query-agwurl - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query appgatewayURL" - appGatewayURL=$(az network public-ip show \ - --resource-group $resourceGroup \ - --name gwip \ - --query dnsSettings.fqdn -o tsv) - echo "##[set-output name=appGatewayURL;]${appGatewayURL}" - - name: Save appGatewayURL for app deployement verification - id: save-appgatewayurl - run: | - echo ${{steps.query-agwurl.outputs.appGatewayURL}} - echo "appGatewayURL=${{steps.query-agwurl.outputs.appGatewayURL}}" >> $GITHUB_ENV - echo ${appGatewayURL} - - - name: Checkout WebLogic-Cafe - id: checkout-webapp - uses: actions/checkout@v2 - with: - repository: microsoft/weblogic-on-azure - path: weblogic-on-azure - - - name: Maven build the web app - id: maven-build-webapp - run: | - echo "build the WebLogic Cafe web app" - mvn -DskipTests clean install --file weblogic-on-azure/javaee/weblogic-cafe/pom.xml - - - name: Query adminVMsver DNS - id: query-adminvmdns - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query adminVMsver DNS for $adminVMName" - adminVMDNS=$(az network public-ip show \ - --resource-group $resourceGroup \ - --name "${adminVMName}_PublicIP" \ - --query dnsSettings.fqdn -o tsv) - echo "##[set-output name=adminVMDNS;]${adminVMDNS}" - - - name: Save adminVMsver DNS for app deployement - id: save-adminvmdns - run: | - echo ${{steps.query-adminvmdns.outputs.adminVMDNS}} - echo "adminVMDNS=${{steps.query-adminvmdns.outputs.adminVMDNS}}" >> $GITHUB_ENV - echo ${adminVMDNS} - - - name: Prepare the webapp deployment script - id: prepare-webapp-deployement-script - run: | - echo ${adminVMDNS} ${wlsUserName} - sed -i "s/#adminVMDNS#/${adminVMDNS}/g; \ - s/#wlsUserName#/$wlsUserName/g; \ - s/#wlsPassword#/$wlsPassword/g" \ - arm-oraclelinux-wls-cluster/test/scripts/deploy-webapp.sh - - echo ${appGatewayURL} - sed -i "s|#appGatewayURL#|${appGatewayURL}|g;" \ - arm-oraclelinux-wls-cluster/test/scripts/verify-webapp-deployment.sh - - - name: Add ip address to security rule to access the wls machine - id: add-ip-to-security-rule-105 - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query existing source address prefixes" - attempt=0 - toCreateRule105=false - while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-105"` && $attempt -le 5 ]] - do - if [ $attempt -eq 5 ]; then - toCreateRule105=true - fi - echo "network security group rule NRMS-Rule-105 is not ready" - sleep 1m - attempt=$((attempt + 1)) - done - if [ $toCreateRule105 == true ]; then - az network nsg rule create --name NRMS-Rule-105 \ - --nsg-name ${nsg} \ - --priority 102 \ - --resource-group $resourceGroup \ - --access Allow \ - --destination-address-prefixes "*" \ - --destination-port-ranges 1433 1434 3306 4333 5432 6379 7000 7199 9042 9160 9300 16379 26379 27017 \ - --direction Inbound \ - --protocol Tcp \ - --source-address-prefixes $myIP - else - az network nsg rule update \ - --resource-group $resourceGroup \ - --nsg-name ${nsg} \ - --name NRMS-Rule-105 \ - --destination-port-ranges 1433 1434 3306 4333 5432 6379 7000 7199 9042 9160 9300 16379 26379 27017 - fi - - - name: Restart wls VM - id: restart-wls-admin-vm - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "restart vm to make sure security rule work." - az vm restart -g $resourceGroup -n $adminVMName - - # Fix failure that caused by remote server closed. - - name: Restart remote SSH agent - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Deploy WebLogicCafe app using WebLogic Management Services - id: deploy-webapp - run: | - echo "Deploy WebLogic Cafe to server" - timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${adminVMDNS} 7001 - bash arm-oraclelinux-wls-cluster/test/scripts/deploy-webapp.sh - - - name: Verify WebLogicCafe app is successfully deployed - id: verify-webapp-deployment - run: | - echo "Verify WebLogicCafe app is successfully deployed" - bash arm-oraclelinux-wls-cluster/test/scripts/verify-webapp-deployment.sh - - - name: Set up ELK by deploying sub template - id: enable-elk - if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for ELK template deployment - bash ${{ env.repoName }}/test/scripts/gen-parameters-deploy-elk.sh \ - <<< "${{ env.repoName }}/test/scripts/parameters-deploy-elk.json \ - ${{ env.adminVMName }} \ - ${{ env.elkPassword }} \ - ${{ env.elkURI }} \ - ${{ env.elkUser }} \ - ${{ env.location }} \ - ${{ env.numberOfInstances }} \ - ${{ env.wlsDomainName }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }} \ - ${{ github.run_id }}${{ github.run_number }}" - - echo "Deploy ELK Template..." - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name elk \ - --parameters @${{ env.repoName }}/test/scripts/parameters-deploy-elk.json \ - --template-file ${artifactName}/nestedtemplates/elkNestedTemplate.json - - - name: Get storage account name - id: query-storage-account-name - run: | - echo "query storage account name" - storageAccount=$(az resource list -g $resourceGroup --resource-type Microsoft.Storage/storageAccounts --query [0].name -o tsv) - echo "Storage account name: ${storageAccount}" - echo "storageAccount=${storageAccount}" >> $GITHUB_ENV - - - name: Set up Coherence by deploying sub template - id: enable-coherence - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for Coherence template deployment - bash ${{ env.repoName }}/test/scripts/gen-parameters-deploy-coherence.sh \ - <<< "${{ env.repoName }}/test/scripts/parameters-deploy-coherence.json \ - ${{ env.adminVMName }} \ - ${{ env.wlsPassword }} \ - ${{ matrix.images }} \ - ${{ env.location }} \ - ${storageAccount} \ - ${{ env.wlsDomainName }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }}" - - echo "Deploy Coherence Template..." - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name coherence \ - --parameters @${{ env.repoName }}/test/scripts/parameters-deploy-coherence.json \ - --template-file ${artifactName}/nestedtemplates/coherenceTemplate.json - - - name: Output addnode artifact name - id: artifact_file_addnode - run: | - addnodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/addnode/pom.xml) - artifactNameOfAddnode=${{ env.repoName }}-addnode-$addnodeVersion-arm-assembly - echo "artifactNameOfAddnode=${artifactNameOfAddnode}" >> $GITHUB_ENV - echo "##[set-output name=artifactNameOfAddnode;]${artifactNameOfAddnode}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file_addnode.outputs.artifactNameOfAddnode}} - - - name: Add new nodes to existing cluster - id: add-node - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "add two new nodes and enable app gateway" - echo "generate add-node parameters" - bash ${{ env.repoName }}/test/scripts/gen-parameters-deploy-addnode.sh \ - <<< "${{ env.repoName }}/test/scripts/parameters-deploy-addnode.json \ - ${{ env.wlsPassword }} \ - ${{ env.adminVMName }}:${adminConsolePort} \ - weblogic \ - ${{ env.numberOfInstances }} \ - ${{ matrix.images }} \ - ${storageAccount} \ - ${{ env.wlsDomainName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }}" - echo "deploy add-node template to create new nodes" - az group deployment validate \ - -g ${resourceGroup} \ - -f ${artifactNameOfAddnode}/mainTemplate.json \ - -p @${{ env.repoName }}/test/scripts/parameters-deploy-addnode.json \ - --no-prompt - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name addnode \ - --parameters @${{ env.repoName }}/test/scripts/parameters-deploy-addnode.json \ - --template-file ${artifactNameOfAddnode}/mainTemplate.json - - name: Verify new nodes - id: verify-new-nodes - run: | - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) - if [ -z "$mspVM2" ]; then - echo "Add-node failure: new machine ${{ env.managedServerPrefix }}VM2 does not exist." - exit 1 - fi - - - name: Output addnode-coherence artifact name - id: artifact_file_addnode_coherence - run: | - addnodeCoherenceVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/addnode-coherence/pom.xml) - artifactNameOfAddnodeCo=${{ env.repoName }}-addnode-coherence-$addnodeCoherenceVersion-arm-assembly - echo "artifactNameOfAddnodeCo=${artifactNameOfAddnodeCo}" >> $GITHUB_ENV - echo "##[set-output name=artifactNameOfAddnodeCo;]${artifactNameOfAddnodeCo}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file_addnode_coherence.outputs.artifactNameOfAddnodeCo}} - - - name: Add new cache node to coherence cluster - id: add-node-coherence - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "add new cache server" - echo "generate parameters" - bash ${{ env.repoName }}/test/scripts/gen-parameters-deploy-addnode-coherence.sh \ - <<< "${{ env.repoName }}/test/scripts/parameters-deploy-addnode-coherence.json \ - ${{ env.wlsPassword }} \ - ${{ env.adminVMName }} \ - weblogic \ - 1 \ - ${{ matrix.images }} \ - ${storageAccount} \ - ${{ env.wlsDomainName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }}" - echo "deploy add-node template to create new nodes" - az group deployment validate \ - -g ${resourceGroup} \ - -f ${artifactNameOfAddnodeCo}/mainTemplate.json \ - -p @${{ env.repoName }}/test/scripts/parameters-deploy-addnode-coherence.json \ - --no-prompt - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name addnode \ - --parameters @${{ env.repoName }}/test/scripts/parameters-deploy-addnode-coherence.json \ - --template-file ${artifactNameOfAddnodeCo}/mainTemplate.json - - name: Verify new nodes - id: verify-new-nodes-coherence - run: | - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}StorageVM2 --query [0].name -o tsv) - if [ -z "$mspVM2" ]; then - echo "Add-node failure: new machine ${{ env.managedServerPrefix }}StorageVM2 does not exist." - exit 1 - fi - - - name: Output delete-node artifact name - id: artifact_file_deletenode - run: | - deleteNodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/deletenode/pom.xml) - artifactNameOfDeleteNode=${{ env.repoName }}-deletenode-$deleteNodeVersion-arm-assembly - echo "artifactNameOfDeleteNode=${artifactNameOfDeleteNode}" >> $GITHUB_ENV - echo "##[set-output name=artifactNameOfDeleteNode;]${artifactNameOfDeleteNode}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file_deletenode.outputs.artifactNameOfDeleteNode}} - - name: Delete nodes from existing cluster - id: delete-node - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "generate delete-node parameters" - bash ${{ env.repoName }}/test/scripts/gen-parameters-deploy-deletenode.sh \ - <<< "${{ env.repoName }}/test/scripts/parameters-deploy-deletenode.json \ - ${{ env.adminVMName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }}" - echo "Run deletenode-cli.sh to remove nodes" - chmod ugo+x ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh - ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh \ - -g ${resourceGroup} \ - -f ${artifactNameOfDeleteNode}/mainTemplate.json \ - -p ${{ env.repoName }}/test/scripts/parameters-deploy-deletenode.json \ - -s - - name: Verify deleted nodes - id: verify-deleted-nodes - run: | - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) - count=0 - while [[ -n "$mspVM2" && $count -lt 10 ]]; - do - echo "waiting for $mspVM2 deleted..." - sleep 1m - count=$((count+1)) - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) - if [ -z "$mspVM2" ]; then - break; - fi - done - - if [ -n "$mspVM2" ]; then - echo "Delete-node failure: machine ${{ env.managedServerPrefix }}VM2 is not removed." - exit 1 - fi - - - name: Delete Resource Group - id: delete-resource-group - if: always() - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " $resourceGroup - az group delete --yes --no-wait --verbose --name $resourceGroup - - name: Delete ELK index - id: delete-elk-index - if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} - run: | - curl -XDELETE --user ${{ env.elkUser }}:${{ env.elkPassword }} ${{ env.elkURI }}/azure-weblogic-cluster-${{ github.run_id }}${{ github.run_number }} - - cleanup-github-resoruce: - needs: deploy-weblogic-cluster - if: always() - runs-on: ubuntu-latest - steps: - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - - name: Delete testing branch - run: | - cd ${{ env.repoName }} - git push https://$gitToken@github.com/$userName/${{ env.repoName }}.git -f --delete $testbranchName - - cleanup-az-resource: - if: always() - needs: deploy-weblogic-cluster - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - id: azure-login - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Delete DB Resource Group - id: delete-db-resource-group - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " $resourceGroup - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDependency }} - - summary: - needs: deploy-weblogic-cluster - if: always() - runs-on: ubuntu-latest - steps: - - name: summarize jobs - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - run: | - workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster/actions/runs/${{ github.run_id }}/jobs) - critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-cluster."))) | length') - echo "$critical_job_num" - succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-cluster."))) | length') - echo "$succeed_critical_job_num" - failed_job_num="$(($critical_job_num-$succeed_critical_job_num))" - echo $failed_job_num - if (($failed_job_num >= 2));then - echo "too many jobs failed, send notification to Teams" - curl ${{ secrets.MSTEAMS_WEBHOOK }} \ - -H 'Content-Type: application/json' \ - --data-binary @- << EOF - { - "@context":"http://schema.org/extensions", - "@type":"MessageCard", - "text":"$failed_job_num jobs failed in Configured Cluster Offer's workflow, please take a look at: https://github.com/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster/actions/runs/${{ github.run_id }}" - } - EOF - fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml deleted file mode 100644 index fe720de97..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/.github/workflows/package.yaml +++ /dev/null @@ -1,77 +0,0 @@ -#Copyright (c) 2021 Oracle and/or its affiliates. -#Released under the Universal Permissive License v1.0 as shown at -# https://oss.oracle.com/licenses/upl/ - -name: Package ARM -on: - workflow_dispatch: - inputs: - pidType: - description: 'Specify which pids to use, oracle or microsoft.' - required: true - default: 'microsoft' - ref: - description: 'Specify Git Ref if needed.' - required: false - default: 'refs/heads/develop' -env: - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - refJavaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - repoName: "arm-oraclelinux-wls-cluster" - -jobs: - package: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.refArmttk }} - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - ref: ${{ github.event.inputs.ref }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - - name: Build and test ${{ env.repoName }} using ${{ github.event.inputs.pidType }} pids - run: | - cd ${{ env.repoName }} - pidType=${{ github.event.inputs.pidType }} - if [[ "${pidType}" == "oracle" ]];then - echo "using oracle pid" - mvn -Ptemplate-validation-tests clean install - else - echo "using ms pid" - mvn -Ptemplate-validation-tests clean install -Ddev - fi - - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/${{ env.repoName }}/pom.xml) - artifactName=${{ env.repoName }}-$version-arm-assembly - unzip ${{ env.repoName }}/${{ env.repoName }}/target/$artifactName.zip -d ${{ env.repoName }}/${{ env.repoName }}/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}-${{ github.event.inputs.pidType }}" - echo "##[set-output name=artifactPath;]${{ env.repoName }}/${{ env.repoName }}/target/$artifactName" - - name: Archive ${{ env.repoName }} template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} - - diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml deleted file mode 100644 index 995deaf5e..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/build.yml +++ /dev/null @@ -1,841 +0,0 @@ -#Copyright (c) 2021 Oracle and/or its affiliates. -#Released under the Universal Permissive License v1.0 as shown at -# https://oss.oracle.com/licenses/upl/ - -name: Build and Test -on: - workflow_dispatch: - inputs: - enableELK: - description: 'Specify whether to enable ELK depoyment or not.' - required: true - default: 'false' - # Allows you to run this workflow using GitHub APIs - # PERSONAL_ACCESS_TOKEN= - # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster - # curl --verbose -XPOST -u "wls-eng:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' - repository_dispatch: - -env: - adminConsolePort: 7001 - azCliVersion: 2.6.0 - dbName: wlsdb${{ github.run_id }}${{ github.run_number }} - elkURI: ${{ secrets.ELK_URI }} - elkUser: ${{ secrets.ELK_USER_NAME }} - elkPassword: ${{ secrets.ELK_PSW }} - location: eastus - nsg: wls-nsg - resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} - resourceGroupPrefix: wls-${{ github.run_id }}-${{ github.run_number }} - userEmail: ${{ secrets.USER_EMAIL }} - userName: ${{ secrets.USER_NAME }} - wlsPassword: ${{ secrets.WLS_PASSWORD }} - adminPassword: ${{ secrets.WLS_PASSWORD }} - otnUser: ${{ secrets.OTN_USERID }} - otnPassword: ${{ secrets.OTN_PASSWORD }} - wlsDomainName: dyClusterDomain - wlsUserName: weblogic - managedServerPrefix: managedServer - adminVMName: adminServerVM - managedServers: "managedServer1" - managedServerVM: "managedServerVM1" - testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} - ref_javaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - ref_armttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - git_token: ${{ secrets.GIT_TOKEN }} - maxDynamicClusterSize: 2 - dynamicClusterSize: 1 - wls_admin_services: "rngd wls_admin wls_nodemanager" - wls_managedServer_services: "rngd wls_nodemanager" - -jobs: - preflight: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.ref_javaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.ref_armttk }} - - name: Checkout arm-oraclelinux-wls-dynamic-cluster - uses: actions/checkout@v2 - with: - path: arm-oraclelinux-wls-dynamic-cluster - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - name: Built and test arm-oraclelinux-wls-dynamic-cluster - run: mvn -Ptemplate-validation-tests clean install --file arm-oraclelinux-wls-dynamic-cluster/pom.xml - - - name: Checkout arm-oraclelinux-wls-dynamic-cluster for test - uses: actions/checkout@v2 - with: - path: arm-oraclelinux-wls-dynamic-cluster-dev - - - name: Create a new branch with development pids in nestedtemplates - run: | - current=`pwd` - echo "current=${current}" >> $GITHUB_ENV - cd arm-oraclelinux-wls-dynamic-cluster-dev/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates - git config --global core.longpaths true - git config --global user.email $userEmail - git config --global user.name $userName - echo "create branch $testbranchName" - git checkout -b $testbranchName - rm -r -f $current/arm-oraclelinux-wls-dynamic-cluster-dev/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/* - cp -r -f $current/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/target/arm/nestedtemplates/* $current/arm-oraclelinux-wls-dynamic-cluster-dev/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/ - git status - git commit -a -m "hard code pids" - git push https://$git_token@github.com/$userName/arm-oraclelinux-wls-dynamic-cluster -f - - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Validate deployment templates for different combinations of service integration - id: validate-deployment-templates - run: | - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-deployments.sh <<< \ - "${{ github.run_id }}${{ github.run_number }} ${location} \ - arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/target/arm/mainTemplate.json \ - ${userName} ${testbranchName} arm-oraclelinux-wls-dynamic-cluster/test/scripts" - - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml) - artifactName=arm-oraclelinux-wls-dynamic-cluster-$version-arm-assembly - unzip arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/target/$artifactName.zip -d arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}" - echo "##[set-output name=artifactPath;]arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/target/$artifactName" - - name: Archive arm-oraclelinux-wls-dynamic-cluster template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} - - - name: Generate addnode artifact file name and path - id: addnode_artifact_file - run: | - addnode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml) - addnode_artifactName=arm-oraclelinux-wls-dynamic-cluster-addnode-$addnode_version-arm-assembly - unzip arm-oraclelinux-wls-dynamic-cluster/addnode/target/$addnode_artifactName.zip -d arm-oraclelinux-wls-dynamic-cluster/addnode/target/$addnode_artifactName - echo "##[set-output name=addnode_artifactName;]${addnode_artifactName}" - echo "##[set-output name=addnode_artifactPath;]arm-oraclelinux-wls-dynamic-cluster/addnode/target/$addnode_artifactName" - - name: Archive arm-oraclelinux-wls-dynamic-cluster addnode template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.addnode_artifact_file.outputs.addnode_artifactName}} - path: ${{steps.addnode_artifact_file.outputs.addnode_artifactPath}} - - - name: Generate delete node artifact file name and path - id: deletenode_artifact_file - run: | - deletenode_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml) - deletenode_artifactName=arm-oraclelinux-wls-dynamic-cluster-deletenode-$deletenode_version-arm-assembly - unzip arm-oraclelinux-wls-dynamic-cluster/deletenode/target/$deletenode_artifactName.zip -d arm-oraclelinux-wls-dynamic-cluster/deletenode/target/$deletenode_artifactName - echo "##[set-output name=deletenode_artifactName;]${deletenode_artifactName}" - echo "##[set-output name=deletenode_artifactPath;]arm-oraclelinux-wls-dynamic-cluster/deletenode/target/$deletenode_artifactName" - - - name: Archive arm-oraclelinux-wls-dynamic-cluster deletenode template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactName}} - path: ${{steps.deletenode_artifact_file.outputs.deletenode_artifactPath}} - - - name: Generate addnode-coherence artifact file name and path - id: addnode_coherence_artifact_file - run: | - addnode_coherence_version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml) - addnode_coherence_artifactName=arm-oraclelinux-wls-dynamic-cluster-addnode-coherence-$addnode_coherence_version-arm-assembly - unzip arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/target/$addnode_coherence_artifactName.zip -d arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/target/$addnode_coherence_artifactName - echo "##[set-output name=addnode_coherence_artifactName;]${addnode_coherence_artifactName}" - echo "##[set-output name=addnode_coherence_artifactPath;]arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/target/$addnode_coherence_artifactName" - - - name: Archive arm-oraclelinux-wls-dynamic-cluster addnode-coherence template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactName}} - path: ${{steps.addnode_coherence_artifact_file.outputs.addnode_coherence_artifactPath}} - - deploy-dependencies: - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - needs: preflight - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Create Resource Group - id: create-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" ${{ env.resourceGroupForDependency }} - az group create --verbose --name ${{ env.resourceGroupForDependency }} --location ${location} - - - name: Set Up Azure Postgresql to Test dbTemplate - id: setup-postgresql - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Deploy DB with name " ${{ env.dbName }} - az postgres server create \ - --resource-group ${{ env.resourceGroupForDependency }} \ - --name ${{ env.dbName }} \ - --location ${location} \ - --admin-user weblogic \ - --ssl-enforcement Enabled \ - --public-network-access Enabled \ - --admin-password ${{ env.wlsPassword }} \ - --sku-name B_Gen5_1 - - echo "Allow Access To Azure Services" - az postgres server firewall-rule create \ - -g ${{ env.resourceGroupForDependency }} \ - -s ${{ env.dbName }} \ - -n "AllowAllWindowsAzureIps" \ - --start-ip-address "0.0.0.0" \ - --end-ip-address "0.0.0.0" - - deploy-weblogic-cluster: - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - needs: preflight - runs-on: ubuntu-latest - strategy: - max-parallel: 1 - fail-fast: false - matrix: - images: - [ - "owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest", - "owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest", - "owls-122140-jdk8-ol76;Oracle:weblogic-122140-jdk8-ol76:owls-122140-jdk8-ol7;latest", - "owls-141100-jdk8-ol76;Oracle:weblogic-141100-jdk8-ol76:owls-141100-jdk8-ol7;latest", - "owls-141100-jdk11-ol76;Oracle:weblogic-141100-jdk11-ol76:owls-141100-jdk11-ol7;latest" - ] - steps: - - name: Checkout arm-oraclelinux-wls-dynamic-cluster - uses: actions/checkout@v2 - with: - path: arm-oraclelinux-wls-dynamic-cluster - - name: Get version information from arm-oraclelinux-wls-dynamic-cluster/pom.xml - id: version - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml) - echo "version=${version}" >> $GITHUB_ENV - - name: Output artifact name for Download action - id: artifact_file - run: | - artifactName=arm-oraclelinux-wls-dynamic-cluster-$version-arm-assembly - echo "artifactName=${artifactName}" >> $GITHUB_ENV - echo "##[set-output name=artifactName;]${artifactName}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file.outputs.artifactName}} - - uses: azure/login@v1 - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Get Image SKU - id: image-sku - run: | - imageUrn="${{ matrix.images }}" - sku=${imageUrn%%;*} - echo "sku=${sku}" >> $GITHUB_ENV - echo ${resourceGroupPrefix} - resourceGroup=$(echo "${resourceGroupPrefix}-${sku}" | sed "s/_//g") - echo "resourceGroup=${resourceGroup}" >> $GITHUB_ENV - - name: Create Resource Group - id: create-resource-group - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "create resource group" $resourceGroup - az group create --verbose --name $resourceGroup --location ${location} - - - name: Prepare deployed parameters and test script - id: prepare-deployed-parameters-and-test-script - run: | - imageUrn="${{ matrix.images }}" - sed -i "s/#adminPasswordOrKey#/$wlsPassword/g" \ - arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-wls-path.sh - sed -i "s/#adminVMName#/$adminVMName/g; \ - s/#adminPasswordOrKey#/$wlsPassword/g; \ - s/#managedServers#/$managedServers/g; \ - s/#wlsUserName#/$wlsUserName/g; \ - s/#wlspassword#/$wlsPassword/g" \ - arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-servers-lifecycle.sh - - echo "Generate deployment parameters..." - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy.sh <<< \ - "arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-test.json \ - $location \ - $wlsPassword \ - $wlsDomainName \ - $wlsUserName \ - $wlsPassword \ - $managedServerPrefix \ - $maxDynamicClusterSize \ - $dynamicClusterSize \ - $adminVMName \ - $imageUrn \ - $testbranchName \ - $userName" - - - name: Accept Image Terms - id: accept-terms - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "accept terms for " "${{ matrix.images }}" - rawUrn="${{ matrix.images }}" - publisherAndName=$(echo ${rawUrn} | grep -o ";.*:" | sed "s/;//g") - imageVersion=${rawUrn##*;} - az vm image terms accept --urn ${publisherAndName}${sku}:${imageVersion} - - - name: Deploy WebLogic Server Dynamic Cluster Domain offer - id: deploy-wls-dycluster - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - az deployment group create \ - --verbose \ - --resource-group $resourceGroup \ - --name wls-dycluster-node \ - --parameters @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-test.json \ - --template-file arm-oraclelinux-wls-dynamic-cluster-$version-arm-assembly/mainTemplate.json - - - name: Verify Network Security Group - id: verify-nsg - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query nsg name, will exit with error if nsg does not exist." - az network nsg show -g $resourceGroup -n ${nsg} --query "name" - - - name: Get IP of build machine - id: get-ip-address - run: | - myIP=$(dig @ns1.google.com TXT o-o.myaddr.l.google.com +short) - echo "myIP=${myIP}" >> $GITHUB_ENV - - - name: Add ip address to security rule to access the wls machine - id: add-ip-to-security-rule - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query existing source address prefixes" - attempt=0 - toCreateRule101=false - while [[ -z `az network nsg show -g $resourceGroup -n ${nsg} | grep "NRMS-Rule-101"` && $attempt -le 5 ]] - do - if [ $attempt -eq 5 ]; then - toCreateRule101=true - fi - echo "network security group rule NRMS-Rule-101 is not ready" - sleep 1m - attempt=$((attempt + 1)) - done - if [ $toCreateRule101 == true ]; then - az network nsg rule create --name NRMS-Rule-101 \ - --nsg-name ${nsg} \ - --priority 101 \ - --resource-group $resourceGroup \ - --access Allow \ - --destination-address-prefixes "*" \ - --destination-port-ranges 22 43 ${adminConsolePort} \ - --direction Inbound \ - --protocol Tcp \ - --source-address-prefixes $myIP - else - sourceAddressPrefixes=$(az network nsg rule show \ - --resource-group $resourceGroup \ - --nsg-name ${nsg} \ - --name NRMS-Rule-101 \ - --query "sourceAddressPrefixes") - echo "IP of this machine: " ${myIP} - sourceAddressPrefixes=$(echo ${myIP} ${sourceAddressPrefixes} | \ - sed 's/,/ /g; s/\[//g; s/\]//g; s/"//g') - echo ${sourceAddressPrefixes} - az network nsg rule update \ - --resource-group $resourceGroup \ - --nsg-name ${nsg} \ - --name NRMS-Rule-101 \ - --source-address-prefixes $sourceAddressPrefixes \ - --destination-port-ranges 443 22 ${adminConsolePort} - fi - - name: Restart wls VM - id: restart-wls-wm - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "restart vm to make sure security rule work." - az vm restart -g $resourceGroup -n $adminVMName - - - name: Query public IP of AdminServer VM - id: query-wls-admin-ip - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query public ip" - publicIP=$(az vm show \ - --resource-group $resourceGroup \ - --name $adminVMName -d \ - --query publicIps -o tsv) - echo "##[set-output name=publicIP;]${publicIP}" - - name: Create environment variable for AdminServer IP - id: env-admin-ip - run: echo "wlsPublicIP=${{steps.query-wls-admin-ip.outputs.publicIP}}" >> $GITHUB_ENV - - - name: Query public IP of managedServerVM1 - id: query-wls-managed-ip - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "query public ip" - publicIP=$(az vm show \ - --resource-group $resourceGroup \ - --name $managedServerVM -d \ - --query publicIps -o tsv) - echo "##[set-output name=publicIP;]${publicIP}" - - name: Create environment variable for managedServerVM1 IP - id: env-managedserver-vm1-ip - run: echo "ms1PublicIP=${{steps.query-wls-managed-ip.outputs.publicIP}}" >> $GITHUB_ENV - - - name: Verify WebLogic Server Installation - id: verify-wls - run: | - echo "pubilc IP of wls machine: ${wlsPublicIP}" - echo "Verifying Weblgic server installation" - timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${wlsPublicIP} 22 - echo install sshpass - sudo apt-get install -y sshpass - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-wls-path.sh - - # Fix failure that caused by remote server closed. - - name: Restart remote SSH agent - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Verify wls admin services - id: veriy-admin-service - run: | - echo "Verifying WebLogic services at admin server" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-services.sh $wls_admin_services - - # Fix failure that caused by remote server closed. - - name: Restart remote SSH agent - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Verify wls managed server services - id: veriy-msservice - run: | - echo "Verifying WebLogic services at managed server" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${ms1PublicIP} 'bash -s' < arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-services.sh $wls_managedServer_services - - - name: Verify WebLogic Server Access - id: verify-wls-access - run: | - echo "Verifying Weblogic Server Access" - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-wls-access.sh <<< "$wlsPublicIP ${adminConsolePort} $wlsUserName $wlsPassword $managedServers" - - # Fix failure that caused by remote server closed. - - name: Restart remote SSH agent - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "Restart remote SSH agent" - az vm user reset-ssh \ - --resource-group $resourceGroup \ - --name ${{ env.adminVMName }} - - - name: Verify WebLogic Managed Server LifeCycle check - id: verify-server-lifecycle - run: | - echo "Verifying Weblogic managed server lifecycle" - sshpass -p ${wlsPassword} -v ssh -p 22 -o StrictHostKeyChecking=no -o ConnectTimeout=100 -v -tt weblogic@${wlsPublicIP} 'bash -s' < arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-servers-lifecycle.sh - - - name: Deploy DB Template to Connect to Azure Postgresql Database - id: enable-postgresql-db - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for db template deployment - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-db.sh <<< \ - "arm-oraclelinux-wls-dynamic-cluster/test/scripts/ \ - ${{ env.adminVMName }} \ - ${{ env.wlsPassword}} \ - ${{ env.dbName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }}" - echo "Deploy DB Template..." - az group deployment create \ - --verbose \ - --resource-group ${resourceGroup} \ - --name db \ - --parameters @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-db.json \ - --template-file arm-oraclelinux-wls-dynamic-cluster-$version-arm-assembly/nestedtemplates/dbTemplate.json - - - name: Set up ELK by deploying sub template - id: enable-elk - if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for ELK template deployment - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-elk.sh <<< \ - "arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-elk.json \ - ${{ env.adminVMName }} \ - ${{ env.elkPassword }} \ - ${{ env.elkURI }} \ - ${{ env.elkUser }} \ - ${{ env.location }} \ - ${{ env.wlsDomainName }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }} \ - ${{ env.maxDynamicClusterSize }} \ - ${{ env.dynamicClusterSize }} \ - ${{ github.run_id }}${{ github.run_number }}" - - echo "Deploy ELK Template..." - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name elk \ - --parameters @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-elk.json \ - --template-file ${artifactName}/nestedtemplates/elkNestedTemplate.json - - - name: Get storage account name - id: query-storage-account-name - run: | - echo "query storage account name" - storageAccount=$(az resource list -g $resourceGroup --resource-type Microsoft.Storage/storageAccounts --query [0].name -o tsv) - echo "Storage account name: ${storageAccount}" - echo "storageAccount=${storageAccount}" >> $GITHUB_ENV - - - name: Set up Coherence by deploying sub template - id: enable-coherence - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - # Generate parameters for Coherence template deployment - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-coherence.sh <<< \ - "arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-coherence.json \ - ${{ env.adminVMName }} \ - ${{ env.wlsPassword }} \ - ${{ matrix.images }} \ - ${{ env.location }} \ - ${storageAccount} \ - ${{ env.wlsDomainName }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }}" - - echo "Deploy Coherence Template..." - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name coherence \ - --parameters @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-coherence.json \ - --template-file ${artifactName}/nestedtemplates/coherenceTemplate.json - - - name: Output addnode artifact name - id: artifact_file_addnode - run: | - addnodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml) - artifactNameOfAddnode=arm-oraclelinux-wls-dynamic-cluster-addnode-$addnodeVersion-arm-assembly - echo "artifactNameOfAddnode=${artifactNameOfAddnode}" >> $GITHUB_ENV - echo "##[set-output name=artifactNameOfAddnode;]${artifactNameOfAddnode}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file_addnode.outputs.artifactNameOfAddnode}} - - - name: Add new nodes to existing cluster - id: add-node - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "add two new nodes" - echo "generate add-node parameters" - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode.sh <<< \ - "arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-addnode.json \ - ${{ env.wlsPassword }} \ - ${{ env.adminVMName }}:${adminConsolePort} \ - weblogic \ - 1 \ - ${{ matrix.images }} \ - ${storageAccount} \ - ${{ env.wlsDomainName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }} \ - ${{ env.dynamicClusterSize }} \ - ${{ env.maxDynamicClusterSize }}" - - echo "deploy add-node template to create new nodes" - az group deployment validate \ - -g ${resourceGroup} \ - -f ${artifactNameOfAddnode}/mainTemplate.json \ - -p @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-addnode.json \ - --no-prompt - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name addnode \ - --parameters @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-addnode.json \ - --template-file ${artifactNameOfAddnode}/mainTemplate.json - - name: Verify new nodes - id: verify-new-nodes - run: | - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) - if [ -z "$mspVM2" ]; then - echo "Add-node failure: new machine ${{ env.managedServerPrefix }}VM2 does not exist." - exit 1 - fi - - - name: Output addnode-coherence artifact name - id: artifact_file_addnode_coherence - run: | - addnodeCoherenceVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml) - artifactNameOfAddnodeCo=arm-oraclelinux-wls-dynamic-cluster-addnode-coherence-$addnodeCoherenceVersion-arm-assembly - echo "artifactNameOfAddnodeCo=${artifactNameOfAddnodeCo}" >> $GITHUB_ENV - echo "##[set-output name=artifactNameOfAddnodeCo;]${artifactNameOfAddnodeCo}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file_addnode_coherence.outputs.artifactNameOfAddnodeCo}} - - - name: Add new cache node to coherence cluster - id: add-node-coherence - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "add new cache server" - echo "generate parameters" - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-addnode-coherence.sh <<< \ - "arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-addnode-coherence.json \ - ${{ env.wlsPassword }} \ - ${{ env.adminVMName }} \ - weblogic \ - 1 \ - ${{ matrix.images }} \ - ${storageAccount} \ - ${{ env.wlsDomainName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }}" - echo "deploy add-node template to create new nodes" - az group deployment validate \ - -g ${resourceGroup} \ - -f ${artifactNameOfAddnodeCo}/mainTemplate.json \ - -p @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-addnode-coherence.json \ - --no-prompt - az group deployment create \ - --debug \ - --resource-group ${resourceGroup} \ - --name addnode \ - --parameters @arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-addnode-coherence.json \ - --template-file ${artifactNameOfAddnodeCo}/mainTemplate.json - - name: Verify new nodes - id: verify-new-nodes-coherence - run: | - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}StorageVM2 --query [0].name -o tsv) - if [ -z "$mspVM2" ]; then - echo "Add-node failure: new machine ${{ env.managedServerPrefix }}StorageVM2 does not exist." - exit 1 - fi - - - name: Output delete-node artifact name - id: artifact_file_deletenode - run: | - deleteNodeVersion=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml) - artifactNameOfDeleteNode=arm-oraclelinux-wls-dynamic-cluster-deletenode-$deleteNodeVersion-arm-assembly - echo "artifactNameOfDeleteNode=${artifactNameOfDeleteNode}" >> $GITHUB_ENV - echo "##[set-output name=artifactNameOfDeleteNode;]${artifactNameOfDeleteNode}" - - name: Download artifact for deployment - uses: actions/download-artifact@v1 - with: - name: ${{steps.artifact_file_deletenode.outputs.artifactNameOfDeleteNode}} - - name: Delete nodes from existing cluster - id: delete-node - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "generate delete-node parameters" - bash arm-oraclelinux-wls-dynamic-cluster/test/scripts/gen-parameters-deploy-deletenode.sh <<< \ - "arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-deletenode.json \ - ${{ env.adminVMName }} \ - ${{ env.location }} \ - ${{ env.wlsUserName }} \ - ${{ env.wlsPassword }} \ - ${{ env.userName }} \ - ${{ env.testbranchName }} \ - ${{ env.managedServerPrefix }}" - echo "Run deletenode-cli.sh to remove nodes" - chmod ugo+x ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh - ${artifactNameOfDeleteNode}/scripts/deletenode-cli.sh \ - -g ${resourceGroup} \ - -f ${artifactNameOfDeleteNode}/mainTemplate.json \ - -p arm-oraclelinux-wls-dynamic-cluster/test/scripts/parameters-deploy-deletenode.json \ - -s - - name: Verify deleted nodes - id: verify-deleted-nodes - run: | - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) - count=0 - while [[ -n "$mspVM2" && $count -lt 10 ]]; - do - echo "waiting for $mspVM2 deleted..." - sleep 1m - count=$((count+1)) - mspVM2=$(az resource list -g ${resourceGroup} --resource-type Microsoft.Compute/virtualMachines --name ${{ env.managedServerPrefix }}VM2 --query [0].name -o tsv) - done - if [ -n "$mspVM2" ]; then - echo "Delete-node failure: machine ${{ env.managedServerPrefix }}VM2 is not removed." - exit 1 - fi - - - name: Delete Resource Group - id: delete-resource-group - if: always() - uses: azure/CLI@v1 - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " $resourceGroup - az group delete --yes --no-wait --verbose --name $resourceGroup - - - name: Delete ELK index - id: delete-elk-index - if: ${{github.event_name == 'workflow_dispatch' && github.event.inputs.enableELK == 'true'}} - run: | - curl -XDELETE --user ${{ env.elkUser }}:${{ env.elkPassword }} ${{ env.elkURI }}/azure-weblogic-dynamic-cluster-${{ github.run_id }}${{ github.run_number }} - - cleanup-github-resource: - needs: deploy-weblogic-cluster - if: always() - runs-on: ubuntu-latest - steps: - - name: Checkout arm-oraclelinux-wls-dynamic-cluster - uses: actions/checkout@v2 - with: - path: arm-oraclelinux-wls-dynamic-cluster - - name: Delete testing branch - run: | - cd arm-oraclelinux-wls-dynamic-cluster - git push https://$git_token@github.com/$userName/arm-oraclelinux-wls-dynamic-cluster.git -f --delete $testbranchName - - cleanup-az-resource: - if: always() - needs: deploy-weblogic-cluster - runs-on: ubuntu-latest - steps: - - uses: azure/login@v1 - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - id: azure-login - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: Delete DB Resource Group - id: delete-db-resource-group - uses: azure/CLI@v1 - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - with: - azcliversion: ${{ env.azCliVersion }} - inlineScript: | - echo "delete... " $resourceGroup - az group delete --yes --no-wait --verbose --name ${{ env.resourceGroupForDependency }} - - name: Delete ELK index - id: delete-elk-index - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - run: | - curl -XDELETE --user ${{ env.elkUser }}:${{ env.elkPassword }} ${{ env.elkURI }}/azure-weblogic-dynamic-cluster-${{ github.run_id }}${{ github.run_number }} - - summary: - needs: deploy-weblogic-cluster - if: always() - runs-on: ubuntu-latest - steps: - - name: summarize jobs - if: ${{!(github.event_name == 'schedule' && github.repository_owner != 'wls-eng')}} - run: | - workflow_jobs=$(curl -H "Accept: application/vnd.github.v3+json" https://api.github.com/repos/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/actions/runs/${{ github.run_id }}/jobs) - critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.name|test("^deploy-weblogic-cluster."))) | length') - echo "$critical_job_num" - succeed_critical_job_num=$(echo $workflow_jobs | jq '.jobs | map(select(.conclusion=="success") | select(.name|test("^deploy-weblogic-cluster."))) | length') - echo "$succeed_critical_job_num" - failed_job_num="$(($critical_job_num-$succeed_critical_job_num))" - echo $failed_job_num - if (($failed_job_num >= 2));then - echo "too many jobs failed, send notification to Teams" - curl ${{ secrets.MSTEAMS_WEBHOOK }} \ - -H 'Content-Type: application/json' \ - --data-binary @- << EOF - { - "@context":"http://schema.org/extensions", - "@type":"MessageCard", - "text":"$failed_job_num jobs failed in Dynamic Cluster Offer's workflow, please take a look at: https://github.com/oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/actions/runs/${{ github.run_id }}" - } - EOF - fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml deleted file mode 100644 index 5abbc208e..000000000 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/.github/workflows/pakage.yaml +++ /dev/null @@ -1,76 +0,0 @@ -#Copyright (c) 2021 Oracle and/or its affiliates. -#Released under the Universal Permissive License v1.0 as shown at -# https://oss.oracle.com/licenses/upl/ - -name: Package ARM -on: - workflow_dispatch: - inputs: - pidType: - description: 'Specify which pids to use, oracle or microsoft.' - required: true - default: 'microsoft' - ref: - description: 'Specify Git Ref if needed.' - required: false - default: 'refs/heads/develop' -env: - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 - refJavaee: 6addd99d8bc3f472e040f11c053a37e1ac370229 - repoName: "arm-oraclelinux-wls-dynamic-cluster" - -jobs: - package: - runs-on: ubuntu-latest - steps: - - name: Checkout azure-javaee-iaas - uses: actions/checkout@v2 - with: - repository: Azure/azure-javaee-iaas - path: azure-javaee-iaas - ref: ${{ env.refJavaee }} - - name: Checkout arm-ttk - uses: actions/checkout@v2 - with: - repository: Azure/arm-ttk - path: arm-ttk - ref: ${{ env.refArmttk }} - - name: Checkout ${{ env.repoName }} - uses: actions/checkout@v2 - with: - path: ${{ env.repoName }} - ref: ${{ github.event.inputs.ref }} - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Build azure-javaee-iaas - run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - - - name: Build and test ${{ env.repoName }} using ${{ github.event.inputs.pidType }} pids - run: | - cd ${{ env.repoName }} - pidType=${{ github.event.inputs.pidType }} - echo ${pidType} - if [[ "${pidType}" == "oracle" ]];then - echo "using oracle pids" - mvn -Ptemplate-validation-tests clean install - else - echo "using ms pids" - mvn -Ptemplate-validation-tests clean install -Ddev - fi - - - name: Generate artifact file name and path - id: artifact_file - run: | - version=$(awk '/[^<]+<\/version>/{gsub(/|<\/version>/,"",$1);print $1;exit;}' ${{ env.repoName }}/${{ env.repoName }}/pom.xml) - artifactName=${{ env.repoName }}-$version-arm-assembly - unzip ${{ env.repoName }}/${{ env.repoName }}/target/$artifactName.zip -d ${{ env.repoName }}/${{ env.repoName }}/target/$artifactName - echo "##[set-output name=artifactName;]${artifactName}-${{ github.event.inputs.pidType }}" - echo "##[set-output name=artifactPath;]${{ env.repoName }}/${{ env.repoName }}/target/$artifactName" - - name: Archive ${{ env.repoName }} template - uses: actions/upload-artifact@v1 - if: success() - with: - name: ${{steps.artifact_file.outputs.artifactName}} - path: ${{steps.artifact_file.outputs.artifactPath}} From a2d5a928c25a8553ade74c8f0b5b425b872805d4 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 10 Nov 2021 16:52:17 -0500 Subject: [PATCH 107/720] On branch zhengchang907-main Set `azCliVersion` to 2.30.0. modified: .github/workflows/buildWlsAksArtifact.yml modified: .github/workflows/setupWlsAksDependency.yml modified: .github/workflows/testWlsAksWithDependencyCreation.yml modified: .github/workflows/testWlsAksWithoutDependencyCreation.yml - Set `azCliVersion` to 2.30.0. Signed-off-by: Ed Burns --- .github/workflows/buildWlsAksArtifact.yml | 2 +- .github/workflows/setupWlsAksDependency.yml | 2 +- .github/workflows/testWlsAksWithDependencyCreation.yml | 2 +- .github/workflows/testWlsAksWithoutDependencyCreation.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml index 0f8df6191..231b9a598 100644 --- a/.github/workflows/buildWlsAksArtifact.yml +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -9,7 +9,7 @@ on: env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 - azCliVersion: 2.23.0 + azCliVersion: 2.30.0 location: eastus aksRepoUserName: oracle aksRepoBranchName: main diff --git a/.github/workflows/setupWlsAksDependency.yml b/.github/workflows/setupWlsAksDependency.yml index 9bf578634..350634944 100644 --- a/.github/workflows/setupWlsAksDependency.yml +++ b/.github/workflows/setupWlsAksDependency.yml @@ -8,7 +8,7 @@ on: types: [aks-deploy-dependency] env: - azCliVersion: 2.29.0 + azCliVersion: 2.30.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} location: eastus dbAdminUser: weblogic diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml index 392c357e8..77c92e5e1 100644 --- a/.github/workflows/testWlsAksWithDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -22,7 +22,7 @@ on: env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 - azCliVersion: 2.29.0 + azCliVersion: 2.30.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} location: eastus resourceGroupForWlsAks: wlsd-aks-${{ github.run_id }}-${{ github.run_number }} diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index 47357607e..7d7302d9a 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -37,7 +37,7 @@ on: env: refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 - azCliVersion: 2.29.0 + azCliVersion: 2.30.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} location: eastus dbAdminUser: weblogic From 257852a9304a309d9bc2d6d2138ed1458c5322c4 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 10 Nov 2021 17:14:01 -0500 Subject: [PATCH 108/720] Use correct link for Docs for WLS on VMs. --- .../arm-oraclelinux-wls/src/main/resources/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md index 9e74722f5..14f4898f9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md @@ -150,7 +150,7 @@ https://www.oracle.com/legal/privacy/privacy-policy.html ## Scratch not currently in offer -* [Documentation](https://wls-eng.github.io/arm-oraclelinux-wls/) +* [Documentation](https://oracle.github.io/weblogic-azure/) * [Official Blog](https://blogs.oracle.com/weblogicserver/) From 505697da503122fce9c8a9beed7613c97e1107c2 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 10 Nov 2021 17:16:57 -0500 Subject: [PATCH 109/720] On branch edburns-msft-78-contact-me-verbiage Use correct url for docs for VMs. modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md Signed-off-by: Ed Burns --- .../arm-oraclelinux-wls/src/main/resources/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md index 9e74722f5..14f4898f9 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md @@ -150,7 +150,7 @@ https://www.oracle.com/legal/privacy/privacy-policy.html ## Scratch not currently in offer -* [Documentation](https://wls-eng.github.io/arm-oraclelinux-wls/) +* [Documentation](https://oracle.github.io/weblogic-azure/) * [Official Blog](https://blogs.oracle.com/weblogicserver/) From a245b88b21f2b58fce0aa2e3caf2b9025b371572 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 10 Nov 2021 17:27:21 -0500 Subject: [PATCH 110/720] On branch galiacheng-pipeline-vm3 Apply comment from @mriccell modified: .github/workflows/setupForWlsAks.sh modified: .github/workflows/setupForWlsVm.sh Signed-off-by: Ed Burns --- .github/workflows/setupForWlsAks.sh | 6 +++++- .github/workflows/setupForWlsVm.sh | 4 +++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/setupForWlsAks.sh b/.github/workflows/setupForWlsAks.sh index c41aa8ce3..e3a84dc9e 100755 --- a/.github/workflows/setupForWlsAks.sh +++ b/.github/workflows/setupForWlsAks.sh @@ -25,7 +25,7 @@ ORC_SSOPSW= ORC_SSOUSER= OWNER_REPONAME= SLEEP_VALUE=30s -WDT_RUNTIMEPSW=Secret123456 +WDT_RUNTIMEPSW= WLS_PSW=${WDT_RUNTIMEPSW} WLS_USERNAME=weblogic @@ -72,6 +72,10 @@ if [ "$ORC_SSOPSW" == '' ] ; then read -s -r -p "Enter password for preceding Oracle single sign-on userid: " ORC_SSOPSW fi +read -s -r -p "Enter password for WebLogic Server and Runtime Deployment Tooling encryption: " WDT_RUNTIMEPSW +WLS_PSW=${WDT_RUNTIMEPSW} + + # get OWNER_REPONAME if not set at the beginning of this file if [ "$OWNER_REPONAME" == '' ] ; then read -r -p "Enter owner/reponame (blank for upsteam of current fork): " OWNER_REPONAME diff --git a/.github/workflows/setupForWlsVm.sh b/.github/workflows/setupForWlsVm.sh index 4651c8257..04b3cab28 100644 --- a/.github/workflows/setupForWlsVm.sh +++ b/.github/workflows/setupForWlsVm.sh @@ -36,7 +36,7 @@ USER_EMAIL= USER_NAME= # Personal token for preceding GitHub account. GIT_TOKEN= -WLS_PSW=Secret123456 +WLS_PSW= # End set environment variables ################################################ @@ -103,6 +103,8 @@ if [ "$GIT_TOKEN" == '' ] ; then read -s -r -p "Enter personal token of GitHub account: " GIT_TOKEN fi +read -s -r -p "Enter password for WebLogic Server: " WLS_PSW + # get ELK_URI if not set at the beginning of this file if [ "$ELK_URI" == '' ] ; then read -r -p "Enter URI (hostname:port) for Elastic server, leave blank if you don't want to integrate ELK.: " ELK_URI From 44d9f20e8a83f427ed68d97d715fc56e61aa6e7d Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 10 Nov 2021 18:20:00 -0500 Subject: [PATCH 111/720] On branch edburns-msft-78-contact-me-verbiage modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md Apply correct naming consistently. Signed-off-by: Ed Burns --- .../arm-oraclelinux-wls/src/main/resources/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md index 14f4898f9..9e1fd1947 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/README.md @@ -96,10 +96,10 @@ Oracle WebLogic Server is a scalable, enterprise-ready Java application server.

WebLogic Server on Virtual Machines
The WebLogic Server on virtual machines offers automate provisioning virtual network, storage, and Linux resources, installing WLS, setting up security with a network security group, easing database connectivity, configuring load-balancing with App Gateway or Oracle HTTP Server, connecting to Azure Active Directory, enabling centralized logging via ELK as well as integrating distributed caching with Oracle Coherence.

-

There are several offers that target use cases such as single node with Administration server enabled and WLS cluster (including both configured and dynamic clusters). These offers supports a range of operating system, Java and WebLogic versions such as WLS 14 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

+

There are several offers that target use cases such as single node with Administration server enabled and WLS cluster (including both configured and dynamic clusters). These offers supports a range of operating system, Java and WebLogic versions such as WLS 14.1.1.0 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

WebLogic Server on AKS
-The WebLogic Server on AKS offer automates provisioning an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. The offer will work with any WLS version that supports the Operator, such as 14.1.1, 12.2.1.3 and 12.2.1.4.

+The WebLogic Server on AKS offer automates provisioning an AKS cluster, the WebLogic Kubernetes Operator, WLS Docker images and the Azure Container Registry (ACR). The offer also supports configuring load balancing with Azure App Gateway or the Azure Load Balancer, easing database connectivity, publishing metrics to Azure Monitor as well as mounting Azure Files as Kubernetes Persistent Volumes. The offer will work with any WLS version that supports the Operator, such as 14.1.1.0, 12.2.1.3 and 12.2.1.4.

Oracle and Microsoft also provide basic step-by-step guidance on getting started with WLS and AKS. This guidance is suitable for customers that wish to remain as close as possible to a native Kubernetes manual deployment experience.

From 08e1ea021b4c61e83e1324a5ec2cae53b5b1e341 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 11 Nov 2021 10:05:01 +0800 Subject: [PATCH 112/720] Update WLS on AKS documentation with oracle.github.io/weblogic-kubernetes-operator/userguide/aks/ Signed-off-by: galiacheng Changes to be committed: modified: README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 3d6d7fcf9..825379586 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ The [Azure Marketplace WebLogic Server Offering](https://azuremarketplace.micros ## Documentation -Please refer to the README for [documentation on WebLogic Server running on an Azure Kubernetes Service](https://github.com/oracle/weblogic-azure/weblogic-azure-aks/README.md) +Please refer to the README for [documentation on WebLogic Server running on an Azure Kubernetes Service](https://oracle.github.io/weblogic-kubernetes-operator/userguide/aks/) Please refer to the README for [documentation on WebLogic Server running on an Azure Virtual Machine](https://docs.oracle.com/en/middleware/standalone/weblogic-server/wlazu/get-started-oracle-weblogic-server-microsoft-azure-iaas.html#GUID-E0B24A45-F496-4509-858E-103F5EBF67A7) From e759e2f63ab4d93f8079181f5db6ba4cf2b8cdc4 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 8 Nov 2021 14:14:31 +0800 Subject: [PATCH 113/720] Set default value to parameters to pass arm-ttk test. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep modified: weblogic-azure-aks/src/main/bicep/modules/networking.bicep modified: weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep --- .../modules/_azure-resoruces/_dnsZones.bicep | 2 +- .../_keyvaultForGatewayBackendCert.bicep | 6 ++-- .../_keyvault/_keyvaultForWLSSSLCert.bicep | 29 +++++++++---------- .../_keyvault/_keyvaultWithExistingCert.bicep | 12 ++++---- .../_keyvault/_keyvaultWithNewCert.bicep | 2 +- .../_keyvaultForGateway.bicep | 8 ++--- .../modules/_azure-resoruces/_storage.bicep | 2 +- ...ppgw-upload-trusted-root-certificate.bicep | 2 +- .../_ds-datasource-connection.bicep | 2 +- .../src/main/bicep/modules/networking.bicep | 8 ++--- .../bicep/modules/setupWebLogicCluster.bicep | 6 ++-- 11 files changed, 39 insertions(+), 40 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep index 7238c574e..c5dba80b3 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_dnsZones.bicep @@ -1,7 +1,7 @@ @description('Azure DNS Zone name.') param dnszoneName string -resource dnszoneName_resource 'Microsoft.Network/dnsZones@2018-05-01' = { +resource dnszoneName_resource 'Microsoft.Network/dnszones@2018-05-01' = { name: dnszoneName location: 'global' properties: { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep index 89d8d1855..ac03d7d0c 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForGatewayBackendCert.bicep @@ -2,10 +2,10 @@ // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. @description('Secret name of certificate data.') -param certificateDataName string +param certificateDataName string = newGuid() @description('Certificate data to store in the secret') -param certificateDataValue string +param certificateDataValue string = newGuid() @description('Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.') param enabledForTemplateDeployment bool = true @@ -16,7 +16,7 @@ param keyVaultName string param location string @description('Price tier for Key Vault.') -param sku string +param sku string = 'Standard' param utcValue string = utcNow() diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep index 17fb2a9ed..da1f1d6a1 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultForWLSSSLCert.bicep @@ -7,23 +7,23 @@ param enabledForTemplateDeployment bool = true param keyVaultName string param location string @description('Price tier for Key Vault.') -param sku string +param sku string = 'Standard' param utcValue string = utcNow() -param wlsIdentityKeyStoreData string -param wlsIdentityKeyStoreDataSecretName string +param wlsIdentityKeyStoreData string = newGuid() +param wlsIdentityKeyStoreDataSecretName string = 'myIdentityKeyStoreData' @secure() -param wlsIdentityKeyStorePassphrase string -param wlsIdentityKeyStorePassphraseSecretName string -param wlsPrivateKeyAlias string -param wlsPrivateKeyAliasSecretName string +param wlsIdentityKeyStorePassphrase string = newGuid() +param wlsIdentityKeyStorePassphraseSecretName string = 'myIdentityKeyStorePsw' +param wlsPrivateKeyAlias string = 'server-cert' +param wlsPrivateKeyAliasSecretName string = 'privateKeyAlias' @secure() -param wlsPrivateKeyPassPhrase string -param wlsPrivateKeyPassPhraseSecretName string -param wlsTrustKeyStoreData string -param wlsTrustKeyStoreDataSecretName string +param wlsPrivateKeyPassPhrase string = newGuid() +param wlsPrivateKeyPassPhraseSecretName string = 'privateKeyPsw' +param wlsTrustKeyStoreData string = newGuid() +param wlsTrustKeyStoreDataSecretName string = 'myTrustKeyStoreData' @secure() -param wlsTrustKeyStorePassPhrase string -param wlsTrustKeyStorePassPhraseSecretName string +param wlsTrustKeyStorePassPhrase string = newGuid() +param wlsTrustKeyStorePassPhraseSecretName string = 'myTrustKeyStorePsw' resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { name: keyVaultName @@ -37,7 +37,7 @@ resource keyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' = { } tenantId: subscription().tenantId } - tags:{ + tags: { 'managed-by-azure-weblogic': utcValue } } @@ -101,4 +101,3 @@ resource trustKeyStorePswSecret 'Microsoft.KeyVault/vaults/secrets@2021-06-01-pr keyvault ] } - diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep index 82a744e3d..639ddee4c 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithExistingCert.bicep @@ -2,28 +2,28 @@ // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. @description('Secret name of certificate data.') -param certificateDataName string +param certificateDataName string = 'myIdentityKeyStoreData' @description('Certificate data to store in the secret') -param certificateDataValue string +param certificateDataValue string = newGuid() @description('Secret name of certificate password.') -param certificatePswSecretName string +param certificatePswSecretName string = 'myIdentityKeyStorePsw' @secure() @description('Certificate password to store in the secret') -param certificatePasswordValue string +param certificatePasswordValue string = newGuid() @description('Property to specify whether Azure Resource Manager is permitted to retrieve secrets from the key vault.') param enabledForTemplateDeployment bool = true @description('Name of the vault') -param keyVaultName string +param keyVaultName string = 'kv-contoso' param location string @description('Price tier for Key Vault.') -param sku string +param sku string = 'Standard' param utcValue string = utcNow() diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep index a51b6882e..0290187fc 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvault/_keyvaultWithNewCert.bicep @@ -26,7 +26,7 @@ param secretName string = 'mySelfSignedCertificate' param sku string = 'Standard' @description('Subject name to create a new certificate, example: \'CN=contoso.com\'.') -param subjectName string +param subjectName string = 'contoso.xyz' param utcValue string = utcNow() var const_identityId = '${substring(string(identity.userAssignedIdentities), indexOf(string(identity.userAssignedIdentities), '"') + 1, lastIndexOf(string(identity.userAssignedIdentities), '"') - (indexOf(string(identity.userAssignedIdentities), '"') + 1))}' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep index 3c3f6bd48..239f439f9 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_keyvaultForGateway.bicep @@ -3,14 +3,14 @@ // Deploy Application Gateway certificate secrets. @description('Backend certificate data to store in the secret') -param backendCertificateDataValue string +param backendCertificateDataValue string = newGuid() @description('Certificate data to store in the secret') -param certificateDataValue string +param certificateDataValue string = newGuid() @secure() @description('Certificate password to store in the secret') -param certificatePasswordValue string +param certificatePasswordValue string = newGuid() @description('true to upload trusted root certificate') param enableCustomSSL bool = false @@ -33,7 +33,7 @@ param permission object = { param sku string = 'Standard' @description('Subject name to create a certificate.') -param subjectName string +param subjectName string = '' @description('If false, will create a certificate.') param useExistingAppGatewaySSLCertificate bool = false diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep index fddf83cdd..797d7a430 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_storage.bicep @@ -2,7 +2,7 @@ // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. param location string -param storageAccountName string +param storageAccountName string = 'stg-contoso' param utcValue string = utcNow() var const_shareQuota = 5120 diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep index de32b1dc3..918ac9c2c 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-appgw-upload-trusted-root-certificate.bicep @@ -1,7 +1,7 @@ // Copyright (c) 2021, Oracle Corporation and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -param appgwName string +param appgwName string = 'appgw-contoso' @secure() param sslBackendRootCertData string = newGuid() param identity object diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep index 90bb36d2e..d5db8f855 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep @@ -8,7 +8,7 @@ param _artifactsLocationSasToken string = '' param aksClusterName string param aksClusterRGName string param databaseType string = 'oracle' -param dbConfigurationType string +param dbConfigurationType string = 'createOrUpdate' param dbDriverName string = 'org.contoso.Driver' param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' @secure() diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index 29242ca3c..026efd649 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -4,10 +4,10 @@ param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' -param _pidNetworkingEnd string -param _pidNetworkingStart string -param _pidAppgwEnd string -param _pidAppgwStart string +param _pidNetworkingEnd string = 'pid-networking-end' +param _pidNetworkingStart string = 'pid-networking-start' +param _pidAppgwEnd string = 'pid-networking-appgateway-end' +param _pidAppgwStart string = 'pid-networking-appgateway-start' @description('Resource group name of an existing AKS cluster.') param aksClusterRGName string = 'aks-contoso-rg' @description('Name of an existing AKS cluster.') diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep index 6ee6389c7..ed14b4654 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep @@ -17,8 +17,8 @@ param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' -param _pidEnd string -param _pidStart string +param _pidEnd string = 'pid-wls-end' +param _pidStart string = 'pid-wls-start' @description('true to use resource or workspace permissions. false to require workspace permissions.') param aciResourcePermissions bool = true @description('Number of days to retain data in Azure Monitor workspace.') @@ -71,7 +71,7 @@ param managedServerPrefix string = 'managed-server' param ocrSSOPSW string @description('User name of Oracle SSO account.') param ocrSSOUser string -param storageAccountName string +param storageAccountName string = 'stg-contoso' param t3ChannelAdminPort int = 7005 param t3ChannelClusterPort int = 8011 param userProvidedAcr string = 'null' From c633b30ad02d650a5e3e745442fa3406b0d0b81b Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 15 Nov 2021 10:06:30 +0800 Subject: [PATCH 114/720] Update wls on aks pipeline with arm-ttk and template validation. Signed-off-by: galiacheng Changes to be committed: modified: ../.github/workflows/buildWlsAksArtifact.yml modified: ../.github/workflows/testWlsAksWithDependencyCreation.yml modified: ../.github/workflows/testWlsAksWithoutDependencyCreation.yml --- .github/workflows/buildWlsAksArtifact.yml | 9 ++++++++- .github/workflows/testWlsAksWithDependencyCreation.yml | 9 ++++++++- .../workflows/testWlsAksWithoutDependencyCreation.yml | 9 ++++++++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml index 231b9a598..7b32e8208 100644 --- a/.github/workflows/buildWlsAksArtifact.yml +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -8,6 +8,7 @@ on: # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-package"}' env: + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 azCliVersion: 2.30.0 location: eastus @@ -34,6 +35,12 @@ jobs: repository: Azure/azure-javaee-iaas path: azure-javaee-iaas ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} - name: Build azure-javaee-iaas run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - name: Checkout ${{ env.aksRepoUserName }}/weblogic-azure @@ -41,7 +48,7 @@ jobs: with: path: weblogic-azure - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + run: mvn -Pbicep -Passembly clean install -Ptemplate-validation-tests --file weblogic-azure/weblogic-azure-aks/pom.xml - name: Generate artifact file name and path id: artifact_file run: | diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml index 77c92e5e1..e8f1133cc 100644 --- a/.github/workflows/testWlsAksWithDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -21,6 +21,7 @@ on: types: [aks-integration-test-with-dependency-creation] env: + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 azCliVersion: 2.30.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} @@ -85,6 +86,12 @@ jobs: repository: Azure/azure-javaee-iaas path: azure-javaee-iaas ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} - name: Build azure-javaee-iaas run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - name: Checkout weblogic-azure @@ -92,7 +99,7 @@ jobs: with: path: weblogic-azure - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + run: mvn -Pbicep -Passembly clean install -Ptemplate-validation-tests --file weblogic-azure/weblogic-azure-aks/pom.xml - name: Generate artifact file name and path id: artifact_file run: | diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index 7d7302d9a..a3886337c 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -36,6 +36,7 @@ on: types: [aks-integration-test-without-dependency-creation] env: + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 1a21a792d6bae6768b155945cf2703c3026ac691 azCliVersion: 2.30.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} @@ -114,6 +115,12 @@ jobs: repository: Azure/azure-javaee-iaas path: azure-javaee-iaas ref: ${{ env.refJavaee }} + - name: Checkout arm-ttk + uses: actions/checkout@v2 + with: + repository: Azure/arm-ttk + path: arm-ttk + ref: ${{ env.refArmttk }} - name: Build azure-javaee-iaas run: mvn -DskipTests clean install --file azure-javaee-iaas/pom.xml - name: Checkout weblogic-azure @@ -121,7 +128,7 @@ jobs: with: path: weblogic-azure - name: Build and test weblogic-azure/weblogic-azure-aks - run: mvn -Pbicep -Passembly clean install --file weblogic-azure/weblogic-azure-aks/pom.xml + run: mvn -Pbicep -Passembly clean install -Ptemplate-validation-tests --file weblogic-azure/weblogic-azure-aks/pom.xml - name: Generate artifact file name and path id: artifact_file run: | From 50b6e836d32ec9da039788ae9d864dbe0440faf3 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 1 Nov 2021 17:31:55 +0800 Subject: [PATCH 115/720] On branch main: output WLS image model and domain description. Signed-off-by: galiacheng Changes to be committed: new file: weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep --- .../queryDomainConfigurations.sh | 63 +++++++++++++++++++ .../src/main/bicep/mainTemplate.bicep | 22 +++++++ .../_ds-output-domain-configurations.bicep | 43 +++++++++++++ 3 files changed, 128 insertions(+) create mode 100644 weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh new file mode 100644 index 000000000..b384eec9f --- /dev/null +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh @@ -0,0 +1,63 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# This script runs on Azure Container Instance with Alpine Linux that Azure Deployment script creates. +# +# env inputs: +# AKS_CLUSTER_NAME +# AKS_CLUSTER_RESOURCEGROUP_NAME +# WLS_DOMAIN_UID + +# Main script +echo "install kubectl" +az aks install-cli + +echo "Connect AKS" +az aks get-credentials \ + --resource-group ${AKS_CLUSTER_RESOURCEGROUP_NAME} \ + --name ${AKS_CLUSTER_NAME} \ + --overwrite-existing + +wlsDomainNS="${WLS_DOMAIN_UID}-ns" + +domainConfigurationYaml=/tmp/domain.yaml +rm -f ${domainConfigurationYaml} +kubectl get domain ${WLS_DOMAIN_UID} -n ${wlsDomainNS} -o yaml >${domainConfigurationYaml} + +adminPodName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=admin-server -o json | + jq '.items[0] | .metadata.name' | + tr -d "\"") + +if [ -z "${adminPodName}" ]; then + echo >&2 "Fail to get admin server pod." + exit 1 +fi + +echo "Copy model.yaml from /u01/wdt/models" +targetModelYaml=/tmp/model.yaml +rm -f ${targetModelYaml} +kubectl cp -n ${wlsDomainNS} -c weblogic-server ${adminPodName}:/u01/wdt/models/model.yaml ${targetModelYaml} +if [ $? != 0 ]; then + echo >&2 "Fail to copy ${adminPodName}:/u01/wdt/models/model.yaml." + exit 1 +fi + +echo "Copy model.properties from from /u01/wdt/models" +targetModelProperties=/tmp/model.properties +rm -f ${targetModelProperties} +kubectl cp -n ${wlsDomainNS} -c weblogic-server ${adminPodName}:/u01/wdt/models/model.properties ${targetModelProperties} +if [ $? != 0 ]; then + echo >&2 "Fail to copy ${adminPodName}:/u01/wdt/models/model.properties." + exit 1 +fi + +base64ofDomainYaml=$(cat ${domainConfigurationYaml} | base64) +base64ofModelYaml=$(cat ${targetModelYaml} | base64) +base64ofModelProperties=$(cat ${targetModelProperties} | base64) + +result=$(jq -n -c \ + --arg domainDeploymentYaml "$base64ofDomainYaml" \ + --arg wlsImageModelYaml "$base64ofModelYaml" \ + --arg wlsImageProperties "$base64ofModelProperties" \ + '{domainDeploymentYaml: $domainDeploymentYaml, wlsImageModelYaml: $wlsImageModelYaml, wlsImageProperties: $wlsImageProperties}') +echo "result is: $result" +echo $result >$AZ_SCRIPTS_OUTPUT_PATH diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 34550e968..700077751 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -668,6 +668,25 @@ module validateApplciations 'modules/_deployment-scripts/_ds-validate-applicatio ] } +/* +* Query and output WebLogic domain configuration, including: +* - domain deployment description +* - image model +* - image properties +*/ +module queryWLSDomainConfig 'modules/_deployment-scripts/_ds-output-domain-configurations.bicep' = { + name:'query-wls-domain-configurations' + params:{ + aksClusterRGName: ref_wlsDomainDeployment.outputs.aksClusterRGName.value + aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value + identity: identity + wlsDomainUID: wlsDomainUID + } + dependsOn: [ + validateApplciations + ] +} + output aksClusterName string = ref_wlsDomainDeployment.outputs.aksClusterName.value output adminConsoleInternalUrl string = ref_wlsDomainDeployment.outputs.adminServerUrl.value output adminConsoleExternalUrl string = const_enableNetworking ? networkingDeployment.outputs.adminConsoleExternalUrl : '' @@ -682,3 +701,6 @@ output clusterExternalUrl string = const_enableNetworking ? networkingDeployment output clusterExternalSecuredUrl string = const_enableNetworking ? networkingDeployment.outputs.clusterExternalSecuredUrl : '' output clusterT3InternalUrl string = ref_wlsDomainDeployment.outputs.clusterT3InternalUrl.value output clusterT3ExternalUrl string = enableAdminT3Tunneling && const_enableNetworking ? format('{0}://{1}', enableCustomSSL ? 't3s' : 't3', networkingDeployment.outputs.clusterT3ChannelUrl) : '' +output shellCmdtoOutputWlsDomainYaml string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsDomainYaml +output shellCmdtoOutputWlsImageModelYaml string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsImageModelYaml +output shellCmdtoOutputWlsImageProperties string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsImageProperties diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep new file mode 100644 index 000000000..5181744a6 --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep @@ -0,0 +1,43 @@ +// Copyright (c) 2021, Oracle Corporation and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +param aksClusterRGName string = '' +param aksClusterName string = '' +param identity object +param utcValue string = utcNow() +param wlsDomainUID string = 'sample-domain1' + +var const_azcliVersion='2.15.0' +var const_deploymentName='ds-query-wls-configurations' + +resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: 'ds-query-wls-configurations' + location: resourceGroup().location + kind: 'AzureCLI' + identity: identity + properties: { + azCliVersion: const_azcliVersion + environmentVariables: [ + { + name: 'AKS_CLUSTER_RESOURCEGROUP_NAME' + value: aksClusterRGName + } + { + name: 'AKS_CLUSTER_NAME' + value: aksClusterName + } + { + name: 'WLS_DOMAIN_UID' + value: wlsDomainUID + } + ] + scriptContent: loadTextContent('../../../arm/scripts/inline-scripts/queryDomainConfigurations.sh') + cleanupPreference: 'OnSuccess' + retentionInterval: 'P1D' + forceUpdateTag: utcValue + } +} + +output shellCmdtoOutputWlsDomainYaml string = format('echo -e {0} | base64 -d > domain.yaml', reference(const_deploymentName).outputs.domainDeploymentYaml) +output shellCmdtoOutputWlsImageModelYaml string = format('echo -e {0} | base64 -d > model.yaml', reference(const_deploymentName).outputs.wlsImageModelYaml) +output shellCmdtoOutputWlsImageProperties string = format('echo -e {0} | base64 -d > model.properties', reference(const_deploymentName).outputs.wlsImageProperties) From ffa41732c71182dd6ed9d15ff2211a55fe0da810 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 2 Nov 2021 11:17:56 +0800 Subject: [PATCH 116/720] On branch main: label lb svc and ingress. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh modified: weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh --- .../arm/scripts/createAppGatewayIngress.sh | 28 +++++++++++++++++++ .../src/main/arm/scripts/createLbSvc.sh | 16 +++++++++++ 2 files changed, 44 insertions(+) diff --git a/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh b/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh index a4d41688d..287653ca6 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createAppGatewayIngress.sh @@ -22,6 +22,10 @@ kind: Ingress metadata: name: ${clusterIngressHttpsName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway EOF @@ -58,6 +62,10 @@ kind: Ingress metadata: name: ${clusterIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway EOF @@ -92,6 +100,10 @@ kind: Ingress metadata: name: ${clusterIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/ssl-redirect: "true" @@ -141,6 +153,10 @@ kind: Ingress metadata: name: ${adminIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway EOF @@ -173,6 +189,10 @@ kind: Ingress metadata: name: ${adminRemoteIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}-remote-console" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/backend-path-prefix: "/" @@ -208,6 +228,10 @@ kind: Ingress metadata: name: ${adminIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/ssl-redirect: "true" @@ -256,6 +280,10 @@ kind: Ingress metadata: name: ${adminRemoteIngressName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}-remote-console" + azure.weblogc.createdByWlsOffer: "true" annotations: kubernetes.io/ingress.class: azure/application-gateway appgw.ingress.kubernetes.io/backend-path-prefix: "/" diff --git a/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh b/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh index 7f22943c4..ebf3edfcc 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh @@ -19,6 +19,10 @@ kind: Service metadata: name: ${adminServerLBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service @@ -51,6 +55,10 @@ kind: Service metadata: name: ${adminServerT3LBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constAdminServerName}-t3-channel" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service @@ -83,6 +91,10 @@ kind: Service metadata: name: ${clusterLBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service @@ -115,6 +127,10 @@ kind: Service metadata: name: ${clusterT3LBSVCName} namespace: ${wlsDomainNS} + labels: + weblogic.domainUID: "${wlsDomainUID}" + azure.weblogic.target: "${constClusterName}-t3-channel" + azure.weblogc.createdByWlsOffer: "true" EOF # to create internal load balancer service From eeca70d5d83f54415e0dc36dcaf6edf16ae4e3ff Mon Sep 17 00:00:00 2001 From: Zheng Chang Date: Wed, 17 Nov 2021 09:34:32 +0800 Subject: [PATCH 117/720] Add step to verify pods restart Signed-off-by: Zheng Chang --- .../testWlsAksWithDependencyCreation.yml | 45 +++++++++++++++++++ .../testWlsAksWithoutDependencyCreation.yml | 45 +++++++++++++++++++ 2 files changed, 90 insertions(+) diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml index e8f1133cc..e308c2ef3 100644 --- a/.github/workflows/testWlsAksWithDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -343,10 +343,55 @@ jobs: restartVersion=$(kubectl -n sample-domain1-ns get domain sample-domain1 '-o=jsonpath={.spec.restartVersion}') # increase restart version restartVersion=$((restartVersion + 1)) + # record timestamp before apply changes + timestampBeforePatchingDomain=$(date +%s) + # get the replica number + replicas=$(kubectl -n sample-domain1-ns get domain sample-domain1 -o json | jq '. | .spec.clusters[] | .replicas') echo "append configmap and update restart version" kubectl -n sample-domain1-ns patch domain sample-domain1 \ --type=json \ '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' + echo "timestampBeforePatchingDomain=${timestampBeforePatchingDomain}" >> $GITHUB_ENV + echo "replicas=${replicas}" >> $GITHUB_ENV + - name: Verify pods are restarted + run: | + # interval of checking pod status. + checkPodStatusInterval=20 + # max attempt to check pod status. + checkPodStatusMaxAttemps=30 + # domain and namespaces + wlsDomainUID="sample-domain1" + wlsDomainNS=${wlsDomainUID}-ns + + updatedPodNum=0 + attempt=0 + + echo $timestampBeforePatchingDomain $appReplicas $wlsDomainUID $checkPodStatusMaxAttemps $checkPodStatusInterval + + while [[ ${updatedPodNum} -le ${appReplicas} ]] && [[ $attempt -le ${checkPodStatusMaxAttemps} ]]; do + echo "attempts ${attempt}" + ret=$(kubectl get pods -n ${wlsDomainNS} -l weblogic.domainUID=${wlsDomainUID} -o json | jq '.items[] | .metadata.creationTimestamp' | tr -d "\"") + + counter=0 + for item in $ret; do + podCreateTimeStamp=$(date -u -d "${item}" +"%s") + echo "pod create time: $podCreateTimeStamp, base time: ${timestampBeforePatchingDomain}" + if [[ ${podCreateTimeStamp} -gt ${timestampBeforePatchingDomain} ]]; then + counter=$((counter + 1)) + fi + done + + updatedPodNum=$counter + echo "Number of new pod: ${updatedPodNum}" + + attempt=$((attempt + 1)) + sleep ${checkPodStatusInterval} + done + + if [[ ${attempt} -gt ${checkPodStatusMaxAttemps} ]]; then + echo "Failed to restart all weblogic server pods. " + exit 1 + fi cleanup: needs: [deploy-wls-on-aks, preflight] if: ${{ needs.preflight.outputs.isForDemo == 'false' }} diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index a3886337c..6096206ab 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -301,10 +301,55 @@ jobs: restartVersion=$(kubectl -n sample-domain1-ns get domain sample-domain1 '-o=jsonpath={.spec.restartVersion}') # increase restart version restartVersion=$((restartVersion + 1)) + # record timestamp before apply changes + timestampBeforePatchingDomain=$(date +%s) + # get the replica number + replicas=$(kubectl -n sample-domain1-ns get domain sample-domain1 -o json | jq '. | .spec.clusters[] | .replicas') echo "append configmap and update restart version" kubectl -n sample-domain1-ns patch domain sample-domain1 \ --type=json \ '-p=[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "add", "path": "/spec/configuration/model/configMap", "value": "'${wlsConfigmapName}'" }]' + echo "timestampBeforePatchingDomain=${timestampBeforePatchingDomain}" >> $GITHUB_ENV + echo "replicas=${replicas}" >> $GITHUB_ENV + - name: Verify pods are restarted + run: | + # interval of checking pod status. + checkPodStatusInterval=20 + # max attempt to check pod status. + checkPodStatusMaxAttemps=30 + # domain and namespaces + wlsDomainUID="sample-domain1" + wlsDomainNS=${wlsDomainUID}-ns + + updatedPodNum=0 + attempt=0 + + echo $timestampBeforePatchingDomain $appReplicas $wlsDomainUID $checkPodStatusMaxAttemps $checkPodStatusInterval + + while [[ ${updatedPodNum} -le ${appReplicas} ]] && [[ $attempt -le ${checkPodStatusMaxAttemps} ]]; do + echo "attempts ${attempt}" + ret=$(kubectl get pods -n ${wlsDomainNS} -l weblogic.domainUID=${wlsDomainUID} -o json | jq '.items[] | .metadata.creationTimestamp' | tr -d "\"") + + counter=0 + for item in $ret; do + podCreateTimeStamp=$(date -u -d "${item}" +"%s") + echo "pod create time: $podCreateTimeStamp, base time: ${timestampBeforePatchingDomain}" + if [[ ${podCreateTimeStamp} -gt ${timestampBeforePatchingDomain} ]]; then + counter=$((counter + 1)) + fi + done + + updatedPodNum=$counter + echo "Number of new pod: ${updatedPodNum}" + + attempt=$((attempt + 1)) + sleep ${checkPodStatusInterval} + done + + if [[ ${attempt} -gt ${checkPodStatusMaxAttemps} ]]; then + echo "Failed to restart all weblogic server pods. " + exit 1 + fi cleanup: needs: [deploy-wls-on-aks, preflight] if: ${{ needs.preflight.outputs.isForDemo == 'false' }} From 81d1927d05c4fc154b72b550ba67cc359a4bad8f Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 17 Nov 2021 22:56:52 -0500 Subject: [PATCH 118/720] On branch dd-1420459-demo-prep modified: weblogic-azure-aks/pom.xml - Increment version. - Indicate availability of template-validation-tests. modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep - Fix error: NestedTemplate query-wls-domain-configurations [ Lines 8497 - 8579 ] [-] Location Should Not Be Hardcoded (1870 ms) Error: mainTemplate.json must use the location parameter, not resourceGroup().location or deployment().location (except when used as a default value in the main template) Signed-off-by: Ed Burns --- weblogic-azure-aks/pom.xml | 4 ++-- weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 1 + .../_ds-output-domain-configurations.bicep | 3 ++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 9c227a165..2cd9ce964 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -7,7 +7,7 @@ 4.0.0 - + - 4.0.0 + 4.0.0 - com.oracle.weblogic.azure - arm-oraclelinux-wls-dynamic-cluster - 1.0.26 - - - com.microsoft.azure.iaas - azure-javaee-iaas-parent - 1.0.13 - - - - jar - ${project.artifactId} + com.oracle.weblogic.azure + arm-oraclelinux-wls-dynamic-cluster + 1.0.26 - - https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm - ${basedir}/../../../../arm-ttk/arm-ttk - -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties - - - - - - + + com.microsoft.azure.iaas + azure-javaee-iaas-parent + 1.0.13 + + + + jar + ${project.artifactId} + + + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"PasswordMinLength"=5}' + https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + + + + \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml index 1a86dbfca..ca2a89dfc 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml @@ -28,8 +28,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index 7dcb6556a..95d1ce794 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -25,8 +25,8 @@ arm-oraclelinux-wls ${basedir}/../../../arm-ttk/arm-ttk - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties From 442c3c05f4e5c020336feb59c057fd984e607560 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 3 Dec 2021 14:38:17 +0800 Subject: [PATCH 131/720] On branch vm-arm-ttk: update arm-ttk ref. Signed-off-by: galiacheng Changes to be committed: modified: .github/workflows/buildWlsVm4AsArtifact.yml modified: .github/workflows/buildWlsVm4CcArtifact.yml modified: .github/workflows/buildWlsVm4DcArtifact.yml modified: .github/workflows/buildWlsVm4SnArtifact.yml modified: .github/workflows/newtag.yaml modified: .github/workflows/testWlsVmAdmin.yml modified: .github/workflows/testWlsVmCluster.yml modified: .github/workflows/testWlsVmDynamicCluster.yml --- .github/workflows/buildWlsVm4AsArtifact.yml | 2 +- .github/workflows/buildWlsVm4CcArtifact.yml | 2 +- .github/workflows/buildWlsVm4DcArtifact.yml | 2 +- .github/workflows/buildWlsVm4SnArtifact.yml | 2 +- .github/workflows/newtag.yaml | 2 +- .github/workflows/testWlsVmAdmin.yml | 2 +- .github/workflows/testWlsVmCluster.yml | 2 +- .github/workflows/testWlsVmDynamicCluster.yml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/buildWlsVm4AsArtifact.yml b/.github/workflows/buildWlsVm4AsArtifact.yml index 63cbedd36..ddb53ce92 100644 --- a/.github/workflows/buildWlsVm4AsArtifact.yml +++ b/.github/workflows/buildWlsVm4AsArtifact.yml @@ -14,7 +14,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls-admin" repoName: "weblogic-azure" diff --git a/.github/workflows/buildWlsVm4CcArtifact.yml b/.github/workflows/buildWlsVm4CcArtifact.yml index 09f5a728d..376a9d89e 100644 --- a/.github/workflows/buildWlsVm4CcArtifact.yml +++ b/.github/workflows/buildWlsVm4CcArtifact.yml @@ -15,7 +15,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls-cluster" repoName: "weblogic-azure" diff --git a/.github/workflows/buildWlsVm4DcArtifact.yml b/.github/workflows/buildWlsVm4DcArtifact.yml index 2782f3bec..6719dfa1e 100644 --- a/.github/workflows/buildWlsVm4DcArtifact.yml +++ b/.github/workflows/buildWlsVm4DcArtifact.yml @@ -15,7 +15,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls-dynamic-cluster" repoName: "weblogic-azure" diff --git a/.github/workflows/buildWlsVm4SnArtifact.yml b/.github/workflows/buildWlsVm4SnArtifact.yml index bb57b9271..731262049 100644 --- a/.github/workflows/buildWlsVm4SnArtifact.yml +++ b/.github/workflows/buildWlsVm4SnArtifact.yml @@ -14,7 +14,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls" repoName: "weblogic-azure" diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml index a5962ac1b..f3a48ba79 100644 --- a/.github/workflows/newtag.yaml +++ b/.github/workflows/newtag.yaml @@ -14,7 +14,7 @@ on: env: tagbranch: "tagbranch" gitToken: ${{ secrets.GIT_TOKEN }} - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: c073dee94765142158f62e5a3bee0f255dd7c3a0 repoName: "weblogic-azure" userEmail: ${{ secrets.USER_EMAIL }} diff --git a/.github/workflows/testWlsVmAdmin.yml b/.github/workflows/testWlsVmAdmin.yml index d593c9e47..3e25b69ff 100644 --- a/.github/workflows/testWlsVmAdmin.yml +++ b/.github/workflows/testWlsVmAdmin.yml @@ -30,7 +30,7 @@ env: offerName: arm-oraclelinux-wls-admin adminOfferPath: weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-admin testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} - refArmTtk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmTtk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f repoName: weblogic-azure repoOwner: ${{ secrets.USER_NAME }} diff --git a/.github/workflows/testWlsVmCluster.yml b/.github/workflows/testWlsVmCluster.yml index 83031706d..ccc779859 100644 --- a/.github/workflows/testWlsVmCluster.yml +++ b/.github/workflows/testWlsVmCluster.yml @@ -35,7 +35,7 @@ env: numberOfInstances: 2 offerName: arm-oraclelinux-wls-cluster offerPath: weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster - refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f repoName: weblogic-azure repoOwner: ${{ secrets.USER_NAME }} diff --git a/.github/workflows/testWlsVmDynamicCluster.yml b/.github/workflows/testWlsVmDynamicCluster.yml index 53f6abac8..5e1bfefcf 100644 --- a/.github/workflows/testWlsVmDynamicCluster.yml +++ b/.github/workflows/testWlsVmDynamicCluster.yml @@ -40,7 +40,7 @@ env: otnUser: ${{ secrets.OTN_USERID }} otnPassword: ${{ secrets.OTN_PASSWORD }} refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f - refArmTtk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refArmTtk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 repoName: weblogic-azure repoOwner: ${{ secrets.USER_NAME }} resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} From 7cae09528ab8ceab2b1004c390e9034b813a5cdb Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 3 Dec 2021 15:44:53 +0800 Subject: [PATCH 132/720] Update java ee ref. Signed-off-by: galiacheng --- .github/workflows/newtag.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml index f3a48ba79..5016feb39 100644 --- a/.github/workflows/newtag.yaml +++ b/.github/workflows/newtag.yaml @@ -14,8 +14,8 @@ on: env: tagbranch: "tagbranch" gitToken: ${{ secrets.GIT_TOKEN }} - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 - refJavaee: c073dee94765142158f62e5a3bee0f255dd7c3a0 + refArmttk: d97aa57d259e2fc8562e11501b1cf902265129d9 + refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f repoName: "weblogic-azure" userEmail: ${{ secrets.USER_EMAIL }} userName: ${{ secrets.USER_NAME }} From 10cb618f4d003d1b653e8ceca75f4f37d889e587 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 6 Dec 2021 10:00:43 +0800 Subject: [PATCH 133/720] On branch vm-arm-ttk: update to latest arm-ttk. Signed-off-by: galiacheng Changes to be committed: modified: .github/workflows/buildWlsAksArtifact.yml modified: .github/workflows/buildWlsVm4AsArtifact.yml modified: .github/workflows/buildWlsVm4CcArtifact.yml modified: .github/workflows/buildWlsVm4DcArtifact.yml modified: .github/workflows/buildWlsVm4SnArtifact.yml modified: .github/workflows/testWlsAksWithDependencyCreation.yml modified: .github/workflows/testWlsAksWithoutDependencyCreation.yml modified: .github/workflows/testWlsVmAdmin.yml modified: .github/workflows/testWlsVmCluster.yml modified: .github/workflows/testWlsVmDynamicCluster.yml --- .github/workflows/buildWlsAksArtifact.yml | 2 +- .github/workflows/buildWlsVm4AsArtifact.yml | 2 +- .github/workflows/buildWlsVm4CcArtifact.yml | 2 +- .github/workflows/buildWlsVm4DcArtifact.yml | 2 +- .github/workflows/buildWlsVm4SnArtifact.yml | 2 +- .github/workflows/testWlsAksWithDependencyCreation.yml | 2 +- .github/workflows/testWlsAksWithoutDependencyCreation.yml | 2 +- .github/workflows/testWlsVmAdmin.yml | 2 +- .github/workflows/testWlsVmCluster.yml | 2 +- .github/workflows/testWlsVmDynamicCluster.yml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/buildWlsAksArtifact.yml b/.github/workflows/buildWlsAksArtifact.yml index 8a47ec3a1..27b6d2ab1 100644 --- a/.github/workflows/buildWlsAksArtifact.yml +++ b/.github/workflows/buildWlsAksArtifact.yml @@ -8,7 +8,7 @@ on: # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '{"event_type": "aks-package"}' env: - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f azCliVersion: 2.30.0 location: eastus diff --git a/.github/workflows/buildWlsVm4AsArtifact.yml b/.github/workflows/buildWlsVm4AsArtifact.yml index ddb53ce92..e60079c91 100644 --- a/.github/workflows/buildWlsVm4AsArtifact.yml +++ b/.github/workflows/buildWlsVm4AsArtifact.yml @@ -14,7 +14,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls-admin" repoName: "weblogic-azure" diff --git a/.github/workflows/buildWlsVm4CcArtifact.yml b/.github/workflows/buildWlsVm4CcArtifact.yml index 376a9d89e..068bcff25 100644 --- a/.github/workflows/buildWlsVm4CcArtifact.yml +++ b/.github/workflows/buildWlsVm4CcArtifact.yml @@ -15,7 +15,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls-cluster" repoName: "weblogic-azure" diff --git a/.github/workflows/buildWlsVm4DcArtifact.yml b/.github/workflows/buildWlsVm4DcArtifact.yml index 6719dfa1e..879f3fe4d 100644 --- a/.github/workflows/buildWlsVm4DcArtifact.yml +++ b/.github/workflows/buildWlsVm4DcArtifact.yml @@ -15,7 +15,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls-dynamic-cluster" repoName: "weblogic-azure" diff --git a/.github/workflows/buildWlsVm4SnArtifact.yml b/.github/workflows/buildWlsVm4SnArtifact.yml index 731262049..9950c9d28 100644 --- a/.github/workflows/buildWlsVm4SnArtifact.yml +++ b/.github/workflows/buildWlsVm4SnArtifact.yml @@ -14,7 +14,7 @@ on: required: false default: 'refs/heads/main' env: - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f offerName: "arm-oraclelinux-wls" repoName: "weblogic-azure" diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml index 363747543..c0f3364da 100644 --- a/.github/workflows/testWlsAksWithDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -21,7 +21,7 @@ on: types: [aks-integration-test-with-dependency-creation] env: - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f azCliVersion: 2.30.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index 580d436f4..8f58addc8 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -36,7 +36,7 @@ on: types: [aks-integration-test-without-dependency-creation] env: - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f azCliVersion: 2.30.0 azureCredentials: ${{ secrets.AZURE_CREDENTIALS }} diff --git a/.github/workflows/testWlsVmAdmin.yml b/.github/workflows/testWlsVmAdmin.yml index 3e25b69ff..74556a245 100644 --- a/.github/workflows/testWlsVmAdmin.yml +++ b/.github/workflows/testWlsVmAdmin.yml @@ -30,7 +30,7 @@ env: offerName: arm-oraclelinux-wls-admin adminOfferPath: weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-admin testbranchName: cicd-${{ github.run_id }}-${{ github.run_number }} - refArmTtk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmTtk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f repoName: weblogic-azure repoOwner: ${{ secrets.USER_NAME }} diff --git a/.github/workflows/testWlsVmCluster.yml b/.github/workflows/testWlsVmCluster.yml index ccc779859..8508c39c7 100644 --- a/.github/workflows/testWlsVmCluster.yml +++ b/.github/workflows/testWlsVmCluster.yml @@ -35,7 +35,7 @@ env: numberOfInstances: 2 offerName: arm-oraclelinux-wls-cluster offerPath: weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster - refArmttk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmttk: 7dc2c2a7822c2825ea3524ac2af72e561847fece refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f repoName: weblogic-azure repoOwner: ${{ secrets.USER_NAME }} diff --git a/.github/workflows/testWlsVmDynamicCluster.yml b/.github/workflows/testWlsVmDynamicCluster.yml index 5e1bfefcf..0073897ac 100644 --- a/.github/workflows/testWlsVmDynamicCluster.yml +++ b/.github/workflows/testWlsVmDynamicCluster.yml @@ -40,7 +40,7 @@ env: otnUser: ${{ secrets.OTN_USERID }} otnPassword: ${{ secrets.OTN_PASSWORD }} refJavaee: 13fe6ec487024eb61355d661ab5700ae90cb0a8f - refArmTtk: d208d8bc8e5a12b04f69239881c0e4e460b9ed15 + refArmTtk: 7dc2c2a7822c2825ea3524ac2af72e561847fece repoName: weblogic-azure repoOwner: ${{ secrets.USER_NAME }} resourceGroupForDependency: wlsd-${{ github.run_id }}-${{ github.run_number }} From c54e14fd6a21b91514b622e1b66f071309667bbc Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 6 Dec 2021 10:26:00 +0800 Subject: [PATCH 134/720] On branch vm-arm-ttk: revert testing change. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls/pom.xml --- .../arm-oraclelinux-wls-admin/pom.xml | 4 +- .../addnode-coherence/pom.xml | 4 +- .../addnode/pom.xml | 4 +- .../arm-oraclelinux-wls-cluster/pom.xml | 4 +- .../deletenode/pom.xml | 4 +- .../addnode-coherence/pom.xml | 4 +- .../addnode/pom.xml | 4 +- .../pom.xml | 50 ++++++++++--------- .../deletenode/pom.xml | 4 +- weblogic-azure-vm/arm-oraclelinux-wls/pom.xml | 4 +- 10 files changed, 44 insertions(+), 42 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 01ae6eeec..d27fdb49a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -24,8 +24,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml index 1cc6b3dc9..ed84222eb 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode-coherence/pom.xml @@ -28,8 +28,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/"}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml index 6b23735cb..c096a42a1 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/pom.xml @@ -28,8 +28,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/"}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index 991f1c5b7..662c5793d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -28,8 +28,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml index 1e98ff886..452b0ae60 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/deletenode/pom.xml @@ -28,8 +28,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-cluster/"}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml index aa0156add..ffc539a09 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode-coherence/pom.xml @@ -26,8 +26,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode-coherence/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml index c928d5d55..9c837c679 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/pom.xml @@ -26,8 +26,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="addnode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index 68cf7fd81..cd6a39da6 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -6,29 +6,31 @@ --> - 4.0.0 + 4.0.0 - com.oracle.weblogic.azure - arm-oraclelinux-wls-dynamic-cluster - 1.0.26 + com.oracle.weblogic.azure + arm-oraclelinux-wls-dynamic-cluster + 1.0.26 + + + com.microsoft.azure.iaas + azure-javaee-iaas-parent + 1.0.13 + + + + jar + ${project.artifactId} - - com.microsoft.azure.iaas - azure-javaee-iaas-parent - 1.0.13 - - - - jar - ${project.artifactId} - - - https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm - ${basedir}/../../../../arm-ttk/arm-ttk - -TestParameter '@{"PasswordMinLength"=5}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties - - - - \ No newline at end of file + + https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm + ${basedir}/../../../../arm-ttk/arm-ttk + -TestParameter '@{"PasswordMinLength"=5}' + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + + + + + + diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml index ca2a89dfc..1a86dbfca 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/deletenode/pom.xml @@ -28,8 +28,8 @@ https://raw.githubusercontent.com/oracle/${git.repo}/${git.tag}/weblogic-azure-vm ${basedir}/../../../../arm-ttk/arm-ttk -TestParameter '@{"SampleName"="deletenode/src/main";"RawRepoPath"="${artifactsLocationBase}/arm-oraclelinux-wls-dynamic-cluster/"}' - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml index 95d1ce794..7dcb6556a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls/pom.xml @@ -25,8 +25,8 @@ arm-oraclelinux-wls ${basedir}/../../../arm-ttk/arm-ttk - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties - https://raw.githubusercontent.com/galiacheng/weblogic-azure/vm-arm-ttk/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties + https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties From 321bf7fa65a5f0c6eddbad9bcac8fa2e2a7fd41b Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 9 Dec 2021 14:25:59 -0800 Subject: [PATCH 135/720] On branch edburns-msft-gh-91-newtag-curl Copy approach from @zhengchang901 to allow workflow to be invoked from CURL or web modified: .github/workflows/newtag.yaml Signed-off-by: Ed Burns --- .github/workflows/newtag.yaml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yaml index 3c339862c..2628ad317 100644 --- a/.github/workflows/newtag.yaml +++ b/.github/workflows/newtag.yaml @@ -10,6 +10,12 @@ on: description: 'Specify Git Ref if needed.' required: false default: 'refs/heads/main' + repository_dispatch: + types: [gh-pages-newtag] + # sample cURL + # curl --verbose -X POST https://api.github.com/repos//weblogic-azure/dispatches -H 'Accept: application/vnd.github.everest-preview+json' -H 'Authorization: token ' --data '' + # sample + # {"event_type": "gh-pages-newtag, "client_payload": {"tagname": "2021-12-09-02-Q4" }} env: tagbranch: "tagbranch" @@ -24,6 +30,22 @@ jobs: newtag: runs-on: ubuntu-latest steps: + - name: Setup environment variables + id: setup-env-variables-based-on-dispatch-event + run: | + if [ ${{ github.event_name }} == 'workflow_dispatch' ]; then + tagname=${{ github.event.inputs.tagname }} + ref=${{ github.event.inputs.ref }} + else + tagname=${{ github.event.client_payload.tagname }} + ref=${{ github.event.client_payload.ref }} + fi + + echo "##[set-output name=tagname;]${tagname}" + echo "##[set-output name=ref;]${ref}" + echo "tagname=${tagname}" >> $GITHUB_ENV + echo "ref=${ref}" >> $GITHUB_ENV + - name: Checkout ${{ env.repoName }} uses: actions/checkout@v2 with: From 1c25e75f4b3a975e599fa989c3b4083f95d72744 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 9 Dec 2021 14:58:50 -0800 Subject: [PATCH 136/720] On branch edburns-msft-gh-91-newtag-curl renamed: newtag.yaml -> newtag.yml Signed-off-by: Ed Burns --- .github/workflows/{newtag.yaml => newtag.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{newtag.yaml => newtag.yml} (100%) diff --git a/.github/workflows/newtag.yaml b/.github/workflows/newtag.yml similarity index 100% rename from .github/workflows/newtag.yaml rename to .github/workflows/newtag.yml From 8821a5df9e9697d3c365d97ee8347ad2fe4dd699 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 9 Dec 2021 15:08:05 -0800 Subject: [PATCH 137/720] On branch edburns-msft-gh-91-newtag-curl Apply `types` property to `repository_dispatch` dictionary. modified: .github/workflows/testWlsVmAdmin.yml modified: .github/workflows/testWlsVmCluster.yml Signed-off-by: Ed Burns --- .github/workflows/testWlsVmAdmin.yml | 3 ++- .github/workflows/testWlsVmCluster.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/testWlsVmAdmin.yml b/.github/workflows/testWlsVmAdmin.yml index d593c9e47..07d19d5dd 100644 --- a/.github/workflows/testWlsVmAdmin.yml +++ b/.github/workflows/testWlsVmAdmin.yml @@ -13,8 +13,9 @@ on: # Allows you to run this workflow using GitHub APIs # PERSONAL_ACCESS_TOKEN= # REPO_NAME=mriccell/arm-oraclelinux-wls-admin - # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' + # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "test-vm-admin"}' repository_dispatch: + types: [test-vm-admin] env: adminConsolePort: 7005 diff --git a/.github/workflows/testWlsVmCluster.yml b/.github/workflows/testWlsVmCluster.yml index 83031706d..2d14570da 100644 --- a/.github/workflows/testWlsVmCluster.yml +++ b/.github/workflows/testWlsVmCluster.yml @@ -13,8 +13,9 @@ on: # Allows you to run this workflow using GitHub APIs # PERSONAL_ACCESS_TOKEN= # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster - # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' + # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "test-vm-cluster}' repository_dispatch: + types: [test-vm-cluster] env: adminConsolePort: 7001 From 84c9aa486839e884029a40f595dce46e1377a512 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 9 Dec 2021 15:10:58 -0800 Subject: [PATCH 138/720] On branch edburns-msft-gh-91-newtag-curl Change value of `types` property. modified: .github/workflows/testWlsVmDynamicCluster.yml Signed-off-by: Ed Burns --- .github/workflows/testWlsVmDynamicCluster.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/testWlsVmDynamicCluster.yml b/.github/workflows/testWlsVmDynamicCluster.yml index 53f6abac8..6d91c0cf5 100644 --- a/.github/workflows/testWlsVmDynamicCluster.yml +++ b/.github/workflows/testWlsVmDynamicCluster.yml @@ -13,9 +13,9 @@ on: # Allows you to run this workflow using GitHub APIs # PERSONAL_ACCESS_TOKEN= # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster - # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "production-deploy"}' + # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "test-vm-dynamic-cluster"}' repository_dispatch: - types: [integration-test] + types: [test-vm-dynamic-cluster] env: adminConsolePort: 7001 From cd3122f0f25dd2646404197b9a7cf788033d66ec Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 9 Dec 2021 16:33:46 -0800 Subject: [PATCH 139/720] On branch edburns-msft-gh-91-newtag-curl Use `tagname` from env. modified: .github/workflows/newtag.yml Signed-off-by: Ed Burns --- .github/workflows/newtag.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/newtag.yml b/.github/workflows/newtag.yml index 2628ad317..0cb418cff 100644 --- a/.github/workflows/newtag.yml +++ b/.github/workflows/newtag.yml @@ -150,7 +150,6 @@ jobs: git push ${authGitPath} ${tagbranch} -f # remove existing tag - tagname=${{ github.event.inputs.tagname }} if [[ -n `git ls-remote --tags | grep "${tagname}"` ]]; then git push ${authGitPath} --delete ${tagname} -f fi From 135d8023fcfb593040d445d054e3c267d0c33c53 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 9 Dec 2021 16:38:25 -0800 Subject: [PATCH 140/720] On branch edburns-msft-gh-91-newtag-curl Update default value for `tagname` modified: .github/workflows/newtag.yml Signed-off-by: Ed Burns --- .github/workflows/newtag.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/newtag.yml b/.github/workflows/newtag.yml index 0cb418cff..b86fd621d 100644 --- a/.github/workflows/newtag.yml +++ b/.github/workflows/newtag.yml @@ -5,7 +5,7 @@ on: tagname: description: 'Specify Tag name to create/update.' required: true - default: '2021-12-04-02-Q4' + default: '2021-12-10-01-Q4' ref: description: 'Specify Git Ref if needed.' required: false From 8cf792af5e7c96fd77c9fd29cba8b70b01ae160d Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 9 Dec 2021 16:41:44 -0800 Subject: [PATCH 141/720] On branch edburns-msft-gh-91-newtag-curl Update default value for `tagname` modified: .github/workflows/newtag.yml Signed-off-by: Ed Burns --- .github/workflows/testWlsVmCluster.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsVmCluster.yml b/.github/workflows/testWlsVmCluster.yml index 2d14570da..fb28bdf48 100644 --- a/.github/workflows/testWlsVmCluster.yml +++ b/.github/workflows/testWlsVmCluster.yml @@ -13,7 +13,7 @@ on: # Allows you to run this workflow using GitHub APIs # PERSONAL_ACCESS_TOKEN= # REPO_NAME=oracle/weblogic-azure/weblogic-azure-vm/arm-oraclelinux-wls-cluster - # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "test-vm-cluster}' + # curl --verbose -XPOST -u "mriccell:${PERSONAL_ACCESS_TOKEN}" -H "Accept: application/vnd.github.everest-preview+json" -H "Content-Type: application/json" https://api.github.com/repos/${REPO_NAME}/dispatches --data '{"event_type": "test-vm-cluster"}' repository_dispatch: types: [test-vm-cluster] From 57bfcc19c77857a2b01f9749bcfb137c0e5394a2 Mon Sep 17 00:00:00 2001 From: Gurudutt Suryanarayana <29789603+gnsuryan@users.noreply.github.com> Date: Fri, 10 Dec 2021 13:01:35 +0530 Subject: [PATCH 142/720] updated to modify selfhosted runner --- .github/workflows/testWlsVmAdmin.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsVmAdmin.yml b/.github/workflows/testWlsVmAdmin.yml index 74556a245..2774140d2 100644 --- a/.github/workflows/testWlsVmAdmin.yml +++ b/.github/workflows/testWlsVmAdmin.yml @@ -44,7 +44,7 @@ env: jobs: preflight: - runs-on: ubuntu-latest + runs-on: gurucicdrunner steps: - name: Checkout azure-javaee-iaas uses: actions/checkout@v2 From 6d76ffc6b0b8f4db70d7839eee9690ccd022990c Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 13 Dec 2021 15:20:26 -0800 Subject: [PATCH 143/720] On branch edburns-msft-88-howtodoc Push the newly created tag upstream, ignoring failure. modified: .github/workflows/newtag.yml Signed-off-by: Ed Burns --- .github/workflows/newtag.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/newtag.yml b/.github/workflows/newtag.yml index b86fd621d..7f8808041 100644 --- a/.github/workflows/newtag.yml +++ b/.github/workflows/newtag.yml @@ -157,4 +157,8 @@ jobs: # create new tag git tag ${tagname} git push ${authGitPath} ${tagname} -f + git remote add upstream git@github.com:oracle/weblogic-azure.git + # ignore the error if cannot push, but log it + push_upstream_ignore_failure () { echo "push upstream result: $?" return 0; } + git push upstream ${tagname} -f || push_upstream_ignore_failure git push ${authGitPath} --delete ${tagbranch} -f From fde64f514ef22a44ea30f73063b70271f2b8e6d7 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 13 Dec 2021 15:27:55 -0800 Subject: [PATCH 144/720] On branch edburns-msft-88-howtodoc Push the newly created tag upstream, ignoring failure. modified: .github/workflows/newtag.yml Signed-off-by: Ed Burns --- .github/workflows/newtag.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/newtag.yml b/.github/workflows/newtag.yml index 7f8808041..dcc3aec1c 100644 --- a/.github/workflows/newtag.yml +++ b/.github/workflows/newtag.yml @@ -157,7 +157,7 @@ jobs: # create new tag git tag ${tagname} git push ${authGitPath} ${tagname} -f - git remote add upstream git@github.com:oracle/weblogic-azure.git + git remote add upstream $gitToken@github.com:oracle/weblogic-azure.git # ignore the error if cannot push, but log it push_upstream_ignore_failure () { echo "push upstream result: $?" return 0; } git push upstream ${tagname} -f || push_upstream_ignore_failure From 534f29c79e2e1e75d143f3ea59ae884b5d406287 Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor Date: Tue, 14 Dec 2021 15:26:20 +0530 Subject: [PATCH 145/720] Updated CICD workflow and verify-wls-access script --- .github/workflows/testWlsVmAdmin.yml | 4 +- .github/workflows/testWlsVmCluster.yml | 2 +- .../test/scripts/verify-wls-access.sh | 23 ++------ .../test/scripts/verify-wls-access.sh | 47 +++++----------- .../test/scripts/verify-wls-access.sh | 53 ++++++------------- 5 files changed, 36 insertions(+), 93 deletions(-) diff --git a/.github/workflows/testWlsVmAdmin.yml b/.github/workflows/testWlsVmAdmin.yml index 869fe522f..384d197c2 100644 --- a/.github/workflows/testWlsVmAdmin.yml +++ b/.github/workflows/testWlsVmAdmin.yml @@ -330,7 +330,7 @@ jobs: --destination-port-ranges 443 22 fi - echo "Allow access to 7005" + echo "Allow access to ${adminConsolePort}" az network nsg rule update \ --resource-group $resourceGroup \ --nsg-name ${nsg} \ @@ -388,7 +388,7 @@ jobs: run: | echo "Verifying Weblogic Server Access" echo ${wlsPublicIP} - bash ${{ env.adminOfferPath }}/test/scripts/verify-wls-access.sh <<< "${wlsPublicIP} 7005" + bash ${{ env.adminOfferPath }}/test/scripts/verify-wls-access.sh <<< "${wlsPublicIP} ${adminConsolePort}" - name: Deploy DB Template to Connect to Azure Postgresql Database id: enable-postgresql-db diff --git a/.github/workflows/testWlsVmCluster.yml b/.github/workflows/testWlsVmCluster.yml index 9a79a8fde..a29cdce11 100644 --- a/.github/workflows/testWlsVmCluster.yml +++ b/.github/workflows/testWlsVmCluster.yml @@ -635,7 +635,7 @@ jobs: id: deploy-webapp run: | echo "Deploy WebLogic Cafe to server" - timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${adminVMDNS} 7001 + timeout 6m sh -c 'until nc -zv $0 $1; do echo "nc rc: $?"; sleep 5; done' ${adminVMDNS} ${adminConsolePort} bash ${{ env.offerPath }}/test/scripts/deploy-webapp.sh - name: Verify WebLogicCafe app is successfully deployed diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-wls-access.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-wls-access.sh index c0af51526..cc808ac28 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-wls-access.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/test/scripts/verify-wls-access.sh @@ -7,34 +7,21 @@ #read arguments from stdin read adminPublicIP adminPort -isSuccess=false -maxAttempt=5 -attempt=1 +CURL_PARMS="--connect-timeout 60 --max-time 180 --retry 10 --retry-delay 30 --retry-max-time 180 --retry-connrefused" + echo "Verifying http://${adminPublicIP}:${adminPort}/weblogic/ready" -while [ $attempt -le $maxAttempt ] -do - echo "Attempt $attempt :- Checking WebLogic admin server is accessible" - curl http://${adminPublicIP}:${adminPort}/weblogic/ready - if [ $? == 0 ]; then - isSuccess=true - break - fi - attempt=`expr $attempt + 1` - sleep 2m -done +curl ${CURL_PARMS} http://${adminPublicIP}:${adminPort}/weblogic/ready -if [[ $isSuccess == "false" ]]; then +if [[ $? != 0 ]]; then echo "Failed : WebLogic admin server is not accessible" exit 1 else echo "WebLogic admin server is accessible" fi -sleep 1m - # Verifying whether admin console is accessible echo "Checking WebLogic admin console is acessible" -curl http://${adminPublicIP}:${adminPort}/console/ +curl ${CURL_PARMS} http://${adminPublicIP}:${adminPort}/console/ if [[ $? != 0 ]]; then echo "WebLogic admin console is not accessible" exit 1 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-wls-access.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-wls-access.sh index acddc92e9..4ff452b00 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-wls-access.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/test/scripts/verify-wls-access.sh @@ -10,63 +10,40 @@ #read arguments from stdin read adminPublicIP adminPort wlsUserName wlspassword managedServers -isSuccess=false -maxAttempt=5 -attempt=1 +CURL_PARMS="--connect-timeout 60 --max-time 180 --retry 10 --retry-delay 30 --retry-max-time 180 --retry-connrefused" + echo "Verifying http://${adminPublicIP}:${adminPort}/weblogic/ready" -while [ $attempt -le $maxAttempt ] -do - echo "Attempt $attempt :- Checking WebLogic admin server is accessible" - curl http://${adminPublicIP}:${adminPort}/weblogic/ready - if [ $? == 0 ]; then - isSuccess=true - break - fi - attempt=`expr $attempt + 1` - sleep 2m -done +curl ${CURL_PARMS} http://${adminPublicIP}:${adminPort}/weblogic/ready -if [[ $isSuccess == "false" ]]; then +if [[ $? != 0 ]]; then echo "Failed : WebLogic admin server is not accessible" exit 1 else echo "WebLogic admin server is accessible" fi -sleep 1m - # Verifying whether admin console is accessible echo "Checking WebLogic admin console is acessible" -curl http://${adminPublicIP}:${adminPort}/console/ +curl ${CURL_PARMS} http://${adminPublicIP}:${adminPort}/console/ if [[ $? != 0 ]]; then echo "WebLogic admin console is not accessible" exit 1 else echo "WebLogic admin console is accessible" + exit 0 fi + #Verifying whether managed servers are up/running for managedServer in $managedServers do echo "Verifying managed server : $managedServer" - isSuccess=false - maxAttempt=3 - attempt=1 - while [ $attempt -le $maxAttempt ] - do - curl --user $wlsUserName:$wlspassword -X GET -H 'X-Requested-By: MyClient' -H 'Content-Type: application/json' -H 'Accept: application/json' -i "http://${adminPublicIP}:${adminPort}/management/weblogic/latest/domainRuntime/serverRuntimes/$managedServer" | grep "\"state\": \"RUNNING\"" - if [ $? == 0 ]; then - isSuccess=true - break - fi - attempt=`expr $attempt + 1 ` - sleep 30s - done - if [[ $isSuccess == "false" ]]; then - echo "$managedServer managed server is not in RUNNING state" - exit 1 + curl ${CURL_PARMS} --user $wlsUserName:$wlspassword -X GET -H 'X-Requested-By: MyClient' -H 'Content-Type: application/json' -H 'Accept: application/json' -i "http://${adminPublicIP}:${adminPort}/management/weblogic/latest/domainRuntime/serverRuntimes/$managedServer" | grep "\"state\": \"RUNNING\"" + if [ $? == 0 ]; then + echo "$managedServer managed server is in RUNNING state" else - echo "$managedServer managed server is in RUNNING state" + echo "$managedServer managed server is not in RUNNING state" + exit 1 fi done exit 0 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-wls-access.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-wls-access.sh index 5a3d6f36b..4ff452b00 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-wls-access.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/test/scripts/verify-wls-access.sh @@ -1,70 +1,49 @@ #!/bin/bash + # Copyright (c) 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. -# +# Description +# This script is to test WebLogic admin, console and managed servers access. + # Verifying admin server is accessible +#read arguments from stdin read adminPublicIP adminPort wlsUserName wlspassword managedServers +CURL_PARMS="--connect-timeout 60 --max-time 180 --retry 10 --retry-delay 30 --retry-max-time 180 --retry-connrefused" -isSuccess=false -maxAttempt=5 -attempt=1 echo "Verifying http://${adminPublicIP}:${adminPort}/weblogic/ready" -while [ $attempt -le $maxAttempt ] -do - echo "Attempt $attempt :- Checking WebLogic admin server is accessible" - curl http://${adminPublicIP}:${adminPort}/weblogic/ready - if [ $? == 0 ]; then - isSuccess=true - break - fi - attempt=`expr $attempt + 1` - sleep 2m -done +curl ${CURL_PARMS} http://${adminPublicIP}:${adminPort}/weblogic/ready -if [[ $isSuccess == "false" ]]; then +if [[ $? != 0 ]]; then echo "Failed : WebLogic admin server is not accessible" exit 1 else echo "WebLogic admin server is accessible" fi -sleep 1m - # Verifying whether admin console is accessible echo "Checking WebLogic admin console is acessible" -curl http://${adminPublicIP}:${adminPort}/console/ +curl ${CURL_PARMS} http://${adminPublicIP}:${adminPort}/console/ if [[ $? != 0 ]]; then echo "WebLogic admin console is not accessible" exit 1 else echo "WebLogic admin console is accessible" + exit 0 fi + #Verifying whether managed servers are up/running for managedServer in $managedServers do echo "Verifying managed server : $managedServer" - isSuccess=false - maxAttempt=3 - attempt=1 - while [ $attempt -le $maxAttempt ] - do - curl --user $wlsUserName:$wlspassword -X GET -H 'X-Requested-By: MyClient' -H 'Content-Type: application/json' -H 'Accept: application/json' -i "http://${adminPublicIP}:${adminPort}/management/weblogic/latest/domainRuntime/serverRuntimes/$managedServer" | grep "\"state\": \"RUNNING\"" - if [ $? == 0 ]; then - isSuccess=true - break - fi - attempt=`expr $attempt + 1 ` - sleep 30s - done - if [[ $isSuccess == "false" ]]; then - echo "$managedServer managed server is not in RUNNING state" - exit 1 + curl ${CURL_PARMS} --user $wlsUserName:$wlspassword -X GET -H 'X-Requested-By: MyClient' -H 'Content-Type: application/json' -H 'Accept: application/json' -i "http://${adminPublicIP}:${adminPort}/management/weblogic/latest/domainRuntime/serverRuntimes/$managedServer" | grep "\"state\": \"RUNNING\"" + if [ $? == 0 ]; then + echo "$managedServer managed server is in RUNNING state" else - echo "$managedServer managed server is in RUNNING state" + echo "$managedServer managed server is not in RUNNING state" + exit 1 fi done exit 0 - From 631a4902b75c13cef07560091d172b9cfb294593 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Tue, 14 Dec 2021 13:11:35 -0800 Subject: [PATCH 146/720] wOn branch edburns-msft-em-1081 https://dev.azure.com/edburns-msft/Open%20Standard%20Enterprise%20Java%20(Java%20EE)%20on%20Azure/_workitems/edit/1083 modified: weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh - Prepend java option for this issue. Signed-off-by: Ed Burns --- weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh index f8b2ede38..48d11da2f 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh @@ -662,7 +662,7 @@ function setup_wls_domain() { if [[ "${enableClusterT3Channel,,}" == "true" ]] || [[ "${enableAdminT3Channel,,}" == "true" ]]; then # for remote t3/t3s access. # refer to https://oracle.github.io/weblogic-kubernetes-operator/faq/external-clients/#enabling-unknown-host-access - javaOptions="-Dweblogic.rjvm.allowUnknownHost=true ${javaOptions}" + javaOptions="-Dlog4j2.formatMsgNoLookups=true -Dweblogic.rjvm.allowUnknownHost=true ${javaOptions}" fi # create namespace From 2a2cb6f38092f40321ccafad31ab728b03a65bad Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Wed, 15 Dec 2021 07:41:10 +0000 Subject: [PATCH 147/720] Including log4j security vulnerability fix for all WLS on Azure offers --- .../main/scripts/configureCustomAdminSSL.sh | 8 ++++++-- .../src/main/scripts/setupAdminDomain.sh | 17 +++++++++++------ .../addnode/src/main/scripts/addnode.sh | 18 +++++++++++++++--- .../src/main/scripts/aadIntegration.sh | 5 ++++- .../src/main/scripts/setupClusterDomain.sh | 12 +++++++++++- .../src/main/scripts/setupCoherence.sh | 10 +++++++++- .../main/scripts/addNodeToDynamicCluster.sh | 3 +++ .../src/main/scripts/setupCoherence.sh | 10 +++++++++- .../main/scripts/setupDynamicClusterDomain.sh | 7 +++++++ 9 files changed, 75 insertions(+), 15 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh index 8679b448f..c9943c5c5 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh @@ -128,8 +128,12 @@ if isCustomSSLEnabled == 'true' : cd('/Servers/$wlsServerName/ServerStart/$wlsServerName') arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true' -cmo.setArguments(arguments) - +oldArgs = cmo.getArguments() + if oldArgs != None: + newArgs = oldArgs + ' ' + arguments; + else: + newArgs = arguments +cmo.setArguments(newArgs) save() resolve() activate() diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh index 8d6e6a51d..04d24d858 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh @@ -117,10 +117,12 @@ EOF ServerPrivateKeyPassPhraseEncrypted: "$serverPrivateKeyPassPhrase" ListenPort: $wlsSSLAdminPort Enabled: true + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' WebServer: - FrontendHost: '${adminPublicHostName}' - FrontendHTTPSPort: $wlsSSLAdminPort - FrontendHTTPPort: $wlsAdminPort + FrontendHost: '${adminPublicHostName}' + FrontendHTTPSPort: $wlsSSLAdminPort + FrontendHTTPPort: $wlsAdminPort EOF else cat <>$DOMAIN_PATH/admin-domain.yaml @@ -145,10 +147,12 @@ topology: SSL: ListenPort: $wlsSSLAdminPort Enabled: true + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' WebServer: - FrontendHost: '${adminPublicHostName}' - FrontendHTTPSPort: $wlsSSLAdminPort - FrontendHTTPPort: $wlsAdminPort + FrontendHost: '${adminPublicHostName}' + FrontendHTTPSPort: $wlsSSLAdminPort + FrontendHTTPPort: $wlsAdminPort EOF fi } @@ -488,6 +492,7 @@ installUtilities mountFileShare +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" KEYSTORE_PATH="${DOMAIN_PATH}/${wlsDomainName}/keystores" samplApp="https://www.oracle.com/webfolder/technetwork/tutorials/obe/fmw/wls/10g/r3/cluster/session_state/files/shoppingcart.zip" wlsAdminPort=7001 diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh index fcd0524d5..ef91eed60 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh @@ -194,6 +194,8 @@ topology: Notes: "$wlsServerName managed server" Cluster: "$wlsClusterName" Machine: "$nmHost" + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' SecurityConfiguration: NodeManagerUsername: "$wlsUserName" NodeManagerPasswordEncrypted: "$wlsPassword" @@ -259,8 +261,12 @@ if isCustomSSLEnabled == 'true' : cd('/Servers/$wlsServerName/ServerStart/$wlsServerName') arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true' -cmo.setArguments(arguments) - +oldArgs = cmo.getArguments() + if oldArgs != None: + newArgs = oldArgs + ' ' + arguments; + else: + newArgs = arguments +cmo.setArguments(newArgs) EOF if [ "$appGWHostName" != "null" ]; then @@ -334,7 +340,12 @@ EOF cat <>$wlsDomainPath/add-server.py cd('/Servers/$wlsServerName//ServerStart/$wlsServerName') -cmo.setArguments(arguments) +oldArgs = cmo.getArguments() + if oldArgs != None: + newArgs = oldArgs + ' ' + arguments; + else: + newArgs = arguments +cmo.setArguments(newArgs) save() resolve() activate() @@ -732,6 +743,7 @@ username="oracle" groupname="oracle" KEYSTORE_PATH="$wlsDomainPath/$wlsDomainName/keystores" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" chmod ugo+x ${SCRIPT_PWD}/elkIntegration.sh diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/aadIntegration.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/aadIntegration.sh index f0ef3f737..0795e454f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/aadIntegration.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/aadIntegration.sh @@ -208,7 +208,10 @@ EOF print "Enable TLSv1.2 in " + server.getName() cd('/Servers/'+server.getName()+'//ServerStart/'+server.getName()) arguments = cmo.getArguments() - arguments = arguments + ' ' + '${JAVA_OPTIONS_TLS_V12}' + if(str(arguments) == 'None'): + arguments = '${JAVA_OPTIONS_TLS_V12}' + else: + arguments = str(arguments) + ' ' + '${JAVA_OPTIONS_TLS_V12}' cmo.setArguments(arguments) EOF fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh index 8c4bb1939..08cc7f09f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh @@ -153,6 +153,8 @@ topology: Enabled: true ListenPortEnabled: ${isHTTPAdminListenPortEnabled} RestartDelaySeconds: 10 + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' EOF if [ "${isCustomSSLEnabled}" == "true" ]; @@ -217,6 +219,8 @@ topology: Notes: "$wlsServerName managed server" Cluster: "$wlsClusterName" Machine: "$nmHost" + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' EOF if [ "${isCustomSSLEnabled}" == "true" ]; @@ -310,7 +314,12 @@ cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName//ServerStart/$wlsServerName') arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.management.server=${SERVER_START_URL} -Dweblogic.security.SSL.ignoreHostnameVerification=true' -cmo.setArguments(arguments) +oldArgs = cmo.getArguments() + if oldArgs != None: + newArgs = oldArgs + ' ' + arguments; + else: + newArgs = arguments +cmo.setArguments(newArgs) save() resolve() activate() @@ -763,6 +772,7 @@ wlsManagedPort=8001 DOMAIN_PATH="/u01/domains" startWebLogicScript="${DOMAIN_PATH}/${wlsDomainName}/startWebLogic.sh" stopWebLogicScript="${DOMAIN_PATH}/${wlsDomainName}/bin/customStopWebLogic.sh" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" wlsAdminURL="$wlsAdminHost:$wlsAdminT3ChannelPort" SERVER_START_URL="http://$wlsAdminURL" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh index 09ce6e592..f03a8fdaa 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh @@ -208,6 +208,8 @@ topology: Notes: "$wlsServerName managed server" Cluster: "$storageClusterName" Machine: "$nmHost" + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' EOF if [ "${isCustomSSLEnabled}" == "true" ]; @@ -299,7 +301,12 @@ cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName/ServerStart/$wlsServerName') arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.management.server=http://$wlsAdminURL ${wlsCoherenceArgs}' -cmo.setArguments(arguments) +oldArgs = cmo.getArguments() + if oldArgs != None: + newArgs = oldArgs + ' ' + arguments; + else: + newArgs = arguments +cmo.setArguments(newArgs) save() resolve() activate() @@ -667,6 +674,7 @@ username="oracle" wlsAdminServerName="admin" wlsCoherenceArgs="-Dcoherence.localport=$coherenceLocalport -Dcoherence.localport.adjust=$coherenceLocalportAdjust" KEYSTORE_PATH="${wlsDomainPath}/${wlsDomainName}/keystores" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" if [ ${serverIndex} -eq 0 ]; then wlsServerName="admin" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh index 28abb0934..fc0cbc029 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh @@ -189,6 +189,8 @@ topology: '${dynamicServerTemplate}' : ListenPort: ${wlsManagedPort} Cluster: '${wlsClusterName}' + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' SSL: HostnameVerificationIgnored: true HostnameVerifier: 'None' @@ -643,6 +645,7 @@ WEBLOGIC_DEPLOY_TOOL=https://github.com/oracle/weblogic-deploy-tooling/releases/ username="oracle" groupname="oracle" KEYSTORE_PATH="$wlsDomainPath/$wlsDomainName/keystores" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" cleanup installUtilities diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh index 48ccf5f69..2d6970643 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh @@ -218,6 +218,8 @@ topology: Notes: "$wlsServerName managed server" Cluster: "$storageClusterName" Machine: "$nmHost" + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' EOF if [ "${isCustomSSLEnabled}" == "true" ]; @@ -310,7 +312,12 @@ cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName//ServerStart/$wlsServerName') arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.management.server=http://$wlsAdminURL ${wlsCoherenceUnicastPortRange}' -cmo.setArguments(arguments) +oldArgs = cmo.getArguments() + if oldArgs != None: + newArgs = oldArgs + ' ' + arguments; + else: + newArgs = arguments +cmo.setArguments(newArgs) save() resolve() activate() @@ -634,6 +641,7 @@ wlsAdminURL="${adminVMName}:${wlsAdminT3ChannelPort}" wlsCoherenceUnicastPortRange="-Dcoherence.localport=$coherenceLocalport -Dcoherence.localport.adjust=$coherenceLocalportAdjust" wlsServerTemplate="myServerTemplate" KEYSTORE_PATH="${wlsDomainPath}/${wlsDomainName}/keystores" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" if [ ${serverIndex} -eq 0 ]; then wlsServerName="admin" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh index 4a659a96c..e35e4dc5f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh @@ -154,6 +154,8 @@ topology: ListenPort: $wlsAdminT3ChannelPort Protocol: t3 Enabled: true + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' SSL: ListenPort: $wlsSSLAdminPort Enabled: true @@ -198,6 +200,8 @@ EOF '${dynamicServerTemplate}' : ListenPort: ${wlsManagedPort} Cluster: '${wlsClusterName}' + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' SSL: HostnameVerificationIgnored: true HostnameVerifier: 'None' @@ -263,6 +267,8 @@ topology: '${dynamicServerTemplate}': ListenPort: ${wlsManagedPort} Cluster: '${wlsClusterName}' + ServerStart: + Arguments: '${SERVER_STARTUP_ARGS}' SSL: HostnameVerificationIgnored: true HostnameVerifier: 'None' @@ -817,6 +823,7 @@ read wlsDomainName wlsUserName wlsPassword managedServerPrefix indexValue vmName DOMAIN_PATH="/u01/domains" startWebLogicScript="${DOMAIN_PATH}/${wlsDomainName}/startWebLogic.sh" stopWebLogicScript="${DOMAIN_PATH}/${wlsDomainName}/bin/customStopWebLogic.sh" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" isHTTPAdminListenPortEnabled="${isHTTPAdminListenPortEnabled,,}" From 4b71a4faa1e5a081486e446314167da5762c6995 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 16 Dec 2021 13:48:12 +0800 Subject: [PATCH 148/720] Apply -Dlog4j2.formatMsgNoLookups=true to default java options. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/common.sh modified: weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh modified: weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh modified: weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh --- weblogic-azure-aks/src/main/arm/scripts/common.sh | 1 + weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh | 2 +- weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh | 2 +- weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/common.sh b/weblogic-azure-aks/src/main/arm/scripts/common.sh index dcf214f3d..1a3195109 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/common.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/common.sh @@ -9,6 +9,7 @@ export constAdminT3AddressEnvName="T3_TUNNELING_ADMIN_ADDRESS" export constAdminServerName='admin-server' export constClusterName='cluster-1' export constClusterT3AddressEnvName="T3_TUNNELING_CLUSTER_ADDRESS" +export constDefaultJavaOptions="-Dlog4j2.formatMsgNoLookups=true -Dweblogic.StdoutDebugEnabled=false" # the java options will be applied to the cluster export constFalse="false" export constTrue="true" diff --git a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh index d4072b1d4..c0ce95bcf 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh @@ -88,7 +88,7 @@ spec: - name: CUSTOM_DOMAIN_NAME value: "${wlsDomainName}" - name: JAVA_OPTIONS - value: "-Dweblogic.StdoutDebugEnabled=false ${javaOptions}" + value: "${constDefaultJavaOptions} ${javaOptions}" - name: USER_MEM_ARGS value: "-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m -XX:MinRAMPercentage=25.0 -XX:MaxRAMPercentage=50.0 " - name: MANAGED_SERVER_PREFIX diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh index 48d11da2f..f8b2ede38 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh @@ -662,7 +662,7 @@ function setup_wls_domain() { if [[ "${enableClusterT3Channel,,}" == "true" ]] || [[ "${enableAdminT3Channel,,}" == "true" ]]; then # for remote t3/t3s access. # refer to https://oracle.github.io/weblogic-kubernetes-operator/faq/external-clients/#enabling-unknown-host-access - javaOptions="-Dlog4j2.formatMsgNoLookups=true -Dweblogic.rjvm.allowUnknownHost=true ${javaOptions}" + javaOptions="-Dweblogic.rjvm.allowUnknownHost=true ${javaOptions}" fi # create namespace diff --git a/weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh b/weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh index 86db0c86c..aa2e252d2 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/updateDomainConfig.sh @@ -182,7 +182,7 @@ while [ $index -lt ${envLength} ]; do index=$((index+1)) if [[ "${envItemName}" == "JAVA_OPTIONS" ]];then - envItemValue="\"-Dweblogic.StdoutDebugEnabled=false ${javaOptions}\"" + envItemValue="\"${constDefaultJavaOptions} ${javaOptions}\"" fi # do not copy value from SSL_ env From 856bc639e063c1619374e2555fceb42a80dcc7fe Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Thu, 16 Dec 2021 11:04:57 +0000 Subject: [PATCH 149/720] further changes to fix the log4j security issue --- .../main/scripts/configureCustomAdminSSL.sh | 11 ++-- .../src/main/scripts/setupAdminDomain.sh | 1 + .../addnode/src/main/scripts/addnode.sh | 19 +++---- .../src/main/scripts/setupClusterDomain.sh | 12 +++-- .../src/main/scripts/setupCoherence.sh | 11 ++-- .../main/scripts/addNodeToDynamicCluster.sh | 1 + .../src/main/scripts/setupCoherence.sh | 12 ++--- .../main/scripts/setupDynamicClusterDomain.sh | 50 +++++++++++++++++-- 8 files changed, 83 insertions(+), 34 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh index c9943c5c5..eb2d9ab44 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/admin-ssl-post-deploy/src/main/scripts/configureCustomAdminSSL.sh @@ -127,12 +127,12 @@ if isCustomSSLEnabled == 'true' : cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName/ServerStart/$wlsServerName') -arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true' +arguments = '${SERVER_STARTUP_ARGS} -Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true' oldArgs = cmo.getArguments() - if oldArgs != None: - newArgs = oldArgs + ' ' + arguments; - else: - newArgs = arguments +if oldArgs != None: + newArgs = oldArgs + ' ' + arguments +else: + newArgs = arguments cmo.setArguments(newArgs) save() resolve() @@ -305,6 +305,7 @@ username="oracle" groupname="oracle" KEYSTORE_PATH="$wlsDomainPath/$wlsDomainName/keystores" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" validateInput cleanup diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh index 04d24d858..1bd3fbf21 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh @@ -226,6 +226,7 @@ Wants=network-online.target [Service] Type=simple WorkingDirectory="/u01/domains/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="${startWebLogicScript}" ExecStop="${stopWebLogicScript}" User=oracle diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh index ef91eed60..308be3150 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/addnode/src/main/scripts/addnode.sh @@ -260,12 +260,12 @@ if isCustomSSLEnabled == 'true' : cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName/ServerStart/$wlsServerName') -arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true' +arguments = '${SERVER_STARTUP_ARGS} -Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true' oldArgs = cmo.getArguments() - if oldArgs != None: - newArgs = oldArgs + ' ' + arguments; - else: - newArgs = arguments +if oldArgs != None: + newArgs = oldArgs + ' ' + arguments +else: + newArgs = arguments cmo.setArguments(newArgs) EOF @@ -341,10 +341,10 @@ EOF cat <>$wlsDomainPath/add-server.py cd('/Servers/$wlsServerName//ServerStart/$wlsServerName') oldArgs = cmo.getArguments() - if oldArgs != None: - newArgs = oldArgs + ' ' + arguments; - else: - newArgs = arguments +if oldArgs != None: + newArgs = oldArgs + ' ' + arguments +else: + newArgs = arguments cmo.setArguments(newArgs) save() resolve() @@ -419,6 +419,7 @@ Type=simple # Note that the following three parameters should be changed to the correct paths # on your own system WorkingDirectory="$wlsDomainPath/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="$wlsDomainPath/$wlsDomainName/bin/startNodeManager.sh" ExecStop="$wlsDomainPath/$wlsDomainName/bin/stopNodeManager.sh" User=oracle diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh index 08cc7f09f..1af3d258e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh @@ -313,12 +313,12 @@ set('ServerPrivateKeyPassPhrase', '$serverPrivateKeyPassPhrase') cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName//ServerStart/$wlsServerName') -arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.management.server=${SERVER_START_URL} -Dweblogic.security.SSL.ignoreHostnameVerification=true' +arguments = '${SERVER_STARTUP_ARGS} -Dweblogic.Name=$wlsServerName -Dweblogic.management.server=${SERVER_START_URL} -Dweblogic.security.SSL.ignoreHostnameVerification=true' oldArgs = cmo.getArguments() - if oldArgs != None: - newArgs = oldArgs + ' ' + arguments; - else: - newArgs = arguments +if oldArgs != None: + newArgs = oldArgs + ' ' + arguments +else: + newArgs = arguments cmo.setArguments(newArgs) save() resolve() @@ -438,6 +438,7 @@ Type=simple # Note that the following three parameters should be changed to the correct paths # on your own system WorkingDirectory="$DOMAIN_PATH/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="$DOMAIN_PATH/$wlsDomainName/bin/startNodeManager.sh" ExecStop="$DOMAIN_PATH/$wlsDomainName/bin/stopNodeManager.sh" User=oracle @@ -466,6 +467,7 @@ Wants=network-online.target [Service] Type=simple WorkingDirectory="$DOMAIN_PATH/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="${startWebLogicScript}" ExecStop="${stopWebLogicScript}" User=oracle diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh index f03a8fdaa..4361504ef 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupCoherence.sh @@ -300,12 +300,12 @@ set('ServerPrivateKeyPassPhrase', '$serverPrivateKeyPassPhrase') cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName/ServerStart/$wlsServerName') -arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.management.server=http://$wlsAdminURL ${wlsCoherenceArgs}' +arguments = '${SERVER_STARTUP_ARGS} -Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.management.server=http://$wlsAdminURL ${wlsCoherenceArgs}' oldArgs = cmo.getArguments() - if oldArgs != None: - newArgs = oldArgs + ' ' + arguments; - else: - newArgs = arguments +if oldArgs != None: + newArgs = oldArgs + ' ' + arguments +else: + newArgs = arguments cmo.setArguments(newArgs) save() resolve() @@ -377,6 +377,7 @@ Type=simple # Note that the following three parameters should be changed to the correct paths # on your own system WorkingDirectory="$wlsDomainPath/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="$wlsDomainPath/$wlsDomainName/bin/startNodeManager.sh" ExecStop="$wlsDomainPath/$wlsDomainName/bin/stopNodeManager.sh" User=oracle diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh index fc0cbc029..0ea655241 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/addnode/src/main/scripts/addNodeToDynamicCluster.sh @@ -401,6 +401,7 @@ Type=simple # Note that the following three parameters should be changed to the correct paths # on your own system WorkingDirectory="$wlsDomainPath/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="$wlsDomainPath/$wlsDomainName/bin/startNodeManager.sh" ExecStop="$wlsDomainPath/$wlsDomainName/bin/stopNodeManager.sh" User=oracle diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh index 2d6970643..484995673 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupCoherence.sh @@ -311,12 +311,12 @@ set('ServerPrivateKeyPassPhrase', '$serverPrivateKeyPassPhrase') cmo.setHostnameVerificationIgnored(true) cd('/Servers/$wlsServerName//ServerStart/$wlsServerName') -arguments = '-Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.management.server=http://$wlsAdminURL ${wlsCoherenceUnicastPortRange}' +arguments = '${SERVER_STARTUP_ARGS} -Dweblogic.Name=$wlsServerName -Dweblogic.security.SSL.ignoreHostnameVerification=true -Dweblogic.management.server=http://$wlsAdminURL ${wlsCoherenceUnicastPortRange}' oldArgs = cmo.getArguments() - if oldArgs != None: - newArgs = oldArgs + ' ' + arguments; - else: - newArgs = arguments +if oldArgs != None: + newArgs = oldArgs + ' ' + arguments +else: + newArgs = arguments cmo.setArguments(newArgs) save() resolve() @@ -388,6 +388,7 @@ Type=simple # Note that the following three parameters should be changed to the correct paths # on your own system WorkingDirectory="$wlsDomainPath/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="$wlsDomainPath/$wlsDomainName/bin/startNodeManager.sh" ExecStop="$wlsDomainPath/$wlsDomainName/bin/stopNodeManager.sh" User=oracle @@ -659,7 +660,6 @@ else installUtilities mountFileShare openPortsForCoherence - updateNetworkRules storeCustomSSLCerts createManagedSetup createNodeManagerService diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh index e35e4dc5f..500925f1e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh @@ -200,8 +200,6 @@ EOF '${dynamicServerTemplate}' : ListenPort: ${wlsManagedPort} Cluster: '${wlsClusterName}' - ServerStart: - Arguments: '${SERVER_STARTUP_ARGS}' SSL: HostnameVerificationIgnored: true HostnameVerifier: 'None' @@ -267,8 +265,6 @@ topology: '${dynamicServerTemplate}': ListenPort: ${wlsManagedPort} Cluster: '${wlsClusterName}' - ServerStart: - Arguments: '${SERVER_STARTUP_ARGS}' SSL: HostnameVerificationIgnored: true HostnameVerifier: 'None' @@ -350,6 +346,38 @@ disconnect() EOF } + +#This function sets the server startup arguments to dynamic server template +function createServerStartArgumentPyScript() +{ + +# Exclusive lock is used for startEdit, without that intermittently it is noticed that deployment fails +# Refer issue https://github.com/wls-eng/arm-oraclelinux-wls/issues/280 + + echo "setting server startup arguments for Dynamic Server Template: ${wlsServerTemplate}" + cat <$DOMAIN_PATH/setServerStartArgs.py +connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') + +try: + edit() + startEdit(60000,60000,'true') + cd('/ServerTemplates/${wlsServerTemplate}/ServerStart/${wlsServerTemplate}') + arguments = cmo.getArguments() + if(str(arguments) == 'None'): + arguments = '${SERVER_STARTUP_ARGS}' + elif ( '${SERVER_STARTUP_ARGS}' not in str(arguments)): + arguments = str(arguments) + ' ' + '${SERVER_STARTUP_ARGS}' + + cmo.setArguments(arguments) + save() + activate() +except Exception, e: + print e + +disconnect() +EOF +} + #This function creates py Script to enroll Node Manager to the Domain function createEnrollServerPyScript() { @@ -490,6 +518,7 @@ function create_managedSetup(){ echo "Creating managed server model files" create_managed_model + createServerStartArgumentPyScript createMachinePyScript createEnrollServerPyScript echo "Completed managed server model files" @@ -515,6 +544,14 @@ function create_managedSetup(){ echo "Error : Adding server $wlsServerName failed" exit 1 fi + + echo "Setting Server Startup Arguments for Dynamic Server Template: ${wlsServerTemplate} " + runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST $DOMAIN_PATH/setServerStartArgs.py" + if [[ $? != 0 ]]; then + echo "Error : Adding server startup arguments to Server Template: ${wlsServerTemplate} failed" + exit 1 + fi + } # Create systemctl service for nodemanager @@ -558,6 +595,7 @@ Type=simple # Note that the following three parameters should be changed to the correct paths # on your own system WorkingDirectory="$DOMAIN_PATH/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="$DOMAIN_PATH/$wlsDomainName/bin/startNodeManager.sh" ExecStop="$DOMAIN_PATH/$wlsDomainName/bin/stopNodeManager.sh" User=oracle @@ -586,6 +624,7 @@ Wants=network-online.target [Service] Type=simple WorkingDirectory="$DOMAIN_PATH/$wlsDomainName" +Environment="JAVA_OPTIONS=${SERVER_STARTUP_ARGS}" ExecStart="${startWebLogicScript}" ExecStop="${stopWebLogicScript}" User=oracle @@ -841,6 +880,9 @@ wlsManagedPort=8001 wlsAdminURL="$adminVMName:$wlsAdminT3ChannelPort" SERVER_START_URL="http://$wlsAdminURL" KEYSTORE_PATH="${DOMAIN_PATH}/${wlsDomainName}/keystores" +wlsServerTemplate="myServerTemplate" +SERVER_STARTUP_ARGS="-Dlog4j2.formatMsgNoLookups=true" + if [ "${isCustomSSLEnabled}" == "true" ]; then From fc65687a71358abf31d193bf3ce70b4ac9baef63 Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Thu, 16 Dec 2021 12:17:18 +0000 Subject: [PATCH 150/720] Revert "updated to modify selfhosted runner" This reverts commit 57bfcc19c77857a2b01f9749bcfb137c0e5394a2. --- .github/workflows/testWlsVmAdmin.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testWlsVmAdmin.yml b/.github/workflows/testWlsVmAdmin.yml index b0fdbdfe1..869fe522f 100644 --- a/.github/workflows/testWlsVmAdmin.yml +++ b/.github/workflows/testWlsVmAdmin.yml @@ -45,7 +45,7 @@ env: jobs: preflight: - runs-on: gurucicdrunner + runs-on: ubuntu-latest steps: - name: Checkout azure-javaee-iaas uses: actions/checkout@v2 From 4434bf02cda39cb2c08a79f1f62f13d66d37d56b Mon Sep 17 00:00:00 2001 From: galiacheng Date: Mon, 20 Dec 2021 11:23:11 +0800 Subject: [PATCH 151/720] Increase POM version to 1.0.29. Signed-off-by: galiacheng --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 2cd9ce964..c8776f770 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.26 + 1.0.29 com.microsoft.azure.iaas From 19df1f29a332ff3959b2c977befc4ce1e5f5e4b5 Mon Sep 17 00:00:00 2001 From: gnsuryan Date: Mon, 20 Dec 2021 12:01:40 +0000 Subject: [PATCH 152/720] July 2021 Patch security fix - 1 --- .../src/main/scripts/setupAdminDomain.sh | 60 +++++++++++++++++++ .../src/main/scripts/setupClusterDomain.sh | 57 ++++++++++++++++++ .../main/scripts/setupDynamicClusterDomain.sh | 60 ++++++++++++++++++- 3 files changed, 176 insertions(+), 1 deletion(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh index 1bd3fbf21..eb9eb9418 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/setupAdminDomain.sh @@ -474,6 +474,60 @@ function mountFileShare() fi } +#this function set the umask 027 (chmod 740) as required by WebLogic security checks +function setUMaskForSecurityDir() +{ + echo "setting umask 027 (chmod 740) for domain/admin security directory" + + if [ -f "$DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security/boot.properties" ]; + then + runuser -l oracle -c "chmod 740 $DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security/boot.properties" + fi + + if [ -d "$DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security" ]; + then + runuser -l oracle -c "chmod 740 $DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security" + fi + +} + +#this function disables remote anonymous requests as required by Weblogic security checks +function disableRemoteAnonymousRequests() +{ + echo "DisableRemoteAnonymousRequests for domain $wlsDomainName" + cat <$DOMAIN_PATH/disableAnonymousRequests.py +connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +try: + edit("$wlsServerName") + startEdit() + cd("SecurityConfiguration/$wlsDomainName") + + if hasattr(cmo,'setRemoteAnonymousRMIIIOPEnabled'): + cmo.setRemoteAnonymousRMIIIOPEnabled(false) + else: + print 'no attribute: SecurityConfiguration/$wlsDomainName: cmo.setRemoteAnonymousRMIIIOPEnabled' + + if hasattr(cmo,'setRemoteAnonymousRMIT3Enabled'): + cmo.setRemoteAnonymousRMIT3Enabled(false) + else: + print 'no attribute: SecurityConfiguration/$wlsDomainName: setRemoteAnonymousRMIT3Enabled' + + save() + activate() +except Exception,e: + print e + print "Failed to DisableRemoteAnonymousRequests for domain $wlsDomainName" + dumpStack() +disconnect() +EOF +sudo chown -R $username:$groupname $DOMAIN_PATH +runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST $DOMAIN_PATH/disableAnonymousRequests.py" +if [[ $? != 0 ]]; then + echo "Error : Failed to DisableRemoteAnonymousRequests for domain $wlsDomainName" + exit 1 +fi + +} #main script starts here @@ -483,6 +537,7 @@ BASE_DIR="$(readlink -f ${CURR_DIR})" #read arguments from stdin read wlsDomainName wlsUserName wlsPassword wlsAdminHost oracleHome storageAccountName storageAccountKey mountpointPath isHTTPAdminListenPortEnabled adminPublicHostName isCustomSSLEnabled customIdentityKeyStoreData customIdentityKeyStorePassPhrase customIdentityKeyStoreType customTrustKeyStoreData customTrustKeyStorePassPhrase customTrustKeyStoreType serverPrivateKeyAlias serverPrivateKeyPassPhrase +wlsServerName="admin" DOMAIN_PATH="/u01/domains" startWebLogicScript="${DOMAIN_PATH}/${wlsDomainName}/startWebLogic.sh" stopWebLogicScript="${DOMAIN_PATH}/${wlsDomainName}/bin/customStopWebLogic.sh" @@ -526,8 +581,13 @@ create_adminserver_service admin_boot_setup +setUMaskForSecurityDir + enableAndStartAdminServerService echo "Waiting for admin server to be available" wait_for_admin echo "Weblogic admin server is up and running" + +disableRemoteAnonymousRequests + diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh index 1af3d258e..06f462d99 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/setupClusterDomain.sh @@ -745,6 +745,60 @@ sudo chmod -R 750 ${stopWebLogicScript} } +#this function set the umask 027 (chmod 740) as required by WebLogic security checks +function setUMaskForSecurityDir() +{ + echo "setting umask 027 (chmod 740) for domain/$wlsServerName security directory" + + if [ -f "$DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security/boot.properties" ]; + then + runuser -l oracle -c "chmod 740 $DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security/boot.properties" + fi + + if [ -d "$DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security" ]; + then + runuser -l oracle -c "chmod 740 $DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security" + fi +} + +#this function disables remote anonymous requests as required by Weblogic security checks +function disableRemoteAnonymousRequests() +{ + echo "DisableRemoteAnonymousRequests for domain $wlsDomainName" + cat <$DOMAIN_PATH/disableAnonymousRequests.py +connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +try: + edit("$wlsServerName") + startEdit() + cd("SecurityConfiguration/$wlsDomainName") + + if hasattr(cmo,'setRemoteAnonymousRMIIIOPEnabled'): + cmo.setRemoteAnonymousRMIIIOPEnabled(false) + else: + print 'no attribute: SecurityConfiguration/$wlsDomainName: cmo.setRemoteAnonymousRMIIIOPEnabled' + + if hasattr(cmo,'setRemoteAnonymousRMIT3Enabled'): + cmo.setRemoteAnonymousRMIT3Enabled(false) + else: + print 'no attribute: SecurityConfiguration/$wlsDomainName: setRemoteAnonymousRMIT3Enabled' + + save() + activate() +except Exception,e: + print e + print "Failed to DisableRemoteAnonymousRequests for domain $wlsDomainName" + dumpStack() +disconnect() +EOF +sudo chown -R $username:$groupname $DOMAIN_PATH +runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST $DOMAIN_PATH/disableAnonymousRequests.py" +if [[ $? != 0 ]]; then + echo "Error : Failed to DisableRemoteAnonymousRequests for domain $wlsDomainName" + exit 1 +fi + +} + #main script starts here CURR_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" @@ -809,13 +863,16 @@ then createStopWebLogicScript create_nodemanager_service admin_boot_setup + setUMaskForSecurityDir create_adminserver_service enabledAndStartNodeManagerService enableAndStartAdminServerService wait_for_admin + disableRemoteAnonymousRequests else updateNetworkRules "managed" create_managedSetup + setUMaskForSecurityDir create_nodemanager_service enabledAndStartNodeManagerService wait_for_admin diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh index 500925f1e..b46838f52 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupDynamicClusterDomain.sh @@ -840,6 +840,61 @@ function storeCustomSSLCerts() fi } +#this function set the umask 027 (chmod 740) as required by WebLogic security checks +function setUMaskForSecurityDir() +{ + echo "setting umask 027 (chmod 740) for domain/$wlsServerName security directory" + + if [ -f "$DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security/boot.properties" ]; + then + runuser -l oracle -c "chmod 740 $DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security/boot.properties" + fi + + if [ -d "$DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security" ]; + then + runuser -l oracle -c "chmod 740 $DOMAIN_PATH/$wlsDomainName/servers/$wlsServerName/security" + fi + +} + +#this function disables remote anonymous requests as required by Weblogic security checks +function disableRemoteAnonymousRequests() +{ + echo "DisableRemoteAnonymousRequests for domain $wlsDomainName" + cat <$DOMAIN_PATH/disableAnonymousRequests.py +connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +try: + edit("$wlsServerName") + startEdit() + cd("SecurityConfiguration/$wlsDomainName") + + if hasattr(cmo,'setRemoteAnonymousRMIIIOPEnabled'): + cmo.setRemoteAnonymousRMIIIOPEnabled(false) + else: + print 'no attribute: SecurityConfiguration/$wlsDomainName: cmo.setRemoteAnonymousRMIIIOPEnabled' + + if hasattr(cmo,'setRemoteAnonymousRMIT3Enabled'): + cmo.setRemoteAnonymousRMIT3Enabled(false) + else: + print 'no attribute: SecurityConfiguration/$wlsDomainName: setRemoteAnonymousRMIT3Enabled' + + save() + activate() +except Exception,e: + print e + print "Failed to DisableRemoteAnonymousRequests for domain $wlsDomainName" + dumpStack() +disconnect() +EOF +sudo chown -R $username:$groupname $DOMAIN_PATH +runuser -l oracle -c ". $oracleHome/oracle_common/common/bin/setWlstEnv.sh; java $WLST_ARGS weblogic.WLST $DOMAIN_PATH/disableAnonymousRequests.py" +if [[ $? != 0 ]]; then + echo "Error : Failed to DisableRemoteAnonymousRequests for domain $wlsDomainName" + exit 1 +fi + +} + #main script starts here @@ -923,14 +978,17 @@ then create_adminSetup createStopWebLogicScript admin_boot_setup + setUMaskForSecurityDir create_adminserver_service create_nodemanager_service enableAndStartAdminServerService enabledAndStartNodeManagerService - wait_for_admin + wait_for_admin + disableRemoteAnonymousRequests else updateNetworkRules "managed" create_managedSetup + setUMaskForSecurityDir create_nodemanager_service enabledAndStartNodeManagerService start_cluster From 1d8cda8295272f61c90ccafd988992770af4cb50 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 23 Dec 2021 14:13:01 +0800 Subject: [PATCH 153/720] apply resources limits to wls 14 to solve the evicted pod issue. Signed-off-by: galiacheng Changes to be committed: new file: weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep Fix script update update update update introspectorJobActiveDeadlineSeconds debug update script remove debug code fix script fix timestamp fix domain uid fix interval create global const for JVM args. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/common.sh modified: weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh --- .../main/arm/scripts/applyGuaranteedQos.sh | 137 ++++++++++++++++++ .../src/main/arm/scripts/common.sh | 2 + .../src/main/arm/scripts/genDomainConfig.sh | 2 +- .../src/main/bicep/mainTemplate.bicep | 23 ++- .../_ds-apply-guaranteed-qos.bicep | 62 ++++++++ 5 files changed, 224 insertions(+), 2 deletions(-) create mode 100644 weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep diff --git a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh new file mode 100644 index 000000000..44f2e31c5 --- /dev/null +++ b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh @@ -0,0 +1,137 @@ +# Copyright (c) 2021, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# This script runs on Azure Container Instance with Alpine Linux that Azure Deployment script creates. +# +# env inputs: +# AKS_CLUSTER_NAME +# AKS_CLUSTER_RESOURCEGROUP_NAME +# WLS_DOMAIN_UID + +# Main script +script="${BASH_SOURCE[0]}" +scriptDir="$(cd "$(dirname "${script}")" && pwd)" +source ${scriptDir}/common.sh +source ${scriptDir}/utility.sh + +qualityofService="BestEffort" +wlsContainerName="weblogic-server" +wlsDomainNS="${WLS_DOMAIN_UID}-ns" + +echo_stdout "install kubectl" +install_kubectl + +echo_stdout "Connect AKS" +az aks get-credentials \ + --resource-group ${AKS_CLUSTER_RESOURCEGROUP_NAME} \ + --name ${AKS_CLUSTER_NAME} \ + --overwrite-existing + +adminPodName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=admin-server -o json | + jq '.items[0] | .metadata.name' | + tr -d "\"") +if [ -z "${adminPodName}" ]; then + echo_stderr "Fail to get admin server pod." + exit 1 +fi + +wlstQueryVersionScript=queryVersion.py +cat <${wlstQueryVersionScript} +print '#version#:' + version +EOF + +echo_stdout "copy WLST script ${wlstQueryVersionScript} to ${adminPodName}:/tmp/${wlstQueryVersionScript}" +targetPyFilePath=/tmp/${wlstQueryVersionScript} +kubectl cp ${wlstQueryVersionScript} -n ${wlsDomainNS} ${adminPodName}:${targetPyFilePath} +version=$(kubectl exec -it ${adminPodName} -n ${wlsDomainNS} -c ${wlsContainerName} -- bash -c "wlst.sh ${targetPyFilePath}") +# output sample: +# Initializing WebLogic Scripting Tool (WLST) ... + +# Welcome to WebLogic Server Administration Scripting Shell + +# Type help() for help on available commands + +# #version#:WebLogic Server 14.1.1.0.0 +version="${version##*\#version\#\:}" # match #version#:, this is a special mark for the version output, please do not change it. +echo_stdout ${version} + +if [ "${version#*WebLogic Server 14.1.1.0}" != "$version" ]; then + timestampBeforePatchingDomain=$(date +%s) + echo "timestampBeforePatchingDomain=${timestampBeforePatchingDomain}" + + # we assume the customer to create WebLogic Server using the offer or template, + # and specify the same resources requirement for admin server and managed server. + cpuRequest=$(kubectl get domain ${WLS_DOMAIN_UID} -n ${wlsDomainNS} -o json | + jq '. |.spec.serverPod.resources.requests.cpu' | + tr -d "\"") + echo_stdout "Previous CPU request: ${cpuRequest}" + + memoryRequest=$(kubectl get domain ${WLS_DOMAIN_UID} -n ${wlsDomainNS} -o json | + jq '. | .spec.serverPod.resources.requests.memory' | + tr -d "\"") + echo_stdout "Previous memory request: ${memoryRequest}" + + restartVersion=$(kubectl -n ${wlsDomainNS} get domain ${WLS_DOMAIN_UID} -o json | + jq '. | .spec.restartVersion' | + tr -d "\"") + restartVersion=$((restartVersion+1)) + + # check CPU units, set units with "m" + if [[ ${cpuRequest} =~ "m" ]]; then + cpu=$(echo $cpuRequest | sed 's/[^0-9]*//g') + else + cpu=$((cpuRequest * 1000)) + fi + # make sure there is enough CPU limits to run the WebLogic Server + # if the cpu is less than 500m, set it 500m + # the domain configuration will be outputed after the offer deployment finishes. + if [ $cpu -lt 500 ]; then + cpu=500 + fi + + # create patch configuration with YAML file + # keep resources.limits the same with requests + cat <patch-resource-limits.yaml +spec: + serverPod: + resources: + requests: + cpu: "${cpu}m" + memory: "${memoryRequest}" + limits: + cpu: "${cpu}m" + memory: "${memoryRequest}" + configuration: + introspectorJobActiveDeadlineSeconds: ${constIntrospectorJobActiveDeadlineSeconds} + restartVersion: "${restartVersion}" +EOF + echo_stdout "New resrouces configurations: " + echo_stdout $(cat patch-resource-limits.yaml) + # patch the domain with resource limits + kubectl -n ${wlsDomainNS} patch domain ${WLS_DOMAIN_UID} \ + --type=merge \ + --patch "$(cat patch-resource-limits.yaml)" + + # make sure all of the pods are running correctly. + replicas=$(kubectl -n ${wlsDomainNS} get domain ${WLS_DOMAIN_UID} -o json | + jq '. | .spec.clusters[] | .replicas') + # pod provision will be slower as the resources is limited, set larger max attemp. + maxAttemps=$((checkPodStatusMaxAttemps * 2)) + interval=$((checkPodStatusInterval * 2)) + + utility_wait_for_pod_restarted \ + ${timestampBeforePatchingDomain} \ + ${replicas} \ + "${WLS_DOMAIN_UID}" \ + ${maxAttemps} \ + ${interval} + + qualityofService="Guaranteed" +fi + +# output the WebLogic Server version and quality of service. +result=$(jq -n -c \ + --arg wlsVersion "$version" \ + --arg qualityofService "$qualityofService" \ + '{wlsVersion: $wlsVersion, qualityofService: $qualityofService}') +echo "result is: $result" +echo $result >$AZ_SCRIPTS_OUTPUT_PATH diff --git a/weblogic-azure-aks/src/main/arm/scripts/common.sh b/weblogic-azure-aks/src/main/arm/scripts/common.sh index 1a3195109..5dcb9b456 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/common.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/common.sh @@ -10,8 +10,10 @@ export constAdminServerName='admin-server' export constClusterName='cluster-1' export constClusterT3AddressEnvName="T3_TUNNELING_CLUSTER_ADDRESS" export constDefaultJavaOptions="-Dlog4j2.formatMsgNoLookups=true -Dweblogic.StdoutDebugEnabled=false" # the java options will be applied to the cluster +export constDefaultJVMArgs="-Djava.security.egd=file:/dev/./urandom -XX:MinRAMPercentage=25.0 -XX:MaxRAMPercentage=50.0 " # the JVM options will be applied to the cluster export constFalse="false" export constTrue="true" +export constIntrospectorJobActiveDeadlineSeconds=300 # for Guaranteed Qos export curlMaxTime=120 # seconds export ocrLoginServer="container-registry.oracle.com" diff --git a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh index c0ce95bcf..f237fb504 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh @@ -90,7 +90,7 @@ spec: - name: JAVA_OPTIONS value: "${constDefaultJavaOptions} ${javaOptions}" - name: USER_MEM_ARGS - value: "-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m -XX:MinRAMPercentage=25.0 -XX:MaxRAMPercentage=50.0 " + value: "${constDefaultJVMArgs}" - name: MANAGED_SERVER_PREFIX value: "${wlsManagedPrefix}" EOF diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 635814a28..321e6dd24 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -646,6 +646,27 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { ] } +/* +* Apply resource limits to WebLogic Server 14c. +* The script will check the WebLogic Server version, and apply resource limits to 14c. +* The resource limits will be the same with requests. +*/ +module applyGuaranteedQos 'modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep' = { + name: 'apply-resources-limits-to-wls14' + params:{ + _artifactsLocation: _artifactsLocation + _artifactsLocationSasToken: _artifactsLocationSasToken + aksClusterRGName: ref_wlsDomainDeployment.outputs.aksClusterRGName.value + aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value + identity: identity + location: location + wlsDomainUID: wlsDomainUID + } + dependsOn: [ + datasourceDeployment + ] +} + /* * To check if all the applciations in WLS cluster become ACTIVE state after all configurations are completed. * This should be the last step. @@ -664,7 +685,7 @@ module validateApplciations 'modules/_deployment-scripts/_ds-validate-applicatio wlsUserName: wlsUserName } dependsOn: [ - datasourceDeployment + applyGuaranteedQos ] } diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep new file mode 100644 index 000000000..4484062ad --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep @@ -0,0 +1,62 @@ +// Copyright (c) 2021, Oracle Corporation and/or its affiliates. +// Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. + +/* This script is to apply Guaranteed Qos by specifying resources.limits +* To solve pod evicted issue in Oracle WebLogic 14c. +* The script will promote CPU request and limit to 500m if the CPU request is less than 500m. +*/ + +param _artifactsLocation string = deployment().properties.templateLink.uri +@secure() +param _artifactsLocationSasToken string = '' + +param aksClusterName string = '' +param aksClusterRGName string = '' + +param identity object +param location string +param utcValue string = utcNow() + +param wlsDomainUID string = 'sample-domain1' + +var const_azcliVersion = '2.15.0' +var const_constScript = 'common.sh' +var const_deploymentName = 'ds-apply-guaranteed-qos' +var const_scriptLocation = uri(_artifactsLocation, 'scripts/') +var const_updateQosScript = 'applyGuaranteedQos.sh' +var const_utilityScript = 'utility.sh' + +resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { + name: const_deploymentName + location: location + kind: 'AzureCLI' + identity: identity + properties: { + azCliVersion: const_azcliVersion + environmentVariables: [ + { + name: 'AKS_CLUSTER_NAME' + value: aksClusterName + } + { + name: 'AKS_CLUSTER_RESOURCEGROUP_NAME' + value: aksClusterRGName + } + { + name: 'WLS_DOMAIN_UID' + value: wlsDomainUID + } + ] + primaryScriptUri: uri(const_scriptLocation, '${const_updateQosScript}${_artifactsLocationSasToken}') + supportingScriptUris: [ + uri(const_scriptLocation, '${const_constScript}${_artifactsLocationSasToken}') + uri(const_scriptLocation, '${const_utilityScript}${_artifactsLocationSasToken}') + ] + cleanupPreference: 'OnSuccess' + retentionInterval: 'P1D' + forceUpdateTag: utcValue + } +} + +output wlsVersion string = string(reference(const_deploymentName).outputs.wlsVersion) +output qualityofService string = string(reference(const_deploymentName).outputs.qualityofService) From 7dad2138f0ed9a798adc9a4af8387a1bcd5f74f1 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 28 Dec 2021 11:14:28 +0800 Subject: [PATCH 154/720] increase pom version to 1.0.30 Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index c8776f770..bc99701b7 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.29 + 1.0.30 com.microsoft.azure.iaas From 55233475d88f3c69d71c09e7bb07a79c49c8fc0b Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 31 Dec 2021 16:54:20 +0800 Subject: [PATCH 155/720] get version with "java weblogic.version" Signed-off-by: galiacheng --- .../main/arm/scripts/applyGuaranteedQos.sh | 36 +++++++++---------- 1 file changed, 16 insertions(+), 20 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh index 44f2e31c5..0c3d6d73c 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh @@ -14,18 +14,18 @@ source ${scriptDir}/common.sh source ${scriptDir}/utility.sh qualityofService="BestEffort" -wlsContainerName="weblogic-server" wlsDomainNS="${WLS_DOMAIN_UID}-ns" echo_stdout "install kubectl" install_kubectl -echo_stdout "Connect AKS" +echo_stdout "Connect to AKS" az aks get-credentials \ --resource-group ${AKS_CLUSTER_RESOURCEGROUP_NAME} \ --name ${AKS_CLUSTER_NAME} \ --overwrite-existing +# get name of the running admin pod adminPodName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=admin-server -o json | jq '.items[0] | .metadata.name' | tr -d "\"") @@ -34,27 +34,23 @@ if [ -z "${adminPodName}" ]; then exit 1 fi -wlstQueryVersionScript=queryVersion.py -cat <${wlstQueryVersionScript} -print '#version#:' + version -EOF - -echo_stdout "copy WLST script ${wlstQueryVersionScript} to ${adminPodName}:/tmp/${wlstQueryVersionScript}" -targetPyFilePath=/tmp/${wlstQueryVersionScript} -kubectl cp ${wlstQueryVersionScript} -n ${wlsDomainNS} ${adminPodName}:${targetPyFilePath} -version=$(kubectl exec -it ${adminPodName} -n ${wlsDomainNS} -c ${wlsContainerName} -- bash -c "wlst.sh ${targetPyFilePath}") -# output sample: -# Initializing WebLogic Scripting Tool (WLST) ... - -# Welcome to WebLogic Server Administration Scripting Shell +# run `source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version` to get the version. +# the command will print three lines, with WLS version in the first line. +# use `grep "WebLogic Server" to get the first line. -# Type help() for help on available commands +# $ source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version +# WebLogic Server 12.2.1.4.0 Thu Sep 12 04:04:29 GMT 2019 1974621 +# Use 'weblogic.version -verbose' to get subsystem information +# Use 'weblogic.utils.Versions' to get version information for all modules +rawOutput=$(kubectl exec -it ${adminPodName} -n ${wlsDomainNS} -c ${wlsContainerName} \ + -- bash -c 'source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version | grep "WebLogic Server"')) -# #version#:WebLogic Server 14.1.1.0.0 -version="${version##*\#version\#\:}" # match #version#:, this is a special mark for the version output, please do not change it. -echo_stdout ${version} +# get version from string like "WebLogic Server 12.2.1.4.0 Thu Sep 12 04:04:29 GMT 2019 1974621" +stringArray=($rawOutput) +version=${stringArray[2]} +echo_stdout "WebLogic Server version: ${version}" -if [ "${version#*WebLogic Server 14.1.1.0}" != "$version" ]; then +if [ "${version#*14.1.1.0}" != "$version" ]; then timestampBeforePatchingDomain=$(date +%s) echo "timestampBeforePatchingDomain=${timestampBeforePatchingDomain}" From d84b00c657fa2afe0a51293d74420dd987f1e2f7 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 31 Dec 2021 17:00:28 +0800 Subject: [PATCH 156/720] typos Signed-off-by: galiacheng --- weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh index 0c3d6d73c..cbec8fd8a 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh @@ -100,7 +100,7 @@ spec: introspectorJobActiveDeadlineSeconds: ${constIntrospectorJobActiveDeadlineSeconds} restartVersion: "${restartVersion}" EOF - echo_stdout "New resrouces configurations: " + echo_stdout "New resource configurations: " echo_stdout $(cat patch-resource-limits.yaml) # patch the domain with resource limits kubectl -n ${wlsDomainNS} patch domain ${WLS_DOMAIN_UID} \ @@ -110,7 +110,7 @@ EOF # make sure all of the pods are running correctly. replicas=$(kubectl -n ${wlsDomainNS} get domain ${WLS_DOMAIN_UID} -o json | jq '. | .spec.clusters[] | .replicas') - # pod provision will be slower as the resources is limited, set larger max attemp. + # pod provision will be slower, set larger max attemp. maxAttemps=$((checkPodStatusMaxAttemps * 2)) interval=$((checkPodStatusInterval * 2)) From 4f37b4d1a151a7b207caadd8ec5c3aa4c42a24b7 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 31 Dec 2021 17:16:01 +0800 Subject: [PATCH 157/720] use exact version 14.1.1.0 in comment that has 14c. Signed-off-by: galiacheng --- weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 4 ++-- .../_deployment-scripts/_ds-apply-guaranteed-qos.bicep | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 321e6dd24..4d3365f8c 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -647,8 +647,8 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { } /* -* Apply resource limits to WebLogic Server 14c. -* The script will check the WebLogic Server version, and apply resource limits to 14c. +* Apply resource limits to WebLogic Server 14.1.1.0. +* The script will check the WebLogic Server version, and apply resource limits to 14.1.1.0. * The resource limits will be the same with requests. */ module applyGuaranteedQos 'modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep' = { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep index 4484062ad..92cf04be6 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep @@ -2,7 +2,7 @@ // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. /* This script is to apply Guaranteed Qos by specifying resources.limits -* To solve pod evicted issue in Oracle WebLogic 14c. +* To solve pod evicted issue in Oracle WebLogic 14.1.1.0. * The script will promote CPU request and limit to 500m if the CPU request is less than 500m. */ From a399318209e9b9ab6a187e1aee4e0dfbde784760 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Fri, 31 Dec 2021 18:31:01 +0800 Subject: [PATCH 158/720] fix syntax error near unexpected token `)' --- weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh index cbec8fd8a..46d9c20e2 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh @@ -43,7 +43,7 @@ fi # Use 'weblogic.version -verbose' to get subsystem information # Use 'weblogic.utils.Versions' to get version information for all modules rawOutput=$(kubectl exec -it ${adminPodName} -n ${wlsDomainNS} -c ${wlsContainerName} \ - -- bash -c 'source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version | grep "WebLogic Server"')) + -- bash -c 'source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version | grep "WebLogic Server"') # get version from string like "WebLogic Server 12.2.1.4.0 Thu Sep 12 04:04:29 GMT 2019 1974621" stringArray=($rawOutput) From aee82e18868fb98d0ea01e6fabc395b842c5fa13 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 6 Jan 2022 09:12:30 +0800 Subject: [PATCH 159/720] apply Ed's comments. Signed-off-by: galiacheng --- weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh | 1 + weblogic-azure-aks/src/main/bicep/mainTemplate.bicep | 1 + 2 files changed, 2 insertions(+) diff --git a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh index cbec8fd8a..2ef303dc9 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh @@ -2,6 +2,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # This script runs on Azure Container Instance with Alpine Linux that Azure Deployment script creates. # +# Temporary workaround for https://github.com/oracle/weblogic-kubernetes-operator/issues/2693 # env inputs: # AKS_CLUSTER_NAME # AKS_CLUSTER_RESOURCEGROUP_NAME diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 4d3365f8c..21af4227a 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -647,6 +647,7 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { } /* +* Temporary workaround for https://github.com/oracle/weblogic-kubernetes-operator/issues/2693 * Apply resource limits to WebLogic Server 14.1.1.0. * The script will check the WebLogic Server version, and apply resource limits to 14.1.1.0. * The resource limits will be the same with requests. From 8cd232dc63cb50167a18752f75ba5aad6201912c Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 6 Jan 2022 09:24:53 +0800 Subject: [PATCH 160/720] fix the default jvm memory args for lower version by specifying -Xms256m -Xmx512m. Signed-off-by: galiacheng --- weblogic-azure-aks/src/main/arm/scripts/common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/common.sh b/weblogic-azure-aks/src/main/arm/scripts/common.sh index 5dcb9b456..6313b353a 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/common.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/common.sh @@ -10,7 +10,7 @@ export constAdminServerName='admin-server' export constClusterName='cluster-1' export constClusterT3AddressEnvName="T3_TUNNELING_CLUSTER_ADDRESS" export constDefaultJavaOptions="-Dlog4j2.formatMsgNoLookups=true -Dweblogic.StdoutDebugEnabled=false" # the java options will be applied to the cluster -export constDefaultJVMArgs="-Djava.security.egd=file:/dev/./urandom -XX:MinRAMPercentage=25.0 -XX:MaxRAMPercentage=50.0 " # the JVM options will be applied to the cluster +export constDefaultJVMArgs="-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m -XX:MinRAMPercentage=25.0 -XX:MaxRAMPercentage=50.0 " # the JVM options will be applied to the cluster export constFalse="false" export constTrue="true" export constIntrospectorJobActiveDeadlineSeconds=300 # for Guaranteed Qos From 0082b2652134b1c672e22c25d9b9d06ff21a5040 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 7 Jan 2022 13:50:38 +0800 Subject: [PATCH 161/720] query the wls version in managed server pod. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep --- .../main/arm/scripts/applyGuaranteedQos.sh | 21 +++++++++++-------- .../src/main/bicep/mainTemplate.bicep | 2 ++ .../_ds-apply-guaranteed-qos.bicep | 6 +++++- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh index 97b181121..7ec4a929d 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/applyGuaranteedQos.sh @@ -6,6 +6,7 @@ # env inputs: # AKS_CLUSTER_NAME # AKS_CLUSTER_RESOURCEGROUP_NAME +# WLS_CLUSTER_NAME # WLS_DOMAIN_UID # Main script @@ -26,14 +27,16 @@ az aks get-credentials \ --name ${AKS_CLUSTER_NAME} \ --overwrite-existing -# get name of the running admin pod -adminPodName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=admin-server -o json | - jq '.items[0] | .metadata.name' | - tr -d "\"") -if [ -z "${adminPodName}" ]; then - echo_stderr "Fail to get admin server pod." - exit 1 -fi +# we should not run the script in admin pod, as there is no admin pod for slim image. +podNum=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.clusterName=${WLS_CLUSTER_NAME} -o json | jq '.items| length') + if [ ${podNum} -le 0 ]; then + echo_stderr "Ensure your cluster has at least one pod." + exit 1 + fi + +podName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.clusterName=${WLS_CLUSTER_NAME} -o json \ + | jq '.items[0] | .metadata.name' \ + | tr -d "\"") # run `source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version` to get the version. # the command will print three lines, with WLS version in the first line. @@ -43,7 +46,7 @@ fi # WebLogic Server 12.2.1.4.0 Thu Sep 12 04:04:29 GMT 2019 1974621 # Use 'weblogic.version -verbose' to get subsystem information # Use 'weblogic.utils.Versions' to get version information for all modules -rawOutput=$(kubectl exec -it ${adminPodName} -n ${wlsDomainNS} -c ${wlsContainerName} \ +rawOutput=$(kubectl exec -it ${podName} -n ${wlsDomainNS} -c ${wlsContainerName} \ -- bash -c 'source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version | grep "WebLogic Server"') # get version from string like "WebLogic Server 12.2.1.4.0 Thu Sep 12 04:04:29 GMT 2019 1974621" diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 21af4227a..3ceae2100 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -276,6 +276,7 @@ var const_hasStorageAccount = !createAKSCluster && reference('query-existing-sto var const_identityKeyStoreType = (sslConfigurationAccessOption == const_wlsSSLCertOptionKeyVault) ? sslKeyVaultCustomIdentityKeyStoreType : sslUploadedCustomIdentityKeyStoreType var const_keyvaultNameFromTag = const_hasTags && contains(resourceGroup().tags, name_tagNameForKeyVault) ? resourceGroup().tags.wlsKeyVault : '' var const_trustKeyStoreType = (sslConfigurationAccessOption == const_wlsSSLCertOptionKeyVault) ? sslKeyVaultCustomTrustKeyStoreType : sslUploadedCustomTrustKeyStoreType +var const_wlsClusterName = 'cluster-1' var const_wlsJavaOptions = wlsJavaOption == '' ? 'null' : wlsJavaOption var const_wlsSSLCertOptionKeyVault = 'keyVaultStoredConfig' var name_defaultPidDeployment = 'pid' @@ -661,6 +662,7 @@ module applyGuaranteedQos 'modules/_deployment-scripts/_ds-apply-guaranteed-qos. aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value identity: identity location: location + wlsClusterName: const_wlsClusterName wlsDomainUID: wlsDomainUID } dependsOn: [ diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep index 92cf04be6..dd898df44 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-apply-guaranteed-qos.bicep @@ -16,7 +16,7 @@ param aksClusterRGName string = '' param identity object param location string param utcValue string = utcNow() - +param wlsClusterName string = 'cluster-1' param wlsDomainUID string = 'sample-domain1' var const_azcliVersion = '2.15.0' @@ -42,6 +42,10 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'AKS_CLUSTER_RESOURCEGROUP_NAME' value: aksClusterRGName } + { + name: 'WLS_CLUSTER_NAME' + value: wlsClusterName + } { name: 'WLS_DOMAIN_UID' value: wlsDomainUID From 2424ab4b514d225cf289c9a462200c450fad8f8a Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 12 Jan 2022 18:36:55 -0500 Subject: [PATCH 162/720] On branch edburns-msft-dd-1460785-cpu_registry-mapping-file This file contains the mappings used to allow the correct CPU vs GA tag to be used. new file: weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json Signed-off-by: Ed Burns --- .../main/resources/weblogic_cpu_images.json | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json diff --git a/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json b/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json new file mode 100644 index 000000000..84258580e --- /dev/null +++ b/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json @@ -0,0 +1,38 @@ +{ + "name": "Oracle WebLogic Server docker image tags mapping for Azure Marketplace offer", + "description": "List image tag mapping from Oracle Container Registry middleware/weblogic and middleware/weblogic_cpu repository.", + "items": [ + { + "gaTag": "14.1.1.0-11", + "cpuTag": "14.1.1.0-generic-jdk11-ol7" + }, + { + "gaTag": "14.1.1.0-11-ol8", + "cpuTag": "14.1.1.0-generic-jdk11-ol8" + }, + { + "gaTag": "14.1.1.0-8", + "cpuTag": "14.1.1.0-generic-jdk8-ol7" + }, + { + "gaTag": "14.1.1.0-8-ol8", + "cpuTag": "14.1.1.0-generic-jdk8-ol8" + }, + { + "gaTag": "12.2.1.4", + "cpuTag": "12.2.1.4-generic-jdk8-ol7" + }, + { + "gaTag": "12.2.1.4-ol8", + "cpuTag": "12.2.1.4-generic-jdk8-ol8" + }, + { + "gaTag": "12.2.1.3", + "cpuTag": "12.2.1.3-generic-jdk8-ol7" + }, + { + "gaTag": "12.2.1.3-ol8", + "cpuTag": "12.2.1.3-generic-jdk8-ol8" + } + ] +} From 09b80b05858b72e7c2e5c8753b9527d7a77cf57f Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 22 Dec 2021 20:59:07 -0500 Subject: [PATCH 163/720] On branch edburns-msft-1454322-cpu_registry-user-experience modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json - Wording for tricky UI elements. Signed-off-by: Ed Burns --- .../src/main/arm/createUiDefinition.json | 63 ++++++++++++++----- 1 file changed, 49 insertions(+), 14 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index b9bd2154f..6bb079259 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -400,9 +400,9 @@ { "name": "useOracleImage", "type": "Microsoft.Common.OptionsGroup", - "label": "Use a pre-existing, unpatched, WebLogic Server Docker image from Oracle Container Registry?", + "label": "Use a pre-existing, WebLogic Server Docker image from Oracle Container Registry?", "defaultValue": "Yes", - "toolTip": "Select 'Yes' to a use pre-existing, unpatched, WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic server image, from the specified ACR instance. This allows the use of custom images, such as with a specific set patches (PSUs).", + "toolTip": "Select 'Yes' to a use pre-existing, WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic server image, from the specified ACR instance. This allows the use of custom images, such as with a specific set of patches (PSUs).", "constraints": { "allowedValues": [ { @@ -505,7 +505,7 @@ "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "options": { "icon": "Info", - "text": "Provide an Oracle Single Sign-On (SSO) account to access the Oracle Registry Server. Select the link to create Oracle SSO account.", + "text": "Provide an Oracle Single Sign-On (SSO) account to access the Oracle Registry Server. Select the link to create an Oracle SSO account.", "uri": "https://aka.ms/wls-aks-create-sso-account" } }, @@ -541,29 +541,64 @@ "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" }, { - "name": "fromImageText", - "type": "Microsoft.Common.TextBlock", - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", - "options": { - "text": "This value is appended to 'container-registry.oracle.com/middleware/weblogic:' and used in the Dockerfile FROM clause." + "name": "isSSOSupportEntitled", + "type": "Microsoft.Common.OptionsGroup", + "label": "Is the specified SSO account associated with an active Oracle support contract?", + "defaultValue": "Yes", + "toolTip": "Select 'Yes' to confirm the specified SSO account is associated with an active Oracle support contract. Select 'No' otherwise.", + "constraints": { + "allowedValues": [ + { + "label": "Yes", + "value": "true" + }, + { + "label": "No", + "value": "false" + } + ], + "required": true } - }, + }, { "name": "fromImageInfo", "type": "Microsoft.Common.InfoBox", "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", "options": { - "icon": "Info", - "text": "In the Oracle Container Registry, the Oracle Standard Terms and Restrictions must be accepted. Select this link the following link to make sure you have agreed to the terms for the desired WebLogic Server Docker image and check the valid tags. The deployment will fail if you have not accepted the terms.", - "uri": "https://aka.ms/wls-aks-fromImage-tag" + "icon": "Warning", + "text": "The Oracle Standard Terms and Restrictions for the selected WebLogic Server version must be accepted in the Oracle Container Registry." } }, + { + "name": "SSOSupportIsEntitledYes", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "You must select this link and accept the Oracle Standard Terms and Restrictions in the Oracle Container Registry.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-ga-registry" + } + } + }, + { + "name": "SSOSupportIsEntitledNo", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "You must select this link and accept the Oracle Standard Terms and Restrictions in the Oracle Container Registry.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-cpu-registry" + } + } + }, { "name": "oracleImageSelector", "type": "Microsoft.Common.DropDown", - "label": "Select WebLogic Server Docker tag", + "label": "Select desired combination of WebLogic Server, JDK and Operating System or fully qualified Docker tag", "defaultValue": "14.1.1.0-11", - "toolTip": "Docker tag that comes after 'container-registry.oracle.com/middleware/weblogic:' in the fromOracleImage option to 'imagetool'.", + "toolTip": "", "constraints": { "allowedValues": [ { From ed9801699f096bd4e973e70c29fe434c5dcbf9b8 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Wed, 22 Dec 2021 21:16:06 -0500 Subject: [PATCH 164/720] On branch edburns-msft-1454322-cpu_registry-user-experience modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json - Refine wording. Signed-off-by: Ed Burns --- weblogic-azure-aks/src/main/arm/createUiDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 6bb079259..520ac3408 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -545,7 +545,7 @@ "type": "Microsoft.Common.OptionsGroup", "label": "Is the specified SSO account associated with an active Oracle support contract?", "defaultValue": "Yes", - "toolTip": "Select 'Yes' to confirm the specified SSO account is associated with an active Oracle support contract. Select 'No' otherwise.", + "toolTip": "Select 'Yes' to confirm the specified SSO account is associated with an active Oracle support contract. Select 'No' otherwise. If 'Yes' is selected, the deployment process will pull from the patched CPU WebLogic Server image repository. If 'No' is selected, the deployment process will pull from the unpatched WebLogic Server image repository.", "constraints": { "allowedValues": [ { From 7d3a457894801d85ec676cf25769524ad91be750 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 5 Jan 2022 16:38:24 +0800 Subject: [PATCH 165/720] UI: add description for image tag. Signed-off-by: galiacheng --- .../src/main/arm/createUiDefinition.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index 520ac3408..b03c46684 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -598,43 +598,53 @@ "type": "Microsoft.Common.DropDown", "label": "Select desired combination of WebLogic Server, JDK and Operating System or fully qualified Docker tag", "defaultValue": "14.1.1.0-11", + "multiLine": true, "toolTip": "", "constraints": { "allowedValues": [ { "label": "14.1.1.0-8", + "description": "14c on JDK 8 on Oracle Linux 7", "value": "14.1.1.0-8" }, { "label": "14.1.1.0-11", + "description": "14c on JDK 11 on Oracle Linux 7", "value": "14.1.1.0-11" }, { "label": "12.2.1.4", + "description": "12cR2 (12.2.1.4) on JDK 8 on Oracle Linux 7", "value": "12.2.1.4" }, { "label": "12.2.1.3", + "description": "12cR2 (12.2.1.3) on JDK 8 on Oracle Linux 7", "value": "12.2.1.3" }, { "label": "14.1.1.0-8-ol8", + "description": "14c on JDK 8 on Oracle Linux 8", "value": "14.1.1.0-8-ol8" }, { "label": "14.1.1.0-11-ol8", + "description": "14c on JDK 11 on Oracle Linux 8", "value": "14.1.1.0-11-ol8" }, { "label": "12.2.1.4-ol8", + "description": "12cR2 (12.2.1.4) on JDK 8 on Oracle Linux 8", "value": "12.2.1.4-ol8" }, { "label": "12.2.1.3-ol8", + "description": "12cR2 (12.2.1.3) on JDK 8 on Oracle Linux 8", "value": "12.2.1.3-ol8" }, { "label": "Others", + "description": "Specify fully qualified Oracle Container Registry tag", "value": "others" } ], @@ -2027,6 +2037,7 @@ "enableClusterT3Tunneling": "[basics('basicsOptional').enableClusterT3Tunneling]", "identity": "[basics('basicsRequired').identity]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", + "isSSOSupportEntitled": "[steps('section_aks').imageInfo.isSSOSupportEntitled]", "lbSvcValues": "[steps('section_appGateway').lbSVCInfo.lbSVC]", "location": "[location()]", "keyVaultName": "[steps('section_appGateway').appgwIngress.keyVaultName]", From 837d3f9afc9b450e8becbf46b2376ed60f26e5b5 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 5 Jan 2022 16:51:16 +0800 Subject: [PATCH 166/720] validate ocr images and fail fast. Signed-off-by: galiacheng --- .../inline-scripts/validateParameters.sh | 70 +++++++++++++++---- .../src/main/bicep/mainTemplate.bicep | 25 +++++-- .../_ds-validate-parameters.bicep | 16 +++-- .../bicep/modules/setupWebLogicCluster.bicep | 18 +---- 4 files changed, 90 insertions(+), 39 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh index 1251c5388..f24e62444 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh @@ -190,28 +190,64 @@ function validate_ocr_account() { echo_stdout "Check OCR account: passed!" } +function validate_ocr_image() { + local ocrImageFullPath="${ocrLoginServer}/${ocrGaImagePath}:${wlsImageTag}" + + if [[ "${ORACLE_ACCOUNT_ENTITLED,,}" == "true" ]]; then + local cpuImagesListFile=weblogic_cpu_images.json + curl -L ${gitUrl4CpuImages} -o ${cpuImagesListFile} + local cpuTag = $(cat ${cpuImagesListFile} | jq '.[] | select(.gaTag=='"${wlsImageTag}"') | .cpuTag' | tr -d "\"") + # if we can not find a matched image, keep the tag name the same as GA tag. + if [[ "${cpuTag}" == "" || "${cpuTag,,}" == "null" ]]; then + cpuTag=${wlsImageTag} + fi + + ocrImageFullPath="${ocrLoginServer}/${ocrCpuImagePath}:${cpuTag}" + fi + + # validate the image by importing it to ACR. + # if failure happen, the image path should be unavailable + local tmpImagePath="tmp/validate_webLogic_images:${wlsImageTag}" + az acr import --name ${ACR_NAME} \ + --source ${ocrImageFullPath} \ + -u ${ORACLE_ACCOUNT_NAME} \ + -p ${ORACLE_ACCOUNT_PASSWORD} \ + --image ${tmpImagePath} + + if [ $? -eq 0 ]; then + # delete the image from ACR. + az acr repository delete --name ${ACR_NAME} --image ${tmpImagePath} --yes + else + echo_stderr "Image ${ocrImageFullPath} is not available! Please make sure you have accepted the Oracle Standard Terms and Restrictions and the image exists in https://container-registry.oracle.com/ " + if [[ "${ORACLE_ACCOUNT_ENTITLED,,}" == "true" ]]; then + echo_stderr "Make sure you are entitled to access middleware/weblogic_cpu repository." + fi + fi +} + function check_acr_admin_enabled() { - echo_stdout "check if admin user enabled in ACR $ACR_NAME " - local adminUserEnabled=$(az acr show --name $ACR_NAME --query "adminUserEnabled") - validate_status "query 'adminUserEnabled' property of ACR ${ACR_NAME}" "Invalid ACR: ${ACR_NAME}" + local acrName = $1 + echo_stdout "check if admin user enabled in ACR $acrName " + local adminUserEnabled=$(az acr show --name $acrName --query "adminUserEnabled") + validate_status "query 'adminUserEnabled' property of ACR ${acrName}" "Invalid ACR: ${acrName}" if [[ "${adminUserEnabled}" == "false" ]]; then - echo_stderr "Make sure admin user is enabled in ACR $ACR_NAME. Please find steps in https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication?WT.mc_id=Portal-Microsoft_Azure_CreateUIDef&tabs=azure-cli#admin-account" + echo_stderr "Make sure admin user is enabled in ACR $acrName. Please find steps in https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication?WT.mc_id=Portal-Microsoft_Azure_CreateUIDef&tabs=azure-cli#admin-account" exit 1 fi } function validate_acr_image() { - echo_stdout "use ACR: $ACR_NAME" + echo_stdout "user provided ACR: $ACR_NAME_FOR_USER_PROVIDED_IMAGE" local pathWithoutTag=${userProvidedImagePath%\:*} local repository=${pathWithoutTag#*\/} local tag="${userProvidedImagePath##*:}" - local tagIndex=$(az acr repository show-tags --name $ACR_NAME --repository ${repository} | jq 'index("'${tag}'")') + local tagIndex=$(az acr repository show-tags --name $ACR_NAME_FOR_USER_PROVIDED_IMAGE --repository ${repository} | jq 'index("'${tag}'")') validate_status "check if tag ${tag} exists." "Invalid image path ${userProvidedImagePath}" if [[ "${tagIndex}" == "null" ]]; then - echo_stderr "Tag ${tag} does not exist in ${repository}." + echo_stderr "Image ${tag} does not exist in ${repository}." exit 1 fi @@ -221,11 +257,21 @@ function validate_acr_image() { function validate_base_image_path() { if [[ "${useOracleImage,,}" == "true" ]]; then validate_ocr_account + validate_ocr_image else validate_acr_image fi } +function validate_acr_admin_enabled() +{ + if [[ "${useOracleImage,,}" == "true" ]]; then + check_acr_admin_enabled ${ACR_NAME} + else + check_acr_admin_enabled ${ACR_NAME_FOR_USER_PROVIDED_IMAGE} + fi +} + # Only support kubenet currently function validate_aks_network_plugin() { # AKS_CLUSTER_NAME @@ -490,11 +536,13 @@ sslConfigurationAccessOption=$9 appGatewayCertificateOption=${10} enableAppGWIngress=${11} checkDNSZone=${12} -checkACR=${13} ocrLoginServer="container-registry.oracle.com" +ocrGaImagePath="middleware/weblogic" +ocrCpuImagePath="middleware/weblogic_cpu" sslCertificateKeyVaultOption="keyVaultStoredConfig" userManagedIdentityType="Microsoft.ManagedIdentity/userAssignedIdentities" +gitUrl4CpuImages="https://raw.githubusercontent.com/galiacheng/weblogic-azure/galia-cpu_registry-user-experience/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json" validate_user_assigned_managed_identity @@ -502,11 +550,9 @@ validate_compute_resources validate_base_image_path -validate_aks_network_plugin +validate_acr_admin_enabled -if [[ "${checkACR,,}" == "true" ]]; then - check_acr_admin_enabled -fi +validate_aks_network_plugin if [[ "${enableCustomSSL,,}" == "true" ]]; then validate_wls_ssl_certificates diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 3ceae2100..cac5c75a9 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -135,6 +135,8 @@ param enableAdminT3Tunneling bool = false param enableClusterT3Tunneling bool = false @description('An user assigned managed identity. Make sure the identity has permission to create/update/delete/list Azure resources.') param identity object +@description('Is the specified SSO account associated with an active Oracle support contract?') +param isSSOSupportEntitled bool = false @description('JNDI Name for JDBC Datasource') param jdbcDataSourceName string = 'jdbc/contoso' @description('Existing Key Vault Name') @@ -269,6 +271,7 @@ var const_hasTags = contains(resourceGroup(), 'tags') // * generate selfsigned certificate for gateway frontend TLS/SSL. var const_bCreateNewKeyVault = (!const_hasTags || !contains(resourceGroup().tags, name_tagNameForKeyVault) || empty(resourceGroup().tags.wlsKeyVault)) && ((enableCustomSSL && sslConfigurationAccessOption != const_wlsSSLCertOptionKeyVault) || (enableAppGWIngress && (appGatewayCertificateOption != const_appGatewaySSLCertOptionHaveKeyVault))) var const_bCreateStorageAccount = (createAKSCluster || !const_hasStorageAccount) && const_enablePV +var const_createNewAcr = useOracleImage && createACR var const_defaultKeystoreType = 'PKCS12' var const_enableNetworking = (length(lbSvcValues) > 0) || enableAppGWIngress var const_enablePV = enableCustomSSL || enableAzureFileShare @@ -308,10 +311,23 @@ module partnerCenterPid './modules/_pids/_empty.bicep' = { name: 'pid-a1775ed4-512c-4cfa-9e68-f0b09b36de90-partnercenter' } +/* +* Deploy ACR +*/ +module acrDeployment './modules/_azure-resoruces/_acr.bicep' = if (const_createNewAcr) { + name: 'acr-deployment' + params: { + location: location + } + dependsOn: [ + partnerCenterPid + ] +} + module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep' = { name: 'validate-parameters-and-fail-fast' params: { - acrName: acrName + acrName: const_createNewAcr ? acrDeployment.outputs.acrName : acrName aksAgentPoolNodeCount: aksAgentPoolNodeCount aksAgentPoolVMSize: aksAgentPoolVMSize aksClusterRGName: aksClusterRGName @@ -319,7 +335,6 @@ module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep appGatewayCertificateOption: appGatewayCertificateOption appGatewaySSLCertData: appGatewaySSLCertData appGatewaySSLCertPassword: appGatewaySSLCertPassword - createACR: createACR createAKSCluster: createAKSCluster createDNSZone: createDNSZone dnszoneName: dnszoneName @@ -332,6 +347,7 @@ module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep keyVaultSSLCertDataSecretName: keyVaultSSLCertDataSecretName keyVaultSSLCertPasswordSecretName: keyVaultSSLCertPasswordSecretName identity: identity + isSSOSupportEntitled: isSSOSupportEntitled location: location ocrSSOPSW: ocrSSOPSW ocrSSOUser: ocrSSOUser @@ -355,13 +371,14 @@ module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep sslUploadedCustomTrustKeyStoreType: sslUploadedCustomTrustKeyStoreType sslUploadedPrivateKeyAlias: sslUploadedPrivateKeyAlias sslUploadedPrivateKeyPassPhrase: sslUploadedPrivateKeyPassPhrase - userProvidedAcr: userProvidedAcr + userProvidedAcr: userProvidedAcr // used in use provided images userProvidedImagePath: userProvidedImagePath useOracleImage: useOracleImage wlsImageTag: wlsImageTag } dependsOn: [ pids + acrDeployment ] } @@ -427,7 +444,6 @@ module wlsDomainDeployment 'modules/setupWebLogicCluster.bicep' = if (!enableCus aksVersion: aksVersion appPackageUrls: appPackageUrls appReplicas: appReplicas - createACR: createACR createAKSCluster: createAKSCluster createStorageAccount: const_bCreateStorageAccount dbDriverLibrariesUrls: dbDriverLibrariesUrls @@ -492,7 +508,6 @@ module wlsDomainWithCustomSSLDeployment 'modules/setupWebLogicCluster.bicep' = i aksVersion: aksVersion appPackageUrls: appPackageUrls appReplicas: appReplicas - createACR: createACR createAKSCluster: createAKSCluster createStorageAccount: const_bCreateStorageAccount dbDriverLibrariesUrls: dbDriverLibrariesUrls diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep index 3fdc96eae..22f5d81c4 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep @@ -10,7 +10,6 @@ param appGatewayCertificateOption string param appGatewaySSLCertData string @secure() param appGatewaySSLCertPassword string -param createACR bool param createAKSCluster bool param createDNSZone bool param dnszoneName string @@ -23,6 +22,7 @@ param keyVaultResourceGroup string param keyVaultSSLCertDataSecretName string param keyVaultSSLCertPasswordSecretName string param identity object +param isSSOSupportEntitled bool param location string @secure() param ocrSSOPSW string @@ -57,11 +57,9 @@ param useOracleImage bool param utcValue string = utcNow() param wlsImageTag string -var const_acrName= useOracleImage ? acrName: userProvidedAcr -var const_arguments = '${location} ${createAKSCluster} ${aksAgentPoolVMSize} ${aksAgentPoolNodeCount} ${useOracleImage} ${wlsImageTag} ${userProvidedImagePath} ${enableCustomSSL} ${sslConfigurationAccessOption} ${appGatewayCertificateOption} ${enableAppGWIngress} ${const_checkDNSZone} ${const_checkACRAdminEnabled}' +var const_arguments = '${location} ${createAKSCluster} ${aksAgentPoolVMSize} ${aksAgentPoolNodeCount} ${useOracleImage} ${wlsImageTag} ${userProvidedImagePath} ${enableCustomSSL} ${sslConfigurationAccessOption} ${appGatewayCertificateOption} ${enableAppGWIngress} ${const_checkDNSZone}' var const_azcliVersion = '2.15.0' var const_checkDNSZone = enableDNSConfiguration && !createDNSZone -var const_checkACRAdminEnabled= useOracleImage || !createACR var const_deploymentName = 'ds-validate-parameters-and-fail-fast' resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { @@ -81,9 +79,17 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'ORACLE_ACCOUNT_PASSWORD' secureValue: ocrSSOPSW } + { + name: 'ORACLE_ACCOUNT_ENTITLED' + value: string(isSSOSupportEntitled) + } { name: 'ACR_NAME' - value: const_acrName + value: acrName + } + { + name: 'ACR_NAME_FOR_USER_PROVIDED_IMAGE' + value: userProvidedAcr } { name: 'AKS_CLUSTER_NAME' diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep index ed14b4654..7baaf8952 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep @@ -48,8 +48,6 @@ param aksVersion string = 'default' param appPackageUrls array = [] @description('The number of managed server to start.') param appReplicas int = 2 -@description('true to create a new Azure Container Registry.') -param createACR bool = false @description('true to create a new AKS cluster.') param createAKSCluster bool = true param createStorageAccount bool = false @@ -151,19 +149,6 @@ module aksClusterDeployment './_azure-resoruces/_aks.bicep' = if (createAKSClust ] } -/* -* Deploy ACR -*/ -module acrDeployment './_azure-resoruces/_acr.bicep' = if (useOracleImage && createACR) { - name: 'acr-deployment' - params: { - location: location - } - dependsOn: [ - pidStart - ] -} - // enableAppGWIngress: if true, will create storage for certificates. module storageDeployment './_azure-resoruces/_storage.bicep' = if (createStorageAccount) { name: 'storage-deployment' @@ -186,7 +171,7 @@ module wlsDomainDeployment './_deployment-scripts/_ds-create-wls-cluster.bicep' _artifactsLocationSasToken: _artifactsLocationSasToken aksClusterRGName: createAKSCluster ? resourceGroup().name : aksClusterRGName aksClusterName: createAKSCluster ? aksClusterDeployment.outputs.aksClusterName : aksClusterName - acrName: useOracleImage ? (createACR ? acrDeployment.outputs.acrName : acrName) : userProvidedAcr + acrName: useOracleImage ? acrName : userProvidedAcr appPackageUrls: appPackageUrls appReplicas: appReplicas dbDriverLibrariesUrls: dbDriverLibrariesUrls @@ -225,7 +210,6 @@ module wlsDomainDeployment './_deployment-scripts/_ds-create-wls-cluster.bicep' } dependsOn: [ aksClusterDeployment - acrDeployment storageDeployment ] } From be0b53a7d92bfb37f3800e8af16a8c3e92b88c12 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 6 Jan 2022 09:10:27 +0800 Subject: [PATCH 167/720] UI: output boolean value for isSSOSupportEntitled Signed-off-by: galiacheng --- weblogic-azure-aks/src/main/arm/createUiDefinition.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index b03c46684..e31656e5e 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -2037,7 +2037,7 @@ "enableClusterT3Tunneling": "[basics('basicsOptional').enableClusterT3Tunneling]", "identity": "[basics('basicsRequired').identity]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", - "isSSOSupportEntitled": "[steps('section_aks').imageInfo.isSSOSupportEntitled]", + "isSSOSupportEntitled": "[bool(steps('section_aks').imageInfo.isSSOSupportEntitled)]", "lbSvcValues": "[steps('section_appGateway').lbSVCInfo.lbSVC]", "location": "[location()]", "keyVaultName": "[steps('section_appGateway').appgwIngress.keyVaultName]", From ef552c075810e35fad5269e3ab34d770825d47e4 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 6 Jan 2022 13:11:16 +0800 Subject: [PATCH 168/720] update ga cpu image mapping. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json update image mapping file structure. Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh --- .../main/arm/scripts/inline-scripts/validateParameters.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh index f24e62444..8b4a00dbf 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh @@ -194,9 +194,11 @@ function validate_ocr_image() { local ocrImageFullPath="${ocrLoginServer}/${ocrGaImagePath}:${wlsImageTag}" if [[ "${ORACLE_ACCOUNT_ENTITLED,,}" == "true" ]]; then + + # download the ga cpu image mapping file. local cpuImagesListFile=weblogic_cpu_images.json curl -L ${gitUrl4CpuImages} -o ${cpuImagesListFile} - local cpuTag = $(cat ${cpuImagesListFile} | jq '.[] | select(.gaTag=='"${wlsImageTag}"') | .cpuTag' | tr -d "\"") + local cpuTag = $(cat ${cpuImagesListFile} | jq '.items[] | select(.gaTag=='"${wlsImageTag}"') | .cpuTag' | tr -d "\"") # if we can not find a matched image, keep the tag name the same as GA tag. if [[ "${cpuTag}" == "" || "${cpuTag,,}" == "null" ]]; then cpuTag=${wlsImageTag} @@ -206,7 +208,7 @@ function validate_ocr_image() { fi # validate the image by importing it to ACR. - # if failure happen, the image path should be unavailable + # if failure happens, the image should be unavailable local tmpImagePath="tmp/validate_webLogic_images:${wlsImageTag}" az acr import --name ${ACR_NAME} \ --source ${ocrImageFullPath} \ From e87145a9cc5c835ae0062f163a2e8355630d54f7 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Thu, 6 Jan 2022 13:56:12 +0800 Subject: [PATCH 169/720] support cpu image in the deployment. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/common.sh modified: weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh modified: weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_preDeployedAzureResources.bicep modified: weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep fix script --- .../src/main/arm/scripts/common.sh | 3 +++ .../main/arm/scripts/createVMAndBuildImage.sh | 26 ++++++++++++++++++- .../inline-scripts/validateParameters.sh | 21 ++++++++++++--- .../src/main/arm/scripts/setupWLSDomain.sh | 3 +++ .../src/main/bicep/mainTemplate.bicep | 16 +++++++----- .../_ds-create-wls-cluster.bicep | 5 ++++ .../modules/_preDeployedAzureResources.bicep | 18 +++++++++++++ .../bicep/modules/setupWebLogicCluster.bicep | 2 ++ 8 files changed, 83 insertions(+), 11 deletions(-) create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_preDeployedAzureResources.bicep diff --git a/weblogic-azure-aks/src/main/arm/scripts/common.sh b/weblogic-azure-aks/src/main/arm/scripts/common.sh index 6313b353a..3f31ca77a 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/common.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/common.sh @@ -17,6 +17,9 @@ export constIntrospectorJobActiveDeadlineSeconds=300 # for Guaranteed Qos export curlMaxTime=120 # seconds export ocrLoginServer="container-registry.oracle.com" +export ocrGaImagePath="middleware/weblogic" +export ocrCpuImagePath="middleware/weblogic_cpu" +export gitUrl4CpuImages="https://raw.githubusercontent.com/galiacheng/weblogic-azure/galia-cpu_registry-user-experience/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json" export optUninstallMaxTry=5 # Max attempts to wait for the operator uninstalled export optUninstallInterval=10 diff --git a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh index d605a0cd1..a6fa72b22 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh @@ -1,5 +1,8 @@ # Copyright (c) 2021, Oracle Corporation and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# env inputs: +# URL_3RD_DATASOURCE +# ORACLE_ACCOUNT_ENTITLED # read and from stdin function read_sensitive_parameters_from_stdin() { @@ -69,6 +72,27 @@ function cleanup_vm() { az resource delete --verbose --ids ${vmResourceIdS} } +# generate image full path based on the oracle account +function get_ocr_image_full_path() { + local ocrImageFullPath="${ocrLoginServer}/${ocrGaImagePath}:${wlsImageTag}" + + if [[ "${ORACLE_ACCOUNT_ENTITLED,,}" == "true" ]]; then + + # download the ga cpu image mapping file. + local cpuImagesListFile=weblogic_cpu_images.json + curl -L ${gitUrl4CpuImages} -o ${cpuImagesListFile} + local cpuTag=$(cat ${cpuImagesListFile} | jq ".items[] | select(.gaTag==\"${wlsImageTag}\") | .cpuTag" | tr -d "\"") + # if we can not find a matched image, keep the tag name the same as GA tag. + if [[ "${cpuTag}" == "" || "${cpuTag,,}" == "null" ]]; then + cpuTag=${wlsImageTag} + fi + + ocrImageFullPath="${ocrLoginServer}/${ocrCpuImagePath}:${cpuTag}" + fi + + wlsImagePath=${ocrImageFullPath} +} + # Build docker image # * Create Ubuntu machine VM-UBUNTU # * Running vm extension to run buildWLSDockerImage.sh, the script will: @@ -94,7 +118,7 @@ function build_docker_image() { --tags SkipASMAzSecPack=true SkipNRMSCorp=true SkipNRMSDatabricks=true SkipNRMSDB=true SkipNRMSHigh=true SkipNRMSMedium=true SkipNRMSRDPSSH=true SkipNRMSSAW=true SkipNRMSMgmt=true --verbose if [[ "${useOracleImage,,}" == "${constTrue}" ]]; then - wlsImagePath="${ocrLoginServer}/middleware/weblogic:${wlsImageTag}" + get_ocr_image_full_path else wlsImagePath="${userProvidedImagePath}" fi diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh index 8b4a00dbf..1fddbc4f9 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh @@ -198,7 +198,8 @@ function validate_ocr_image() { # download the ga cpu image mapping file. local cpuImagesListFile=weblogic_cpu_images.json curl -L ${gitUrl4CpuImages} -o ${cpuImagesListFile} - local cpuTag = $(cat ${cpuImagesListFile} | jq '.items[] | select(.gaTag=='"${wlsImageTag}"') | .cpuTag' | tr -d "\"") + local cpuTag=$(cat ${cpuImagesListFile} | jq ".items[] | select(.gaTag == \"${wlsImageTag}\") | .cpuTag" | tr -d "\"") + echo_stdout "cpu tag: ${cpuTag}" # if we can not find a matched image, keep the tag name the same as GA tag. if [[ "${cpuTag}" == "" || "${cpuTag,,}" == "null" ]]; then cpuTag=${wlsImageTag} @@ -207,24 +208,36 @@ function validate_ocr_image() { ocrImageFullPath="${ocrLoginServer}/${ocrCpuImagePath}:${cpuTag}" fi + echo_stdout "image path: ${ocrImageFullPath}" + # validate the image by importing it to ACR. # if failure happens, the image should be unavailable - local tmpImagePath="tmp/validate_webLogic_images:${wlsImageTag}" + local tmpImagePath="tmp$(date +%s):${wlsImageTag}" az acr import --name ${ACR_NAME} \ --source ${ocrImageFullPath} \ -u ${ORACLE_ACCOUNT_NAME} \ -p ${ORACLE_ACCOUNT_PASSWORD} \ - --image ${tmpImagePath} + --image ${tmpImagePath} \ + --only-show-errors - if [ $? -eq 0 ]; then + # echo $? equals 0 even though failure happens. + # check if the image is imported successfully. + local ret=$(az acr repository show --name $ACR_NAME --image ${tmpImagePath}) + if [ -n "${ret}" ]; then # delete the image from ACR. az acr repository delete --name ${ACR_NAME} --image ${tmpImagePath} --yes else + echo_stderr $ret + echo_stderr "" echo_stderr "Image ${ocrImageFullPath} is not available! Please make sure you have accepted the Oracle Standard Terms and Restrictions and the image exists in https://container-registry.oracle.com/ " if [[ "${ORACLE_ACCOUNT_ENTITLED,,}" == "true" ]]; then echo_stderr "Make sure you are entitled to access middleware/weblogic_cpu repository." fi + + exit 1 fi + + echo_stdout "Check OCR image ${ocrImageFullPath}: passed!" } function check_acr_admin_enabled() { diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh index f8b2ede38..28d651fb7 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupWLSDomain.sh @@ -1,6 +1,9 @@ # Copyright (c) 2021, Oracle Corporation and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # This script runs on Azure Container Instance with Alpine Linux that Azure Deployment script creates. +# env inputs: +# URL_3RD_DATASOURCE +# ORACLE_ACCOUNT_ENTITLED echo "Script ${0} starts" diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index cac5c75a9..4891866a5 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -314,9 +314,11 @@ module partnerCenterPid './modules/_pids/_empty.bicep' = { /* * Deploy ACR */ -module acrDeployment './modules/_azure-resoruces/_acr.bicep' = if (const_createNewAcr) { - name: 'acr-deployment' +module preAzureResourceDeployment './modules/_preDeployedAzureResources.bicep' = { + name: 'pre-azure-resources-deployment' params: { + acrName: acrName + createNewAcr: const_createNewAcr location: location } dependsOn: [ @@ -327,7 +329,7 @@ module acrDeployment './modules/_azure-resoruces/_acr.bicep' = if (const_createN module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep' = { name: 'validate-parameters-and-fail-fast' params: { - acrName: const_createNewAcr ? acrDeployment.outputs.acrName : acrName + acrName: preAzureResourceDeployment.outputs.acrName aksAgentPoolNodeCount: aksAgentPoolNodeCount aksAgentPoolVMSize: aksAgentPoolVMSize aksClusterRGName: aksClusterRGName @@ -378,7 +380,7 @@ module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep } dependsOn: [ pids - acrDeployment + preAzureResourceDeployment ] } @@ -434,7 +436,7 @@ module wlsDomainDeployment 'modules/setupWebLogicCluster.bicep' = if (!enableCus aciResourcePermissions: aciResourcePermissions aciRetentionInDays: aciRetentionInDays aciWorkspaceSku: aciWorkspaceSku - acrName: acrName + acrName: preAzureResourceDeployment.outputs.acrName aksAgentPoolName: aksAgentPoolName aksAgentPoolNodeCount: aksAgentPoolNodeCount aksAgentPoolVMSize: aksAgentPoolVMSize @@ -453,6 +455,7 @@ module wlsDomainDeployment 'modules/setupWebLogicCluster.bicep' = if (!enableCus enableClusterT3Tunneling: enableClusterT3Tunneling enablePV: const_enablePV identity: identity + isSSOSupportEntitled: isSSOSupportEntitled location: location managedServerPrefix: managedServerPrefix ocrSSOPSW: ocrSSOPSW @@ -498,7 +501,7 @@ module wlsDomainWithCustomSSLDeployment 'modules/setupWebLogicCluster.bicep' = i aciResourcePermissions: aciResourcePermissions aciRetentionInDays: aciRetentionInDays aciWorkspaceSku: aciWorkspaceSku - acrName: acrName + acrName: preAzureResourceDeployment.outputs.acrName aksAgentPoolName: aksAgentPoolName aksAgentPoolNodeCount: aksAgentPoolNodeCount aksAgentPoolVMSize: aksAgentPoolVMSize @@ -517,6 +520,7 @@ module wlsDomainWithCustomSSLDeployment 'modules/setupWebLogicCluster.bicep' = i enableClusterT3Tunneling: enableClusterT3Tunneling enablePV: const_enablePV identity: identity + isSSOSupportEntitled: isSSOSupportEntitled location: location managedServerPrefix: managedServerPrefix ocrSSOPSW: ocrSSOPSW diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index 94da396ff..e47490e71 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -16,6 +16,7 @@ param enableAdminT3Tunneling bool = false param enableClusterT3Tunneling bool = false param enablePV bool = false param identity object +param isSSOSupportEntitled bool param location string param managedServerPrefix string = 'managed-server' @secure() @@ -84,6 +85,10 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'URL_3RD_DATASOURCE' value: '${string(dbDriverLibrariesUrls)}' } + { + name: 'ORACLE_ACCOUNT_ENTITLED' + value: string(isSSOSupportEntitled) + } ] primaryScriptUri: uri(const_scriptLocation, '${const_invokeSetUpDomainScript}${_artifactsLocationSasToken}') supportingScriptUris: [ diff --git a/weblogic-azure-aks/src/main/bicep/modules/_preDeployedAzureResources.bicep b/weblogic-azure-aks/src/main/bicep/modules/_preDeployedAzureResources.bicep new file mode 100644 index 000000000..11b58f77f --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_preDeployedAzureResources.bicep @@ -0,0 +1,18 @@ +/* + Copyright (c) 2021, Oracle and/or its affiliates. +Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +param acrName string = 'acr-contoso' +param createNewAcr bool = false + +param location string + +module acrDeployment './_azure-resoruces/_acr.bicep' = if (createNewAcr) { + name: 'acr-deployment' + params: { + location: location + } +} + +output acrName string = createNewAcr ? acrDeployment.outputs.acrName : acrName diff --git a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep index 7baaf8952..5172f6cd7 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep @@ -61,6 +61,7 @@ param enableClusterT3Tunneling bool = false param enablePV bool = false @description('An user assigned managed identity. Make sure the identity has permission to create/update/delete/list Azure resources.') param identity object +param isSSOSupportEntitled bool param location string @description('Name prefix of managed server.') param managedServerPrefix string = 'managed-server' @@ -180,6 +181,7 @@ module wlsDomainDeployment './_deployment-scripts/_ds-create-wls-cluster.bicep' enableClusterT3Tunneling: enableClusterT3Tunneling enablePV: enablePV identity: identity + isSSOSupportEntitled: isSSOSupportEntitled location: location managedServerPrefix: managedServerPrefix ocrSSOUser: ocrSSOUser From aaadc8d5fec70d82fa9f58907fcce9ef595461f1 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Fri, 7 Jan 2022 13:28:54 +0800 Subject: [PATCH 170/720] output wls versions Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep --- .../queryDomainConfigurations.sh | 42 +++++++++++++------ .../src/main/bicep/mainTemplate.bicep | 2 + .../_ds-output-domain-configurations.bicep | 6 +++ 3 files changed, 38 insertions(+), 12 deletions(-) diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh index b384eec9f..e6cb9a10a 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/queryDomainConfigurations.sh @@ -5,9 +5,12 @@ # env inputs: # AKS_CLUSTER_NAME # AKS_CLUSTER_RESOURCEGROUP_NAME +# WLS_CLUSTER_NAME # WLS_DOMAIN_UID # Main script +wlsContainerName="weblogic-server" + echo "install kubectl" az aks install-cli @@ -23,41 +26,56 @@ domainConfigurationYaml=/tmp/domain.yaml rm -f ${domainConfigurationYaml} kubectl get domain ${WLS_DOMAIN_UID} -n ${wlsDomainNS} -o yaml >${domainConfigurationYaml} -adminPodName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=admin-server -o json | - jq '.items[0] | .metadata.name' | - tr -d "\"") +# we should not run the script in admin pod, as there is no admin pod for slim image. +podNum=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.clusterName=${WLS_CLUSTER_NAME} -o json | jq '.items| length') + if [ ${podNum} -le 0 ]; then + echo_stderr "Ensure your cluster has at least one pod." + exit 1 + fi -if [ -z "${adminPodName}" ]; then - echo >&2 "Fail to get admin server pod." - exit 1 -fi +podName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.clusterName=${WLS_CLUSTER_NAME} -o json \ + | jq '.items[0] | .metadata.name' \ + | tr -d "\"") echo "Copy model.yaml from /u01/wdt/models" targetModelYaml=/tmp/model.yaml rm -f ${targetModelYaml} -kubectl cp -n ${wlsDomainNS} -c weblogic-server ${adminPodName}:/u01/wdt/models/model.yaml ${targetModelYaml} +kubectl cp -n ${wlsDomainNS} -c ${wlsContainerName} ${podName}:/u01/wdt/models/model.yaml ${targetModelYaml} if [ $? != 0 ]; then - echo >&2 "Fail to copy ${adminPodName}:/u01/wdt/models/model.yaml." + echo >&2 "Fail to copy ${podName}:/u01/wdt/models/model.yaml." exit 1 fi echo "Copy model.properties from from /u01/wdt/models" targetModelProperties=/tmp/model.properties rm -f ${targetModelProperties} -kubectl cp -n ${wlsDomainNS} -c weblogic-server ${adminPodName}:/u01/wdt/models/model.properties ${targetModelProperties} +kubectl cp -n ${wlsDomainNS} -c ${wlsContainerName} ${podName}:/u01/wdt/models/model.properties ${targetModelProperties} if [ $? != 0 ]; then - echo >&2 "Fail to copy ${adminPodName}:/u01/wdt/models/model.properties." + echo >&2 "Fail to copy ${podName}:/u01/wdt/models/model.properties." exit 1 fi +echo "Query WebLogic version and patch numbers" +versionDetails=$(kubectl exec -it ${podName} -n ${wlsDomainNS} -c ${wlsContainerName} \ + -- bash -c 'source $ORACLE_HOME/wlserver/server/bin/setWLSEnv.sh > /dev/null 2>&1 && java weblogic.version') +if [ $? != 0 ]; then + echo >&2 "Fail to run java weblogic.version." + exit 1 +fi + +echo "Get patches" + + base64ofDomainYaml=$(cat ${domainConfigurationYaml} | base64) base64ofModelYaml=$(cat ${targetModelYaml} | base64) base64ofModelProperties=$(cat ${targetModelProperties} | base64) +base64ofWLSVersionDetails=$(echo ${versionDetails} | base64) result=$(jq -n -c \ --arg domainDeploymentYaml "$base64ofDomainYaml" \ --arg wlsImageModelYaml "$base64ofModelYaml" \ --arg wlsImageProperties "$base64ofModelProperties" \ - '{domainDeploymentYaml: $domainDeploymentYaml, wlsImageModelYaml: $wlsImageModelYaml, wlsImageProperties: $wlsImageProperties}') + --arg wlsVersionDetails "${base64ofWLSVersionDetails}" \ + '{domainDeploymentYaml: $domainDeploymentYaml, wlsImageModelYaml: $wlsImageModelYaml, wlsImageProperties: $wlsImageProperties, wlsVersionDetails: $wlsVersionDetails}') echo "result is: $result" echo $result >$AZ_SCRIPTS_OUTPUT_PATH diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 4891866a5..f9dfa8001 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -724,6 +724,7 @@ module queryWLSDomainConfig 'modules/_deployment-scripts/_ds-output-domain-confi aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName.value identity: identity location: location + wlsClusterName: const_wlsClusterName wlsDomainUID: wlsDomainUID } dependsOn: [ @@ -749,3 +750,4 @@ output shellCmdtoConnectAks string = format('az account set --subscription {0}; output shellCmdtoOutputWlsDomainYaml string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsDomainYaml output shellCmdtoOutputWlsImageModelYaml string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsImageModelYaml output shellCmdtoOutputWlsImageProperties string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsImageProperties +output shellCmdtoOutputWlsVersionsandPatches string = queryWLSDomainConfig.outputs.shellCmdtoOutputWlsVersions diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep index 2764703fd..ac91536d8 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-output-domain-configurations.bicep @@ -6,6 +6,7 @@ param aksClusterName string = '' param identity object param location string param utcValue string = utcNow() +param wlsClusterName string = 'cluster-1' param wlsDomainUID string = 'sample-domain1' var const_azcliVersion='2.15.0' @@ -27,6 +28,10 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'AKS_CLUSTER_NAME' value: aksClusterName } + { + name: 'WLS_CLUSTER_NAME' + value: wlsClusterName + } { name: 'WLS_DOMAIN_UID' value: wlsDomainUID @@ -42,3 +47,4 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { output shellCmdtoOutputWlsDomainYaml string = format('echo -e {0} | base64 -d > domain.yaml', reference(const_deploymentName).outputs.domainDeploymentYaml) output shellCmdtoOutputWlsImageModelYaml string = format('echo -e {0} | base64 -d > model.yaml', reference(const_deploymentName).outputs.wlsImageModelYaml) output shellCmdtoOutputWlsImageProperties string = format('echo -e {0} | base64 -d > model.properties', reference(const_deploymentName).outputs.wlsImageProperties) +output shellCmdtoOutputWlsVersions string = format('echo -e {0} | base64 -d > version.info', reference(const_deploymentName).outputs.wlsVersionDetails) From 47d763cc7ace28f1edc74252a7bae7da6e895582 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Tue, 9 Nov 2021 11:23:16 +0800 Subject: [PATCH 171/720] On branch pids: new pids for DNS and LB configuration. Signed-off-by: galiacheng Changes to be committed: modified: src/main/bicep/modules/_pids/_pid-dev.bicep modified: src/main/bicep/modules/_pids/_pid.bicep --- .../src/main/bicep/modules/_pids/_pid-dev.bicep | 4 ++++ weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep index 9f0a680e3..040cec26a 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep @@ -14,6 +14,10 @@ output appgwEnd string = '38647ff6-ea8d-59e5-832d-b036a4d29c73' output appgwStart string = '8ba7beaa-96fd-576a-acd8-28f7a6efa83a' output dbEnd string = 'ffab0a3f-90cb-585a-a7f9-ec0a62faeec1' output dbStart string = 'e64361eb-fea0-5f15-a313-c76daadbc648' +output dnsEnd string = '189306c7-39e2-5844-817d-01e883a4cf1e' +output dnsStart string = '8ae63711-9fa7-56b4-a4a0-236f3ccef542' +output lbEnd string = 'f76e2847-d5a1-52e7-9e52-fc8560f5d3e4' +output lbStart string = 'e2a8c8b2-9b58-52c6-9636-1834ff3976dc' output networkingEnd string = '39d32fcd-1d02-50b6-9455-4b767a8e769e' output networkingStart string = 'ed47756f-2475-56dd-b13a-26027749b6e1' output wlsAKSEnd string = '17328b4d-841f-57b5-a9c5-861ad48f9d0d' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep index ed81fb5b7..10c9152a0 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep @@ -14,6 +14,10 @@ output appgwEnd string = '47ea43a0-95cf-52c7-aee8-7ee6106fc1bf' output appgwStart string = '01288010-2672-5831-a66b-7b8b45cace1b' output dbEnd string = 'd7a9c78e-39d9-5a47-928d-8645ed86dafd' output dbStart string = '0cc86800-37f4-5191-9368-2953394309ec' +output dnsEnd string = '754e16bc-4d81-5343-b99b-7532abd6587d' +output dnsStart string = '64ae895c-feb3-529e-8435-5d2e49f94e09' +output lbEnd string = 'ce664543-77bd-515a-832e-107e32f99da9' +output lbStart string = '44732bbc-04c4-5df7-a0c6-b9be9ec00ee6' output networkingEnd string = '2798165c-49fa-5701-b608-b80ed3986176' output networkingStart string = '0793308f-de9d-5f0d-92f9-d9fc4b413b8b' output wlsAKSEnd string = '2571f846-2f66-5c22-9fe6-38ecea7889ac' From e7c75600d3c6f62c853b61e126f2d0976b6af59d Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 5 Jan 2022 13:42:48 +0800 Subject: [PATCH 172/720] add pid to track deployment of load balancer service and custom dns. Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/src/main/bicep/modules/networking.bicep --- .../src/main/bicep/modules/networking.bicep | 60 ++++++++++++++++--- 1 file changed, 51 insertions(+), 9 deletions(-) diff --git a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep index 026efd649..bfae7f9ed 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/networking.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/networking.bicep @@ -4,10 +4,14 @@ param _artifactsLocation string = deployment().properties.templateLink.uri @secure() param _artifactsLocationSasToken string = '' -param _pidNetworkingEnd string = 'pid-networking-end' -param _pidNetworkingStart string = 'pid-networking-start' param _pidAppgwEnd string = 'pid-networking-appgateway-end' param _pidAppgwStart string = 'pid-networking-appgateway-start' +param _pidDnsEnd string = 'pid-networking-dns-end' +param _pidDnsStart string = 'pid-networking-dns-start' +param _pidLbEnd string = 'pid-networking-lb-end' +param _pidLbStart string = 'pid-networking-lb-start' +param _pidNetworkingEnd string = 'pid-networking-end' +param _pidNetworkingStart string = 'pid-networking-start' @description('Resource group name of an existing AKS cluster.') param aksClusterRGName string = 'aks-contoso-rg' @description('Name of an existing AKS cluster.') @@ -32,7 +36,7 @@ param dnsNameforApplicationGateway string = 'wlsgw' @description('Azure DNS Zone name.') param dnszoneName string = 'contoso.xyz' param dnszoneAdminConsoleLabel string = 'admin' -param dnszoneAdminT3ChannelLabel string ='admin-t3' +param dnszoneAdminT3ChannelLabel string = 'admin-t3' @description('Specify a label used to generate subdomain of WebLogic cluster. The final subdomain name will be label.dnszoneName, e.g. applications.contoso.xyz') param dnszoneClusterLabel string = 'www' param dnszoneClusterT3ChannelLabel string = 'cluster-t3' @@ -67,7 +71,8 @@ param wlsDomainUID string = 'sample-domain1' var const_appgwCustomDNSAlias = format('{0}.{1}/', dnszoneClusterLabel, dnszoneName) var const_appgwAdminCustomDNSAlias = format('{0}.{1}/', dnszoneAdminConsoleLabel, dnszoneName) var const_appgwSSLCertOptionGenerateCert = 'generateCert' -var name_networkDeployment = enableAppGWIngress ? (appGatewayCertificateOption == const_appgwSSLCertOptionGenerateCert ? 'ds-networking-deployment-1': 'ds-networking-deployment') : 'ds-networking-deployment-2' +var const_enableLbService = length(lbSvcValues) > 0 +var name_networkDeployment = enableAppGWIngress ? (appGatewayCertificateOption == const_appgwSSLCertOptionGenerateCert ? 'ds-networking-deployment-1' : 'ds-networking-deployment') : 'ds-networking-deployment-2' var ref_networkDeployment = reference(name_networkDeployment) module pidNetworkingStart './_pids/_pid.bicep' = { @@ -84,6 +89,20 @@ module pidAppgwStart './_pids/_pid.bicep' = if (enableAppGWIngress) { } } +module pidLbStart './_pids/_pid.bicep' = if (const_enableLbService) { + name: 'pid-loadbalancer-service-start-deployment' + params: { + name: _pidLbStart + } +} + +module pidDnsStart './_pids/_pid.bicep' = if (enableDNSConfiguration) { + name: 'pid-dns-start-deployment' + params: { + name: _pidDnsStart + } +} + // get key vault object in a resource group resource existingKeyvault 'Microsoft.KeyVault/vaults@2021-06-01-preview' existing = if (enableAppGWIngress) { name: keyVaultName @@ -99,6 +118,7 @@ module appgwDeployment '_azure-resoruces/_appgateway.bicep' = if (enableAppGWIng } dependsOn: [ pidAppgwStart + pidLbStart ] } @@ -120,8 +140,6 @@ module appgwBackendCertDeployment '_deployment-scripts/_ds-appgw-upload-trusted- ] } - - module dnsZoneDeployment '_azure-resoruces/_dnsZones.bicep' = if (enableDNSConfiguration && createDNSZone) { name: 'dnszone-deployment' params: { @@ -129,6 +147,7 @@ module dnsZoneDeployment '_azure-resoruces/_dnsZones.bicep' = if (enableDNSConfi } dependsOn: [ pidNetworkingStart + pidDnsStart ] } @@ -259,10 +278,10 @@ module pidAppgwEnd './_pids/_pid.bicep' = if (enableAppGWIngress) { ] } -module pidNetworkingEnd './_pids/_pid.bicep' = { - name: 'pid-networking-end-deployment' +module pidLbEnd './_pids/_pid.bicep' = if (const_enableLbService) { + name: 'pid-loadbalancer-service-end-deployment' params: { - name: _pidNetworkingEnd + name: _pidLbEnd } dependsOn: [ networkingDeployment @@ -271,6 +290,29 @@ module pidNetworkingEnd './_pids/_pid.bicep' = { ] } +module pidDnsEnd './_pids/_pid.bicep' = if (enableDNSConfiguration) { + name: 'pid-dns-end-deployment' + params: { + name: _pidDnsEnd + } + dependsOn: [ + networkingDeployment + networkingDeployment2 + networkingDeployment3 + ] +} + +module pidNetworkingEnd './_pids/_pid.bicep' = { + name: 'pid-networking-end-deployment' + params: { + name: _pidNetworkingEnd + } + dependsOn: [ + pidLbEnd + pidDnsEnd + ] +} + output adminConsoleExternalUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}console', const_appgwAdminCustomDNSAlias) : format('http://{0}/console', appgwDeployment.outputs.appGatewayAlias)) : ref_networkDeployment.outputs.adminConsoleLBUrl.value output adminConsoleExternalSecuredUrl string = enableAppGWIngress && enableCustomSSL && enableDNSConfiguration ? format('https://{0}console', const_appgwAdminCustomDNSAlias) : ref_networkDeployment.outputs.adminConsoleLBSecuredUrl.value output adminRemoteConsoleUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}remoteconsole', const_appgwAdminCustomDNSAlias) : format('http://{0}/remoteconsole', appgwDeployment.outputs.appGatewayAlias)) : ref_networkDeployment.outputs.adminRemoteUrl.value From acc7f624ad1d3156fb5e34a6f85e11fd6391f1f9 Mon Sep 17 00:00:00 2001 From: galiacheng Date: Wed, 12 Jan 2022 10:32:31 +0800 Subject: [PATCH 173/720] increase pom version. Signed-off-by: galiacheng --- weblogic-azure-aks/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index bc99701b7..33dac3992 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -9,7 +9,7 @@ + + 4.0.0 + com.oracle.weblogic.azure + passwordless-mysql + 1.0-SNAPSHOT + jar + + 11 + 11 + + + + com.azure + azure-identity-providers-jdbc-mysql + 1.0.0-beta.1 + + + com.azure + azure-core + + + + + com.azure + azure-core + 1.34.0 + + + com.fasterxml.jackson.dataformat + jackson-dataformat-xml + + + com.fasterxml.jackson.datatype + jackson-datatype-jsr310 + + + com.azure + azure-core-http-netty + + + + + com.fasterxml.jackson.dataformat + jackson-dataformat-xml + 2.14.0 + + + com.fasterxml.jackson.datatype + jackson-datatype-jsr310 + 2.14.0 + + + com.azure + azure-core-http-netty + 1.12.7 + + + io.projectreactor.netty + reactor-netty-http + + + + + io.projectreactor.netty + reactor-netty-http + 1.1.0 + + + \ No newline at end of file From c1db251409bb2e69cf91353094ec02324006e361 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Thu, 1 Dec 2022 03:21:57 +0800 Subject: [PATCH 409/720] add pids for cluster passwordless db connection. (#221) --- .../src/main/resources/microsoft-pid.properties | 2 ++ .../arm-oraclelinux-wls/src/main/resources/pid.properties | 2 ++ 2 files changed, 4 insertions(+) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties index 9603b52e3..51181f0ca 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties @@ -63,6 +63,8 @@ cluster.dns.start=aa030ff6-c680-53de-8891-8dd16ce08aa6 cluster.elk.end=e4165284-b017-5df9-9b91-3f11dd8a72e5 cluster.elk.start=6890699c-97ad-5d76-91d3-3a3b7d64013f cluster.end=55160205-2f03-52c5-ae30-507952c0c4ea +cluster.pswless.database.end=ae2f6529-815a-5d13-b6c2-91b92d267d7a +cluster.pswless.database.start=527a8646-465b-56c7-b495-6383eeb76e2e cluster.start=ca5e3350-ff62-5d92-83a3-acaaeae87c03 # Pids to indicate which database was chosen. No difference in these diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties index 96dbe9227..9175477e0 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties @@ -62,6 +62,8 @@ cluster.dns.start=c40d7aa8-9fe7-51c6-86de-27e1b1678735 cluster.elk.end=cb84f8ed-d270-5036-8240-08b6bb4f2bd6 cluster.elk.start=c9bac63c-67eb-52e1-a8c1-2ba57f65cfbc cluster.end=0fa14086-2d46-54a4-8aba-470addc3dce6 +cluster.pswless.database.end=b4d91140-fb26-50de-9358-147b9dd25f7a +cluster.pswless.database.start=340f5265-6de7-5b6f-aad3-9f179736cde0 cluster.start=pid-7363cd91-937d-4469-a7a8-ecbeddfb7a0f-partnercenter # Pids to indicate which database was chosen. No difference in these From a02bf865bdc39f53e6eec8c7880929f69c07ab03 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Thu, 1 Dec 2022 03:40:56 +0800 Subject: [PATCH 410/720] Support passwordless MySQL connection in AKS offer (#219) * use Azure CNI * modify UI to support passwordless mysql connection * improve ui for passwordless mysql support * input uami and generate connections string * build dependencies into image * enable aad pod ientity * move dependencies to wlsdeploy/classpathLibraries/azureLibraries/ Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh modified: weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh modified: weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh modified: weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aksPodIdentity.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep renamed: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-pod-identity.bicep -> weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-enable-aks-managed-identity.bicep new file: weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_aksClusterMioRoleOverDbIdentity.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_roleAssignmentinRgScope.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep modified: weblogic-azure-aks/src/main/bicep/modules/setupWebLogicCluster.bicep * support mysql for ga images Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json modified: weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh modified: weblogic-azure-aks/src/main/arm/scripts/common.sh modified: weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh modified: weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh modified: weblogic-azure-aks/src/main/bicep/mainTemplate.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aksPodIdentity.bicep deleted: weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-enable-aks-managed-identity.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_aksClusterMioRoleOverDbIdentity.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_roleAssignmentinRgScope.bicep modified: weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep * fix arm-ttk errors * fix JARs version conflict Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh modified: weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh modified: weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep * increase pom * apply Ed's review comments * lowercase first character of "Managed Identity" * use azure-core-1.34.0 Changes to be committed: modified: ../arm/scripts/buildWLSDockerImage.sh modified: ../arm/scripts/common.sh * use public pom file for azure-mysql-jdbc dependencies Changes to be committed: modified: weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh modified: weblogic-azure-aks/src/main/arm/scripts/common.sh * show diff of createUiDefinition.json Changes to be committed: modified: createUiDefinition.json * update file extension for azure-identity-provider-jdbc-mysql.xml. * Improve grammar in label for passwordless Co-authored-by: Ed Burns --- weblogic-azure-aks/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 105 +++++++------ .../main/arm/scripts/buildWLSDockerImage.sh | 42 +++++ .../src/main/arm/scripts/common.sh | 7 + .../main/arm/scripts/createVMAndBuildImage.sh | 2 +- .../src/main/arm/scripts/dbUtility.sh | 5 + .../src/main/arm/scripts/genDomainConfig.sh | 25 ++- .../inline-scripts/validateParameters.sh | 18 +++ .../main/arm/scripts/setupDBConnections.sh | 12 +- .../src/main/bicep/mainTemplate.bicep | 42 ++++- .../bicep/modules/_azure-resoruces/_aks.bicep | 7 +- .../_azure-resoruces/_aksPodIdentity.bicep | 36 +++++ .../_ds-create-wls-cluster.bicep | 10 ++ .../_ds-datasource-connection.bicep | 5 + .../_ds-validate-parameters.bicep | 2 +- .../main/bicep/modules/_pids/_pid-dev.bicep | 2 + .../src/main/bicep/modules/_pids/_pid.bicep | 2 + .../_aksClusterMioRoleOverDbIdentity.bicep | 34 +++++ .../_roleAssignmentinRgScope.bicep | 43 ++++++ .../_setupPasswordlessDBConnection.bicep | 143 ++++++++++++++++++ .../main/bicep/modules/_uamiAndRoles.bicep | 5 - .../bicep/modules/setupWebLogicCluster.bicep | 12 +- 22 files changed, 496 insertions(+), 65 deletions(-) create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aksPodIdentity.bicep create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_aksClusterMioRoleOverDbIdentity.bicep create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_roleAssignmentinRgScope.bicep create mode 100644 weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 49a37451c..380a03e93 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.47 + 1.0.48 com.microsoft.azure.iaas diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index f46949ccb..c41150d99 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -1876,36 +1876,7 @@ "value": "sqlserver" }, { - "label": "Other", - "value": "otherdb" - } - ], - "required": true - }, - "visible": "[and(bool(steps('section_database').enableDB), not(or(bool(steps('section_aks').imageInfo.isSSOSupportEntitled),equals(steps('section_aks').imageInfo.oracleImageSelector, '14.1.1.0-11'))))]" - }, - { - "name": "databaseTypewithMySQL", - "type": "Microsoft.Common.DropDown", - "label": "Choose database type", - "toolTip": "Choose database type", - "defaultValue": "Oracle database", - "constraints": { - "allowedValues": [ - { - "label": "Azure database for PostgreSQL", - "value": "postgresql" - }, - { - "label": "Oracle database", - "value": "oracle" - }, - { - "label": "Azure SQL", - "value": "sqlserver" - }, - { - "label": "MySQL", + "label": "MySQL (with support for passwordless connection)", "value": "mysql" }, { @@ -1915,7 +1886,23 @@ ], "required": true }, - "visible": "[and(bool(steps('section_database').enableDB), or(bool(steps('section_aks').imageInfo.isSSOSupportEntitled),equals(steps('section_aks').imageInfo.oracleImageSelector, '14.1.1.0-11')))]" + "visible": true + }, + { + "name": "mysqlJDBCDriverInfo", + "type": "Microsoft.Common.InfoBox", + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]", + "options": { + "icon": "Info", + "text": "To support passwordless connection and various functionalities, the offer will upgrade the Oracle WebLogic Server MySQL driver with recent MySQL Connector Java driver." + } + }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]" }, { "name": "jdbcDataSourceName", @@ -1944,16 +1931,12 @@ "message": "A valid JDBC URL for the chosen database type must be provided" }, { - "isValid": "[if(equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'mysql'), contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'serverTimezone'), bool('true'))]", - "message": "The connection string of MySQL must contain server time zone, for example, \"jdbc:mysql://contoso.mysql.database.azure.com:3306/guest?useSSL=true&requireSSL=false&serverTimezone=UTC\"." - }, - { - "isValid": "[if(and(not(bool(steps('section_aks').imageInfo.isSSOSupportEntitled)), equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'mysql'), equals(steps('section_aks').imageInfo.oracleImageSelector, '14.1.1.0-11')), contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'enabledTLSProtocols'), bool('true'))]", - "message": "The connection string of MySQL must contain enabled TLS protocols, for example, \"jdbc:mysql://contoso.mysql.database.azure.com:3306/guest?useSSL=true&requireSSL=false&serverTimezone=UTC&enabledTLSProtocols=TLSv1.2\"." + "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append defaultAuthenticationPlugin, authenticationPlugins with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, - "visible": "[and(bool(steps('section_database').enableDB), not(or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'),equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'otherdb'))))]" + "visible": "[and(bool(steps('section_database').enableDB), not(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb')))]" }, { "name": "dsConnectionURL2", @@ -1966,7 +1949,7 @@ "regex": "^jdbc:.*$", "validationMessage": "A valid JDBC URL for the chosen database type must be provided" }, - "visible": "[and(bool(steps('section_database').enableDB), or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'),equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'otherdb')))]" + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" }, { "name": "dbGlobalTranPro", @@ -2015,8 +1998,16 @@ "defaultValue": "", "constraints": { "required": true, - "regex": "^(?=.{1,128}$)[a-zA-Z](?!.*--)(?!.*@@)(?!.*-@)(?!.*@-)[a-zA-Z0-9-@]*[a-zA-Z0-9]$", - "validationMessage": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + "validations": [ + { + "regex": "^(?=.{1,128}$)[a-zA-Z](?!.*--)(?!.*@@)(?!.*-@)(?!.*@-)[a-zA-Z0-9-@]*[a-zA-Z0-9]$", + "message": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + }, + { + "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." + } + ] }, "visible": true }, @@ -2036,7 +2027,23 @@ "options": { "hideConfirmation": false }, - "visible": true + "visible": "[and(bool(steps('section_database').enableDB), not(steps('section_database').databaseConnectionInfo.enablePswlessConnection))]" + }, + { + "name": "dbIdentity", + "type": "Microsoft.ManagedIdentity.IdentitySelector", + "label": "Connect database with Managed Identity", + "toolTip": { + "userAssignedIdentity": "Select a user assigned identity that has access to your database. For how to create a database user for your managed identity, see https://aka.ms/javaee-db-identity." + }, + "defaultValue": { + "systemAssignedIdentity": "Off" + }, + "options": { + "hideSystemAssignedIdentity": true, + "hideUserAssignedIdentity": false + }, + "visible": "[and(bool(steps('section_database').enableDB), steps('section_database').databaseConnectionInfo.enablePswlessConnection)]" }, { "name": "dbDriverLibraries", @@ -2052,7 +2059,7 @@ "uploadMode": "url", "openMode": "binary" }, - "visible": "[and(bool(steps('section_database').enableDB), or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'),equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'otherdb')))]" + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" }, { "name": "dbDriverInfoBox", @@ -2062,7 +2069,7 @@ "text": "WebLogic Server provides support for application data access to any database using a JDBC-compliant driver. Select here for more details.", "uri": "https://aka.ms/wls-aks-dbdriver" }, - "visible": "[and(bool(steps('section_database').enableDB), or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'),equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'otherdb')))]" + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" }, { "name": "dbDriverName", @@ -2075,7 +2082,7 @@ "regex": "^[a-zA-Z_][a-zA-Z0-9_]+(\\.[a-zA-Z_][a-zA-Z0-9_]+){1,50}$", "validationMessage": "A valid driver name for the chosen database type must be provided" }, - "visible": "[and(bool(steps('section_database').enableDB), or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'),equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'otherdb')))]" + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" }, { "name": "dbTestTableName", @@ -2087,7 +2094,7 @@ "regex": "^.*$", "validationMessage": "A test table name for the chosen database type must be provided" }, - "visible": "[and(bool(steps('section_database').enableDB), or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'),equals(steps('section_database').databaseConnectionInfo.databaseTypewithMySQL, 'otherdb')))]" + "visible": "[and(bool(steps('section_database').enableDB), equals(steps('section_database').databaseConnectionInfo.databaseType, 'otherdb'))]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -2115,10 +2122,11 @@ "dbDriverLibrariesUrls": "[steps('section_database').databaseConnectionInfo.dbDriverLibraries]", "dbDriverName": "[steps('section_database').databaseConnectionInfo.dbDriverName]", "dbGlobalTranPro": "[steps('section_database').databaseConnectionInfo.dbGlobalTranPro]", + "dbIdentity": "[steps('section_database').databaseConnectionInfo.dbIdentity]", "dbPassword": "[steps('section_database').databaseConnectionInfo.dbPassword]", "dbTestTableName": "[steps('section_database').databaseConnectionInfo.dbTestTableName]", "dbUser": "[steps('section_database').databaseConnectionInfo.dbUser]", - "databaseType": "[coalesce(steps('section_database').databaseConnectionInfo.databaseType,steps('section_database').databaseConnectionInfo.databaseTypewithMySQL,'oracle')]", + "databaseType": "[steps('section_database').databaseConnectionInfo.databaseType]", "dnszoneAdminConsoleLabel": "[steps('section_dnsConfiguration').dnszoneAdminConsoleLabel]", "dnszoneAdminT3ChannelLabel": "[steps('section_dnsConfiguration').dnszoneAdminT3ChannelLabel]", "dnszoneClusterLabel": "[steps('section_dnsConfiguration').dnszoneGatewayLabel]", @@ -2135,6 +2143,7 @@ "enableDNSConfiguration": "[bool(steps('section_dnsConfiguration').enableDNSConfiguration)]", "enableAdminT3Tunneling": "[basics('basicsOptional').enableAdminT3Tunneling]", "enableClusterT3Tunneling": "[basics('basicsOptional').enableClusterT3Tunneling]", + "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", "isSSOSupportEntitled": "[bool(steps('section_aks').imageInfo.isSSOSupportEntitled)]", "lbSvcValues": "[if(not(empty(first(if(empty(steps('section_appGateway').lbSVCInfo.lbSVC),parse('[{\"colName\":\"\"}]'), steps('section_appGateway').lbSVCInfo.lbSVC)).colName)),steps('section_appGateway').lbSVCInfo.lbSVC, parse('[]'))]", @@ -2185,4 +2194,4 @@ "wlsUserName": "[basics('basicsRequired').wlsUserName]" } } -} \ No newline at end of file +} diff --git a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh index 831d8ff70..397d77788 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh @@ -118,6 +118,8 @@ function initialize() { mkdir wlsdeploy/config mkdir wlsdeploy/applications mkdir wlsdeploy/domainLibraries + mkdir wlsdeploy/classpathLibraries + mkdir wlsdeploy/sharedLibraries } function download_wdt_wit() { @@ -143,6 +145,31 @@ function download_wdt_wit() { validate_status "Check status of imagetool.zip." } +function download_mysql_passwordless_jdbc_libs() { + local mySQLPom=mysql-pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fsL "${gitUrl4AzureMySQLJDBCPomFile}" -o ${mySQLPom} + validate_status "Check status of downloading Azure Identity Provider JDBC MySQL Pom file." + + echo "download dependencies" + mvn dependency:copy-dependencies -f ${mySQLPom} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + mkdir wlsdeploy/classpathLibraries/azureLibraries + mkdir wlsdeploy/classpathLibraries/jackson + # fix JARs conflict issue in GA images, put jackson libraries to PRE_CLASSPATH to upgrade the existing libs. + mv target/dependency/jackson-annotations-*.jar wlsdeploy/classpathLibraries/jackson/ + mv target/dependency/jackson-core-*.jar wlsdeploy/classpathLibraries/jackson/ + mv target/dependency/jackson-databind-*.jar wlsdeploy/classpathLibraries/jackson/ + mv target/dependency/jackson-dataformat-xml-*.jar wlsdeploy/classpathLibraries/jackson/ + # Thoes jars will be appended to CLASSPATH + mv target/dependency/*.jar wlsdeploy/classpathLibraries/azureLibraries/ + else + echo "Failed to download dependencies for azure-identity-providers-jdbc-mysql" + exit 1 + fi +} + # Install docker, zip, unzip and java # Download WebLogic Tools function install_utilities() { @@ -198,6 +225,19 @@ function install_utilities() { curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fL ${wlsMSSQLDriverUrl} -o ${scriptDir}/model-images/wlsdeploy/domainLibraries/${constMSSQLDriverName} validate_status "Install mssql driver." + + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fL ${wlsMySQLDriverUrl} -o ${scriptDir}/model-images/wlsdeploy/sharedLibraries/${constMySQLLibName} + validate_status "Install mysql driver." + + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + sudo apt -y -q install maven + mvn --help + validate_status "Check status of mvn." + + if [[ "${dbType}" == "${constDBTypeMySQL}" ]]; then + download_mysql_passwordless_jdbc_libs + fi + fi } function install_db_drivers() { @@ -346,6 +386,8 @@ export enableAdminT3Tunneling=$9 export enableClusterT3Tunneling=${10} export useOracleImage=${11} export dbDriversUrls=${12} +export enablePswlessConnection=${13} +export dbType=${14} export acrImagePath="$azureACRServer/aks-wls-images:${imageTag}" export dbDriverPaths="" diff --git a/weblogic-azure-aks/src/main/arm/scripts/common.sh b/weblogic-azure-aks/src/main/arm/scripts/common.sh index 6fb8bd9dc..b25a7bddb 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/common.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/common.sh @@ -16,6 +16,7 @@ export constAdminT3AddressEnvName="T3_TUNNELING_ADMIN_ADDRESS" export constAdminServerName='admin-server' export constClusterName='cluster-1' export constClusterT3AddressEnvName="T3_TUNNELING_CLUSTER_ADDRESS" +export constDBTypeMySQL="mysql" export constDefaultJavaOptions="-Dlog4j2.formatMsgNoLookups=true -Dweblogic.StdoutDebugEnabled=false" # the java options will be applied to the cluster export constDefaultJVMArgs="-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m -XX:MinRAMPercentage=25.0 -XX:MaxRAMPercentage=50.0 " # the JVM options will be applied to the cluster export constDefaultAKSVersion="default" @@ -24,6 +25,10 @@ export constTrue="true" export constIntrospectorJobActiveDeadlineSeconds=300 # for Guaranteed Qos export constPostgreDriverName="postgresql-42.3.6.jar" export constMSSQLDriverName="mssql-jdbc-10.2.1.jre8.jar" +export constMySQLLibName="mysql-connector-java-8.0.30.jar" +export constAzureIdentityProvidersJdbcMysqlVersion="1.0.0-beta.1" +export constAzureCoreVersion="1.34.0" +export constDbPodIdentitySelector="db-pod-identity" # do not change the value export curlMaxTime=120 # seconds export ocrLoginServer="container-registry.oracle.com" @@ -32,6 +37,7 @@ export ocrCpuImagePath="middleware/weblogic_cpu" export gitUrl4CpuImages="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json" export gitUrl4AksWellTestedVersionJsonFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/aks_well_tested_version.json" export gitUrl4WLSToolingFamilyJsonFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/weblogic_tooling_family.json" +export gitUrl4AzureMySQLJDBCPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml" export optUninstallMaxTry=5 # Max attempts to wait for the operator uninstalled export optUninstallInterval=10 @@ -42,3 +48,4 @@ export retryInterval=10 export wlsContainerName="weblogic-server" export wlsPostgresqlDriverUrl="https://jdbc.postgresql.org/download/postgresql-42.3.6.jar" export wlsMSSQLDriverUrl="https://repo.maven.apache.org/maven2/com/microsoft/sqlserver/mssql-jdbc/10.2.1.jre8/mssql-jdbc-10.2.1.jre8.jar" +export wlsMySQLDriverUrl="https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.30/mysql-connector-java-8.0.30.jar" diff --git a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh index 819047cd8..41769fb17 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh @@ -137,7 +137,7 @@ function build_docker_image() { --publisher Microsoft.Azure.Extensions \ --version 2.0 \ --settings "{ \"fileUris\": [\"${SCRIPT_LOCATION}model.properties\",\"${SCRIPT_LOCATION}genImageModel.sh\",\"${SCRIPT_LOCATION}buildWLSDockerImage.sh\",\"${SCRIPT_LOCATION}common.sh\"]}" \ - --protected-settings "{\"commandToExecute\":\"echo ${acrPassword} ${ORACLE_ACCOUNT_PASSWORD} | bash buildWLSDockerImage.sh ${wlsImagePath} ${acrLoginServer} ${acrUser} ${newImageTag} ${WLS_APP_PACKAGE_URLS} ${ORACLE_ACCOUNT_NAME} ${WLS_CLUSTER_SIZE} ${ENABLE_CUSTOM_SSL} ${ENABLE_ADMIN_CUSTOM_T3} ${ENABLE_CLUSTER_CUSTOM_T3} ${USE_ORACLE_IMAGE} ${URL_3RD_DATASOURCE} \"}" + --protected-settings "{\"commandToExecute\":\"echo ${acrPassword} ${ORACLE_ACCOUNT_PASSWORD} | bash buildWLSDockerImage.sh ${wlsImagePath} ${acrLoginServer} ${acrUser} ${newImageTag} ${WLS_APP_PACKAGE_URLS} ${ORACLE_ACCOUNT_NAME} ${WLS_CLUSTER_SIZE} ${ENABLE_CUSTOM_SSL} ${ENABLE_ADMIN_CUSTOM_T3} ${ENABLE_CLUSTER_CUSTOM_T3} ${USE_ORACLE_IMAGE} ${URL_3RD_DATASOURCE} ${ENABLE_PASSWORDLESS_DB_CONNECTION} ${DB_TYPE} \"}" cleanup_vm } diff --git a/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh b/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh index 1a901b3d7..dfa47c3a9 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/dbUtility.sh @@ -15,6 +15,10 @@ function generate_ds_model() { elif [[ "${DATABASE_TYPE}" == "${dbTypeMySQL}" ]]; then databaseDriver=${driverMySQL} databaseTestTableName=${testTableMySQL} + + if [[ "${ENABLE_PASSWORDLESS_CONNECTION,,}" == "true" ]]; then + databaseDriver=${driverMySQLCj} + fi elif [[ "${DATABASE_TYPE}" == "${dbTypeOthers}" ]]; then databaseDriver=${DB_DRIVER_NAME} databaseTestTableName=${TEST_TABLE_NAME} @@ -156,6 +160,7 @@ export driverOracle="oracle.jdbc.OracleDriver" export driverPostgre="org.postgresql.Driver" export driverSQLServer="com.microsoft.sqlserver.jdbc.SQLServerDriver" export driverMySQL="com.mysql.jdbc.Driver" +export driverMySQLCj="com.mysql.cj.jdbc.Driver" export optTypeDelete='delete' export testTableOracle="SQL ISVALID" export testTablePostgre="SQL SELECT 1" diff --git a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh index 9cd8d6be0..0ae00ef0c 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh @@ -11,6 +11,15 @@ export javaOptions=$3 export adminServiceUrl="${WLS_DOMAIN_UID}-admin-server.${WLS_DOMAIN_UID}-ns.svc.cluster.local" export clusterServiceUrl="${WLS_DOMAIN_UID}-cluster-${constClusterName}.${WLS_DOMAIN_UID}-ns.svc.cluster.local" +# set classpath +preClassPath="/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/sharedLibraries/${constMySQLLibName}" +classPath="" +if [[ "${ENABLE_PASSWORDLESS_DB_CONNECTION,,}" == "true" ]]; then + # append jackson libraries to pre-classpath to upgrade existing libs in GA images + preClassPath="${preClassPath}:/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/classpathLibraries/jackson/*" + classPath="/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/classpathLibraries/azureLibraries/*" +fi + cat <$filePath # Copyright (c) 2021, Oracle Corporation and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl. @@ -80,10 +89,14 @@ spec: value: "${constDefaultJVMArgs}" - name: MANAGED_SERVER_PREFIX value: "${WLS_MANAGED_SERVER_PREFIX}" + - name: PRE_CLASSPATH + value: "${preClassPath}" + - name: CLASSPATH + value: "${classPath}" EOF if [[ "${ENABLE_CUSTOM_SSL,,}" == "true" ]]; then - cat <>$filePath + cat <>$filePath - name: SSL_IDENTITY_PRIVATE_KEY_ALIAS valueFrom: secretKeyRef: @@ -125,7 +138,7 @@ if [[ "${ENABLE_CUSTOM_SSL,,}" == "true" ]]; then key: ssltruststorepassword name: ${WLS_DOMAIN_UID}-weblogic-ssl-credentials EOF - fi +fi if [[ "${ENABLE_ADMIN_CUSTOM_T3,,}" == "true" ]]; then cat <>$filePath @@ -153,6 +166,14 @@ cat <>$filePath memory: "${WLS_RESOURCE_REQUEST_MEMORY}" EOF +# enable db pod identity, all of the selector of pod identities are "db-pod-idenity" +if [[ "${ENABLE_PASSWORDLESS_DB_CONNECTION,,}" == "true" ]]; then + cat <>$filePath + labels: + aadpodidbinding: "${constDbPodIdentitySelector}" +EOF +fi + if [[ "${ENABLE_PV,,}" == "true" ]]; then cat <>$filePath # Optional volumes and mounts for the domain's pods. See also 'logHome'. diff --git a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh index 47caa85b6..31c88ad8d 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/inline-scripts/validateParameters.sh @@ -487,6 +487,20 @@ function validate_aks_version() { fi } +function enable_aks_managed_identity() { + local identityLength=$(az aks show -g ${AKS_CLUSTER_RESOURCEGROUP_NAME} -n ${AKS_CLUSTER_NAME} | jq '.identity | length') + echo "identityLength ${identityLength}" + + if [ $identityLength -lt 1 ]; then + echo "enable managed identity..." + # Your cluster is using service principal, and you are going to update the cluster to use systemassigned managed identity. + # After updating, your cluster's control plane and addon pods will switch to use managed identity, but kubelet will KEEP USING SERVICE PRINCIPAL until you upgrade your agentpool. + az aks update -y -g ${AKS_CLUSTER_RESOURCEGROUP_NAME} -n ${AKS_CLUSTER_NAME} --enable-managed-identity + + validate_status "Enable Applciation Gateway Ingress Controller for ${AKS_CLUSTER_NAME}." + fi +} + # VNET input sample: # { # "name": "wlsaks-vnet", @@ -574,6 +588,10 @@ if [[ "${createAKSCluster,,}" == "true" ]]; then validate_aks_version fi +if [[ "${createAKSCluster,,}" != "true" ]]; then + enable_aks_managed_identity +fi + validate_appgateway_vnet output_result diff --git a/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh b/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh index 68272552c..720594749 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/setupDBConnections.sh @@ -16,6 +16,7 @@ DB_PASSWORD: password for Database. DB_USER: user id of Database. DB_CONNECTION_STRING: JDBC Connection String. DB_DRIVER_NAME: datasource driver name, must be specified if database type is otherdb. +ENABLE_PASSWORDLESS_CONNECTION: true to enable passwordless connection GLOBAL_TRANSATION_PROTOCOL: Determines the transaction protocol (global transaction processing behavior) for the data source. JDBC_DATASOURCE_NAME: JNDI Name for JDBC Datasource. TEST_TABLE_NAME: the name of the database table to use when testing physical database connections. This name is required when you specify a Test Frequency and enable Test Reserved Connections. @@ -44,7 +45,7 @@ function validate_input() { usage 1 fi - if [[ -z "$DB_PASSWORD" || -z "${DB_USER}" ]]; then + if [[ -z "${DB_PASSWORD}" || -z "${DB_USER}" ]]; then echo_stderr "DB_PASSWORD and DB_USER are required. " usage 1 fi @@ -68,6 +69,11 @@ function validate_input() { echo_stderr "WLS_DOMAIN_USER and WLS_DOMAIN_PASSWORD are required. " usage 1 fi + + # reset password + if [[ "${ENABLE_PASSWORDLESS_CONNECTION,,}" == "true" ]]; then + DB_PASSWORD="" + fi } # Connect to AKS cluster @@ -131,6 +137,8 @@ function apply_datasource_to_domain() { kubectl -n ${wlsDomainNS} patch domain ${WLS_DOMAIN_UID} \ --type=json \ -p '[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "replace", "path": "/spec/configuration/model/configMap", "value":'${wlsConfigmapName}'}, {"op": "replace", "path": "/spec/configuration/secrets", "value": '${secretStrings}'}]' + + utility_validate_status "Patch DB configuration." } function remove_datasource_from_domain() { @@ -178,6 +186,8 @@ function remove_datasource_from_domain() { kubectl -n ${wlsDomainNS} patch domain ${WLS_DOMAIN_UID} \ --type=json \ -p '[{"op": "replace", "path": "/spec/restartVersion", "value": "'${restartVersion}'" }, {"op": "replace", "path": "/spec/configuration/model/configMap", "value":'${wlsConfigmapName}'}, {"op": "replace", "path": "/spec/configuration/secrets", "value": '${secretStrings}'}]' + + utility_validate_status "Patch DB configuration." } function wait_for_operation_completed() { diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index b394948f6..41373f2c1 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -100,6 +100,8 @@ param dbDriverLibrariesUrls array = [] param dbDriverName string = 'org.contoso.Driver' @description('Determines the transaction protocol (global transaction processing behavior) for the data source.') param dbGlobalTranPro string = 'EmulateTwoPhaseCommit' +@description('Managed identity that has access to database') +param dbIdentity object = {} @secure() @description('Password for Database') param dbPassword string = newGuid() @@ -136,6 +138,8 @@ param enableDNSConfiguration bool = false param enableAdminT3Tunneling bool = false @description('Configure a custom channel in WebLogic cluster for the T3 protocol that enables HTTP tunneling') param enableClusterT3Tunneling bool = false +@description('Enable passwordless datasource connection.') +param enablePswlessConnection bool = false @description('Is the specified SSO account associated with an active Oracle support contract?') param isSSOSupportEntitled bool = false @description('JNDI Name for JDBC Datasource') @@ -292,7 +296,7 @@ var _useExistingAppGatewaySSLCertificate = (appGatewayCertificateOption == const var const_appGatewaySSLCertOptionHaveCert = 'haveCert' var const_appGatewaySSLCertOptionHaveKeyVault = 'haveKeyVault' -var const_azcliVersion = '2.33.1' +var const_azcliVersion = '2.41.0' var const_azureSubjectName = format('{0}.{1}.{2}', name_domainLabelforApplicationGateway, location, 'cloudapp.azure.com') var const_hasTags = contains(resourceGroup(), 'tags') // If there is not tag 'wlsKeyVault' and key vault is created for the following usage: @@ -551,11 +555,13 @@ module wlsDomainDeployment 'modules/setupWebLogicCluster.bicep' = if (!enableCus azCliVersion: const_azcliVersion createAKSCluster: createAKSCluster createStorageAccount: const_bCreateStorageAccount + databaseType: databaseType dbDriverLibrariesUrls: dbDriverLibrariesUrls enableAzureMonitoring: enableAzureMonitoring enableCustomSSL: enableCustomSSL enableAdminT3Tunneling: enableAdminT3Tunneling enableClusterT3Tunneling: enableClusterT3Tunneling + enablePswlessConnection: enablePswlessConnection enablePV: const_enablePV identity: obj_uamiForDeploymentScript isSSOSupportEntitled: isSSOSupportEntitled @@ -617,11 +623,13 @@ module wlsDomainWithCustomSSLDeployment 'modules/setupWebLogicCluster.bicep' = i azCliVersion: const_azcliVersion createAKSCluster: createAKSCluster createStorageAccount: const_bCreateStorageAccount + databaseType: databaseType dbDriverLibrariesUrls: dbDriverLibrariesUrls enableAzureMonitoring: enableAzureMonitoring enableCustomSSL: enableCustomSSL enableAdminT3Tunneling: enableAdminT3Tunneling enableClusterT3Tunneling: enableClusterT3Tunneling + enablePswlessConnection: enablePswlessConnection enablePV: const_enablePV identity: obj_uamiForDeploymentScript isSSOSupportEntitled: isSSOSupportEntitled @@ -721,7 +729,7 @@ module networkingDeployment 'modules/networking.bicep' = if (const_enableNetwork ] } -module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { +module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB && !enablePswlessConnection) { name: 'datasource-deployment' params: { _artifactsLocation: _artifactsLocation @@ -751,6 +759,35 @@ module datasourceDeployment 'modules/_setupDBConnection.bicep' = if (enableDB) { ] } +module passwordlessDatasourceDeployment 'modules/_setupPasswordlessDBConnection.bicep' = if (enableDB && enablePswlessConnection) { + name: 'passwordless-datasource-deployment' + params: { + _artifactsLocation: _artifactsLocation + _artifactsLocationSasToken: _artifactsLocationSasToken + _pidEnd: pids.outputs.pswlessDbEnd + _pidStart: pids.outputs.pswlessDbStart + aksClusterRGName: ref_wlsDomainDeployment.outputs.aksClusterRGName + aksClusterName: ref_wlsDomainDeployment.outputs.aksClusterName + aksNodeRGName: ref_wlsDomainDeployment.outputs.aksNodeRgName + azCliVersion: const_azcliVersion + databaseType: databaseType + dbConfigurationType: dbConfigurationType + dbGlobalTranPro: dbGlobalTranPro + dbUser: dbUser + dbIdentity: dbIdentity + dsConnectionURL: dsConnectionURL + identity: obj_uamiForDeploymentScript + jdbcDataSourceName: jdbcDataSourceName + location: location + wlsDomainUID: wlsDomainUID + wlsPassword: wlsPassword + wlsUserName: wlsUserName + } + dependsOn: [ + networkingDeployment + ] +} + /* * To check if all the applciations in WLS cluster become ACTIVE state after all configurations are completed. * This should be the last step. @@ -771,6 +808,7 @@ module validateApplciations 'modules/_deployment-scripts/_ds-validate-applicatio } dependsOn: [ datasourceDeployment + passwordlessDatasourceDeployment ] } diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep index 25f1d6842..47239f15a 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aks.bicep @@ -16,7 +16,7 @@ param aksAgentPoolName string = 'agentpool' @description('The number of nodes that should be created along with the cluster. You will be able to resize the cluster later.') param aksAgentPoolNodeCount int = 3 @description('The size of the virtual machines that will form the nodes in the cluster. This cannot be changed after creating the cluster') -param vmSize string = 'Standard_DS2_v2' +param aksAgentPoolVMSize string = 'Standard_DS2_v2' @description('Prefix for cluster name. Only The name can contain only letters, numbers, underscores and hyphens. The name must start with letter or number.') param aksClusterNamePrefix string = 'wlsonaks' param aksVersion string = 'default' @@ -71,7 +71,7 @@ resource aksCluster 'Microsoft.ContainerService/managedClusters@2021-02-01' = { { name: aksAgentPoolName count: aksAgentPoolNodeCount - vmSize: vmSize + vmSize: aksAgentPoolVMSize osDiskSizeGB: const_aksAgentPoolOSDiskSizeGB osDiskType: 'Managed' kubeletDiskType: 'OS' @@ -96,7 +96,7 @@ resource aksCluster 'Microsoft.ContainerService/managedClusters@2021-02-01' = { } enableRBAC: true networkProfile: { - networkPlugin: 'kubenet' + networkPlugin: 'azure' loadBalancerSku: 'standard' } } @@ -107,3 +107,4 @@ resource aksCluster 'Microsoft.ContainerService/managedClusters@2021-02-01' = { } output aksClusterName string = name_aksClusterNameForSV +output aksNodeRgName string = aksCluster.properties.nodeResourceGroup diff --git a/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aksPodIdentity.bicep b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aksPodIdentity.bicep new file mode 100644 index 000000000..9a586a6b5 --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_azure-resoruces/_aksPodIdentity.bicep @@ -0,0 +1,36 @@ +/* + Copyright (c) 2021, Oracle and/or its affiliates. +Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +param aksClusterName string = '' +param dbIdentity object = {} +param namespace string = 'sample-domain1-ns' +param podIdentityName string ='' +param podIdentitySelector string = '' +param location string + +var const_APIVersion = '2022-01-31-PREVIEW' + +resource configAKSPodIdentity 'Microsoft.ContainerService/managedClusters@2022-09-02-preview' = { + name: aksClusterName + location: location + properties: { + podIdentityProfile:{ + allowNetworkPluginKubenet: false + enabled: true + userAssignedIdentities: [ + { + bindingSelector: podIdentitySelector + identity: { + clientId: reference(items(dbIdentity.userAssignedIdentities)[0].key, const_APIVersion, 'full').properties.clientId + objectId: reference(items(dbIdentity.userAssignedIdentities)[0].key, const_APIVersion, 'full').properties.principalId + resourceId: items(dbIdentity.userAssignedIdentities)[0].key + } + name: podIdentityName + namespace: namespace + } + ] + } + } +} diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index 062ae7e87..ce8062a4f 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -11,10 +11,12 @@ param acrName string = '' param appPackageUrls array = [] param appReplicas int = 2 param azCliVersion string = '' +param databaseType string = 'oracle' param dbDriverLibrariesUrls array = [] param enableCustomSSL bool = false param enableAdminT3Tunneling bool = false param enableClusterT3Tunneling bool = false +param enablePswlessConnection bool = false param enablePV bool = false param identity object = {} param isSSOSupportEntitled bool @@ -98,6 +100,10 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'CURRENT_RESOURCEGROUP_NAME' value: resourceGroup().name } + { + name: 'DB_TYPE' + value: databaseType + } { name: 'ENABLE_ADMIN_CUSTOM_T3' value: string(enableAdminT3Tunneling) @@ -110,6 +116,10 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'ENABLE_CUSTOM_SSL' value: string(enableCustomSSL) } + { + name: 'ENABLE_PASSWORDLESS_DB_CONNECTION' + value: string(enablePswlessConnection) + } { name: 'ENABLE_PV' value: string(enablePV) diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep index cca406204..31857ef8c 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-datasource-connection.bicep @@ -17,6 +17,7 @@ param dbPassword string = newGuid() param dbTestTableName string = 'Null' param dbUser string param dsConnectionURL string +param enablePswlessConnection bool = false param identity object = {} param jdbcDataSourceName string param location string @@ -74,6 +75,10 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { name: 'DB_DRIVER_NAME' value: dbDriverName } + { + name: 'ENABLE_PASSWORDLESS_CONNECTION' + value: string(enablePswlessConnection) + } { name: 'GLOBAL_TRANSATION_PROTOCOL' value: dbGlobalTranPro diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep index cd84f0db2..fdba2ad14 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-validate-parameters.bicep @@ -3,7 +3,7 @@ param acrName string param aksAgentPoolNodeCount int -param aksAgentPoolVMSize string +param aksAgentPoolVMSize string = '' param aksClusterRGName string param aksClusterName string param aksVersion string = 'default' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep index 040cec26a..4fa6d99ca 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid-dev.bicep @@ -20,6 +20,8 @@ output lbEnd string = 'f76e2847-d5a1-52e7-9e52-fc8560f5d3e4' output lbStart string = 'e2a8c8b2-9b58-52c6-9636-1834ff3976dc' output networkingEnd string = '39d32fcd-1d02-50b6-9455-4b767a8e769e' output networkingStart string = 'ed47756f-2475-56dd-b13a-26027749b6e1' +output pswlessDbEnd string = '7e7aaa5b-2251-55b5-8b3d-43d514738cf2' +output pswlessDbStart string = '089e9783-6707-54d0-ac8c-9b8d517914c5' output wlsAKSEnd string = '17328b4d-841f-57b5-a9c5-861ad48f9d0d' output wlsAKSStart string = 'c46a11b1-e8d2-5053-9741-45294b2e15c9' output wlsClusterAppEnd string = '18121d1c-4227-51ff-a9fa-ceb890d683e3' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep index 10c9152a0..907a82761 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_pids/_pid.bicep @@ -20,6 +20,8 @@ output lbEnd string = 'ce664543-77bd-515a-832e-107e32f99da9' output lbStart string = '44732bbc-04c4-5df7-a0c6-b9be9ec00ee6' output networkingEnd string = '2798165c-49fa-5701-b608-b80ed3986176' output networkingStart string = '0793308f-de9d-5f0d-92f9-d9fc4b413b8b' +output pswlessDbEnd string = '972084b9-2b2d-5eb9-aa37-80448a77fbe1' +output pswlessDbStart string = '7190b263-7825-5ae3-bc56-7294df936d4a' output wlsAKSEnd string = '2571f846-2f66-5c22-9fe6-38ecea7889ac' output wlsAKSStart string = '3e6acde5-9a62-5488-9fd4-87c46f4105f4' output wlsClusterAppEnd string = 'e6e33240-e5db-52fc-9154-7fc7b3b8b508' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_aksClusterMioRoleOverDbIdentity.bicep b/weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_aksClusterMioRoleOverDbIdentity.bicep new file mode 100644 index 000000000..d007d5ee0 --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_aksClusterMioRoleOverDbIdentity.bicep @@ -0,0 +1,34 @@ +/* + Copyright (c) 2021, Oracle and/or its affiliates. +Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +param clusterIdentityPrincipalId string = '' +param dbIdentityName string = '' + +// https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles +var const_roleDefinitionIdOfManagedIdentityOperator = 'f1a07417-d97a-45cb-824c-7a7467783830' +var name_roleAssignmentName = guid('${subscription().id}${clusterIdentityPrincipalId}Role assignment in resource scope') + +resource dbIdentityResource 'Microsoft.ManagedIdentity/userAssignedIdentities@2021-09-30-preview' existing = { + name: dbIdentityName +} + +// Get role resource id +resource roleResourceDefinition 'Microsoft.Authorization/roleDefinitions@2018-01-01-preview' existing = { + name: const_roleDefinitionIdOfManagedIdentityOperator +} + +// Assign role +resource roleAssignment 'Microsoft.Authorization/roleAssignments@2022-04-01' = { + name: name_roleAssignmentName + scope: dbIdentityResource + properties: { + description: 'Assign Managed Identity Operator role to AKS Cluster over DB Identity ' + principalId: clusterIdentityPrincipalId + principalType: 'ServicePrincipal' + roleDefinitionId: roleResourceDefinition.id + } +} + +output roleId string = roleResourceDefinition.id diff --git a/weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_roleAssignmentinRgScope.bicep b/weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_roleAssignmentinRgScope.bicep new file mode 100644 index 000000000..72d09d3e8 --- /dev/null +++ b/weblogic-azure-aks/src/main/bicep/modules/_rolesAssignment/_roleAssignmentinRgScope.bicep @@ -0,0 +1,43 @@ +/* + Copyright (c) 2021, Oracle and/or its affiliates. +Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +*/ + +/* +Description: assign roles cross resource group. +Usage: + module roleAssignment '_roleAssignmentinRgScope.bicep' = { + name: 'assign-role' + scope: resourceGroup( Date: Thu, 1 Dec 2022 03:55:15 +0800 Subject: [PATCH 411/720] Support passwordless MySQL connection in vm cluster offer (#222) * modify UI to support passwordless MySQL connection. * modify templates and scripts to support pswless connection. Changes to be committed: modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json new file: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dbTemplate.json new file: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json new file: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-mysql.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-oracle.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-postgresql.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh new file: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh * vm-cluster-pswless: increase pom version * remove repeated deployment name * Improve grammar on label for passwordless Co-authored-by: Ed Burns --- .../arm-oraclelinux-wls-cluster/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 175 +++--- .../src/main/arm/mainTemplate.json | 437 +++++++------- .../main/arm/nestedtemplates/_dbTemplate.json | 244 ++++++++ .../_installJdbcLibsTemplate.json | 121 ++++ .../nestedtemplates/_pswlessDbTemplate.json | 274 +++++++++ .../main/arm/nestedtemplates/dbTemplate.json | 537 ++++++++++-------- .../main/scripts/datasourceConfig-mysql.sh | 25 +- .../main/scripts/datasourceConfig-oracle.sh | 13 +- .../scripts/datasourceConfig-postgresql.sh | 13 +- .../scripts/datasourceConfig-sqlserver.sh | 13 +- .../src/main/scripts/installJdbcDrivers.sh | 233 ++++++++ 12 files changed, 1569 insertions(+), 518 deletions(-) create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dbTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index 62e34234c..255dee4b2 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -12,7 +12,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-cluster - 1.0.49000 + 1.0.50000 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json index 625cde30a..c4bc75a22 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json @@ -34,15 +34,15 @@ }, { "label": "WebLogic Server 12.2.1.4.0 and JDK8 on Red Hat Enterprise Linux 7.6", - "value": "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest" + "value": "owls-122140-jdk8-rhel76;Oracle:weblogic-122140-jdk8-rhel76:owls-122140-jdk8-rhel76;latest" }, { "label": "WebLogic Server 14.1.1.0.0 and JDK8 on Red Hat Enterprise Linux 7.6", - "value": "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest" + "value": "owls-141100-jdk8-rhel76;Oracle:weblogic-141100-jdk8-rhel76:owls-141100-jdk8-rhel76;latest" }, { "label": "WebLogic Server 14.1.1.0.0 and JDK11 on Red Hat Enterprise Linux 7.6", - "value": "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" + "value": "owls-141100-jdk11-rhel76;Oracle:weblogic-141100-jdk11-rhel76:owls-141100-jdk11-rhel76;latest" } ], "required": true @@ -287,7 +287,7 @@ "label": "Issue tracker", "uri": "https://aka.ms/arm-oraclelinux-wls-issues?version=${project.version}" } - } + } }, { "name": "howToJoinSlack", @@ -312,47 +312,49 @@ "uri": "https://aka.ms/wls-on-azure-survey" } } - } + } ], "visible": true - } + } ], "steps": [ -{ - "name": "section_sslConfiguration", - "type": "Microsoft.Common.Section", - "label": "TLS/SSL Configuration", - "elements": [{ - "name": "sslConfigurationText", - "type": "Microsoft.Common.TextBlock", - "visible": true, - "options": { - "text": "Selecting 'Yes' here will cause the template to provision WebLogic Administration Console on HTTPS (Secure) port, with your own TLS/SSL Certificate.", - "link": { - "label": "Learn more", - "uri": "https://aka.ms/arm-oraclelinux-wls-ssl-config" - } - } - }, - { - "name": "enableCustomSSL", - "type": "Microsoft.Common.OptionsGroup", - "label": "Configure WebLogic Administration Console on HTTPS (Secure) port, with your own TLS/SSL Certificate?", - "defaultValue": "No", - "toolTip": "Select 'Yes' to configure WebLogic Administration Console on HTTPS (Secure) port with your own SSL Certificate.", - "constraints": { - "allowedValues": [{ - "label": "Yes", - "value": true - }, - { - "label": "No", - "value": false - } - ], - "required": false - } - }, + { + "name": "section_sslConfiguration", + "type": "Microsoft.Common.Section", + "label": "TLS/SSL Configuration", + "elements": [ + { + "name": "sslConfigurationText", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "Selecting 'Yes' here will cause the template to provision WebLogic Administration Console on HTTPS (Secure) port, with your own TLS/SSL Certificate.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/arm-oraclelinux-wls-ssl-config" + } + } + }, + { + "name": "enableCustomSSL", + "type": "Microsoft.Common.OptionsGroup", + "label": "Configure WebLogic Administration Console on HTTPS (Secure) port, with your own TLS/SSL Certificate?", + "defaultValue": "No", + "toolTip": "Select 'Yes' to configure WebLogic Administration Console on HTTPS (Secure) port with your own SSL Certificate.", + "constraints": { + "allowedValues": [ + { + "label": "Yes", + "value": true + }, + { + "label": "No", + "value": false + } + ], + "required": false + } + }, { "name": "sslText00", "type": "Microsoft.Common.TextBlock", @@ -562,11 +564,11 @@ ] }, { - "name": "keyVaultStoredCustomSSLSettings", - "type": "Microsoft.Common.Section", + "name": "keyVaultStoredCustomSSLSettings", + "type": "Microsoft.Common.Section", "visible": "[and(steps('section_sslConfiguration').enableCustomSSL, equals(steps('section_sslConfiguration').sslConfigurationAccessOption, 'keyVaultStoredConfig'))]", - "label": "TLS/SSL Configuration Settings", - "elements": [ + "label": "TLS/SSL Configuration Settings", + "elements": [ { "name": "sslKeystoreInfo1", "type": "Microsoft.Common.InfoBox", @@ -649,7 +651,8 @@ "defaultValue": "JKS", "toolTip": "One of the supported KeyStore types", "constraints": { - "allowedValues": [{ + "allowedValues": [ + { "label": "JKS", "value": "JKS" }, @@ -721,7 +724,8 @@ "defaultValue": "JKS", "toolTip": "One of the supported KeyStore types", "constraints": { - "allowedValues": [{ + "allowedValues": [ + { "label": "JKS", "value": "JKS" }, @@ -733,10 +737,10 @@ "required": true } } - ] - } - ] - }, + ] + } + ] + }, { "name": "section_appGateway", "type": "Microsoft.Common.Section", @@ -833,7 +837,8 @@ ], "required": true }, - "visible": "[steps('section_appGateway').enableAppGateway]" }, + "visible": "[steps('section_appGateway').enableAppGateway]" + }, { "name": "keyVaultSSLCertData", "type": "Microsoft.Common.FileUpload", @@ -1315,7 +1320,7 @@ "value": "sqlserver" }, { - "label": "MySQL", + "label": "MySQL (With support for passwordless connection)", "value": "mysql" } ], @@ -1324,15 +1329,21 @@ "visible": true }, { - "name": "dbDriverWarningInfo", + "name": "mysqlJDBCDriverInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[and(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'), or(equals(basics('skuUrnVersion'), 'owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest'), equals(basics('skuUrnVersion'), 'owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest')))]", + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]", "options": { - "icon": "Warning", - "text": "Your current selection of WebLogic Server version, Java version, and MySQL uses a problematic JDBC driver. Consult the certification matrix at https://aka.ms/wls-vms-12213-certification-matrix and use the instructions in the the link below to replace the JDBC driver with the correct version after deployment.", - "uri": "https://aka.ms/wls-vms-mysql-12213" + "icon": "Info", + "text": "To support passwordless connection and various functionalities, the offer will upgrade the Oracle WebLogic Server MySQL driver with recent MySQL Connector Java driver." } }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]" + }, { "name": "jdbcDataSourceName", "type": "Microsoft.Common.TextBox", @@ -1354,14 +1365,14 @@ "defaultValue": "", "constraints": { "required": "[bool(steps('section_database').enableDB)]", - "validations": [ + "validations": [ { "regex": "[concat('^jdbc:', coalesce(steps('section_database').databaseConnectionInfo.databaseType, ''), '.*$')]", "message": "A valid JDBC URL for the chosen database type must be provided" }, { - "isValid": "[if(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'), and(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'serverTimezone'), contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'enabledTLSProtocols=TLSv1.2')), bool('true'))]", - "message": "When using MySQL, the connection string must contain server time zone and enable TLS v1.2. For example, see the last two query parameters here: 'jdbc:mysql://contoso.mysql.database.azure.com:3306/guest?useSSL=true&requireSSL=false&serverTimezone=UTC&enabledTLSProtocols=TLSv1.2'." + "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append defaultAuthenticationPlugin, authenticationPlugins with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -1413,9 +1424,17 @@ "toolTip": "Use only letters and numbers", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", - "regex": "^(?!\\-)([a-z0-9A-Z@\\-]{1,128})([^\\-])$", - "validationMessage": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + "required": true, + "validations": [ + { + "regex": "^(?!\\-)([a-z0-9A-Z@\\-]{1,128})([^\\-])$", + "message": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + }, + { + "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." + } + ] }, "visible": true }, @@ -1435,7 +1454,23 @@ "options": { "hideConfirmation": false }, - "visible": true + "visible": "[and(bool(steps('section_database').enableDB), not(steps('section_database').databaseConnectionInfo.enablePswlessConnection))]" + }, + { + "name": "dbIdentity", + "type": "Microsoft.ManagedIdentity.IdentitySelector", + "label": "Connect database with Managed Identity", + "toolTip": { + "userAssignedIdentity": "Select a user assigned identity that has access to your database. For how to create a database user for your managed identity, see https://aka.ms/javaee-db-identity." + }, + "defaultValue": { + "systemAssignedIdentity": "Off" + }, + "options": { + "hideSystemAssignedIdentity": true, + "hideUserAssignedIdentity": false + }, + "visible": "[and(bool(steps('section_database').enableDB), steps('section_database').databaseConnectionInfo.enablePswlessConnection)]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -1879,7 +1914,7 @@ "aadsServerHost": "[steps('section_aad').aadInfo.aadsServerHost]", "adminPasswordOrKey": "[if(equals(basics('basicsRequired').adminPasswordOrKey.authenticationType, 'password'), basics('basicsRequired').adminPasswordOrKey.password, basics('basicsRequired').adminPasswordOrKey.sshPublicKey)]", "adminUsername": "[basics('basicsRequired').adminUsername]", - "addressPrefixes": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.addressPrefixes, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.addressPrefixes)]", + "addressPrefixes": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.addressPrefixes, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.addressPrefixes)]", "appGatewayCertificateOption": "[steps('section_appGateway').certificateOption]", "appGatewaySSLCertData": "[steps('section_appGateway').keyVaultSSLCertData]", "appGatewaySSLCertPassword": "[steps('section_appGateway').appGatewaySSLCertPassword]", @@ -1895,6 +1930,7 @@ "dnszoneAppGatewayLabel": "[steps('section_networkingConfiguration').customDNSSettings.dnszoneGatewayLabel]", "dsConnectionURL": "[steps('section_database').databaseConnectionInfo.dsConnectionURL]", "dbGlobalTranPro": "[steps('section_database').databaseConnectionInfo.dbGlobalTranPro]", + "dbIdentity": "[steps('section_database').databaseConnectionInfo.dbIdentity]", "dbPassword": "[steps('section_database').databaseConnectionInfo.dbPassword]", "dbUser": "[steps('section_database').databaseConnectionInfo.dbUser]", "elasticsearchEndpoint": "[steps('section_elk').elkInfo.elasticsearchEndpoint]", @@ -1906,6 +1942,7 @@ "enableCoherenceWebLocalStorage": "[bool(if(bool(steps('section_coherence').enableCoherence),steps('section_coherence').coherenceInfo.enableCoherenceWebLocalStorage,'false'))]", "enableDNSConfiguration": "[bool(steps('section_networkingConfiguration').enableCustomDNS)]", "enableELK": "[bool(steps('section_elk').enableELK)]", + "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", "hasDNSZones": "[bool(if(bool(steps('section_networkingConfiguration').enableCustomDNS), steps('section_networkingConfiguration').customDNSSettings.bringDNSZone, 'false'))]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", "logsToIntegrate": "[steps('section_elk').elkInfo.logsToIntegrate]", @@ -1931,9 +1968,9 @@ "wlsPassword": "[basics('basicsRequired').wlsPassword]", "wlsUserName": "[basics('basicsRequired').wlsUserName]", "enableHTTPAdminListenPort": "[basics('basicsOptional').enableAdminHTTPListenPort]", - "enableCustomSSL":"[steps('section_sslConfiguration').enableCustomSSL]", + "enableCustomSSL": "[steps('section_sslConfiguration').enableCustomSSL]", "sslConfigurationAccessOption": "[steps('section_sslConfiguration').sslConfigurationAccessOption]", - "subnetName": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.subnets.subnet1.name, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.subnets.subnet1.name)]", + "subnetName": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.subnets.subnet1.name, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.subnets.subnet1.name)]", "subnetPrefix": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.subnets.subnet1.addressPrefix, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.subnets.subnet1.addressPrefix)]", "subnetForAppGateway": "[steps('section_networkingConfiguration').virtualNetworkWithAppGateway.subnets.subnet2.name]", "subnetPrefixForAppGateway": "[steps('section_networkingConfiguration').virtualNetworkWithAppGateway.subnets.subnet2.addressPrefix]", @@ -1955,7 +1992,7 @@ "uploadedCustomTrustKeyStoreType": "[steps('section_sslConfiguration').uploadedCustomSSLSettings.uploadedCustomTrustKeyStoreType]", "uploadedPrivateKeyAlias": "[steps('section_sslConfiguration').uploadedCustomSSLSettings.uploadedPrivateKeyAlias]", "uploadedPrivateKeyPassPhrase": "[steps('section_sslConfiguration').uploadedCustomSSLSettings.uploadedPrivateKeyPassPhrase]", - "virtualNetworkName": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.name, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.name)]", + "virtualNetworkName": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.name, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.name)]", "virtualNetworkResourceGroupName": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.resourceGroup, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.resourceGroup)]", "virtualNetworkNewOrExisting": "[if(steps('section_appGateway').enableAppGateway, steps('section_networkingConfiguration').virtualNetworkWithAppGateway.newOrExisting, steps('section_networkingConfiguration').virtualNetworkWithoutAppGateway.newOrExisting)]" } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json index 95c26c007..f7723c2ca 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json @@ -105,6 +105,13 @@ "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." } }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, "dbPassword": { "defaultValue": "", "type": "securestring", @@ -246,6 +253,13 @@ "description": "If true, use the supplied parameters to distribute WebLogic Server logs to the Elasticsearch instance." } }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless JDBC connection." + } + }, "gatewayPublicIPAddressName": { "defaultValue": "gwip", "type": "string", @@ -254,9 +268,9 @@ } }, "guidValue": { - "type": "string", - "defaultValue": "[newGuid()]" - }, + "type": "string", + "defaultValue": "[newGuid()]" + }, "hasDNSZones": { "type": "bool", "defaultValue": false, @@ -541,88 +555,88 @@ } }, "enableHTTPAdminListenPort": { - "defaultValue": true, - "type": "bool", - "metadata": { - "description": "Boolean value indicating, if WebLogic Admin Server HTTP Listen Port is enabled or not" - } - }, - "enableCustomSSL":{ - "defaultValue":false, + "defaultValue": true, + "type": "bool", + "metadata": { + "description": "Boolean value indicating, if WebLogic Admin Server HTTP Listen Port is enabled or not" + } + }, + "enableCustomSSL": { + "defaultValue": false, "type": "bool", "metadata": { - "description": "Boolean value indicating, if custom SSL is enabled or not" + "description": "Boolean value indicating, if custom SSL is enabled or not" } - }, - "adminSSLKeyVaultResourceGroup": { + }, + "adminSSLKeyVaultResourceGroup": { "defaultValue": "", "type": "string", "metadata": { "description": "Resource group name in current subscription containing the KeyVault for SSL Configuration of WebLogic Administration Server" } - }, - "adminSSLKeyVaultName": { + }, + "adminSSLKeyVaultName": { "defaultValue": "", "type": "string", "metadata": { "description": "KeyVault Name for SSL Configuration of WebLogic Administration Server" } - }, - "keyVaultCustomIdentityKeyStoreDataSecretName":{ - "type": "string", - "metadata": { - "description": "Secret name in KeyVault containing Weblogic Custom Identity Keystore Data" - }, - "defaultValue": "CustomIdentityKeyStoreDataSecret" - }, - "keyVaultCustomIdentityKeyStorePassPhraseSecretName":{ - "type": "string", - "metadata": { - "description": "Secret name in KeyVault containing Weblogic Custom Identity Keystore Passphrase" - }, - "defaultValue": "CustomIdentityKeyStorePassPhraseSecret" - }, - "keyVaultCustomIdentityKeyStoreType":{ - "type": "string", - "metadata": { - "description": "Weblogic Custom Identity Keystore Type" - }, - "defaultValue": "JKS" - }, - "keyVaultCustomTrustKeyStoreDataSecretName":{ - "type": "string", - "metadata": { - "description": "Secret name in KeyVault containing Weblogic Custom Trust Store Data" - }, - "defaultValue": "CustomTrustStoreDataSecret" - }, - "keyVaultCustomTrustKeyStorePassPhraseSecretName":{ - "type": "string", - "metadata": { - "description": "Secret name in KeyVault containing Weblogic Custom Trust Store Passphrase" - }, - "defaultValue": "CustomTrustStorePassPhraseSecret" - }, - "keyVaultCustomTrustKeyStoreType":{ - "type": "string", - "metadata": { - "description": "Weblogic Custom Trust Store Type" - }, - "defaultValue": "JKS" - }, - "keyVaultPrivateKeyAliasSecretName":{ - "type": "string", - "metadata": { - "description": "Secret name in KeyVault containing Weblogic Server Private Key Alias" - }, - "defaultValue": "ServerPrivateKeyAlias" - }, - "keyVaultPrivateKeyPassPhraseSecretName":{ - "type": "string", - "metadata": { - "description": "Secret name in KeyVault containing Weblogic Server Private KeyPassPhrase" - }, - "defaultValue": "ServerPrivateKeyPassPhraseSecret" + }, + "keyVaultCustomIdentityKeyStoreDataSecretName": { + "type": "string", + "metadata": { + "description": "Secret name in KeyVault containing Weblogic Custom Identity Keystore Data" + }, + "defaultValue": "CustomIdentityKeyStoreDataSecret" + }, + "keyVaultCustomIdentityKeyStorePassPhraseSecretName": { + "type": "string", + "metadata": { + "description": "Secret name in KeyVault containing Weblogic Custom Identity Keystore Passphrase" + }, + "defaultValue": "CustomIdentityKeyStorePassPhraseSecret" + }, + "keyVaultCustomIdentityKeyStoreType": { + "type": "string", + "metadata": { + "description": "Weblogic Custom Identity Keystore Type" + }, + "defaultValue": "JKS" + }, + "keyVaultCustomTrustKeyStoreDataSecretName": { + "type": "string", + "metadata": { + "description": "Secret name in KeyVault containing Weblogic Custom Trust Store Data" + }, + "defaultValue": "CustomTrustStoreDataSecret" + }, + "keyVaultCustomTrustKeyStorePassPhraseSecretName": { + "type": "string", + "metadata": { + "description": "Secret name in KeyVault containing Weblogic Custom Trust Store Passphrase" + }, + "defaultValue": "CustomTrustStorePassPhraseSecret" + }, + "keyVaultCustomTrustKeyStoreType": { + "type": "string", + "metadata": { + "description": "Weblogic Custom Trust Store Type" + }, + "defaultValue": "JKS" + }, + "keyVaultPrivateKeyAliasSecretName": { + "type": "string", + "metadata": { + "description": "Secret name in KeyVault containing Weblogic Server Private Key Alias" + }, + "defaultValue": "ServerPrivateKeyAlias" + }, + "keyVaultPrivateKeyPassPhraseSecretName": { + "type": "string", + "metadata": { + "description": "Secret name in KeyVault containing Weblogic Server Private KeyPassPhrase" + }, + "defaultValue": "ServerPrivateKeyPassPhraseSecret" }, "uploadedCustomIdentityKeyStoreData": { "type": "string", @@ -824,63 +838,63 @@ "enableAppGateway": { "value": "[parameters('enableAppGateway')]" }, - "enableHTTPAdminListenPort":{ + "enableHTTPAdminListenPort": { "value": "[parameters('enableHTTPAdminListenPort')]" }, "enableDNSConfiguration": { - "value": "[parameters('enableDNSConfiguration')]" + "value": "[parameters('enableDNSConfiguration')]" }, "customDNSNameForAdminServer": { - "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" + "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" } } } }, { - "name": "sslKeyVaultNestedTemplate", - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "condition": "[and(parameters('enableCustomSSL'), equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionUploadConfig')))]", - "properties": { - "mode": "Incremental", - "templateLink": { - "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_sslKeyVaultLinkedTemplateName')))]", - "contentVersion": "1.0.0.0" - }, - "parameters": { - "uploadedCustomIdentityKeyStoreData": { - "value": "[parameters('uploadedCustomIdentityKeyStoreData')]" - }, - "uploadedCustomIdentityKeyStorePassphrase": { - "value": "[parameters('uploadedCustomIdentityKeyStorePassphrase')]" - }, - "uploadedCustomTrustKeyStoreData": { - "value": "[parameters('uploadedCustomTrustKeyStoreData')]" - }, - "uploadedCustomTrustKeyStorePassPhrase": { - "value": "[parameters('uploadedCustomTrustKeyStorePassPhrase')]" - }, - "uploadedPrivateKeyAlias": { - "value": "[parameters('uploadedPrivateKeyAlias')]" - }, - "uploadedPrivateKeyPassPhrase": { - "value": "[parameters('uploadedPrivateKeyPassPhrase')]" - }, - "enabledForTemplateDeployment": { - "value": "[parameters('enabledForTemplateDeployment')]" - }, - "location": { - "value": "[parameters('location')]" - }, - "sku": { - "value": "[parameters('keyVaultSku')]" - }, - "keyVaultName": { - "value": "[variables('name_keyVaultName')]" - } - } - } - }, + "name": "sslKeyVaultNestedTemplate", + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "condition": "[and(parameters('enableCustomSSL'), equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionUploadConfig')))]", + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_sslKeyVaultLinkedTemplateName')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "uploadedCustomIdentityKeyStoreData": { + "value": "[parameters('uploadedCustomIdentityKeyStoreData')]" + }, + "uploadedCustomIdentityKeyStorePassphrase": { + "value": "[parameters('uploadedCustomIdentityKeyStorePassphrase')]" + }, + "uploadedCustomTrustKeyStoreData": { + "value": "[parameters('uploadedCustomTrustKeyStoreData')]" + }, + "uploadedCustomTrustKeyStorePassPhrase": { + "value": "[parameters('uploadedCustomTrustKeyStorePassPhrase')]" + }, + "uploadedPrivateKeyAlias": { + "value": "[parameters('uploadedPrivateKeyAlias')]" + }, + "uploadedPrivateKeyPassPhrase": { + "value": "[parameters('uploadedPrivateKeyPassPhrase')]" + }, + "enabledForTemplateDeployment": { + "value": "[parameters('enabledForTemplateDeployment')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "sku": { + "value": "[parameters('keyVaultSku')]" + }, + "keyVaultName": { + "value": "[variables('name_keyVaultName')]" + } + } + } + }, { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", @@ -974,71 +988,71 @@ "enableAppGateway": { "value": "[parameters('enableAppGateway')]" }, - "enableHTTPAdminListenPort":{ + "enableHTTPAdminListenPort": { "value": "[parameters('enableHTTPAdminListenPort')]" }, "enableDNSConfiguration": { - "value": "[parameters('enableDNSConfiguration')]" + "value": "[parameters('enableDNSConfiguration')]" }, "customDNSNameForAdminServer": { - "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" + "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" }, - "enableCustomSSL":{ - "value": "[parameters('enableCustomSSL')]" + "enableCustomSSL": { + "value": "[parameters('enableCustomSSL')]" }, "keyVaultCustomIdentityKeyStoreData": { "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, - "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStoreDataSecretName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStoreDataSecretName.value)]" + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, + "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStoreDataSecretName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStoreDataSecretName.value)]" } }, "keyVaultCustomIdentityKeyStorePassPhrase": { "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, - "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStorePassPhraseSecretName.value)]" + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, + "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStorePassPhraseSecretName.value)]" } }, - "keyVaultCustomIdentityKeyStoreType":{ + "keyVaultCustomIdentityKeyStoreType": { "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStoreType'), parameters('uploadedCustomIdentityKeyStoreType'))]" }, "keyVaultCustomTrustKeyStoreData": { "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreDataSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customTrustKeyStoretDataSecretName.value)]" } - }, - "keyVaultCustomTrustKeyStorePassPhrase": { - "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + }, + "keyVaultCustomTrustKeyStorePassPhrase": { + "reference": { + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customTrustKeyStorePassPhraseSecretName.value)]" } - }, - "keyVaultCustomTrustKeyStoreType":{ - "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreType'), parameters('uploadedCustomTrustKeyStoreType'))]" - }, - "keyVaultPrivateKeyAlias":{ - "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + }, + "keyVaultCustomTrustKeyStoreType": { + "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreType'), parameters('uploadedCustomTrustKeyStoreType'))]" + }, + "keyVaultPrivateKeyAlias": { + "reference": { + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultPrivateKeyAliasSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.privateKeyAliasSecretName.value)]" - } - }, - "keyVaultPrivateKeyPassPhrase": { - "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + } + }, + "keyVaultPrivateKeyPassPhrase": { + "reference": { + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultPrivateKeyPassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.privateKeyPassPhraseSecretName.value)]" - } + } } } }, @@ -1298,6 +1312,9 @@ "dbGlobalTranPro": { "value": "[parameters('dbGlobalTranPro')]" }, + "dbIdentity": { + "value": "[parameters('dbIdentity')]" + }, "dbPassword": { "value": "[parameters('dbPassword')]" }, @@ -1307,12 +1324,24 @@ "dsConnectionURL": { "value": "[parameters('dsConnectionURL')]" }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, "jdbcDataSourceName": { "value": "[parameters('jdbcDataSourceName')]" }, "location": { "value": "[parameters('location')]" }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[add(parameters('numberOfInstances'),-1)]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, "wlsPassword": { "value": "[parameters('wlsPassword')]" }, @@ -1468,15 +1497,15 @@ "value": "[parameters('enableCustomSSL')]" }, "keyVaultCustomTrustKeyStorePassPhrase": { - "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, - "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customTrustKeyStorePassPhraseSecretName.value)]" + "reference": { + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, + "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customTrustKeyStorePassPhraseSecretName.value)]" } }, "keyVaultCustomTrustKeyStoreType": { - "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreType'), parameters('uploadedCustomTrustKeyStoreType'))]" + "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreType'), parameters('uploadedCustomTrustKeyStoreType'))]" } } } @@ -1636,10 +1665,10 @@ "value": "[parameters('wlsUserName')]" }, "enableDNSConfiguration": { - "value": "[parameters('enableDNSConfiguration')]" + "value": "[parameters('enableDNSConfiguration')]" }, "customDNSNameForAdminServer": { - "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" + "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" }, "enableCustomSSL": { "value": "[parameters('enableCustomSSL')]" @@ -1735,67 +1764,67 @@ "value": "[parameters('wlsUserName')]" }, "enableDNSConfiguration": { - "value": "[parameters('enableDNSConfiguration')]" + "value": "[parameters('enableDNSConfiguration')]" }, "customDNSNameForAdminServer": { - "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" + "value": "[if(parameters('enableDNSConfiguration'), format('{0}.{1}', parameters('dnszoneAdminConsoleLabel'),parameters('dnszoneName')),'')]" }, "enableCustomSSL": { "value": "[parameters('enableCustomSSL')]" }, "keyVaultCustomIdentityKeyStoreData": { "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, - "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStoreDataSecretName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStoreDataSecretName.value)]" + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, + "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStoreDataSecretName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStoreDataSecretName.value)]" } }, "keyVaultCustomIdentityKeyStorePassPhrase": { "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, - "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStorePassPhraseSecretName.value)]" + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, + "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customIdentityKeyStorePassPhraseSecretName.value)]" } }, - "keyVaultCustomIdentityKeyStoreType":{ + "keyVaultCustomIdentityKeyStoreType": { "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomIdentityKeyStoreType'), parameters('uploadedCustomIdentityKeyStoreType'))]" }, "keyVaultCustomTrustKeyStoreData": { "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreDataSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customTrustKeyStoretDataSecretName.value)]" } - }, - "keyVaultCustomTrustKeyStorePassPhrase": { - "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + }, + "keyVaultCustomTrustKeyStorePassPhrase": { + "reference": { + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStorePassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.customTrustKeyStorePassPhraseSecretName.value)]" } - }, - "keyVaultCustomTrustKeyStoreType":{ - "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreType'), parameters('uploadedCustomTrustKeyStoreType'))]" - }, - "keyVaultPrivateKeyAlias":{ - "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + }, + "keyVaultCustomTrustKeyStoreType": { + "value": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultCustomTrustKeyStoreType'), parameters('uploadedCustomTrustKeyStoreType'))]" + }, + "keyVaultPrivateKeyAlias": { + "reference": { + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultPrivateKeyAliasSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.privateKeyAliasSecretName.value)]" - } - }, - "keyVaultPrivateKeyPassPhrase": { - "reference": { - "keyVault": { - "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" - }, + } + }, + "keyVaultPrivateKeyPassPhrase": { + "reference": { + "keyVault": { + "id": "[resourceId(variables('const_currentSubscription'), if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultResourceGroup'),resourceGroup().name), 'Microsoft.KeyVault/vaults', if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('adminSSLKeyVaultName'),reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.keyVaultName.value))]" + }, "secretName": "[if(equals(parameters('sslConfigurationAccessOption'), variables('const_sslConfigurationAccessOptionKeyVaultStoredConfig')),parameters('keyVaultPrivateKeyPassPhraseSecretName'), reference('sslKeyVaultNestedTemplate', '${azure.apiVersion}').outputs.privateKeyPassPhraseSecretName.value)]" - } + } } } } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dbTemplate.json new file mode 100644 index 000000000..ff5a2c648 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_dbTemplate.json @@ -0,0 +1,244 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationDbTemplate": { + "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", + "type": "string", + "metadata": { + "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "defaultValue": "adminVM", + "type": "string", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "dbGlobalTranPro": { + "defaultValue": "OnePhaseCommit", + "type": "string", + "metadata": { + "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." + } + }, + "dsConnectionURL": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JDBC Connection String" + } + }, + "dbUser": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Userid of Database" + } + }, + "dbPassword": { + "defaultValue": "[newGuid()]", + "type": "securestring", + "metadata": { + "description": "Password for Database" + } + }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, + "jdbcDataSourceName": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JNDI Name for JDBC Datasource" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "wlsUserName": { + "defaultValue": "weblogic", + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + } + }, + "variables": { + "const_wlsAdminPort": "7005", + "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", + "name_scriptFilePrefix": "datasourceConfig-", + "name_scriptFileSuffix-sqlserver": "sqlserver.sh", + "name_scriptFileSuffix-oracle": "oracle.sh", + "name_scriptFileSuffix-postgresql": "postgresql.sh", + "name_scriptFileSuffix-mysql": "mysql.sh" + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${cluster.database.start}", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines/extensions", + "name": "[concat(parameters('adminVMName'),'/newuserscript')]", + "location": "[parameters('location')]", + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.0", + "autoUpgradeMinorVersion": true, + "settings": { + "fileUris": [ + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-sqlserver'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-oracle'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-postgresql'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-mysql'), parameters('_artifactsLocationSasToken')))]" + ] + }, + "protectedSettings": { + "commandToExecute": "[concat('sh',' ',variables('name_scriptFilePrefix'),parameters('databaseType'),'.sh <<< \"',variables('const_wlsHome'),' ',parameters('adminVMName'),' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',base64(parameters('jdbcDataSourceName')),' ',base64(parameters('dsConnectionURL')),' ',parameters('dbUser'),' ',base64(parameters('dbPassword')), ' ',parameters('dbGlobalTranPro'), ' ', parameters('enablePswlessConnection'), '\"')]" + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${cluster.database.end}", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.oracle}", + "condition": "[if(contains(parameters('databaseType'), 'oracle'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.postgresql}", + "condition": "[if(contains(parameters('databaseType'), 'postgresql'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.mysql}", + "condition": "[if(contains(parameters('databaseType'), 'mysql'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.sqlserver}", + "condition": "[if(contains(parameters('databaseType'), 'sqlserver'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "string", + "value": "[parameters('_artifactsLocation')]" + } + } +} diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json new file mode 100644 index 000000000..018504b55 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json @@ -0,0 +1,121 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationInstallJdbcLibsTemplate": { + "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", + "type": "string", + "metadata": { + "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "managedServerPrefix": { + "type": "string", + "defaultValue": "msp", + "metadata": { + "description": "Provide managed server prefix name" + } + }, + "numberOfManagedApplicationInstances": { + "type": "int", + "defaultValue": 2, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "Number of VMs that have been deployed to host managed application server." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", + "const_wlsAdminPort": "7005", + "const_wlsDomainPath": "[concat('/u01/domains/', parameters('wlsDomainName'))]", + "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", + "name_scriptInstallJdbcLibs": "installJdbcDrivers.sh" + }, + "resources": [ + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines/extensions", + "name": "[concat(variables('const_managedVMPrefix'), copyIndex(1),'/newuserscript')]", + "location": "[parameters('location')]", + "copy": { + "name": "appVirtualMachineExtensionLoop", + "count": "[parameters('numberOfManagedApplicationInstances')]" + }, + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.0", + "autoUpgradeMinorVersion": true, + "settings": { + "fileUris": [ + "[uri(parameters('_artifactsLocationInstallJdbcLibsTemplate'), concat('../scripts/', variables('name_scriptInstallJdbcLibs'), parameters('_artifactsLocationSasToken')))]" + ] + }, + "protectedSettings": { + "commandToExecute": "[concat('sh',' ',variables('name_scriptInstallJdbcLibs'),' <<< \"',variables('const_wlsHome'),' ',variables('const_wlsDomainPath'),' ',parameters('managedServerPrefix'), copyIndex(1), ' ', parameters('adminVMName'), ' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',parameters('databaseType'),' ',parameters('enablePswlessConnection'), '\"')]" + } + } + } + ] +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json new file mode 100644 index 000000000..ba3b667e9 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -0,0 +1,274 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "dbGlobalTranPro": { + "defaultValue": "OnePhaseCommit", + "type": "string", + "metadata": { + "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." + } + }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, + "dbUser": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Userid of Database" + } + }, + "dsConnectionURL": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JDBC Connection String" + } + }, + "jdbcDataSourceName": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JNDI Name for JDBC Datasource" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "managedServerPrefix": { + "type": "string", + "defaultValue": "msp", + "metadata": { + "description": "Provide managed server prefix name" + } + }, + "numberOfManagedApplicationInstances": { + "type": "int", + "defaultValue": 2, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "Number of VMs that have been deployed to host managed application server." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "const_identityAPIVersion": "${azure.apiVersionForIndentity}", + "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", + "name_installJdbcLibsTemplate": "_installJdbcLibsTemplate.json", + "name_dbTemplate": "_dbTemplate.json", + "array_azureJdbcPlugins": { + "mysql": "defaultAuthenticationPlugin=com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin" + } + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${cluster.pswless.database.start}", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [] + } + } + }, + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines", + "name": "[concat(variables('const_managedVMPrefix'), copyIndex(1))]", + "location": "[parameters('location')]", + "copy": { + "name": "virtualMachineIdentityLoop", + "count": "[parameters('numberOfManagedApplicationInstances')]" + }, + "identity": { + "type": "userAssigned", + "userAssignedIdentities": { + "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "installJdbcLibsTemplate", + "dependsOn": [ + "virtualMachineIdentityLoop" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_installJdbcLibsTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "enablePswlessConnection": { + "value": true + }, + "location": { + "value": "[parameters('location')]" + }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[parameters('numberOfManagedApplicationInstances')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "dbTemplate", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'installJdbcLibsTemplate')]" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dsConnectionURL": { + "value": "[uri(format('{0}&{1}&azure.clientId={2}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId), '')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "enablePswlessConnection": { + "value": true + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${cluster.pswless.database.end}", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'dbTemplate')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [] + } + } + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "string", + "value": "[parameters('_artifactsLocation')]" + } + } +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json index f55cb8ea3..640340a9b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json @@ -1,236 +1,301 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "parameters": { - "_artifactsLocation": { - "type": "string", - "metadata": { - "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." - } - }, - "_artifactsLocationDbTemplate": { - "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", - "type": "string", - "metadata": { - "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." - } - }, - "_artifactsLocationSasToken": { - "type": "securestring", - "metadata": { - "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." - }, - "defaultValue": "" - }, - "adminVMName": { - "defaultValue": "adminVM", - "type": "string", - "metadata": { - "description": "Admin Server hosting VM name." - } - }, - "databaseType": { - "defaultValue": "", - "type": "string", - "metadata": { - "description": "One of the supported database types" - } - }, - "dbGlobalTranPro": { - "defaultValue": "OnePhaseCommit", - "type": "string", - "metadata": { - "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." - } - }, - "dsConnectionURL": { - "defaultValue": "", - "type": "string", - "metadata": { - "description": "JDBC Connection String" - } - }, - "dbUser": { - "defaultValue": "", - "type": "string", - "metadata": { - "description": "Userid of Database" - } - }, - "dbPassword": { - "type": "securestring", - "metadata": { - "description": "Password for Database" - } - }, - "jdbcDataSourceName": { - "defaultValue": "", - "type": "string", - "metadata": { - "description": "JNDI Name for JDBC Datasource" - } - }, - "location": { - "type": "string", - "metadata": { - "description": "Location for all resources." - } - }, - "wlsUserName": { - "defaultValue": "weblogic", - "type": "string", - "metadata": { - "description": "Username for your Weblogic domain name" - } - }, - "wlsPassword": { - "type": "securestring", - "metadata": { - "description": "Password for your Weblogic domain name" - } - } - }, - "variables": { - "const_wlsAdminPort": "7005", - "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", - "name_scriptFilePrefix": "datasourceConfig-", - "name_scriptFileSuffix-sqlserver": "sqlserver.sh", - "name_scriptFileSuffix-oracle": "oracle.sh", - "name_scriptFileSuffix-postgresql": "postgresql.sh", - "name_scriptFileSuffix-mysql": "mysql.sh" - }, - "resources": [ - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${cluster.database.start}", - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "apiVersion": "${azure.apiVersionForVirtualMachines}", - "type": "Microsoft.Compute/virtualMachines/extensions", - "name": "[concat(parameters('adminVMName'),'/newuserscript')]", - "location": "[parameters('location')]", - "properties": { - "publisher": "Microsoft.Azure.Extensions", - "type": "CustomScript", - "typeHandlerVersion": "2.0", - "autoUpgradeMinorVersion": true, - "settings": { - "fileUris": [ - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-sqlserver'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-oracle'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-postgresql'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-mysql'), parameters('_artifactsLocationSasToken')))]" - ] - }, - "protectedSettings": { - "commandToExecute": "[concat('sh',' ',variables('name_scriptFilePrefix'),parameters('databaseType'),'.sh <<< \"',variables('const_wlsHome'),' ',parameters('adminVMName'),' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',base64(parameters('jdbcDataSourceName')),' ',base64(parameters('dsConnectionURL')),' ',parameters('dbUser'),' ',base64(parameters('dbPassword')), ' ',parameters('dbGlobalTranPro'), '\"')]" - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${cluster.database.end}", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.oracle}", - "condition": "[if(contains(parameters('databaseType'), 'oracle'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.postgresql}", - "condition": "[if(contains(parameters('databaseType'), 'postgresql'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.mysql}", - "condition": "[if(contains(parameters('databaseType'), 'mysql'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.sqlserver}", - "condition": "[if(contains(parameters('databaseType'), 'sqlserver'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - } - ], - "outputs": { - "artifactsLocationPassedIn": { - "type": "string", - "value": "[parameters('_artifactsLocation')]" - } - } -} +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "dbGlobalTranPro": { + "defaultValue": "OnePhaseCommit", + "type": "string", + "metadata": { + "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." + } + }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, + "dbPassword": { + "defaultValue": "[newGuid()]", + "type": "securestring", + "metadata": { + "description": "Password for Database" + } + }, + "dbUser": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Userid of Database" + } + }, + "dsConnectionURL": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JDBC Connection String" + } + }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, + "jdbcDataSourceName": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JNDI Name for JDBC Datasource" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "managedServerPrefix": { + "type": "string", + "defaultValue": "msp", + "metadata": { + "description": "Provide managed server prefix name" + } + }, + "numberOfManagedApplicationInstances": { + "type": "int", + "defaultValue": 2, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "Number of VMs that have been deployed to host managed application server." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "name_dbLinkedTemplateName": "_dbTemplate.json", + "name_dbPswlessTemplateName": "_pswlessDbTemplate.json", + "name_dbUpgradeMySQLDriver": "_installJdbcLibsTemplate.json" + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "pswlessDbTemplate", + "condition": "[parameters('enablePswlessConnection')]", + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbPswlessTemplateName')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dbIdentity": { + "value": "[parameters('dbIdentity')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "dsConnectionURL": { + "value": "[parameters('dsConnectionURL')]" + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[parameters('numberOfManagedApplicationInstances')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "upgradeMySQLJdbcDriverTemplate", + "condition": "[and(not(parameters('enablePswlessConnection')), equals(parameters('databaseType'),'mysql'))]", + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbUpgradeMySQLDriver')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[parameters('numberOfManagedApplicationInstances')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "dbDeploymentTemplate", + "condition": "[not(parameters('enablePswlessConnection'))]", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'upgradeMySQLJdbcDriverTemplate')]" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbLinkedTemplateName')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dbPassword": { + "value": "[parameters('dbPassword')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "dsConnectionURL": { + "value": "[parameters('dsConnectionURL')]" + }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "string", + "value": "[parameters('_artifactsLocation')]" + } + } +} diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-mysql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-mysql.sh index 8ec6cd056..a0a0c4f35 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-mysql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-mysql.sh @@ -83,17 +83,33 @@ function validateInput() exit 1 fi + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + if [ -z "$wlsClusterName" ]; then echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() { -echo "Creating JDBC data source with name $jdbcDataSourceName" -cat <${scriptPath}/create_datasource.py + local driverName="com.mysql.jdbc.Driver" + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + driverName="com.mysql.cj.jdbc.Driver" + fi + + echo "Creating JDBC data source with name $jdbcDataSourceName" + cat <${scriptPath}/create_datasource.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') edit("$hostName") startEdit() @@ -108,7 +124,7 @@ try: cmo.setDatasourceType('GENERIC') cd('/JDBCSystemResources/$jdbcDataSourceName/JDBCResource/$jdbcDataSourceName/JDBCDriverParams/$jdbcDataSourceName') cmo.setUrl('$dsConnectionURL') - cmo.setDriverName('com.mysql.jdbc.Driver') + cmo.setDriverName('$driverName') cmo.setPassword('$dsPassword') cd('/JDBCSystemResources/$jdbcDataSourceName/JDBCResource/$jdbcDataSourceName/JDBCConnectionPoolParams/$jdbcDataSourceName') cmo.setTestTableName('SQL ISVALID\r\n\r\n\r\n\r\n') @@ -146,7 +162,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then @@ -156,7 +172,6 @@ fi wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` - createTempFolder validateInput createJDBCSource_model diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-oracle.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-oracle.sh index 10c19a65d..fadef340d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-oracle.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-oracle.sh @@ -88,6 +88,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() @@ -146,7 +157,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-postgresql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-postgresql.sh index c52fbc2fc..0ab769119 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-postgresql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-postgresql.sh @@ -88,6 +88,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() @@ -146,7 +157,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh index 7e00c6752..eadd6ef51 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/datasourceConfig-sqlserver.sh @@ -88,6 +88,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() @@ -146,7 +157,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh new file mode 100644 index 000000000..fce5edd0a --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh @@ -0,0 +1,233 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# Description +# This script is to install jdbc libraries at WebLogic cluster domain. + +# /bin/bash + +#Function to output message to StdErr +function echo_stderr() { + echo "$@" >&2 +} + +#Function to display usage message +function usage() { + echo_stderr "./installJdbcDrivers.sh <<< \"\"" +} + +function validate_input() { + + # parse base64 string + wlsPassword=$(echo "${wlsPassword}" | base64 -d) + + if [ -z "$oracleHome" ]; then + echo _stderr "Please provide oracleHome" + exit 1 + fi + + if [ -z "$domainPath" ]; then + echo _stderr "Please provide domainPath" + exit 1 + fi + + if [ -z "$wlsServerName" ]; then + echo _stderr "Please provide wlsServerName" + exit 1 + fi + + if [ -z "$wlsAdminHost" ]; then + echo _stderr "Please provide wlsAdminHost" + exit 1 + fi + + if [ -z "$wlsAdminPort" ]; then + echo _stderr "Please provide wlsAdminPort" + exit 1 + fi + + if [ -z "$wlsUserName" ]; then + echo _stderr "Please provide wlsUserName" + exit 1 + fi + + if [ -z "$wlsPassword" ]; then + echo _stderr "Please provide wlsPassword" + exit 1 + fi + + if [ -z "$databaseType" ]; then + echo _stderr "Please provide databaseType" + exit 1 + fi + + if [ -z "$enablePswlessConnection" ]; then + echo _stderr "Please provide enablePswlessConnection" + exit 1 + fi +} + +function install_maven() { + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${url4MavenInstaller}" -o ${mvnInstaller} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${url4MavenInstaller}." + fi + + tar xzvf ${mvnInstaller} -C /u01/app + export MAVEN_HOME=/u01/app/apache-maven-${mvnVersion} + . $oracleHome/oracle_common/common/bin/setWlstEnv.sh # set JAVA_HOME + export PATH=${MAVEN_HOME}/bin:$PATH + + rm ${mvnInstaller} -f + mvn --version + if [ $? != 0 ]; then + echo_stderr "Failed to install maven." + fi +} + +function uninstall_maven() { + sudo rm -f ${MAVEN_HOME} -R +} + +function install_azure_mysql_libraries() { + local mySQLPom=mysql-pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4AzureMySQLJDBCPomFile}" -o ${mySQLPom} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${gitUrl4AzureMySQLJDBCPomFile}." + fi + + install_maven + echo "download dependencies" + mvn dependency:copy-dependencies -f ${mySQLPom} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + domainBase=$(dirname $domainPath) + sudo mkdir -p ${domainBase}/azure-libraries/identity + sudo mkdir -p ${domainBase}/azure-libraries/jackson + # fix JARs conflict issue, put jackson libraries to PRE_CLASSPATH to upgrade the existing libs. + sudo mv target/dependency/jackson-annotations-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-core-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-databind-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-dataformat-xml-*.jar ${domainBase}/azure-libraries/jackson + # Thoes jars will be appended to CLASSPATH + sudo mv target/dependency/*.jar ${domainBase}/azure-libraries/identity + sudo chown -R oracle:oracle ${domainBase}/azure-libraries + else + echo "Failed to download dependencies for azure-identity-providers-jdbc-mysql" + exit 1 + fi + + rm ${mySQLPom} -f + uninstall_maven + + sed -i 's;^export DOMAIN_HOME;&\nCLASSPATH="'${domainBase}'/azure-libraries/identity/*:${CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/azure-libraries/jackson/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh +} + +function upgrade_mysql_driver() { + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${wlsMySQLDriverUrl}" -o ${mysqlDriverJarName} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${wlsMySQLDriverUrl}." + fi + + local domainBase=$(dirname $domainPath) + sudo mkdir ${domainBase}/external-libraries + sudo mv ${mysqlDriverJarName} ${domainBase}/external-libraries/ + sudo chown -R oracle:oracle ${domainBase}/external-libraries + + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/external-libraries/'${mysqlDriverJarName}':${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh +} + +#This function to wait for admin server +function wait_for_admin() { + #wait for admin to start + count=1 + CHECK_URL="http://$wlsAdminURL/weblogic/ready" + status=$(curl --insecure -ILs $CHECK_URL | tac | grep -m1 HTTP/1.1 | awk {'print $2'}) + echo "Waiting for admin server to start" + while [[ "$status" != "200" ]]; do + echo "." + count=$((count + 1)) + if [ $count -le 30 ]; then + sleep 1m + else + echo "Error : Maximum attempts exceeded while starting admin server" + exit 1 + fi + status=$(curl --insecure -ILs $CHECK_URL | tac | grep -m1 HTTP/1.1 | awk {'print $2'}) + if [ "$status" == "200" ]; then + echo "Admin Server started succesfully..." + break + fi + done +} + +function restart_admin_service() { + echo "Restart weblogic admin server service" + sudo systemctl stop wls_admin + sudo systemctl start wls_admin + wait_for_admin +} + +function restart_managed_servers() { + echo "Restart managed servers" + cat <${SCRIPT_PWD}/restart-managedServer.py +connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +servers=cmo.getServers() +domainRuntime() +print "Restart the servers which are in RUNNING status" +for server in servers: + bean="/ServerLifeCycleRuntimes/"+server.getName() + serverbean=getMBean(bean) + if (serverbean.getState() in ("RUNNING")) and (server.getName() == '${wlsServerName}'): + try: + print "Stop the Server ",server.getName() + shutdown(server.getName(),server.getType(),ignoreSessions='true',force='true') + print "Start the Server ",server.getName() + start(server.getName(),server.getType()) + break + except: + print "Failed restarting managed server ", server.getName() + dumpStack() +serverConfig() +disconnect() +EOF + . $oracleHome/oracle_common/common/bin/setWlstEnv.sh + java $WLST_ARGS weblogic.WLST ${SCRIPT_PWD}/restart-managedServer.py + + if [[ $? != 0 ]]; then + echo "Error : Fail to restart managed server to configuration external libraries." + exit 1 + fi +} + +#read arguments from stdin +read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName wlsPassword databaseType enablePswlessConnection + +export curlMaxTime=120 # seconds +export gitUrl4AzureMySQLJDBCPomFile="https://raw.githubusercontent.com/galiacheng/weblogic-azure/azure-lib-versions/weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml" +export mvnVersion="3.8.6" +export mvnInstaller="apache-maven-${mvnVersion}-bin.tar.gz" +export mysqlDriverJarName="mysql-connector-java-8.0.30.jar" +export retryMaxAttempt=5 # retry attempt for curl command +export url4MavenInstaller="https://dlcdn.apache.org/maven/maven-3/${mvnVersion}/binaries/${mvnInstaller}" +export wlsMySQLDriverUrl="https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.30/mysql-connector-java-8.0.30.jar" +export wlsAdminURL=$wlsAdminHost:$wlsAdminPort + +validate_input + +if [ $databaseType == "mysql" ]; then + upgrade_mysql_driver +fi + +if [ "${enablePswlessConnection,,}" == "true" ]; then + if [ $databaseType == "mysql" ]; then + install_azure_mysql_libraries + fi +fi + +if [ $wlsServerName == "admin" ]; then + restart_admin_service +else + restart_managed_servers +fi From 1caf5a3c4162ca7d0c0fade0240fdcd476aaf6a5 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Mon, 5 Dec 2022 23:25:10 +0800 Subject: [PATCH 412/720] upgrade bicep version (#224) Signed-off-by: galiacheng Changes to be committed: modified: .github/workflows/newtag.yml --- .github/workflows/newtag.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/newtag.yml b/.github/workflows/newtag.yml index d053d9186..146621308 100644 --- a/.github/workflows/newtag.yml +++ b/.github/workflows/newtag.yml @@ -57,6 +57,12 @@ jobs: uses: ./.github/actions/setvars with: varFilePath: ./.github/variables/vm-dependencies.env + - name: Get versions of external dependencies + id: get-external-dependencies-version + run: | + curl -Lo external-deps-versions.properties https://raw.githubusercontent.com/Azure/azure-javaee-iaas/main/external-deps-versions.properties + source external-deps-versions.properties + echo "bicepVersion=${BICEP_VERSION}" >> $GITHUB_ENV - name: Checkout ${{ env.repoName }} uses: actions/checkout@v2 with: @@ -77,7 +83,7 @@ jobs: ref: ${{ env.refArmttk }} - name: Set up bicep run: | - curl -Lo bicep https://github.com/Azure/bicep/releases/download/v0.4.613/bicep-linux-x64 + curl -Lo bicep https://github.com/Azure/bicep/releases/download/${bicepVersion}/bicep-linux-x64 chmod +x ./bicep sudo mv ./bicep /usr/local/bin/bicep bicep --version From 48d258788a02043d6f10521b83ea5c5831654b89 Mon Sep 17 00:00:00 2001 From: Sanjay Mantoor <36834780+sanjaymantoor@users.noreply.github.com> Date: Thu, 8 Dec 2022 00:41:02 +0530 Subject: [PATCH 413/720] Updated the OHS template to handle new OHS base images (#225) * Updated the vmSizeSelect parameter to vmSize * Removed the data disk option * Updated the JDK version and keytool path Co-authored-by: SMANTOOR --- .../arm/nestedtemplates/ohsNestedTemplate.json | 16 +++------------- .../src/main/scripts/setupOHS.sh | 10 +++++----- 2 files changed, 8 insertions(+), 18 deletions(-) diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/ohsNestedTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/ohsNestedTemplate.json index ffbd10f95..ec95fcfd7 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/ohsNestedTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/ohsNestedTemplate.json @@ -187,7 +187,7 @@ "description": "virtual network name." } }, - "vmSizeSelect": { + "vmSize": { "type": "string", "defaultValue": "Standard_A3", "metadata": { @@ -222,7 +222,7 @@ } }, "const_publicIPAddressType": "Dynamic", - "const_vmSize": "[parameters('vmSizeSelect')]", + "const_vmSize": "[parameters('vmSize')]", "name_linuxImageOfferSKU": "[variables('name_ohsSkuUrnVersion')[1]]", "name_linuxImageVersion": "[variables('name_ohsSkuUrnVersion')[2]]", "name_networkSecurityGroup": "[concat(parameters('dnsLabelPrefix'), '-nsg')]", @@ -327,17 +327,7 @@ "managedDisk": { "storageAccountType": "StandardSSD_LRS" } - }, - "dataDisks": [ - { - "lun": 0, - "createOption": "FromImage", - "diskSizeGB": 900, - "managedDisk": { - "storageAccountType": "StandardSSD_LRS" - } - } - ] + } }, "networkProfile": { "networkInterfaces": [ diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupOHS.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupOHS.sh index 71070943d..b55aa9a03 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupOHS.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/setupOHS.sh @@ -110,14 +110,14 @@ function verifyCertValidity() # Check whether KEYSTORE supplied can be opened for reading # Redirecting as no need to display the contents - runuser -l oracle -c "keytool -list -v -keystore $KEYSTORE -storepass $PASSWORD -storetype $KEY_STORE_TYPE > /dev/null 2>&1" + runuser -l oracle -c "$JAVA_HOME/bin/keytool -list -v -keystore $KEYSTORE -storepass $PASSWORD -storetype $KEY_STORE_TYPE > /dev/null 2>&1" if [ $? != 0 ]; then echo_stderr "Error opening the keystore : $KEYSTORE" exit 1 fi - aliasList=`runuser -l oracle -c "keytool -list -v -keystore $KEYSTORE -storepass $PASSWORD -storetype $KEY_STORE_TYPE | grep Alias" |awk '{print $3}'` + aliasList=`runuser -l oracle -c "$JAVA_HOME/bin/keytool -list -v -keystore $KEYSTORE -storepass $PASSWORD -storetype $KEY_STORE_TYPE | grep Alias" |awk '{print $3}'` if [[ -z $aliasList ]]; then echo_stderr "Error : No alias found in supplied certificate $KEYSTORE" @@ -126,7 +126,7 @@ function verifyCertValidity() for alias in $aliasList do - VALIDITY_PERIOD=`runuser -l oracle -c "keytool -list -v -keystore $KEYSTORE -storepass $PASSWORD -storetype $KEY_STORE_TYPE -alias $alias | grep Valid"` + VALIDITY_PERIOD=`runuser -l oracle -c "$JAVA_HOME/bin/keytool -list -v -keystore $KEYSTORE -storepass $PASSWORD -storetype $KEY_STORE_TYPE -alias $alias | grep Valid"` echo "$KEYSTORE is \"$VALIDITY_PERIOD\"" CERT_UNTIL_DATE=`echo $VALIDITY_PERIOD | awk -F'until:|\r' '{print $2}'` CERT_UNTIL_SECONDS=`date -d "$CERT_UNTIL_DATE" +%s` @@ -466,7 +466,7 @@ function addCertficateToOracleVault() # Validate JKS file verifyCertValidity ${OHS_VAULT_PATH}/ohsKeystore.jks $ohsKeyStorePassPhrase $CURRENT_DATE $MIN_CERT_VALIDITY "JKS" - KEY_TYPE=`keytool -list -v -keystore ${OHS_VAULT_PATH}/ohsKeystore.jks -storepass ${ohsKeyStorePassPhrase} | grep 'Keystore type:'` + KEY_TYPE=`$JAVA_HOME/bin/keytool -list -v -keystore ${OHS_VAULT_PATH}/ohsKeystore.jks -storepass ${ohsKeyStorePassPhrase} | grep 'Keystore type:'` if [[ $KEY_TYPE == *"jks"* ]]; then runuser -l oracle -c "${INSTALL_PATH}/oracle/middleware/oracle_home/oracle_common/bin/orapki wallet jks_to_pkcs12 -wallet ${OHS_VAULT_PATH} -pwd ${ORACLE_VAULT_PASSWORD} -keystore ${OHS_VAULT_PATH}/ohsKeystore.jks -jkspwd ${ohsKeyStorePassPhrase}" if [[ $? == 0 ]]; then @@ -537,7 +537,7 @@ MIN_CERT_VALIDITY="1" read OHS_DOMAIN_NAME OHS_COMPONENT_NAME OHS_NM_USER OHS_NM_PSWD OHS_HTTP_PORT OHS_HTTPS_PORT WLS_REST_URL WLS_USER WLS_PASSWORD OHS_KEY_STORE_DATA OHS_KEY_STORE_PASSPHRASE ORACLE_VAULT_PASSWORD OHS_KEY_TYPE JDK_PATH="/u01/app/jdk" -JDK_VERSION="jdk1.8.0_271" +JDK_VERSION="jdk1.8.0_291" JAVA_HOME=$JDK_PATH/$JDK_VERSION PATH=$JAVA_HOME/bin:$PATH OHS_PATH="/u01/app/ohs" From 16b4b41ea928e2b3ecb30fbb89661f755ceab48a Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Fri, 23 Dec 2022 00:02:03 +0800 Subject: [PATCH 414/720] Support passwordless PostgreSQL in AKS offer (#230) * modify aks offer to support passwordless postgresql On branch aks-pswless-db Changes to be committed: modified: ../../../pom.xml modified: ../arm/createUiDefinition.json modified: ../arm/scripts/buildWLSDockerImage.sh modified: ../arm/scripts/common.sh modified: ../arm/scripts/createVMAndBuildImage.sh modified: ../arm/scripts/genDomainConfig.sh modified: ../arm/scripts/genImageModel.sh modified: mainTemplate.bicep modified: modules/_deployment-scripts/_ds-create-wls-cluster.bicep modified: modules/_setupPasswordlessDBConnection.bicep modified: ../resources/aks_well_tested_version.json * fix pipeline * remove weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml * use resources from oracle repo. * fix pipeline --- .../testWlsAksWithDependencyCreation.yml | 2 +- .../testWlsAksWithoutDependencyCreation.yml | 2 +- weblogic-azure-aks/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 30 +++++--- .../main/arm/scripts/buildWLSDockerImage.sh | 73 ++++++++++++------- .../src/main/arm/scripts/common.sh | 12 +-- .../main/arm/scripts/createVMAndBuildImage.sh | 1 + .../src/main/arm/scripts/genDomainConfig.sh | 13 +++- .../src/main/arm/scripts/genImageModel.sh | 1 - .../src/main/bicep/mainTemplate.bicep | 3 - .../_ds-create-wls-cluster.bicep | 2 +- .../_setupPasswordlessDBConnection.bicep | 3 +- .../resources/aks_well_tested_version.json | 4 +- .../azure-identity-provider-jdbc-mysql.xml | 72 ------------------ 14 files changed, 91 insertions(+), 129 deletions(-) delete mode 100644 weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml diff --git a/.github/workflows/testWlsAksWithDependencyCreation.yml b/.github/workflows/testWlsAksWithDependencyCreation.yml index 4c99f87eb..a578d5e27 100644 --- a/.github/workflows/testWlsAksWithDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithDependencyCreation.yml @@ -297,7 +297,7 @@ jobs: run: | appgatewayname=$(az resource list --resource-group ${{ env.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) echo $appgatewayname - publicIpAddressId=$(az network application-gateway show --resource-group ${{ env.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) + publicIpAddressId=$(az network application-gateway show --resource-group ${{ env.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIPConfigurations[0].publicIPAddress.id -o tsv) echo $publicIpAddressId appGatewayURL=$(az network public-ip show --resource-group ${{ env.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) echo $appGatewayURL diff --git a/.github/workflows/testWlsAksWithoutDependencyCreation.yml b/.github/workflows/testWlsAksWithoutDependencyCreation.yml index 28ef6d76d..f023002d5 100644 --- a/.github/workflows/testWlsAksWithoutDependencyCreation.yml +++ b/.github/workflows/testWlsAksWithoutDependencyCreation.yml @@ -249,7 +249,7 @@ jobs: run: | appgatewayname=$(az resource list --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --query "[?type=='Microsoft.Network/applicationGateways'].name|[0]" -o tsv) echo $appgatewayname - publicIpAddressId=$(az network application-gateway show --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIpConfigurations[0].publicIpAddress.id -o tsv) + publicIpAddressId=$(az network application-gateway show --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --name ${appgatewayname} --query frontendIPConfigurations[0].publicIPAddress.id -o tsv) echo $publicIpAddressId appGatewayURL=$(az network public-ip show --resource-group ${{ needs.preflight.outputs.resourceGroupForWlsAks }} --ids ${publicIpAddressId} --query dnsSettings.fqdn -o tsv) echo $appGatewayURL diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 380a03e93..98378504a 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.48 + 1.0.50 com.microsoft.azure.iaas diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index c41150d99..a5676ff14 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -1864,7 +1864,7 @@ "constraints": { "allowedValues": [ { - "label": "Azure database for PostgreSQL", + "label": "Azure database for PostgreSQL (with support for passwordless connection)", "value": "postgresql" }, { @@ -1897,13 +1897,6 @@ "text": "To support passwordless connection and various functionalities, the offer will upgrade the Oracle WebLogic Server MySQL driver with recent MySQL Connector Java driver." } }, - { - "name": "enablePswlessConnection", - "type": "Microsoft.Common.CheckBox", - "label": "Use passwordless datasource connection", - "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]" - }, { "name": "jdbcDataSourceName", "type": "Microsoft.Common.TextBox", @@ -1927,12 +1920,20 @@ "required": true, "validations": [ { - "regex": "[concat('^jdbc:', coalesce(steps('section_database').databaseConnectionInfo.databaseType, ''), '.*$')]", - "message": "A valid JDBC URL for the chosen database type must be provided" + "regex": "^jdbc:.*$", + "message": "A valid JDBC URL must start with 'jdbc:'." + }, + { + "isValid": "[startsWith(steps('section_database').databaseConnectionInfo.dsConnectionURL, concat('jdbc:', steps('section_database').databaseConnectionInfo.databaseType))]", + "message": "A valid JDBC URL for the chosen database type must be provided." }, { - "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", "message": "The offer will append defaultAuthenticationPlugin, authenticationPlugins with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPluginClassName')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append authenticationPluginClassName with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -2011,6 +2012,13 @@ }, "visible": true }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + }, { "name": "dbPassword", "type": "Microsoft.Common.PasswordBox", diff --git a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh index 397d77788..6664244b0 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/buildWLSDockerImage.sh @@ -117,9 +117,8 @@ function initialize() { mkdir wlsdeploy mkdir wlsdeploy/config mkdir wlsdeploy/applications - mkdir wlsdeploy/domainLibraries mkdir wlsdeploy/classpathLibraries - mkdir wlsdeploy/sharedLibraries + mkdir wlsdeploy/${externalJDBCLibrariesDirectoryName} } function download_wdt_wit() { @@ -145,13 +144,13 @@ function download_wdt_wit() { validate_status "Check status of imagetool.zip." } -function download_mysql_passwordless_jdbc_libs() { - local mySQLPom=mysql-pom.xml - curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fsL "${gitUrl4AzureMySQLJDBCPomFile}" -o ${mySQLPom} +function download_azure_identity_extensions() { + local myPom=pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fsL "${gitUrl4AzureIdentityExtensionsPomFile}" -o ${myPom} validate_status "Check status of downloading Azure Identity Provider JDBC MySQL Pom file." echo "download dependencies" - mvn dependency:copy-dependencies -f ${mySQLPom} + mvn dependency:copy-dependencies -f ${myPom} if [ $? -eq 0 ]; then ls -l target/dependency/ @@ -165,7 +164,25 @@ function download_mysql_passwordless_jdbc_libs() { # Thoes jars will be appended to CLASSPATH mv target/dependency/*.jar wlsdeploy/classpathLibraries/azureLibraries/ else - echo "Failed to download dependencies for azure-identity-providers-jdbc-mysql" + echo "Failed to download dependencies for azure-identity-extensions" + exit 1 + fi +} + +function download_mysql_driver() { + local myPom=mysqlpom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fsL "${gitUrl4MySQLDriverPomFile}" -o ${myPom} + validate_status "Check status of downloading MySQL driver Pom file." + + echo "download dependencies" + mvn dependency:copy-dependencies -f ${myPom} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + mkdir wlsdeploy/${constPreclassDirectoryName} + mv target/dependency/*.jar wlsdeploy/${constPreclassDirectoryName}/ + else + echo "Failed to download dependencies for mysql driver." exit 1 fi } @@ -218,25 +235,34 @@ function install_utilities() { jq --help validate_status "Check status of unzip." - download_wdt_wit + sudo apt -y -q install maven + mvn --help + validate_status "Check status of mvn." - curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fL ${wlsPostgresqlDriverUrl} -o ${scriptDir}/model-images/wlsdeploy/domainLibraries/${constPostgreDriverName} - validate_status "Install postgresql driver." + download_wdt_wit - curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fL ${wlsMSSQLDriverUrl} -o ${scriptDir}/model-images/wlsdeploy/domainLibraries/${constMSSQLDriverName} - validate_status "Install mssql driver." + if [[ "${dbType}" == "postgresql" ]]; then + curl -m ${curlMaxTime} \ + --retry ${retryMaxAttempt} \ + -fL ${wlsPostgresqlDriverUrl} \ + -o ${scriptDir}/model-images/wlsdeploy/${externalJDBCLibrariesDirectoryName}/${constPostgreDriverName} + validate_status "Install postgresql driver." + fi - curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fL ${wlsMySQLDriverUrl} -o ${scriptDir}/model-images/wlsdeploy/sharedLibraries/${constMySQLLibName} - validate_status "Install mysql driver." + if [[ "${dbType}" == "sqlserver" ]]; then + curl -m ${curlMaxTime} \ + --retry ${retryMaxAttempt} \ + -fL ${wlsMSSQLDriverUrl} \ + -o ${scriptDir}/model-images/wlsdeploy/${externalJDBCLibrariesDirectoryName}/${constMSSQLDriverName} + validate_status "Install mssql driver." + fi + + if [[ "${dbType}" == "mysql" ]]; then + download_mysql_driver + fi if [[ "${enablePswlessConnection,,}" == "true" ]]; then - sudo apt -y -q install maven - mvn --help - validate_status "Check status of mvn." - - if [[ "${dbType}" == "${constDBTypeMySQL}" ]]; then - download_mysql_passwordless_jdbc_libs - fi + download_azure_identity_extensions fi } @@ -256,13 +282,11 @@ function install_db_drivers() { local fileName="${urlWithoutQueryString##*/}" echo $fileName - curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fL "$item" -o ${scriptDir}/model-images/wlsdeploy/domainLibraries/${fileName} + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fL "$item" -o ${scriptDir}/model-images/wlsdeploy/${externalJDBCLibrariesDirectoryName}/${fileName} if [ $? -ne 0 ];then echo "Failed to download $item" exit 1 fi - - dbDriverPaths="${dbDriverPaths},'wlsdeploy/domainLibraries/${fileName}'" done } @@ -390,7 +414,6 @@ export enablePswlessConnection=${13} export dbType=${14} export acrImagePath="$azureACRServer/aks-wls-images:${imageTag}" -export dbDriverPaths="" read_sensitive_parameters_from_stdin diff --git a/weblogic-azure-aks/src/main/arm/scripts/common.sh b/weblogic-azure-aks/src/main/arm/scripts/common.sh index b25a7bddb..581a8ee09 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/common.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/common.sh @@ -20,15 +20,15 @@ export constDBTypeMySQL="mysql" export constDefaultJavaOptions="-Dlog4j2.formatMsgNoLookups=true -Dweblogic.StdoutDebugEnabled=false" # the java options will be applied to the cluster export constDefaultJVMArgs="-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m -XX:MinRAMPercentage=25.0 -XX:MaxRAMPercentage=50.0 " # the JVM options will be applied to the cluster export constDefaultAKSVersion="default" +export externalJDBCLibrariesDirectoryName="externalJDBCLibraries" export constFalse="false" export constTrue="true" export constIntrospectorJobActiveDeadlineSeconds=300 # for Guaranteed Qos -export constPostgreDriverName="postgresql-42.3.6.jar" +export constPostgreDriverName="postgresql-42.5.1.jar" export constMSSQLDriverName="mssql-jdbc-10.2.1.jre8.jar" -export constMySQLLibName="mysql-connector-java-8.0.30.jar" -export constAzureIdentityProvidersJdbcMysqlVersion="1.0.0-beta.1" export constAzureCoreVersion="1.34.0" export constDbPodIdentitySelector="db-pod-identity" # do not change the value +export constPreclassDirectoryName="preclassLibraries" export curlMaxTime=120 # seconds export ocrLoginServer="container-registry.oracle.com" @@ -37,7 +37,8 @@ export ocrCpuImagePath="middleware/weblogic_cpu" export gitUrl4CpuImages="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json" export gitUrl4AksWellTestedVersionJsonFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/aks_well_tested_version.json" export gitUrl4WLSToolingFamilyJsonFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/weblogic_tooling_family.json" -export gitUrl4AzureMySQLJDBCPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml" +export gitUrl4AzureIdentityExtensionsPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resource/azure-identity-extensions.xml" +export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resource/mysql-connector-java.xml" export optUninstallMaxTry=5 # Max attempts to wait for the operator uninstalled export optUninstallInterval=10 @@ -46,6 +47,5 @@ export retryMaxAttempt=5 # retry attempt for curl command export retryInterval=10 export wlsContainerName="weblogic-server" -export wlsPostgresqlDriverUrl="https://jdbc.postgresql.org/download/postgresql-42.3.6.jar" +export wlsPostgresqlDriverUrl="https://jdbc.postgresql.org/download/postgresql-42.5.1.jar" export wlsMSSQLDriverUrl="https://repo.maven.apache.org/maven2/com/microsoft/sqlserver/mssql-jdbc/10.2.1.jre8/mssql-jdbc-10.2.1.jre8.jar" -export wlsMySQLDriverUrl="https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.30/mysql-connector-java-8.0.30.jar" diff --git a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh index 41769fb17..a0c7eaf1e 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/createVMAndBuildImage.sh @@ -130,6 +130,7 @@ function build_docker_image() { echo "wlsImagePath: ${wlsImagePath}" URL_3RD_DATASOURCE=$(echo $URL_3RD_DATASOURCE | tr -d "\"") # remove " from the string + URL_3RD_DATASOURCE=$(echo $URL_3RD_DATASOURCE | base64 -w0) az vm extension set --name CustomScript \ --extension-instance-name wls-image-script \ --resource-group ${CURRENT_RESOURCEGROUP_NAME} \ diff --git a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh index 0ae00ef0c..72b228324 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genDomainConfig.sh @@ -12,12 +12,17 @@ export adminServiceUrl="${WLS_DOMAIN_UID}-admin-server.${WLS_DOMAIN_UID}-ns.svc. export clusterServiceUrl="${WLS_DOMAIN_UID}-cluster-${constClusterName}.${WLS_DOMAIN_UID}-ns.svc.cluster.local" # set classpath -preClassPath="/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/sharedLibraries/${constMySQLLibName}" -classPath="" +preClassPath="" +classPath="/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/${externalJDBCLibrariesDirectoryName}/*" + +if [[ "${DB_TYPE}" == "mysql" ]]; then + preClassPath="/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/${constPreclassDirectoryName}/*:" +fi + if [[ "${ENABLE_PASSWORDLESS_DB_CONNECTION,,}" == "true" ]]; then # append jackson libraries to pre-classpath to upgrade existing libs in GA images - preClassPath="${preClassPath}:/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/classpathLibraries/jackson/*" - classPath="/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/classpathLibraries/azureLibraries/*" + preClassPath="${preClassPath}/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/classpathLibraries/jackson/*" + classPath="${classPath}:/u01/domains/${WLS_DOMAIN_UID}/wlsdeploy/classpathLibraries/azureLibraries/*" fi cat <$filePath diff --git a/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh b/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh index b6a54f7a1..63495d256 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/genImageModel.sh @@ -33,7 +33,6 @@ domainInfo: AdminUserName: "@@SECRET:__weblogic-credentials__:username@@" AdminPassword: "@@SECRET:__weblogic-credentials__:password@@" ServerStartMode: "prod" - domainLibraries: [ 'wlsdeploy/domainLibraries/${constPostgreDriverName}', 'wlsdeploy/domainLibraries/${constMSSQLDriverName}'${dbDriverPaths}] topology: Name: "@@ENV:CUSTOM_DOMAIN_NAME@@" diff --git a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep index 41373f2c1..8dc5df1e0 100644 --- a/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep +++ b/weblogic-azure-aks/src/main/bicep/mainTemplate.bicep @@ -374,9 +374,6 @@ module preAzureResourceDeployment './modules/_preDeployedAzureResources.bicep' = createNewAcr: const_createNewAcr location: location } - dependsOn: [ - partnerCenterPid - ] } module validateInputs 'modules/_deployment-scripts/_ds-validate-parameters.bicep' = { diff --git a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep index ce8062a4f..570928d80 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-wls-cluster.bicep @@ -146,7 +146,7 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = { } { name: 'URL_3RD_DATASOURCE' - value: base64(string(dbDriverLibrariesUrls)) + value: string(dbDriverLibrariesUrls) } { name: 'USE_ORACLE_IMAGE' diff --git a/weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep b/weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep index 44eef1e5d..0be4fa305 100644 --- a/weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep +++ b/weblogic-azure-aks/src/main/bicep/modules/_setupPasswordlessDBConnection.bicep @@ -49,7 +49,8 @@ var const_podIdentitySelector = 'db-pod-identity' // Do not change this value. var name_dbIdentityName = split(items(dbIdentity.userAssignedIdentities)[0].key, '/')[8] // Azure JDBC plugins, used to generate connection string. var name_jdbcPlugins = { - mysql: 'defaultAuthenticationPlugin=com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin' + mysql: 'defaultAuthenticationPlugin=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin' + postgresql: 'authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin' } var name_podIdentity = format('{0}-pod-identity-{1}', databaseType, toLower(utcValue)) diff --git a/weblogic-azure-aks/src/main/resources/aks_well_tested_version.json b/weblogic-azure-aks/src/main/resources/aks_well_tested_version.json index e6d068c85..f5d004f29 100644 --- a/weblogic-azure-aks/src/main/resources/aks_well_tested_version.json +++ b/weblogic-azure-aks/src/main/resources/aks_well_tested_version.json @@ -1,6 +1,6 @@ { "name": "Known-good version of Azure Kubernetes Service", "description": "This version is known to work for all the features of Azure WebLogic on AKS offer.", - "value": "1.24.3", - "testedDate": "2022-08-24" + "value": "1.24.6", + "testedDate": "2022-12-19" } diff --git a/weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml b/weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml deleted file mode 100644 index dc34d13a2..000000000 --- a/weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml +++ /dev/null @@ -1,72 +0,0 @@ - - - - 4.0.0 - com.oracle.weblogic.azure - passwordless-mysql - 1.0-SNAPSHOT - jar - - 11 - 11 - - - - com.azure - azure-identity-providers-jdbc-mysql - 1.0.0-beta.1 - - - com.azure - azure-core - - - - - com.azure - azure-core - 1.34.0 - - - com.fasterxml.jackson.dataformat - jackson-dataformat-xml - - - com.fasterxml.jackson.datatype - jackson-datatype-jsr310 - - - com.azure - azure-core-http-netty - - - - - com.fasterxml.jackson.dataformat - jackson-dataformat-xml - 2.14.0 - - - com.fasterxml.jackson.datatype - jackson-datatype-jsr310 - 2.14.0 - - - com.azure - azure-core-http-netty - 1.12.7 - - - io.projectreactor.netty - reactor-netty-http - - - - - io.projectreactor.netty - reactor-netty-http - 1.1.0 - - - \ No newline at end of file From ec2b61a49a218ca9ae9dd55d2265580e5a9d2095 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Fri, 23 Dec 2022 00:04:07 +0800 Subject: [PATCH 415/720] Support passwordless PostgreSQL and MySQL in VM offers (#229) * update admin offer to support pswless mysqy and postgresql modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json new file: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dbTemplate.json new file: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json new file: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/dbTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh new file: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh * modify dynamic offer to support pswless mysql and postgresql Changes to be committed: modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json new file: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_dbTemplate.json new file: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json new file: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/dbTemplate.json modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-mysql.sh modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-oracle.sh modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-postgresql.sh modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh new file: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh * modify cluster offer to support pswless postgresql On branch passwordless-db Changes to be committed: modified: ../weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml modified: ../weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json modified: ../weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json modified: ../weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh * rename db deployment by specifying psw/pswless. * fix post-deployment error in installJdbcDrivers.sh * add pids * assign identity to vm * use resources from oracle repo. * add checkbox for "Enable cookie based affinity" set enableCookieBasedAffinity default value with true. gateway Changes to be committed: modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultAppGatewayConnectorTemplate.json modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/appGatewayNestedTemplate.json --- .../arm-oraclelinux-wls-admin/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 78 +++-- .../src/main/arm/mainTemplate.json | 23 ++ .../_appendUserManagedIdentity.json | 30 ++ .../main/arm/nestedtemplates/_dbTemplate.json | 240 ++++++++++++++ .../_installJdbcLibsTemplate.json | 100 ++++++ .../nestedtemplates/_pswlessDbTemplate.json | 267 +++++++++++++++ .../main/arm/nestedtemplates/dbTemplate.json | 273 +++++++++------- .../main/scripts/datasourceConfig-mysql.sh | 24 +- .../main/scripts/datasourceConfig-oracle.sh | 13 +- .../scripts/datasourceConfig-postgresql.sh | 14 +- .../scripts/datasourceConfig-sqlserver.sh | 13 +- .../src/main/scripts/installJdbcDrivers.sh | 268 +++++++++++++++ .../arm-oraclelinux-wls-cluster/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 46 ++- .../src/main/arm/mainTemplate.json | 10 + .../_appendUserManagedIdentity.json | 30 ++ .../_keyvaultAppGatewayConnectorTemplate.json | 16 + .../nestedtemplates/_pswlessDbTemplate.json | 44 ++- .../appGatewayNestedTemplate.json | 11 +- .../main/arm/nestedtemplates/dbTemplate.json | 2 +- .../src/main/scripts/installJdbcDrivers.sh | 85 +++-- .../pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 76 +++-- .../src/main/arm/mainTemplate.json | 26 ++ .../_appendUserManagedIdentity.json | 30 ++ .../main/arm/nestedtemplates/_dbTemplate.json | 244 ++++++++++++++ .../_installJdbcLibsTemplate.json | 121 +++++++ .../nestedtemplates/_pswlessDbTemplate.json | 294 +++++++++++++++++ .../main/arm/nestedtemplates/dbTemplate.json | 304 +++++++++++------- .../main/scripts/datasourceConfig-mysql.sh | 24 +- .../main/scripts/datasourceConfig-oracle.sh | 13 +- .../scripts/datasourceConfig-postgresql.sh | 13 +- .../scripts/datasourceConfig-sqlserver.sh | 13 +- .../src/main/scripts/installJdbcDrivers.sh | 268 +++++++++++++++ 35 files changed, 2673 insertions(+), 346 deletions(-) create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dbTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_dbTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml index 35ee19201..17145e51b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/pom.xml @@ -10,7 +10,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-admin - 1.0.38 + 1.0.39 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json index a5f939c88..249b59896 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/createUiDefinition.json @@ -986,7 +986,7 @@ "constraints": { "allowedValues": [ { - "label": "Azure database for PostgreSQL", + "label": "Azure database for PostgreSQL (with support for passwordless connection)", "value": "postgresql" }, { @@ -998,7 +998,7 @@ "value": "sqlserver" }, { - "label": "MySQL", + "label": "MySQL (with support for passwordless connection)", "value": "mysql" } ], @@ -1007,13 +1007,12 @@ "visible": true }, { - "name": "dbDriverWarningInfo", + "name": "mysqlJDBCDriverInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[and(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'), or(equals(basics('skuUrnVersion'), 'owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest'), equals(basics('skuUrnVersion'), 'owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest')))]", + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]", "options": { - "icon": "Warning", - "text": "Your current selection of WebLogic Server version, Java version, and MySQL database has a known problem. Please see the link for important information on how to solve it.", - "uri": "https://aka.ms/wls-vms-mysql-12213" + "icon": "Info", + "text": "To support passwordless connection and various functionalities, the offer will upgrade the Oracle WebLogic Server MySQL driver with recent MySQL Connector Java driver." } }, { @@ -1023,7 +1022,7 @@ "toolTip": "The JNDI name for the database JDBC connection", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "^[a-z0-9A-Z/]{1,30}$", "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." }, @@ -1036,15 +1035,23 @@ "toolTip": "The JDBC connection string for the database", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "validations": [ { - "regex": "[concat('^jdbc:', coalesce(steps('section_database').databaseConnectionInfo.databaseType, ''), '.*$')]", - "message": "A valid JDBC URL for the chosen database type must be provided" + "regex": "^jdbc:.*$", + "message": "A valid JDBC URL must start with 'jdbc:'." + }, + { + "isValid": "[startsWith(steps('section_database').databaseConnectionInfo.dsConnectionURL, concat('jdbc:', steps('section_database').databaseConnectionInfo.databaseType))]", + "message": "A valid JDBC URL for the chosen database type must be provided." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append defaultAuthenticationPlugin, authenticationPlugins with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." }, { - "isValid": "[if(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'), and(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'serverTimezone'), contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'enabledTLSProtocols=TLSv1.2')), bool('true'))]", - "message": "The connection string of MySQL must contain server time zone and enable TLS v1.2, for an example, 'jdbc:mysql://contoso.mysql.database.azure.com:3306/guest?useSSL=true&requireSSL=false&serverTimezone=UTC&enabledTLSProtocols=TLSv1.2'." + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPluginClassName')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append authenticationPluginClassName with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -1096,12 +1103,27 @@ "toolTip": "Use only letters and numbers", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", - "regex": "^(?!\\-)([a-z0-9A-Z@\\-]{1,128})([^\\-])$", - "validationMessage": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + "required": true, + "validations": [ + { + "regex": "^(?!\\-)([a-z0-9A-Z@\\-]{1,128})([^\\-])$", + "message": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + }, + { + "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." + } + ] }, "visible": true }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + }, { "name": "dbPassword", "type": "Microsoft.Common.PasswordBox", @@ -1111,14 +1133,30 @@ }, "toolTip": "Database Password", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "^((?=.*[0-9])(?=.*[a-zA-Z!@#$%^&*])).{5,128}$", "validationMessage": "The password must be between 5 and 128 characters long and have at least one number." }, "options": { "hideConfirmation": false }, - "visible": true + "visible": "[and(bool(steps('section_database').enableDB), not(steps('section_database').databaseConnectionInfo.enablePswlessConnection))]" + }, + { + "name": "dbIdentity", + "type": "Microsoft.ManagedIdentity.IdentitySelector", + "label": "Connect database with Managed Identity", + "toolTip": { + "userAssignedIdentity": "Select a user assigned identity that has access to your database. For how to create a database user for your managed identity, see https://aka.ms/javaee-db-identity." + }, + "defaultValue": { + "systemAssignedIdentity": "Off" + }, + "options": { + "hideSystemAssignedIdentity": true, + "hideUserAssignedIdentity": false + }, + "visible": "[and(bool(steps('section_database').enableDB), steps('section_database').databaseConnectionInfo.enablePswlessConnection)]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -1457,6 +1495,7 @@ "addressPrefixes": "[steps('section_networkingConfiguration').virtualNetwork.addressPrefixes]", "databaseType": "[steps('section_database').databaseConnectionInfo.databaseType]", "denyPublicTrafficForAdminServer": "[steps('section_networkingConfiguration').denyPublicTrafficForAdminServer]", + "dbIdentity": "[steps('section_database').databaseConnectionInfo.dbIdentity]", "dbPassword": "[steps('section_database').databaseConnectionInfo.dbPassword]", "dbUser": "[steps('section_database').databaseConnectionInfo.dbUser]", "dbGlobalTranPro": "[steps('section_database').databaseConnectionInfo.dbGlobalTranPro]", @@ -1472,6 +1511,7 @@ "enableDB": "[bool(steps('section_database').enableDB)]", "enableCustomDNS": "[bool(steps('section_networkingConfiguration').enableCustomDNS)]", "enableELK": "[bool(steps('section_elk').enableELK)]", + "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", "hasDNSZones": "[bool(if(bool(steps('section_networkingConfiguration').enableCustomDNS), steps('section_networkingConfiguration').customDNSSettings.bringDNSZone, 'false'))]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", "logsToIntegrate": "[steps('section_elk').elkInfo.logsToIntegrate]", @@ -1516,4 +1556,4 @@ "virtualNetworkNewOrExisting": "[steps('section_networkingConfiguration').virtualNetwork.newOrExisting]" } } -} +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json index 949830654..f071fe0f6 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/mainTemplate.json @@ -93,6 +93,13 @@ "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." } }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, "dbPassword": { "defaultValue": "", "type": "securestring", @@ -198,6 +205,13 @@ "description": "Boolean value indicating, if custom SSL is enabled or not" } }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless JDBC connection." + } + }, "sslConfigurationAccessOption": { "type": "string", "metadata": { @@ -946,6 +960,9 @@ "dbGlobalTranPro": { "value": "[parameters('dbGlobalTranPro')]" }, + "dbIdentity": { + "value": "[parameters('dbIdentity')]" + }, "dbPassword": { "value": "[parameters('dbPassword')]" }, @@ -955,12 +972,18 @@ "dsConnectionURL": { "value": "[parameters('dsConnectionURL')]" }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, "jdbcDataSourceName": { "value": "[parameters('jdbcDataSourceName')]" }, "location": { "value": "[parameters('location')]" }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, "wlsPassword": { "value": "[parameters('wlsPassword')]" }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json new file mode 100644 index 000000000..ba47748a4 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json @@ -0,0 +1,30 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "vmName": { + "type": "string" + }, + "existingIdentities": { + "type": "object" + }, + "newIdentities": { + "type": "object" + }, + "location": { + "type": "string" + } + }, + "resources": [ + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines", + "name": "[parameters('vmName')]", + "location": "[parameters('location')]", + "identity": { + "type": "userAssigned", + "userAssignedIdentities": "[union(parameters('existingIdentities'),parameters('newIdentities'))]" + } + } + ] +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dbTemplate.json new file mode 100644 index 000000000..92fbbe90e --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_dbTemplate.json @@ -0,0 +1,240 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationDbTemplate": { + "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", + "type": "string", + "metadata": { + "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." + } + }, + "_artifactsLocationSasToken": { + "defaultValue": "", + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + } + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "dbGlobalTranPro": { + "defaultValue": "OnePhaseCommit", + "type": "string", + "metadata": { + "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." + } + }, + "dbPassword": { + "defaultValue": "[newGuid()]", + "type": "securestring", + "metadata": { + "description": "Password for Database" + } + }, + "dbUser": { + "type": "string", + "metadata": { + "description": "Userid of Database" + } + }, + "dsConnectionURL": { + "type": "string", + "metadata": { + "description": "JDBC Connection String" + } + }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, + "jdbcDataSourceName": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "JNDI Name for JDBC Datasource" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "const_wlsAdminPort": "7005", + "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", + "name_scriptFilePrefix": "datasourceConfig-", + "name_scriptFileSuffix-sqlserver": "sqlserver.sh", + "name_scriptFileSuffix-oracle": "oracle.sh", + "name_scriptFileSuffix-postgresql": "postgresql.sh", + "name_scriptFileSuffix-mysql": "mysql.sh" + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${admin.database.start}", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines/extensions", + "name": "[concat(parameters('adminVMName'),'/newuserscript')]", + "location": "[parameters('location')]", + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.0", + "autoUpgradeMinorVersion": true, + "settings": { + "fileUris": [ + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-sqlserver'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-oracle'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-postgresql'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-mysql'), parameters('_artifactsLocationSasToken')))]" + ] + }, + "protectedSettings": { + "commandToExecute": "[concat('sh',' ',variables('name_scriptFilePrefix'),parameters('databaseType'),'.sh <<< \"',variables('const_wlsHome'),' ',parameters('adminVMName'),' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',base64(parameters('jdbcDataSourceName')),' ',base64(parameters('dsConnectionURL')),' ',parameters('dbUser'),' ',base64(parameters('dbPassword')), ' ', parameters('dbGlobalTranPro'), ' ', parameters('enablePswlessConnection'), '\"')]" + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${admin.database.end}", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.oracle}", + "condition": "[if(contains(parameters('databaseType'), 'oracle'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.postgresql}", + "condition": "[if(contains(parameters('databaseType'), 'postgresql'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.sqlserver}", + "condition": "[if(contains(parameters('databaseType'), 'sqlserver'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.mysql}", + "condition": "[if(contains(parameters('databaseType'), 'mysql'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "string", + "value": "[parameters('_artifactsLocation')]" + } + } +} diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json new file mode 100644 index 000000000..ef1d3b1fc --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json @@ -0,0 +1,100 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationInstallJdbcLibsTemplate": { + "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", + "type": "string", + "metadata": { + "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "const_wlsAdminPort": "7005", + "const_wlsDomainPath": "[concat('/u01/domains/', parameters('wlsDomainName'))]", + "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", + "name_scriptInstallJdbcLibs": "installJdbcDrivers.sh" + }, + "resources": [ + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines/extensions", + "name": "[concat(parameters('adminVMName'), '/newuserscript')]", + "location": "[parameters('location')]", + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.0", + "autoUpgradeMinorVersion": true, + "settings": { + "fileUris": [ + "[uri(parameters('_artifactsLocationInstallJdbcLibsTemplate'), concat('../scripts/', variables('name_scriptInstallJdbcLibs'), parameters('_artifactsLocationSasToken')))]" + ] + }, + "protectedSettings": { + "commandToExecute": "[concat('sh',' ',variables('name_scriptInstallJdbcLibs'),' <<< \"',variables('const_wlsHome'),' ',variables('const_wlsDomainPath'),' ','admin', ' ', parameters('adminVMName'), ' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',parameters('databaseType'),' ',parameters('enablePswlessConnection'), '\"')]" + } + } + } + ] +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json new file mode 100644 index 000000000..bd8b85ae2 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -0,0 +1,267 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "dbGlobalTranPro": { + "defaultValue": "OnePhaseCommit", + "type": "string", + "metadata": { + "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." + } + }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, + "dbUser": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Userid of Database" + } + }, + "dsConnectionURL": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JDBC Connection String" + } + }, + "jdbcDataSourceName": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JNDI Name for JDBC Datasource" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "const_identityAPIVersion": "${azure.apiVersionForIndentity}", + "name_appendIdentityTemplate": "_appendUserManagedIdentity.json", + "name_installJdbcLibsTemplate": "_installJdbcLibsTemplate.json", + "name_dbTemplate": "_dbTemplate.json", + "array_azureJdbcPlugins": { + "mysql": "defaultAuthenticationPlugin=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin", + "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin" + }, + "obj_dbIdentity": { + "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} + }, + "obj_empty": {} + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${admin.pswless.database.start}", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "assignDbIdentityToAdminVM", + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_appendIdentityTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "vmName": { + "value": "[parameters('adminVMName')]" + }, + "newIdentities": { + "value": "[variables('obj_dbIdentity')]" + }, + "existingIdentities": { + "value": "[if(equals(reference(resourceId('Microsoft.Compute/virtualMachines',parameters('adminVMName')), '${azure.apiVersion}', 'Full').identity.type,'UserAssigned'),reference(resourceId('Microsoft.Compute/virtualMachines',parameters('adminVMName')), '${azure.apiVersion}', 'Full').identity.userAssignedIdentities, variables('obj_empty'))]" + }, + "location": { + "value": "[parameters('location')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "installJdbcLibsTemplate", + "dependsOn": [ + "assignDbIdentityToAdminVM" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_installJdbcLibsTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "enablePswlessConnection": { + "value": true + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "passwordlessDatasourceDeployment", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'installJdbcLibsTemplate')]" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dsConnectionURL": { + "value": "[uri(format('{0}&{1}&azure.clientId={2}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId), '')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "enablePswlessConnection": { + "value": true + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${admin.pswless.database.end}", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'passwordlessDatasourceDeployment')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [] + } + } + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "string", + "value": "[parameters('_artifactsLocation')]" + } + } +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/dbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/dbTemplate.json index 5d97ff96b..c0f36a61d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/dbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/arm/nestedtemplates/dbTemplate.json @@ -8,19 +8,12 @@ "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." } }, - "_artifactsLocationDbTemplate": { - "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", - "type": "string", - "metadata": { - "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." - } - }, "_artifactsLocationSasToken": { - "defaultValue": "", "type": "securestring", "metadata": { "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." - } + }, + "defaultValue": "" }, "adminVMName": { "type": "string", @@ -30,6 +23,7 @@ } }, "databaseType": { + "defaultValue": "", "type": "string", "metadata": { "description": "One of the supported database types" @@ -42,27 +36,44 @@ "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." } }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, "dbPassword": { + "defaultValue": "[newGuid()]", "type": "securestring", "metadata": { "description": "Password for Database" } }, "dbUser": { + "defaultValue": "", "type": "string", "metadata": { "description": "Userid of Database" } }, "dsConnectionURL": { + "defaultValue": "", "type": "string", "metadata": { "description": "JDBC Connection String" } }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, "jdbcDataSourceName": { - "type": "string", "defaultValue": "", + "type": "string", "metadata": { "description": "JNDI Name for JDBC Datasource" } @@ -73,6 +84,13 @@ "description": "Location for all resources." } }, + "wlsDomainName": { + "type": "string", + "defaultValue": "adminDomain", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, "wlsPassword": { "type": "securestring", "metadata": { @@ -87,138 +105,161 @@ } }, "variables": { - "const_wlsAdminPort": "7005", - "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", - "name_scriptFilePrefix": "datasourceConfig-", - "name_scriptFileSuffix-sqlserver": "sqlserver.sh", - "name_scriptFileSuffix-oracle": "oracle.sh", - "name_scriptFileSuffix-postgresql": "postgresql.sh", - "name_scriptFileSuffix-mysql": "mysql.sh" + "name_dbLinkedTemplateName": "_dbTemplate.json", + "name_dbPswlessTemplateName": "_pswlessDbTemplate.json", + "name_dbUpgradeMySQLDriver": "_installJdbcLibsTemplate.json" }, "resources": [ { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "${admin.database.start}", + "name": "pswlessDbTemplate", + "condition": "[parameters('enablePswlessConnection')]", "properties": { "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "apiVersion": "${azure.apiVersionForVirtualMachines}", - "type": "Microsoft.Compute/virtualMachines/extensions", - "name": "[concat(parameters('adminVMName'),'/newuserscript')]", - "location": "[parameters('location')]", - "properties": { - "publisher": "Microsoft.Azure.Extensions", - "type": "CustomScript", - "typeHandlerVersion": "2.0", - "autoUpgradeMinorVersion": true, - "settings": { - "fileUris": [ - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-sqlserver'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-oracle'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-postgresql'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-mysql'), parameters('_artifactsLocationSasToken')))]" - ] + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbPswlessTemplateName')))]", + "contentVersion": "1.0.0.0" }, - "protectedSettings": { - "commandToExecute": "[concat('sh',' ',variables('name_scriptFilePrefix'),parameters('databaseType'),'.sh <<< \"',variables('const_wlsHome'),' ',parameters('adminVMName'),' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',base64(parameters('jdbcDataSourceName')),' ',base64(parameters('dsConnectionURL')),' ',parameters('dbUser'),' ',base64(parameters('dbPassword')), ' ', parameters('dbGlobalTranPro'), '\"')]" - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${admin.database.end}", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.oracle}", - "condition": "[if(contains(parameters('databaseType'), 'oracle'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dbIdentity": { + "value": "[parameters('dbIdentity')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "dsConnectionURL": { + "value": "[parameters('dsConnectionURL')]" + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } } } }, { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "${database.postgresql}", - "condition": "[if(contains(parameters('databaseType'), 'postgresql'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], + "name": "upgradeMySQLJdbcDriverTemplate", + "condition": "[and(not(parameters('enablePswlessConnection')), equals(parameters('databaseType'),'mysql'))]", "properties": { "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.sqlserver}", - "condition": "[if(contains(parameters('databaseType'), 'sqlserver'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbUpgradeMySQLDriver')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } } } }, { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "${database.mysql}", - "condition": "[if(contains(parameters('databaseType'), 'mysql'), bool('true'), bool('false'))]", + "name": "passwordDatasourceDeployment", + "condition": "[not(parameters('enablePswlessConnection'))]", "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + "[resourceId('Microsoft.Resources/deployments', 'upgradeMySQLJdbcDriverTemplate')]" ], "properties": { "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbLinkedTemplateName')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dbPassword": { + "value": "[parameters('dbPassword')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "dsConnectionURL": { + "value": "[parameters('dsConnectionURL')]" + }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } } } } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh index 967ffe653..7c5369c0f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-mysql.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then wlsClusterName="cluster1" @@ -92,17 +92,33 @@ function validateInput() exit 1 fi + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + if [ -z "$wlsClusterName" ]; then echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() { -echo "Creating JDBC data source with name $jdbcDataSourceName" -cat <${scriptPath}/create_datasource.py + local driverName="com.mysql.jdbc.Driver" + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + driverName="com.mysql.cj.jdbc.Driver" + fi + + echo "Creating JDBC data source with name $jdbcDataSourceName" + cat <${scriptPath}/create_datasource.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') edit("$hostName") startEdit() @@ -117,7 +133,7 @@ try: cmo.setDatasourceType('GENERIC') cd('/JDBCSystemResources/$jdbcDataSourceName/JDBCResource/$jdbcDataSourceName/JDBCDriverParams/$jdbcDataSourceName') cmo.setUrl('$dsConnectionURL') - cmo.setDriverName('com.mysql.jdbc.Driver') + cmo.setDriverName('$driverName') cmo.setPassword('$dsPassword') cd('/JDBCSystemResources/$jdbcDataSourceName/JDBCResource/$jdbcDataSourceName/JDBCConnectionPoolParams/$jdbcDataSourceName') cmo.setTestTableName('SQL ISVALID\r\n\r\n\r\n\r\n') diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh index 1b432c4e9..4549073bb 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-oracle.sh @@ -90,6 +90,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() @@ -148,7 +159,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh index f4735b727..056534e64 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-postgresql.sh @@ -90,6 +90,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() @@ -145,7 +156,6 @@ function createTempFolder() sudo rm -rf $scriptPath/* } - # store arguments in a special array args=("$@") # get number of elements @@ -154,7 +164,7 @@ ELEMENTS=${#args[@]} #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh index 1e945d7a0..b3b7473d7 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/datasourceConfig-sqlserver.sh @@ -90,6 +90,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() @@ -148,7 +159,7 @@ function createTempFolder() #main #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName wlsAdminURL=$wlsAdminHost:$wlsAdminPort hostName=`hostname` diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh new file mode 100644 index 000000000..1b10d87d6 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/scripts/installJdbcDrivers.sh @@ -0,0 +1,268 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# Description +# This script is to install jdbc libraries at WebLogic cluster domain. + +# /bin/bash + +#Function to output message to StdErr +function echo_stderr() { + echo "$@" >&2 +} + +#Function to display usage message +function usage() { + echo_stderr "./installJdbcDrivers.sh <<< \"\"" +} + +function validate_input() { + + # parse base64 string + wlsPassword=$(echo "${wlsPassword}" | base64 -d) + + if [ -z "$oracleHome" ]; then + echo _stderr "Please provide oracleHome" + exit 1 + fi + + if [ -z "$domainPath" ]; then + echo _stderr "Please provide domainPath" + exit 1 + fi + + if [ -z "$wlsServerName" ]; then + echo _stderr "Please provide wlsServerName" + exit 1 + fi + + if [ -z "$wlsAdminHost" ]; then + echo _stderr "Please provide wlsAdminHost" + exit 1 + fi + + if [ -z "$wlsAdminPort" ]; then + echo _stderr "Please provide wlsAdminPort" + exit 1 + fi + + if [ -z "$wlsUserName" ]; then + echo _stderr "Please provide wlsUserName" + exit 1 + fi + + if [ -z "$wlsPassword" ]; then + echo _stderr "Please provide wlsPassword" + exit 1 + fi + + if [ -z "$databaseType" ]; then + echo _stderr "Please provide databaseType" + exit 1 + fi + + if [ -z "$enablePswlessConnection" ]; then + echo _stderr "Please provide enablePswlessConnection" + exit 1 + fi +} + +function install_maven() { + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${url4MavenInstaller}" -o ${mvnInstaller} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${url4MavenInstaller}." + fi + + tar xzvf ${mvnInstaller} -C /u01/app + export MAVEN_HOME=/u01/app/apache-maven-${mvnVersion} + . $oracleHome/oracle_common/common/bin/setWlstEnv.sh # set JAVA_HOME + export PATH=${MAVEN_HOME}/bin:$PATH + + rm ${mvnInstaller} -f + mvn --version + if [ $? != 0 ]; then + echo_stderr "Failed to install maven." + fi +} + +function uninstall_maven() { + sudo rm -f ${MAVEN_HOME} -R +} + +function install_azure_identity_extension() { + local myPomFile=pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4AzureIdentityExtensionPomFile}" -o ${myPomFile} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${gitUrl4AzureIdentityExtensionPomFile}." + fi + + echo "download dependencies" + mvn dependency:copy-dependencies -f ${myPomFile} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + domainBase=$(dirname $domainPath) + + # check if azure identity extension has been installed, if so, remove old version + if [ -d "${domainBase}/azure-libraries/identity" ]; then + sudo rm ${domainBase}/azure-libraries/identity -f -r + sudo rm ${domainBase}/azure-libraries/jackson -f -r + fi + + sudo mkdir -p ${domainBase}/azure-libraries/identity + sudo mkdir -p ${domainBase}/azure-libraries/jackson + # fix JARs conflict issue, put jackson libraries to PRE_CLASSPATH to upgrade the existing libs. + sudo mv target/dependency/jackson-annotations-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-core-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-databind-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-dataformat-xml-*.jar ${domainBase}/azure-libraries/jackson + # Those jars will be appended to CLASSPATH + sudo mv target/dependency/*.jar ${domainBase}/azure-libraries/identity + sudo chown -R oracle:oracle ${domainBase}/azure-libraries + else + echo "Failed to download dependencies for azure-identity-extension" + exit 1 + fi + + rm ${myPomFile} -f + rm target -f -r + if ! grep -q "${domainBase}/azure-libraries/identity/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nCLASSPATH="'${domainBase}'/azure-libraries/identity/*:${CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi + + if ! grep -q "${domainBase}/azure-libraries/jackson/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/azure-libraries/jackson/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi +} + +function upgrade_mysql_driver() { + local mysqlPomFile=mysql-pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4MySQLDriverPomFile}" -o ${mysqlPomFile} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${gitUrl4MySQLDriverPomFile}." + fi + + echo "download dependencies" + mvn dependency:copy-dependencies -f ${mysqlPomFile} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + local domainBase=$(dirname $domainPath) + local preClassLibsFolderName=preclasspath-libraries + + # check if the driver has been upgraded, if so, remove old driver + if [ -e ${domainBase}/${preClassLibsFolderName}/mysql-connector-*.jar ]; then + sudo rm ${domainBase}/${preClassLibsFolderName} -f -r + fi + + sudo mkdir ${domainBase}/${preClassLibsFolderName} + sudo mv target/dependency/mysql-connector-*.jar ${domainBase}/${preClassLibsFolderName}/ + sudo chown -R oracle:oracle ${domainBase}/${preClassLibsFolderName} + else + echo "Failed to download mysql driver." + exit 1 + fi + + rm ${mysqlPomFile} -f + rm target -f -r + + if ! grep -q "${domainBase}/preclasspath-libraries/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/preclasspath-libraries/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi +} + +#This function to wait for admin server +function wait_for_admin() { + #wait for admin to start + count=1 + CHECK_URL="http://$wlsAdminURL/weblogic/ready" + status=$(curl --insecure -ILs $CHECK_URL | tac | grep -m1 HTTP/1.1 | awk {'print $2'}) + echo "Waiting for admin server to start" + while [[ "$status" != "200" ]]; do + echo "." + count=$((count + 1)) + if [ $count -le 30 ]; then + sleep 1m + else + echo "Error : Maximum attempts exceeded while starting admin server" + exit 1 + fi + status=$(curl --insecure -ILs $CHECK_URL | tac | grep -m1 HTTP/1.1 | awk {'print $2'}) + if [ "$status" == "200" ]; then + echo "Admin Server started succesfully..." + break + fi + done +} + +function restart_admin_service() { + echo "Restart weblogic admin server service" + sudo systemctl stop wls_admin + sudo systemctl start wls_admin + wait_for_admin +} + +function restart_managed_servers() { + echo "Restart managed servers" + cat <${SCRIPT_PWD}/restart-managedServer.py +connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +servers=cmo.getServers() +domainRuntime() +print "Restart the servers which are in RUNNING status" +for server in servers: + bean="/ServerLifeCycleRuntimes/"+server.getName() + serverbean=getMBean(bean) + if (serverbean.getState() in ("RUNNING")) and (server.getName() == '${wlsServerName}'): + try: + print "Stop the Server ",server.getName() + shutdown(server.getName(),server.getType(),ignoreSessions='true',force='true') + print "Start the Server ",server.getName() + start(server.getName(),server.getType()) + break + except: + print "Failed restarting managed server ", server.getName() + dumpStack() +serverConfig() +disconnect() +EOF + . $oracleHome/oracle_common/common/bin/setWlstEnv.sh + java $WLST_ARGS weblogic.WLST ${SCRIPT_PWD}/restart-managedServer.py + + if [[ $? != 0 ]]; then + echo "Error : Fail to restart managed server to configuration external libraries." + exit 1 + fi +} + +#read arguments from stdin +read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName wlsPassword databaseType enablePswlessConnection + +export curlMaxTime=120 # seconds +export gitUrl4AzureIdentityExtensionPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" +export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml" +export mvnVersion="3.8.6" +export mvnInstaller="apache-maven-${mvnVersion}-bin.tar.gz" +export retryMaxAttempt=5 # retry attempt for curl command +export url4MavenInstaller="https://dlcdn.apache.org/maven/maven-3/${mvnVersion}/binaries/${mvnInstaller}" +export wlsAdminURL=$wlsAdminHost:$wlsAdminPort + +validate_input + +install_maven + +if [ $databaseType == "mysql" ]; then + upgrade_mysql_driver +fi + +if [ "${enablePswlessConnection,,}" == "true" ]; then + if [[ $databaseType == "mysql" || $databaseType == "postgresql" ]]; then + install_azure_identity_extension + fi +fi + +uninstall_maven + +if [ $wlsServerName == "admin" ]; then + restart_admin_service +else + restart_managed_servers +fi diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml index 255dee4b2..0ea5c601e 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/pom.xml @@ -12,7 +12,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-cluster - 1.0.50000 + 1.0.51000 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json index c4bc75a22..8536fcee8 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/createUiDefinition.json @@ -778,6 +778,13 @@ "required": false } }, + { + "name": "enableCookieBasedAffinity", + "type": "Microsoft.Common.CheckBox", + "label": "Enable cookie based affinity", + "toolTip": "If checked, enable cookie based affinity", + "visible": "[steps('section_appGateway').enableAppGateway]" + }, { "name": "keyVaultText00", "type": "Microsoft.Common.TextBlock", @@ -1308,7 +1315,7 @@ "constraints": { "allowedValues": [ { - "label": "Azure database for PostgreSQL", + "label": "Azure database for PostgreSQL (with support for passwordless connection)", "value": "postgresql" }, { @@ -1320,7 +1327,7 @@ "value": "sqlserver" }, { - "label": "MySQL (With support for passwordless connection)", + "label": "MySQL (with support for passwordless connection)", "value": "mysql" } ], @@ -1337,13 +1344,6 @@ "text": "To support passwordless connection and various functionalities, the offer will upgrade the Oracle WebLogic Server MySQL driver with recent MySQL Connector Java driver." } }, - { - "name": "enablePswlessConnection", - "type": "Microsoft.Common.CheckBox", - "label": "Use passwordless datasource connection", - "toolTip": "Use passwordless datasource connection.", - "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]" - }, { "name": "jdbcDataSourceName", "type": "Microsoft.Common.TextBox", @@ -1351,7 +1351,7 @@ "toolTip": "The JNDI name for the database JDBC connection", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "^[a-z0-9A-Z/]{1,30}$", "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." }, @@ -1364,15 +1364,23 @@ "toolTip": "The JDBC connection string for the database", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "validations": [ { - "regex": "[concat('^jdbc:', coalesce(steps('section_database').databaseConnectionInfo.databaseType, ''), '.*$')]", - "message": "A valid JDBC URL for the chosen database type must be provided" + "regex": "^jdbc:.*$", + "message": "A valid JDBC URL must start with 'jdbc:'." }, { - "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "isValid": "[startsWith(steps('section_database').databaseConnectionInfo.dsConnectionURL, concat('jdbc:', steps('section_database').databaseConnectionInfo.databaseType))]", + "message": "A valid JDBC URL for the chosen database type must be provided." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", "message": "The offer will append defaultAuthenticationPlugin, authenticationPlugins with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPluginClassName')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append authenticationPluginClassName with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -1438,6 +1446,13 @@ }, "visible": true }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + }, { "name": "dbPassword", "type": "Microsoft.Common.PasswordBox", @@ -1447,7 +1462,7 @@ }, "toolTip": "Database Password", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "^((?=.*[0-9])(?=.*[a-zA-Z!@#$%^&*])).{5,128}$", "validationMessage": "The password must be between 5 and 128 characters long and have at least one number." }, @@ -1940,6 +1955,7 @@ "enableAppGateway": "[steps('section_appGateway').enableAppGateway]", "enableCoherence": "[bool(steps('section_coherence').enableCoherence)]", "enableCoherenceWebLocalStorage": "[bool(if(bool(steps('section_coherence').enableCoherence),steps('section_coherence').coherenceInfo.enableCoherenceWebLocalStorage,'false'))]", + "enableCookieBasedAffinity": "[bool(steps('section_appGateway').enableCookieBasedAffinity)]", "enableDNSConfiguration": "[bool(steps('section_networkingConfiguration').enableCustomDNS)]", "enableELK": "[bool(steps('section_elk').enableELK)]", "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json index f7723c2ca..333b68551 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/mainTemplate.json @@ -232,6 +232,13 @@ "description": "Specifies whether Local Storage is enabled for the Coherence*Web cluster tier." } }, + "enableCookieBasedAffinity": { + "defaultValue": true, + "type": "bool", + "metadata": { + "description": "true to enable cookie based affinity." + } + }, "enableDB": { "defaultValue": false, "type": "bool", @@ -1166,6 +1173,9 @@ "domainLabelforApplicationGateway": { "value": "[variables('name_domainLabelforApplicationGateway')]" }, + "enableCookieBasedAffinity": { + "value": "[parameters('enableCookieBasedAffinity')]" + }, "gatewayPublicIPAddressName": { "value": "[parameters('gatewayPublicIPAddressName')]" }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json new file mode 100644 index 000000000..ba47748a4 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json @@ -0,0 +1,30 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "vmName": { + "type": "string" + }, + "existingIdentities": { + "type": "object" + }, + "newIdentities": { + "type": "object" + }, + "location": { + "type": "string" + } + }, + "resources": [ + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines", + "name": "[parameters('vmName')]", + "location": "[parameters('location')]", + "identity": { + "type": "userAssigned", + "userAssignedIdentities": "[union(parameters('existingIdentities'),parameters('newIdentities'))]" + } + } + ] +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultAppGatewayConnectorTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultAppGatewayConnectorTemplate.json index c8c4eb95e..a0731330b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultAppGatewayConnectorTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_keyvaultAppGatewayConnectorTemplate.json @@ -48,6 +48,13 @@ "description": "Azure DNS for Application Gateway" } }, + "enableCookieBasedAffinity": { + "defaultValue": true, + "type": "bool", + "metadata": { + "description": "true to enable cookie based affinity." + } + }, "gatewayPublicIPAddressName": { "defaultValue": "gwip", "type": "string", @@ -237,6 +244,9 @@ "dnsNameforApplicationGateway": { "value": "[parameters('domainLabelforApplicationGateway')]" }, + "enableCookieBasedAffinity": { + "value": "[parameters('enableCookieBasedAffinity')]" + }, "gatewayPublicIPAddressName": { "value": "[parameters('gatewayPublicIPAddressName')]" }, @@ -319,6 +329,9 @@ "dnsNameforApplicationGateway": { "value": "[parameters('domainLabelforApplicationGateway')]" }, + "enableCookieBasedAffinity": { + "value": "[parameters('enableCookieBasedAffinity')]" + }, "gatewayPublicIPAddressName": { "value": "[parameters('gatewayPublicIPAddressName')]" }, @@ -396,6 +409,9 @@ "dnsNameforApplicationGateway": { "value": "[parameters('domainLabelforApplicationGateway')]" }, + "enableCookieBasedAffinity": { + "value": "[parameters('enableCookieBasedAffinity')]" + }, "gatewayPublicIPAddressName": { "value": "[parameters('gatewayPublicIPAddressName')]" }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json index ba3b667e9..602cd05df 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -109,11 +109,17 @@ "variables": { "const_identityAPIVersion": "${azure.apiVersionForIndentity}", "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", + "name_appendIdentityTemplate": "_appendUserManagedIdentity.json", "name_installJdbcLibsTemplate": "_installJdbcLibsTemplate.json", "name_dbTemplate": "_dbTemplate.json", "array_azureJdbcPlugins": { - "mysql": "defaultAuthenticationPlugin=com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.providers.mysql.AzureIdentityMysqlAuthenticationPlugin" - } + "mysql": "defaultAuthenticationPlugin=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin", + "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin" + }, + "obj_dbIdentity": { + "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} + }, + "obj_empty": {} }, "resources": [ { @@ -130,18 +136,32 @@ } }, { - "apiVersion": "${azure.apiVersionForVirtualMachines}", - "type": "Microsoft.Compute/virtualMachines", - "name": "[concat(variables('const_managedVMPrefix'), copyIndex(1))]", - "location": "[parameters('location')]", + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "[concat('assignDbIdentityTo',variables('const_managedVMPrefix'), copyIndex(1))]", "copy": { "name": "virtualMachineIdentityLoop", "count": "[parameters('numberOfManagedApplicationInstances')]" }, - "identity": { - "type": "userAssigned", - "userAssignedIdentities": { - "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_appendIdentityTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "vmName": { + "value": "[concat(variables('const_managedVMPrefix'), copyIndex(1))]" + }, + "newIdentities": { + "value": "[variables('obj_dbIdentity')]" + }, + "existingIdentities": { + "value": "[if(equals(reference(resourceId('Microsoft.Compute/virtualMachines',concat(variables('const_managedVMPrefix'), copyIndex(1))), '${azure.apiVersion}', 'Full').identity.type,'UserAssigned'),reference(resourceId('Microsoft.Compute/virtualMachines',concat(variables('const_managedVMPrefix'), copyIndex(1))), '${azure.apiVersion}', 'Full').identity.userAssignedIdentities, variables('obj_empty'))]" + }, + "location": { + "value": "[parameters('location')]" + } } } }, @@ -198,7 +218,7 @@ { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "dbTemplate", + "name": "passwordlessDatasourceDeployment", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', 'installJdbcLibsTemplate')]" ], @@ -253,7 +273,7 @@ "apiVersion": "${azure.apiVersion}", "name": "${cluster.pswless.database.end}", "dependsOn": [ - "[resourceId('Microsoft.Resources/deployments', 'dbTemplate')]" + "[resourceId('Microsoft.Resources/deployments', 'passwordlessDatasourceDeployment')]" ], "properties": { "mode": "Incremental", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/appGatewayNestedTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/appGatewayNestedTemplate.json index f6b1f453f..ce4886384 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/appGatewayNestedTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/appGatewayNestedTemplate.json @@ -49,6 +49,13 @@ "description": "DNS for ApplicationGateway" } }, + "enableCookieBasedAffinity": { + "defaultValue": true, + "type": "bool", + "metadata": { + "description": "true to enable cookie based affinity." + } + }, "gatewayPublicIPAddressName": { "defaultValue": "gwip", "type": "string", @@ -169,7 +176,7 @@ "provisioningState": "Succeeded", "port": "[int(variables('const_backendPort'))]", "protocol": "Http", - "cookieBasedAffinity": "Enabled", + "cookieBasedAffinity": "[if(parameters('enableCookieBasedAffinity'), 'Enabled', 'Disabled')]", "pickHostNameFromBackendAddress": true, "affinityCookieName": "ApplicationGatewayAffinity", "requestTimeout": 20, @@ -181,7 +188,7 @@ "provisioningState": "Succeeded", "port": "[int(variables('const_backendPort'))]", "protocol": "Http", - "cookieBasedAffinity": "Enabled", + "cookieBasedAffinity": "[if(parameters('enableCookieBasedAffinity'), 'Enabled', 'Disabled')]", "hostName": "[parameters('customDomainName')]", "pickHostNameFromBackendAddress": false, "affinityCookieName": "ApplicationGatewayAffinity", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json index 640340a9b..af18e0477 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/arm/nestedtemplates/dbTemplate.json @@ -237,7 +237,7 @@ { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "dbDeploymentTemplate", + "name": "passwordDatasourceDeployment", "condition": "[not(parameters('enablePswlessConnection'))]", "dependsOn": [ "[resourceId('Microsoft.Resources/deployments', 'upgradeMySQLJdbcDriverTemplate')]" diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh index fce5edd0a..1b10d87d6 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/arm-oraclelinux-wls-cluster/src/main/scripts/installJdbcDrivers.sh @@ -88,20 +88,26 @@ function uninstall_maven() { sudo rm -f ${MAVEN_HOME} -R } -function install_azure_mysql_libraries() { - local mySQLPom=mysql-pom.xml - curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4AzureMySQLJDBCPomFile}" -o ${mySQLPom} +function install_azure_identity_extension() { + local myPomFile=pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4AzureIdentityExtensionPomFile}" -o ${myPomFile} if [ $? != 0 ]; then - echo_stderr "Failed to download ${gitUrl4AzureMySQLJDBCPomFile}." + echo_stderr "Failed to download ${gitUrl4AzureIdentityExtensionPomFile}." fi - install_maven echo "download dependencies" - mvn dependency:copy-dependencies -f ${mySQLPom} + mvn dependency:copy-dependencies -f ${myPomFile} if [ $? -eq 0 ]; then ls -l target/dependency/ domainBase=$(dirname $domainPath) + + # check if azure identity extension has been installed, if so, remove old version + if [ -d "${domainBase}/azure-libraries/identity" ]; then + sudo rm ${domainBase}/azure-libraries/identity -f -r + sudo rm ${domainBase}/azure-libraries/jackson -f -r + fi + sudo mkdir -p ${domainBase}/azure-libraries/identity sudo mkdir -p ${domainBase}/azure-libraries/jackson # fix JARs conflict issue, put jackson libraries to PRE_CLASSPATH to upgrade the existing libs. @@ -109,33 +115,59 @@ function install_azure_mysql_libraries() { sudo mv target/dependency/jackson-core-*.jar ${domainBase}/azure-libraries/jackson sudo mv target/dependency/jackson-databind-*.jar ${domainBase}/azure-libraries/jackson sudo mv target/dependency/jackson-dataformat-xml-*.jar ${domainBase}/azure-libraries/jackson - # Thoes jars will be appended to CLASSPATH + # Those jars will be appended to CLASSPATH sudo mv target/dependency/*.jar ${domainBase}/azure-libraries/identity sudo chown -R oracle:oracle ${domainBase}/azure-libraries else - echo "Failed to download dependencies for azure-identity-providers-jdbc-mysql" + echo "Failed to download dependencies for azure-identity-extension" exit 1 fi - rm ${mySQLPom} -f - uninstall_maven - - sed -i 's;^export DOMAIN_HOME;&\nCLASSPATH="'${domainBase}'/azure-libraries/identity/*:${CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh - sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/azure-libraries/jackson/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + rm ${myPomFile} -f + rm target -f -r + if ! grep -q "${domainBase}/azure-libraries/identity/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nCLASSPATH="'${domainBase}'/azure-libraries/identity/*:${CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi + + if ! grep -q "${domainBase}/azure-libraries/jackson/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/azure-libraries/jackson/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi } function upgrade_mysql_driver() { - curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${wlsMySQLDriverUrl}" -o ${mysqlDriverJarName} + local mysqlPomFile=mysql-pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4MySQLDriverPomFile}" -o ${mysqlPomFile} if [ $? != 0 ]; then - echo_stderr "Failed to download ${wlsMySQLDriverUrl}." + echo_stderr "Failed to download ${gitUrl4MySQLDriverPomFile}." + fi + + echo "download dependencies" + mvn dependency:copy-dependencies -f ${mysqlPomFile} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + local domainBase=$(dirname $domainPath) + local preClassLibsFolderName=preclasspath-libraries + + # check if the driver has been upgraded, if so, remove old driver + if [ -e ${domainBase}/${preClassLibsFolderName}/mysql-connector-*.jar ]; then + sudo rm ${domainBase}/${preClassLibsFolderName} -f -r + fi + + sudo mkdir ${domainBase}/${preClassLibsFolderName} + sudo mv target/dependency/mysql-connector-*.jar ${domainBase}/${preClassLibsFolderName}/ + sudo chown -R oracle:oracle ${domainBase}/${preClassLibsFolderName} + else + echo "Failed to download mysql driver." + exit 1 fi - local domainBase=$(dirname $domainPath) - sudo mkdir ${domainBase}/external-libraries - sudo mv ${mysqlDriverJarName} ${domainBase}/external-libraries/ - sudo chown -R oracle:oracle ${domainBase}/external-libraries + rm ${mysqlPomFile} -f + rm target -f -r - sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/external-libraries/'${mysqlDriverJarName}':${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + if ! grep -q "${domainBase}/preclasspath-libraries/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/preclasspath-libraries/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi } #This function to wait for admin server @@ -205,27 +237,30 @@ EOF read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName wlsPassword databaseType enablePswlessConnection export curlMaxTime=120 # seconds -export gitUrl4AzureMySQLJDBCPomFile="https://raw.githubusercontent.com/galiacheng/weblogic-azure/azure-lib-versions/weblogic-azure-aks/src/main/resources/azure-identity-provider-jdbc-mysql.xml" +export gitUrl4AzureIdentityExtensionPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" +export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml" export mvnVersion="3.8.6" export mvnInstaller="apache-maven-${mvnVersion}-bin.tar.gz" -export mysqlDriverJarName="mysql-connector-java-8.0.30.jar" export retryMaxAttempt=5 # retry attempt for curl command export url4MavenInstaller="https://dlcdn.apache.org/maven/maven-3/${mvnVersion}/binaries/${mvnInstaller}" -export wlsMySQLDriverUrl="https://repo1.maven.org/maven2/mysql/mysql-connector-java/8.0.30/mysql-connector-java-8.0.30.jar" export wlsAdminURL=$wlsAdminHost:$wlsAdminPort validate_input +install_maven + if [ $databaseType == "mysql" ]; then upgrade_mysql_driver fi if [ "${enablePswlessConnection,,}" == "true" ]; then - if [ $databaseType == "mysql" ]; then - install_azure_mysql_libraries + if [[ $databaseType == "mysql" || $databaseType == "postgresql" ]]; then + install_azure_identity_extension fi fi +uninstall_maven + if [ $wlsServerName == "admin" ]; then restart_admin_service else diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml index 9bbabf8b4..01b1efd2f 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/pom.xml @@ -10,7 +10,7 @@ com.oracle.weblogic.azure arm-oraclelinux-wls-dynamic-cluster - 1.0.36 + 1.0.37 com.microsoft.azure.iaas diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json index 1fa8e24c9..38da94700 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/createUiDefinition.json @@ -1409,7 +1409,7 @@ "constraints": { "allowedValues": [ { - "label": "Azure database for PostgreSQL", + "label": "Azure database for PostgreSQL (with support for passwordless connection)", "value": "postgresql" }, { @@ -1421,7 +1421,7 @@ "value": "sqlserver" }, { - "label": "MySQL", + "label": "MySQL (with support for passwordless connection)", "value": "mysql" } ], @@ -1430,13 +1430,12 @@ "visible": true }, { - "name": "dbDriverWarningInfo", + "name": "mysqlJDBCDriverInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[and(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'), or(equals(basics('skuUrnVersion'), 'owls-122130-jdk8-ol74;Oracle:weblogic-122130-jdk8-ol74:owls-122130-jdk8-ol7;latest'), equals(basics('skuUrnVersion'), 'owls-122130-jdk8-ol73;Oracle:weblogic-122130-jdk8-ol73:owls-122130-jdk8-ol7;latest')))]", + "visible": "[and(bool(steps('section_database').enableDB),equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'))]", "options": { - "icon": "Warning", - "text": "Your current selection of WebLogic Server version, Java version, and MySQL database has a known problem. Please see the link for important information on how to solve it.", - "uri": "https://aka.ms/wls-vms-mysql-12213" + "icon": "Info", + "text": "To support passwordless connection and various functionalities, the offer will upgrade the Oracle WebLogic Server MySQL driver with recent MySQL Connector Java driver." } }, { @@ -1446,7 +1445,7 @@ "toolTip": "The JNDI name for the database JDBC connection", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "^[a-z0-9A-Z/]{1,30}$", "validationMessage": "The value must be 1-30 characters long and must only contain letters, numbers, and slashes (/)." }, @@ -1459,15 +1458,23 @@ "toolTip": "The JDBC connection string for the database", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "validations": [ { - "regex": "[concat('^jdbc:', coalesce(steps('section_database').databaseConnectionInfo.databaseType, ''), '.*$')]", - "message": "A valid JDBC URL for the chosen database type must be provided" + "regex": "^jdbc:.*$", + "message": "A valid JDBC URL must start with 'jdbc:'." + }, + { + "isValid": "[startsWith(steps('section_database').databaseConnectionInfo.dsConnectionURL, concat('jdbc:', steps('section_database').databaseConnectionInfo.databaseType))]", + "message": "A valid JDBC URL for the chosen database type must be provided." + }, + { + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'defaultAuthenticationPlugin')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPlugins')), not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append defaultAuthenticationPlugin, authenticationPlugins with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." }, { - "isValid": "[if(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'), and(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'serverTimezone'), contains(steps('section_database').databaseConnectionInfo.dsConnectionURL,'enabledTLSProtocols=TLSv1.2')), bool('true'))]", - "message": "The connection string of MySQL must contain server time zone and enable TLS v1.2, for an example, 'jdbc:mysql://contoso.mysql.database.azure.com:3306/guest?useSSL=true&requireSSL=false&serverTimezone=UTC&enabledTLSProtocols=TLSv1.2'." + "isValid": "[if(and(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')), and(not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'authenticationPluginClassName')),not(contains(steps('section_database').databaseConnectionInfo.dsConnectionURL, 'azure.clientId'))), 'true')]", + "message": "The offer will append authenticationPluginClassName with Azure provided plugins, and append azure.clientId with your managed identity client ID automatically, please do not specify them in your connection string." } ] }, @@ -1519,12 +1526,27 @@ "toolTip": "Use only letters and numbers", "defaultValue": "", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", - "regex": "^(?=.{1,128}$)(?!\\-)([a-z0-9A-Z@\\-]){1,128}([^\\-])$", - "validationMessage": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + "required": true, + "validations": [ + { + "regex": "^(?!\\-)([a-z0-9A-Z@\\-]{1,128})([^\\-])$", + "message": "The value must be 1-128 characters long and must only contain letters, numbers, hyphen(-) and the at sign, no hyphen allowed at the beginning and the end of database username." + }, + { + "isValid": "[if(bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection), greater(length(steps('section_database').databaseConnectionInfo.dbIdentity.userAssignedIdentities),0), bool('true'))]", + "message": "You must select at least one managed identity that has access to your database." + } + ] }, "visible": true }, + { + "name": "enablePswlessConnection", + "type": "Microsoft.Common.CheckBox", + "label": "Use passwordless datasource connection", + "toolTip": "Use passwordless datasource connection.", + "visible": "[and(bool(steps('section_database').enableDB),or(equals(steps('section_database').databaseConnectionInfo.databaseType, 'mysql'),equals(steps('section_database').databaseConnectionInfo.databaseType, 'postgresql')))]" + }, { "name": "dbPassword", "type": "Microsoft.Common.PasswordBox", @@ -1534,14 +1556,30 @@ }, "toolTip": "Database Password", "constraints": { - "required": "[bool(steps('section_database').enableDB)]", + "required": true, "regex": "^((?=.*[0-9])(?=.*[a-zA-Z!@#$%^&*])).{5,128}$", "validationMessage": "The password must be between 5 and 128 characters long and have at least one number." }, "options": { "hideConfirmation": false }, - "visible": true + "visible": "[and(bool(steps('section_database').enableDB), not(steps('section_database').databaseConnectionInfo.enablePswlessConnection))]" + }, + { + "name": "dbIdentity", + "type": "Microsoft.ManagedIdentity.IdentitySelector", + "label": "Connect database with Managed Identity", + "toolTip": { + "userAssignedIdentity": "Select a user assigned identity that has access to your database. For how to create a database user for your managed identity, see https://aka.ms/javaee-db-identity." + }, + "defaultValue": { + "systemAssignedIdentity": "Off" + }, + "options": { + "hideSystemAssignedIdentity": true, + "hideUserAssignedIdentity": false + }, + "visible": "[and(bool(steps('section_database').enableDB), steps('section_database').databaseConnectionInfo.enablePswlessConnection)]" } ], "visible": "[bool(steps('section_database').enableDB)]" @@ -1990,6 +2028,7 @@ "databaseType": "[steps('section_database').databaseConnectionInfo.databaseType]", "denyPublicTrafficForAdminServer": "[steps('section_networkingConfiguration').denyPublicTrafficForAdminServer]", "denyPublicTrafficForManagedServer": "[steps('section_networkingConfiguration').denyPublicTrafficForManagedServer]", + "dbIdentity": "[steps('section_database').databaseConnectionInfo.dbIdentity]", "dnsLabelPrefix": "[steps('section_networkingConfiguration').dnsLabelPrefix]", "dsConnectionURL": "[steps('section_database').databaseConnectionInfo.dsConnectionURL]", "dnszoneName": "[steps('section_networkingConfiguration').customDNSSettings.dnszoneName]", @@ -2010,6 +2049,7 @@ "enableCustomDNS": "[bool(steps('section_networkingConfiguration').enableCustomDNS)]", "enableELK": "[bool(steps('section_elk').enableELK)]", "enableOHS": "[bool(steps('section_ohs').enableOHS)]", + "enablePswlessConnection": "[bool(steps('section_database').databaseConnectionInfo.enablePswlessConnection)]", "hasDNSZones": "[bool(if(bool(steps('section_networkingConfiguration').enableCustomDNS), steps('section_networkingConfiguration').customDNSSettings.bringDNSZone, 'false'))]", "jdbcDataSourceName": "[steps('section_database').databaseConnectionInfo.jdbcDataSourceName]", "logsToIntegrate": "[steps('section_elk').elkInfo.logsToIntegrate]", diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json index 93209d3bf..ab9bf229a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/mainTemplate.json @@ -79,6 +79,13 @@ "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." } }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, "dbPassword": { "defaultValue": "", "type": "securestring", @@ -223,6 +230,13 @@ "description": "Bool value, if it's set to true, it will setup OHS and configures for WebLogic Server cluster" } }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless JDBC connection." + } + }, "hasDNSZones": { "type": "bool", "defaultValue": false, @@ -1182,6 +1196,9 @@ "dbGlobalTranPro": { "value": "[parameters('dbGlobalTranPro')]" }, + "dbIdentity": { + "value": "[parameters('dbIdentity')]" + }, "dbPassword": { "value": "[parameters('dbPassword')]" }, @@ -1191,12 +1208,21 @@ "dsConnectionURL": { "value": "[parameters('dsConnectionURL')]" }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, "jdbcDataSourceName": { "value": "[parameters('jdbcDataSourceName')]" }, "location": { "value": "[parameters('location')]" }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[parameters('dynamicClusterSize')]" + }, "wlsPassword": { "value": "[parameters('wlsPassword')]" }, diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json new file mode 100644 index 000000000..ba47748a4 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_appendUserManagedIdentity.json @@ -0,0 +1,30 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "vmName": { + "type": "string" + }, + "existingIdentities": { + "type": "object" + }, + "newIdentities": { + "type": "object" + }, + "location": { + "type": "string" + } + }, + "resources": [ + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines", + "name": "[parameters('vmName')]", + "location": "[parameters('location')]", + "identity": { + "type": "userAssigned", + "userAssignedIdentities": "[union(parameters('existingIdentities'),parameters('newIdentities'))]" + } + } + ] +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_dbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_dbTemplate.json new file mode 100644 index 000000000..d1b0a2f1c --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_dbTemplate.json @@ -0,0 +1,244 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationDbTemplate": { + "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", + "type": "string", + "metadata": { + "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." + } + }, + "_artifactsLocationSasToken": { + "defaultValue": "", + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + } + }, + "adminVMName": { + "defaultValue": "adminVM", + "type": "string", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "dbGlobalTranPro": { + "defaultValue": "OnePhaseCommit", + "type": "string", + "metadata": { + "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." + } + }, + "dbPassword": { + "defaultValue": "[newGuid()]", + "type": "securestring", + "metadata": { + "description": "Password for Database" + } + }, + "dbUser": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Userid of Database" + } + }, + "dsConnectionURL": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JDBC Connection String" + } + }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, + "jdbcDataSourceName": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JNDI Name for JDBC Datasource" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "wlsUserName": { + "defaultValue": "weblogic", + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + } + }, + "variables": { + "const_wlsAdminPort": "7005", + "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", + "name_scriptFilePrefix": "datasourceConfig-", + "name_scriptFileSuffix-sqlserver": "sqlserver.sh", + "name_scriptFileSuffix-oracle": "oracle.sh", + "name_scriptFileSuffix-postgresql": "postgresql.sh", + "name_scriptFileSuffix-mysql": "mysql.sh" + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${dynamic.database.start}", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines/extensions", + "name": "[concat(parameters('adminVMName'),'/newuserscript')]", + "location": "[parameters('location')]", + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.0", + "autoUpgradeMinorVersion": true, + "settings": { + "fileUris": [ + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-sqlserver'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-oracle'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-postgresql'), parameters('_artifactsLocationSasToken')))]", + "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-mysql'), parameters('_artifactsLocationSasToken')))]" + ] + }, + "protectedSettings": { + "commandToExecute": "[concat('sh',' ',variables('name_scriptFilePrefix'),parameters('databaseType'),'.sh <<< \"',variables('const_wlsHome'),' ',parameters('adminVMName'),' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',base64(parameters('jdbcDataSourceName')),' ',base64(parameters('dsConnectionURL')),' ',parameters('dbUser'),' ',base64(parameters('dbPassword')),' ',parameters('dbGlobalTranPro'),' ', parameters('enablePswlessConnection'),'\"')]" + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${dynamic.database.end}", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.oracle}", + "condition": "[if(contains(parameters('databaseType'), 'oracle'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.postgresql}", + "condition": "[if(contains(parameters('databaseType'), 'postgresql'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.mysql}", + "condition": "[if(contains(parameters('databaseType'), 'mysql'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${database.sqlserver}", + "condition": "[if(contains(parameters('databaseType'), 'sqlserver'), bool('true'), bool('false'))]", + "dependsOn": [ + "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [ + ] + } + } + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "string", + "value": "[parameters('_artifactsLocation')]" + } + } +} diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json new file mode 100644 index 000000000..018504b55 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_installJdbcLibsTemplate.json @@ -0,0 +1,121 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationInstallJdbcLibsTemplate": { + "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", + "type": "string", + "metadata": { + "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "managedServerPrefix": { + "type": "string", + "defaultValue": "msp", + "metadata": { + "description": "Provide managed server prefix name" + } + }, + "numberOfManagedApplicationInstances": { + "type": "int", + "defaultValue": 2, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "Number of VMs that have been deployed to host managed application server." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", + "const_wlsAdminPort": "7005", + "const_wlsDomainPath": "[concat('/u01/domains/', parameters('wlsDomainName'))]", + "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", + "name_scriptInstallJdbcLibs": "installJdbcDrivers.sh" + }, + "resources": [ + { + "apiVersion": "${azure.apiVersionForVirtualMachines}", + "type": "Microsoft.Compute/virtualMachines/extensions", + "name": "[concat(variables('const_managedVMPrefix'), copyIndex(1),'/newuserscript')]", + "location": "[parameters('location')]", + "copy": { + "name": "appVirtualMachineExtensionLoop", + "count": "[parameters('numberOfManagedApplicationInstances')]" + }, + "properties": { + "publisher": "Microsoft.Azure.Extensions", + "type": "CustomScript", + "typeHandlerVersion": "2.0", + "autoUpgradeMinorVersion": true, + "settings": { + "fileUris": [ + "[uri(parameters('_artifactsLocationInstallJdbcLibsTemplate'), concat('../scripts/', variables('name_scriptInstallJdbcLibs'), parameters('_artifactsLocationSasToken')))]" + ] + }, + "protectedSettings": { + "commandToExecute": "[concat('sh',' ',variables('name_scriptInstallJdbcLibs'),' <<< \"',variables('const_wlsHome'),' ',variables('const_wlsDomainPath'),' ',parameters('managedServerPrefix'), copyIndex(1), ' ', parameters('adminVMName'), ' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',parameters('databaseType'),' ',parameters('enablePswlessConnection'), '\"')]" + } + } + } + ] +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json new file mode 100644 index 000000000..5991795ef --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/_pswlessDbTemplate.json @@ -0,0 +1,294 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "_artifactsLocation": { + "type": "string", + "metadata": { + "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." + } + }, + "_artifactsLocationSasToken": { + "type": "securestring", + "metadata": { + "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." + }, + "defaultValue": "" + }, + "adminVMName": { + "type": "string", + "defaultValue": "adminVM", + "metadata": { + "description": "Admin Server hosting VM name." + } + }, + "databaseType": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "One of the supported database types" + } + }, + "dbGlobalTranPro": { + "defaultValue": "OnePhaseCommit", + "type": "string", + "metadata": { + "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." + } + }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, + "dbUser": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Userid of Database" + } + }, + "dsConnectionURL": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JDBC Connection String" + } + }, + "jdbcDataSourceName": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "JNDI Name for JDBC Datasource" + } + }, + "location": { + "type": "string", + "metadata": { + "description": "Location for all resources." + } + }, + "managedServerPrefix": { + "type": "string", + "defaultValue": "msp", + "metadata": { + "description": "Provide managed server prefix name" + } + }, + "numberOfManagedApplicationInstances": { + "type": "int", + "defaultValue": 2, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "Number of VMs that have been deployed to host managed application server." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" + } + }, + "wlsPassword": { + "type": "securestring", + "metadata": { + "description": "Password for your Weblogic domain name" + } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } + } + }, + "variables": { + "const_identityAPIVersion": "${azure.apiVersionForIndentity}", + "const_managedVMPrefix": "[concat(parameters('managedServerPrefix'),'VM')]", + "name_appendIdentityTemplate": "_appendUserManagedIdentity.json", + "name_installJdbcLibsTemplate": "_installJdbcLibsTemplate.json", + "name_dbTemplate": "_dbTemplate.json", + "array_azureJdbcPlugins": { + "mysql": "defaultAuthenticationPlugin=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin&authenticationPlugins=com.azure.identity.extensions.jdbc.mysql.AzureMysqlAuthenticationPlugin", + "postgresql": "authenticationPluginClassName=com.azure.identity.extensions.jdbc.postgresql.AzurePostgresqlAuthenticationPlugin" + }, + "obj_dbIdentity": { + "[items(parameters('dbIdentity').userAssignedIdentities)[0].key]": {} + }, + "obj_empty": {} + }, + "resources": [ + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${dynamic.pswless.database.start}", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [] + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "[concat('assignDbIdentityTo',variables('const_managedVMPrefix'), copyIndex(1))]", + "copy": { + "name": "virtualMachineIdentityLoop", + "count": "[parameters('numberOfManagedApplicationInstances')]" + }, + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_appendIdentityTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "vmName": { + "value": "[concat(variables('const_managedVMPrefix'), copyIndex(1))]" + }, + "newIdentities": { + "value": "[variables('obj_dbIdentity')]" + }, + "existingIdentities": { + "value": "[if(equals(reference(resourceId('Microsoft.Compute/virtualMachines',concat(variables('const_managedVMPrefix'), copyIndex(1))), '${azure.apiVersion}', 'Full').identity.type,'UserAssigned'),reference(resourceId('Microsoft.Compute/virtualMachines',concat(variables('const_managedVMPrefix'), copyIndex(1))), '${azure.apiVersion}', 'Full').identity.userAssignedIdentities, variables('obj_empty'))]" + }, + "location": { + "value": "[parameters('location')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "installJdbcLibsTemplate", + "dependsOn": [ + "virtualMachineIdentityLoop" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_installJdbcLibsTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "enablePswlessConnection": { + "value": true + }, + "location": { + "value": "[parameters('location')]" + }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[parameters('numberOfManagedApplicationInstances')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "passwordlessDatasourceDeployment", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'installJdbcLibsTemplate')]" + ], + "properties": { + "mode": "Incremental", + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbTemplate')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dsConnectionURL": { + "value": "[uri(format('{0}&{1}&azure.clientId={2}', parameters('dsConnectionURL'), variables('array_azureJdbcPlugins')[parameters('databaseType')], reference(items(parameters('dbIdentity').userAssignedIdentities)[0].key,variables('const_identityAPIVersion'), 'full').properties.clientId), '')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "enablePswlessConnection": { + "value": true + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } + } + } + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "${azure.apiVersion}", + "name": "${dynamic.pswless.database.end}", + "dependsOn": [ + "[resourceId('Microsoft.Resources/deployments', 'passwordlessDatasourceDeployment')]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [] + } + } + } + ], + "outputs": { + "artifactsLocationPassedIn": { + "type": "string", + "value": "[parameters('_artifactsLocation')]" + } + } +} \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/dbTemplate.json b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/dbTemplate.json index 95c5c4dcc..cc696ab82 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/dbTemplate.json +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/arm/nestedtemplates/dbTemplate.json @@ -8,23 +8,16 @@ "description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated." } }, - "_artifactsLocationDbTemplate": { - "defaultValue": "[if(contains(parameters('_artifactsLocation'), 'githubusercontent'), parameters('_artifactsLocation'), deployment().properties.templateLink.uri)]", - "type": "string", - "metadata": { - "description": "If we are deploying from the command line, use the passed in _artifactsLocation, otherwise use the default." - } - }, "_artifactsLocationSasToken": { - "defaultValue": "", "type": "securestring", "metadata": { "description": "The sasToken required to access _artifactsLocation. When the template is deployed using the accompanying scripts, a sasToken will be automatically generated. Use the defaultValue if the staging location is not secured." - } + }, + "defaultValue": "" }, "adminVMName": { - "defaultValue": "adminVM", "type": "string", + "defaultValue": "adminVM", "metadata": { "description": "Admin Server hosting VM name." } @@ -43,8 +36,15 @@ "description": "Determines the transaction protocol (global transaction processing behavior) for the data source." } }, + "dbIdentity": { + "defaultValue": {}, + "type": "object", + "metadata": { + "description": "Managed identity that has access to the data source." + } + }, "dbPassword": { - "defaultValue": "", + "defaultValue": "[newGuid()]", "type": "securestring", "metadata": { "description": "Password for Database" @@ -64,6 +64,13 @@ "description": "JDBC Connection String" } }, + "enablePswlessConnection": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "True to enable passwordless connection." + } + }, "jdbcDataSourceName": { "defaultValue": "", "type": "string", @@ -77,11 +84,27 @@ "description": "Location for all resources." } }, - "wlsUserName": { - "defaultValue": "weblogic", + "managedServerPrefix": { "type": "string", + "defaultValue": "msp", "metadata": { - "description": "Username for your Weblogic domain name" + "description": "Provide managed server prefix name" + } + }, + "numberOfManagedApplicationInstances": { + "type": "int", + "defaultValue": 2, + "minValue": 1, + "maxValue": 20, + "metadata": { + "description": "Number of VMs that have been deployed to host managed application server." + } + }, + "wlsDomainName": { + "type": "string", + "defaultValue": "wlsd", + "metadata": { + "description": "Provide Weblogic domain name" } }, "wlsPassword": { @@ -89,141 +112,182 @@ "metadata": { "description": "Password for your Weblogic domain name" } + }, + "wlsUserName": { + "type": "string", + "metadata": { + "description": "Username for your Weblogic domain name" + } } }, "variables": { - "const_wlsAdminPort": "7005", - "const_wlsHome": "/u01/app/wls/install/oracle/middleware/oracle_home", - "name_scriptFilePrefix": "datasourceConfig-", - "name_scriptFileSuffix-sqlserver": "sqlserver.sh", - "name_scriptFileSuffix-oracle": "oracle.sh", - "name_scriptFileSuffix-postgresql": "postgresql.sh", - "name_scriptFileSuffix-mysql": "mysql.sh" + "name_dbLinkedTemplateName": "_dbTemplate.json", + "name_dbPswlessTemplateName": "_pswlessDbTemplate.json", + "name_dbUpgradeMySQLDriver": "_installJdbcLibsTemplate.json" }, "resources": [ { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "${dynamic.database.start}", + "name": "pswlessDbTemplate", + "condition": "[parameters('enablePswlessConnection')]", "properties": { "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "apiVersion": "${azure.apiVersionForVirtualMachines}", - "type": "Microsoft.Compute/virtualMachines/extensions", - "name": "[concat(parameters('adminVMName'),'/newuserscript')]", - "location": "[parameters('location')]", - "properties": { - "publisher": "Microsoft.Azure.Extensions", - "type": "CustomScript", - "typeHandlerVersion": "2.0", - "autoUpgradeMinorVersion": true, - "settings": { - "fileUris": [ - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-sqlserver'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-oracle'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-postgresql'), parameters('_artifactsLocationSasToken')))]", - "[uri(parameters('_artifactsLocationDbTemplate'), concat('../scripts/', variables('name_scriptFilePrefix'), variables('name_scriptFileSuffix-mysql'), parameters('_artifactsLocationSasToken')))]" - ] + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbPswlessTemplateName')))]", + "contentVersion": "1.0.0.0" }, - "protectedSettings": { - "commandToExecute": "[concat('sh',' ',variables('name_scriptFilePrefix'),parameters('databaseType'),'.sh <<< \"',variables('const_wlsHome'),' ',parameters('adminVMName'),' ',variables('const_wlsAdminPort'),' ',parameters('wlsUserName'),' ',base64(parameters('wlsPassword')),' ',base64(parameters('jdbcDataSourceName')),' ',base64(parameters('dsConnectionURL')),' ',parameters('dbUser'),' ',base64(parameters('dbPassword')),' ',parameters('dbGlobalTranPro'),'\"')]" + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dbIdentity": { + "value": "[parameters('dbIdentity')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "dsConnectionURL": { + "value": "[parameters('dsConnectionURL')]" + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[parameters('numberOfManagedApplicationInstances')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } } } }, { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "${dynamic.database.end}", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.oracle}", - "condition": "[if(contains(parameters('databaseType'), 'oracle'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.postgresql}", - "condition": "[if(contains(parameters('databaseType'), 'postgresql'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], + "name": "upgradeMySQLJdbcDriverTemplate", + "condition": "[and(not(parameters('enablePswlessConnection')), equals(parameters('databaseType'),'mysql'))]", "properties": { "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] - } - } - }, - { - "type": "Microsoft.Resources/deployments", - "apiVersion": "${azure.apiVersion}", - "name": "${database.mysql}", - "condition": "[if(contains(parameters('databaseType'), 'mysql'), bool('true'), bool('false'))]", - "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" - ], - "properties": { - "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbUpgradeMySQLDriver')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "managedServerPrefix": { + "value": "[parameters('managedServerPrefix')]" + }, + "numberOfManagedApplicationInstances": { + "value": "[parameters('numberOfManagedApplicationInstances')]" + }, + "wlsDomainName": { + "value": "[parameters('wlsDomainName')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } } } }, { "type": "Microsoft.Resources/deployments", "apiVersion": "${azure.apiVersion}", - "name": "${database.sqlserver}", - "condition": "[if(contains(parameters('databaseType'), 'sqlserver'), bool('true'), bool('false'))]", + "name": "passwordDatasourceDeployment", + "condition": "[not(parameters('enablePswlessConnection'))]", "dependsOn": [ - "[resourceId('Microsoft.Compute/virtualMachines/extensions', parameters('adminVMName'), 'newuserscript')]" + "[resourceId('Microsoft.Resources/deployments', 'upgradeMySQLJdbcDriverTemplate')]" ], "properties": { "mode": "Incremental", - "template": { - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.0.0.0", - "resources": [ - ] + "templateLink": { + "uri": "[uri(parameters('_artifactsLocation'), concat('nestedtemplates/', variables('name_dbLinkedTemplateName')))]", + "contentVersion": "1.0.0.0" + }, + "parameters": { + "_artifactsLocation": { + "value": "[parameters('_artifactsLocation')]" + }, + "_artifactsLocationSasToken": { + "value": "[parameters('_artifactsLocationSasToken')]" + }, + "adminVMName": { + "value": "[parameters('adminVMName')]" + }, + "databaseType": { + "value": "[parameters('databaseType')]" + }, + "dbGlobalTranPro": { + "value": "[parameters('dbGlobalTranPro')]" + }, + "dbPassword": { + "value": "[parameters('dbPassword')]" + }, + "dbUser": { + "value": "[parameters('dbUser')]" + }, + "dsConnectionURL": { + "value": "[parameters('dsConnectionURL')]" + }, + "enablePswlessConnection": { + "value": "[parameters('enablePswlessConnection')]" + }, + "jdbcDataSourceName": { + "value": "[parameters('jdbcDataSourceName')]" + }, + "location": { + "value": "[parameters('location')]" + }, + "wlsPassword": { + "value": "[parameters('wlsPassword')]" + }, + "wlsUserName": { + "value": "[parameters('wlsUserName')]" + } } } } diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-mysql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-mysql.sh index d8dabbbcb..65804065b 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-mysql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-mysql.sh @@ -3,7 +3,7 @@ # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # #read arguments from stdin -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z "$wlsClusterName" ]; then wlsClusterName="cluster1" @@ -92,17 +92,33 @@ function validateInput() exit 1 fi + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + if [ -z "$wlsClusterName" ]; then echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() { -echo "Creating JDBC data source with name $jdbcDataSourceName" -cat <${scriptPath}/create_datasource.py + local driverName="com.mysql.jdbc.Driver" + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + driverName="com.mysql.cj.jdbc.Driver" + fi + + echo "Creating JDBC data source with name $jdbcDataSourceName" + cat <${scriptPath}/create_datasource.py connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') edit("$hostName") startEdit() @@ -117,7 +133,7 @@ try: cmo.setDatasourceType('GENERIC') cd('/JDBCSystemResources/$jdbcDataSourceName/JDBCResource/$jdbcDataSourceName/JDBCDriverParams/$jdbcDataSourceName') cmo.setUrl('$dsConnectionURL') - cmo.setDriverName('com.mysql.jdbc.Driver') + cmo.setDriverName('$driverName') cmo.setPassword('$dsPassword') cd('/JDBCSystemResources/$jdbcDataSourceName/JDBCResource/$jdbcDataSourceName/JDBCConnectionPoolParams/$jdbcDataSourceName') cmo.setTestTableName('SQL ISVALID\r\n\r\n\r\n\r\n') diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-oracle.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-oracle.sh index 1f1b60d3a..e158c3e28 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-oracle.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-oracle.sh @@ -2,7 +2,7 @@ # Copyright (c) 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z ${wlsClusterName} ]; then wlsClusterName='cluster1' @@ -96,6 +96,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-postgresql.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-postgresql.sh index 94ecfc1cc..b29d1dbaf 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-postgresql.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-postgresql.sh @@ -2,7 +2,7 @@ # Copyright (c) 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z ${wlsClusterName} ]; then wlsClusterName='cluster1' @@ -96,6 +96,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh index 521be701a..673228c82 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/datasourceConfig-sqlserver.sh @@ -2,7 +2,7 @@ # Copyright (c) 2021, Oracle and/or its affiliates. # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. # -read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro wlsClusterName +read oracleHome wlsAdminHost wlsAdminPort wlsUserName wlsPassword jdbcDataSourceName dsConnectionURL dsUser dsPassword dbGlobalTranPro enablePswlessConnection wlsClusterName if [ -z ${wlsClusterName} ]; then wlsClusterName='cluster1' @@ -96,6 +96,17 @@ function validateInput() echo _stderr "Please provide Weblogic target cluster name" exit 1 fi + + if [ -z "${enablePswlessConnection}" ]; + then + echo _stderr "Please provide enablePswlessConnection to identity if enabling passwordless connection." + exit 1 + fi + + # reset password + if [[ "${enablePswlessConnection,,}" == "true" ]]; then + dsPassword="" + fi } function createJDBCSource_model() diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh new file mode 100644 index 000000000..1b10d87d6 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/arm-oraclelinux-wls-dynamic-cluster/src/main/scripts/installJdbcDrivers.sh @@ -0,0 +1,268 @@ +# Copyright (c) 2021, Oracle and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +# Description +# This script is to install jdbc libraries at WebLogic cluster domain. + +# /bin/bash + +#Function to output message to StdErr +function echo_stderr() { + echo "$@" >&2 +} + +#Function to display usage message +function usage() { + echo_stderr "./installJdbcDrivers.sh <<< \"\"" +} + +function validate_input() { + + # parse base64 string + wlsPassword=$(echo "${wlsPassword}" | base64 -d) + + if [ -z "$oracleHome" ]; then + echo _stderr "Please provide oracleHome" + exit 1 + fi + + if [ -z "$domainPath" ]; then + echo _stderr "Please provide domainPath" + exit 1 + fi + + if [ -z "$wlsServerName" ]; then + echo _stderr "Please provide wlsServerName" + exit 1 + fi + + if [ -z "$wlsAdminHost" ]; then + echo _stderr "Please provide wlsAdminHost" + exit 1 + fi + + if [ -z "$wlsAdminPort" ]; then + echo _stderr "Please provide wlsAdminPort" + exit 1 + fi + + if [ -z "$wlsUserName" ]; then + echo _stderr "Please provide wlsUserName" + exit 1 + fi + + if [ -z "$wlsPassword" ]; then + echo _stderr "Please provide wlsPassword" + exit 1 + fi + + if [ -z "$databaseType" ]; then + echo _stderr "Please provide databaseType" + exit 1 + fi + + if [ -z "$enablePswlessConnection" ]; then + echo _stderr "Please provide enablePswlessConnection" + exit 1 + fi +} + +function install_maven() { + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${url4MavenInstaller}" -o ${mvnInstaller} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${url4MavenInstaller}." + fi + + tar xzvf ${mvnInstaller} -C /u01/app + export MAVEN_HOME=/u01/app/apache-maven-${mvnVersion} + . $oracleHome/oracle_common/common/bin/setWlstEnv.sh # set JAVA_HOME + export PATH=${MAVEN_HOME}/bin:$PATH + + rm ${mvnInstaller} -f + mvn --version + if [ $? != 0 ]; then + echo_stderr "Failed to install maven." + fi +} + +function uninstall_maven() { + sudo rm -f ${MAVEN_HOME} -R +} + +function install_azure_identity_extension() { + local myPomFile=pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4AzureIdentityExtensionPomFile}" -o ${myPomFile} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${gitUrl4AzureIdentityExtensionPomFile}." + fi + + echo "download dependencies" + mvn dependency:copy-dependencies -f ${myPomFile} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + domainBase=$(dirname $domainPath) + + # check if azure identity extension has been installed, if so, remove old version + if [ -d "${domainBase}/azure-libraries/identity" ]; then + sudo rm ${domainBase}/azure-libraries/identity -f -r + sudo rm ${domainBase}/azure-libraries/jackson -f -r + fi + + sudo mkdir -p ${domainBase}/azure-libraries/identity + sudo mkdir -p ${domainBase}/azure-libraries/jackson + # fix JARs conflict issue, put jackson libraries to PRE_CLASSPATH to upgrade the existing libs. + sudo mv target/dependency/jackson-annotations-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-core-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-databind-*.jar ${domainBase}/azure-libraries/jackson + sudo mv target/dependency/jackson-dataformat-xml-*.jar ${domainBase}/azure-libraries/jackson + # Those jars will be appended to CLASSPATH + sudo mv target/dependency/*.jar ${domainBase}/azure-libraries/identity + sudo chown -R oracle:oracle ${domainBase}/azure-libraries + else + echo "Failed to download dependencies for azure-identity-extension" + exit 1 + fi + + rm ${myPomFile} -f + rm target -f -r + if ! grep -q "${domainBase}/azure-libraries/identity/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nCLASSPATH="'${domainBase}'/azure-libraries/identity/*:${CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi + + if ! grep -q "${domainBase}/azure-libraries/jackson/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/azure-libraries/jackson/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi +} + +function upgrade_mysql_driver() { + local mysqlPomFile=mysql-pom.xml + curl -m ${curlMaxTime} --retry ${retryMaxAttempt} -fksL "${gitUrl4MySQLDriverPomFile}" -o ${mysqlPomFile} + if [ $? != 0 ]; then + echo_stderr "Failed to download ${gitUrl4MySQLDriverPomFile}." + fi + + echo "download dependencies" + mvn dependency:copy-dependencies -f ${mysqlPomFile} + if [ $? -eq 0 ]; then + ls -l target/dependency/ + + local domainBase=$(dirname $domainPath) + local preClassLibsFolderName=preclasspath-libraries + + # check if the driver has been upgraded, if so, remove old driver + if [ -e ${domainBase}/${preClassLibsFolderName}/mysql-connector-*.jar ]; then + sudo rm ${domainBase}/${preClassLibsFolderName} -f -r + fi + + sudo mkdir ${domainBase}/${preClassLibsFolderName} + sudo mv target/dependency/mysql-connector-*.jar ${domainBase}/${preClassLibsFolderName}/ + sudo chown -R oracle:oracle ${domainBase}/${preClassLibsFolderName} + else + echo "Failed to download mysql driver." + exit 1 + fi + + rm ${mysqlPomFile} -f + rm target -f -r + + if ! grep -q "${domainBase}/preclasspath-libraries/" "${domainPath}/bin/setDomainEnv.sh"; then + sed -i 's;^export DOMAIN_HOME;&\nPRE_CLASSPATH="'${domainBase}'/preclasspath-libraries/*:${PRE_CLASSPATH}";' ${domainPath}/bin/setDomainEnv.sh + fi +} + +#This function to wait for admin server +function wait_for_admin() { + #wait for admin to start + count=1 + CHECK_URL="http://$wlsAdminURL/weblogic/ready" + status=$(curl --insecure -ILs $CHECK_URL | tac | grep -m1 HTTP/1.1 | awk {'print $2'}) + echo "Waiting for admin server to start" + while [[ "$status" != "200" ]]; do + echo "." + count=$((count + 1)) + if [ $count -le 30 ]; then + sleep 1m + else + echo "Error : Maximum attempts exceeded while starting admin server" + exit 1 + fi + status=$(curl --insecure -ILs $CHECK_URL | tac | grep -m1 HTTP/1.1 | awk {'print $2'}) + if [ "$status" == "200" ]; then + echo "Admin Server started succesfully..." + break + fi + done +} + +function restart_admin_service() { + echo "Restart weblogic admin server service" + sudo systemctl stop wls_admin + sudo systemctl start wls_admin + wait_for_admin +} + +function restart_managed_servers() { + echo "Restart managed servers" + cat <${SCRIPT_PWD}/restart-managedServer.py +connect('$wlsUserName','$wlsPassword','t3://$wlsAdminURL') +servers=cmo.getServers() +domainRuntime() +print "Restart the servers which are in RUNNING status" +for server in servers: + bean="/ServerLifeCycleRuntimes/"+server.getName() + serverbean=getMBean(bean) + if (serverbean.getState() in ("RUNNING")) and (server.getName() == '${wlsServerName}'): + try: + print "Stop the Server ",server.getName() + shutdown(server.getName(),server.getType(),ignoreSessions='true',force='true') + print "Start the Server ",server.getName() + start(server.getName(),server.getType()) + break + except: + print "Failed restarting managed server ", server.getName() + dumpStack() +serverConfig() +disconnect() +EOF + . $oracleHome/oracle_common/common/bin/setWlstEnv.sh + java $WLST_ARGS weblogic.WLST ${SCRIPT_PWD}/restart-managedServer.py + + if [[ $? != 0 ]]; then + echo "Error : Fail to restart managed server to configuration external libraries." + exit 1 + fi +} + +#read arguments from stdin +read oracleHome domainPath wlsServerName wlsAdminHost wlsAdminPort wlsUserName wlsPassword databaseType enablePswlessConnection + +export curlMaxTime=120 # seconds +export gitUrl4AzureIdentityExtensionPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" +export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml" +export mvnVersion="3.8.6" +export mvnInstaller="apache-maven-${mvnVersion}-bin.tar.gz" +export retryMaxAttempt=5 # retry attempt for curl command +export url4MavenInstaller="https://dlcdn.apache.org/maven/maven-3/${mvnVersion}/binaries/${mvnInstaller}" +export wlsAdminURL=$wlsAdminHost:$wlsAdminPort + +validate_input + +install_maven + +if [ $databaseType == "mysql" ]; then + upgrade_mysql_driver +fi + +if [ "${enablePswlessConnection,,}" == "true" ]; then + if [[ $databaseType == "mysql" || $databaseType == "postgresql" ]]; then + install_azure_identity_extension + fi +fi + +uninstall_maven + +if [ $wlsServerName == "admin" ]; then + restart_admin_service +else + restart_managed_servers +fi From 34c842b939f1faa37a8fe8fa0dfa5730cd89b822 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Fri, 23 Dec 2022 00:04:49 +0800 Subject: [PATCH 416/720] Add external dependencies and pids for passwordless db support (#228) * add azure-identity-extensions.xml * external dependencies * add pids for passwordless db connection of admin and dynamic cluster offer. --- .../resources/azure-identity-extensions.xml | 21 ++++++++++++++++++ .../main/resources/mysql-connector-java.xml | 22 +++++++++++++++++++ .../main/resources/microsoft-pid.properties | 4 ++++ .../src/main/resources/pid.properties | 4 ++++ 4 files changed, 51 insertions(+) create mode 100644 weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml create mode 100644 weblogic-azure-aks/src/main/resources/mysql-connector-java.xml diff --git a/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml b/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml new file mode 100644 index 000000000..411194ff3 --- /dev/null +++ b/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml @@ -0,0 +1,21 @@ + + + + 4.0.0 + com.oracle.weblogic.azure + passwordless-db + 1.0-SNAPSHOT + jar + + 11 + 11 + + + + com.azure + azure-identity-extensions + 1.0.0 + + + \ No newline at end of file diff --git a/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml b/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml new file mode 100644 index 000000000..845b0aeab --- /dev/null +++ b/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml @@ -0,0 +1,22 @@ + + + + 4.0.0 + com.oracle.weblogic.azure + mysql-driver + 1.0-SNAPSHOT + jar + + 11 + 11 + + + + + mysql + mysql-connector-java + 8.0.31 + + + \ No newline at end of file diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties index 51181f0ca..b99afa89d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/microsoft-pid.properties @@ -37,6 +37,8 @@ admin.elk.end=1e26d5dd-cc3f-5308-a858-cf3257a486ca admin.elk.start=3dc18163-180b-56eb-adf2-501f97c88c7c admin.end=08e3f14d-2362-5c43-8269-133a0045d223 admin.start=4b4d5bab-1032-530c-88db-ac3f7caf440d +admin.pswless.database.end=7ebb9b3e-3465-5116-99f9-e9e092bb6198 +admin.pswless.database.start=8b595cf2-9481-5466-be25-0d1b832f22b8 # Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster @@ -95,6 +97,8 @@ dynamic.elk.end=6303dcc8-4ec9-5dd8-91f9-e829e86fa330 dynamic.elk.start=cf939c33-1ebe-5dbb-95d2-fbe2d5cc6a4e dynamic.end=40a6f402-31ee-536a-a006-729105f55003 dynamic.start=07bf10d5-da4e-5113-b1c2-b8d802bda651 +dynamic.pswless.database.end=b8114488-9109-5f46-a877-e86ef18d16e4 +dynamic.pswless.database.start=25b7acd8-5b7d-57c9-9c34-ad14837c39a6 # Pids to indicate which base image was chosen. No difference in these # between Oracle and Microsoft diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties index 9175477e0..2d3340104 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/pid.properties @@ -36,6 +36,8 @@ admin.elk.end=78d94c2d-7401-52a9-be03-4cf1cc4e8f00 admin.elk.start=f3c3b847-89ea-54c8-904e-10ff8eba14fa admin.end=057f09cd-6f90-5c1c-b655-3aba168aef35 admin.start=pid-7e52c2b6-1acb-416f-af55-5837ff783eb7-partnercenter +admin.pswless.database.end=89d5d2a9-16b8-5b3d-b5f7-1fb8a6cfdfc5 +admin.pswless.database.start=53e099bf-8148-5463-a51d-0272520bac60 # Pids used in https://github.com/oracle/weblogic-azure/tree/main/weblogic-azure-vm/arm-oraclelinux-wls-cluster @@ -96,6 +98,8 @@ dynamic.elk.end=d154e480-15e2-5cf7-bdd5-6219c1793967 dynamic.elk.start=bc636673-2dca-5e40-a2aa-6891c344aa17 dynamic.end=93da13bf-11f6-5bfb-9b51-7deb152a21c3 dynamic.start=pid-89d7f595-f164-4cbd-abbb-e46cd0b342e8-partnercenter +dynamic.pswless.database.end=fd30aea8-ec77-557b-ba12-4de15018a64a +dynamic.pswless.database.start=2d02881c-c7d2-5e16-b9b8-c48ebf70d2ab # Pids to indicate which base image was chosen. No difference in these # between Oracle and Microsoft From ece08cf9e2c844818605270f5d22faf5b20de322 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Thu, 19 Jan 2023 09:12:50 -0500 Subject: [PATCH 417/720] Galiacheng msft dd 1709047 wls aks UI improvements (#232) * On branch galiacheng-msft-dd-1709047-wls-aks-ui-improvements WIP modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json DONE 1_APP_1 1_APP_2 1_SIGNED 1_TABLABELS_1 1_TABLABELS_2 Signed-off-by: Ed Burns appgw1 and appgw2. 1_INSIGHTS On branch galiacheng-msft-dd-1709047-wls-aks-ui-improvements 1_TERMS modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns On branch galiacheng-msft-dd-1709047-wls-aks-ui-improvements 1_ACTIVE 1_AFFIN modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns On branch galiacheng-msft-dd-1709047-wls-aks-ui-improvements Further refine terms. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns * On branch galiacheng-msft-dd-1709047-wls-aks-ui-improvements Address comment from @m-reza-rahman modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns * On branch galiacheng-msft-dd-1709047-wls-aks-ui-improvements After very extensive discussion with Reza, setting the "wait for ACTIVE" value to `true`. With the checkbox hidden. modified: weblogic-azure-aks/src/main/arm/createUiDefinition.json Signed-off-by: Ed Burns * On branch galiacheng-msft-dd-1709047-wls-aks-ui-improvements Increment pom. modified: weblogic-azure-aks/pom.xml Signed-off-by: Ed Burns Signed-off-by: Ed Burns --- weblogic-azure-aks/pom.xml | 2 +- .../src/main/arm/createUiDefinition.json | 683 +++++++++--------- 2 files changed, 332 insertions(+), 353 deletions(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 98378504a..dfcec830e 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.50 + 1.0.51 com.microsoft.azure.iaas diff --git a/weblogic-azure-aks/src/main/arm/createUiDefinition.json b/weblogic-azure-aks/src/main/arm/createUiDefinition.json index a5676ff14..790edd1f2 100644 --- a/weblogic-azure-aks/src/main/arm/createUiDefinition.json +++ b/weblogic-azure-aks/src/main/arm/createUiDefinition.json @@ -10,7 +10,7 @@ "visible": true, "options": { "icon": "Info", - "text": "The Azure identity deploying this offer must have one of the following two sets of Azure role-based access control roles:
  • Contributor and User Access Administrator of the current subscription.
  • Owner of the current subscription.

    • This offer always deploys WebLogic Server using the 'Model in image' domain home source type, even when the persistent volume checkbox is checked in 'Configure AKS cluster' blade. Click this link for more information on domain home source types." + "text": "The Azure identity deploying this offer must have one of the following two sets of Azure role-based access control roles:
  • Contributor and User Access Administrator of the current subscription.
  • Owner of the current subscription.
    • " } }, { @@ -253,12 +253,12 @@ "steps": [ { "name": "section_aks", - "label": "Configure AKS cluster", + "label": "AKS", "subLabel": { "preValidation": "Provide required info for AKS cluster configuration", "postValidation": "Done" }, - "bladeTitle": "Configure AKS cluster", + "bladeTitle": "AKS", "elements": [ { "name": "clusterInfo", @@ -344,46 +344,6 @@ "osPlatform": "Linux", "count": "[steps('section_aks').clusterInfo.aksNodeCount]", "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" - }, - { - "name": "enableAzureMonitoringTextBlock", - "type": "Microsoft.Common.TextBlock", - "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", - "options": { - "icon": "Info", - "text": "If checked, configure the necessary settings to integrate with Container insights. Container insights gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. Metrics are written to the metrics store and log data is written to the logs store associated with your Log Analytics workspace.", - "link": { - "label": "Learn more", - "uri": "https://aka.ms/wls-aks-container-insights" - } - } - }, - { - "name": "enableAzureMonitoring", - "type": "Microsoft.Common.CheckBox", - "label": "Enable Container insights", - "toolTip": "If checked, configure the necessary settings to integrate with Container insights.", - "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" - }, - { - "name": "enableAzureFileShareTextBlock", - "type": "Microsoft.Common.TextBlock", - "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", - "options": { - "icon": "Info", - "text": "If checked, configure the necessary settings to mount a persistent volume to the nodes of the AKS cluster. This can be useful for storing log files outside of the AKS cluster, among other possible uses. An Azure Storage Account and an Azure Files share will be provisioned; static persistent volume with the Azure Files share will be mounted to the nodes of the AKS cluster.", - "link": { - "label": "Learn more", - "uri": "https://aka.ms/wls-aks-persistent-storage" - } - } - }, - { - "name": "enableAzureFileShare", - "toolTip": "If checked, configure the necessary settings to mount a persistent volume to the nodes of the AKS cluster.", - "type": "Microsoft.Common.CheckBox", - "label": "Create Persistent Volume using Azure File share service", - "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" } ] }, @@ -392,67 +352,10 @@ "type": "Microsoft.Common.Section", "label": "Image selection", "elements": [ - { - "name": "useOracleImage", - "type": "Microsoft.Common.OptionsGroup", - "label": "Use a pre-existing, WebLogic Server Docker image from Oracle Container Registry?", - "defaultValue": "Yes", - "toolTip": "Select 'Yes' to a use pre-existing, WebLogic Server Docker image from the public Oracle Container Registry. Select 'No' to use a pre-existing Docker image, assumed to be a compatible WebLogic Server image, from the specified ACR instance. This allows the use of custom images, such as with a specific set of patches (PSUs).", - "constraints": { - "allowedValues": [ - { - "label": "Yes", - "value": "true" - }, - { - "label": "No", - "value": "false" - } - ], - "required": true - } - }, - { - "name": "userProvidedAcrInfo", - "type": "Microsoft.Common.InfoBox", - "visible": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]", - "options": { - "icon": "Info", - "text": "Make sure the Azure Container Registry has enabled the admin user.", - "uri": "https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication#admin-account" - } - }, - { - "name": "userProvidedAcrSelector", - "type": "Microsoft.Solutions.ResourceSelector", - "label": "Select existing ACR instance", - "toolTip": "Select the existing ACR instance.", - "resourceType": "Microsoft.ContainerRegistry/registries", - "options": { - "filter": { - "subscription": "onBasics", - "location": "onBasics" - } - }, - "visible": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]" - }, - { - "name": "userProvidedImagePath", - "type": "Microsoft.Common.TextBox", - "visible": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]", - "label": "Please provide the image path", - "toolTip": "Please provide the image path, the image must be stored in the selected ACR above", - "defaultValue": "", - "constraints": { - "required": "[not(bool(steps('section_aks').imageInfo.useOracleImage))]", - "regex": "[concat(coalesce(last(split(steps('section_aks').imageInfo.userProvidedAcrSelector.id, '/')), ''), '.*$')]", - "validationMessage": "The image must be stored in the selected ACR above" - } - }, { "name": "oracleCreateACR", "type": "Microsoft.Common.OptionsGroup", - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", + "visible": true, "label": "Create a new Azure Container Registry to store application images?", "defaultValue": "Yes", "toolTip": "Select 'Yes' to create a new ACR instance, or select 'No' to provide an existing ACR instance.", @@ -473,7 +376,7 @@ { "name": "oracleAcrInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),not(bool(steps('section_aks').imageInfo.oracleCreateACR)))]", + "visible": "[not(bool(steps('section_aks').imageInfo.oracleCreateACR))]", "options": { "icon": "Info", "text": "Make sure the Azure Container Registry has enabled the admin user.", @@ -492,12 +395,12 @@ "location": "onBasics" } }, - "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),not(bool(steps('section_aks').imageInfo.oracleCreateACR)))]" + "visible": "[not(bool(steps('section_aks').imageInfo.oracleCreateACR))]" }, { "name": "ocrSSOInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", + "visible": true, "options": { "icon": "Info", "text": "Provide an Oracle Single Sign-On (SSO) account to access the Oracle Registry Server. Select the link to create an Oracle SSO account.", @@ -515,7 +418,7 @@ "regex": "^([a-zA-Z0-9_\\-\\.]+)@([a-zA-Z0-9_\\-\\.]+)\\.([a-zA-Z]{2,5})$", "validationMessage": "The value must be an email address." }, - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" + "visible": true }, { "name": "ocrSSOPassword", @@ -533,37 +436,37 @@ "options": { "hideConfirmation": false }, - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" + "visible": true + }, + { + "name": "fromImageInfo", + "type": "Microsoft.Common.InfoBox", + "visible": true, + "options": { + "icon": "Warning", + "text": "Before moving forward, you must accept the Oracle Standard Terms and Restrictions for the WebLogic Server image in the Oracle Container Registry (OCR). The deployment will fail if you have not accepted the terms.

    If you have an Oracle support contract, we recommend using the Patched WebLogic Server Images. Otherwise, you can use the General WebLogic Server Images.

    To use the Patched WebLogic Server Images:To use the General WebLogic Server Images:Once you have accepted the terms in OCR, make sure to select the right type of image below." + } }, { "name": "isSSOSupportEntitled", "type": "Microsoft.Common.OptionsGroup", - "label": "Is the specified SSO account associated with an active Oracle support contract?", - "defaultValue": "Yes", - "toolTip": "If 'Yes' is selected, the deployment process will pull from the CPU WebLogic Server image repository in the Oracle Container Registry (OCR). If 'No' is selected the deployment process will pull from the WebLogic Server image repository in OCR.", + "label": "Select the type of WebLogic Server Images.", + "defaultValue": "General WebLogic Server Images", + "toolTip": "If 'Patched WebLogic Server Images' is selected, the deployment process will pull from the Patched WebLogic Server Images repository. If 'General WebLogic Server Images' is selected the deployment process will pull from the General WebLogic Server Images repository.", "constraints": { "allowedValues": [ { - "label": "Yes", - "value": "true" + "label": "General WebLogic Server Images", + "value": "false" }, { - "label": "No", - "value": "false" + "label": "Patched WebLogic Server Images", + "value": "true" } ], "required": true }, - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" - }, - { - "name": "fromImageInfo", - "type": "Microsoft.Common.InfoBox", - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]", - "options": { - "icon": "Warning", - "text": "The Oracle Standard Terms and Restrictions for the WebLogic Server images must be accepted in the Oracle Container Registry.

    To accept the license agreement of available Patched WebLogic Server Images:
  • Log on to Oracle Container Registry
  • Navigate to middleware/weblogic_cpu
  • Accept license agreement

    • To accept the license agreement of available General WebLogic Server Images:
  • Log on to Oracle Container Registry
  • Navigate to middleware/weblogic
  • Accept license agreement
    • " - } + "visible": true }, { "name": "oracleImageSelector", @@ -622,12 +525,12 @@ ], "required": true }, - "visible": "[bool(steps('section_aks').imageInfo.useOracleImage)]" + "visible": true }, { "name": "fromOracleImage", "type": "Microsoft.Common.TextBox", - "visible": "[and(bool(steps('section_aks').imageInfo.useOracleImage),equals(steps('section_aks').imageInfo.oracleImageSelector, 'others'))]", + "visible": "[equals(steps('section_aks').imageInfo.oracleImageSelector, 'others')]", "label": "WebLogic Docker tag", "defaultValue": "14.1.1.0-slim-11", "toolTip": "Docker tag that comes after 'container-registry.oracle.com/middleware/weblogic:' in the fromOracleImage option to 'imagetool'.", @@ -647,13 +550,13 @@ { "name": "jeeAppInfo", "type": "Microsoft.Common.Section", - "label": "Java EE Application", + "label": "Application", "elements": [ { "name": "uploadAppPackage", "type": "Microsoft.Common.OptionsGroup", - "label": "Deploy your application package?", - "defaultValue": "Yes", + "label": "Deploy an application?", + "defaultValue": "No", "toolTip": "Select 'Yes' to deploy your application.", "constraints": { "allowedValues": [ @@ -697,7 +600,7 @@ { "name": "validateApplicationsInfo", "type": "Microsoft.Common.InfoBox", - "visible": "[bool(steps('section_aks').jeeAppInfo.uploadAppPackage)]", + "visible": false, "options": { "icon": "Info", "text": "If checked, verify the deployed app reaches the ACTIVE state and fail the deployment if it does not. See the documentation link for more information.", @@ -709,7 +612,7 @@ "type": "Microsoft.Common.CheckBox", "label": "Fail deployment if application does not become ACTIVE.", "toolTip": "If checked, verify the deployed app reaches the ACTIVE state and fail the deployment if it does not. See the documentation link for more information.", - "visible": "[bool(steps('section_aks').jeeAppInfo.uploadAppPackage)]" + "visible": false }, { "name": "appReplicas", @@ -725,13 +628,104 @@ } ], "visible": true + }, + { + "name": "aksAdvancedInfo", + "type": "Microsoft.Common.Section", + "label": "Advanced", + "elements": [ + { + "name": "enableAzureMonitoringTextBlock", + "type": "Microsoft.Common.TextBlock", + "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", + "options": { + "icon": "Info", + "text": "If checked, configure the necessary settings to integrate with Container insights. Container insights gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. Metrics are written to the metrics store and log data is written to the logs store associated with your Log Analytics workspace.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-container-insights" + } + } + }, + { + "name": "enableAzureMonitoring", + "type": "Microsoft.Common.CheckBox", + "label": "Enable Container insights", + "toolTip": "If checked, configure the necessary settings to integrate with Container insights.", + "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" + }, + { + "name": "enableAzureFileShareTextBlock", + "type": "Microsoft.Common.TextBlock", + "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]", + "options": { + "icon": "Info", + "text": "If checked, configure the necessary settings to mount a persistent volume to the nodes of the AKS cluster. This can be useful for storing log files outside of the AKS cluster, among other possible uses. An Azure Storage Account and an Azure Files share will be provisioned; static persistent volume with the Azure Files share will be mounted to the nodes of the AKS cluster.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-persistent-storage" + } + } + }, + { + "name": "enableAzureFileShare", + "toolTip": "If checked, configure the necessary settings to mount a persistent volume to the nodes of the AKS cluster.", + "type": "Microsoft.Common.CheckBox", + "label": "Create Persistent Volume using Azure File share service", + "visible": "[bool(steps('section_aks').clusterInfo.createAKSCluster)]" + }, + { + "name": "useAcrImage", + "type": "Microsoft.Common.CheckBox", + "label": "Bring your own WebLogic Server Docker image from Azure Container Registry?", + "toolTip": "Select 'Yes' to use a pre-existing Docker image, assumed to be a compatible WebLogic Server image, from the specified ACR instance. This allows the use of custom images, such as with a specific set of patches (PSUs)." + }, + { + "name": "userProvidedAcrInfo", + "type": "Microsoft.Common.InfoBox", + "visible": "[bool(steps('section_aks').aksAdvancedInfo.useAcrImage)]", + "options": { + "icon": "Info", + "text": "Make sure the Azure Container Registry has enabled the admin user.", + "uri": "https://docs.microsoft.com/en-us/azure/container-registry/container-registry-authentication#admin-account" + } + }, + { + "name": "userProvidedAcrSelector", + "type": "Microsoft.Solutions.ResourceSelector", + "label": "Select existing ACR instance", + "toolTip": "Select the existing ACR instance.", + "resourceType": "Microsoft.ContainerRegistry/registries", + "options": { + "filter": { + "subscription": "onBasics", + "location": "onBasics" + } + }, + "visible": "[bool(steps('section_aks').aksAdvancedInfo.useAcrImage)]" + }, + { + "name": "userProvidedImagePath", + "type": "Microsoft.Common.TextBox", + "visible": "[bool(steps('section_aks').aksAdvancedInfo.useAcrImage)]", + "label": "Please provide the image path", + "toolTip": "Please provide the image path, the image must be stored in the selected ACR above", + "defaultValue": "", + "constraints": { + "required": true, + "regex": "[concat(coalesce(last(split(steps('section_aks').aksAdvancedInfo.userProvidedAcrSelector.id, '/')), ''), '.*$')]", + "validationMessage": "The image must be stored in the selected ACR above" + } + } + ], + "visible": true } ] }, { "name": "section_sslConfiguration", "type": "Microsoft.Common.Section", - "label": "TLS/SSL configuration", + "label": "TLS/SSL", "elements": [ { "name": "sslConfigurationText", @@ -1154,12 +1148,12 @@ { "name": "section_appGateway", "type": "Microsoft.Common.Section", - "label": "Networking", + "label": "Load balancing", "subLabel": { - "preValidation": "Provide required information for networking", + "preValidation": "Provide required information for load balancing", "postValidation": "Done" }, - "bladeTitle": "Networking", + "bladeTitle": "Load balancing", "elements": [ { "name": "connectToAGText", @@ -1170,205 +1164,54 @@ } }, { - "name": "lbSVCInfo", + "name": "loadBalancingOptions", + "type": "Microsoft.Common.OptionsGroup", + "label": "Load Balancing Options", + "defaultValue": "Application Gateway Ingress Controller", + "toolTip": "Select load balancing option.", + "constraints": { + "allowedValues": [ + { + "label": "Application Gateway Ingress Controller", + "value": "agic" + }, + { + "label": "Standard Load Balancer Service", + "value": "lbservice" + }, + { + "label": "No Load Balancer", + "value": "none" + } + ], + "required": true + }, + "visible": true + }, + { + "name": "appgwIngress", "type": "Microsoft.Common.Section", - "label": "Standard Load Balancer service", + "label": "Application Gateway Ingress Controller", "elements": [ { - "name": "enableLBSVCText", + "name": "enableAppGatewayText", "type": "Microsoft.Common.TextBlock", "visible": true, "options": { - "text": "Selecting 'Yes' here will cause the offer to provision the Azure Load Balancer service to expose WebLogic Server Administration Console and cluster.", + "text": "This option will cause the offer to configure an Application Gateway Ingress Controller", "link": { "label": "Learn more", - "uri": "https://aka.ms/wls-aks-standard-load-balancer" + "uri": "https://aka.ms/wls-aks-app-gateway-ingress-controller" } } }, { - "name": "enableLBSVC", - "type": "Microsoft.Common.OptionsGroup", - "label": "Create Standard Load Balancer services for Oracle WebLogic Server?", - "defaultValue": "No", - "toolTip": "Select 'Yes' to create Standard Load Balancer services for Oracle WebLogic Server.", - "constraints": { - "allowedValues": [ - { - "label": "Yes", - "value": true - }, - { - "label": "No", - "value": false - } - ], - "required": false - } - }, - { - "name": "enableInternalLBText", - "type": "Microsoft.Common.TextBlock", - "visible": "[steps('section_appGateway').lbSVCInfo.enableLBSVC]", + "name": "vnetInfo", + "type": "Microsoft.Common.InfoBox", + "visible": true, "options": { - "text": "If checked, the offer will configure the load balancer as an internal load balancer.", - "link": { - "label": "Learn more", - "uri": "https://aka.ms/wls-aks-internal-load-balancer" - } - } - }, - { - "name": "enableInternalLB", - "type": "Microsoft.Common.CheckBox", - "label": "Use Internal Load Balancer", - "toolTip": "If checked, the offer will configure the load balancer as an internal load balancer.", - "visible": "[steps('section_appGateway').lbSVCInfo.enableLBSVC]" - }, - { - "name": "infoBoxForLbSvc", - "type": "Microsoft.Common.InfoBox", - "visible": "[steps('section_appGateway').lbSVCInfo.enableLBSVC]", - "options": { - "icon": "info", - "text": "There must be at least one and at most two entries." - } - }, - { - "name": "lbSVC", - "type": "Microsoft.Common.EditableGrid", - "ariaLabel": "Enter information", - "label": "Standard Load Balancer service", - "toolTip": "Create Azure Standard Load Balancer service for Administration Console and cluster.", - "visible": "[steps('section_appGateway').lbSVCInfo.enableLBSVC]", - "constraints": { - "width": "Full", - "rows": { - "count": { - "min": 0, - "max": 2 - } - }, - "columns": [ - { - "id": "colName", - "header": "Service name prefix", - "width": "2fr", - "element": { - "type": "Microsoft.Common.TextBox", - "placeholder": "Input a prefix...", - "toolTip": "Input a prefix for service name. For example, inputing 'domain1-admin-server' will cause provisioning a Load Balancer service named with 'domain1-admin-server*' and exposing the Oracle WebLogic Administration Server to Internet.", - "constraints": { - "required": true, - "validations": [ - { - "isValid": "[lessOrEquals(length(filter(steps('section_appGateway').lbSVCInfo.lbSVC, (item) => equals(item.colName, last(take(steps('section_appGateway').lbSVCInfo.lbSVC, $rowIndex)).colName))),1)]", - "message": "You can not input the same service prefix repeadly, please change any of the value." - }, - { - "regex": "^(?=.{3,20}$)[a-zA-Z](?!.*--)[a-zA-Z0-9-]*[a-zA-Z0-9]$", - "message": "The prefix must be between 3 and 20 characters long and contain letters, numbers and hyphens(-). The name must begin with a letter, end with a letter or digit, and not contain consecutive hyphens." - } - ] - } - } - }, - { - "id": "colTarget", - "header": "Target", - "width": "2fr", - "element": { - "type": "Microsoft.Common.DropDown", - "placeholder": "Select a target...", - "toolTip": "Create Azure Standard Load Balancer Servicer for the selected target.", - "constraints": { - "allowedValues": [ - { - "label": "admin-server", - "value": "adminServer" - }, - { - "label": "cluster-1", - "value": "cluster1" - } - ], - "required": true - } - } - }, - { - "id": "colPort", - "header": "Port", - "width": "1fr", - "element": { - "type": "Microsoft.Common.TextBox", - "placeholder": "Input a port...", - "toolTip": "Public port for the target service, it's suggested to use 7001 for Oracle WebLogic Administration Server, and 8001 for cluster.", - "constraints": { - "required": true, - "validations": [ - { - "isValid": "[lessOrEquals(length(filter(steps('section_appGateway').lbSVCInfo.lbSVC, (item) => equals(item.colTarget, last(take(steps('section_appGateway').lbSVCInfo.lbSVC, $rowIndex)).colTarget))),1)]", - "message": "You can not select the same target repeatedly." - }, - { - "regex": "^()([1-9]|[1-5]?[0-9]{2,4}|6[1-4][0-9]{3}|65[1-4][0-9]{2}|655[1-2][0-9]|6553[1-5])$", - "message": "Only numbers are allowed, and the value must be 1-65535." - } - ] - } - } - } - ] - } - } - ], - "visible": true - }, - { - "name": "appgwIngress", - "type": "Microsoft.Common.Section", - "label": "Application Gateway Ingress Controller", - "elements": [ - { - "name": "enableAppGatewayText", - "type": "Microsoft.Common.TextBlock", - "visible": true, - "options": { - "text": "Selecting 'Yes' here will cause the offer to configure an Application Gateway Ingress Controller", - "link": { - "label": "Learn more", - "uri": "https://aka.ms/wls-aks-app-gateway-ingress-controller" - } - } - }, - { - "name": "enableAppGateway", - "type": "Microsoft.Common.OptionsGroup", - "label": "Connect to Azure Application Gateway?", - "defaultValue": "No", - "toolTip": "Select 'Yes' to create an Azure Application Gateway Ingress as the load balancer for the cluster and admin server.", - "constraints": { - "allowedValues": [ - { - "label": "Yes", - "value": true - }, - { - "label": "No", - "value": false - } - ], - "required": false - } - }, - { - "name": "vnetInfo", - "type": "Microsoft.Common.InfoBox", - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]", - "options": { - "icon": "Info", - "text": "When creating a new virtual network, the subnet's address prefix is calculated automatically based on the virtual network's address prefix. When using an existing virtual network, a minimum virtual network size of /24 and a minimum subnet size of /24 are required. Additionally, the subnet must be dedicated only for use by the Application Gateway." + "icon": "Info", + "text": "When creating a new virtual network, the subnet's address prefix is calculated automatically based on the virtual network's address prefix. When using an existing virtual network, a minimum virtual network size of /24 and a minimum subnet size of /24 are required. Additionally, the subnet must be dedicated only for use by the Application Gateway." } }, { @@ -1406,7 +1249,7 @@ } } }, - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]" + "visible": true }, { "name": "appgwUsePrivateIP", @@ -1418,7 +1261,7 @@ { "name": "keyVaultText00", "type": "Microsoft.Common.TextBlock", - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]", + "visible": true, "options": { "text": "Choose an option for providing the TLS/SSL certificate:" } @@ -1426,7 +1269,7 @@ { "name": "keyVaultText01", "type": "Microsoft.Common.TextBlock", - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]", + "visible": true, "options": { "text": "    ⁃ Upload a TLS/SSL certificate: Upload the pre-signed certificate now." } @@ -1434,7 +1277,7 @@ { "name": "keyVaultText02", "type": "Microsoft.Common.TextBlock", - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]", + "visible": true, "options": { "text": "    ⁃ Identify an Azure Key Vault: The Key Vault must already contain the certificate and its password stored as secrets." } @@ -1442,7 +1285,7 @@ { "name": "keyVaultText03", "type": "Microsoft.Common.TextBlock", - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]", + "visible": true, "options": { "text": "    ⁃ Generate a self-signed front-end certificate: Generate a self-signed front-end certificate and apply it during deployment.", "link": { @@ -1455,10 +1298,14 @@ "name": "certificateOption", "type": "Microsoft.Common.OptionsGroup", "label": "Select desired TLS/SSL certificate option", - "defaultValue": "Upload a TLS/SSL certificate", + "defaultValue": "Generate a self-signed front-end certificate", "toolTip": "Select desired TLS/SSL certificate option", "constraints": { "allowedValues": [ + { + "label": "Generate a self-signed front-end certificate", + "value": "generateCert" + }, { "label": "Upload a TLS/SSL certificate", "value": "haveCert" @@ -1466,15 +1313,11 @@ { "label": "Identify an Azure Key Vault", "value": "haveKeyVault" - }, - { - "label": "Generate a self-signed front-end certificate", - "value": "generateCert" } ], "required": true }, - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]" + "visible": true }, { "name": "keyVaultSSLCertData", @@ -1524,7 +1367,7 @@ "uploadMode": "file", "openMode": "binary" }, - "visible": "[and(steps('section_appGateway').appgwIngress.enableAppGateway, steps('section_sslConfiguration').enableCustomSSL, not(equals(steps('section_appGateway').appgwIngress.certificateOption, 'haveKeyVault')))]" + "visible": "[and(steps('section_sslConfiguration').enableCustomSSL, not(equals(steps('section_appGateway').appgwIngress.certificateOption, 'haveKeyVault')))]" }, { "name": "keyVaultResourceGroup", @@ -1594,9 +1437,9 @@ { "name": "enableCookieBasedAffinity", "type": "Microsoft.Common.CheckBox", - "label": "Enable cookie based affinity", - "toolTip": "If checked, enable cookie based affinity", - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]" + "label": "Disable cookie based affinity", + "toolTip": "If checked, disable cookie based affinity", + "visible": true }, { "name": "appgwForAdminServer", @@ -1616,7 +1459,7 @@ } ] }, - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]" + "visible": true }, { "name": "appgwForAdminRemote", @@ -1636,17 +1479,153 @@ } ] }, - "visible": "[steps('section_appGateway').appgwIngress.enableAppGateway]" + "visible": true } ], - "visible": true + "visible": "[equals(steps('section_appGateway').loadBalancingOptions, 'agic')]" + }, + { + "name": "lbSVCInfo", + "type": "Microsoft.Common.Section", + "label": "Standard Load Balancer Service", + "elements": [ + { + "name": "enableLBSVCText", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "This option will cause the offer to provision the Azure Load Balancer service to expose the WebLogic Server Administration Console and the cluster.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-standard-load-balancer" + } + } + }, + { + "name": "enableInternalLBText", + "type": "Microsoft.Common.TextBlock", + "visible": true, + "options": { + "text": "If checked, the offer will configure the load balancer as an internal load balancer.", + "link": { + "label": "Learn more", + "uri": "https://aka.ms/wls-aks-internal-load-balancer" + } + } + }, + { + "name": "enableInternalLB", + "type": "Microsoft.Common.CheckBox", + "label": "Use Internal Load Balancer", + "toolTip": "If checked, the offer will configure the load balancer as an internal load balancer.", + "visible": true + }, + { + "name": "infoBoxForLbSvc", + "type": "Microsoft.Common.InfoBox", + "visible": true, + "options": { + "icon": "info", + "text": "There must be at least one and at most two entries." + } + }, + { + "name": "lbSVC", + "type": "Microsoft.Common.EditableGrid", + "ariaLabel": "Enter information", + "label": "Standard Load Balancer service", + "toolTip": "Create Azure Standard Load Balancer service for Administration Console and cluster.", + "visible": true, + "constraints": { + "width": "Full", + "rows": { + "count": { + "min": 1, + "max": 2 + } + }, + "columns": [ + { + "id": "colName", + "header": "Service name prefix", + "width": "2fr", + "element": { + "type": "Microsoft.Common.TextBox", + "placeholder": "Input a prefix...", + "toolTip": "Input a prefix for service name. For example, inputing 'domain1-admin-server' will cause provisioning a Load Balancer service named with 'domain1-admin-server*' and exposing the Oracle WebLogic Administration Server to Internet.", + "constraints": { + "required": true, + "validations": [ + { + "isValid": "[lessOrEquals(length(filter(steps('section_appGateway').lbSVCInfo.lbSVC, (item) => equals(item.colName, last(take(steps('section_appGateway').lbSVCInfo.lbSVC, $rowIndex)).colName))),1)]", + "message": "You can not input the same service prefix repeadly, please change any of the value." + }, + { + "regex": "^(?=.{3,20}$)[a-zA-Z](?!.*--)[a-zA-Z0-9-]*[a-zA-Z0-9]$", + "message": "The prefix must be between 3 and 20 characters long and contain letters, numbers and hyphens(-). The name must begin with a letter, end with a letter or digit, and not contain consecutive hyphens." + } + ] + } + } + }, + { + "id": "colTarget", + "header": "Target", + "width": "2fr", + "element": { + "type": "Microsoft.Common.DropDown", + "placeholder": "Select a target...", + "toolTip": "Create Azure Standard Load Balancer Servicer for the selected target.", + "constraints": { + "allowedValues": [ + { + "label": "admin-server", + "value": "adminServer" + }, + { + "label": "cluster-1", + "value": "cluster1" + } + ], + "required": true + } + } + }, + { + "id": "colPort", + "header": "Port", + "width": "1fr", + "element": { + "type": "Microsoft.Common.TextBox", + "placeholder": "Input a port...", + "toolTip": "Public port for the target service, it's suggested to use 7001 for Oracle WebLogic Administration Server, and 8001 for cluster.", + "constraints": { + "required": true, + "validations": [ + { + "isValid": "[lessOrEquals(length(filter(steps('section_appGateway').lbSVCInfo.lbSVC, (item) => equals(item.colTarget, last(take(steps('section_appGateway').lbSVCInfo.lbSVC, $rowIndex)).colTarget))),1)]", + "message": "You can not select the same target repeatedly." + }, + { + "regex": "^()([1-9]|[1-5]?[0-9]{2,4}|6[1-4][0-9]{3}|65[1-4][0-9]{2}|655[1-2][0-9]|6553[1-5])$", + "message": "Only numbers are allowed, and the value must be 1-65535." + } + ] + } + } + } + ] + } + } + ], + "visible": "[equals(steps('section_appGateway').loadBalancingOptions, 'lbservice')]" } ] }, { "name": "section_dnsConfiguration", "type": "Microsoft.Common.Section", - "label": "DNS configuration", + "label": "DNS", "elements": [ { "name": "dnsConfigurationText", @@ -1663,7 +1642,7 @@ { "name": "enableDNSConfiguration", "type": "Microsoft.Common.OptionsGroup", - "label": "Configure Custom DNS Alias", + "label": "Custom DNS Alias", "defaultValue": "No", "toolTip": "Select 'Yes' to configure Custom DNS Alias.", "constraints": { @@ -1745,7 +1724,7 @@ } ] }, - "visible": "[steps('section_dnsConfiguration').enableDNSConfiguration]" + "visible": "[and(steps('section_dnsConfiguration').enableDNSConfiguration, not(equals(steps('section_appGateway').loadBalancingOptions,'none')))]" }, { "name": "dnszoneAdminT3ChannelLabel", @@ -1766,7 +1745,7 @@ } ] }, - "visible": "[and(steps('section_dnsConfiguration').enableDNSConfiguration,basics('basicsOptional').enableAdminT3Tunneling, steps('section_appGateway').lbSVCInfo.enableLBSVC)]" + "visible": "[and(steps('section_dnsConfiguration').enableDNSConfiguration,basics('basicsOptional').enableAdminT3Tunneling, equals(steps('section_appGateway').loadBalancingOptions,'lbservice'))]" }, { "name": "dnszoneGatewayLabel", @@ -1787,7 +1766,7 @@ } ] }, - "visible": "[steps('section_dnsConfiguration').enableDNSConfiguration]" + "visible": "[and(steps('section_dnsConfiguration').enableDNSConfiguration, not(equals(steps('section_appGateway').loadBalancingOptions,'none')))]" }, { "name": "dnszoneClusterT3ChannelLabel", @@ -1808,7 +1787,7 @@ } ] }, - "visible": "[and(steps('section_dnsConfiguration').enableDNSConfiguration,basics('basicsOptional').enableClusterT3Tunneling, steps('section_appGateway').lbSVCInfo.enableLBSVC)]" + "visible": "[and(steps('section_dnsConfiguration').enableDNSConfiguration,basics('basicsOptional').enableClusterT3Tunneling, equals(steps('section_appGateway').loadBalancingOptions,'lbservice'))]" } ] }, @@ -2142,10 +2121,10 @@ "dnszoneName": "[steps('section_dnsConfiguration').dnszoneName]", "dnszoneRGName": "[steps('section_dnsConfiguration').dnsZoneResourceGroup]", "dsConnectionURL": "[coalesce(steps('section_database').databaseConnectionInfo.dsConnectionURL, steps('section_database').databaseConnectionInfo.dsConnectionURL2, 'null')]", - "enableAppGWIngress": "[steps('section_appGateway').appgwIngress.enableAppGateway]", - "enableAzureMonitoring": "[bool(steps('section_aks').clusterInfo.enableAzureMonitoring)]", - "enableAzureFileShare": "[bool(steps('section_aks').clusterInfo.enableAzureFileShare)]", - "enableCookieBasedAffinity": "[bool(steps('section_appGateway').appgwIngress.enableCookieBasedAffinity)]", + "enableAppGWIngress": "[equals(steps('section_appGateway').loadBalancingOptions, 'agic')]", + "enableAzureMonitoring": "[bool(steps('section_aks').aksAdvancedInfo.enableAzureMonitoring)]", + "enableAzureFileShare": "[bool(steps('section_aks').aksAdvancedInfo.enableAzureFileShare)]", + "enableCookieBasedAffinity": "[not(bool(steps('section_appGateway').appgwIngress.enableCookieBasedAffinity))]", "enableCustomSSL": "[bool(steps('section_sslConfiguration').enableCustomSSL)]", "enableDB": "[bool(steps('section_database').enableDB)]", "enableDNSConfiguration": "[bool(steps('section_dnsConfiguration').enableDNSConfiguration)]", @@ -2185,10 +2164,10 @@ "sslUploadedPrivateKeyAlias": "[steps('section_sslConfiguration').uploadedCustomSSLSettings.uploadedPrivateKeyAlias]", "sslUploadedPrivateKeyPassPhrase": "[steps('section_sslConfiguration').uploadedCustomSSLSettings.uploadedPrivateKeyPassPhrase]", "useInternalLB": "[bool(steps('section_appGateway').lbSVCInfo.enableInternalLB)]", - "useOracleImage": "[bool(steps('section_aks').imageInfo.useOracleImage)]", - "userProvidedAcr": "[last(split(steps('section_aks').imageInfo.userProvidedAcrSelector.id, '/'))]", - "userProvidedImagePath": "[steps('section_aks').imageInfo.userProvidedImagePath]", - "validateApplications": "[bool(steps('section_aks').jeeAppInfo.validateApplications)]", + "useOracleImage": "[if(bool(steps('section_aks').aksAdvancedInfo.useAcrImage), false, true)]", + "userProvidedAcr": "[last(split(steps('section_aks').aksAdvancedInfo.userProvidedAcrSelector.id, '/'))]", + "userProvidedImagePath": "[steps('section_aks').aksAdvancedInfo.userProvidedImagePath]", + "validateApplications": true, "vnetForApplicationGateway": "[steps('section_appGateway').appgwIngress.vnetForApplicationGateway]", "vnetRGNameForApplicationGateway": "[steps('section_appGateway').appgwIngress.vnetForApplicationGateway.resourceGroup]", "vmSize": "[steps('section_aks').clusterInfo.nodeVMSizeSelector]", From a0a88a62abed6a6447e14df8ee90802243d1084a Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Thu, 19 Jan 2023 22:15:09 +0800 Subject: [PATCH 418/720] Deployment descriptions (#234) * Deployment description for admin offer. * description for single node offer * description for cluster offer * description for dynamic cluster * On branch deployment-description Copyediting for WLS on VMs. modified: README.md Signed-off-by: Ed Burns * description for aks offer. * On branch deployment-description Apply feedback from Reza. Ed to apply to other sections and offers accordingly. modified: README.md Signed-off-by: Ed Burns * On branch deployment-description Apply lessons from 96fd6457 modified: README.md Signed-off-by: Ed Burns * On branch deployment-description Apply lessons from 96fd6457 modified: README.md Signed-off-by: Ed Burns Signed-off-by: Ed Burns Co-authored-by: Ed Burns --- README.md | 231 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 231 insertions(+) diff --git a/README.md b/README.md index 825379586..df000f4fc 100644 --- a/README.md +++ b/README.md @@ -12,6 +12,237 @@ Please refer to the README for [documentation on WebLogic Server running on an A Please refer to the README for [documentation on WebLogic Server running on an Azure Virtual Machine](https://docs.oracle.com/en/middleware/standalone/weblogic-server/wlazu/get-started-oracle-weblogic-server-microsoft-azure-iaas.html#GUID-E0B24A45-F496-4509-858E-103F5EBF67A7) +## Deployment Description + +### WLS on VMs + +#### Oracle WebLogic Server Single Node + +The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) without domain configuration. + +* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. + * OS: Oracle Linux or Red Hat Enterprise Linux + * JDK: Oracle JDK 8, or 11 + * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +* Computing resources + * A VM with the following configurations: + * Operating system as described in the selected base image. + * Choice of VM size. + * An OS disk attached to the VM. +* Network resources + * A virtual network and a subnet. + * A network security group. + * A network interface. + * A public IP address assigned to the network interface. +* Storage resources + * An Azure Storage Account to store the VM diagnostics profile. +* Key Software components + * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. + * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. + * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. + +#### Oracle WebLogic Server with Admin Server + +The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain and the Administration Server set up. + +* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. + * OS: Oracle Linux or Red Hat Enterprise Linux + * JDK: Oracle JDK 8, or 11 + * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +* Computing resources + * A VM to run the Administration Server with the following configuration. + * Operating system as described in the selected base image. + * Choice of VM size. + * An OS disk attached to the VM. +* Network resources + * A virtual network and a subnet. You can also select to bring your own virtual network. + * A network security group if you select to create a new virtual network. + * A network interface. + * A public IP address assigned to the network interface if you select to create a new virtual network. +* Storage resources + * An Azure Storage Account and a file share named `wlsshare`. The mount point is `/mnt/wlsshare`. + * The storage account is also used to store the diagnostics profile of the VM. + * A private endpoint in the same subnet with the VM, which allows the VM to access the file share. +* Key software components + * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. + * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. + * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. + * A WLS domain with the Administration Server up and running. Sign in to the Administration Server is with the Administrator user name and credentials provided to the offer. The default domain name is `adminDomain`, the domain path is `/u01/domains/adminDomain/`. You are able to access the Administration Server and manage the domain via URL `http://:7001/console/`. By default, the offer configures the Administration Server with a self-signed TLS certificate. You are able to access it with HTTPS `https://:7002/console/`. + * If you select to configure WebLogic Administration Console on HTTPS (Secure) port, TLS/SSL termination is performed with your own TLS/SSL certificate. The offer sets up the Administration Server with identity key store and trust key store provided to the offer. The default secure port is `7002`. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. +* Database connectivity + * The offer provides database connectivity using username/password or Azure passwordless database access. + * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. + * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database to user managed identity of VM. +* Access URLs + * Access to the Administration Server via HTTP. If you enable traffic to the Administration Server, the HTTP URLs is `http://:7001/console/`. + * Access to the Administration Server via HTTPS. If you enable traffic to the Administration Server, the HTTPS URL is different for the following scenarios: + * With TLS/SSL termination enabled and custom DNS enabled, the HTTP URLs is `http://.:7002/console/`. + * With on TLS/SSL termination enabled, the HTTP URLs is `http://:7002/console/`. + +#### Oracle WebLogic Server Cluster + +The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain, the Administration Server and a configured cluster set up. + +* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. + * OS: Oracle Linux or Red Hat Enterprise Linux + * JDK: Oracle JDK 8, or 11 + * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +* Computing resources + * VMs with the followings configurations: + * A VM to run the Administration Server and an arbitrary number of VMs to run Managed Servers. + * VMs to run Coherence Cache servers. + * Choice of VM size. + * An OS disk attached to the VM. +* Network resources + * A virtual network and a subnet. You can also select to bring your own virtual network. + * A network security group if you select to create a new virtual network. + * Network interfaces for VMs. + * Public IP addresses assigned to the network interfaces of admin server and managed servers. + * A public IP assigned to Application Gateway if you select to enable Application Gateway. +* Load Balancer + * An Azure Application Gateway if you select to enable it. You can upload TLS/SSL certifiacte or use the certificates stored in a key vault. Otherwise, you can assign an auto-generated self-signed certificate to the application gateway. +* High Availability + * An Azure Availability Set for the VMs. +* Key software components + * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. + * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. + * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. + * A WLS domain with the Administration Server up and running. Sign in to the Administration Server is with the Administrator user name and credentials provided to the offer. The default domain name is `adminDomain`, the domain path is `/u01/domains/adminDomain/`. You are able to access the Administration Server and manage the domain via URL `http://:7001/console/`. By default, the offer configures the Administration Server with a self-signed TLS certificate. You are able to access it with HTTPS `https://:7002/console/`. + * A configured cluster with Managed Servers running. The number of managed servers is specified in the UI when deploying the offer. + * Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. +* Database connectivity + * The offer provides database connectivity using username/password or Azure passwordless database access. + * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. + * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database to user managed identity of VM. +* Access URLs + * Access to the Administration Server via HTTP. If you enable traffic to the Administration Server, the HTTP URLs is `http://:7001/console/`. + * Access to the Administration Server via HTTPS. If you enable traffic to the Administration Server, the HTTPS URL is different for the following scenarios: + * With TLS/SSL termination enabled and custom DNS enabled, the HTTP URLs is `http://.:7002/console/`. + * With on TLS/SSL termination enabled, the HTTP URLs is `http://:7002/console/`. + * Access to cluster and your application via HTTP. If you enable Application Gateway, the HTTP URLs is `http:////`. + * Access to cluster and your application via HTTPS: + * If you enable Application Gateway with signed certificate and custom DNS, the HTTPS URLs is `https://.//`. + * If you enable Application Gateway with self-signed certificate, the HTTPS URLs is `https:////`. + +#### Oracle WebLogic Server Dynamic Cluster + +The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain, the Administration Server, and a dynamic cluster set up. + +* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. + * OS: Oracle Linux or Red Hat Enterprise Linux + * JDK: Oracle JDK 8, or 11 + * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +* The offer includes the choice of the following Oracle HTTP Server (OHS) base images + * OS: Oracle Linux + * OHS version 12.2.1.4.0 +* Computing resources + * VMs for Oracle WebLogic Server: + * A VM to run the Administration Server and an arbitrary number of VMs to run Managed Servers. + * VMs to run Coherence Cache servers. + * Operating system as described in the selected base image. + * Choice of VM size. + * An OS disk attached to the VM. + * VMs for Oracle HTTP Server: + * A VM to run the Oracle HTTP Server. + * Choice of VM size. + * An OS disk attached to the VM. +* Network resources + * A virtual network and a subnet. You can also select to bring your own virtual network. + * A network security group if you select to create a new virtual network. + * Network interfaces for VMs. + * Public IP addresses assigned to the network interfaces of the admin server and managed servers. + * Public IP addresses assigned to the network interfaces of cache machines if you select to create a new virtual network and enable Coherence Cache. + * A public IP assigned to Oracle HTTP Server if you select to enable it. +* Load Balancer + * An Oracle HTTP Server if you select to enable it. You can upload TLS/SSL certifiacte or use the certificates stored in a key vault to configure HTTPS. +* Storage resources + * An Azure Storage Account and a file share named `wlsshare`. The mount point is `/mnt/wlsshare`. + * The storage account is also used to store the diagnostics profile of the VMs. + * A private endpoint in the same subnet with the VM, which allows the VM to access the file share. +* Key software components for Oracle WebLogic Server + * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. + * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. + * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. + * A WLS domain with the Administration Server up and running. Sign in to the Administration Server is with the Administrator user name and credentials provided to the offer. The default domain name is `adminDomain`, the domain path is `/u01/domains/adminDomain/`. You are able to access the Administration Server and manage the domain via URL `http://:7001/console/`. By default, the offer configures the Administration Server with a self-signed TLS certificate. You are able to access it with HTTPS `https://:7002/console/`. + * A dynamic cluster with spcified number of Managed Servers running. The number of Managed servers is specified by **Initial Dynamic Cluster Size**. The cluster size is specified by **Maximum Dynamic Cluster Size**. + * If you select to configure WebLogic Administration Console on HTTPS (Secure) port, TLS/SSL termination is performed with your own TLS/SSL certificate. The offer sets up the Administration Server with identity key store and trust key store provided to the offer. The default secure port is `7002`. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. + * Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. +* Key software components for Oracle HTTP Server + * Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/ohs/install/oracle/middleware/oracle_home`. + * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. + * A domain is configured based on the node manager user name and credentials provided by the user. The default domain name is `ohsStandaloneDomain`, the domain path is `/u01/domains/ohsStandaloneDomain/`. + * An Oracle HTTP Server Component with default name `ohs_component`. + * If you select to configure your own TLS/SSL certificate, TLS/SSL termination is enabled. The offer sets up the Oracle HTTP Server with the provided identity key store and trust key store. The default secure port is `4444`. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. +* Database connectivity + * The offer provides database connectivity using username/password or Azure passwordless database access. + * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. + * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database to user managed identity of VM. +* Access URLs + * Access to the Administration Server via HTTP. If you enable traffic to the Administration Server, the HTTP URLs is `http://:7001/console/`. + * Access to the Administration Server via HTTPS. If you enable traffic to the Administration Server, the HTTPS URL is different for the following scenarios: + * With TLS/SSL termination enabled and custom DNS enabled, the HTTP URLs is `http://.:7002/console/`. + * With on TLS/SSL termination enabled, the HTTP URLs is `http://:7002/console/`. + * Access to cluster and your application via HTTP. If you enable Oracle HTTP Server, the HTTP URLs is `http://:7777//`. Replace `7777` with your value if you change the default port. + * Access to cluster and your application via HTTPS. If you enable Oracle HTTP Server and custom DNS, the HTTPS URLs is `https://.:4444//`. Replace `4444` with your value if you change the default port. + +### WLS on AKS + +The offer provisions the following Azure resources and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain, the Administration Server and a dynamic cluster set up. + + +* The offer includes the choice of the following Oracle WebLogic Server container images + * Images from Oracle Container Registry (General or Patched images) + * OS: Oracle Linux or Red Hat Enterprise Linux + * JDK: Oracle JDK 8, or 11 + * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 + * You can specify any arbitrary docker image tag that is available from Oracle Container Registry. + * Images from your own Azure Container Registry. +* Computing resources + * Azure Kubernetes Service cluster + * Dynamically created AKS cluster with + * Choice of Node count. + * Choice of Node size. + * Network plugin: Azure CNI. + * You can also bring your own AKS cluster + * An Azure Container Registry. You can also bring your own container registry. The registry is used to store the WLS and application image. +* Network resources + * A virtual network and a subnet. You can also select to bring your own virtual network. + * Public IP addresses assigned to the managed load balancer and Azure Application Gateway, if selected. +* Load Balancer + * An Azure Application Gateway if you select to enable it. You can upload TLS/SSL certificate or use the certificates stored in a key vault. Otherwise, assign a self-signed certificate to the application gateway. + * Load balancer services if you select to enable it. +* Storage resources + * An Azure Storage Account and a file share named `weblogic` if you select to create Persistent Volume using Azure File share service. The mount point is `/shared`. +* Monitoring resources + * Azure Container Insights and workspace for it if you select to enable Container insights. +* Key software components + * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. + * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. + * A WLS domain with the Administration Server up configured based on the provided Administrator user name and credentials. The default domain name is `sample-domain1`, the domain path is `/u01/domains/sample-domain1/`. + * A dynamic cluster with Managed Servers running. The number of Managed Servers is specified by **Number of WebLogic Managed Server replicas**, and cluster size is specified by **Maximum dynamic cluster size**. + * TLS/SSL termination if you select to configure WebLogic Administration Console on HTTPS (Secure) port, with your own TLS/SSL certificate. The offer sets up the Administration Server with the provided identity key store and trust key store. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. +* Database connectivity + * The offer provides database connectivity using username/password or Azure passwordless database access. + * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. + * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database. +* Access URLs + * If you select to enable Application Gateway Ingress Controller: + * Access the cluster: + * The HTTP URLs is `http:////`. + * If you enable Application Gateway with signed certificate and enable custom DNS, the HTTPS URLs is `https://.//`. + * If you enable Application Gateway with self-signed certificate, the HTTPS URLs is `https:////`. + * Access the Administration Server: + * If you select to create ingress for the Administration Server, the HTTP URL is `http:///console/`. + * If you select to create ingress for the Administration Server, enable Application Gateway with self-signed certificate and enable custom DNS, the HTTPs URL is `https://./console/`. + * If you select to enable Azure Load Balancer Service: + * Access the cluster: + * Configure the service name and port. + * The HTTP URLs is `http://://`. + * If you enable WLS TLS/SSL termination and enable custom DNS, the HTTPS URLs is `https://.://`. + * Access the Administration Server: + * Configure the service name and port. + * The HTTP URL to access the Administration Server is `http://:/console/`. + * If you enable WLS TLS/SSL termination and enable custom DNS, the HTTPs URL is `https://.:/console/`. ## Examples To get details of how to run Oracle WebLogic Server on Azure Virtual Machines refer to the blog [WebLogic on Azure Virtual Machines Major Release Now Available](https://blogs.oracle.com/weblogicserver/weblogic-on-azure-virtual-machines-major-release-now-available). From 026b39d1cd8aea31ea9e14483120e4183d43c9ce Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Fri, 20 Jan 2023 22:11:36 +0800 Subject: [PATCH 419/720] fix url of external dependency xml file, which blocks the deployment of passwordless db connection. (#233) Signed-off-by: galiacheng Changes to be committed: modified: weblogic-azure-aks/pom.xml modified: weblogic-azure-aks/src/main/arm/scripts/common.sh Co-authored-by: Ed Burns --- weblogic-azure-aks/pom.xml | 2 +- weblogic-azure-aks/src/main/arm/scripts/common.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index dfcec830e..2d04c32e0 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.51 + 1.0.52 com.microsoft.azure.iaas diff --git a/weblogic-azure-aks/src/main/arm/scripts/common.sh b/weblogic-azure-aks/src/main/arm/scripts/common.sh index 581a8ee09..428c5f4ad 100644 --- a/weblogic-azure-aks/src/main/arm/scripts/common.sh +++ b/weblogic-azure-aks/src/main/arm/scripts/common.sh @@ -37,8 +37,8 @@ export ocrCpuImagePath="middleware/weblogic_cpu" export gitUrl4CpuImages="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/weblogic_cpu_images.json" export gitUrl4AksWellTestedVersionJsonFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/aks_well_tested_version.json" export gitUrl4WLSToolingFamilyJsonFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/weblogic_tooling_family.json" -export gitUrl4AzureIdentityExtensionsPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resource/azure-identity-extensions.xml" -export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resource/mysql-connector-java.xml" +export gitUrl4AzureIdentityExtensionsPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/azure-identity-extensions.xml" +export gitUrl4MySQLDriverPomFile="https://raw.githubusercontent.com/oracle/weblogic-azure/main/weblogic-azure-aks/src/main/resources/mysql-connector-java.xml" export optUninstallMaxTry=5 # Max attempts to wait for the operator uninstalled export optUninstallInterval=10 From 459f7f8db68ceb05a9ccc8c38bdc3eb40e7746c8 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Sat, 21 Jan 2023 07:03:25 +0800 Subject: [PATCH 420/720] use wko 3.4.4 (#236) --- .../src/main/resources/weblogic_tooling_family.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/weblogic-azure-aks/src/main/resources/weblogic_tooling_family.json b/weblogic-azure-aks/src/main/resources/weblogic_tooling_family.json index c6e64d125..398dcd703 100644 --- a/weblogic-azure-aks/src/main/resources/weblogic_tooling_family.json +++ b/weblogic-azure-aks/src/main/resources/weblogic_tooling_family.json @@ -5,8 +5,8 @@ { "key": "WKO", "description": "Oracle WebLogic Kubernetes Operator", - "version": "3.4.1", - "testedDate": "2022-06-16" + "version": "3.4.4", + "testedDate": "2023-01-19" }, { "key": "WDT", From 3cf06bed9c08aa978b70efdde07540227d934b76 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Tue, 24 Jan 2023 07:58:25 -0800 Subject: [PATCH 421/720] On branch edburns-msft-dd-1729296-increment-pom Follow up to #236 (#237) modified: weblogic-azure-aks/pom.xml Signed-off-by: Ed Burns Signed-off-by: Ed Burns --- weblogic-azure-aks/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weblogic-azure-aks/pom.xml b/weblogic-azure-aks/pom.xml index 2d04c32e0..1102fe0f4 100644 --- a/weblogic-azure-aks/pom.xml +++ b/weblogic-azure-aks/pom.xml @@ -17,7 +17,7 @@ com.oracle.weblogic.azure wls-on-aks-azure-marketplace - 1.0.52 + 1.0.53 com.microsoft.azure.iaas From 01e099895e7bac39d4888d1fbfb980e8df459e80 Mon Sep 17 00:00:00 2001 From: Ed Burns Date: Mon, 30 Jan 2023 13:30:01 -0500 Subject: [PATCH 422/720] =?UTF-8?q?On=20branch=20edburns-msft-em-2763-exte?= =?UTF-8?q?rnalize-verbiage=20Empty=20files=20to=20ho=E2=80=A6=20(#238)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * On branch edburns-msft-em-2763-externalize-verbiage Empty files to hold partner center verbiage new file: weblogic-azure-aks/src/main/resources/marketing-artifacts/partner-center.html new file: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/resources/marketing-artifacts/partner-center.html new file: weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html new file: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html new file: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/partner-center.html Signed-off-by: Ed Burns * copy from Partner Center * On branch edburns-msft-em-2763-externalize-verbiage Constrain to 5000 characters. modified: README.md modified: weblogic-azure-aks/src/main/resources/marketing-artifacts/partner-center.html Signed-off-by: Ed Burns * On branch edburns-msft-em-2763-externalize-verbiage Externalize single node modified: README.md modified: weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/partner-center.html Signed-off-by: Ed Burns * On branch edburns-msft-em-2763-externalize-verbiage Admin offer. modified: README.md modified: weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/resources/marketing-artifacts/partner-center.html Signed-off-by: Ed Burns * On branch edburns-msft-em-2763-externalize-verbiage Configured cluster modified: README.md modified: weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html Signed-off-by: Ed Burns * On branch edburns-msft-em-2763-externalize-verbiage Dynamic cluster3 modified: README.md modified: weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html Signed-off-by: Ed Burns --------- Signed-off-by: Ed Burns --- README.md | 374 ++++++++---------- .../marketing-artifacts/partner-center.html | 75 ++++ .../marketing-artifacts/partner-center.html | 56 +++ .../marketing-artifacts/partner-center.html | 70 ++++ .../marketing-artifacts/partner-center.html | 87 ++++ .../marketing-artifacts/partner-center.html | 51 +++ 6 files changed, 502 insertions(+), 211 deletions(-) create mode 100644 weblogic-azure-aks/src/main/resources/marketing-artifacts/partner-center.html create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/resources/marketing-artifacts/partner-center.html create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html create mode 100644 weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/partner-center.html diff --git a/README.md b/README.md index df000f4fc..82710eaa5 100644 --- a/README.md +++ b/README.md @@ -20,229 +20,181 @@ Please refer to the README for [documentation on WebLogic Server running on an A The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) without domain configuration. -* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. - * OS: Oracle Linux or Red Hat Enterprise Linux - * JDK: Oracle JDK 8, or 11 - * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 -* Computing resources - * A VM with the following configurations: - * Operating system as described in the selected base image. - * Choice of VM size. - * An OS disk attached to the VM. -* Network resources - * A virtual network and a subnet. - * A network security group. - * A network interface. - * A public IP address assigned to the network interface. -* Storage resources - * An Azure Storage Account to store the VM diagnostics profile. -* Key Software components - * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. - * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. - * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. +- The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. + - OS: Oracle Linux or Red Hat Enterprise Linux + - JDK: Oracle JDK 8, or 11 + - WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +- Computing resources + - A VM with the following configurations: + - Operating system as described in the selected base image. + - Choice of VM size. + - An OS disk attached to the VM. +- Network resources + - A virtual network and a subnet. + - A network security group. + - A network interface. + - A public IP address assigned to the network interface. +- Storage resources + - An Azure Storage Account to store the VM diagnostics profile. +- Key Software components + - Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The **ORACLE_HOME** is **/u01/app/wls/install/oracle/middleware/oracle_home**. + - Oracle JDK. The version as described in the selected base image. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}**. + - In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in **/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/**. #### Oracle WebLogic Server with Admin Server -The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain and the Administration Server set up. - -* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. - * OS: Oracle Linux or Red Hat Enterprise Linux - * JDK: Oracle JDK 8, or 11 - * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 -* Computing resources - * A VM to run the Administration Server with the following configuration. - * Operating system as described in the selected base image. - * Choice of VM size. - * An OS disk attached to the VM. -* Network resources - * A virtual network and a subnet. You can also select to bring your own virtual network. - * A network security group if you select to create a new virtual network. - * A network interface. - * A public IP address assigned to the network interface if you select to create a new virtual network. -* Storage resources - * An Azure Storage Account and a file share named `wlsshare`. The mount point is `/mnt/wlsshare`. - * The storage account is also used to store the diagnostics profile of the VM. - * A private endpoint in the same subnet with the VM, which allows the VM to access the file share. -* Key software components - * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. - * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. - * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. - * A WLS domain with the Administration Server up and running. Sign in to the Administration Server is with the Administrator user name and credentials provided to the offer. The default domain name is `adminDomain`, the domain path is `/u01/domains/adminDomain/`. You are able to access the Administration Server and manage the domain via URL `http://:7001/console/`. By default, the offer configures the Administration Server with a self-signed TLS certificate. You are able to access it with HTTPS `https://:7002/console/`. - * If you select to configure WebLogic Administration Console on HTTPS (Secure) port, TLS/SSL termination is performed with your own TLS/SSL certificate. The offer sets up the Administration Server with identity key store and trust key store provided to the offer. The default secure port is `7002`. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. -* Database connectivity - * The offer provides database connectivity using username/password or Azure passwordless database access. - * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. - * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database to user managed identity of VM. -* Access URLs - * Access to the Administration Server via HTTP. If you enable traffic to the Administration Server, the HTTP URLs is `http://:7001/console/`. - * Access to the Administration Server via HTTPS. If you enable traffic to the Administration Server, the HTTPS URL is different for the following scenarios: - * With TLS/SSL termination enabled and custom DNS enabled, the HTTP URLs is `http://.:7002/console/`. - * With on TLS/SSL termination enabled, the HTTP URLs is `http://:7002/console/`. +The offer provisions Oracle WebLogic Server (WLS) with a domain and Administration Server. All supporting Azure resources are automatically provisioned. + +- The offer includes a choice of operating system, JDK, Oracle WLS versions. + - OS: Oracle Linux or Red Hat Enterprise Linux + - JDK: Oracle JDK 8, or 11 + - WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +- Computing resources + - VM with the followings configuration: + - A VM to run the Administration Server. + - Choice of VM size. + - An OS disk attached to the VM. +- Network resources + - A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network. + - A network security group if creating a new virtual network. + - Network interface for VM. + - Public IP address. +- Key software components + - Oracle WLS Enterprise Edition. Version as described in the selected base image. The **ORACLE_HOME** is **/u01/app/wls/install/oracle/middleware/oracle_home**. + - Oracle JDK. The version as described in the selected base image. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}**. + - A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is **adminDomain**, the domain path is **/u01/domains/adminDomain/**. +- Database connectivity + - The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database. + - Some database options support Azure Passwordless database connection. +- Access URLs + - See the deployment outputs for access URLs. #### Oracle WebLogic Server Cluster -The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain, the Administration Server and a configured cluster set up. - -* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. - * OS: Oracle Linux or Red Hat Enterprise Linux - * JDK: Oracle JDK 8, or 11 - * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 -* Computing resources - * VMs with the followings configurations: - * A VM to run the Administration Server and an arbitrary number of VMs to run Managed Servers. - * VMs to run Coherence Cache servers. - * Choice of VM size. - * An OS disk attached to the VM. -* Network resources - * A virtual network and a subnet. You can also select to bring your own virtual network. - * A network security group if you select to create a new virtual network. - * Network interfaces for VMs. - * Public IP addresses assigned to the network interfaces of admin server and managed servers. - * A public IP assigned to Application Gateway if you select to enable Application Gateway. -* Load Balancer - * An Azure Application Gateway if you select to enable it. You can upload TLS/SSL certifiacte or use the certificates stored in a key vault. Otherwise, you can assign an auto-generated self-signed certificate to the application gateway. -* High Availability - * An Azure Availability Set for the VMs. -* Key software components - * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. - * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. - * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. - * A WLS domain with the Administration Server up and running. Sign in to the Administration Server is with the Administrator user name and credentials provided to the offer. The default domain name is `adminDomain`, the domain path is `/u01/domains/adminDomain/`. You are able to access the Administration Server and manage the domain via URL `http://:7001/console/`. By default, the offer configures the Administration Server with a self-signed TLS certificate. You are able to access it with HTTPS `https://:7002/console/`. - * A configured cluster with Managed Servers running. The number of managed servers is specified in the UI when deploying the offer. - * Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. -* Database connectivity - * The offer provides database connectivity using username/password or Azure passwordless database access. - * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. - * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database to user managed identity of VM. -* Access URLs - * Access to the Administration Server via HTTP. If you enable traffic to the Administration Server, the HTTP URLs is `http://:7001/console/`. - * Access to the Administration Server via HTTPS. If you enable traffic to the Administration Server, the HTTPS URL is different for the following scenarios: - * With TLS/SSL termination enabled and custom DNS enabled, the HTTP URLs is `http://.:7002/console/`. - * With on TLS/SSL termination enabled, the HTTP URLs is `http://:7002/console/`. - * Access to cluster and your application via HTTP. If you enable Application Gateway, the HTTP URLs is `http:////`. - * Access to cluster and your application via HTTPS: - * If you enable Application Gateway with signed certificate and custom DNS, the HTTPS URLs is `https://.//`. - * If you enable Application Gateway with self-signed certificate, the HTTPS URLs is `https:////`. +The offer provisions Oracle WebLogic Server (WLS) Enterprise Edition with a domain, the Administration Server and a configured cluster. All supporting Azure resources are automatically provisioned. + +- The offer includes a choice of operating system, JDK, WLS versions. + - OS: Oracle Linux or Red Hat Enterprise Linux + - JDK: Oracle JDK 8, or 11 + - WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +- Computing resources + - VMs with the followings configurations: + - A VM to run the Administration Server and VMs to run Managed Servers. + - VMs to run Coherence Cache servers. + - Choice of VM size. + - An OS disk attached to the VM. +- Load Balancer + - If desired, an Azure Application Gateway (agw). The TLS/SSL certificate for the agw can be uploaded, retrieved from a key vault, or self-signed auto-generated. +- Network resources + - A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network. + - A network security group if creating a new virtual network. + - Network interfaces for VMs. + - Public IP addresses assigned to the network interfaces + - Public IP assigned for agw, if desired. +- High Availability + - An Azure Availability Set for the VMs. +- Key software components + - WLS Enterprise Edition. Version as described in the selected base image. The **ORACLE_HOME** is **/u01/app/wls/install/oracle/middleware/oracle_home**. + - Oracle JDK. The version as described in the selected base image. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}***. + - A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is **adminDomain**, the domain path is **/u01/domains/adminDomain/**. + - A configured cluster with Managed Servers running. The number of managed servers is specified in the UI when deploying the offer. + - Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. +- Database connectivity + - The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database. + - Some database options support Azure Passwordless database connection. +- Access URLs + - See the deployment outputs for access URLs. #### Oracle WebLogic Server Dynamic Cluster -The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain, the Administration Server, and a dynamic cluster set up. - -* The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions. - * OS: Oracle Linux or Red Hat Enterprise Linux - * JDK: Oracle JDK 8, or 11 - * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 -* The offer includes the choice of the following Oracle HTTP Server (OHS) base images - * OS: Oracle Linux - * OHS version 12.2.1.4.0 -* Computing resources - * VMs for Oracle WebLogic Server: - * A VM to run the Administration Server and an arbitrary number of VMs to run Managed Servers. - * VMs to run Coherence Cache servers. - * Operating system as described in the selected base image. - * Choice of VM size. - * An OS disk attached to the VM. - * VMs for Oracle HTTP Server: - * A VM to run the Oracle HTTP Server. - * Choice of VM size. - * An OS disk attached to the VM. -* Network resources - * A virtual network and a subnet. You can also select to bring your own virtual network. - * A network security group if you select to create a new virtual network. - * Network interfaces for VMs. - * Public IP addresses assigned to the network interfaces of the admin server and managed servers. - * Public IP addresses assigned to the network interfaces of cache machines if you select to create a new virtual network and enable Coherence Cache. - * A public IP assigned to Oracle HTTP Server if you select to enable it. -* Load Balancer - * An Oracle HTTP Server if you select to enable it. You can upload TLS/SSL certifiacte or use the certificates stored in a key vault to configure HTTPS. -* Storage resources - * An Azure Storage Account and a file share named `wlsshare`. The mount point is `/mnt/wlsshare`. - * The storage account is also used to store the diagnostics profile of the VMs. - * A private endpoint in the same subnet with the VM, which allows the VM to access the file share. -* Key software components for Oracle WebLogic Server - * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. - * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. - * In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in `/u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/`. - * A WLS domain with the Administration Server up and running. Sign in to the Administration Server is with the Administrator user name and credentials provided to the offer. The default domain name is `adminDomain`, the domain path is `/u01/domains/adminDomain/`. You are able to access the Administration Server and manage the domain via URL `http://:7001/console/`. By default, the offer configures the Administration Server with a self-signed TLS certificate. You are able to access it with HTTPS `https://:7002/console/`. - * A dynamic cluster with spcified number of Managed Servers running. The number of Managed servers is specified by **Initial Dynamic Cluster Size**. The cluster size is specified by **Maximum Dynamic Cluster Size**. - * If you select to configure WebLogic Administration Console on HTTPS (Secure) port, TLS/SSL termination is performed with your own TLS/SSL certificate. The offer sets up the Administration Server with identity key store and trust key store provided to the offer. The default secure port is `7002`. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. - * Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. -* Key software components for Oracle HTTP Server - * Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/ohs/install/oracle/middleware/oracle_home`. - * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. - * A domain is configured based on the node manager user name and credentials provided by the user. The default domain name is `ohsStandaloneDomain`, the domain path is `/u01/domains/ohsStandaloneDomain/`. - * An Oracle HTTP Server Component with default name `ohs_component`. - * If you select to configure your own TLS/SSL certificate, TLS/SSL termination is enabled. The offer sets up the Oracle HTTP Server with the provided identity key store and trust key store. The default secure port is `4444`. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. -* Database connectivity - * The offer provides database connectivity using username/password or Azure passwordless database access. - * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. - * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database to user managed identity of VM. -* Access URLs - * Access to the Administration Server via HTTP. If you enable traffic to the Administration Server, the HTTP URLs is `http://:7001/console/`. - * Access to the Administration Server via HTTPS. If you enable traffic to the Administration Server, the HTTPS URL is different for the following scenarios: - * With TLS/SSL termination enabled and custom DNS enabled, the HTTP URLs is `http://.:7002/console/`. - * With on TLS/SSL termination enabled, the HTTP URLs is `http://:7002/console/`. - * Access to cluster and your application via HTTP. If you enable Oracle HTTP Server, the HTTP URLs is `http://:7777//`. Replace `7777` with your value if you change the default port. - * Access to cluster and your application via HTTPS. If you enable Oracle HTTP Server and custom DNS, the HTTPS URLs is `https://.:4444//`. Replace `4444` with your value if you change the default port. +The offer provisions Oracle WebLogic Server (WLS) Enterprise Edition with a domain, the Administration Server and a dynamic cluster. All supporting Azure resources are automatically provisioned. + +- The offer includes a choice of operating system, JDK, WLS versions. + - OS: Oracle Linux or Red Hat Enterprise Linux + - JDK: Oracle JDK 8, or 11 + - WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 +- The offer includes the choice of the following Oracle HTTP Server (OHS) base images + - OS: Oracle Linux + - OHS version 12.2.1.4.0 +- Computing resources + - VMs for WLS: + - A VM to run the Administration Server and VMs to run Managed Servers. + - VMs to run Coherence Cache servers. + - Choice of VM size. + - An OS disk attached to the VM. + - VM for OHS, if desired: + - Choice of VM size. + - An OS disk attached to the VM. +- Load Balancer + - If desired, an OHS. The TLS/SSL certificate for the agw can be uploaded, retrieved from a key vault, or self-signed auto-generated. +- Network resources + - A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network. + - A network security group if creating a new virtual network. + - Network interfaces for VMs. + - Public IP addresses assigned to the network interfaces. + - A public IP assigned OHS, if desired. +- Storage resources + - An Azure Storage Account and a file share named **wlsshare**. The mount point is **/mnt/wlsshare**. + - The storage account is also used to store the diagnostics profile of the VMs. + - A private endpoint in the same subnet with the VM, which allows the VM to access the file share. +- Key software components for WLS + - WLS Enterprise Edition. Version as described in the selected base image. The **ORACLE_HOME** is **/u01/app/wls/install/oracle/middleware/oracle_home**. + - Oracle JDK. The version as described in the selected base image. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}**. + - A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is **adminDomain**, the domain path is **/u01/domains/adminDomain/**. + - A dynamic cluster with desired number of Managed Servers running. The number of Managed servers is specified by **Initial Dynamic Cluster Size**. The cluster size is specified by **Maximum Dynamic Cluster Size**. + - Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. +- Key software components for OHS + - Version as described in the selected base image. The **ORACLE_HOME** is **/u01/app/ohs/install/oracle/middleware/oracle_home**. + - Oracle JDK. The version as described in the selected base image. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}**. + - A domain is configured based on the node manager user name and credentials provided by the user. The default domain name is **ohsStandaloneDomain**, the domain path is **/u01/domains/ohsStandaloneDomain/**. + - An Oracle HTTP Server Component with default name **ohs_component**. +- Database connectivity + - The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database. + - Some database options support Azure Passwordless database connection. +- Access URLs + - See the deployment outputs for access URLs. ### WLS on AKS -The offer provisions the following Azure resources and an Oracle WebLogic Server Enterprise Edition (WLS) with a domain, the Administration Server and a dynamic cluster set up. - - -* The offer includes the choice of the following Oracle WebLogic Server container images - * Images from Oracle Container Registry (General or Patched images) - * OS: Oracle Linux or Red Hat Enterprise Linux - * JDK: Oracle JDK 8, or 11 - * WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 - * You can specify any arbitrary docker image tag that is available from Oracle Container Registry. - * Images from your own Azure Container Registry. -* Computing resources - * Azure Kubernetes Service cluster - * Dynamically created AKS cluster with - * Choice of Node count. - * Choice of Node size. - * Network plugin: Azure CNI. - * You can also bring your own AKS cluster - * An Azure Container Registry. You can also bring your own container registry. The registry is used to store the WLS and application image. -* Network resources - * A virtual network and a subnet. You can also select to bring your own virtual network. - * Public IP addresses assigned to the managed load balancer and Azure Application Gateway, if selected. -* Load Balancer - * An Azure Application Gateway if you select to enable it. You can upload TLS/SSL certificate or use the certificates stored in a key vault. Otherwise, assign a self-signed certificate to the application gateway. - * Load balancer services if you select to enable it. -* Storage resources - * An Azure Storage Account and a file share named `weblogic` if you select to create Persistent Volume using Azure File share service. The mount point is `/shared`. -* Monitoring resources - * Azure Container Insights and workspace for it if you select to enable Container insights. -* Key software components - * Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The `ORACLE_HOME` is `/u01/app/wls/install/oracle/middleware/oracle_home`. - * Oracle JDK. The version as described in the selected base image. The `JAVA_HOME` is `/u01/app/jdk/jdk-${version}`. - * A WLS domain with the Administration Server up configured based on the provided Administrator user name and credentials. The default domain name is `sample-domain1`, the domain path is `/u01/domains/sample-domain1/`. - * A dynamic cluster with Managed Servers running. The number of Managed Servers is specified by **Number of WebLogic Managed Server replicas**, and cluster size is specified by **Maximum dynamic cluster size**. - * TLS/SSL termination if you select to configure WebLogic Administration Console on HTTPS (Secure) port, with your own TLS/SSL certificate. The offer sets up the Administration Server with the provided identity key store and trust key store. The user also can upload the key stores directly or use key stores from Azure Key Vault. You have to configure the Custom DNS to make the HTTPS URL accessible. -* Database connectivity - * The offer provides database connectivity using username/password or Azure passwordless database access. - * Username/password connections to existing Azure database for PostgreSQL, Oracle database, Azure SQL or MySQL. You can create data source connectivity to the database using connection string, database user name and password. For MySQL, the offer upgrades the built-in [Oracle WebLogic Server MySQL driver](https://aka.ms/wls-jdbc-drivers) with recent [MySQL Connector Java driver](https://mvnrepository.com/artifact/mysql/mysql-connector-java). The MySQL Connector Java driver is stored in `/u01/domains/preclasspath-libraries/` and loaded by setting the **PRE_CLASSPATH**. - * Passwordless connections to Azure database for PostgreSQL and MySQL. Passwordless connection requires PostgreSQL or MySQL instance with Azure Managed Identity connection enabled. The offer downloads [Azure Identity Extension Libraries](https://azuresdkdocs.blob.core.windows.net/$web/java/azure-identity-extensions/1.0.0/index.html) to `/u01/domains/azure-libraries/` and loads them to the WLS runtime by setting **PRE_CLASSPATH** and **CLASS_PATH**. The offer also assigns the managed identity that has access to the database. -* Access URLs - * If you select to enable Application Gateway Ingress Controller: - * Access the cluster: - * The HTTP URLs is `http:////`. - * If you enable Application Gateway with signed certificate and enable custom DNS, the HTTPS URLs is `https://.//`. - * If you enable Application Gateway with self-signed certificate, the HTTPS URLs is `https:////`. - * Access the Administration Server: - * If you select to create ingress for the Administration Server, the HTTP URL is `http:///console/`. - * If you select to create ingress for the Administration Server, enable Application Gateway with self-signed certificate and enable custom DNS, the HTTPs URL is `https://./console/`. - * If you select to enable Azure Load Balancer Service: - * Access the cluster: - * Configure the service name and port. - * The HTTP URLs is `http://://`. - * If you enable WLS TLS/SSL termination and enable custom DNS, the HTTPS URLs is `https://.://`. - * Access the Administration Server: - * Configure the service name and port. - * The HTTP URL to access the Administration Server is `http://:/console/`. - * If you enable WLS TLS/SSL termination and enable custom DNS, the HTTPs URL is `https://.:/console/`. +The offer provisions an Oracle WebLogic Server Enterprise Edition (WLS) and supporting Azure resources. WLS is configured with a domain, the Administration Server and a dynamic cluster set up and running. + +- The offer includes the choice of the following WLS container images + - Images from Oracle Container Registry (OCR) (General or Patched images) + - OS: Oracle Linux or Red Hat Enterprise Linux + - JDK: Oracle JDK 8, or 11 + - WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0 + - You can specify any arbitrary docker image tag that is available from OCR. + - An image from your own Azure Container Registry. +- Computing resources + - Azure Kubernetes Service cluster + - Dynamically created AKS cluster with + - Choice of Node count. + - Choice of Node size. + - Network plugin: Azure CNI. + - If desired, you can also deploy into a pre-existing AKS cluster. + - An Azure Container Registry. If desired, you can select a pre-existing Azure Container Registry. +- Network resources + - A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network. + - Public IP addresses assigned to the managed load balancer and Azure Application Gateway, if selected. +- Load Balancer + - Choice of Azure Application Gateway (agw) or standard load balancer service. With agw, you can upload TLS/SSL certificate, use a certificates stored in a key vault, or allow a self-signed certificate to be generated and installed. +- Storage resources + - An Azure Storage Account and a file share named weblogic if you select to create Persistent Volume using Azure File share service. The mount point is **/shared**. +- Monitoring resources + - If desired, Azure Container Insights and workspace. +- Key software components + - Oracle WebLogic Server Enterprise Edition. The **ORACLE_HOME** is **/u01/app/wls/install/oracle/middleware/oracle_home**. + - This offer always deploys WLS using the 'Model in image' domain home source type. For more information, see the documentation from Oracle. + - WebLogic Kubernetes Operator + - Oracle JDK. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}**. + - A WLS domain with the Administration Server up configured based on the provided Administrator user name and credentials. The default domain name is sample-domain1, the domain path is **/u01/domains/sample-domain1/**. + - A dynamic cluster with Managed Servers running. The number of initial and maximum number of Managed Servers are configurable. +- Database connectivity + - The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database. + - Some database options support Azure Passwordless database connection. +- Access URLs + - See the deployment outputs for access URLs. + ## Examples To get details of how to run Oracle WebLogic Server on Azure Virtual Machines refer to the blog [WebLogic on Azure Virtual Machines Major Release Now Available](https://blogs.oracle.com/weblogicserver/weblogic-on-azure-virtual-machines-major-release-now-available). diff --git a/weblogic-azure-aks/src/main/resources/marketing-artifacts/partner-center.html b/weblogic-azure-aks/src/main/resources/marketing-artifacts/partner-center.html new file mode 100644 index 000000000..ba221ef27 --- /dev/null +++ b/weblogic-azure-aks/src/main/resources/marketing-artifacts/partner-center.html @@ -0,0 +1,75 @@ +

    Name

    +

    Oracle WebLogic Server on Azure Kubernetes Service

    +

    Search results summary

    +

    Provisions an Oracle WebLogic Server dynamic cluster on Azure Kubernetes Service

    +

    Short description

    +

    Provisions an Oracle WebLogic Server dynamic cluster on Azure Kubernetes Service. Integration options include Azure App Gateway, Azure Load Balancer, Azure Container Registry, Azure Files, Azure Application Insights and various databases.

    +

    Description

    +

    The offer provisions an Oracle WebLogic Server Enterprise Edition (WLS) and supporting Azure resources. WLS is configured with a domain, the Administration Server and a dynamic cluster set up and running.

    +
    • The offer includes the choice of the following WLS container images
        +
      • Images from Oracle Container Registry (OCR) (General or Patched images)
          +
        • OS: Oracle Linux or Red Hat Enterprise Linux
          • +
        • JDK: Oracle JDK 8, or 11
          • +
        • WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0
          • +
        • You can specify any arbitrary docker image tag that is available from OCR.
          • +
        +
        • +
      • An image from your own Azure Container Registry.
        • +
      +
      • +
    • Computing resources
        +
      • Azure Kubernetes Service cluster
          +
        • Dynamically created AKS cluster with
            +
          • Choice of Node count.
            • +
          • Choice of Node size.
            • +
          • Network plugin: Azure CNI.
            • +
          +
          • +
        • If desired, you can also deploy into a pre-existing AKS cluster.
          • +
        +
        • +
      • An Azure Container Registry. If desired, you can select a pre-existing Azure Container Registry.
        • +
      +
      • +
    • Network resources
        +
      • A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network.
        • +
      • Public IP addresses assigned to the managed load balancer and Azure Application Gateway, if selected.
        • +
      +
      • +
    • Load Balancer
        +
      • Choice of Azure Application Gateway (agw) or standard load balancer service. With agw, you can upload TLS/SSL certificate, use a certificates stored in a key vault, or allow a self-signed certificate to be generated and installed.
        • +
      +
      • +
    • Storage resources
        +
      • An Azure Storage Account and a file share named weblogic if you select to create Persistent Volume using Azure File share service. The mount point is /shared.
        • +
      +
      • +
    • Monitoring resources
        +
      • If desired, Azure Container Insights and workspace.
        • +
      +
      • +
    • Key software components
        +
      • Oracle WebLogic Server Enterprise Edition. The ORACLE_HOME is /u01/app/wls/install/oracle/middleware/oracle_home.
        • +
      • This offer always deploys WLS using the 'Model in image' domain home source type. For more information, see the documentation from Oracle.
        • +
      • WebLogic Kubernetes Operator
        • +
      • Oracle JDK. The JAVA_HOME is /u01/app/jdk/jdk-${version}.
        • +
      • A WLS domain with the Administration Server up configured based on the provided Administrator user name and credentials. The default domain name is sample-domain1, the domain path is /u01/domains/sample-domain1/.
        • +
      • A dynamic cluster with Managed Servers running. The number of initial and maximum number of Managed Servers are configurable.
        • +
      +
      • +
    • Database connectivity
        +
      • The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database.
        • +
      • Some database options support Azure Passwordless database connection.
        • +
      +
      • +
    • Access URLs
        +
      • See the deployment outputs for access URLs.
        • +
      +
      • +
    +

    The Oracle WebLogic Server (WLS) Enterprise Edition on Azure Kubernetes Service (AKS) offer lets you embrace cloud computing by providing greater choice and flexibility for WLS migration. The offer enables you to move WLS workloads to AKS as quickly and easily as possible by automating the provisioning of a number of Java and Azure resources.

    +

    After deployment, you can use DevOps tool such as GitHub Actions to work with the cluster.

    +

    Oracle and Microsoft also provide basic step-by-step guidance on getting started with WLS and AKS. This guidance is suitable for customers that wish to remain as close as possible to a native Kubernetes manual deployment experience.

    +

    Oracle and Microsoft also provide similar offers targeting Azure virtual machines. The WebLogic on virtual machines offers address a range of scenarios such as single node with an admin server or WebLogic cluster. All offers are listed in the Useful links section at the bottom of the solution overview page.

    +

    This offer is Bring-Your-Own-License. It assumes you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

    +

    If you want to provide feedback on this offer, stay updated on the roadmap, or work closely on your migration scenarios with the engineering team developing this offer, click on the CONTACT ME button on the marketplace WebLogic on Azure offer overview page.

    diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/resources/marketing-artifacts/partner-center.html b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/resources/marketing-artifacts/partner-center.html new file mode 100644 index 000000000..c7948c462 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-admin/src/main/resources/marketing-artifacts/partner-center.html @@ -0,0 +1,56 @@ +

    Name

    +

    Oracle WebLogic Server with Admin Server

    +

    Search results summary

    +

    Provisions WebLogic Server with an Admin only domain.

    +

    Short description

    +

    Provisions WebLogic Server Enterprise Edition with an Admin only domain, and starts the Administration Server. Supports integration with databases and Azure Active Directory.

    +

    Description

    + +

    The offer provisions Oracle WebLogic Server (WLS) with a domain and Administration Server. All supporting Azure resources are automatically provisioned.

    +
      +
    • The offer includes a choice of operating system, JDK, Oracle WLS versions.
        +
      • OS: Oracle Linux or Red Hat Enterprise Linux
        • +
      • JDK: Oracle JDK 8, or 11
        • +
      • WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0
        • +
      +
      • +
    • Computing resources
        +
      • VM with the followings configuration:
          +
        • A VM to run the Administration Server.
          • +
        • Choice of VM size.
          • +
        +
        • +
      • An OS disk attached to the VM.
        • +
      +
      • +
    • Network resources
        +
      • A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network.
        • +
      • A network security group if creating a new virtual network.
        • +
      • Network interface for VM.
        • +
      • Public IP address.
        • +
      +
      • +
    • Key software components
        +
      • Oracle WLS Enterprise Edition. Version as described in the selected base image. The ORACLE_HOME is /u01/app/wls/install/oracle/middleware/oracle_home.
        • +
      • Oracle JDK. The version as described in the selected base image. The JAVA_HOME is /u01/app/jdk/jdk-${version}.
        • +
      • A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is adminDomain, the domain path is /u01/domains/adminDomain/.
        • +
      +
      • +
    • Database connectivity
        +
      • The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database.
        • +
      • Some database options support Azure Passwordless database connection.
        • +
      +
      • +
    • Access URLs
        +
      • See the deployment outputs for access URLs.
        • +
      +
      • +
    + +

    WLS on Azure virtual machines offers enable you to embrace cloud computing by providing greater choice and flexibility for WLS migration. The offers enable you to lift and shift WLS workloads to virtual machines. After provisioning, you can customize the resources and focus on deploying your applications.

    +

    Additional offers support different common use cases such as a single working instance with Admin Server enabled as well as highly available clusters.

    +

    This specific offer provisions a single virtual machine and installs Oracle WLS Enterprise Edition on it. It creates a domain and starts the Administration Server, which allows you to manage the domain. For complete instructions, please follow the official documentation.

    +

    This offer supports a range of operating system, Java and WebLogic versions such as WLS 14 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

    +

    In addition to the WLS on virtual machines offers, Oracle and Microsoft also provide a similar solution targeting the Azure Kubernetes Service (AKS). All offers are listed in the Useful links section at the bottom of the solution overview page.

    +

    These offers are all Bring-Your-Own-License. They assume you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

    +

    If you want to work closely on your migration scenarios with the engineering team developing these offers, just click on the CONTACT ME button on the solution overview page. Program managers, architects and engineers will reach back out to you shortly and initiate collaboration!

    diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html new file mode 100644 index 000000000..671f8c140 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html @@ -0,0 +1,70 @@ +

    Name

    +

    Oracle WebLogic Server Cluster

    +

    Search results summary

    +

    Provisions an n-node Oracle WebLogic Server Cluster.

    +

    Short description

    +

    Provisions an n-node Oracle WebLogic Server cluster. Supports integration with Azure App Gateway, databases, Azure Active Directory, ELK and Coherence.

    +

    Description

    + +

    The offer provisions Oracle WebLogic Server (WLS) Enterprise Edition with a domain, the Administration Server and a configured cluster. All supporting Azure resources are automatically provisioned.

    +
      +
    • The offer includes a choice of operating system, JDK, WLS versions.
        +
      • OS: Oracle Linux or Red Hat Enterprise Linux
        • +
      • JDK: Oracle JDK 8, or 11
        • +
      • WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0
        • +
      +
      • +
    • Computing resources
        +
      • VMs with the followings configurations:
          +
        • A VM to run the Administration Server and VMs to run Managed Servers.
          • +
        • VMs to run Coherence Cache servers.
          • +
        • Choice of VM size.
          • +
        +
        • +
      • An OS disk attached to the VM.
        • +
      +
      • +
    • Load Balancer
        +
      • If desired, an Azure Application Gateway (agw). The TLS/SSL certificate for the agw can be uploaded, retrieved from a key vault, or self-signed auto-generated.
        • +
      +
      • +
    • Network resources
        +
      • A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network.
        • +
      • A network security group if creating a new virtual network.
        • +
      • Network interfaces for VMs.
        • +
      • Public IP addresses assigned to the network interfaces
        • +
      • Public IP assigned for agw, if desired.
        • +
      +
      • +
    • High Availability
        +
      • An Azure Availability Set for the VMs.
        • +
      +
      • +
    • Key software components
        +
      • WLS Enterprise Edition. Version as described in the selected base image. The ORACLE_HOME is /u01/app/wls/install/oracle/middleware/oracle_home.
        • +
      • Oracle JDK. The version as described in the selected base image. The JAVA_HOME is /u01/app/jdk/jdk-${version}.
          +
        • A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is adminDomain, the domain path is /u01/domains/adminDomain/.
          • +
        +
        • +
      • A configured cluster with Managed Servers running. The number of managed servers is specified in the UI when deploying the offer.
        • +
      • Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers.
        • +
      +
      • +
    • Database connectivity
        +
      • The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database.
        • +
      • Some database options support Azure Passwordless database connection.
        • +
      +
      • +
    • Access URLs
        +
      • See the deployment outputs for access URLs.
        • +
      +
      • +
    + +

    WLS on Azure virtual machines offers enable you to embrace cloud computing by providing greater choice and flexibility for WLS migration. The offers enable you to lift and shift WLS workloads to virtual machines. After provisioning, you can customize the resources and focus on deploying your applications.

    +

    Additional offers support different common use cases such as a single working instance with Admin Server enabled as well as highly available clusters.

    +

    This specific offer creates a highly available cluster of WLS Enterprise Edition virtual machines. The Administration Server and all managed servers are started by default, which allow you to manage the domain with a browser. For complete instructions, please follow the official documentation.

    +

    This offer supports a range of operating system, Java and WebLogic versions such as WLS 14 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

    +

    In addition to the WLS on virtual machines offers, Oracle and Microsoft also provide a similar solution targeting the Azure Kubernetes Service (AKS). All offers are listed in the Useful links section at the bottom of the solution overview page.

    +

    These offers are all Bring-Your-Own-License. They assume you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

    +

    If you want to work closely on your migration scenarios with the engineering team developing these offers, just click on the CONTACT ME button on the solution overview page. Program managers, architects and engineers will reach back out to you shortly and initiate collaboration!

    diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html new file mode 100644 index 000000000..677c813eb --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html @@ -0,0 +1,87 @@ +

    Name

    +

    Oracle WebLogic Server Dynamic Cluster

    +

    Search results summary

    +

    Provisions an n-node Oracle WebLogic Server dynamic cluster.

    +

    Short description

    +

    Provisions an n-node Oracle WebLogic Server Enterprise Edition dynamic cluster. Supports integration with Oracle HTTP Server, databases, Azure Active Directory, ELK and Coherence.

    +

    Description

    + +

    The offer provisions Oracle WebLogic Server (WLS) Enterprise Edition with a domain, the Administration Server and a dynamic cluster. All supporting Azure resources are automatically provisioned.

    +
      +
    • The offer includes a choice of operating system, JDK, WLS versions.
        +
      • OS: Oracle Linux or Red Hat Enterprise Linux
        • +
      • JDK: Oracle JDK 8, or 11
        • +
      • WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0
        • +
      +
      • +
    • The offer includes the choice of the following Oracle HTTP Server (OHS) base images
        +
      • OS: Oracle Linux
        • +
      • OHS version 12.2.1.4.0
        • +
      +
      • +
    • Computing resources
        +
      • VMs for WLS:
          +
        • A VM to run the Administration Server and VMs to run Managed Servers.
          • +
        • VMs to run Coherence Cache servers.
          • +
        • Choice of VM size.
          • +
        • An OS disk attached to the VM.
          • +
        +
        • +
      • VM for OHS, if desired:
          +
        • Choice of VM size.
          • +
        • An OS disk attached to the VM.
          • +
        +
        • +
      +
      • +
    • Load Balancer
        +
      • If desired, an OHS. The TLS/SSL certificate for the agw can be uploaded, retrieved from a key vault, or self-signed auto-generated.
        • +
      +
      • +
    • Network resources
        +
      • A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network.
        • +
      • A network security group if creating a new virtual network.
        • +
      • Network interfaces for VMs.
        • +
      • Public IP addresses assigned to the network interfaces.
        • +
      • A public IP assigned OHS, if desired.
        • +
      +
      • +
    • Storage resources
        +
      • An Azure Storage Account and a file share named wlsshare. The mount point is /mnt/wlsshare.
        • +
      • The storage account is also used to store the diagnostics profile of the VMs.
        • +
      • A private endpoint in the same subnet with the VM, which allows the VM to access the file share.
        • +
      +
      • +
    • Key software components for WLS
        +
      • WLS Enterprise Edition. Version as described in the selected base image. The ORACLE_HOME is /u01/app/wls/install/oracle/middleware/oracle_home.
        • +
      • Oracle JDK. The version as described in the selected base image. The JAVA_HOME is /u01/app/jdk/jdk-${version}*.
        • +
      • A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is adminDomain, the domain path is /u01/domains/adminDomain/.
          +
        • A dynamic cluster with desired number of Managed Servers running. The number of Managed servers is specified by Initial Dynamic Cluster Size. The cluster size is specified by Maximum Dynamic Cluster Size.
          • +
        • Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers.
          • +
        +
        • +
      +
      • +
    • Key software components for OHS
        +
      • Version as described in the selected base image. The ORACLE_HOME is /u01/app/ohs/install/oracle/middleware/oracle_home.
        • +
      • Oracle JDK. The version as described in the selected base image. The JAVA_HOME is /u01/app/jdk/jdk-${version}.
        • +
      • A domain is configured based on the node manager user name and credentials provided by the user. The default domain name is ohsStandaloneDomain, the domain path is /u01/domains/ohsStandaloneDomain/.
        • +
      • An Oracle HTTP Server Component with default name ohs_component.
        • +
      +
      • +
    • Database connectivity
        +
      • The offer provides database connectivity for PostgreSQL, Oracle database, Azure SQL, MySQL, or an arbitrary JDBC compliant database.
        • +
      • Some database options support Azure Passwordless database connection.
        • +
      +
      • +
    • Access URLs
        +
      • See the deployment outputs for access URLs.
        • +
      +
      • +
    + +

    WLS on Azure virtual machines offers enable you to lift and shift WLS workloads to virtual machines. After provisioning, you can customize the resources and focus on deploying your applications.

    +

    Additional offers support different common use cases such as a single working instance with Admin Server enabled as well as highly available clusters.

    +

    For complete instructions, please follow the official documentation.

    +

    Please explore additional offers in the Useful links section at the bottom of the solution overview page.

    +

    These offers are all Bring-Your-Own-License. They assume you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

    diff --git a/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/partner-center.html b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/partner-center.html new file mode 100644 index 000000000..ead9969a5 --- /dev/null +++ b/weblogic-azure-vm/arm-oraclelinux-wls/src/main/resources/marketing-artifacts/partner-center.html @@ -0,0 +1,51 @@ +

    Name

    +

    Oracle WebLogic Server Single Node

    +

    Search results summary

    +

    Provisions a Single Node Oracle WebLogic Server.

    +

    Short description

    +

    Create a single virtual machine with WebLogic pre-installed.

    +

    Description

    + +

    The offer provisions the following Azure resources based on Oracle WebLogic Server base images and an Oracle WebLogic Server Enterprise Edition (WLS) without domain configuration.

    +
      +
    • The offer includes a choice of operating system, JDK, Oracle WebLogic Server versions.
        +
      • OS: Oracle Linux or Red Hat Enterprise Linux
        • +
      • JDK: Oracle JDK 8, or 11
        • +
      • WLS version: 12.2.1.3, 12.2.1.4, 14.1.1.0
        • +
      +
      • +
    • Computing resources
        +
      • A VM with the following configurations:
          +
        • Operating system as described in the selected base image.
          • +
        • Choice of VM size.
          • +
        +
        • +
      • An OS disk attached to the VM.
        • +
      +
      • +
    • Network resources
        +
      • A virtual network and a subnet.
        • +
      • A network security group.
        • +
      • A network interface.
        • +
      • A public IP address assigned to the network interface.
        • +
      +
      • +
    • Storage resources
        +
      • An Azure Storage Account to store the VM diagnostics profile.
        • +
      +
      • +
    • Key Software components
        +
      • Oracle WebLogic Server Enterprise Edition. Version as described in the selected base image. The ORACLE_HOME is /u01/app/wls/install/oracle/middleware/oracle_home.
        • +
      • Oracle JDK. The version as described in the selected base image. The JAVA_HOME is /u01/app/jdk/jdk-${version}.
        • +
      • In addition to the database drivers that come standard with WLS, the offer includes the most recent supported PostgreSQL JDBC driver and Microsoft SQL JDBC driver. The drivers are stored in /u01/app/wls/install/oracle/middleware/oracle_home/wlserver/server/lib/.
        • +
      +
      • +
    + +

    Oracle WebLogic Server (WLS) on Azure virtual machines offers enable you to embrace cloud computing by providing greater choice and flexibility for WLS migration. The offers enable you to lift and shift WLS workloads to virtual machines as quickly and easily as possible. The goal of the offers is to minimize boilerplate work by automatically provisioning virtual network, storage and Linux resources, installing WLS, setting up security with a network security group, easing database connectivity, configuring load-balancing with App Gateway or Oracle HTTP Server, connecting to Azure Active Directory, enabling centralized logging via ELK as well as integrating distributed caching with Oracle Coherence. After the offers perform most boilerplate resource provisioning and configuration, you can focus on deploying your applications. You are completely free to customize the provisioned resources further.

    +

    There are a number of virtual machines based offers that support different common use cases such as a single working instance with Admin Server enabled as well as highly available clusters.

    +

    This specific offer provisions a single virtual machine and installs Oracle WebLogic Server Enterprise Edition on it. It does not create a domain or start the Administration Server, which is useful for scenarios with highly customized domain configuration. For complete instructions, please follow the official documentation.

    +

    This offer supports a range of operating system, Java and WebLogic versions such as WLS 14 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

    +

    In addition to the WLS on virtual machines offers, Oracle and Microsoft also provide a similar solution targeting the Azure Kubernetes Service (AKS). All offers are listed in the Useful links section at the bottom of the solution overview page.

    +

    These offers are all Bring-Your-Own-License. They assume you have already procured the appropriate licenses with Oracle and are properly licensed to run offers in Microsoft Azure.

    +

    If you want to work closely on your migration scenarios with the engineering team developing these offers, just click on the CONTACT ME button on the solution overview page. Program managers, architects and engineers will reach back out to you shortly and initiate collaboration!

    From 7a27924808af5c3f42eaff7230716a2b17a9ddab Mon Sep 17 00:00:00 2001 From: Oleksandra Pavlusieva Date: Thu, 9 Feb 2023 23:21:45 +0200 Subject: [PATCH 423/720] Update SECURITY.md (#242) --- SECURITY.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 3c4ad917a..fb2384138 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -21,9 +21,7 @@ security features are welcome on GitHub Issues. Security updates will be released on a regular cadence. Many of our projects will typically release security fixes in conjunction with the -[Oracle Critical Patch Update][3] program. Security updates are released on the -Tuesday closest to the 17th day of January, April, July and October. A pre-release -announcement will be published on the Thursday preceding each release. Additional +[Oracle Critical Patch Update][3] program. Additional information, including past advisories, is available on our [security alerts][4] page. From fd2d080760c0dabd0054b8ee25f9189043390405 Mon Sep 17 00:00:00 2001 From: Galia Cheng Date: Fri, 10 Feb 2023 05:33:08 +0800 Subject: [PATCH 424/720] update deployment description (#239) Changes to be committed: modified: ../README.md modified: ../weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html modified: ../weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html --- README.md | 6 +++--- .../main/resources/marketing-artifacts/partner-center.html | 2 +- .../main/resources/marketing-artifacts/partner-center.html | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 82710eaa5..edcd34c56 100644 --- a/README.md +++ b/README.md @@ -96,7 +96,7 @@ The offer provisions Oracle WebLogic Server (WLS) Enterprise Edition with a doma - Key software components - WLS Enterprise Edition. Version as described in the selected base image. The **ORACLE_HOME** is **/u01/app/wls/install/oracle/middleware/oracle_home**. - Oracle JDK. The version as described in the selected base image. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}***. - - A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is **adminDomain**, the domain path is **/u01/domains/adminDomain/**. + - A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is **wlsd**, the domain path is **/u01/domains/wlsd/**. - A configured cluster with Managed Servers running. The number of managed servers is specified in the UI when deploying the offer. - Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. - Database connectivity @@ -126,7 +126,7 @@ The offer provisions Oracle WebLogic Server (WLS) Enterprise Edition with a doma - Choice of VM size. - An OS disk attached to the VM. - Load Balancer - - If desired, an OHS. The TLS/SSL certificate for the agw can be uploaded, retrieved from a key vault, or self-signed auto-generated. + - If desired, an OHS. The TLS/SSL certificate for the OHS can be uploaded, or retrieved from a key vault. - Network resources - A virtual network and a subnet. If desired, you can deploy into a pre-existing virtual network. - A network security group if creating a new virtual network. @@ -140,7 +140,7 @@ The offer provisions Oracle WebLogic Server (WLS) Enterprise Edition with a doma - Key software components for WLS - WLS Enterprise Edition. Version as described in the selected base image. The **ORACLE_HOME** is **/u01/app/wls/install/oracle/middleware/oracle_home**. - Oracle JDK. The version as described in the selected base image. The **JAVA_HOME** is **/u01/app/jdk/jdk-${version}**. - - A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is **adminDomain**, the domain path is **/u01/domains/adminDomain/**. + - A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is **wlsd**, the domain path is **/u01/domains/wlsd/**. - A dynamic cluster with desired number of Managed Servers running. The number of Managed servers is specified by **Initial Dynamic Cluster Size**. The cluster size is specified by **Maximum Dynamic Cluster Size**. - Coherence Cache. If you select to enable Coherence Cache, the offer creates a data tier configured with Managed Coherence cache servers. - Key software components for OHS diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html index 671f8c140..837581c4d 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html +++ b/weblogic-azure-vm/arm-oraclelinux-wls-cluster/src/main/resources/marketing-artifacts/partner-center.html @@ -43,7 +43,7 @@

    Description

  • Key software components
    • WLS Enterprise Edition. Version as described in the selected base image. The ORACLE_HOME is /u01/app/wls/install/oracle/middleware/oracle_home.
    • Oracle JDK. The version as described in the selected base image. The JAVA_HOME is /u01/app/jdk/jdk-${version}.
        -
      • A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is adminDomain, the domain path is /u01/domains/adminDomain/.
        • +
      • A WLS domain with the Administration Server up and running. Admin server sign in with the user name and password provided to the offer. The default domain name is wlsd, the domain path is /u01/domains/wlsd/.
    • A configured cluster with Managed Servers running. The number of managed servers is specified in the UI when deploying the offer.
      • diff --git a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html index 677c813eb..8be603e4a 100644 --- a/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html +++ b/weblogic-azure-vm/arm-oraclelinux-wls-dynamic-cluster/src/main/resources/marketing-artifacts/partner-center.html @@ -35,7 +35,7 @@

      Description

  • Load Balancer
      -
    • If desired, an OHS. The TLS/SSL certificate for the agw can be uploaded, retrieved from a key vault, or self-signed auto-generated.
      • +
    • If desired, an OHS. The TLS/SSL certificate for the OHS can be uploaded, or retrieved from a key vault.

    • There are several offers that target use cases such as single node with admin server enabled and WLS cluster (including dynamic cluster). These offers supports a range of operating system, Java and WebLogic versions such as WLS 14 and JDK 11 on Oracle Linux 7.6 through base images. These base images are also available on Azure on their own. The base images are suitable for customers that require very highly customized Azure deployments. The current set of base images are available in the Azure marketplace.

  • Network resources