From 73f28aee1f779acfdee258569cb39a9bbc2fa227 Mon Sep 17 00:00:00 2001 From: Rob Szkutak Date: Sun, 24 Apr 2016 16:50:36 -0500 Subject: [PATCH 1/3] Support different user credentials for different Roxy operations - #438 --- deploy/default.properties | 460 +++++++++++++++++++----------------- deploy/lib/server_config.rb | 10 + 2 files changed, 247 insertions(+), 223 deletions(-) diff --git a/deploy/default.properties b/deploy/default.properties index 50854945..319d950e 100755 --- a/deploy/default.properties +++ b/deploy/default.properties @@ -1,228 +1,242 @@ -################################################################# -# -# DO NOT EDIT -# -# This file contains default application configuration options. -# Don't mess with this file. Instead, copy what you need to -# build.properties and edit there. -# This process makes upgrading Roxy easier. -################################################################# - -# -# the location of your code to load into ML -# -xquery.dir=${basedir}/src - -# -# MarkLogic application servers exist inside a group. ML Instances start off -# with a group called "Default". -# -group=Default - -# -# The type of application. Choices are: -# bare: a bare Roxy app project -# mvc: a normal, XQuery-based Roxy MVC app -# rest: an app based on the ML6 REST API -# hybrid: an app that uses Roxy rewriting and the ML6 REST API -# -app-type=mvc - -# -# the location of your REST API options -# relevant to app-types rest and hybrid. -# -rest-options.dir=${basedir}/rest-api/config - -# -# the location of your xml data to load into ML -# -data.dir=${basedir}/data - -# -# the location of your marklogic configuration file -# -config.file=${basedir}/deploy/ml-config.xml - +################################################################# +# +# DO NOT EDIT +# +# This file contains default application configuration options. +# Don't mess with this file. Instead, copy what you need to +# build.properties and edit there. +# This process makes upgrading Roxy easier. +################################################################# + +# +# the location of your code to load into ML +# +xquery.dir=${basedir}/src + +# +# MarkLogic application servers exist inside a group. ML Instances start off +# with a group called "Default". +# +group=Default + +# +# The type of application. Choices are: +# bare: a bare Roxy app project +# mvc: a normal, XQuery-based Roxy MVC app +# rest: an app based on the ML6 REST API +# hybrid: an app that uses Roxy rewriting and the ML6 REST API +# +app-type=mvc + +# +# the location of your REST API options +# relevant to app-types rest and hybrid. +# +rest-options.dir=${basedir}/rest-api/config + +# +# the location of your xml data to load into ML +# +data.dir=${basedir}/data + +# +# the location of your marklogic configuration file +# +config.file=${basedir}/deploy/ml-config.xml + # the location of your triggers configuration file # see sample at deploy/sample/triggers-config.sample.xml # triggers.file=${basedir}/deploy/triggers-config.xml -# -# the location of your schemas -# -schemas.dir=${basedir}/schemas -schemas.root=/ - -# -# Admin username/password that will exist on the local/dev/prod servers -# -user=admin -password=admin - -# -# Your Application's name -# -app-name=roxy -modules-root=/ -modules-prefix=/ - -# The role that is given permissions and execute privileges -app-role=${app-name}-role - -# -# The names of your databases. Forests are given the same names -# -app-modules-db=${app-name}-modules -content-db=${app-name}-content -modules-db=${app-name}-modules - -# -# Number of forests to create per host in the group for the content-db -# -content-forests-per-host=1 - -# -# A location on disk to store the forest data. "data directory" in the admin ui -# -# forest-data-dir= - -## Unit Testing -# Leave commented out for no test db -# turn it on if you are using the roxy unit tester -# Note: to activate Unit Testing, you must have test-content-db and test-port defined -# test-content-db=${app-name}-content-test -# test-modules-db=${app-modules-db} -# -# The authentication method used for your test appserver -# application-level, basic, digest, digestbasic -# -# test-authentication-method=digest -# -# Leave commented out for no test appserver -# turn it on if you are using the roxy unit tester -# test-port=8042 -# -# the environments in which we DO NOT want to deploy tests -# typically your production environment. -do-not-deploy-tests=prod -# -# the location of your unit test code -xquery-test.dir=${basedir}/src/test - - -# Leave commented out for default -# schemas-db=${app-name}-schemas - -# Leave commented out for default -# turn it on if you are using triggers or CPF -# triggers-db=${app-name}-triggers - -# -# the port that the Manage appserver is running on -# Manage appserver is required for boostrapping -# -bootstrap-port-five=8002 -bootstrap-port-four=8000 - -# -# The port used to access QConsole (App-Services app server) -# -qconsole-port=8000 - -# -# If true, .html files under the src directory will be loaded as XML. -# If false, they will be loaded using the MarkLogic default behavior, which is -# to treat them as text. -# -load-html-as-xml=false - -# -# If true, .js and .css files under the src directory will be loaded as binary. -# If false, they will be loaded using the MarkLogic default behavior, which is -# to treat them as text. -# -load-js-as-binary=true -load-css-as-binary=true - -# -# The ports used by your application -# -app-port=8040 -xcc-port=8041 - -# -# set this to false if you are using an existing XCC server and -# you don't want Roxy to manage it for you -# -install-xcc=true - -# -# set this to true if you are using https for your app servers -# -use-https=false - -## Security -# -# The authentication used for your appserver -# -authentication-method=digest -default-user=${app-name}-user -# -# Providing a default empty value -ssl-certificate-template= - -# -# The default values point to Roxy file -# -url-rewriter=/roxy/rewrite.xqy -error-handler=/roxy/error.xqy -rewrite-resolves-globally= - -# Environments recognized by Roxy -environments=local,dev,prod - -# -# The Major version of ML server across your environments (6, 7, or 8). You can override -# this value in build.properties if all of your servers are the same version -# or override it in each ${env}.properties file if each server has a different -# version. -# -server-version=8 - -# -# the uris or IP addresses of your servers -# WARNING: if you are running these scripts on windows you may need to change localhost to 127.0.0.1 -# There have been reported issues with dns resolution when localhost wasn't in the hosts file. -# -local-server=localhost -#dev-server= -#cert-server= -#prod-server= - -# -# If you want to use MLCP, make sure mlcp-home is configured correctly. Using a common location as default. -# -mlcp-home=/usr/local/mlcp -mlcp-vmargs=-Xmx512m -mlcp-user=${user} -mlcp-password=${password} - -# -# Temporary fix to support MarkLogic 8 EA2 -# -evaler-port=7998 - -# -# List of MarkLogic system databases, for replication -# -system-dbs=App-Services,Documents,Extensions,Fab,Last-Login,Meters,Modules,Schemas,Security,Triggers - -# -# HTTP connection settings -# -http.retry-count=3 -http.open-timeout=5 -http.read-timeout=300 -http.retry-delay=15 +# +# the location of your schemas +# +schemas.dir=${basedir}/schemas +schemas.root=/ + +# +# Default username/password that will exist on the local/dev/prod servers +# +user=admin +password=admin + +# +# Username/password used for bootstrap, wipe and restart operations if specified +# +# bootstrap-user= +# bootstrap-password= + + +# +# Username/password used for deployment operations if specified +# +# deploy-user= +# deploy-password= + + +# +# Your Application's name +# +app-name=roxy +modules-root=/ +modules-prefix=/ + +# The role that is given permissions and execute privileges +app-role=${app-name}-role + +# +# The names of your databases. Forests are given the same names +# +app-modules-db=${app-name}-modules +content-db=${app-name}-content +modules-db=${app-name}-modules + +# +# Number of forests to create per host in the group for the content-db +# +content-forests-per-host=1 + +# +# A location on disk to store the forest data. "data directory" in the admin ui +# +# forest-data-dir= + +## Unit Testing +# Leave commented out for no test db +# turn it on if you are using the roxy unit tester +# Note: to activate Unit Testing, you must have test-content-db and test-port defined +# test-content-db=${app-name}-content-test +# test-modules-db=${app-modules-db} +# +# The authentication method used for your test appserver +# application-level, basic, digest, digestbasic +# +# test-authentication-method=digest +# +# Leave commented out for no test appserver +# turn it on if you are using the roxy unit tester +# test-port=8042 +# +# the environments in which we DO NOT want to deploy tests +# typically your production environment. +do-not-deploy-tests=prod +# +# the location of your unit test code +xquery-test.dir=${basedir}/src/test + + +# Leave commented out for default +# schemas-db=${app-name}-schemas + +# Leave commented out for default +# turn it on if you are using triggers or CPF +# triggers-db=${app-name}-triggers + +# +# the port that the Manage appserver is running on +# Manage appserver is required for boostrapping +# +bootstrap-port-five=8002 +bootstrap-port-four=8000 + +# +# The port used to access QConsole (App-Services app server) +# +qconsole-port=8000 + +# +# If true, .html files under the src directory will be loaded as XML. +# If false, they will be loaded using the MarkLogic default behavior, which is +# to treat them as text. +# +load-html-as-xml=false + +# +# If true, .js and .css files under the src directory will be loaded as binary. +# If false, they will be loaded using the MarkLogic default behavior, which is +# to treat them as text. +# +load-js-as-binary=true +load-css-as-binary=true + +# +# The ports used by your application +# +app-port=8040 +xcc-port=8041 + +# +# set this to false if you are using an existing XCC server and +# you don't want Roxy to manage it for you +# +install-xcc=true + +# +# set this to true if you are using https for your app servers +# +use-https=false + +## Security +# +# The authentication used for your appserver +# +authentication-method=digest +default-user=${app-name}-user +# +# Providing a default empty value +ssl-certificate-template= + +# +# The default values point to Roxy file +# +url-rewriter=/roxy/rewrite.xqy +error-handler=/roxy/error.xqy +rewrite-resolves-globally= + +# Environments recognized by Roxy +environments=local,dev,prod + +# +# The Major version of ML server across your environments (6, 7, or 8). You can override +# this value in build.properties if all of your servers are the same version +# or override it in each ${env}.properties file if each server has a different +# version. +# +server-version=8 + +# +# the uris or IP addresses of your servers +# WARNING: if you are running these scripts on windows you may need to change localhost to 127.0.0.1 +# There have been reported issues with dns resolution when localhost wasn't in the hosts file. +# +local-server=localhost +#dev-server= +#cert-server= +#prod-server= + +# +# If you want to use MLCP, make sure mlcp-home is configured correctly. Using a common location as default. +# +mlcp-home=/usr/local/mlcp +mlcp-vmargs=-Xmx512m +mlcp-user=${user} +mlcp-password=${password} + +# +# Temporary fix to support MarkLogic 8 EA2 +# +evaler-port=7998 + +# +# List of MarkLogic system databases, for replication +# +system-dbs=App-Services,Documents,Extensions,Fab,Last-Login,Meters,Modules,Schemas,Security,Triggers + +# +# HTTP connection settings +# +http.retry-count=3 +http.open-timeout=5 +http.read-timeout=300 +http.retry-delay=15 diff --git a/deploy/lib/server_config.rb b/deploy/lib/server_config.rb index 09d8b860..903454a3 100644 --- a/deploy/lib/server_config.rb +++ b/deploy/lib/server_config.rb @@ -631,6 +631,9 @@ def config def bootstrap raise ExitException.new("Bootstrap requires the target environment's hostname to be defined") unless @hostname.present? + @ml_username = @properties['ml.bootstrap-user'] || @properties['ml.user'] + @ml_password = @properties['ml.bootstrap-password'] || @properties['ml.password'] + internals = find_arg(['--replicate-internals']) if internals @@ -728,6 +731,10 @@ def bootstrap end def wipe + + @ml_username = @properties['ml.bootstrap-user'] || @properties['ml.user'] + @ml_password = @properties['ml.bootstrap-password'] || @properties['ml.password'] + if @environment != "local" expected_response = %Q{I WANT TO WIPE #{@environment.upcase}} print %Q{ @@ -917,6 +924,9 @@ def validate_install alias_method :validate, :validate_install def deploy + @ml_username = @properties['ml.deploy-user'] || @properties['ml.user'] + @ml_password = @properties['ml.deploy-password'] || @properties['ml.password'] + what = ARGV.shift raise HelpException.new("deploy", "Missing WHAT") unless what From 3ce79f1c44446064dbb8387b778f9c27903afcc4 Mon Sep 17 00:00:00 2001 From: Rob Szkutak Date: Tue, 26 Apr 2016 08:20:41 -0500 Subject: [PATCH 2/3] Giving a few more functions a specific default user --- deploy/lib/server_config.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy/lib/server_config.rb b/deploy/lib/server_config.rb index 903454a3..b3aa81b0 100644 --- a/deploy/lib/server_config.rb +++ b/deploy/lib/server_config.rb @@ -516,6 +516,9 @@ def execute_query(query, properties = {}) end def restart + @ml_username = @properties['ml.bootstrap-user'] || @properties['ml.user'] + @ml_password = @properties['ml.bootstrap-password'] || @properties['ml.password'] + group = nil ARGV.each do |arg| # Exclude any argument passed from command line. @@ -1409,6 +1412,9 @@ def settings end def deploy_triggers + @ml_username = @properties['ml.deploy-user'] || @properties['ml.user'] + @ml_password = @properties['ml.deploy-password'] || @properties['ml.password'] + logger.info "Deploying Triggers" if !@properties["ml.triggers-db"] raise ExitException.new("Deploy triggers requires a triggers database") From 40e3825af21322d216c6a365eff2140b933bd30f Mon Sep 17 00:00:00 2001 From: Rob Szkutak Date: Fri, 19 Aug 2016 21:34:46 -0500 Subject: [PATCH 3/3] Fix custom username and password selection for edge case. Add support for mlcp and corb user properly --- deploy/default.properties | 12 +++++++++- deploy/lib/server_config.rb | 44 ++++++++++++++++++++++++++++++++----- 2 files changed, 49 insertions(+), 7 deletions(-) diff --git a/deploy/default.properties b/deploy/default.properties index 319d950e..e51b41ee 100755 --- a/deploy/default.properties +++ b/deploy/default.properties @@ -67,13 +67,23 @@ password=admin # bootstrap-user= # bootstrap-password= - # # Username/password used for deployment operations if specified # # deploy-user= # deploy-password= +# +# Username/password used for mlcp if specified +# +# mlcp-user= +# mlcp-password= + +# +# Username/password used for corb if specified +# +# corb-user= +# corb-password= # # Your Application's name diff --git a/deploy/lib/server_config.rb b/deploy/lib/server_config.rb index b3aa81b0..f5b481a0 100644 --- a/deploy/lib/server_config.rb +++ b/deploy/lib/server_config.rb @@ -517,7 +517,11 @@ def execute_query(query, properties = {}) def restart @ml_username = @properties['ml.bootstrap-user'] || @properties['ml.user'] - @ml_password = @properties['ml.bootstrap-password'] || @properties['ml.password'] + if @ml_username == @properties['ml.bootstrap-user'] + @ml_password = @properties['ml.bootstrap-password'] + else + @ml_password = @properties['ml.password'] + end group = nil ARGV.each do |arg| @@ -635,7 +639,11 @@ def bootstrap raise ExitException.new("Bootstrap requires the target environment's hostname to be defined") unless @hostname.present? @ml_username = @properties['ml.bootstrap-user'] || @properties['ml.user'] - @ml_password = @properties['ml.bootstrap-password'] || @properties['ml.password'] + if @ml_username == @properties['ml.bootstrap-user'] + @ml_password = @properties['ml.bootstrap-password'] + else + @ml_password = @properties['ml.password'] + end internals = find_arg(['--replicate-internals']) if internals @@ -736,7 +744,11 @@ def bootstrap def wipe @ml_username = @properties['ml.bootstrap-user'] || @properties['ml.user'] - @ml_password = @properties['ml.bootstrap-password'] || @properties['ml.password'] + if @ml_username == @properties['ml.bootstrap-user'] + @ml_password = @properties['ml.bootstrap-password'] + else + @ml_password = @properties['ml.password'] + end if @environment != "local" expected_response = %Q{I WANT TO WIPE #{@environment.upcase}} @@ -928,7 +940,11 @@ def validate_install def deploy @ml_username = @properties['ml.deploy-user'] || @properties['ml.user'] - @ml_password = @properties['ml.deploy-password'] || @properties['ml.password'] + if @ml_username == @properties['ml.deploy-user'] + @ml_password = @properties['ml.deploy-password'] + else + @ml_password = @properties['ml.password'] + end what = ARGV.shift raise HelpException.new("deploy", "Missing WHAT") unless what @@ -1148,6 +1164,13 @@ def xqsync end def corb + @ml_username = @properties['ml.corb-user'] || @properties['ml.user'] + if @ml_username == @properties['ml.corb-user'] + @ml_password = @properties['ml.corb-password'] + else + @ml_password = @properties['ml.password'] + end + password_prompt encoded_password = url_encode(@ml_password) connection_string = %Q{xcc://#{@properties['ml.user']}:#{encoded_password}@#{@properties['ml.server']}:#{@properties['ml.xcc-port']}/#{@properties['ml.content-db']}} @@ -1239,7 +1262,12 @@ def mlcp end @ml_username = @properties['ml.mlcp-user'] || @properties['ml.user'] - @ml_password = @properties['ml.mlcp-password'] || @ml_password + if @ml_username == @properties['ml.mlcp-user'] + @ml_password = @properties['ml.mlcp-password'] + else + @ml_password = @properties['ml.password'] + end + if ARGV.length > 0 password_prompt connection_string = %Q{ -username #{@ml_username} -password #{@ml_password} -host #{@properties['ml.server']} -port #{@properties['ml.xcc-port']}} @@ -1413,7 +1441,11 @@ def settings def deploy_triggers @ml_username = @properties['ml.deploy-user'] || @properties['ml.user'] - @ml_password = @properties['ml.deploy-password'] || @properties['ml.password'] + if @ml_username == @properties['ml.deploy-user'] + @ml_password = @properties['ml.deploy-password'] + else + @ml_password = @properties['ml.password'] + end logger.info "Deploying Triggers" if !@properties["ml.triggers-db"]