diff --git a/.github/workflows/publish-latest-minor-gh-pages.yml b/.github/workflows/publish-latest-minor-gh-pages.yml index 210f6b696811..482c29198f02 100644 --- a/.github/workflows/publish-latest-minor-gh-pages.yml +++ b/.github/workflows/publish-latest-minor-gh-pages.yml @@ -24,13 +24,13 @@ jobs: steps: - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 32 path: branch - name: Checkout gh-pages - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: ref: gh-pages path: gh-pages diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5c076c2f2516..146f35f5102a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: echo "IMAGE_NAME=${{ env.BASE_IMAGE_NAME }}:$VERSION" >> $GITHUB_ENV - name: Checkout branch - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up JDK uses: actions/setup-java@v4 @@ -83,7 +83,7 @@ jobs: tags: ${{ env.IMAGE_NAME }} - name: Checkout gh-pages - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: ref: gh-pages path: gh-pages diff --git a/.gitignore b/.gitignore index 623850d4a7bd..68100b5919ba 100644 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,7 @@ mark/* **/configfwkdebug.xml **/.idea .idea +.oca target/* target **/.classpath diff --git a/Jenkinsfile.podman b/Jenkinsfile.podman index de4a1bd905d1..e80c96d1cbfb 100644 --- a/Jenkinsfile.podman +++ b/Jenkinsfile.podman @@ -537,7 +537,8 @@ EOF PARALLEL_RUN='false' elif [ "${MAVEN_PROFILE_NAME}" == "kind-upgrade" ]; then PARALLEL_RUN='false' - elif [ -n "${IT_TEST}" ]; then + fi + if [ -n "${IT_TEST}" ]; then echo 'Overriding MAVEN_PROFILE_NAME to integration-test when running individual test(s)' MAVEN_PROFILE_NAME="integration-tests" echo "-Dit.test=\"${IT_TEST}\"" >> ${WORKSPACE}/.mvn/maven.config diff --git a/common/pom.xml b/common/pom.xml index 92303cd6054a..e09807fa48b0 100644 --- a/common/pom.xml +++ b/common/pom.xml @@ -6,7 +6,7 @@ oracle.kubernetes operator-parent - 4.2.19 + 4.2.20 common diff --git a/documentation/domains/Domain.json b/documentation/domains/Domain.json index 31e05a627d9e..591bf4eb830a 100644 --- a/documentation/domains/Domain.json +++ b/documentation/domains/Domain.json @@ -891,8 +891,8 @@ "type": "object", "properties": { "image": { - "default": "ghcr.io/oracle/weblogic-monitoring-exporter:2.3.3", - "description": "The WebLogic Monitoring Exporter sidecar container image name. Defaults to ghcr.io/oracle/weblogic-monitoring-exporter:2.3.3", + "default": "ghcr.io/oracle/weblogic-monitoring-exporter:2.3.5", + "description": "The WebLogic Monitoring Exporter sidecar container image name. Defaults to ghcr.io/oracle/weblogic-monitoring-exporter:2.3.5", "type": "string" }, "imagePullPolicy": { diff --git a/documentation/domains/Domain.md b/documentation/domains/Domain.md index 82435a32b315..04cdcd2bf423 100644 --- a/documentation/domains/Domain.md +++ b/documentation/domains/Domain.md @@ -145,7 +145,7 @@ The current status of the operation of the WebLogic domain. Updated automaticall | Name | Type | Description | | --- | --- | --- | | `configuration` | Map | The configuration for the WebLogic Monitoring Exporter. If WebLogic Server instances are already running and have the monitoring exporter sidecar container, then changes to this field will be propagated to the exporter without requiring the restart of the WebLogic Server instances. | -| `image` | string | The WebLogic Monitoring Exporter sidecar container image name. Defaults to ghcr.io/oracle/weblogic-monitoring-exporter:2.3.3 | +| `image` | string | The WebLogic Monitoring Exporter sidecar container image name. Defaults to ghcr.io/oracle/weblogic-monitoring-exporter:2.3.5 | | `imagePullPolicy` | string | The image pull policy for the WebLogic Monitoring Exporter sidecar container image. Legal values are Always, Never, and IfNotPresent. Defaults to Always if image ends in :latest; IfNotPresent, otherwise. | | `port` | integer | The port exposed by the WebLogic Monitoring Exporter running in the sidecar container. Defaults to 8080. The port value must not conflict with a port used by any WebLogic Server instance, including the ports of built-in channels or network access points (NAPs). | | `resources` | [Resource Requirements](k8s1.28.2.md#resource-requirements) | Memory and CPU minimum requirements and limits for the Monitoring exporter sidecar. See `kubectl explain pods.spec.containers.resources`. | diff --git a/documentation/site/content/managing-domains/aks/_index.md b/documentation/site/content/managing-domains/aks/_index.md index 37e1cca82074..7e5fd4c79aba 100644 --- a/documentation/site/content/managing-domains/aks/_index.md +++ b/documentation/site/content/managing-domains/aks/_index.md @@ -127,9 +127,9 @@ When you are satisfied with your selections, select **Next** and open **TLS/SSL* With the **TLS/SSL** blade, you can configure Oracle WebLogic Server Administration Console on a secure HTTPS port, with your own SSL certificate provided by a Certifying Authority (CA). See [Oracle WebLogic Server Keystores configuration](https://aka.ms/arm-oraclelinux-wls-ssl-configuration) for more information. -Select **Yes** or **No** for the option **Configure WebLogic Server Administration Console, Remote Console, and cluster to use HTTPS (Secure) ports, with your own TLS/SSL certificate.** If you select **No**, you don't have to provide any details, and can proceed by selecting **Next**. If you select **Yes**, you can choose to provide the required configuration details by either uploading existing keystores or by using keystores stored in Azure Key Vault. +Select **Yes** or **No** for the option **Configure WebLogic Server Administration Console, Remote Console, and cluster to use HTTPS (Secure) ports, with your own TLS/SSL certificate.** If you select **No**, you don't have to provide any details, and can proceed by selecting **Next**. If you select **Yes**, you must upload your existing keystores. -If you want to upload existing keystores, select **Upload existing KeyStores** for the option **How would you like to provide required configuration**, and enter the values for the fields listed in the following table. +Enter the values for the fields listed in the following table. #### Upload existing KeyStores @@ -147,23 +147,6 @@ If you want to upload existing keystores, select **Upload existing KeyStores** f | Confirm password | Re-enter the value of the preceding field. | | The Trust KeyStore type (JKS,PKCS12) | Select the type of custom trust keystore. The supported values are JKS and PKCS12. | -If you want to use keystores that are stored in Azure Key Vault, select **Use KeyStores stored in Azure Key Vault** for the option **How would you like to provide required configuration**, and enter the values for the fields listed in the following table. - -#### Use KeyStores stored in Azure Key Vault - -| Field | Description | -|-------|-------------| -| Resource group name in current subscription containing the Key Vault | Enter the name of the Resource Group containing the Key Vault that stores the SSL certificate and the data required for WebLogic SSL termination. | -| Name of the Azure Key Vault containing secrets for the TLS/SSL certificate | Enter the name of the Azure Key Vault that stores the SSL certificate and the data required for WebLogic SSL termination. | -| The name of the secret in the specified Key Vault whose value is the Identity KeyStore Data | Enter the name of the Azure Key Vault secret that holds the value of the identity keystore data. Follow [Store the TLS/SSL certificate in the Key Vault](#store-the-tlsssl-certificate-in-the-key-vault) to upload the certificate to Azure Key Vault. | -| The name of the secret in the specified Key Vault whose value is the passphrase for the Identity KeyStore | Enter the name of the Azure Key Vault secret that holds the value of the passphrase for the identity keystore. | -| The Identity KeyStore type (JKS,PKCS12) | Select the type of custom identity keystore. The supported values are JKS and PKCS12. | -| The name of the secret in the specified Key Vault whose value is the Private Key Alias | Enter the name of the Azure Key Vault secret that holds the value of the private key alias. | -| The name of the secret in the specified Key Vault whose value is the passphrase for the Private Key | Enter the name of the Azure Key Vault secret that holds the value of the passphrase for the private key. | -| The name of the secret in the specified Key Vault whose value is the Trust KeyStore Data | Enter the name of the Azure Key Vault secret that holds the value of the trust keystore data. Follow [Store the TLS/SSL certificate in the Key Vault](#store-the-tlsssl-certificate-in-the-key-vault) to upload the certificate to Azure Key Vault. | -| The name of the secret in the specified Key Vault whose value is the passphrase for the Trust KeyStore | Enter the name of the Azure Key Vault secret that holds the value of the the passphrase for the trust keystore. | -| The Trust KeyStore type (JKS,PKCS12) | Select the type of custom trust keystore. The supported values are JKS and PKCS12. | - When you are satisfied with your selections, select **Next** and open **Load balancing** blade. ### Load balancing @@ -193,7 +176,6 @@ You must select one of the following three options, each described in turn. * Generate a self-signed front-end certificate: Generate a self-signed front-end certificate and apply it during deployment. * Upload a TLS/SSL certificate: Upload the pre-signed certificate now. -* Identify an Azure Key Vault: The Key Vault must already contain the certificate and its password stored as secrets. **Generate a self-signed frontend certificate** @@ -210,16 +192,6 @@ You must select one of the following three options, each described in turn. | Confirm password | Re-enter the value of the preceding field. | | Trusted root certificate(.cer, .cert) | A trusted root certificate is required to allow back-end instances in the application gateway. The root certificate is a Base-64 encoded X.509(.CER) format root certificate. | -**Identify an Azure Key Vault** - -| Field | Description | -|-------|-------------| -| Resource group name in current subscription containing the KeyVault | Enter the name of the Resource Group containing the Key Vault that stores the application gateway SSL certificate and the data required for SSL termination. | -| Name of the Azure KeyVault containing secrets for the Certificate for SSL Termination | Enter the name of the Azure Key Vault that stores the application gateway SSL certificate and the data required for SSL termination. | -| The name of the secret in the specified Key Vault whose value is the front-end TLS/SSL certificate data | Enter the name of the Azure Key Vault secret that holds the value of the Application Gateway front-end SSL certificate data. Follow [Store the TLS/SSL certificate in the Key Vault](#store-the-tlsssl-certificate-in-the-key-vault) to upload the certificate to Azure Key Vault. | -| The name of the secret in the specified Key Vault whose value is the password for the front-end TLS/SSL certificate | Enter the name of the Azure Key Vault secret that holds the value of the password for the application gateway front-end SSL certificate. | -| The name of the secret in the specified Key Vault whose value is the trusted root certificate data | A trusted root certificate is required to allow back-end instances in the application gateway. Enter the name of the Azure Key Vault secret that holds the value of the application gateway trusted root certificate data. Follow [Store the TLS/SSL certificate in the Key Vault](#store-the-tlsssl-certificate-in-the-key-vault) to upload the certificate to Azure Key Vault. | - Regardless of how you provide the certificates, there are several other options when configuring the Application Gateway, as described next. | Field | Description | @@ -389,27 +361,3 @@ After clicking **Create**, you will go to the **Deployment is in progress** page | `shellCmdtoOutputWlsImageProperties`|Shell command to display the base64 encoded string of the model properties.{{< line_break >}}Sample value:{{< line_break >}}`echo -e IyBDF...PTUK \| base64 -d > model.properties` | | `shellCmdtoOutputWlsVersionsandPatches` | Shell command to display the base64 encoded string of the WLS version and patches.{{< line_break >}}Sample value:{{< line_break >}}`echo -e CldlY...gMS4= \| base64 -d > version.info`| -### Useful resources - -Review the following useful resources. - -#### Store the TLS/SSL certificate in the Key Vault - -1. Base 64 encode the certificate file; omit the `-w0` for macOS: - - ```bash - base64 myIdentity.jks -w0 >mycert.txt - # base64 myIdentity.p12 -w0 >mycert.txt - # base64 myTrust.jks -w0 >mycert.txt - # base64 myTrust.p12 -w0 >mycert.txt - # base64 root.cert -w0 >mycert.txt - # base64 gatewayCert.pfx -w0 >mycert.txt - ``` - -2. From the Azure portal, open your Key Vault. -3. In the Settings section, select Secrets. -4. Select Generate/Import. -5. Under Upload options, leave the default value. -6. Under Name, enter `myIdentityCertData`, or whatever name you like. -7. Under Value, enter the content of the mycert.txt file. -8. Leave the remaining values at their defaults and select Create. diff --git a/documentation/site/content/managing-domains/domain-resource.md b/documentation/site/content/managing-domains/domain-resource.md index 71297577018f..8b4c9f1e9c49 100644 --- a/documentation/site/content/managing-domains/domain-resource.md +++ b/documentation/site/content/managing-domains/domain-resource.md @@ -243,6 +243,14 @@ You can use the following environment variables to specify JVM memory and JVM op * `PRE_CLASSPATH`: Path(s) that are *prepended* to the WebLogic Server system classpath; delimit multiple paths with a colon `:`. * `CLASSPATH`: Path(s) that are *appended* to the WebLogic Server system classpath; delimit multiple paths with a colon `:`. +### Node Manager environment variables + +You can use the following environment variables to specify the logging files limit. + +* `NODEMGR_LOG_FILE_MAX`: Maximum size of the Node Manager Log specified as an integer. When this limit is reached, a new log file is started. Default: 0, no limit. +* `NODEMGR_LOG_LEVEL`: Severity level of logging used for the Node Manager log. Node Manager uses the standard logging levels from the java.util.logging.level package. Default: FINEST. +* `NODEMGR_LOG_COUNT`: Maximum number of log files to create when LogLimit is exceeded. Default: 1. + **NOTES**: * The following behavior occurs depending on whether or not `NODEMGR_JAVA_OPTIONS` and `NODEMGR_MEM_ARGS` are defined: diff --git a/documentation/site/content/managing-domains/manage-domains.md b/documentation/site/content/managing-domains/manage-domains.md index 8b304a0affca..829e3428be09 100644 --- a/documentation/site/content/managing-domains/manage-domains.md +++ b/documentation/site/content/managing-domains/manage-domains.md @@ -163,6 +163,12 @@ Be aware of the following important considerations for WebLogic domains running For more information, see [JVM memory and Java option environment variables]({{< relref "/managing-domains/domain-resource#jvm-memory-and-java-option-environment-variables" >}}). +* _Node Manager environment variables:_ You can use the following environment variables to specify the logging files limit. + + * `NODEMGR_LOG_FILE_MAX`: Maximum size of the Node Manager Log specified as an integer. When this limit is reached, a new log file is started. Default: 0, no limit. + * `NODEMGR_LOG_LEVEL`: Severity level of logging used for the Node Manager log. Node Manager uses the standard logging levels from the java.util.logging.level package. Default: FINEST. + * `NODEMGR_LOG_COUNT`: Maximum number of log files to create when LogLimit is exceeded. Default: 1. + The following features are **not** certified or supported in this release: diff --git a/documentation/site/content/managing-operators/using-helm.md b/documentation/site/content/managing-operators/using-helm.md index 8943f039c585..fda3b52b9775 100644 --- a/documentation/site/content/managing-operators/using-helm.md +++ b/documentation/site/content/managing-operators/using-helm.md @@ -299,7 +299,7 @@ Legal values are: `List`, `LabelSelector`, `RegExp`, and `Dedicated`: which the operator itself is deployed, which is the namespace of the Helm release. **NOTES**: -- Defaults to `List`. +- Defaults to `LabelSelector`. - For more information, see [Choose a domain namespace section strategy]({{}}). {{% notice note %}} diff --git a/domain-upgrader/pom.xml b/domain-upgrader/pom.xml index cab4072488cb..80b7b3ec3937 100644 --- a/domain-upgrader/pom.xml +++ b/domain-upgrader/pom.xml @@ -7,7 +7,7 @@ oracle.kubernetes operator-parent - 4.2.19 + 4.2.20 domain-upgrader diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml index b158f35ad863..b2937b5f6713 100644 --- a/integration-tests/pom.xml +++ b/integration-tests/pom.xml @@ -7,7 +7,7 @@ oracle.kubernetes operator-parent - 4.2.19 + 4.2.20 integration-tests diff --git a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItCrossDomainTransactionSecurity.java b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItCrossDomainTransactionSecurity.java index 70483a9efbcf..cfd3949ae3dd 100644 --- a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItCrossDomainTransactionSecurity.java +++ b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItCrossDomainTransactionSecurity.java @@ -1,820 +1,450 @@ -// Copyright (c) 2024, Oracle and/or its affiliates. +// Copyright (c) 2025, Oracle and/or its affiliates. // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. package oracle.weblogic.kubernetes; +import java.io.IOException; +import java.net.InetAddress; import java.net.UnknownHostException; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; -import java.nio.file.StandardOpenOption; +import java.nio.file.StandardCopyOption; import java.util.ArrayList; -import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.List; -import java.util.Map; - -import io.kubernetes.client.openapi.models.V1EnvVar; -import io.kubernetes.client.openapi.models.V1HTTPIngressPath; -import io.kubernetes.client.openapi.models.V1HTTPIngressRuleValue; -import io.kubernetes.client.openapi.models.V1IngressBackend; -import io.kubernetes.client.openapi.models.V1IngressRule; -import io.kubernetes.client.openapi.models.V1IngressServiceBackend; -import io.kubernetes.client.openapi.models.V1LocalObjectReference; -import io.kubernetes.client.openapi.models.V1ServiceBackendPort; + +import io.kubernetes.client.util.Yaml; import oracle.weblogic.domain.AuxiliaryImage; -import oracle.weblogic.domain.Channel; -import oracle.weblogic.domain.ClusterList; -import oracle.weblogic.domain.ClusterSpec; +import oracle.weblogic.domain.Configuration; import oracle.weblogic.domain.DomainResource; +import oracle.weblogic.domain.Model; import oracle.weblogic.kubernetes.actions.impl.AppParams; -import oracle.weblogic.kubernetes.actions.impl.Cluster; -import oracle.weblogic.kubernetes.actions.impl.NginxParams; -import oracle.weblogic.kubernetes.actions.impl.Service; +import oracle.weblogic.kubernetes.actions.impl.WDTArchiveHelper; import oracle.weblogic.kubernetes.actions.impl.primitive.Command; -import oracle.weblogic.kubernetes.actions.impl.primitive.CommandParams; import oracle.weblogic.kubernetes.actions.impl.primitive.WitParams; import oracle.weblogic.kubernetes.annotations.IntegrationTest; import oracle.weblogic.kubernetes.annotations.Namespaces; import oracle.weblogic.kubernetes.logging.LoggingFacade; -import oracle.weblogic.kubernetes.utils.ExecCommand; +import oracle.weblogic.kubernetes.utils.CommonMiiTestUtils; +import oracle.weblogic.kubernetes.utils.ConfigMapUtils; import oracle.weblogic.kubernetes.utils.ExecResult; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.Tag; import org.junit.jupiter.api.Test; -import org.junit.jupiter.api.condition.DisabledIfEnvironmentVariable; -import static java.net.InetAddress.getLocalHost; import static oracle.weblogic.kubernetes.TestConstants.ADMIN_PASSWORD_DEFAULT; import static oracle.weblogic.kubernetes.TestConstants.ADMIN_USERNAME_DEFAULT; -import static oracle.weblogic.kubernetes.TestConstants.DOMAIN_API_VERSION; -import static oracle.weblogic.kubernetes.TestConstants.DOMAIN_IMAGES_PREFIX; -import static oracle.weblogic.kubernetes.TestConstants.IMAGE_PULL_POLICY; -import static oracle.weblogic.kubernetes.TestConstants.K8S_NODEPORT_HOST; -import static oracle.weblogic.kubernetes.TestConstants.K8S_NODEPORT_HOSTNAME; +import static oracle.weblogic.kubernetes.TestConstants.ENCRYPION_PASSWORD_DEFAULT; +import static oracle.weblogic.kubernetes.TestConstants.ENCRYPION_USERNAME_DEFAULT; import static oracle.weblogic.kubernetes.TestConstants.KUBERNETES_CLI; -import static oracle.weblogic.kubernetes.TestConstants.OKE_CLUSTER; -import static oracle.weblogic.kubernetes.TestConstants.RESULTS_ROOT; -import static oracle.weblogic.kubernetes.TestConstants.TRAEFIK_INGRESS_HTTP_HOSTPORT; +import static oracle.weblogic.kubernetes.TestConstants.MII_AUXILIARY_IMAGE_NAME; +import static oracle.weblogic.kubernetes.TestConstants.SKIP_CLEANUP; import static oracle.weblogic.kubernetes.TestConstants.WEBLOGIC_IMAGE_TO_USE_IN_SPEC; -import static oracle.weblogic.kubernetes.actions.ActionConstants.ARCHIVE_DIR; +import static oracle.weblogic.kubernetes.actions.ActionConstants.APP_DIR; import static oracle.weblogic.kubernetes.actions.ActionConstants.RESOURCE_DIR; import static oracle.weblogic.kubernetes.actions.ActionConstants.WORK_DIR; -import static oracle.weblogic.kubernetes.actions.TestActions.buildAppArchive; -import static oracle.weblogic.kubernetes.actions.TestActions.defaultAppParams; -import static oracle.weblogic.kubernetes.actions.TestActions.getServiceNodePort; -import static oracle.weblogic.kubernetes.actions.TestActions.listIngresses; -import static oracle.weblogic.kubernetes.utils.ApplicationUtils.callWebAppAndWaitTillReady; +import static oracle.weblogic.kubernetes.actions.TestActions.deleteImage; +import static oracle.weblogic.kubernetes.actions.impl.primitive.Command.defaultCommandParams; import static oracle.weblogic.kubernetes.utils.AuxiliaryImageUtils.createAndPushAuxiliaryImage; -import static oracle.weblogic.kubernetes.utils.ClusterUtils.createClusterAndVerify; -import static oracle.weblogic.kubernetes.utils.ClusterUtils.createClusterResource; -import static oracle.weblogic.kubernetes.utils.ClusterUtils.createClusterResourceAndAddReferenceToDomain; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.createIngressHostRouting; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.formatIPv6Host; import static oracle.weblogic.kubernetes.utils.CommonTestUtils.getDateAndTimeStamp; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.getHostAndPort; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.getNextFreePort; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.getServiceExtIPAddrtOke; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.runClientInsidePod; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.runJavacInsidePod; -import static oracle.weblogic.kubernetes.utils.CommonTestUtils.testUntil; import static oracle.weblogic.kubernetes.utils.DomainUtils.createDomainAndVerify; +import static oracle.weblogic.kubernetes.utils.ExecCommand.exec; import static oracle.weblogic.kubernetes.utils.FileUtils.copyFileToPod; -import static oracle.weblogic.kubernetes.utils.FileUtils.generateFileFromTemplate; -import static oracle.weblogic.kubernetes.utils.ImageUtils.createTestRepoSecret; -import static oracle.weblogic.kubernetes.utils.LoadBalancerUtils.createIngressAndRetryIfFail; -import static oracle.weblogic.kubernetes.utils.LoadBalancerUtils.installAndVerifyNginx; +import static oracle.weblogic.kubernetes.utils.FileUtils.replaceStringInFile; import static oracle.weblogic.kubernetes.utils.OperatorUtils.installAndVerifyOperator; -import static oracle.weblogic.kubernetes.utils.PodUtils.checkPodReady; -import static oracle.weblogic.kubernetes.utils.PodUtils.getExternalServicePodName; -import static oracle.weblogic.kubernetes.utils.PodUtils.setPodAntiAffinity; import static oracle.weblogic.kubernetes.utils.SecretUtils.createSecretWithUsernamePassword; import static oracle.weblogic.kubernetes.utils.SecretUtils.createSecretsForImageRepos; import static oracle.weblogic.kubernetes.utils.ThreadSafeLogger.getLogger; -import static org.assertj.core.api.Assertions.assertThat; import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; -import static org.junit.jupiter.api.Assertions.assertNotEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; import static org.junit.jupiter.api.Assertions.assertTrue; -/** - * Cross domain transaction with CrossDomainSecurityEnabled set to true. - */ -@DisplayName("Verify cross domain transaction is successful with CrossDomainSecurityEnabled set to true") +@DisplayName("Test to do cross domain transaction in SSL with custom store") @IntegrationTest @Tag("kind-parallel") -@Tag("oke-weekly-sequential") +@Tag("oke-parallel") class ItCrossDomainTransactionSecurity { - private static final String auxImageName1 = DOMAIN_IMAGES_PREFIX + "domain1-cdxaction-aux"; - private static final String auxImageName2 = DOMAIN_IMAGES_PREFIX + "domain2-cdxaction-aux"; - private static final String PROPS_TEMP_DIR = RESULTS_ROOT + "/crossdomsecurity"; - - private static String opNamespace = null; private static String domainNamespace = null; - private static String domainUid1 = "domain1"; - private static String domainUid2 = "domain2"; - private static String adminServerName = "admin-server"; - private static String domain1AdminServerPodName = domainUid1 + "-" + adminServerName; - private static String domain1ManagedServerPrefix = domainUid1 + "-managed-server"; - private static String domain2AdminServerPodName = domainUid2 + "-" + adminServerName; - private static String domain2ManagedServerPrefix = domainUid2 + "-managed-server"; - private static LoggingFacade logger = null; - private static int replicaCount = 2; - private static String clusterName = "cluster-2"; - private static int t3ChannelPort1 = getNextFreePort(); - private static int t3ChannelPort2 = getNextFreePort(); - private static String domain1AdminExtSvcRouteHost = null; - private static String hostAndPort1 = null; - private static String hostHeader1; - private static String nginxNamespace = null; - private static NginxParams nginxHelmParams = null; - private static int nginxNodePort; - private static Path tlsCertFile; - private static Path tlsKeyFile; - private static Path jksTrustFile; - private static String tlsSecretName = domainUid2 + "-test-tls-secret"; - private static String hostAddress = K8S_NODEPORT_HOST; - + private static LoggingFacade logger = null; + private String domain1Uid = "domain1"; + private String domain2Uid = "domain2"; + private static String miiAuxiliaryImage1Tag = "auximage1" + getDateAndTimeStamp(); + private static String miiAuxiliaryImage2Tag = "auximage2" + getDateAndTimeStamp(); + private static String miiAuxiliaryImage1 = MII_AUXILIARY_IMAGE_NAME + ":" + miiAuxiliaryImage1Tag; + private static String miiAuxiliaryImage2 = MII_AUXILIARY_IMAGE_NAME + ":" + miiAuxiliaryImage2Tag; + private final int replicaCount = 1; + private static String adminSecretName1; + private static String adminSecretName2; + private static String encryptionSecretName; + private static String storeDir; + private static String archiveFile; /** - * Install Operator. - * @param namespaces list of namespaces created by the IntegrationTestWatcher by the - * JUnit engine parameter resolution mechanism + * Install Operator, generate custom store and create auxiliary domains. + * + * @param namespaces list of namespaces */ @BeforeAll - public static void initAll(@Namespaces(3) List namespaces) throws UnknownHostException { + public static void initAll(@Namespaces(2) List namespaces) throws IOException { logger = getLogger(); + storeDir = Files.createTempDirectory(Paths.get(WORK_DIR), "cxtxcustom").toString(); + // get a new unique opNamespace logger.info("Creating unique namespace for Operator"); assertNotNull(namespaces.get(0), "Namespace list is null"); opNamespace = namespaces.get(0); - logger.info("Creating unique namespace for Domain"); + logger.info("Creating unique namespace for domain"); assertNotNull(namespaces.get(1), "Namespace list is null"); domainNamespace = namespaces.get(1); - // get a unique Nginx namespace - logger.info("Assign a unique namespace for Nginx"); - assertNotNull(namespaces.get(2), "Namespace list is null"); - nginxNamespace = namespaces.get(2); - - - // Create the repo secret to pull the image - // this secret is used only for non-kind cluster - createTestRepoSecret(domainNamespace); - // install and verify operator installAndVerifyOperator(opNamespace, domainNamespace); - if (OKE_CLUSTER) { - logger.info("Installing Nginx controller using helm"); - // install and verify Nginx - nginxHelmParams = installAndVerifyNginx(nginxNamespace, 0, 0); - } + // create secret for admin credentials + logger.info("Create secret for domain1 admin credentials"); + adminSecretName1 = "domain1-weblogic-credentials"; + createSecretWithUsernamePassword(adminSecretName1, domainNamespace, + ADMIN_USERNAME_DEFAULT, ADMIN_PASSWORD_DEFAULT); - buildDomains(); - - logger.info("2 domains with crossDomainSecurity enabled start up!"); - int domain1AdminServiceNodePort - = getServiceNodePort(domainNamespace, getExternalServicePodName(domain1AdminServerPodName), "default"); - assertNotEquals(-1, domain1AdminServiceNodePort, "domain1 admin server default node port is not valid"); - logger.info("domain1AdminServiceNodePort is: " + domain1AdminServiceNodePort); - int domain2AdminServiceNodePort - = getServiceNodePort(domainNamespace, getExternalServicePodName(domain2AdminServerPodName), "default"); - assertNotEquals(-1, domain1AdminServiceNodePort, "domain2 admin server default node port is not valid"); - logger.info("domain2AdminServiceNodePort is: " + domain2AdminServiceNodePort); - - if (OKE_CLUSTER) { - createNginxIngressPathRoutingRules(); - String nginxServiceName = nginxHelmParams.getHelmParams().getReleaseName() + "-ingress-nginx-controller"; - hostAndPort1 = getServiceExtIPAddrtOke(nginxServiceName, nginxNamespace); - } else { - hostAndPort1 = getHostAndPort(domain1AdminExtSvcRouteHost, domain1AdminServiceNodePort); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - hostHeader1 = createIngressHostRouting(domainNamespace, domainUid1, adminServerName, 7001); - hostAndPort1 = formatIPv6Host(getLocalHost().getHostAddress()) - + ":" + TRAEFIK_INGRESS_HTTP_HOSTPORT; + logger.info("Create secret for domain2 admin credentials"); + adminSecretName2 = "domain2-weblogic-credentials"; + createSecretWithUsernamePassword(adminSecretName2, domainNamespace, + ADMIN_USERNAME_DEFAULT, ADMIN_PASSWORD_DEFAULT); - } - } - logger.info("hostHeader1 for domain1 is: " + hostHeader1); - logger.info("hostAndPort1 for domain1 is: " + hostAndPort1); + // create encryption secret + logger.info("Create encryption secret"); + encryptionSecretName = "encryptionsecret"; + createSecretWithUsernamePassword(encryptionSecretName, domainNamespace, + ENCRYPION_USERNAME_DEFAULT, ENCRYPION_PASSWORD_DEFAULT); + + generateKeyStores(); + createAuxDomain(); } - /** - * Configure two domains d1 and d2 with CrossDomainSecurityEnabled set to true - * On both domains create a user (cross-domain) with group CrossDomainConnectors - * Add required Credential Mapping - * Deploy a JSP on d1's admin server that takes 2 parameteers - * a. The tx action b. the d2's cluster service url - * Starts a User transcation - * Using t3 send 10 messgaes to a distributed destination (jms.testUniformQueue) on d2 that has 2 members - * Using t3 Send a message to local destination (jms.admin.adminQueue) on d1 - * Commit/rollback the transation - * Using t3 receive the messages from the distributed destination (jms.testUniformQueue) on d2 - * Using t3 receive the message from the local destination (jms.admin.adminQueue) on d1 + /* + * "Creating Domain SelfSigned certificates, Identity Store and Trust store" */ - @Test - @DisplayName("Check cross domain transaction works") - void testCrossDomainTxWithCrossDomainSecurityEnabled() throws UnknownHostException { - - // build the standalone JMS Client on Admin pod - String destLocation = "/u01/JmsSendReceiveClient.java"; - assertDoesNotThrow(() -> copyFileToPod(domainNamespace, - domain1AdminServerPodName, "", - Paths.get(RESOURCE_DIR, "jms", "JmsSendReceiveClient.java"), - Paths.get(destLocation))); - runJavacInsidePod(domain1AdminServerPodName, domainNamespace, destLocation); - - //In a UserTransaction send 10 msg to remote udq and 1 msg to local queue and commit the tx - StringBuffer curlCmd1 = new StringBuffer("curl -skg --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd1.append(" -H 'host: " + hostHeader1 + "' "); - } - String url1 = "\"http://" + hostAndPort1 - + "/sample_war/dtx.jsp?remoteurl=t3://domain2-cluster-cluster-2:8001&action=commit\""; - curlCmd1.append(url1); - logger.info("Executing curl command: {0}", curlCmd1); - assertTrue(getCurlResult(curlCmd1.toString()).contains("Message sent in a commit User Transation"), - "Didn't send expected msg "); - - //receive msg from the udq that has 2 memebers - StringBuffer curlCmd2 = new StringBuffer("curl -j --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd2.append(" -H 'host: " + hostHeader1 + "' "); - } - String url2 = "\"http://" + hostAndPort1 - + "/sample_war/get.jsp?remoteurl=t3://domain2-cluster-cluster-2:8001&action=recv&dest=jms.testUniformQueue\""; - curlCmd2.append(url2); - logger.info("Executing curl command: {0}", curlCmd2); - for (int i = 0; i < 2; i++) { - assertTrue(getCurlResult(curlCmd2.toString()).contains("Total Message(s) Received : 5"), - "Didn't receive expected msg count from remote queue"); - } - - // receive 1 msg from the local queue - testUntil( - runClientInsidePod(domain1AdminServerPodName, domainNamespace, - "/u01", "JmsSendReceiveClient", - "t3://" + "localhost" + ":" + "7001", "receive", "jms.admin.adminQueue", "1"), - logger, - "Wait for JMS Client to send/recv msg"); - - //In a UserTransaction send 10 msg to remote udq and 1 msg to local queue and rollback the tx - StringBuffer curlCmd3 = new StringBuffer("curl -skg --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd3.append(" -H 'host: " + hostHeader1 + "' "); - } - String url3 = "\"http://" + hostAndPort1 - + "/sample_war/dtx.jsp?remoteurl=t3://domain2-cluster-cluster-2:8001&action=rollback\""; - curlCmd3.append(url3); - logger.info("Executing curl command: {0}", curlCmd3); - assertTrue(getCurlResult(curlCmd3.toString()).contains("Message sent in a rolled-back User Transation"), - "Didn't send expected msg "); - - //receive 0 msg from the udq that has 2 memebers - StringBuffer curlCmd4 = new StringBuffer("curl -j --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd4.append(" -H 'host: " + hostHeader1 + "' "); - } - String url4 = "\"http://" + hostAndPort1 - + "/sample_war/get.jsp?remoteurl=t3://domain2-cluster-cluster-2:8001&action=recv&dest=jms.testUniformQueue\""; - curlCmd4.append(url4); - logger.info("Executing curl command: {0}", curlCmd4); - for (int i = 0; i < 2; i++) { - assertTrue(getCurlResult(curlCmd4.toString()).contains("Total Message(s) Received : 0"), - "Didn't receive expected msg count from remote queue"); - } + private static void generateKeyStores() throws UnknownHostException, IOException { + String keyPass = "changeit"; + String storePass = "changeit"; + String hostname = InetAddress.getLocalHost().getHostAddress(); + + //Creating Domain SelfSigned Identity Store + String command = "keytool " + + "-genkey " + + "-keyalg RSA " + + "-alias server_alias " + + "-validity 360 " + + "-keysize 2048 " + + "-dname \"CN=" + hostname + + " OU=WLS, " + + "O=Oracle, " + + "L=Basking Ridge, " + + "ST=CA, C=US\" " + + "-deststoretype pkcs12 " + + "-storepass " + storePass + + " -keypass " + keyPass + + " -keystore " + storeDir + "/DomainIdentityStore.p12"; + assertTrue(runCommand(command), "Failed to create domain identity store"); + command = "keytool " + + "-export " + + "-alias server_alias " + + "-file " + storeDir + "/domain.der " + + "-keystore " + storeDir + "/DomainIdentityStore.p12 " + + "-storepass " + storePass + + " -keypass " + keyPass; + assertTrue(runCommand(command), "Failed to export domain identity store"); + //Creating Domain/Client Trust Store by importing certificate + command = "keytool " + + "-import -trustcacerts " + + "-alias server_trust " + + "-file " + storeDir + "/domain.der " + + "-keystore " + storeDir + "/DomainTrustStore.p12 " + + "-storepass " + storePass + + " -keypass " + keyPass + + " -deststoretype pkcs12 -noprompt"; + assertTrue(runCommand(command), "Failed to create domain trust store"); + command = "keytool " + + "-import " + + "-trustcacerts " + + "-alias client_trust " + + "-file " + storeDir + "/domain.der " + + "-keystore " + storeDir + "/ClientTrustStore.p12 " + + "-storepass " + storePass + + " -keypass " + keyPass + + " -deststoretype pkcs12 -noprompt"; + assertTrue(runCommand(command), "Failed to import domain trust store"); + } - // receive 0 msg from the local queue - testUntil( - runClientInsidePod(domain1AdminServerPodName, domainNamespace, - "/u01", "JmsSendReceiveClient", - "t3://" + "localhost" + ":" + "7001", "receive", "jms.admin.adminQueue", "0"), - logger, - "Wait for JMS Client to send/recv msg"); + private static boolean runCommand(String command) { + return Command.withParams( + defaultCommandParams() + .command(command) + .verbose(true) + .redirect(false)) + .execute(); } /** - * Configure two domains d1 and d2 with CrossDomainSecurityEnabled set to true - * On both domains create a user (cross-domain) with group CrossDomainConnectors - * Add required Credential Mapping - * Deploy a JSP on d1's admin server that takes 2 parameteers - * a. The tx action b. the d2's cluster service url - * Starts a User transcation - * Using t3s send 10 messgaes to a distributed destination (jms.testUniformQueue) on d2 that has 2 members - * Using t3s Send a message to local destination (jms.admin.adminQueue) on d1 - * Commit/rollback the transation - * Using t3s receive the messages from the distributed destination (jms.testUniformQueue) on d2 - * Using t3s Receive the message from the local destination (jms.admin.adminQueue) on d1 + * create auxiliary domain images and push it to the repo with custom ssl stores. + * + * @throws IOException when creating certificates fails. */ - @Test - @DisplayName("Check cross domain transaction works when SSL enabled") - @DisabledIfEnvironmentVariable(named = "OKE_CLUSTER", matches = "true") - void testCrossDomainTxWithCrossDomainSecurityAndSSLEnabled() throws UnknownHostException { - - // Create SSL certificate and key using openSSL with SAN extension - createCertKeyFiles(hostAddress); - // Create kubernates secret using genereated certificate and key - createSecretWithTLSCertKey(tlsSecretName); - // Import the tls certificate into a JKS truststote to be used while - // running the standalone client. - importKeytoTrustStore(); - - //In a UserTransaction send 10 msg to remote udq and 1 msg to local queue and commit the tx - StringBuffer curlCmd1 = new StringBuffer("curl -skg --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd1.append(" -H 'host: " + hostHeader1 + "' "); - } - String url1 = "\"http://" + hostAndPort1 - + "/sample_war/dtx.jsp?remoteurl=t3s://domain2-cluster-cluster-2:8500&action=commit\""; - curlCmd1.append(url1); - logger.info("Executing curl command: {0}", curlCmd1); - assertTrue(getCurlResult(curlCmd1.toString()).contains("Message sent in a commit User Transation"), - "Didn't send expected msg "); - - //receive msg from the udq that has 2 memebers - StringBuffer curlCmd2 = new StringBuffer("curl -j --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd2.append(" -H 'host: " + hostHeader1 + "' "); - } - String url2 = "\"http://" + hostAndPort1 - + "/sample_war/get.jsp?remoteurl=" - + "t3s://domain2-cluster-cluster-2:8500&action=recv&dest=jms.testUniformQueue\""; - curlCmd2.append(url2); - logger.info("Executing curl command: {0}", curlCmd2); - for (int i = 0; i < 2; i++) { - assertTrue(getCurlResult(curlCmd2.toString()).contains("Total Message(s) Received : 5"), - "Didn't receive expected msg count from remote queue"); - } - - // receive 1 msg from the local queue - logger.info("Receiving 1 msg from the local queue"); - StringBuffer curlCmdx = new StringBuffer("curl -j --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmdx.append(" -H 'host: " + hostHeader1 + "' "); - } - String urlx = "\"http://" + hostAndPort1 - + "/sample_war/get.jsp?remoteurl=" - + "t3s://domain1-admin-server:7002&action=recv&dest=jms.admin.adminQueue\""; - curlCmdx.append(urlx); - logger.info("Executing curl command for local queue: {0}", curlCmdx); - assertTrue(getCurlResult(curlCmdx.toString()).contains("Total Message(s) Received : 1"), - "Didn't receive expected msg count from local queue"); - - //In a UserTransaction send 10 msg to remote udq and 1 msg to local queue and rollback the tx - StringBuffer curlCmd3 = new StringBuffer("curl -skg --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd3.append(" -H 'host: " + hostHeader1 + "' "); - } - String url3 = "\"http://" + hostAndPort1 - + "/sample_war/dtx.jsp?remoteurl=t3s://domain2-cluster-cluster-2:8500&action=rollback\""; - curlCmd3.append(url3); - logger.info("Executing curl command: {0}", curlCmd3); - assertTrue(getCurlResult(curlCmd3.toString()).contains("Message sent in a rolled-back User Transation"), - "Didn't send expected msg "); - - //receive 0 msg from the udq that has 2 memebers - StringBuffer curlCmd4 = new StringBuffer("curl -j --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmd4.append(" -H 'host: " + hostHeader1 + "' "); - } - String url4 = "\"http://" + hostAndPort1 - + "/sample_war/get.jsp?remoteurl=" - + "t3s://domain2-cluster-cluster-2:8500&action=recv&dest=jms.testUniformQueue\""; - curlCmd4.append(url4); - logger.info("Executing curl command: {0}", curlCmd4); - for (int i = 0; i < 2; i++) { - assertTrue(getCurlResult(curlCmd4.toString()).contains("Total Message(s) Received : 0"), - "Didn't receive expected msg count from remote queue"); - } - - // receive 0 msg from the local queue - logger.info("Receiving 0 msg from the local queue"); - StringBuffer curlCmdy = new StringBuffer("curl -j --show-error --noproxy '*' "); - if (TestConstants.KIND_CLUSTER - && !TestConstants.WLSIMG_BUILDER.equals(TestConstants.WLSIMG_BUILDER_DEFAULT)) { - curlCmdy.append(" -H 'host: " + hostHeader1 + "' "); + private static void createAuxDomain() throws IOException { + + //create the archive.zip with appliocation and cusom store files + AppParams appParams = WDTArchiveHelper + .defaultAppParams().appName("webapp") + .srcDirList(List.of(WEBLOGIC_IMAGE_TO_USE_IN_SPEC.contains("15") + ? APP_DIR + "/jakartawebapp" : APP_DIR + "/javaxwebapp")); + boolean status = WDTArchiveHelper.withParams(appParams) + .createArchiveWithStructuredApplication("archive"); + assertTrue(status, "Failed to create a archive of application"); + String appArchiveDir = appParams.appArchiveDir(); + status = WDTArchiveHelper.withParams(appParams) + .addServerKeystore(appArchiveDir + "/archive.zip", "cluster-1-template", + storeDir + "/DomainTrustStore.p12"); + assertTrue(status, "Failed to create a archive of application"); + status = WDTArchiveHelper.withParams(appParams) + .addServerKeystore(appArchiveDir + "/archive.zip", "cluster-1-template", + storeDir + "/DomainIdentityStore.p12"); + assertTrue(status, "Failed to create a archive of application"); + //WDTArchiveHelper.withParams(appParams).addCustom(miiImage, miiImage); + + String modelFile; + if (WEBLOGIC_IMAGE_TO_USE_IN_SPEC.contains("14.1.2") || WEBLOGIC_IMAGE_TO_USE_IN_SPEC.contains("15")) { + modelFile = "model.dynamic.custom.ssl.wls.yaml"; + } else { + modelFile = "model.dynamic.demo.ssl.yaml"; } - String urly = "\"http://" + hostAndPort1 - + "/sample_war/get.jsp?remoteurl=" - + "t3s://domain1-admin-server:7002&action=recv&dest=jms.admin.adminQueue\""; - curlCmdy.append(urly); - logger.info("Executing curl command for local queue: {0}", curlCmdy); - assertTrue(getCurlResult(curlCmdx.toString()).contains("Total Message(s) Received : 0"), - "Didn't receive expected msg count from local queue"); - } + // image1 with model files for domain config, ds, app and wdt install files + List archiveList = Collections.singletonList(appParams.appArchiveDir() + "/archive.zip"); + archiveFile = appParams.appArchiveDir() + "/archive.zip"; + logger.info(archiveFile); - private static String createAuxImage(String imageName, String imageTag, List wdtModelFile, - String wdtVariableFile) { + List modelProperties = new ArrayList<>(); + String modelProperty = "model1.properties"; + modelProperties.add(RESOURCE_DIR + "/customstore/" + modelProperty); - // build sample-app application - AppParams appParams = defaultAppParams() - .srcDirList(Collections.singletonList("crossdomain-security")) - .appArchiveDir(ARCHIVE_DIR + ItCrossDomainTransactionSecurity.class.getName()) - .appName("crossdomainsec"); - assertTrue(buildAppArchive(appParams), - String.format("Failed to create app archive for %s", "crossdomainsec")); - List archiveList = Collections.singletonList(appParams.appArchiveDir() + "/" + "crossdomainsec" + ".zip"); + List modelList = new ArrayList<>(); + modelList.add(RESOURCE_DIR + "/customstore/models/" + modelFile); - //create an auxiliary image with model and application WitParams witParams = new WitParams() - .modelImageName(imageName) - .modelImageTag(imageTag) - .modelFiles(wdtModelFile) - .modelVariableFiles(Arrays.asList(wdtVariableFile)) - .modelArchiveFiles(archiveList); - createAndPushAuxiliaryImage(imageName, imageTag, witParams); - - return imageName + ":" + imageTag; + .modelImageName(MII_AUXILIARY_IMAGE_NAME) + .modelImageTag(miiAuxiliaryImage1Tag) + .modelFiles(modelList) + .modelArchiveFiles(archiveList) + .modelVariableFiles(modelProperties); + createAndPushAuxiliaryImage(MII_AUXILIARY_IMAGE_NAME, miiAuxiliaryImage1Tag, witParams); + + modelProperties.clear(); + modelProperty = "model2.properties"; + modelProperties.add(RESOURCE_DIR + "/customstore/" + modelProperty); + witParams + = new WitParams() + .modelImageName(MII_AUXILIARY_IMAGE_NAME) + .modelImageTag(miiAuxiliaryImage2Tag) + .modelFiles(modelList) + .modelArchiveFiles(archiveList) + .modelVariableFiles(modelProperties); + createAndPushAuxiliaryImage(MII_AUXILIARY_IMAGE_NAME, miiAuxiliaryImage2Tag, witParams); + } + + /** + * Create 2 domains using sparse models and auxiliary images. + * + * Verify the domain is running with custom ssl certificates and cross domain trx works with non ssl and ssl urls. + */ + @Test + @DisplayName("Test to do cross domain using transaction with custom SSL store") + void testCrossDomainTxWithSSL() throws InterruptedException, IOException { + String domain1cm = "domain1-mii-cm"; + String domain2cm = "domain2-mii-cm"; + + ConfigMapUtils.createConfigMapFromFiles(domain1cm, + List.of( + Paths.get(RESOURCE_DIR, "customstore", "model1.properties"), + Paths.get(RESOURCE_DIR, "customstore", "models", "sparse.application.yaml"), + Paths.get(RESOURCE_DIR, "customstore", "models", "sparse.jdbc.yaml"), + Paths.get(RESOURCE_DIR, "customstore", "models", "sparse.jms.yaml")), domainNamespace); + + ConfigMapUtils.createConfigMapFromFiles(domain2cm, + List.of( + Paths.get(RESOURCE_DIR, "customstore", "model2.properties"), + Paths.get(RESOURCE_DIR, "customstore", "models", "sparse.application.yaml"), + Paths.get(RESOURCE_DIR, "customstore", "models", "sparse.jdbc.yaml"), + Paths.get(RESOURCE_DIR, "customstore", "models", "sparse.jms.yaml")), domainNamespace); + + // admin/managed server name here should match with model yaml + final String auxiliaryImagePath = "/auxiliary"; - private static void buildDomains() { + // create domain custom resource using auxiliary image + logger.info("Creating domain custom resource with domainUid {0} and auxiliary image {1}", + domain1Uid, miiAuxiliaryImage1); + + DomainResource domainCR = CommonMiiTestUtils + .createDomainResourceWithAuxiliaryImage(domain1Uid, domainNamespace, + WEBLOGIC_IMAGE_TO_USE_IN_SPEC, adminSecretName1, + createSecretsForImageRepos(domainNamespace), + encryptionSecretName, auxiliaryImagePath, + miiAuxiliaryImage1); + + HashMap domain1Map = new HashMap<>(); + domain1Map.put("weblogic.domainUID", domain1Uid); + domainCR.metadata() + .name(domain1Uid) + .namespace(domainNamespace) + .labels(domain1Map); + domainCR.spec() + .configuration(new Configuration() + .model(new Model() + .configMap(domain1cm) + .domainType("WLS") + .withAuxiliaryImages(List.of(new AuxiliaryImage() + .image(miiAuxiliaryImage1) + .sourceModelHome("/auxiliary/models"))) + .runtimeEncryptionSecret(encryptionSecretName))); - String auxImageTag = getDateAndTimeStamp(); - String modelDir = RESOURCE_DIR + "/" + "crossdomsecurity"; - List modelList = new ArrayList<>(); - modelList.add(modelDir + "/" + "model.dynamic.wls.yaml"); - modelList.add(modelDir + "/sparse.jdbc.yaml"); - modelList.add(modelDir + "/sparse.jms.yaml"); - modelList.add(modelDir + "/sparse.application.yaml"); - - // create WDT properties file for the WDT model domain1 - Path wdtVariableFile1 = Paths.get(WORK_DIR, ItCrossDomainTransactionSecurity.class.getName(), - "wdtVariable1.properties"); - logger.info("The K8S_NODEPORT_HOSTNAME is: " + K8S_NODEPORT_HOSTNAME); - logger.info("The K8S_NODEPORT_HOST is: " + K8S_NODEPORT_HOST); - logger.info("In the domain1 t3ChannelPort1 is: " + t3ChannelPort1); - logger.info("In the domain2 t3ChannelPort2 is " + t3ChannelPort2); - - assertDoesNotThrow(() -> { - Files.deleteIfExists(wdtVariableFile1); - Files.createDirectories(wdtVariableFile1.getParent()); - Files.writeString(wdtVariableFile1, "DOMAIN_UID=domain1\n", StandardOpenOption.CREATE); - Files.writeString(wdtVariableFile1, "CLUSTER_NAME=cluster-1\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile1, "ADMIN_SERVER_NAME=admin-server\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile1, "MANAGED_SERVER_BASE_NAME=managed-server\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile1, "MANAGED_SERVER_PORT=8001\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile1, "MANAGED_SERVER_COUNT=4\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile1, "T3PUBLICADDRESS=" + K8S_NODEPORT_HOSTNAME + "\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile1, "T3CHANNELPORT=" + t3ChannelPort1 + "\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile1, "REMOTE_DOMAIN=domain2\n", StandardOpenOption.APPEND); - }); - - // create auxiliary image for domain1 - String auxImage1 = createAuxImage(auxImageName1, auxImageTag, modelList, wdtVariableFile1.toString()); - - // create WDT properties file for the WDT model domain2 - Path wdtVariableFile2 = Paths.get(WORK_DIR, ItCrossDomainTransactionSecurity.class.getName(), - "wdtVariable2.properties"); - assertDoesNotThrow(() -> { - Files.deleteIfExists(wdtVariableFile2); - Files.createDirectories(wdtVariableFile2.getParent()); - Files.writeString(wdtVariableFile2, "DOMAIN_UID=domain2\n", StandardOpenOption.CREATE); - Files.writeString(wdtVariableFile2, "CLUSTER_NAME=cluster-2\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile2, "ADMIN_SERVER_NAME=admin-server\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile2, "MANAGED_SERVER_BASE_NAME=managed-server\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile2, "MANAGED_SERVER_PORT=8001\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile2, "MANAGED_SERVER_COUNT=4\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile2, "T3PUBLICADDRESS=" + K8S_NODEPORT_HOSTNAME + "\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile2, "T3CHANNELPORT=" + t3ChannelPort2 + "\n", StandardOpenOption.APPEND); - Files.writeString(wdtVariableFile2, "REMOTE_DOMAIN=domain1\n", StandardOpenOption.APPEND); - }); - - // create auxiliary image for domain2 - String auxImage2 = createAuxImage(auxImageName2, auxImageTag, modelList, wdtVariableFile2.toString()); - - // create admin credential secret for domain1 - logger.info("Create admin credential secret for domain1"); - String domain1AdminSecretName = domainUid1 + "-weblogic-credentials"; - assertDoesNotThrow(() -> createSecretWithUsernamePassword( - domain1AdminSecretName, domainNamespace, ADMIN_USERNAME_DEFAULT, ADMIN_PASSWORD_DEFAULT), - String.format("createSecret %s failed for %s", domain1AdminSecretName, domainUid1)); - - // create admin credential secret for domain2 - logger.info("Create admin credential secret for domain2"); - String domain2AdminSecretName = domainUid2 + "-weblogic-credentials"; - assertDoesNotThrow(() -> createSecretWithUsernamePassword( - domain2AdminSecretName, domainNamespace, ADMIN_USERNAME_DEFAULT, ADMIN_PASSWORD_DEFAULT), - String.format("createSecret %s failed for %s", domain2AdminSecretName, domainUid2)); + // create domain and verify its running + logger.info("Creating domain {0} with auxiliary image {1} in namespace {2}", + domain1Uid, miiAuxiliaryImage1, domainNamespace); + String adminServerPodName = domain1Uid + "-adminserver"; + String managedServerPrefix = domain1Uid + "-managed-server"; - // create encryption secret - logger.info("Create encryption secret"); - String encryptionSecretName = "encryptionsecret"; - createSecretWithUsernamePassword(encryptionSecretName, domainNamespace, - "weblogicenc", "weblogicenc"); + createDomainAndVerify(domain1Uid, domainCR, domainNamespace, adminServerPodName, + managedServerPrefix, replicaCount); - //create domain1 and verify its running - createDomain(domainUid1, auxImage1, domainNamespace, domain1AdminSecretName, encryptionSecretName, - "cluster-1", domain1AdminServerPodName, domain1ManagedServerPrefix, t3ChannelPort1); + logger.info("domain1 CR\n{0}\n", Yaml.dump(domainCR)); - //create domain2 and verify its running - createDomain(domainUid2, auxImage2, domainNamespace, domain2AdminSecretName, encryptionSecretName, - "cluster-2", domain2AdminServerPodName, domain2ManagedServerPrefix, t3ChannelPort2); - } + //create the second domain using auxiliary image 2 + AuxiliaryImage image = domainCR.spec() + .configuration() + .model() + .getAuxiliaryImages().getFirst() + .image(miiAuxiliaryImage2).sourceModelHome("/auxiliary/models"); - private static void createDomain(String domainUid, String imageName, String domainNamespace, String - domainAdminSecretName, String encryptionSecretName, String clusterName, String adminServerPodName, - String managedServerPrefix, int t3ChannelPort) { + HashMap domain2Map = new HashMap<>(); + domain2Map.put("weblogic.domainUID", domain2Uid); + domainCR.metadata().name(domain2Uid) + .namespace(domainNamespace).labels(domain2Map); + + domainCR.spec() + .domainUid(domain2Uid) + .configuration() + .model() + .configMap(domain2cm) + .withAuxiliaryImages(List.of(image)); + + logger.info("domain2 CR\n{0}\n", Yaml.dump(domainCR)); - final String auxiliaryImagePath = "/auxiliary"; - //create domain resource with the auxiliary image - logger.info("Creating domain custom resource with domainUid {0} and auxiliary images {1}", - domainUid, imageName); - DomainResource domainCR = createDomainResourceWithAuxiliaryImage(domainUid, domainNamespace, - WEBLOGIC_IMAGE_TO_USE_IN_SPEC, domainAdminSecretName, createSecretsForImageRepos(domainNamespace), - encryptionSecretName, t3ChannelPort, auxiliaryImagePath, - imageName); - - domainCR = createClusterResourceAndAddReferenceToDomain( - domainUid + "-" + clusterName, clusterName, domainNamespace, domainCR, replicaCount); // create domain and verify its running - logger.info("Creating domain {0} with auxiliary images {1} {2} in namespace {3}", - domainUid, imageName, domainNamespace); - createDomainAndVerify(domainUid, domainCR, domainNamespace, - adminServerPodName, managedServerPrefix, replicaCount); + logger.info("Creating domain {0} with auxiliary image {1} in namespace {2}", + domain2Uid, miiAuxiliaryImage2, domainNamespace); + adminServerPodName = domain2Uid + "-adminserver"; + managedServerPrefix = domain2Uid + "-managed-server"; - } + createDomainAndVerify(domain2Uid, domainCR, domainNamespace, adminServerPodName, + managedServerPrefix, replicaCount); - private static DomainResource createDomainResourceWithAuxiliaryImage( - String domainResourceName, - String domNamespace, - String baseImageName, - String adminSecretName, - String[] repoSecretName, - String encryptionSecretName, - int t3ChannelPort, - String auxiliaryImagePath, - String... auxiliaryImageName) { - - DomainResource domainCR = createDomainResource( - domainResourceName, - domNamespace, - baseImageName, - adminSecretName, - repoSecretName, - encryptionSecretName, - replicaCount, - Collections.emptyList(), - false, - 0, - t3ChannelPort); - int index = 0; - for (String cmImageName: auxiliaryImageName) { - AuxiliaryImage auxImage = new AuxiliaryImage() - .image(cmImageName).imagePullPolicy(IMAGE_PULL_POLICY); - //Only add the sourceWDTInstallHome and sourceModelHome for the first aux image. - if (index == 0) { - auxImage.sourceWDTInstallHome(auxiliaryImagePath + "/weblogic-deploy") - .sourceModelHome(auxiliaryImagePath + "/models"); - } - domainCR.spec().configuration().model().withAuxiliaryImage(auxImage); - index++; - } - return domainCR; + //verify the cross domain transaction + checkCrossDomainTx(); } - private static DomainResource createDomainResource( - String domainResourceName, - String domNamespace, - String imageName, - String adminSecretName, - String[] repoSecretName, - String encryptionSecretName, - int replicaCount, - List clusterNames, - boolean prefixDomainName, - int nodePort, - int t3ChannelPort) { - - // create secrets - List secrets = new ArrayList<>(); - for (String secret : repoSecretName) { - secrets.add(new V1LocalObjectReference().name(secret)); - } - - // create the domain CR - DomainResource domain = new DomainResource() - .apiVersion(DOMAIN_API_VERSION) - .kind("Domain") - .metadata(new io.kubernetes.client.openapi.models.V1ObjectMeta() - .name(domainResourceName) - .namespace(domNamespace)) - .spec(new oracle.weblogic.domain.DomainSpec() - .domainUid(domainResourceName) - .domainHomeSourceType("FromModel") - .image(imageName) - .imagePullPolicy(IMAGE_PULL_POLICY) - .webLogicCredentialsSecret(new V1LocalObjectReference() - .name(adminSecretName)) - .includeServerOutInPodLog(true) - .serverStartPolicy("IfNeeded") - .serverPod(new oracle.weblogic.domain.ServerPod() - .addEnvItem(new V1EnvVar() - .name("JAVA_OPTIONS") - .value("-Dweblogic.security.SSL.ignoreHostnameVerification=true")) - .addEnvItem(new io.kubernetes.client.openapi.models.V1EnvVar() - .name("JAVA_OPTIONS") - .value("-Dweblogic.StdoutDebugEnabled=false")) - .addEnvItem(new io.kubernetes.client.openapi.models.V1EnvVar() - .name("USER_MEM_ARGS") - .value("-Djava.security.egd=file:/dev/./urandom "))) - .adminServer(new oracle.weblogic.domain.AdminServer() - .adminService(new oracle.weblogic.domain.AdminService() - .addChannelsItem(new oracle.weblogic.domain.Channel() - .channelName("default") - .nodePort(nodePort)) - .addChannelsItem(new Channel() - .channelName("T3Channel") - .nodePort(t3ChannelPort)))) - .configuration(new oracle.weblogic.domain.Configuration() - .model(new oracle.weblogic.domain.Model() - .domainType("WLS") - .runtimeEncryptionSecret(encryptionSecretName)) - .introspectorJobActiveDeadlineSeconds(3000L))); - - domain.spec().setImagePullSecrets(secrets); - - ClusterList clusters = Cluster.listClusterCustomResources(domNamespace); - - if (clusterNames != null) { - for (String clusterName : clusterNames) { - String clusterResName = prefixDomainName ? domainResourceName + "-" + clusterName : clusterName; - if (clusters.getItems().stream().anyMatch(cluster -> cluster.getClusterName().equals(clusterResName))) { - getLogger().info("!!!Cluster {0} in namespace {1} already exists, skipping...", clusterResName, domNamespace); - } else { - getLogger().info("Creating cluster {0} in namespace {1}", clusterResName, domNamespace); - ClusterSpec spec = - new ClusterSpec().withClusterName(clusterName).replicas(replicaCount).serverStartPolicy("IfNeeded"); - createClusterAndVerify(createClusterResource(clusterResName, domNamespace, spec)); - } - // set cluster references - domain.getSpec().withCluster(new V1LocalObjectReference().name(clusterResName)); + /** + * Cleanup images. + */ + public void tearDownAll() { + if (!SKIP_CLEANUP) { + // delete images + for (String image : List.of(miiAuxiliaryImage1, miiAuxiliaryImage2)) { + deleteImage(image); } } - - setPodAntiAffinity(domain); - return domain; } - private String getCurlResult(String curlCmd) { - ExecResult result = null; - try { - result = ExecCommand.exec(curlCmd, true); - } catch (Exception e) { - logger.info("Got exception while running command: {0}", curlCmd); - logger.info(e.toString()); + /** + * Copies the JmsCliennt and shell script to run the clients to the admin pod and verifies the transactions. + * + * @throws IOException when file copying to pod fails. + */ + private void checkCrossDomainTx() throws IOException { + Path jmsClientSrc = Paths.get(RESOURCE_DIR, "customstore", "JmsClient.java"); + Path jmsClientDst = Paths.get(storeDir, "JmsClient.java"); + Path shellScriptSrc = Paths.get(RESOURCE_DIR, "customstore", "runtest.sh"); + Path shellScriptDst = Paths.get("/u01", "domains", "runtest.sh"); + String expectedResult = "All expected strings were found in the log"; + + if (!WEBLOGIC_IMAGE_TO_USE_IN_SPEC.contains("15")) { + Files.copy(jmsClientSrc, jmsClientDst, StandardCopyOption.REPLACE_EXISTING); + replaceStringInFile(jmsClientDst.toString(), "jakarta", "javax"); + } else { + Files.copy(jmsClientSrc, jmsClientDst, StandardCopyOption.REPLACE_EXISTING); } - if (result != null) { - logger.info("result.stderr: \n{0}", result.stderr()); + String adminServerPodName = domain1Uid + "-adminserver"; + Path destLocationInPod = Paths.get("/u01", "domains", "JmsClient.java"); + assertDoesNotThrow(() -> copyFileToPod(domainNamespace, + adminServerPodName, "weblogic-server", + jmsClientDst, + destLocationInPod + )); + assertDoesNotThrow(() -> copyFileToPod(domainNamespace, + adminServerPodName, "weblogic-server", + shellScriptSrc, + shellScriptDst + )); + assertTrue(runClientInsidePodVerifyResult(adminServerPodName, domainNamespace, + shellScriptDst, expectedResult, "t3", "8001"), "unsecure transactiuon didn't go through"); + if (!WEBLOGIC_IMAGE_TO_USE_IN_SPEC.contains("12.2")) { + assertTrue(runClientInsidePodVerifyResult(adminServerPodName, domainNamespace, + shellScriptDst, expectedResult, "t3s", "6000"), "secure transactiuon didn't go through"); } - return result.stdout(); } - private static void createNginxIngressPathRoutingRules() { - // create an ingress in domain namespace - final int ADMIN_SERVER_PORT = 7001; - String ingressName = domainNamespace + "-nginx-path-routing"; - String ingressClassName = nginxHelmParams.getIngressClassName(); - - // create ingress rules for two domains - List ingressRules = new ArrayList<>(); - List httpIngressPaths = new ArrayList<>(); - - V1HTTPIngressPath httpIngressPath = new V1HTTPIngressPath() - .path("/") - .pathType("Prefix") - .backend(new V1IngressBackend() - .service(new V1IngressServiceBackend() - .name(domainUid1 + "-admin-server") - .port(new V1ServiceBackendPort() - .number(ADMIN_SERVER_PORT))) - ); - httpIngressPaths.add(httpIngressPath); - - V1IngressRule ingressRule = new V1IngressRule() - .host("") - .http(new V1HTTPIngressRuleValue() - .paths(httpIngressPaths)); - - ingressRules.add(ingressRule); - - createIngressAndRetryIfFail(60, false, ingressName, domainNamespace, null, ingressClassName, ingressRules, null); - - // check the ingress was found in the domain namespace - assertThat(assertDoesNotThrow(() -> listIngresses(domainNamespace))) - .as(String.format("Test ingress %s was found in namespace %s", ingressName, domainNamespace)) - .withFailMessage(String.format("Ingress %s was not found in namespace %s", ingressName, domainNamespace)) - .contains(ingressName); - - logger.info("ingress {0} was created in namespace {1}", ingressName, domainNamespace); - - // check the ingress is ready to route the app to the server pod - String nginxServiceName = nginxHelmParams.getHelmParams().getReleaseName() + "-ingress-nginx-controller"; - nginxNodePort = assertDoesNotThrow(() -> Service.getServiceNodePort(nginxNamespace, nginxServiceName, "http"), - "Getting Nginx loadbalancer service node port failed"); - - String hostAndPort = getServiceExtIPAddrtOke(nginxServiceName, nginxNamespace) != null - ? getServiceExtIPAddrtOke(nginxServiceName, nginxNamespace) : K8S_NODEPORT_HOST + ":" + nginxNodePort; - - String curlCmd = "curl -g --silent --show-error --noproxy '*' http://" + hostAndPort - + "/weblogic/ready --write-out %{http_code} -o /dev/null"; - if (OKE_CLUSTER) { - try { - if (!callWebAppAndWaitTillReady(curlCmd, 60)) { - ExecResult result = ExecCommand.exec(KUBERNETES_CLI + " get all -A"); - logger.info(result.stdout()); - //restart core-dns service - result = ExecCommand.exec(KUBERNETES_CLI + " rollout restart deployment coredns -n kube-system"); - logger.info(result.stdout()); - checkPodReady("core-dns", null, "kube-system"); - result = ExecCommand.exec(curlCmd); - logger.info(result.stdout()); - } - } catch (Exception ex) { - logger.warning(ex.getLocalizedMessage()); - } + /** + * Run the script inside the admin server pod. + * + * @param podName name of the pod in which to run the command + * @param namespace namespace in which pod is running + * @param shellScript the shell script to run inside the pod + * @param expectedResult expected string from the script + * @param args arguments to the shell script + * @return true if script return 0 + */ + private static boolean runClientInsidePodVerifyResult(String podName, String namespace, + Path shellScript, String expectedResult, String... args) { + final LoggingFacade logger = getLogger(); + StringBuilder shellCmd = new StringBuilder(KUBERNETES_CLI + " exec -n "); + shellCmd.append(namespace); + shellCmd.append(" -it "); + shellCmd.append(" -c weblogic-server "); + shellCmd.append(podName); + shellCmd.append(" -- /bin/bash -c \""); + shellCmd.append(" "); + shellCmd.append("chmod +x " + shellScript + ";"); + shellCmd.append(shellScript); + shellCmd.append(" "); + for (String arg : args) { + shellCmd.append(arg).append(" "); } + shellCmd.append(" \""); + logger.info("shell command to be run {0}", shellCmd.toString()); - logger.info("Executing curl command {0}", curlCmd); - assertTrue(callWebAppAndWaitTillReady(curlCmd, 60)); - } - - // Create and display SSL certificate and key using openSSL with SAN extension - private static void createCertKeyFiles(String cn) { - - Map sanConfigTemplateMap = new HashMap<>(); - sanConfigTemplateMap.put("INGRESS_HOST", hostAddress); - - Path srcFile = Paths.get(RESOURCE_DIR, - "tunneling", "san.config.template.txt"); - Path targetFile = assertDoesNotThrow( - () -> generateFileFromTemplate(srcFile.toString(), - "san.config.txt", sanConfigTemplateMap)); - logger.info("Generated SAN config file {0}", targetFile); - - tlsKeyFile = Paths.get(RESULTS_ROOT, domainNamespace + "-tls.key"); - tlsCertFile = Paths.get(RESULTS_ROOT, domainNamespace + "-tls.cert"); - String opcmd = "openssl req -x509 -nodes -days 365 -newkey rsa:2048 " - + "-keyout " + tlsKeyFile + " -out " + tlsCertFile - + " -subj \"/CN=" + cn + "\" -extensions san" - + " -config " + Paths.get(RESULTS_ROOT, "san.config.txt"); - assertTrue( - Command.withParams(new CommandParams() - .command(opcmd)).execute(), "openssl req command fails"); - - String opcmd2 = "openssl x509 -in " + tlsCertFile + " -noout -text "; - assertTrue( - Command.withParams(new CommandParams() - .command(opcmd2)).execute(), "openssl list command fails"); + ExecResult result = assertDoesNotThrow(() -> exec(shellCmd.toString(), true)); + logger.info("command returned {0}", result.toString()); + logger.info("command returned EXIT value {0}", result.exitValue()); + return ((result.exitValue() == 0 && result.stdout().contains(expectedResult))); } - // Import the certificate into a JKS TrustStore to be used while running - // external JMS client to send message to WebLogic. - private static void importKeytoTrustStore() { - - jksTrustFile = Paths.get(RESULTS_ROOT, domainNamespace + "-trust.jks"); - String keycmd = "keytool -import -file " + tlsCertFile - + " --keystore " + jksTrustFile - + " -storetype jks -storepass password -noprompt "; - assertTrue( - Command.withParams(new CommandParams() - .command(keycmd)).execute(), "keytool import command fails"); - - String keycmd2 = "keytool -list -keystore " + jksTrustFile - + " -storepass password -noprompt"; - assertTrue( - Command.withParams(new CommandParams() - .command(keycmd2)).execute(), "keytool list command fails"); - } - - // Create kubernetes secret from the ssl key and certificate - private static void createSecretWithTLSCertKey(String tlsSecretName) { - String kcmd = KUBERNETES_CLI + " create secret tls " + tlsSecretName + " --key " - + tlsKeyFile + " --cert " + tlsCertFile + " -n " + domainNamespace; - assertTrue( - Command.withParams(new CommandParams() - .command(kcmd)).execute(), KUBERNETES_CLI + " create secret command fails"); - } - - } diff --git a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItDBOperator.java b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItDBOperator.java index 995fce0a56a1..29c723442ad0 100644 --- a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItDBOperator.java +++ b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItDBOperator.java @@ -15,6 +15,7 @@ import io.kubernetes.client.openapi.models.V1LocalObjectReference; import oracle.weblogic.domain.ClusterResource; import oracle.weblogic.domain.DomainResource; +import oracle.weblogic.kubernetes.actions.TestActions; import oracle.weblogic.kubernetes.actions.impl.TraefikParams; import oracle.weblogic.kubernetes.actions.impl.primitive.Command; import oracle.weblogic.kubernetes.actions.impl.primitive.CommandParams; @@ -54,6 +55,7 @@ import static oracle.weblogic.kubernetes.actions.TestActions.execCommand; import static oracle.weblogic.kubernetes.actions.TestActions.patchDomainCustomResource; import static oracle.weblogic.kubernetes.actions.TestActions.scaleCluster; +import static oracle.weblogic.kubernetes.actions.TestActions.startDomain; import static oracle.weblogic.kubernetes.actions.TestActions.uninstallTraefik; import static oracle.weblogic.kubernetes.actions.impl.primitive.Command.defaultCommandParams; import static oracle.weblogic.kubernetes.assertions.TestAssertions.domainExists; @@ -65,6 +67,7 @@ import static oracle.weblogic.kubernetes.utils.CommonMiiTestUtils.createJobToChangePermissionsOnPvHostPath; import static oracle.weblogic.kubernetes.utils.CommonMiiTestUtils.readRuntimeResource; import static oracle.weblogic.kubernetes.utils.CommonTestUtils.checkPodReadyAndServiceExists; +import static oracle.weblogic.kubernetes.utils.CommonTestUtils.checkServiceExists; import static oracle.weblogic.kubernetes.utils.CommonTestUtils.createIngressHostRouting; import static oracle.weblogic.kubernetes.utils.CommonTestUtils.getUniqueName; import static oracle.weblogic.kubernetes.utils.CommonTestUtils.runClientInsidePod; @@ -91,6 +94,7 @@ import static oracle.weblogic.kubernetes.utils.PersistentVolumeUtils.createPVC; import static oracle.weblogic.kubernetes.utils.PodUtils.checkPodDeleted; import static oracle.weblogic.kubernetes.utils.PodUtils.checkPodDoesNotExist; +import static oracle.weblogic.kubernetes.utils.PodUtils.checkPodReady; import static oracle.weblogic.kubernetes.utils.PodUtils.getExternalServicePodName; import static oracle.weblogic.kubernetes.utils.SecretUtils.createOpsswalletpasswordSecret; import static oracle.weblogic.kubernetes.utils.SecretUtils.createSecretWithUsernamePassword; @@ -505,10 +509,7 @@ private void testMiiJmsJtaServiceMigration() { "ClusterJmsServer@managed-server2@jms.testUniformQueue"); runJmsClientOnAdminPod("receive", "JdbcJmsServer@managed-server2@jms.jdbcUniformQueue"); - - // Restart the managed server(2) to make sure the JTA Recovery Service is - // migrated back to original hosting server - restartManagedServer("managed-server2"); + restartDomain(); assertTrue(checkJtaRecoveryServiceRuntime("managed-server2", "managed-server2", "true"), "JTARecoveryService@managed-server2 is not on managed-server2 after restart"); @@ -549,6 +550,43 @@ public void tearDownAll() throws ApiException { } } + //restart pods by manipulating the serverStartPolicy to Never and IfNeeded + private void restartDomain() { + logger.info("Restarting domain {0}", wlsDomainNamespace); + TestActions.shutdownDomain(wlsDomainUid, wlsDomainNamespace); + + logger.info("Checking for admin server pod shutdown"); + checkPodDoesNotExist(wlsAdminServerPodName, wlsDomainUid, wlsDomainNamespace); + logger.info("Checking managed server pods were shutdown"); + for (int i = 1; i <= replicaCount; i++) { + checkPodDoesNotExist(wlsManagedServerPrefix + i, wlsDomainUid, wlsDomainNamespace); + } + + startDomain(wlsDomainUid, wlsDomainNamespace); + boolean psuccess = scaleCluster(wlsClusterResName, wlsDomainNamespace, 2); + assertTrue(psuccess, + String.format("Cluster replica patching failed for domain %s in namespace %s", + wlsDomainUid, wlsDomainNamespace)); + + // verify the admin server service created + checkServiceExists(wlsAdminServerPodName, wlsDomainNamespace); + + logger.info("Checking for admin server pod readiness"); + checkPodReady(wlsAdminServerPodName, wlsDomainUid, wlsDomainNamespace); + + // verify managed server services created + for (int i = 1; i <= replicaCount; i++) { + logger.info("Checking managed server service {0} is created in namespace {1}", + wlsManagedServerPrefix + i, wlsDomainNamespace); + checkServiceExists(wlsManagedServerPrefix + i, wlsDomainNamespace); + } + + logger.info("Checking for managed servers pod readiness"); + for (int i = 1; i <= replicaCount; i++) { + checkPodReady(wlsManagedServerPrefix + i, wlsDomainUid, wlsDomainNamespace); + } + } + // Restart the managed-server private void restartManagedServer(String serverName) { String commonParameters = " -d " + wlsDomainUid + " -n " + wlsDomainNamespace; diff --git a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItServerStartPolicy.java b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItServerStartPolicy.java index a8b13a82fec9..52fa141dc752 100644 --- a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItServerStartPolicy.java +++ b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItServerStartPolicy.java @@ -137,12 +137,10 @@ public void beforeEach() { "Could not find managed server from configured cluster"); logger.info("Found managed server from configured cluster"); - // Check standalone server configuration is available - boolean isStandaloneServerConfigured = - checkManagedServerConfiguration("standalone-managed", domainNamespace, adminServerPodName); - assertTrue(isStandaloneServerConfigured, - "Could not find standalone managed server from configured cluster"); - logger.info("Found standalone managed server configuration"); + logger.info("Check standalone managed service/pod {0} is created in namespace {1}", + domainUid + "-standalone-managed", domainNamespace); + checkPodReadyAndServiceExists(domainUid + "-standalone-managed", + domainUid, domainNamespace); } /** diff --git a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItSystemResOverrides.java b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItSystemResOverrides.java index 7f3b9aff6267..f05e62233b3d 100644 --- a/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItSystemResOverrides.java +++ b/integration-tests/src/test/java/oracle/weblogic/kubernetes/ItSystemResOverrides.java @@ -692,8 +692,9 @@ private static void downloadAndInstallWDT() throws IOException { String wdtUrl = getActualLocationIfNeeded(WDT_DOWNLOAD_URL, WDT); - Path destLocation = Path.of(DOWNLOAD_DIR, "wdt", "weblogic-deploy.zip"); - encryptModelScript = Path.of(DOWNLOAD_DIR, "wdt", "weblogic-deploy", "bin", "encryptModel.sh"); + Path destLocation = Path.of(DOWNLOAD_DIR, "sysresoverride", "wdt", "weblogic-deploy.zip"); + encryptModelScript = Path.of(DOWNLOAD_DIR, "sysresoverride", + "wdt", "weblogic-deploy", "bin", "encryptModel.sh"); if (!Files.exists(destLocation) && !Files.exists(encryptModelScript)) { logger.info("Downloading WDT from {0} to {1}", wdtUrl, destLocation); Files.createDirectories(destLocation.getParent()); diff --git a/integration-tests/src/test/java/oracle/weblogic/kubernetes/TestConstants.java b/integration-tests/src/test/java/oracle/weblogic/kubernetes/TestConstants.java index b7cabc0069fa..a4dd4716c3fb 100644 --- a/integration-tests/src/test/java/oracle/weblogic/kubernetes/TestConstants.java +++ b/integration-tests/src/test/java/oracle/weblogic/kubernetes/TestConstants.java @@ -484,8 +484,8 @@ public interface TestConstants { public static final boolean INSTALL_WEBLOGIC = Boolean.valueOf((getNonEmptySystemProperty("wko.it.install.weblogic", "false"))); - public static final String WEBLOGIC_SHIPHOME = getNonEmptySystemProperty("wko.it.wls.shiphome", - "https://home.us.oracle.com/results/release/src141200/fmw_14.1.2.0.0_wls_generic.jar"); + public static final String WEBLOGIC_SHIPHOME = System.getenv("WLS_INSTALLERS_BASE_URL") + + "/results/published/pub/loads/141200/latest/release/src141200/fmw_14.1.2.0.0_wls_generic.jar"; public static final String ORACLE_OPERATOR_NS = "ns-oracle-operator"; diff --git a/integration-tests/src/test/java/oracle/weblogic/kubernetes/actions/impl/WDTArchiveHelper.java b/integration-tests/src/test/java/oracle/weblogic/kubernetes/actions/impl/WDTArchiveHelper.java index 01b866585160..c200a93e97cd 100644 --- a/integration-tests/src/test/java/oracle/weblogic/kubernetes/actions/impl/WDTArchiveHelper.java +++ b/integration-tests/src/test/java/oracle/weblogic/kubernetes/actions/impl/WDTArchiveHelper.java @@ -27,16 +27,16 @@ import static org.junit.jupiter.api.Assertions.assertTrue; /** - * Implementation of actions that createArchive an application archive file. + * Implementation of actions that createArchive an application archive file. */ - public class WDTArchiveHelper { - + private AppParams params; /** * Create an AppParams instance with the default values. - * @return an AppParams instance + * + * @return an AppParams instance */ public static AppParams defaultAppParams() { return new AppParams().defaults(); @@ -44,6 +44,7 @@ public static AppParams defaultAppParams() { /** * Create an AppParams instance with the custom values. + * * @return an AppParams instance */ public static AppParams customAppParams(List srcDirList) { @@ -52,9 +53,9 @@ public static AppParams customAppParams(List srcDirList) { /** * Set up the AppBuilder with given parameters. - * + * * @param params instance of {@link AppParams} that contains parameters to createArchive an application archive - * @return the AppBuilder instance + * @return the AppBuilder instance */ public static WDTArchiveHelper withParams(AppParams params) { return new WDTArchiveHelper().params(params); @@ -82,10 +83,10 @@ public boolean createArchive(boolean structuredApplication) throws IOException { checkDirectory(archiveSrcDir); for (String item : params.srcDirList()) { copyFolder( - APP_DIR + "/" + item, + APP_DIR + "/" + item, archiveSrcDir); } - } catch (IOException ioe) { + } catch (IOException ioe) { getLogger().severe("Failed to get the directory " + archiveSrcDir + " ready", ioe); return false; } @@ -100,7 +101,7 @@ public boolean createArchive(boolean structuredApplication) throws IOException { String jarPath = String.format("%s.ear", params.appName()); jarBuilt = buildJarArchive(jarPath, archiveSrcDir); } - + // createArchive a zip file that can be passed to WIT String zipPath = String.format("%s/%s.zip", params.appArchiveDir(), params.appName()); boolean zipBuilt = buildZipArchive(zipPath, params.appArchiveDir()); @@ -132,19 +133,57 @@ public boolean addToArchive() throws IOException { return createArchive(); } } - + /** * Build an application archive using a pre-populated AppParams instance. - * @return true if the command succeeds + * + * @return true if the command succeeds * @throws java.io.IOException when WDT download fails */ - public boolean createArchiveWithStructuredApplication() throws IOException { - return createArchive(true); + public boolean createArchiveWithStructuredApplication(String archiveName) throws IOException { + // check and install WDT + checkAndInstallWDT(); + // make sure that we always have an app name + if (params.appName() == null) { + getLogger().info("Appname is not set, setting it to app src dir name"); + params.appName(params.srcDirList().get(0)); + } + String archiveSrcDir = params.appArchiveDir() + + "/wlsdeploy/applications/" + params.appName(); + // prepare the archive directory and copy over the app src + try { + cleanupDirectory(archiveSrcDir); + checkDirectory(archiveSrcDir); + for (String item : params.srcDirList()) { + getLogger().info("Copying {0} to {1}", item, archiveSrcDir); + copyFolder( + item, + archiveSrcDir); + } + } catch (IOException ioe) { + getLogger().severe("Failed to get the directory " + archiveSrcDir + " ready", ioe); + return false; + } + + // createArchive a zip file that can be passed to WIT + String zipPath = String.format("%s/%s.zip", params.appArchiveDir(), archiveName); + String cmd = String.format( + archiveHelperScript + " add structuredApplication" + + " -archive_file %s" + + " -source %s ", + zipPath, + archiveSrcDir); + return Command.withParams( + defaultCommandParams() + .command(cmd) + .verbose(true) + .redirect(false)) + .execute(); } - /** * Build an application archive using a pre-populated AppParams instance. + * * @return true if the command succeeds */ public boolean buildCoherence() { @@ -172,7 +211,7 @@ public boolean buildCoherence() { String jarPath = String.format("%s.gar", params.appName()); jarBuilt = buildJarArchive(jarPath, archiveSrcDir); } else if (params.appName().contains("CoherenceApp")) { - String [] appTypes = {"ear", "gar"}; + String[] appTypes = {"ear", "gar"}; try { for (String appType : appTypes) { String appSrcDir = String.format("%s/%s/u01/application/builddir/%s.%s", @@ -205,14 +244,14 @@ public boolean buildCoherence() { * @param srcDir source directory */ private boolean buildJarArchive( - String jarPath, + String jarPath, String srcDir ) { String cmd = String.format("cd %s; jar -cfM %s . ", srcDir, jarPath); return Command.withParams( - defaultCommandParams() + defaultCommandParams() .command(cmd) .redirect(false)) .execute(); @@ -225,7 +264,7 @@ private boolean buildJarArchive( * @param srcDir source directory */ public boolean buildZipArchive( - String zipPath, + String zipPath, String srcDir ) { @@ -251,6 +290,64 @@ public boolean buildZipArchive( .execute(); } + /** + * Build a zip archive that includes an ear file in the srcDir. + * + * @param zipPath zip file path for the resulting archive + * @param serverName server name + * @param source source directory + */ + public boolean addServerKeystore( + String zipPath, + String serverName, + String source + ) { + + String cmd = String.format( + archiveHelperScript + " add serverKeystore" + + " -archive_file %s" + + " -server_name %s" + + " -source %s ", + zipPath, + serverName, + source); + + return Command.withParams( + defaultCommandParams() + .command(cmd) + .verbose(true) + .redirect(false)) + .execute(); + } + + /** + * Build a zip archive that includes an ear file in the srcDir. + * + * @param zipPath zip file path for the resulting archive + * @param source source directory + */ + public boolean addCustom( + String zipPath, + String source + ) { + + String cmd = String.format( + archiveHelperScript + " add custom" + + " -archive_file %s" + + "-path patch" + + "-use_non_replicable_location" + + " -source %s ", + zipPath, + source); + + return Command.withParams( + defaultCommandParams() + .command(cmd) + .verbose(true) + .redirect(false)) + .execute(); + } + /** * Build a zip archive that includes coh-proxy-server.gar in the srcDir. * @@ -272,27 +369,27 @@ public boolean buildCoherenceZipArchive(String zipPath, String srcDir) { if (params.appName().contains("CoherenceApp")) { cmd = String.format( - "cd %s ; zip -r %s.zip wlsdeploy/applications ", - params.appArchiveDir(), - params.appName() + "cd %s ; zip -r %s.zip wlsdeploy/applications ", + params.appArchiveDir(), + params.appName() ); } return Command.withParams( - defaultCommandParams() - .command(cmd) - .redirect(false)) - .execute(); + defaultCommandParams() + .command(cmd) + .redirect(false)) + .execute(); } /** - * Archive an application from provided ear or war file that can be used by WebLogic Image Tool - * to create an image with the application for a model-in-image use case. + * Archive an application from provided ear or war file that can be used by WebLogic Image Tool to create an image + * with the application for a model-in-image use case. * * @return true if the operation succeeds */ public boolean archiveApp() { - List srcFiles = params.srcDirList(); + List srcFiles = params.srcDirList(); String srcFile = srcFiles.get(0); String appName = srcFile.substring(srcFile.lastIndexOf("/") + 1, srcFile.lastIndexOf(".")); params.appName(appName); @@ -306,7 +403,7 @@ public boolean archiveApp() { getLogger().info("copy {0} to {1} ", appSrcFile, archiveSrcDir); String fileName = appSrcFile.substring(appSrcFile.lastIndexOf("/") + 1); Files.copy(Paths.get(appSrcFile), Paths.get(archiveSrcDir + "/" + fileName), - StandardCopyOption.REPLACE_EXISTING); + StandardCopyOption.REPLACE_EXISTING); } } } catch (IOException ioe) { @@ -315,18 +412,18 @@ public boolean archiveApp() { } String cmd = String.format( - "cd %s ; zip -r %s.zip wlsdeploy/applications ", - params.appArchiveDir(), - appName + "cd %s ; zip -r %s.zip wlsdeploy/applications ", + params.appArchiveDir(), + appName ); return Command.withParams( - defaultCommandParams() - .command(cmd) - .redirect(false)) - .execute(); + defaultCommandParams() + .command(cmd) + .redirect(false)) + .execute(); } - + static Path archiveHelperScript = Path.of(DOWNLOAD_DIR, "wdt", "weblogic-deploy", "bin", "archiveHelper.sh"); private static void downloadAndInstallWDT() throws IOException { diff --git a/integration-tests/src/test/java/oracle/weblogic/kubernetes/utils/CommonMiiTestUtils.java b/integration-tests/src/test/java/oracle/weblogic/kubernetes/utils/CommonMiiTestUtils.java index b03d99832a71..828a9e0fd6cb 100644 --- a/integration-tests/src/test/java/oracle/weblogic/kubernetes/utils/CommonMiiTestUtils.java +++ b/integration-tests/src/test/java/oracle/weblogic/kubernetes/utils/CommonMiiTestUtils.java @@ -498,10 +498,15 @@ public static DomainResource createDomainResource( .serverPod(new oracle.weblogic.domain.ServerPod() .addEnvItem(new V1EnvVar() .name("JAVA_OPTIONS") - .value("-Dweblogic.security.SSL.ignoreHostnameVerification=true")) + .value("-Djavax.net.debug=ssl -Dweblogic.security.SSL.ignoreHostnameVerification=true " + + "-Dweblogic.debug.DebugSecuritySSL=true")) + .addEnvItem(new V1EnvVar() + .name("XJAVA_OPTIONS") + .value("-Djavax.net.debug=ssl -Dweblogic.security.SSL.ignoreHostnameVerification=true " + + "-Dweblogic.debug.DebugSecuritySSL=true")) .addEnvItem(new io.kubernetes.client.openapi.models.V1EnvVar() .name("JAVA_OPTIONS") - .value("-Dweblogic.StdoutDebugEnabled=false")) + .value("-Dweblogic.StdoutDebugEnabled=true")) .addEnvItem(new io.kubernetes.client.openapi.models.V1EnvVar() .name("USER_MEM_ARGS") .value("-Djava.security.egd=file:/dev/./urandom "))) diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/WEB-INF/web.xml b/integration-tests/src/test/resources/apps/jakartawebapp/WEB-INF/web.xml new file mode 100644 index 000000000000..927940d91f7e --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/WEB-INF/web.xml @@ -0,0 +1,6 @@ + + + diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/WEB-INF/weblogic.xml b/integration-tests/src/test/resources/apps/jakartawebapp/WEB-INF/weblogic.xml new file mode 100644 index 000000000000..9b9d90c60fcf --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/WEB-INF/weblogic.xml @@ -0,0 +1,3 @@ + + + diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/dtx.jsp b/integration-tests/src/test/resources/apps/jakartawebapp/dtx.jsp new file mode 100644 index 000000000000..1c4326fa0764 --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/dtx.jsp @@ -0,0 +1,93 @@ +<%@ page import="java.io.IOException" %> +<%@ page import="java.util.Hashtable" %> +<%@ page import="javax.naming.Context" %> +<%@ page import="javax.naming.InitialContext" %> +<%@ page import="javax.naming.NamingException" %> +<%@ page import="jakarta.servlet.ServletException" %> +<%@ page import="jakarta.servlet.annotation.WebServlet" %> +<%@ page import="jakarta.servlet.http.HttpServlet" %> +<%@ page import="jakarta.servlet.http.HttpServletRequest" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.jms.Destination" %> +<%@ page import="jakarta.jms.ConnectionFactory" %> +<%@ page import="jakarta.jms.JMSContext" %> +<%@ page import="jakarta.jms.Message" %> +<%@ page import="jakarta.jms.JMSConsumer" %> +<%@ page import="jakarta.jms.QueueBrowser" %> +<%@ page import="weblogic.transaction.TransactionHelper" %> +<%@ page import="weblogic.transaction.TransactionManager" %> +<%@ page import="jakarta.transaction.UserTransaction" %> + +<% +try { + Context lctx = null; + Context rctx = null; + String remoteurl = request.getParameter("remoteurl"); + out.println("#### Remote URL is ["+remoteurl+"]"); + String action = request.getParameter("action"); + out.println("#### Transcation action ["+action+"]"); + + lctx = new InitialContext(); + out.println("(Local) Got JNDI Context successfully ["+lctx+"]"); + TransactionHelper tranhelp =TransactionHelper.getTransactionHelper(); + UserTransaction ut = tranhelp.getUserTransaction(); + + ConnectionFactory qcf= + (ConnectionFactory)lctx.lookup("weblogic.jms.XAConnectionFactory"); + out.println("(Local) JMS ConnectionFactory lookup successful"); + JMSContext context = qcf.createContext(); + out.println("(Local) JMS Context created successfully"); + Destination queue = (Destination)lctx.lookup("jms.admin.Queue"); + out.println("(Local) JMS Destination (jms.admin.Queue) lookup successful"); + + if ( ! action.equals("notx") ) { + out.println("Started a user transaction"); + ut.begin(); + } + + // Send message to local Destination + context.createProducer().send(queue, "Message to a Local Destination"); + out.println("Sent a message to Destination (jms.admin.Queue)"); + lctx.close(); + + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "weblogic.jndi.WLInitialContextFactory"); + env.put(Context.PROVIDER_URL, remoteurl); + // Remote anonymous RMI access via T3 not allowed + env.put(Context.SECURITY_PRINCIPAL, "weblogic"); + env.put(Context.SECURITY_CREDENTIALS, "welcome1"); + rctx = new InitialContext(env); + out.println("(Remote) Got JNDI Context successfully ["+rctx+"]"); + + ConnectionFactory qcf2= + (ConnectionFactory)rctx.lookup("jms.test.cluster.ConnectionFactory"); + out.println("(Remote) JMS ConnectionFactory lookup successful"); + JMSContext context2 = qcf2.createContext(); + out.println("(Remote) JMS Context created successfully"); + Destination queue2 = (Destination)rctx.lookup("jms.test.UniformQueue"); + out.println("(Remote) JMS Destination (jms.test.UniformQueue) lookup successful "); + + for (int i=0; i<10; i++) + context2.createProducer().send(queue2, "Message to a Remote Destination"); + out.println("Sent 10 messages to Destination (jms.test.UniformQueue)"); + rctx.close(); + + // Get the live context from Tx Coordinator before closing transaction + // Context ctx = new InitialContext(env); + if ( action.equals("commit") ) { + out.println(ut); + ut.commit(); + out.println("#### User Transation is committed"); + } else if ( action.equals("rollback")) { + out.println(ut); + ut.rollback(); + out.println("#### User Transation is rolled-back"); + } else { + out.println("#### Message sent w/o Transaction"); + } +} catch(Exception e) { + out.println("#### Got an Exception [" +e+"]"); +} +%> diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/index.jsp b/integration-tests/src/test/resources/apps/jakartawebapp/index.jsp new file mode 100644 index 000000000000..99aece291267 --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/index.jsp @@ -0,0 +1,3 @@ +<% + out.println("Hello World, you have reached server " + System.getProperty("weblogic.Name" )); +%> diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/index2.jsp b/integration-tests/src/test/resources/apps/jakartawebapp/index2.jsp new file mode 100644 index 000000000000..644abaaad643 --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/index2.jsp @@ -0,0 +1,33 @@ +<%@ page import="java.net.UnknownHostException" %> +<%@ page import="java.net.InetAddress" %> +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> +<%@page contentType="text/html" pageEncoding="UTF-8"%> + + + + + + + Test WebApp + + + <% + String hostname, serverAddress; + hostname = "error"; + serverAddress = "error"; + try { + InetAddress inetAddress; + inetAddress = InetAddress.getLocalHost(); + hostname = inetAddress.getHostName(); + serverAddress = inetAddress.toString(); + } catch (UnknownHostException e) { + + e.printStackTrace(); + } + %> + +
  • InetAddress: <%=serverAddress %> +
  • InetAddress.hostname: <%=hostname %> + + + diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/jms.jsp b/integration-tests/src/test/resources/apps/jakartawebapp/jms.jsp new file mode 100644 index 000000000000..a8c253deff84 --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/jms.jsp @@ -0,0 +1,76 @@ +<%@ page import="java.io.IOException" %> +<%@ page import="java.util.Hashtable" %> +<%@ page import="javax.naming.Context" %> +<%@ page import="javax.naming.InitialContext" %> +<%@ page import="javax.naming.NamingException" %> +<%@ page import="jakarta.servlet.ServletException" %> +<%@ page import="jakarta.servlet.annotation.WebServlet" %> +<%@ page import="jakarta.servlet.http.HttpServlet" %> +<%@ page import="jakarta.servlet.http.HttpServletRequest" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.jms.Destination" %> +<%@ page import="jakarta.jms.ConnectionFactory" %> +<%@ page import="jakarta.jms.JMSContext" %> +<%@ page import="jakarta.jms.Message" %> +<%@ page import="jakarta.jms.JMSConsumer" %> +<%@ page import="jakarta.jms.QueueBrowser" %> + +<% +try { + Context ctx = null; + + String remoteurl = request.getParameter("remoteurl"); + out.println("Remote URL is [" + remoteurl + "]"); + + String action = request.getParameter("action"); + out.println("action [" + action + "]"); + + String dest = request.getParameter("dest"); + out.println("Destination [" + dest + "]"); + + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "weblogic.jndi.WLInitialContextFactory"); + env.put(Context.PROVIDER_URL, remoteurl); + // Remote anonymous RMI access via T3 not allowed + env.put(Context.SECURITY_PRINCIPAL, "weblogic"); + env.put(Context.SECURITY_CREDENTIALS, "welcome1"); + ctx = new InitialContext(env); + out.println("Got Remote Context successfully"); + + // lookup JMS XAConnectionFactory + ConnectionFactory qcf= + (ConnectionFactory)ctx.lookup("weblogic.jms.XAConnectionFactory"); + out.println("JMS ConnectionFactory lookup Successful ..."); + + JMSContext context = qcf.createContext(); + out.println("JMS Context Created Successfully ..."); + Destination queue = (Destination)ctx.lookup(dest); + out.println("JMS Destination lookup Successful ..."); + + if ( action.equals("send") ) { + context.createProducer().send(queue, "Message to a Destination"); + out.println("Message sent to the JMS Destination"); + } + + if ( action.equals("recv") ) { + JMSConsumer consumer = (JMSConsumer) context.createConsumer(queue); + out.println("JMS Consumer Created Successfully .."); + Message msg=null; + int count = 0; + do { + msg = consumer.receiveNoWait(); + if ( msg != null ) { + // out.println("Message Drained ["+msg+"]"); + // out.println("Message Drained ["+msg.getBody(String.class)+"]"); + count++; + } + } while( msg != null); + out.println("Total Message(s) Received : " + count); + } + +} catch(Exception e) { + out.println("Got an Exception [" + e + "]"); +} +%> diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/remote.jsp b/integration-tests/src/test/resources/apps/jakartawebapp/remote.jsp new file mode 100644 index 000000000000..ffb5714cf5c7 --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/remote.jsp @@ -0,0 +1,50 @@ +<%@ page import="java.io.IOException" %> +<%@ page import="java.util.Hashtable" %> +<%@ page import="javax.naming.Context" %> +<%@ page import="javax.naming.InitialContext" %> +<%@ page import="javax.naming.NamingException" %> +<%@ page import="jakarta.servlet.ServletException" %> +<%@ page import="jakarta.servlet.annotation.WebServlet" %> +<%@ page import="jakarta.servlet.http.HttpServlet" %> +<%@ page import="jakarta.servlet.http.HttpServletRequest" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.jms.Destination" %> +<%@ page import="jakarta.jms.ConnectionFactory" %> +<%@ page import="jakarta.jms.JMSContext" %> +<%@ page import="jakarta.jms.Message" %> + +<% +try { + Context ctx = null; + + String remoteurl = request.getParameter("remoteurl"); + out.println("Remote URL is [" + remoteurl + "]"); + + String dest = request.getParameter("dest"); + out.println("Remote Destination action [" + dest + "]"); + + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "weblogic.jndi.WLInitialContextFactory"); + env.put(Context.PROVIDER_URL, remoteurl); + // Remote anonymous RMI access via T3 not allowed + env.put(Context.SECURITY_PRINCIPAL, "weblogic"); + env.put(Context.SECURITY_CREDENTIALS, "welcome1"); + ctx = new InitialContext(env); + out.println("Got Remote Context successfully [" +ctx+ "]" ); + + ConnectionFactory qcf= + (ConnectionFactory)ctx.lookup("weblogic.jms.ConnectionFactory"); + out.println("JMS ConnectionFactory lookup Successful"); + JMSContext context = qcf.createContext(); + out.println("JMS Context Created Successfully"); + Destination queue = (Destination)ctx.lookup(dest); + out.println("JMS Destination lookup Successful"); + context.createProducer().send(queue, "Message to a Destination"); + out.println("Text Message sent remote destination"); + context.clise() +} catch(Exception e) { + out.println("Got an Exception [" + e + "]"); +} +%> diff --git a/integration-tests/src/test/resources/apps/jakartawebapp/tx.jsp b/integration-tests/src/test/resources/apps/jakartawebapp/tx.jsp new file mode 100644 index 000000000000..f1e63aeb96df --- /dev/null +++ b/integration-tests/src/test/resources/apps/jakartawebapp/tx.jsp @@ -0,0 +1,94 @@ +<%@ page import="java.io.IOException" %> +<%@ page import="java.util.Hashtable" %> +<%@ page import="javax.naming.Context" %> +<%@ page import="javax.naming.InitialContext" %> +<%@ page import="javax.naming.NamingException" %> +<%@ page import="jakarta.servlet.ServletException" %> +<%@ page import="jakarta.servlet.annotation.WebServlet" %> +<%@ page import="jakarta.servlet.http.HttpServlet" %> +<%@ page import="jakarta.servlet.http.HttpServletRequest" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.servlet.http.HttpServletResponse" %> +<%@ page import="jakarta.jms.Destination" %> +<%@ page import="jakarta.jms.ConnectionFactory" %> +<%@ page import="jakarta.jms.JMSContext" %> +<%@ page import="jakarta.jms.Message" %> +<%@ page import="jakarta.jms.JMSConsumer" %> +<%@ page import="jakarta.jms.QueueBrowser" %> +<%@ page import="weblogic.transaction.TransactionHelper" %> +<%@ page import="weblogic.transaction.TransactionManager" %> +<%@ page import="jakarta.transaction.UserTransaction" %> + +<% +try { + Context lctx = null; + Context rctx = null; + + String remoteurl = request.getParameter("remoteurl"); + out.println("Remote URL is"); + out.println(remoteurl); + + String action = request.getParameter("action"); + out.println("Transcation action -->"); + out.println(request.getParameter("action")); + + lctx = new InitialContext(); + out.println("(Local) Got Context successfully"); + TransactionHelper tranhelp =TransactionHelper.getTransactionHelper(); + UserTransaction ut = tranhelp.getUserTransaction(); + + ConnectionFactory qcf= + (ConnectionFactory)lctx.lookup("weblogic.jms.XAConnectionFactory"); + out.println("(Local) JMS ConnectionFactory lookup Successful ..."); + JMSContext context = qcf.createContext(); + out.println("(Local) JMS Context Created Successfully ..."); + Destination queue = (Destination)lctx.lookup("jms.admin.Queue"); + out.println("(Local) Destination (jms.admin.adminQueue) lookup Successful"); + + ut.begin(); + + // Send message to local Destination + context.createProducer().send(queue, "Message to a Local Destination"); + lctx.close(); + + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "weblogic.jndi.WLInitialContextFactory"); + env.put(Context.PROVIDER_URL, remoteurl); + // Remote anonymous RMI access via T3 not allowed + env.put(Context.SECURITY_PRINCIPAL, "weblogic"); + env.put(Context.SECURITY_CREDENTIALS, "welcome1"); + rctx = new InitialContext(env); + out.println("(Remote) Got Context successfully"); + + // lookup JMS XAConnectionFactory + ConnectionFactory qcf2= + (ConnectionFactory)rctx.lookup("weblogic.jms.XAConnectionFactory"); + out.println("(Remote) JMS ConnectionFactory lookup Successful ..."); + + JMSContext context2 = qcf2.createContext(); + out.println("(Remote) JMS Context Created Successfully ..."); + Destination queue2 = (Destination)rctx.lookup("jms.admin.Queue"); + out.println("(Remote) Destination (jms.admin.adminQueue) lookup Successful"); + context2.createProducer().send(queue2, "Message to a Remote Destination"); + rctx.close(); + + out.println(ut); + + // Get the live context from Tx Coordinator before closing transaction + // Context ctx = new InitialContext(env); + + if ( action.equals("commit") ) { + ut.commit(); + out.println("### User Transation is committed"); + } else { + ut.rollback(); + out.println("### User Transation is rolled-back"); + + } + out.println("### Message sent w/o User Transation"); +} catch(Exception e) { + out.println(e); + out.println("Got an Exception"); +} +%> diff --git a/integration-tests/src/test/resources/apps/javaxwebapp/WEB-INF/web.xml b/integration-tests/src/test/resources/apps/javaxwebapp/WEB-INF/web.xml new file mode 100644 index 000000000000..74513a6c907e --- /dev/null +++ b/integration-tests/src/test/resources/apps/javaxwebapp/WEB-INF/web.xml @@ -0,0 +1,2 @@ + + diff --git a/integration-tests/src/test/resources/apps/javaxwebapp/WEB-INF/weblogic.xml b/integration-tests/src/test/resources/apps/javaxwebapp/WEB-INF/weblogic.xml new file mode 100644 index 000000000000..574b68c07d47 --- /dev/null +++ b/integration-tests/src/test/resources/apps/javaxwebapp/WEB-INF/weblogic.xml @@ -0,0 +1,3 @@ + + + diff --git a/integration-tests/src/test/resources/apps/javaxwebapp/dtx.jsp b/integration-tests/src/test/resources/apps/javaxwebapp/dtx.jsp new file mode 100644 index 000000000000..747a1db2c969 --- /dev/null +++ b/integration-tests/src/test/resources/apps/javaxwebapp/dtx.jsp @@ -0,0 +1,92 @@ +<%@ page import="java.io.IOException" %> +<%@ page import="java.util.Hashtable" %> +<%@ page import="javax.naming.Context" %> +<%@ page import="javax.naming.InitialContext" %> +<%@ page import="javax.naming.NamingException" %> +<%@ page import="javax.servlet.ServletException" %> +<%@ page import="javax.servlet.annotation.WebServlet" %> +<%@ page import="javax.servlet.http.HttpServlet" %> +<%@ page import="javax.servlet.http.HttpServletRequest" %> +<%@ page import="javax.servlet.http.HttpServletResponse" %> +<%@ page import="javax.servlet.http.HttpServletResponse" %> +<%@ page import="javax.jms.Destination" %> +<%@ page import="javax.jms.ConnectionFactory" %> +<%@ page import="javax.jms.JMSContext" %> +<%@ page import="javax.jms.Message" %> +<%@ page import="weblogic.transaction.TransactionHelper" %> +<%@ page import="weblogic.transaction.TransactionManager" %> +<%@ page import="javax.transaction.UserTransaction" %> + +<% +try { + Context lctx = null; + Context rctx = null; + String remoteurl = request.getParameter("remoteurl"); + out.println("#### Remote URL is ["+remoteurl+"]"); + String action = request.getParameter("action"); + out.println("#### Transcation action ["+action+"]"); + + lctx = new InitialContext(); + out.println("(Local) Got JNDI Context successfully ["+lctx+"]"); + TransactionHelper tranhelp =TransactionHelper.getTransactionHelper(); + UserTransaction ut = tranhelp.getUserTransaction(); + + ConnectionFactory qcf= + (ConnectionFactory)lctx.lookup("weblogic.jms.XAConnectionFactory"); + out.println("(Local) JMS ConnectionFactory lookup successful"); + JMSContext context = qcf.createContext(); + out.println("(Local) JMS Context created successfully ..."); + Destination queue = (Destination)lctx.lookup("jms.admin.Queue"); + out.println("(Local) JMS Destination (jms.admin.Queue) lookup successful"); + + if ( ! action.equals("notx") ) { + out.println("Started a user transaction"); + ut.begin(); + } + + // Send message to local Destination + context.createProducer().send(queue, "Message to a Local Destination"); + lctx.close(); + + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "weblogic.jndi.WLInitialContextFactory"); + env.put(Context.PROVIDER_URL, remoteurl); + // Remote anonymous RMI access via T3 not allowed + env.put(Context.SECURITY_PRINCIPAL, "weblogic"); + env.put(Context.SECURITY_CREDENTIALS, "welcome1"); + rctx = new InitialContext(env); + out.println("(Remote) Got JNDI Context successfully ["+rctx+"]"); + + ConnectionFactory qcf2= + (ConnectionFactory)rctx.lookup("jms.test.cluster.ConnectionFactory"); + out.println("(Remote) JMS ConnectionFactory lookup successful"); + + JMSContext context2 = qcf2.createContext(); + out.println("(Remote) JMS Context created successfully"); + Destination queue2 = (Destination)rctx.lookup("jms.test.UniformQueue"); + out.println("(Remote) JMS Destination (jms.test.UniformQueue) lookup successful"); + + for (int i=0; i<10; i++) + context2.createProducer().send(queue2, "Message to a Remote Destination"); + out.println("Sent 10 messages to Destination (jms.test.UniformQueue)"); + rctx.close(); + + // Get the live context from Tx Coordinator before closing transaction + // Context ctx = new InitialContext(env); + + if ( action.equals("commit") ) { + out.println(ut); + ut.commit(); + out.println("#### User Transation is committed"); + } else if ( action.equals("rollback")) { + out.println(ut); + ut.rollback(); + out.println("#### User Transation is rolled-back"); + } else { + out.println("#### Message sent w/o Transaction"); + } +} catch(Exception e) { + out.println("#### Got an Exception [" +e+"]"); +} +%> diff --git a/integration-tests/src/test/resources/apps/javaxwebapp/index.jsp b/integration-tests/src/test/resources/apps/javaxwebapp/index.jsp new file mode 100644 index 000000000000..99aece291267 --- /dev/null +++ b/integration-tests/src/test/resources/apps/javaxwebapp/index.jsp @@ -0,0 +1,3 @@ +<% + out.println("Hello World, you have reached server " + System.getProperty("weblogic.Name" )); +%> diff --git a/integration-tests/src/test/resources/apps/javaxwebapp/index2.jsp b/integration-tests/src/test/resources/apps/javaxwebapp/index2.jsp new file mode 100644 index 000000000000..644abaaad643 --- /dev/null +++ b/integration-tests/src/test/resources/apps/javaxwebapp/index2.jsp @@ -0,0 +1,33 @@ +<%@ page import="java.net.UnknownHostException" %> +<%@ page import="java.net.InetAddress" %> +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> +<%@page contentType="text/html" pageEncoding="UTF-8"%> + + + + + + + Test WebApp + + + <% + String hostname, serverAddress; + hostname = "error"; + serverAddress = "error"; + try { + InetAddress inetAddress; + inetAddress = InetAddress.getLocalHost(); + hostname = inetAddress.getHostName(); + serverAddress = inetAddress.toString(); + } catch (UnknownHostException e) { + + e.printStackTrace(); + } + %> + +
  • InetAddress: <%=serverAddress %> +
  • InetAddress.hostname: <%=hostname %> + + + diff --git a/integration-tests/src/test/resources/apps/javaxwebapp/jms.jsp b/integration-tests/src/test/resources/apps/javaxwebapp/jms.jsp new file mode 100644 index 000000000000..d5428f7b2835 --- /dev/null +++ b/integration-tests/src/test/resources/apps/javaxwebapp/jms.jsp @@ -0,0 +1,75 @@ +<%@ page import="java.io.IOException" %> +<%@ page import="java.util.Hashtable" %> +<%@ page import="javax.naming.Context" %> +<%@ page import="javax.naming.InitialContext" %> +<%@ page import="javax.naming.NamingException" %> +<%@ page import="javax.servlet.ServletException" %> +<%@ page import="javax.servlet.annotation.WebServlet" %> +<%@ page import="javax.servlet.http.HttpServlet" %> +<%@ page import="javax.servlet.http.HttpServletRequest" %> +<%@ page import="javax.servlet.http.HttpServletResponse" %> +<%@ page import="javax.servlet.http.HttpServletResponse" %> +<%@ page import="javax.jms.Destination" %> +<%@ page import="javax.jms.ConnectionFactory" %> +<%@ page import="javax.jms.JMSContext" %> +<%@ page import="javax.jms.Message" %> +<%@ page import="javax.jms.JMSConsumer" %> + +<% +try { + Context ctx = null; + + String remoteurl = request.getParameter("remoteurl"); + out.println("Remote URL is [" + remoteurl + "]"); + + String action = request.getParameter("action"); + out.println("action [" + action + "]"); + + String dest = request.getParameter("dest"); + out.println("Destination [" + dest + "]"); + + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "weblogic.jndi.WLInitialContextFactory"); + env.put(Context.PROVIDER_URL, remoteurl); + // Remote anonymous RMI access via T3 not allowed + env.put(Context.SECURITY_PRINCIPAL, "weblogic"); + env.put(Context.SECURITY_CREDENTIALS, "welcome1"); + ctx = new InitialContext(env); + out.println("Got Remote Context successfully"); + + // lookup JMS XAConnectionFactory + ConnectionFactory qcf= + (ConnectionFactory)ctx.lookup("weblogic.jms.XAConnectionFactory"); + out.println("JMS ConnectionFactory lookup Successful ..."); + + JMSContext context = qcf.createContext(); + out.println("JMS Context Created Successfully ..."); + Destination queue = (Destination)ctx.lookup(dest); + out.println("JMS Destination lookup Successful ..."); + + if ( action.equals("send") ) { + context.createProducer().send(queue, "Message to a Destination"); + out.println("Message sent to the JMS Destination"); + } + + if ( action.equals("recv") ) { + JMSConsumer consumer = (JMSConsumer) context.createConsumer(queue); + out.println("JMS Consumer Created Successfully .."); + Message msg=null; + int count = 0; + do { + msg = consumer.receiveNoWait(); + if ( msg != null ) { + // out.println("Message Drained ["+msg+"]"); + // out.println("Message Drained ["+msg.getBody(String.class)+"]"); + count++; + } + } while( msg != null); + out.println("Total Message(s) Received : " + count); + } + +} catch(Exception e) { + out.println("Got an Exception [" + e + "]"); +} +%> diff --git a/integration-tests/src/test/resources/apps/javaxwebapp/remote.jsp b/integration-tests/src/test/resources/apps/javaxwebapp/remote.jsp new file mode 100644 index 000000000000..022462a5b9e2 --- /dev/null +++ b/integration-tests/src/test/resources/apps/javaxwebapp/remote.jsp @@ -0,0 +1,48 @@ +<%@ page import="java.io.IOException" %> +<%@ page import="java.util.Hashtable" %> +<%@ page import="javax.naming.Context" %> +<%@ page import="javax.naming.InitialContext" %> +<%@ page import="javax.naming.NamingException" %> +<%@ page import="javax.servlet.ServletException" %> +<%@ page import="javax.servlet.annotation.WebServlet" %> +<%@ page import="javax.servlet.http.HttpServlet" %> +<%@ page import="javax.servlet.http.HttpServletRequest" %> +<%@ page import="javax.servlet.http.HttpServletResponse" %> +<%@ page import="javax.servlet.http.HttpServletResponse" %> +<%@ page import="javax.jms.Destination" %> +<%@ page import="javax.jms.ConnectionFactory" %> +<%@ page import="javax.jms.JMSContext" %> +<%@ page import="javax.jms.Message" %> + +<% +try { + Context ctx = null; + + String remoteurl = request.getParameter("remoteurl"); + out.println("Remote URL is [" + remoteurl + "]"); + + String dest = request.getParameter("dest"); + out.println("Remote Destination [" + dest + "]"); + + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, + "weblogic.jndi.WLInitialContextFactory"); + env.put(Context.PROVIDER_URL, remoteurl); + // Remote anonymous RMI access via T3 not allowed + env.put(Context.SECURITY_PRINCIPAL, "weblogic"); + env.put(Context.SECURITY_CREDENTIALS, "welcome1"); + ctx = new InitialContext(env); + out.println("Got Remote Context successfully [" +ctx+ "]" ); + ConnectionFactory qcf= + (ConnectionFactory)ctx.lookup("weblogic.jms.ConnectionFactory"); + out.println("JMS ConnectionFactory lookup Successful"); + JMSContext context = qcf.createContext(); + out.println("JMS Context Created Successfully"); + Destination queue = (Destination)ctx.lookup(dest); + out.println("JMS Destination lookup Successful"); + context.createProducer().send(queue, "Message to a Destination"); + out.println("Sent a Text message to Remote Destination"); +} catch(Exception e) { + out.println("Got an Exception [" + e + "]"); +} +%> diff --git a/integration-tests/src/test/resources/customstore/JmsClient.java b/integration-tests/src/test/resources/customstore/JmsClient.java new file mode 100644 index 000000000000..13df309c305f --- /dev/null +++ b/integration-tests/src/test/resources/customstore/JmsClient.java @@ -0,0 +1,124 @@ +import java.util.Hashtable; +import java.util.Enumeration; +import javax.naming.Context; +import javax.naming.InitialContext; +import javax.naming.NamingException; + +import jakarta.jms.Destination; +import jakarta.jms.ConnectionFactory; +import jakarta.jms.JMSContext; +import jakarta.jms.Message; +import jakarta.jms.JMSConsumer; +import jakarta.jms.QueueBrowser; + +public class JmsClient { + + private String url; + private String user; + private String password; + private String action; + private String qname; + + private Context ctx; + private ConnectionFactory qcf = null; + private Destination queue = null; + + public JmsClient(String[] args) + { + url = args[0]; + user = args[1]; + qname = args[2]; + action = args[3]; + + String msgString = null ; + + try { + ctx = getInitialContext(); + qcf=(ConnectionFactory)ctx.lookup("weblogic.jms.ConnectionFactory"); + log("JMS ConnectionFactory lookup Successful ..."); + JMSContext context = qcf.createContext(); + log("JMS Context Created Successfully ..."); + queue = (Destination)ctx.lookup(qname); + log("JMS Destination lookup Successful ..."); + + if ( action.equals("send") ) { + context.createProducer().send(queue, "Message to a Destination"); + log("JMS Message sent Successfully .."); + log("\n"); + ctx.close(); + } else if ( action.equals("recv") ) { + JMSConsumer consumer = (JMSConsumer) context.createConsumer(queue); + log("JMS Consumer Created Successfully .."); + Message msg=null; + int count = 0; + do { + msg = consumer.receiveNoWait(); + if ( msg != null ) { + // log("Message Drained ["+msg+"]"); + log("Message Drained ["+msg.getBody(String.class)+"]"); + count++; + } + } while( msg != null); + log("Total Message(s) Received : " + count ); + log("\n"); + } else if ( action.equals("browse") ) { + log("Browsing the destination "); + QueueBrowser qb = + (QueueBrowser)context.createBrowser((jakarta.jms.Queue)queue); + Enumeration enumeration = null; + try { + enumeration = qb.getEnumeration(); + } catch (jakarta.jms.JMSException e) { + e.printStackTrace(); + } + int size = 0; + while(enumeration.hasMoreElements()) { + enumeration.nextElement(); + size++; + } + log("Queue size:["+size+"]"); + log("\n"); + } else { + log("Not a supported action " + action ); + } + } catch ( Exception ex ) { + ex.printStackTrace(); + log("Exception while performing JMS operation "+ ex); + System.exit(-1); + } + } + + private void log(String err) { System.out.println(err); } + + private Context getInitialContext() + { + Context jndiContext = null; + /** + Hashtable props = new Hashtable(); + props.put(Context.INITIAL_CONTEXT_FACTORY, + Environment.DEFAULT_INITIAL_CONTEXT_FACTORY); + props.put(Context.PROVIDER_URL, url); + **/ + password="welcome1"; + log("Context URL ---> : " + url); + // log("User["+user+"] Password["+password+"]"); + String WLS_JNDI_FACTORY = "weblogic.jndi.WLInitialContextFactory"; + Hashtable env = new Hashtable(); + env.put(Context.INITIAL_CONTEXT_FACTORY, WLS_JNDI_FACTORY); + env.put(Context.PROVIDER_URL, url); + env.put(Context.SECURITY_PRINCIPAL, user); + env.put(Context.SECURITY_CREDENTIALS, password); + // log("env in getInitialContext(): " + env); + try { + jndiContext = new InitialContext(env); + } catch (Exception e) { + log("Unable to getInitialContext "+e); + System.exit(-1); + } + return jndiContext; + } + + public static void main(String[] args){ + JmsClient client = new JmsClient(args); + } +} diff --git a/integration-tests/src/test/resources/customstore/domain.properties b/integration-tests/src/test/resources/customstore/domain.properties new file mode 100644 index 000000000000..a8e5b862c978 --- /dev/null +++ b/integration-tests/src/test/resources/customstore/domain.properties @@ -0,0 +1,13 @@ +CLUSTER_TYPE=DYNAMIC +CLUSTER_NAME1=cluster-1 +CLUSTER_NAME2=cluster-2 + +DOM_NS=weblogic-domain +OP_NS=weblogic-operator +DOM_UID1=domain1 +DOM_UID2=domain2 +WLS_VERSION=14.1.2.0.0-jdk17 + +ADMIN_SERVER_NAME=AdminServer +MANAGED_SERVER_BASE_NAME=managed-server +MANAGED_SERVER_PORT=8001 diff --git a/integration-tests/src/test/resources/customstore/model1.properties b/integration-tests/src/test/resources/customstore/model1.properties new file mode 100644 index 000000000000..41b10bb0f015 --- /dev/null +++ b/integration-tests/src/test/resources/customstore/model1.properties @@ -0,0 +1,13 @@ +DOMAIN_UID=domain1 +CLUSTER_NAME=cluster-1 +MANAGED_SERVER_BASE_NAME=managed-server +MANAGED_SERVER_PORT=8001 +ADMIN_SERVER_NAME=AdminServer +T3CHANNELPORT=30001 +T3PUBLICADDRESS=speriyat-2 +MANAGED_SERVER_COUNT=4 +CONFIG_CLUSTER_NAME=ConfigCluster +CONFIG_MANAGED_SERVER_BASE_NAME=config-server +CONFIG_MANAGED_SERVER_PORT=8001 +REMOTE_DOMAIN=domain2 + diff --git a/integration-tests/src/test/resources/customstore/model2.properties b/integration-tests/src/test/resources/customstore/model2.properties new file mode 100644 index 000000000000..1eea0441673f --- /dev/null +++ b/integration-tests/src/test/resources/customstore/model2.properties @@ -0,0 +1,12 @@ +DOMAIN_UID=domain2 +CLUSTER_NAME=cluster-2 +MANAGED_SERVER_BASE_NAME=managed-server +MANAGED_SERVER_PORT=8001 +ADMIN_SERVER_NAME=AdminServer +T3CHANNELPORT=30002 +T3PUBLICADDRESS=speriyat-2 +MANAGED_SERVER_COUNT=4 +CONFIG_CLUSTER_NAME=ConfigCluster +CONFIG_MANAGED_SERVER_BASE_NAME=config-server +CONFIG_MANAGED_SERVER_PORT=8001 +REMOTE_DOMAIN=domain1 diff --git a/integration-tests/src/test/resources/customstore/models/auxiliary.domain.custom.ssl.template.yaml b/integration-tests/src/test/resources/customstore/models/auxiliary.domain.custom.ssl.template.yaml new file mode 100644 index 000000000000..b89a84c9a972 --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/auxiliary.domain.custom.ssl.template.yaml @@ -0,0 +1,68 @@ +apiVersion: "weblogic.oracle/@DOMAIN_VERSION@" +kind: Domain +metadata: + name: domain1 + namespace: @NAMESPACE@ + labels: + weblogic.domainUID: domain1 +spec: + domainHome: /u01/oracle/user_projects/domains/domain1 + domainHomeSourceType: FromModel + image: "oracle/weblogic:@WLS_VERSION@" + imagePullPolicy: "Never" + webLogicCredentialsSecret: + name: domain1-weblogic-credentials + includeServerOutInPodLog: true + dataHome: "" + serverStartPolicy: "IfNeeded" + serverPod: + env: + - name: JAVA_OPTIONS + value: " -Dweblogic.debug.DebugSecuritySSL=true -Dweblogic.StdoutDebugEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=true" + - name: USER_MEM_ARGS + value: "-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m " + adminServer: + adminService: + channels: + - channelName: default + nodePort: 30701 + - channelName: T3Channel + clusters: + - name: @CLUSTER_NAME@ + configuration: + model: + configMap: domain1-mii-cm + domainType: WLS + auxiliaryImages: + - image: "model-in-image:aux" + sourceModelHome: "/auxiliary/models" + sourceWDTInstallHome: "/auxiliary/weblogic-deploy" + runtimeEncryptionSecret: domain1-weblogic-credentials + +--- + +apiVersion: "weblogic.oracle/@CLUSTER_VERSION@" +kind: Cluster +metadata: + name: @CLUSTER_NAME@ + namespace: @NAMESPACE@ +spec: +# The desired behavior for starting a specific cluster's member servers + clusterName: @CLUSTER_NAME@ + serverPod: + # Instructs Kubernetes scheduler to prefer nodes for new cluster members + # where there are not already members of the same cluster. + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: "weblogic.clusterName" + operator: In + values: + - $(CLUSTER_NAME) + topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster + replicas: 2 diff --git a/integration-tests/src/test/resources/customstore/models/auxiliary.domain2.custom.ssl.template.yaml b/integration-tests/src/test/resources/customstore/models/auxiliary.domain2.custom.ssl.template.yaml new file mode 100644 index 000000000000..57abbb74e8fe --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/auxiliary.domain2.custom.ssl.template.yaml @@ -0,0 +1,75 @@ +apiVersion: "weblogic.oracle/@DOMAIN_VERSION@" +kind: Domain +metadata: + name: domain2 + namespace: @NAMESPACE@ + labels: + weblogic.domainUID: domain2 +spec: + domainHome: /u01/oracle/user_projects/domains/domain2 + domainHomeSourceType: FromModel + image: "oracle/weblogic:@WLS_VERSION@" + imagePullPolicy: "Never" + webLogicCredentialsSecret: + name: domain2-weblogic-credentials + includeServerOutInPodLog: true + dataHome: "" + serverStartPolicy: "IfNeeded" + serverPod: + env: + - name: XJAVA_OPTIONS + value: " -Dweblogic.debug.DebugSecuritySSL=true -Dweblogic.StdoutDebugEnabled=true -Djavax.net.debug=ssl -Dweblogic.security.SSL.ignoreHostnameVerification=true" + - name: JAVA_OPTIONS + value: " -Dweblogic.debug.DebugSecuritySSL=true -Dweblogic.StdoutDebugEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=true" + - name: XJAVA_OPTIONS + value: " -Dweblogic.StdoutDebugEnabled=true -Dweblogic.security.SSL.ignoreHostnameVerification=true" + - name: USER_MEM_ARGS + value: "-Djava.security.egd=file:/dev/./urandom -Xms256m -Xmx512m " + - name: PRE_CLASSPATH + value: "$(DOMAIN_HOME)/wlsdeploy/custom/patch/patch2_1412.jar" + + adminServer: + adminService: + channels: + - channelName: default + nodePort: 30702 + - channelName: T3Channel + clusters: + - name: @CLUSTER_NAME@ + configuration: + model: + configMap: domain2-mii-cm + domainType: WLS + auxiliaryImages: + - image: "model-in-image:aux2" + sourceModelHome: "/auxiliary/models" + sourceWDTInstallHome: "/auxiliary/weblogic-deploy" + runtimeEncryptionSecret: domain2-weblogic-credentials + +--- + +apiVersion: "weblogic.oracle/@CLUSTER_VERSION@" +kind: Cluster +metadata: + name: @CLUSTER_NAME@ + namespace: @NAMESPACE@ +spec: +# The desired behavior for starting a specific cluster's member servers + clusterName: @CLUSTER_NAME@ + serverPod: + # Instructs Kubernetes scheduler to prefer nodes for new cluster members + # where there are not already members of the same cluster. + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: "weblogic.clusterName" + operator: In + values: + - $(CLUSTER_NAME) + topologyKey: "kubernetes.io/hostname" + # The number of managed servers to start for this cluster + replicas: 2 diff --git a/integration-tests/src/test/resources/customstore/models/model.dynamic.custom.ssl.wls.yaml b/integration-tests/src/test/resources/customstore/models/model.dynamic.custom.ssl.wls.yaml new file mode 100644 index 000000000000..59b6bb55c3da --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/model.dynamic.custom.ssl.wls.yaml @@ -0,0 +1,75 @@ +# Copyright (c) 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +domainInfo: + AdminUserName: '@@SECRET:__weblogic-credentials__:username@@' + AdminPassword: '@@SECRET:__weblogic-credentials__:password@@' + ServerStartMode: 'prod' + WLSUserPasswordCredentialMappings: + CrossDomain: + map1: + RemoteDomain: '@@PROP:REMOTE_DOMAIN@@' + RemoteUser: xdomain + RemotePassword: '@@SECRET:__weblogic-credentials__:password@@' + +topology: + Name: '@@PROP:DOMAIN_UID@@' + AdminServerName: "@@PROP:ADMIN_SERVER_NAME@@" + SecurityConfiguration: + CrossDomainSecurityEnabled: true + Security: + User: + xdomain: + Name: xdomain + Password: '@@SECRET:__weblogic-credentials__:password@@' + GroupMemberOf: + - CrossDomainConnectors + Cluster: + "@@PROP:CLUSTER_NAME@@": + DynamicServers: + ServerTemplate: "@@PROP:CLUSTER_NAME@@-template" + ServerNamePrefix: "@@PROP:MANAGED_SERVER_BASE_NAME@@" + DynamicClusterSize: "@@PROP:MANAGED_SERVER_COUNT@@" + MaxDynamicClusterSize: "@@PROP:MANAGED_SERVER_COUNT@@" + CalculatedListenPorts: false + Server: + "@@PROP:ADMIN_SERVER_NAME@@": + ListenPort: 7001 + KeyStores: CustomIdentityAndCustomTrust + CustomIdentityKeyStoreFileName: config/wlsdeploy/servers/cluster-1-template/DomainIdentityStore.p12 + CustomIdentityKeyStoreType: PKCS12 + CustomIdentityKeyStorePassPhraseEncrypted: 'changeit' + CustomTrustKeyStoreFileName: config/wlsdeploy/servers/cluster-1-template/DomainTrustStore.p12 + CustomTrustKeyStoreType: PKCS12 + CustomTrustKeyStorePassPhraseEncrypted: 'changeit' + SSL: + Enabled: false + HostnameVerificationIgnored: true + ListenPort: 7002 + ServerPrivateKeyAlias: "server_alias" + ServerPrivateKeyPassPhraseEncrypted: "changeit" + NetworkAccessPoint: + T3Channel: + ListenPort: '@@PROP:T3CHANNELPORT@@' + PublicAddress: '@@PROP:T3PUBLICADDRESS@@' + PublicPort: '@@PROP:T3CHANNELPORT@@' + ServerTemplate: + "@@PROP:CLUSTER_NAME@@-template": + KeyStores: CustomIdentityAndCustomTrust + CustomIdentityKeyStorePassPhraseEncrypted: 'changeit' + CustomTrustKeyStorePassPhraseEncrypted: 'changeit' + CustomTrustKeyStoreType: PKCS12 + CustomIdentityKeyStoreType: PKCS12 + CustomTrustKeyStoreFileName: config/wlsdeploy/servers/cluster-1-template/DomainTrustStore.p12 + CustomIdentityKeyStoreFileName: config/wlsdeploy/servers/cluster-1-template/DomainIdentityStore.p12 + Cluster: "@@PROP:CLUSTER_NAME@@" + ListenPort : '@@PROP:MANAGED_SERVER_PORT@@' + SSL: + HostnameVerificationIgnored: true + ServerPrivateKeyAlias: 'server_alias' + ServerPrivateKeyPassPhraseEncrypted: 'changeit' + UseServerCerts: true + Enabled: true + ListenPort: 6000 +resources: + WebAppContainer: + WeblogicPluginEnabled: true diff --git a/integration-tests/src/test/resources/customstore/models/model.dynamic.demo.ssl.yaml b/integration-tests/src/test/resources/customstore/models/model.dynamic.demo.ssl.yaml new file mode 100644 index 000000000000..e286259e1602 --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/model.dynamic.demo.ssl.yaml @@ -0,0 +1,52 @@ +# Copyright (c) 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +domainInfo: + AdminUserName: '@@SECRET:__weblogic-credentials__:username@@' + AdminPassword: '@@SECRET:__weblogic-credentials__:password@@' + ServerStartMode: 'prod' + WLSUserPasswordCredentialMappings: + CrossDomain: + map1: + RemoteDomain: '@@PROP:REMOTE_DOMAIN@@' + RemoteUser: xdomain + RemotePassword: '@@SECRET:__weblogic-credentials__:password@@' + +topology: + Name: '@@PROP:DOMAIN_UID@@' + AdminServerName: "@@PROP:ADMIN_SERVER_NAME@@" + SecurityConfiguration: + CrossDomainSecurityEnabled: true + Security: + User: + xdomain: + Name: xdomain + Password: '@@SECRET:__weblogic-credentials__:password@@' + GroupMemberOf: + - CrossDomainConnectors + Cluster: + "@@PROP:CLUSTER_NAME@@": + DynamicServers: + ServerTemplate: "@@PROP:CLUSTER_NAME@@-template" + ServerNamePrefix: "@@PROP:MANAGED_SERVER_BASE_NAME@@" + DynamicClusterSize: "@@PROP:MANAGED_SERVER_COUNT@@" + MaxDynamicClusterSize: "@@PROP:MANAGED_SERVER_COUNT@@" + CalculatedListenPorts: false + Server: + "@@PROP:ADMIN_SERVER_NAME@@": + ListenPort: 7001 + NetworkAccessPoint: + T3Channel: + ListenPort: '@@PROP:T3CHANNELPORT@@' + PublicAddress: '@@PROP:T3PUBLICADDRESS@@' + PublicPort: '@@PROP:T3CHANNELPORT@@' + ServerTemplate: + "@@PROP:CLUSTER_NAME@@-template": + Cluster: "@@PROP:CLUSTER_NAME@@" + ListenPort : '@@PROP:MANAGED_SERVER_PORT@@' + SSL: + HostnameVerificationIgnored: true + Enabled: true + ListenPort: 7002 +resources: + WebAppContainer: + WeblogicPluginEnabled: true diff --git a/integration-tests/src/test/resources/customstore/models/model.dynamic.wls.yaml b/integration-tests/src/test/resources/customstore/models/model.dynamic.wls.yaml new file mode 100644 index 000000000000..e286259e1602 --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/model.dynamic.wls.yaml @@ -0,0 +1,52 @@ +# Copyright (c) 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +domainInfo: + AdminUserName: '@@SECRET:__weblogic-credentials__:username@@' + AdminPassword: '@@SECRET:__weblogic-credentials__:password@@' + ServerStartMode: 'prod' + WLSUserPasswordCredentialMappings: + CrossDomain: + map1: + RemoteDomain: '@@PROP:REMOTE_DOMAIN@@' + RemoteUser: xdomain + RemotePassword: '@@SECRET:__weblogic-credentials__:password@@' + +topology: + Name: '@@PROP:DOMAIN_UID@@' + AdminServerName: "@@PROP:ADMIN_SERVER_NAME@@" + SecurityConfiguration: + CrossDomainSecurityEnabled: true + Security: + User: + xdomain: + Name: xdomain + Password: '@@SECRET:__weblogic-credentials__:password@@' + GroupMemberOf: + - CrossDomainConnectors + Cluster: + "@@PROP:CLUSTER_NAME@@": + DynamicServers: + ServerTemplate: "@@PROP:CLUSTER_NAME@@-template" + ServerNamePrefix: "@@PROP:MANAGED_SERVER_BASE_NAME@@" + DynamicClusterSize: "@@PROP:MANAGED_SERVER_COUNT@@" + MaxDynamicClusterSize: "@@PROP:MANAGED_SERVER_COUNT@@" + CalculatedListenPorts: false + Server: + "@@PROP:ADMIN_SERVER_NAME@@": + ListenPort: 7001 + NetworkAccessPoint: + T3Channel: + ListenPort: '@@PROP:T3CHANNELPORT@@' + PublicAddress: '@@PROP:T3PUBLICADDRESS@@' + PublicPort: '@@PROP:T3CHANNELPORT@@' + ServerTemplate: + "@@PROP:CLUSTER_NAME@@-template": + Cluster: "@@PROP:CLUSTER_NAME@@" + ListenPort : '@@PROP:MANAGED_SERVER_PORT@@' + SSL: + HostnameVerificationIgnored: true + Enabled: true + ListenPort: 7002 +resources: + WebAppContainer: + WeblogicPluginEnabled: true diff --git a/integration-tests/src/test/resources/customstore/models/sparse.application.yaml b/integration-tests/src/test/resources/customstore/models/sparse.application.yaml new file mode 100644 index 000000000000..69e348400912 --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/sparse.application.yaml @@ -0,0 +1,8 @@ +# Copyright (c) 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +appDeployments: + Application: + myear: + SourcePath: wlsdeploy/structuredApplications/webapp + ModuleType: ear + Target: '@@PROP:CLUSTER_NAME@@,@@PROP:ADMIN_SERVER_NAME@@' diff --git a/integration-tests/src/test/resources/customstore/models/sparse.jdbc.yaml b/integration-tests/src/test/resources/customstore/models/sparse.jdbc.yaml new file mode 100644 index 000000000000..5c90b3c20bfb --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/sparse.jdbc.yaml @@ -0,0 +1,22 @@ +# Copyright (c) 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +resources: + JDBCSystemResource: + TestDataSource: + Target: '@@PROP:CLUSTER_NAME@@' + JdbcResource: + JDBCConnectionPoolParams: + InitialCapacity: 0 + MinCapacity: 0 + MaxCapacity: 15 + JDBCDataSourceParams: + GlobalTransactionsProtocol: OnePhaseCommit + RowPrefetchSize: 200 + JNDIName: jdbc/TestDataSource + JDBCDriverParams: + URL: 'jdbc:oracle:thin:@//xxx.xxx.x.xxx:1521/ORCLCDB' + PasswordEncrypted: 'j2ee' + DriverName: oracle.jdbc.OracleDriver + Properties: + user: + Value: j2ee diff --git a/integration-tests/src/test/resources/customstore/models/sparse.jms.yaml b/integration-tests/src/test/resources/customstore/models/sparse.jms.yaml new file mode 100644 index 000000000000..8c1d80f20145 --- /dev/null +++ b/integration-tests/src/test/resources/customstore/models/sparse.jms.yaml @@ -0,0 +1,64 @@ +# Copyright (c) 2020, Oracle Corporation and/or its affiliates. +# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. +resources: + FileStore: + TestFileStore: + Target: '@@PROP:ADMIN_SERVER_NAME@@' + TestClusterFileStore: + Target: '@@PROP:CLUSTER_NAME@@' + JMSServer: + TestJmsServer: + ProductionPausedAtStartup: false + ConsumptionPausedAtStartup: false + Target: '@@PROP:ADMIN_SERVER_NAME@@' + PersistentStore: 'TestFileStore' + InsertionPausedAtStartup: false + MessageCompressionOptions: GZIP_DEFAULT_COMPRESSION + TestClusterJmsServer: + ProductionPausedAtStartup: false + ConsumptionPausedAtStartup: false + Target: '@@PROP:CLUSTER_NAME@@' + PersistentStore: 'TestClusterFileStore' + InsertionPausedAtStartup: false + MessageCompressionOptions: GZIP_DEFAULT_COMPRESSION + + JMSSystemResource: + TestClusterJmsModule: + Target: '@@PROP:CLUSTER_NAME@@' + SubDeployment: + TestClusterSubDeployment: + Target: TestClusterJmsServer + JmsResource: + ConnectionFactory: + ClusterConnectionFactory: + JNDIName: jms/test/cluster/ConnectionFactory + DefaultTargetingEnabled: true + LoadBalancingParams: + ServerAffinityEnabled: false + LoadBalancingEnabled: true + TransactionParams: + XAConnectionFactoryEnabled: true + UniformDistributedQueue: + testUniformQueue: + SubDeploymentName: TestClusterSubDeployment + JNDIName: jms/test/UniformQueue + UniformDistributedTopic: + testUniformTopic: + SubDeploymentName: TestClusterSubDeployment + ForwardingPolicy: Partitioned + JNDIName: jms/test/UniformTopic + + TestJmsModule: + Target: '@@PROP:ADMIN_SERVER_NAME@@' + SubDeployment: + TestSubDeployment: + Target: TestJmsServer + JmsResource: + Queue: + testQueue: + SubDeploymentName: TestSubDeployment + JNDIName: jms/admin/Queue + Topic: + testTopic: + SubDeploymentName: TestSubDeployment + JNDIName: jms/admin/Topic diff --git a/integration-tests/src/test/resources/customstore/runtest.sh b/integration-tests/src/test/resources/customstore/runtest.sh new file mode 100644 index 000000000000..f27074514a6b --- /dev/null +++ b/integration-tests/src/test/resources/customstore/runtest.sh @@ -0,0 +1,58 @@ +#!/bin/bash + +protocol=${1:-t3} +port=${2:-8001} +LOGFILE=/tmp/jms_test_output.log + +# Setup WLS environment +. /u01/oracle/wlserver/server/bin/setWLSEnv.sh + +# 1. Commit transaction +url="http://domain1-adminserver:7001/webapp/dtx.jsp?remoteurl=${protocol}://domain2-cluster-cluster-2:${port}&action=commit" +curl -j --noproxy "*" "$url" > "$LOGFILE" 2>&1 + +sleep 5 + +# 2. Compile and run Java client +javac -d /u01/domains /u01/domains/JmsClient.java >> "$LOGFILE" 2>&1 +java -cp /u01/domains:$CLASSPATH JmsClient t3://domain1-adminserver:7001 weblogic jms.admin.Queue recv >> "$LOGFILE" 2>&1 + +sleep 5 + +# 3. Receive message from remote distributed destination +url="http://domain1-adminserver:7001/webapp/jms.jsp?remoteurl=${protocol}://domain2-cluster-cluster-2:${port}&action=recv&dest=jms.test.UniformQueue" +curl -j --noproxy "*" "$url" >> "$LOGFILE" 2>&1 + +# 4. Grep for expected output +echo "Searching for expected strings in $LOGFILE" + + +# List of strings to check +STRINGS=( + "User Transation is committed" + "Message Drained" + "Total Message(s) Received : 10" +) + +# Flag to track if all strings were found +ALL_FOUND=true + +echo "Verifying expected output in $LOGFILE..." + +cat $LOGFILE + +for str in "${STRINGS[@]}"; do + if grep -qF "$str" "$LOGFILE"; then + echo "Found: '$str'" + else + echo "Missing: '$str'" + ALL_FOUND=false + fi +done + +if $ALL_FOUND; then + echo "All expected strings were found in the log." +else + echo "One or more expected strings were missing." + exit 1 +fi diff --git a/json-schema-generator/pom.xml b/json-schema-generator/pom.xml index ce713faf393b..ffa10d036b53 100644 --- a/json-schema-generator/pom.xml +++ b/json-schema-generator/pom.xml @@ -7,7 +7,7 @@ operator-parent oracle.kubernetes - 4.2.19 + 4.2.20 json-schema diff --git a/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl b/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl index 797ae571868c..78f5e00e3fa7 100644 --- a/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl +++ b/kubernetes/charts/weblogic-operator/templates/_operator-dep.tpl @@ -52,6 +52,16 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + initContainers: + - name: "copy-container" + image: {{ .image | quote }} + imagePullPolicy: "IfNotPresent" + command: ["/bin/sh", "-c", "cp /deployment/* /deployment_copy && cp /probes/* /probes_copy"] + volumeMounts: + - name: "deployment-volume" + mountPath: "/deployment_copy" + - name: "probes-volume" + mountPath: "/probes_copy" containers: - name: "weblogic-operator" image: {{ .image | quote }} @@ -129,6 +139,7 @@ spec: runAsUser: {{ .runAsUser | default 1000 }} {{- end }} runAsNonRoot: true + readOnlyRootFilesystem: true privileged: false allowPrivilegeEscalation: false capabilities: @@ -141,6 +152,14 @@ spec: - name: "weblogic-operator-secrets-volume" mountPath: "/deployment/secrets" readOnly: true + - name: "deployment-volume" + mountPath: "/deployment" + {{- if not .elkIntegrationEnabled }} + - name: "log-volume" + mountPath: "/logs" + {{- end }} + - name: "probes-volume" + mountPath: "/probes" {{- if and .elkIntegrationEnabled .operatorLogPVC }} {{- fail "Error: elkIntegrationEnabled and opeatorLogPVC cannot be set at the same time."}} {{- else if .elkIntegrationEnabled }} @@ -201,6 +220,14 @@ spec: - name: "weblogic-operator-secrets-volume" secret: secretName: "weblogic-operator-secrets" + - name: "deployment-volume" + emptyDir: {} + {{- if not .elkIntegrationEnabled }} + - name: "log-volume" + emptyDir: {} + {{- end }} + - name: "probes-volume" + emptyDir: {} {{- if .elkIntegrationEnabled }} - name: "log-dir" emptyDir: @@ -229,6 +256,7 @@ spec: persistentVolumeClaim: claimName: {{ .operatorLogPVC }} {{- end }} + {{- end }} --- {{ $chartVersion := .Chart.Version }} @@ -311,6 +339,16 @@ spec: tolerations: {{- toYaml . | nindent 12 }} {{- end }} + initContainers: + - name: "copy-container" + image: {{ .image | quote }} + imagePullPolicy: "IfNotPresent" + command: ["/bin/sh", "-c", "cp /deployment/* /deployment_copy && cp /probes/* /probes_copy"] + volumeMounts: + - name: "deployment-volume" + mountPath: "/deployment_copy" + - name: "probes-volume" + mountPath: "/probes_copy" containers: - name: "weblogic-operator-webhook" image: {{ .image | quote }} @@ -374,6 +412,7 @@ spec: runAsNonRoot: true privileged: false allowPrivilegeEscalation: false + readOnlyRootFilesystem: true capabilities: drop: ["ALL"] volumeMounts: @@ -382,6 +421,14 @@ spec: - name: "weblogic-webhook-secrets-volume" mountPath: "/deployment/secrets" readOnly: true + - name: "deployment-volume" + mountPath: "/deployment" + {{- if not .elkIntegrationEnabled }} + - name: "log-volume" + mountPath: "/logs" + {{- end }} + - name: "probes-volume" + mountPath: "/probes" {{- if and .elkIntegrationEnabled .operatorLogPVC }} {{- fail "Error: elkIntegrationEnabled and opeatorLogPVC cannot be set at the same time."}} {{- else if .elkIntegrationEnabled }} @@ -437,6 +484,14 @@ spec: - name: "weblogic-webhook-secrets-volume" secret: secretName: "weblogic-webhook-secrets" + - name: "deployment-volume" + emptyDir: {} + {{- if not .elkIntegrationEnabled }} + - name: "log-volume" + emptyDir: {} + {{- end }} + - name: "probes-volume" + emptyDir: {} {{- if .elkIntegrationEnabled }} - name: "log-dir" emptyDir: diff --git a/kubernetes/charts/weblogic-operator/values.yaml b/kubernetes/charts/weblogic-operator/values.yaml index 2ae38f008f43..74dfe932ea1c 100644 --- a/kubernetes/charts/weblogic-operator/values.yaml +++ b/kubernetes/charts/weblogic-operator/values.yaml @@ -288,3 +288,4 @@ clusterSizePaddingValidationEnabled: true # operatorLogMount specifies the operator logging volumeMount. The operator will mount this path with the operatorLogPVC #operatorLogMount: + diff --git a/kubernetes/crd/domain-crd.yaml b/kubernetes/crd/domain-crd.yaml index 05787bfacb6d..1898be92b58b 100644 --- a/kubernetes/crd/domain-crd.yaml +++ b/kubernetes/crd/domain-crd.yaml @@ -5,7 +5,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - weblogic.sha256: b9f89cd5c4bda8320b782801a450f45bc429f16dc09e7ef17f9821e244768ce3 + weblogic.sha256: cf46916f430e72d3fd7757c2bf176cd04259287b7e2941eca99939ed38e463a4 name: domains.weblogic.oracle spec: group: weblogic.oracle @@ -47,9 +47,9 @@ spec: appropriate. See https://github.com/oracle/weblogic-monitoring-exporter. properties: image: - default: ghcr.io/oracle/weblogic-monitoring-exporter:2.3.3 + default: ghcr.io/oracle/weblogic-monitoring-exporter:2.3.5 description: The WebLogic Monitoring Exporter sidecar container - image name. Defaults to ghcr.io/oracle/weblogic-monitoring-exporter:2.3.3 + image name. Defaults to ghcr.io/oracle/weblogic-monitoring-exporter:2.3.5 type: string imagePullPolicy: description: The image pull policy for the WebLogic Monitoring diff --git a/kubernetes/pom.xml b/kubernetes/pom.xml index 94e73636991f..b4709d6bf74c 100644 --- a/kubernetes/pom.xml +++ b/kubernetes/pom.xml @@ -9,7 +9,7 @@ oracle.kubernetes operator-parent - 4.2.19 + 4.2.20 installation-tests diff --git a/kubernetes/src/test/java/oracle/kubernetes/operator/create/CreateOperatorGeneratedFilesTestBase.java b/kubernetes/src/test/java/oracle/kubernetes/operator/create/CreateOperatorGeneratedFilesTestBase.java index 8f3901a9dc65..a2b33fa788dd 100644 --- a/kubernetes/src/test/java/oracle/kubernetes/operator/create/CreateOperatorGeneratedFilesTestBase.java +++ b/kubernetes/src/test/java/oracle/kubernetes/operator/create/CreateOperatorGeneratedFilesTestBase.java @@ -13,6 +13,7 @@ import io.kubernetes.client.openapi.models.V1Container; import io.kubernetes.client.openapi.models.V1Deployment; import io.kubernetes.client.openapi.models.V1DeploymentStrategy; +import io.kubernetes.client.openapi.models.V1EmptyDirVolumeSource; import io.kubernetes.client.openapi.models.V1EnvVarSource; import io.kubernetes.client.openapi.models.V1ExecAction; import io.kubernetes.client.openapi.models.V1LabelSelector; @@ -31,6 +32,8 @@ import io.kubernetes.client.openapi.models.V1Service; import io.kubernetes.client.openapi.models.V1ServiceAccount; import io.kubernetes.client.openapi.models.V1ServiceSpec; +import io.kubernetes.client.openapi.models.V1Volume; +import io.kubernetes.client.openapi.models.V1VolumeMount; import oracle.kubernetes.operator.utils.GeneratedOperatorObjects; import oracle.kubernetes.operator.utils.KubernetesArtifactUtils; import oracle.kubernetes.operator.utils.OperatorValues; @@ -196,7 +199,7 @@ private V1Deployment getActualWeblogicOperatorDeployment() { } protected V1Deployment getExpectedWeblogicOperatorDeployment() { - return newDeployment() + V1Deployment deployment = newDeployment() .metadata( newObjectMeta() .name("weblogic-operator") @@ -222,6 +225,20 @@ protected V1Deployment getExpectedWeblogicOperatorDeployment() { .serviceAccountName(getInputs().getServiceAccount()) .securityContext(new V1PodSecurityContext().seccompProfile( new V1SeccompProfile().type("RuntimeDefault"))) + .addInitContainersItem( + newContainer() + .name("copy-container") + .image(getInputs().getWeblogicOperatorImage()) + .imagePullPolicy("IfNotPresent") + .addCommandItem("/bin/sh") + .addCommandItem("-c") + .addCommandItem( + "cp /deployment/* /deployment_copy && cp /probes/* /probes_copy") + .addVolumeMountsItem( + newVolumeMount().name("deployment-volume").mountPath("/deployment_copy")) + .addVolumeMountsItem( + newVolumeMount().name("probes-volume").mountPath("/probes_copy")) + ) .addContainersItem( newContainer() .name("weblogic-operator") @@ -280,6 +297,7 @@ protected V1Deployment getExpectedWeblogicOperatorDeployment() { .securityContext( new V1SecurityContext().runAsUser(1000L) .runAsNonRoot(true) + .readOnlyRootFilesystem(true) .privileged(false).allowPrivilegeEscalation(false) .capabilities(new V1Capabilities().addDropItem("ALL"))) .addVolumeMountsItem( @@ -294,7 +312,15 @@ protected V1Deployment getExpectedWeblogicOperatorDeployment() { newVolumeMount() .name("weblogic-operator-secrets-volume") .mountPath("/deployment/secrets") - .readOnly(true))) + .readOnly(true)) + .addVolumeMountsItem( + newVolumeMount() + .name("deployment-volume") + .mountPath("/deployment")) + .addVolumeMountsItem( + newVolumeMount() + .name("probes-volume") + .mountPath("/probes"))) .addVolumesItem( newVolume() .name("weblogic-operator-cm-volume") @@ -313,7 +339,27 @@ protected V1Deployment getExpectedWeblogicOperatorDeployment() { .name("weblogic-operator-secrets-volume") .secret( newSecretVolumeSource() - .secretName("weblogic-operator-secrets")))))); + .secretName("weblogic-operator-secrets"))) + .addVolumesItem( + newVolume() + .name("deployment-volume") + .emptyDir(new V1EmptyDirVolumeSource())) + .addVolumesItem( + newVolume() + .name("probes-volume") + .emptyDir(new V1EmptyDirVolumeSource())) + ))); + + boolean isElkIntegrationEnabled = Boolean.parseBoolean(getInputs().getElkIntegrationEnabled()); + if (!isElkIntegrationEnabled) { + List mounts = deployment.getSpec().getTemplate().getSpec() + .getContainers().get(0).getVolumeMounts(); + mounts.add(mounts.size() - 1, newVolumeMount().name("log-volume").mountPath("/logs")); + List volumees = deployment.getSpec().getTemplate().getSpec().getVolumes(); + volumees.add(volumees.size() - 1, newVolume().name("log-volume").emptyDir(new V1EmptyDirVolumeSource())); + } + + return deployment; } void expectProbes(V1Container container) { diff --git a/operator-build-maven-plugin/pom.xml b/operator-build-maven-plugin/pom.xml index d1d6ba984e66..939e992b242d 100644 --- a/operator-build-maven-plugin/pom.xml +++ b/operator-build-maven-plugin/pom.xml @@ -7,7 +7,7 @@ operator-parent oracle.kubernetes - 4.2.19 + 4.2.20 operator-build-maven-plugin @@ -24,7 +24,7 @@ org.apache.maven maven-plugin-api - 3.9.10 + 3.9.11 provided diff --git a/operator/pom.xml b/operator/pom.xml index 7e39e9670e64..8829c3640640 100644 --- a/operator/pom.xml +++ b/operator/pom.xml @@ -7,7 +7,7 @@ oracle.kubernetes operator-parent - 4.2.19 + 4.2.20 weblogic-kubernetes-operator diff --git a/operator/src/main/java/oracle/kubernetes/operator/KubernetesConstants.java b/operator/src/main/java/oracle/kubernetes/operator/KubernetesConstants.java index 03c418f9c705..a7e82c155b6e 100644 --- a/operator/src/main/java/oracle/kubernetes/operator/KubernetesConstants.java +++ b/operator/src/main/java/oracle/kubernetes/operator/KubernetesConstants.java @@ -8,7 +8,7 @@ /** Kubernetes constants. */ public interface KubernetesConstants { String DEFAULT_IMAGE = "container-registry.oracle.com/middleware/weblogic:12.2.1.4"; - String DEFAULT_EXPORTER_IMAGE = "ghcr.io/oracle/weblogic-monitoring-exporter:2.3.3"; + String DEFAULT_EXPORTER_IMAGE = "ghcr.io/oracle/weblogic-monitoring-exporter:2.3.5"; String DEFAULT_FLUENTD_IMAGE = "fluent/fluentd-kubernetes-daemonset:v1.16.1-debian-elasticsearch7-1.2"; String EXPORTER_CONTAINER_NAME = "monitoring-exporter"; String LATEST_IMAGE_SUFFIX = ":latest"; diff --git a/operator/src/main/resources/scripts/model-wdt-create-filter.py b/operator/src/main/resources/scripts/model-wdt-create-filter.py index e37e141edc4a..52e1b3608125 100644 --- a/operator/src/main/resources/scripts/model-wdt-create-filter.py +++ b/operator/src/main/resources/scripts/model-wdt-create-filter.py @@ -34,6 +34,10 @@ def filter_model(model): model['topology']['Server'] = {} model['topology']['Server'][admin_server] = {} + admin = model['topology']['Server'][admin_server] + if 'Machine' in admin: + del admin['Machine'] + if 'Name' in topology: model['topology']['Name'] = topology['Name'] diff --git a/operator/src/main/resources/scripts/model_wdt_mii_filter.py b/operator/src/main/resources/scripts/model_wdt_mii_filter.py index bc6f077e4484..0cb80177bf80 100644 --- a/operator/src/main/resources/scripts/model_wdt_mii_filter.py +++ b/operator/src/main/resources/scripts/model_wdt_mii_filter.py @@ -211,6 +211,9 @@ def filter_model(model): if 'Server' not in topology: topology['Server'] = {} + if 'Machine' in topology: + del topology['Machine'] + if admin_server not in topology['Server']: topology['Server'][admin_server] = {} @@ -255,6 +258,8 @@ def customizeServerTemplates(model): if template_names is not None: for template_name in template_names: template = serverTemplates[template_name] + if 'Machine' in template: + del template['Machine'] cluster_name = getClusterNameOrNone(template) if cluster_name is not None: customizeServerTemplate(topology, template, template_name) @@ -378,6 +383,9 @@ def customizeServer(model, server, name): if 'AdminServerName' in model['topology'] and len(model['topology']['AdminServerName']) > 0: adminServer = model['topology']['AdminServerName'] + if 'Machine' in server: + del server['Machine'] + customizeLog(name, server) customizeAccessLog(name, server) customizeDefaultFileStore(server) diff --git a/operator/src/main/resources/scripts/startNodeManager.sh b/operator/src/main/resources/scripts/startNodeManager.sh index dd1b34a6e432..a5f269c313a3 100644 --- a/operator/src/main/resources/scripts/startNodeManager.sh +++ b/operator/src/main/resources/scripts/startNodeManager.sh @@ -27,7 +27,11 @@ # ${DOMAIN_UID}/${SERVER_NAME}_nodemanager.out # Default: # Use LOG_HOME. If LOG_HOME not set, use NODEMGR_HOME. -# NODEMGR_LOG_FILE_MAX = max NM .log and .out files to keep around (default=11) +# NODEMGR_LOG_FILE_MAX = Maximum size of the Node Manager Log specified as an integer. +# When this limit is reached, a new log file is started. default 0, no limit. +# NODEMGR_LOG_LEVEL =Severity level of logging used for the Node Manager log. Node Manager uses the standard +# logging levels from the java.util.logging.level package. default FINEST. +# NODEMGR_LOG_COUNT = Maximum number of log files to create when LogLimit is exceeded. default 1. # # ADMIN_PORT_SECURE = "true" if the admin protocol is secure. Default is false # @@ -64,6 +68,9 @@ stm_script=${WL_HOME}/server/bin/startNodeManager.sh SERVER_NAME=${SERVER_NAME:-introspector} ADMIN_PORT_SECURE=${ADMIN_PORT_SECURE:-false} +NM_LOG_LIMIT=${NODEMGR_LOG_FILE_MAX:-0} +NM_LOG_LEVEL=${NODEMGR_LOG_LEVEL:-FINEST} +NM_LOG_COUNT=${NODEMGR_LOG_COUNT:-1} trace "Starting node manager for domain-uid='$DOMAIN_UID' and server='$SERVER_NAME'." @@ -241,9 +248,9 @@ cat < ${nm_props_file} LogToStderr=true LogFormatter=weblogic.nodemanager.server.LogFormatter LogAppend=true - LogLimit=0 - LogLevel=FINEST - LogCount=1 + LogLimit=${NM_LOG_LIMIT} + LogLevel=${NM_LOG_LEVEL} + LogCount=${NM_LOG_COUNT} EOF diff --git a/pom.xml b/pom.xml index 1a6e18109bc0..65f9864176ba 100644 --- a/pom.xml +++ b/pom.xml @@ -7,7 +7,7 @@ oracle.kubernetes operator-parent - 4.2.19 + 4.2.20 operator @@ -605,6 +605,11 @@ commons-exec ${commons-exec-version} + + org.apache.commons + commons-lang3 + ${commons-lang3-version} + commons-codec commons-codec @@ -692,7 +697,7 @@ 21 21 [3.8.1,) - 3.5.0 + 3.6.1 3.5.0 3.14.0 3.1.4 @@ -708,54 +713,55 @@ 3.8.1 3.6.0 3.5.1 - 10.26.1 + 11.0.0 1.0 3.6.0 - 3.2.7 + 3.2.8 2.0.0.0 1.3.3 2.0.1 2.0.1 1.0.39 - 1.9.0 + 1.10.0 1.5.8 1.5.0 - 1.18.0 + 3.18.0 + 1.19.0 1.7.3 0.1.0 2.9.0 0.9.6 3.6.1 1.0.0 - 3.27.3 - 2.19.0 + 3.27.4 + 2.20.0 4.3.0 19.0.2 3.0.1u2 - 2.2.0 + 2.2.10 4.12.0 - 3.14.0 + 3.16.0 1.81 - 5.13.2 + 5.13.4 5.7.1 1.7.0 1.3.2 UTF-8 - 3.1.10 + 3.1.11 1.1.7 4.0.2 6.1.0 0.16.0 - 2.19.1 - 2.19.1 + 2.19.2 + 2.19.2 2.4 2.13.1 12.1.3 2.0.17 1.5.18 4.31.1 - 2.5.2 - 10.3.1 + 2.6.0 + 10.4.2 ${project.basedir}/src-generated-swagger ${root-generated-swagger}/main/java ${project.basedir}/swagger/domain.json diff --git a/swagger-generator/pom.xml b/swagger-generator/pom.xml index 9095503f9b00..8d1e969874f5 100644 --- a/swagger-generator/pom.xml +++ b/swagger-generator/pom.xml @@ -7,7 +7,7 @@ oracle.kubernetes operator-parent - 4.2.19 + 4.2.20 operator-swagger