From 202340fe65bf949634f49cf80fd0dce0b1a893b1 Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Mon, 2 Jul 2018 20:14:28 +0200 Subject: [PATCH] Adapt to the new variables. Add a task that removes the old keys. --- .../dataminer_app/tasks/install-gcube-key.yml | 57 ++++++------------- .../smartgears/tasks/install-gcube-keys.yml | 44 ++++---------- .../templates/get-gcube-keys.sh.j2 | 1 - 3 files changed, 29 insertions(+), 73 deletions(-) diff --git a/smartgears/dataminer_app/tasks/install-gcube-key.yml b/smartgears/dataminer_app/tasks/install-gcube-key.yml index b40f11f..b4c9e2d 100644 --- a/smartgears/dataminer_app/tasks/install-gcube-key.yml +++ b/smartgears/dataminer_app/tasks/install-gcube-key.yml @@ -1,65 +1,44 @@ --- - block: - - name: Install the production gcube keys + - name: Install the production gcube keys into the dataminer webapp get_url: url={{ item.url }} dest={{ smartgears_instance_path }}/webapps/{{ dataminer_wps_name }}/ecocfg/PARALLEL_PROCESSING/{{ item.name }} owner={{ smartgears_user }} group={{ smartgears_user }} mode=0600 - with_items: - - '{{ gcube_prod_key_1 }}' - - '{{ gcube_prod_key_2 }}' - - '{{ gcube_prod_key_3 }}' - - '{{ gcube_prod_key_4 }}' - - '{{ gcube_prod_key_5 }}' - - '{{ gcube_prod_key_6 }}' - - '{{ gcube_prod_key_7 }}' - - '{{ gcube_prod_key_8 }}' - - '{{ gcube_prod_key_9 }}' + with_items: '{{ gcube_production_security_keys }}' notify: Restart smartgears when: install_gcube_prod_key - - name: Remove the production gcube keys + - name: Remove the production gcube keys from the dataminer webapp file: dest={{ smartgears_instance_path }}/webapps/{{ dataminer_wps_name }}/ecocfg/PARALLEL_PROCESSIN/{{ item.name }} state=absent - with_items: - - '{{ gcube_prod_key_1 }}' - - '{{ gcube_prod_key_2 }}' - - '{{ gcube_prod_key_3 }}' - - '{{ gcube_prod_key_4 }}' - - '{{ gcube_prod_key_5 }}' - - '{{ gcube_prod_key_6 }}' - - '{{ gcube_prod_key_7 }}' - - '{{ gcube_prod_key_8 }}' - - '{{ gcube_prod_key_9 }}' + with_items: '{{ gcube_production_security_keys }}' notify: Restart smartgears when: not install_gcube_prod_key - - name: Install the devel gcube keys + - name: Install the devel gcube keys into the dataminer webapp get_url: url={{ item.url }} dest={{ smartgears_instance_path }}/webapps/{{ dataminer_wps_name }}/ecocfg/PARALLEL_PROCESSING/{{ item.name }} owner={{ smartgears_user }} group={{ smartgears_user }} mode=0600 - with_items: - - '{{ gcube_dev_key_1 }}' - - '{{ gcube_dev_key_2 }}' - - '{{ gcube_dev_key_3 }}' + with_items: '{{ gcube_dev_security_keys }}' notify: Restart smartgears when: install_gcube_dev_key - - name: Remove the devel gcube keys + - name: Remove the devel gcube keys from the dataminer webapp file: dest={{ smartgears_instance_path }}/webapps/{{ dataminer_wps_name }}/ecocfg/PARALLEL_PROCESSING/{{ item.name }} state=absent - with_items: - - '{{ gcube_dev_key_1 }}' - - '{{ gcube_dev_key_2 }}' - - '{{ gcube_dev_key_3 }}' + with_items: '{{ gcube_dev_security_keys }}' notify: Restart smartgears when: not install_gcube_dev_key - - name: Install the preprod gcube keys + - name: Install the preprod gcube keys into the dataminer webapp get_url: url={{ item.url }} dest={{ smartgears_instance_path }}/webapps/{{ dataminer_wps_name }}/ecocfg/PARALLEL_PROCESSING/{{ item.name }} owner={{ smartgears_user }} group={{ smartgears_user }} mode=0600 - with_items: - - '{{ gcube_pre_key_1 }}' - - '{{ gcube_dev_key_1 }}' + with_items: '{{ gcube_preprod_security_keys }}' notify: Restart smartgears when: install_gcube_preprod_key - - name: Remove the preprod gcube keys + - name: Remove the preprod gcube keys from the dataminer webapp file: dest={{ smartgears_instance_path }}/webapps/{{ dataminer_wps_name }}/ecocfg/PARALLEL_PROCESSING/{{ item.name }} state=absent - with_items: - - '{{ gcube_pre_key_1 }}' + with_items: '{{ gcube_preprod_security_keys }}' + notify: Restart smartgears + when: not install_gcube_preprod_key + + - name: Remove obsolete or expired gcube keys from the dataminer webapp + file: dest={{ smartgears_instance_path }}/webapps/{{ dataminer_wps_name }}/ecocfg/PARALLEL_PROCESSING/{{ item.name }} state=absent + with_items: '{{ gcube_old_security_keys }}' notify: Restart smartgears when: not install_gcube_preprod_key diff --git a/smartgears/smartgears/tasks/install-gcube-keys.yml b/smartgears/smartgears/tasks/install-gcube-keys.yml index 6986843..0e65d18 100644 --- a/smartgears/smartgears/tasks/install-gcube-keys.yml +++ b/smartgears/smartgears/tasks/install-gcube-keys.yml @@ -2,67 +2,45 @@ - block: - name: Install the production gcube keys get_url: url={{ item.url }} dest=/{{ gcube_tomcat_lib_dir }}/{{ item.name }} owner={{ smartgears_user }} group={{ d4science_user }} mode=0600 - with_items: - - '{{ gcube_prod_key_1 }}' - - '{{ gcube_prod_key_2 }}' - - '{{ gcube_prod_key_3 }}' - - '{{ gcube_prod_key_4 }}' - - '{{ gcube_prod_key_5 }}' - - '{{ gcube_prod_key_6 }}' - - '{{ gcube_prod_key_7 }}' - - '{{ gcube_prod_key_8 }}' - - '{{ gcube_prod_key_9 }}' + with_items: '{{ gcube_production_security_keys }}' notify: Restart smartgears when: install_gcube_prod_key - name: Remove the production gcube keys file: dest=/{{ gcube_tomcat_lib_dir }}/{{ item.name }} state=absent - with_items: - - '{{ gcube_prod_key_1 }}' - - '{{ gcube_prod_key_2 }}' - - '{{ gcube_prod_key_3 }}' - - '{{ gcube_prod_key_4 }}' - - '{{ gcube_prod_key_5 }}' - - '{{ gcube_prod_key_6 }}' - - '{{ gcube_prod_key_7 }}' - - '{{ gcube_prod_key_8 }}' - - '{{ gcube_prod_key_9 }}' + with_items: '{{ gcube_production_security_keys }}' notify: Restart smartgears when: not install_gcube_prod_key - name: Install the devel gcube keys get_url: url={{ item.url }} dest=/{{ gcube_tomcat_lib_dir }}/{{ item.name }} owner={{ smartgears_user }} group={{ d4science_user }} mode=0600 - with_items: - - '{{ gcube_dev_key_1 }}' - - '{{ gcube_dev_key_2 }}' - - '{{ gcube_dev_key_3 }}' + with_items: '{{ gcube_dev_security_keys }}' notify: Restart smartgears when: install_gcube_dev_key - name: Remove the devel gcube keys file: dest=/{{ gcube_tomcat_lib_dir }}/{{ item.name }} state=absent - with_items: - - '{{ gcube_dev_key_1 }}' - - '{{ gcube_dev_key_2 }}' - - '{{ gcube_dev_key_3 }}' + with_items: '{{ gcube_dev_security_keys }}' notify: Restart smartgears when: not install_gcube_dev_key - name: Install the preprod gcube keys get_url: url={{ item.url }} dest=/{{ gcube_tomcat_lib_dir }}/{{ item.name }} owner={{ smartgears_user }} group={{ smartgears_user }} mode=0600 - with_items: - - '{{ gcube_pre_key_1 }}' - - '{{ gcube_dev_key_1 }}' + with_items: '{{ gcube_preprod_security_keys }}' notify: Restart smartgears when: install_gcube_preprod_key - name: Remove the preprod gcube keys file: dest=/{{ gcube_tomcat_lib_dir }}/{{ item.name }} state=absent - with_items: - - '{{ gcube_pre_key_1 }}' + with_items: '{{ gcube_preprod_security_keys }}' notify: Restart smartgears when: not install_gcube_preprod_key + - name: Remove the obsolete or expired gcube keys + file: dest=/{{ gcube_tomcat_lib_dir }}/{{ item.name }} state=absent + with_items: '{{ gcube_old_security_keys }}' + notify: Restart smartgears + become: True become_user: '{{ smartgears_user }}' tags: gcube_key diff --git a/smartgears/smartgears_egi_image/templates/get-gcube-keys.sh.j2 b/smartgears/smartgears_egi_image/templates/get-gcube-keys.sh.j2 index f4b8276..5b10804 100644 --- a/smartgears/smartgears_egi_image/templates/get-gcube-keys.sh.j2 +++ b/smartgears/smartgears_egi_image/templates/get-gcube-keys.sh.j2 @@ -33,7 +33,6 @@ elif [ "$INFRA_NAME" == "d4science.research-infrastructures.eu" ] ; then wget {{ gcube_pkey_4 }} --no-check-certificate -o $LOG_FILE.D4Research -O D4Research.gcubekey wget {{ gcube_pkey_3 }} --no-check-certificate -o $LOG_FILE.SoBigData -O SoBigData.gcubekey wget {{ gcube_pkey_3 }} --no-check-certificate -o $LOG_FILE.OpenAIRE -O OpenAIRE.gcubekey - wget {{ gcube_pkey_3 }} --no-check-certificate -o $LOG_FILE.Edison -O Edison.gcubekey wget {{ gcube_pkey_3 }} --no-check-certificate -o $LOG_FILE.SmartArea -O SmartArea.gcubekey chmod 400 $SM_LIB_DIR/*.gcubekey else