Wdt 961 password ease of use (#972)

Author: CarolynRountree

core/src/main/python/create.py

@@ -73,8 +73,12 @@
     CommandLineArgUtil.VARIABLE_FILE_SWITCH,
     CommandLineArgUtil.USE_ENCRYPTION_SWITCH,
     CommandLineArgUtil.PASSPHRASE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_ENV_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_FILE_SWITCH,
     CommandLineArgUtil.OPSS_WALLET_SWITCH,
     CommandLineArgUtil.OPSS_WALLET_PASSPHRASE,
+    CommandLineArgUtil.OPSS_WALLET_FILE_PASSPHRASE,
+    CommandLineArgUtil.OPSS_WALLET_ENV_PASSPHRASE,
     CommandLineArgUtil.UPDATE_RCU_SCHEMA_PASS_SWITCH
 ]
 

core/src/main/python/deploy.py

@@ -55,8 +55,12 @@
     CommandLineArgUtil.ADMIN_URL_SWITCH,
     CommandLineArgUtil.ADMIN_USER_SWITCH,
     CommandLineArgUtil.ADMIN_PASS_SWITCH,
+    CommandLineArgUtil.ADMIN_PASS_FILE_SWITCH,
+    CommandLineArgUtil.ADMIN_PASS_ENV_SWITCH,
     CommandLineArgUtil.USE_ENCRYPTION_SWITCH,
     CommandLineArgUtil.PASSPHRASE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_FILE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_ENV_SWITCH,
     CommandLineArgUtil.OUTPUT_DIR_SWITCH,
     CommandLineArgUtil.DISCARD_CURRENT_EDIT_SWITCH,
     CommandLineArgUtil.CANCEL_CHANGES_IF_RESTART_REQ_SWITCH

core/src/main/python/discover.py

@@ -76,6 +76,8 @@
     CommandLineArgUtil.ADMIN_URL_SWITCH,
     CommandLineArgUtil.ADMIN_USER_SWITCH,
     CommandLineArgUtil.ADMIN_PASS_SWITCH,
+    CommandLineArgUtil.ADMIN_PASS_FILE_SWITCH,
+    CommandLineArgUtil.ADMIN_PASS_ENV_SWITCH,
     CommandLineArgUtil.TARGET_MODE_SWITCH,
     CommandLineArgUtil.OUTPUT_DIR_SWITCH,
     CommandLineArgUtil.TARGET_SWITCH

core/src/main/python/encrypt.py

@@ -45,6 +45,8 @@
     CommandLineArgUtil.MODEL_FILE_SWITCH,
     CommandLineArgUtil.VARIABLE_FILE_SWITCH,
     CommandLineArgUtil.PASSPHRASE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_FILE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_ENV_SWITCH,
     CommandLineArgUtil.ENCRYPT_MANUAL_SWITCH,
     CommandLineArgUtil.ONE_PASS_SWITCH
 ]

core/src/main/python/extract_resource.py

@@ -45,6 +45,8 @@
     CommandLineArgUtil.VARIABLE_FILE_SWITCH,
     CommandLineArgUtil.USE_ENCRYPTION_SWITCH,
     CommandLineArgUtil.PASSPHRASE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_FILE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_ENV_SWITCH,
 ]
 
 

core/src/main/python/update.py

@@ -58,8 +58,12 @@
     CommandLineArgUtil.ADMIN_URL_SWITCH,
     CommandLineArgUtil.ADMIN_USER_SWITCH,
     CommandLineArgUtil.ADMIN_PASS_SWITCH,
+    CommandLineArgUtil.ADMIN_PASS_FILE_SWITCH,
+    CommandLineArgUtil.ADMIN_PASS_ENV_SWITCH,
     CommandLineArgUtil.USE_ENCRYPTION_SWITCH,
     CommandLineArgUtil.PASSPHRASE_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_ENV_SWITCH,
+    CommandLineArgUtil.PASSPHRASE_FILE_SWITCH,
     CommandLineArgUtil.CANCEL_CHANGES_IF_RESTART_REQ_SWITCH,
     CommandLineArgUtil.OUTPUT_DIR_SWITCH,
     CommandLineArgUtil.UPDATE_RCU_SCHEMA_PASS_SWITCH,

core/src/main/python/wlsdeploy/util/cla_utils.py

@@ -6,7 +6,11 @@
 """
 import os
 import java.io.File as JFile
+import java.io.BufferedReader as BufferedReader
+import java.io.InputStreamReader as InputStreamReader
+import java.io.IOException as IOException
 import java.lang.IllegalArgumentException as JIllegalArgumentException
+import java.lang.System as System
 import java.net.URI as JURI
 import java.net.URISyntaxException as JURISyntaxException
 
@@ -45,12 +49,16 @@ class CommandLineArgUtil(object):
     ADMIN_USER_SWITCH          = '-admin_user'
     # phony arg used as a key to store the password
     ADMIN_PASS_SWITCH          = '-admin_pass'
+    ADMIN_PASS_FILE_SWITCH     = '-admin_pass_file'
+    ADMIN_PASS_ENV_SWITCH      = '-admin_pass_env'
     ARCHIVE_FILE_SWITCH        = '-archive_file'
     SKIP_ARCHIVE_FILE_SWITCH    = '-skip_archive'
     MODEL_FILE_SWITCH          = '-model_file'
     DISCARD_CURRENT_EDIT_SWITCH   = '-discard_current_edit'
     OPSS_WALLET_SWITCH         = '-opss_wallet'
     OPSS_WALLET_PASSPHRASE     = '-opss_wallet_passphrase'
+    OPSS_WALLET_FILE_PASSPHRASE = '-opss_wallet_passphrase_file'
+    OPSS_WALLET_ENV_PASSPHRASE  = '-opss_wallet_passphrase_env'
     PREVIOUS_MODEL_FILE_SWITCH = '-prev_model_file'
     VARIABLE_FILE_SWITCH       = '-variable_file'
     RCU_DB_SWITCH              = '-rcu_db'
@@ -62,6 +70,8 @@ class CommandLineArgUtil(object):
     RCU_SCHEMA_PASS_SWITCH     = '-rcu_schema_pass'
     # phony arg used as a key to store the encryption passphrase
     PASSPHRASE_SWITCH          = '-passphrase'
+    PASSPHRASE_ENV_SWITCH      = '-passphrase_env'
+    PASSPHRASE_FILE_SWITCH     = '-passphrase_file'
     ENCRYPT_MANUAL_SWITCH      = '-manual'
     # phony arg used as a key to store the password
     ONE_PASS_SWITCH            = '-password'
@@ -230,10 +240,26 @@ def process_args(self, args, tool_type=TOOL_TYPE_DEFAULT, trailing_arg_count=0):
                 value, idx = self._get_arg_value(args, idx)
                 self._validate_admin_pass_arg(value)
                 self._add_arg(key, value)
+            elif self.is_admin_pass_env_key(key):
+                env_var, idx = self._get_arg_value(args, idx)
+                value = self._get_env_var_value(env_var)
+                self._add_arg(self.get_admin_pass_key(), value)
+            elif self.is_admin_pass_file_key(key):
+                file_var, idx = self._get_arg_value(args, idx)
+                value = self._get_from_file_value(file_var)
+                self._add_arg(self.get_admin_pass_key(), value)
             elif self.is_archive_file_key(key):
                 value, idx = self._get_arg_value(args, idx)
                 full_path = self._validate_archive_file_arg(value)
                 self._add_arg(key, full_path, True)
+            elif self.is_opss_passphrase_env(key):
+                env_var, idx = self._get_arg_value(args, idx)
+                value = self._get_env_var_value(env_var)
+                self._add_arg(self.get_opss_passphrase_key(), value)
+            elif self.is_opss_passphrase_file(key):
+                file_var, idx = self._get_arg_value(args, idx)
+                value = self._get_from_file_value(file_var)
+                self._add_arg(self.get_opss_passphrase_key(), value)
             elif self.is_opss_passphrase_key(key):
                 value, idx = self._get_arg_value(args, idx)
                 self._validate_opss_passphrase_arg(value)
@@ -281,6 +307,14 @@ def process_args(self, args, tool_type=TOOL_TYPE_DEFAULT, trailing_arg_count=0):
                 value, idx = self._get_arg_value(args, idx)
                 self._validate_passphrase_arg(value)
                 self._add_arg(key, value)
+            elif self.is_passphrase_env_switch(key):
+                env_var, idx = self._get_arg_value(args, idx)
+                value = self._get_env_var_value(env_var)
+                self._add_arg(self.get_passphrase_switch(), value)
+            elif self.is_passphrase_file_switch(key):
+                file_var, idx = self._get_arg_value(args, idx)
+                value = self._get_from_file_value(file_var)
+                self._add_arg(self.get_passphrase_switch(), value)
             elif self.is_one_pass_switch(key):
                 value, idx = self._get_arg_value(args, idx)
                 self._validate_one_pass_arg(value)
@@ -663,6 +697,12 @@ def get_admin_pass_key(self):
     def is_admin_pass_key(self, key):
         return self.ADMIN_PASS_SWITCH == key
 
+    def is_admin_pass_env_key(self, key):
+        return self.ADMIN_PASS_ENV_SWITCH == key
+
+    def is_admin_pass_file_key(self, key):
+        return self.ADMIN_PASS_FILE_SWITCH == key
+
     def _validate_admin_pass_arg(self, value):
         method_name = '_validate_admin_pass_arg'
 
@@ -709,6 +749,14 @@ def is_opss_passphrase_key(self, key):
 
         return self.OPSS_WALLET_PASSPHRASE == key
 
+    def is_opss_passphrase_env(self, key):
+
+        return self.OPSS_WALLET_ENV_PASSPHRASE == key
+
+    def is_opss_passphrase_file(self, key):
+
+        return self.OPSS_WALLET_FILE_PASSPHRASE == key
+
     def _validate_opss_passphrase_arg(self, value):
         method_name = '_validate_opss_passphrase_arg'
         if value is None or len(value) == 0:
@@ -721,6 +769,12 @@ def _validate_opss_passphrase_arg(self, value):
     def get_opss_wallet_key(self):
         return self.OPSS_WALLET_SWITCH
 
+    def get_opss_wallet_env(self):
+        return self.OPSS_WALLET_ENV_SWITCH
+
+    def get_opss_wallet_file(self):
+        return self.OPSS_WALLET__SWITCH
+
     def is_opss_wallet_key(self, key):
         return self.OPSS_WALLET_SWITCH == key
 
@@ -885,12 +939,45 @@ def _validate_rcu_schema_pass_arg(self, value):
             raise ex
         return
 
+    def _get_env_var_value(self, env_var):
+        _method_name = '_get_env_var_value'
+        value = System.getenv(env_var)
+        if not value:
+            ex = exception_helper.create_cla_exception('WLSDPLY-01649', env_var)
+            ex.setExitCode(self.ARG_VALIDATION_ERROR_EXIT_CODE)
+            self._logger.throwing(ex, class_name=self._class_name, method_name=_method_name)
+            raise ex
+        return value
+
+    def _get_from_file_value(self, file_var):
+        _method_name = '_get_from_file_value'
+        ifile = None
+        try:
+            stream = JFileUtils.getFileAsStream(file_var)
+            ifile = BufferedReader(InputStreamReader(stream))
+            value = ifile.readLine()
+            ifile.close()
+            return value
+        except IOException:
+            if ifile:
+                ifile.close()
+            ex = exception_helper.create_cla_exception('WLSDPLY-01651', file_var)
+            ex.setExitCode(self.ARG_VALIDATION_ERROR_EXIT_CODE)
+            self._logger.throwing(ex, class_name=self._class_name, method_name=_method_name)
+            raise ex
+
     def get_passphrase_switch(self):
         return self.PASSPHRASE_SWITCH
 
     def is_passphrase_switch(self, key):
         return self.PASSPHRASE_SWITCH == key
 
+    def is_passphrase_env_switch(self, key):
+        return self.PASSPHRASE_ENV_SWITCH == key
+
+    def is_passphrase_file_switch(self, key):
+        return self.PASSPHRASE_FILE_SWITCH == key
+
     def _validate_passphrase_arg(self, value):
         method_name = '_validate_passphrase_switch'
 

core/src/main/resources/oracle/weblogic/deploy/messages/wlsdeploy_rb.properties

@@ -290,6 +290,8 @@ WLSDPLY-01645=Target configuration file {0} validation_method must be either str
 WLSDPLY-01646=Supplied OPSS wallet directory {0} was not valid: {1}
 WLSDPLY-01647=Supplied output directory {0} was not valid: {1}
 WLSDPLY-01648=Target configuration file {0} has invalid value {1} for {2}. Valid values are: {3}
+WLSDPLY-01649=Environment variable {0} for password was not found
+WLSDPLY-01651=Variable file {0} was not found or unable to be read
 
 # wlsdeploy/util/cla_helper.py
 WLSDPLY-01650=Saving the model to file {0}

installer/src/main/bin/createDomain.cmd

@@ -79,6 +79,10 @@ ECHO              [-java_home ^<java_home^>]
 ECHO              [-archive_file ^<archive_file^>]
 ECHO              [-model_file ^<model_file^>]
 ECHO              [-variable_file ^<variable_file^>]
+ECHO              [-passphrase_env ^<passphrase_env^>]
+ECHO              [-passphrase_file ^<passphrase_file^>]
+ECHO              [-opss_wallet_passphrase_env ^<opss_wallet_passphrase_env^>]
+ECHO              [-opss_wallet_passphrase_file ^<opss_wallet_passphrase_file^>]
 ECHO              [-wlst_path ^<wlst_path^>]
 ECHO              [-rcu_db ^<rcu_database^>
 ECHO               -rcu_prefix ^<rcu_prefix^>
@@ -120,6 +124,18 @@ ECHO         variable_file   - the location of the property file containing the
 ECHO                           the model. This can also be specified as a comma-separated list of property files,
 ECHO                           where each successive set of properties layers on top of the previous ones.
 ECHO.
+ECHO         passphrase_env  - An alternative to entering the encryption passphrase at a prompt. The value is an
+ECHO                           ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase.
+ECHO.
+ECHO         passphrase_file - An alternative to entering the encryption passphrase at a prompt. The value is a
+ECHO                           the name of a file with a string value which WDT will read to retrieve the passphrase.
+ECHO.
+ECHO         opss_wallet_passphrase_env  - An alternative to entering the OPSS wallet passphrase at a prompt. The value is a
+ECHO                           ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase.
+ECHO.
+ECHO         opss_wallet_passphrase_file - An alternative to entering the OPSS wallet passphrase at a prompt. The value is a
+ECHO                           the name of a file with a string value which WDT will read to retrieve the passphrase.
+ECHO.
 ECHO         wlst_path       - the Oracle Home subdirectory of the wlst.cmd
 ECHO                           script to use (e.g., ^<ORACLE_HOME^>\soa).
 ECHO.

installer/src/main/bin/createDomain.sh

@@ -40,6 +40,10 @@ usage() {
   echo "          [-archive_file <archive_file>]"
   echo "          [-model_file <model_file>]"
   echo "          [-variable_file <variable_file>]"
+  echo "          [-opss_wallet_passphrase_env <opss_wallet_passphrase_env>]"
+  echo "          [-opss_wallet_passphrase_file <opss_wallet_passphrase_file>]"
+  echo "          [-passphrase_env <passphrase_env>]"
+  echo "          [-passphrase_file <passphrase_file>]"
   echo "          [-wlst_path <wlst_path>]"
   echo "          [-rcu_db <rcu_database>"
   echo "           -rcu_prefix <rcu_prefix>"
@@ -81,6 +85,18 @@ usage() {
   echo "                          the model. This can also be specified as a comma-separated list of property files,"
   echo "                          where each successive set of properties layers on top of the previous ones."
   echo ""
+  echo "        passphrase_env  - An alternative to entering the encryption passphrase at a prompt. The value is an "
+  echo "                          ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase. "
+  echo ""
+  echo "        passphrase_file - An alternative to entering the encryption passphrase at a prompt. The value is a "
+  echo "                          the name of a file with a string value which WDT will read to retrieve the passphrase "
+  echo ""
+  echo "        opss_wallet_passphrase_file   - An alternative to entering the OPSS wallet passphrase at a prompt. The value is a "
+  echo "                          the name of a file with a string value which WDT will read to retrieve the passphrase "
+  echo ""
+  echo "        opss_wallet_passphrase_env  - An alternative to entering the OPSS wallet passphrase at a prompt. The value "
+  echo "                          ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase. "
+  echo ""
   echo "        wlst_path       - the Oracle Home subdirectory of the wlst.cmd"
   echo "                          script to use (e.g., <ORACLE_HOME>/soa)."
   echo ""

installer/src/main/bin/deployApps.cmd

@@ -76,10 +76,14 @@ ECHO              [-archive_file ^<archive_file^>]
 ECHO              [-model_file ^<model_file^>]
 ECHO              [-variable_file ^<variable_file^>]
 ECHO              [-domain_type ^<domain_type^>]
+ECHO              [-passphrase_env ^<passphrase_env^>]
+ECHO              [-passphrase_file ^<passphrase_file^>]
 ECHO              [-wlst_path ^<wlst_path^>]
 ECHO              [-canel_changes_if_restart_required]
 ECHO              [-discard_current_edit]
 ECHO              [-output_dir]
+ECHO              [-admin_pass_env ^<admin_pass_env^>
+ECHO              [-admin_pass_file ^<admin_pass_file^>
 ECHO              [-admin_url ^<admin_url^>
 ECHO               -admin_user ^<admin_user^>
 ECHO              ]
@@ -108,13 +112,25 @@ ECHO.
 ECHO         domain_type     - the type of domain (e.g., WLS, JRF).
 ECHO                           Used to locate wlst.cmd if -wlst_path not specified
 ECHO.
+ECHO         passphrase_env  - An alternative to entering the encryption passphrase at a prompt. The value is an
+ECHO                           ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase.
+ECHO.
+ECHO         passphrase_file - An alternative to entering the encryption passphrase at a prompt. The value is
+ECHO                           the name of a file with a string value which WDT will read to retrieve the passphrase.
+ECHO.
 ECHO         wlst_path       - the Oracle Home subdirectory of the wlst.cmd
 ECHO                           script to use (e.g., ^<ORACLE_HOME^>\soa)
 ECHO.
 ECHO         admin_url       - the admin server URL (used for online deploy)
 ECHO.
 ECHO         admin_user      - the admin username (used for online deploy)
 ECHO.
+ECHO         admin_pass_env  - An alternative to entering the admin password at a prompt. The value is a ENVIRONMENT
+ECHO                           VARIABLE name that WDT will use to retrieve the password.
+ECHO.
+ECHO         admin_pass_file - An alternative to entering the admin password at a prompt. The value is a the name of a
+ECHO                           file that contains a password string that the tool will read to retrieve the password.
+ECHO.
 ECHO         cancel_changes_if_restart_required - cancel the changes if the update requires domain restart
 ECHO.
 ECHO         discard_current_edit      - discard all existing changes before starting update

installer/src/main/bin/deployApps.sh

@@ -37,6 +37,10 @@ usage() {
   echo "          [-model_file <model_file>]"
   echo "          [-variable_file <variable_file>]"
   echo "          [-domain_type <domain_type>]"
+  echo "          [-passphrase_env <passphrase_env>]"
+  echo "          [-passphrase_file <passphrase_file>]"
+  echo "          [-admin_pass_env <admin_pass_env>]"
+  echo "          [-admin_pass_file <admin_pass_file>]"
   echo "          [-wlst_path <wlst_path>]"
   echo "          [-cancel_changes_if_restart_required]"
   echo "          [-discard_current_edit]"
@@ -69,6 +73,18 @@ usage() {
   echo "        domain_type     - the type of domain (e.g., WLS, JRF)."
   echo "                          Used to locate wlst.cmd if -wlst_path not specified"
   echo ""
+  echo "        passphrase_env  - An alternative to entering the encryption passphrase at a prompt. The value is an "
+  echo "                          ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase. "
+  echo ""
+  echo "        passphrase_file - An alternative to entering the encryption passphrase at a prompt. The value is a "
+  echo "                          the name of a file with a string value which WDT will read to retrieve the passphrase "
+  echo ""
+  echo "        admin_pass_file  - An alternative to entering the admin passphrase at a prompt. The value "
+  echo "                          ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase. "
+  echo ""
+  echo "        admin_pass_env  - An alternative to entering the admin passphrase at a prompt. The value "
+  echo "                          ENVIRONMENT VARIABLE name that WDT will use to retrieve the passphrase. "
+  echo ""
   echo "        wlst_path       - the Oracle Home subdirectory of the wlst.cmd"
   echo "                          script to use (e.g., <ORACLE_HOME>/soa)"
   echo ""

installer/src/main/bin/discoverDomain.cmd

@@ -77,6 +77,8 @@ ECHO              [-skip_archive]
 ECHO              [-model_file ^<model_file^>]
 ECHO              [-variable_file ^<variable_file^>]
 ECHO              [-domain_type ^<domain_type^>]
+ECHO              [-admin_pass_env ^<admin_pass_env^>]
+ECHO              [-admin_pass_file ^<admin_pass_file^>]
 ECHO              [-wlst_path ^<wlst_path^>]
 ECHO              [-java_home ^<java_home^>]
 ECHO              [-target ^<target^>
@@ -118,6 +120,13 @@ ECHO         target         - targeting platform (k8s, etc.)
 ECHO.
 ECHO         output_dir     - output directory for -target ^<target^>
 ECHO.
+ECHO.
+ECHO         admin_pass_env  - An alternative to entering the admin password at a prompt. The value is a ENVIRONMENT
+ECHO                           VARIABLE name that WDT will use to retrieve the password.
+ECHO.
+ECHO         admin_pass_file - An alternative to entering the admin password at a prompt. The value is a the name of a
+ECHO                           file that contains a password string that the tool will read to retrieve the password.
+ECHO.
 ECHO         admin_url      - the admin server URL (used for online discovery)
 ECHO.
 ECHO         admin_user     - the admin username (used for online discovery)