fixes for pr comments

operator/src/main/resources/scripts/introspectDomain.py

@@ -402,6 +402,7 @@ def validateAdminServer(self):
       return
     adminServer = None
     for server in self.env.getDomain().getServers():
+      self.validateServerTemplateNapListenPortIsSet(server)
       if adminServerName == server.getName():
         adminServer = server
     if adminServer is None:
@@ -460,19 +461,12 @@ def validateNonDynamicClusterServersHaveSameListenPort(self, cluster):
       if cluster is self.env.getClusterOrNone(server):
         listenPort = getRealListenPort(server)
         listenPortEnabled = isListenPortEnabledForServer(server, self.env.getDomain())
-        ssl = getSSLOrNone(server)
         sslListenPort = None
         sslListenPortEnabled = None
-        ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain())
+        ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain(), is_server_template=False)
         if ssl_listen_port is not None:
           sslListenPort = ssl_listen_port
           sslListenPortEnabled = True
-        # if ssl is not None:
-        #   sslListenPort = getRealSSLListenPort(server, ssl.getListenPort())
-        #   sslListenPortEnabled = ssl.isEnabled()
-        # elif isSecureModeEnabledForDomain(self.env.getDomain()):
-        #   sslListenPort = 7002
-        #   sslListenPortEnabled = True
 
         adminPort = getAdministrationPort(server, self.env.getDomain())
         adminPortEnabled = isAdministrationPortEnabledForServer(server, self.env.getDomain())
@@ -545,6 +539,7 @@ def validateDynamicCluster(self, cluster):
   def validateDynamicClusterReferencedByOneServerTemplate(self, cluster):
     server_template=None
     for template in self.env.getDomain().getServerTemplates():
+      self.validateServerTemplateNapListenPortIsSet(template)
       if self.env.getClusterOrNone(template) is cluster:
         if server_template is None:
           server_template = template
@@ -555,6 +550,21 @@ def validateDynamicClusterReferencedByOneServerTemplate(self, cluster):
     if server_template is None:
       self.addError("The WebLogic dynamic cluster " + self.name(cluster) + "' is not referenced by any server template.")
 
+  def validateServerTemplateNapListenPortIsSet(self, server_or_template):
+    naps = server_or_template.getNetworkAccessPoints()
+    for nap in naps:
+      if nap.getListenPort() == 0:
+        self.addError(
+              "Invalid listen port value '"
+              + str(nap.getListenPort())
+              + "' in the WebLogic Domain for "
+              + server_or_template.getName()
+              + ' Network Channel '
+              + nap.getName()
+              + '. Please provide a valid value for the listen port, this is likely because of not specifying the port '
+                'value during domain '
+                'creation')
+
   def validateDynamicClusterNotReferencedByAnyServers(self, cluster):
     for server in self.env.getDomain().getServers():
       if self.env.getClusterOrNone(server) is cluster:
@@ -662,31 +672,20 @@ def addServer(self, server, is_server_template=False):
     self.writeln("  listenAddress: " + self.quote(self.env.toDNS1123Legal(self.env.getDomainUID() + "-" + server.getName())))
     if isAdministrationPortEnabledForServer(server, self.env.getDomain(), is_server_template):
       self.writeln("  adminPort: " + str(getAdministrationPort(server, self.env.getDomain())))
-    self.addSSL(server)
+    self.addSSL(server, is_server_template)
     self.addNetworkAccessPoints(server, is_server_template)
 
-  def addSSL(self, server):
+  def addSSL(self, server, is_server_template):
     '''
-    Write the SSL topology information to the output
+    Write the SSL topology information to the topology yaml output
     :param server: Server or ServerTemplate
     '''
-    # ssl = getSSLOrNone(server)
-    ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain())
+    ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain(), is_server_template)
     if ssl_listen_port is not None:
       self.indent()
       self.writeln("sslListenPort: " + str(ssl_listen_port))
       self.undent()
 
-    # if ssl is not None and ssl.isEnabled():
-    #   sslport = getRealSSLListenPort(server, ssl.getListenPort())
-    #   self.indent()
-    #   self.writeln("sslListenPort: " + str(sslport))
-    #   self.undent()
-    # elif ssl is None and isSecureModeEnabledForDomain(self.env.getDomain()):
-    #   self.indent()
-    #   self.writeln("sslListenPort: 7002")
-    #   self.undent()
-
   def addServerTemplates(self):
     serverTemplates = self.env.getDomain().getServerTemplates()
     if len(serverTemplates) == 0:
@@ -791,30 +790,8 @@ def addNetworkAccessPoint(self, server, nap, is_server_template):
       name=self.name(nap)
     self.writeln("  - name: " + name)
     self.writeln("    protocol: " + self.quote(nap_protocol))
-    if nap.getListenPort() == 0:
-      trace("SEVERE", "Invalid listen port value '"
-            + str(nap.getListenPort())
-            + "' in the WebLogic Domain for "
-            + server.getName()
-            + ' Network Channel '
-            + nap.getName()
-            + '. Please provide a valid value for the listen port, this is likely because of not specifying the port '
-              'value during domain '
-              'creation')
-      sys.exit(1)
 
     self.writeln("    listenPort: " + str(nap.getListenPort()))
-    # if nap.getPublicPort() == 0:
-    #   trace("SEVERE", "Invalid public listen port value '"
-    #         + str(nap.getListenPort())
-    #         + "' in the WebLogic Domain for "
-    #         + server.getName()
-    #         + ' Network Channel '
-    #         + nap.getName()
-    #         + '. Please provide a valid value for the public port, this is likely because of not specifying the port '
-    #           'value during domain '
-    #           'creation')
-    #   sys.exit(1)
     self.writeln("    publicPort: " + str(nap.getPublicPort()))
 
 
@@ -840,15 +817,7 @@ def addIstioNetworkAccessPoints(self, server, is_server_template, added_nap):
     self.addIstioNetworkAccessPoint("tcp-snmp", "snmp", getRealListenPort(server), 0)
     self.addIstioNetworkAccessPoint("tcp-iiop", "iiop", getRealListenPort(server), 0)
 
-    # ssl = getSSLOrNone(server)
-    # ssl_listen_port = None
-    # if ssl is not None and ssl.isEnabled():
-    #   ssl_listen_port = getRealSSLListenPort(server, ssl.getListenPort())
-    # elif ssl is None and isSecureModeEnabledForDomain(self.env.getDomain()):
-    #   ssl_listen_port = "7002"
-    #
-
-    ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain())
+    ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain(), is_server_template)
 
     if ssl_listen_port is not None:
       self.addIstioNetworkAccessPoint("https-secure", "https", ssl_listen_port, 0)
@@ -1245,14 +1214,7 @@ def customizeServerIstioNetworkAccessPoint(self, listen_address, server):
     self._writeIstioNAP(name='tcp-iiop', server=server, listen_address=listen_address,
                         listen_port=admin_server_port, protocol='iiop')
 
-    # ssl = getSSLOrNone(server)
-    # ssl_listen_port = None
-    # if ssl is not None and ssl.isEnabled():
-    #   ssl_listen_port = getRealSSLListenPort(server, ssl.getListenPort())
-    # elif ssl is None and isSecureModeEnabledForDomain(self.env.getDomain()):
-    #   ssl_listen_port = "7002"
-
-    ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain())
+    ssl_listen_port = getSSLPortIfEnabled(server, self.env.getDomain(), is_server_template=False)
 
     if ssl_listen_port is not None:
       self._writeIstioNAP(name='https-secure', server=server, listen_address=listen_address,
@@ -1302,12 +1264,6 @@ def customizeManagedIstioNetworkAccessPoint(self, listen_address, template):
     self._writeIstioNAP(name='tcp-iiop', server=template, listen_address=listen_address,
                         listen_port=listen_port, protocol='iiop')
 
-    # ssl = getSSLOrNone(template)
-    # ssl_listen_port = None
-    # if ssl is not None and ssl.isEnabled():
-    #   ssl_listen_port = getRealSSLListenPort(template, ssl.getListenPort())
-    # elif ssl is None and isSecureModeEnabledForDomain(self.env.getDomain()):
-    #   ssl_listen_port = "7002"
     ssl_listen_port = getSSLPortIfEnabled(template, self.env.getDomain())
 
     if ssl_listen_port is not None:
@@ -1697,31 +1653,18 @@ def introspect(self):
 
     tg.generate()
 
-# Work-around bugs in off-line WLST when accessing an SSL mbean
-def getSSLOrNone(server):
-  try:
-    # this can throw if SSL mbean not there
-    ret = server.getSSL()
-    # this can throw if SSL mbean is there but enabled is false
-    ret.getListenPort()
-    # this can throw if SSL mbean is there but enabled is false
-    ret.isEnabled()
-  except:
-    trace("Ignoring getSSL() exception, this is expected.")
-    ret = None
-
-  return ret
-
 def getRealSSLListenPort(server, sslport):
   """
-  Return the real ssl listening port that will be used in runtime.
-   This is the actual port that WebLogic will bind to.  This occurs when user
-   specify 7002 in the model or wlst offline when creating the domain which results empty
-   entry in the config.xml. The introspector using wlst offline to read the domain and the
-   mbean returns 8100. we cannot use this in the topology when setting up the container port
-   since the actual listening port is 7002.
+  Return the real listening port that will be used in runtime,
+  which can be different than is reported by WLST off-line.
 
-   If it is not a server template, then just return from the mbean.
+  The difference occurs when a user specifies 7002 in the model
+  or wlst offline for a server template when creating the domain,
+  which results in an empty entry in the config.xml. When subsequently
+  using wlst offline to read the domain, the mbean mistakenly
+  returns 8100 but the actual listening port is 7001.
+
+  If it is not a server template, then just return from the mbean.
 
   :param server:  server or server template
   :param sslport: sslport from wlst offline mbean
@@ -1737,30 +1680,33 @@ def getRealSSLListenPort(server, sslport):
 
   return sslport
 
-def getRealListenPort(server):
+def getRealListenPort(template):
   """
-  Return the real listening port that will be used in runtime.
-   This is the actual port that WebLogic will bind to.  This occurs when user
-   specify 7001 in the model or wlst offline when creating the domain which results empty
-   entry in the config.xml. The introspector using wlst offline to read the domain and the
-   mbean returns 7100. we cannot use this in the topology when setting up the container port
-   since the actual listening port is 7001.
+  Return the real listening port that will be used in runtime,
+  which can be different than is reported by WLST off-line.
+
+  The difference occurs when a user specifies 7001 in the model
+  or wlst offline for a server template when creating the domain,
+  which results in an empty entry in the config.xml. When subsequently
+  using wlst offline to read the domain, the mbean mistakenly
+  returns 7100 but the actual listening port is 7001.
 
-   If it is not a server template, then just return from the mbean.
+  If it is not a server template, then just return from the mbean.
 
   :param server:  server or server template
   :return: listening port
   """
-  if server_template_listening_ports.has_key(server.getName()):
-    port = server_template_listening_ports[server.getName()]
+  if server_template_listening_ports.has_key(template.getName()):
+    port = server_template_listening_ports[template.getName()]
     if port is None:
       return 7001
 
-  port = server.getListenPort()
+  port = template.getListenPort()
+  # Probably don't need this - unlike NAP that can be 0.
   if port == 0:
     return 7001
 
-  return server.getListenPort()
+  return port
 
 
 # Derive the default value for SecureMode of a domain
@@ -1838,15 +1784,80 @@ def isSSLListenPortEnabled(ssl, domain):
       enabled = True
   return enabled
 
-def getSSLPortIfEnabled(server, domain):
-  ssl = getSSLOrNone(server)
+def getSSLPortIfEnabled(server, domain, is_server_template=True):
+  """
+  return the SSL listen port if enabled -
+    If SSL is enabled:
+      If is_server_template is False then just return the SSL listen port from server mbean.
+      If is_server_template is True then return the actual SSL listen port that it listens on.  If the server
+
+    If SSL is not enabled but domain has SecureMode enabled return 7002.
+  :param server: server or server template
+  :param domain: domain mbean
+  :return: SSL listen port
+  """
+  ssl = None
   ssl_listen_port = None
+  try:
+    # this can throw if SSL mbean not there
+    ssl = server.getSSL()
+    # this can throw if SSL mbean is there but enabled is false
+    ssl.getListenPort()
+    # this can throw if SSL mbean is there but enabled is false ??
+    ssl.isEnabled()
+  except:
+    pass
+
   if ssl is not None and ssl.isEnabled():
-    ssl_listen_port = getRealSSLListenPort(server, ssl.getListenPort())
+    if not is_server_template:
+      ssl_listen_port = ssl.getListenPort()
+    else:
+      ssl_listen_port = getRealSSLListenPort(server, ssl.getListenPort())
   elif ssl is None and isSecureModeEnabledForDomain(domain):
     ssl_listen_port = "7002"
   return ssl_listen_port
 
+def get_server_template_listening_ports_from_configxml(config_xml):
+  '''
+  get_server_tempalate's listening port and ssl port from the config.xml
+  :param config_xml:         full path to config.xml
+  :return: dictionary of servertemplate ssl port and servertemplate listen port
+  '''
+  DOMTree = parse(config_xml)
+  collection = DOMTree.documentElement
+
+  templates = collection.getElementsByTagName("server-template")
+  server_template_ssls = dict()
+  server_template_ports = dict()
+
+  # if port is not specified in config.xml, set to None
+
+  for template in templates:
+    sslport = None
+    port = None
+    if template.parentNode.nodeName != 'domain':
+      continue
+    template_name = template.getElementsByTagName('name')[0].firstChild.nodeValue
+    # Get listen port
+    listen_ports = template.getElementsByTagName('listen-port')
+
+    for listen_port in listen_ports:
+      if listen_port.parentNode.nodeName == 'server-template':
+        port = listen_port.firstChild.nodeValue
+        break
+    server_template_ports[template_name] = port
+
+    # Get ssl port
+    ssls = template.getElementsByTagName('ssl')
+    if len(ssls) > 0:
+      ssl = ssls.item(0)
+      listen_port = ssl.getElementsByTagName('listen-port')
+      if len(listen_port) > 0:
+        sslport = listen_port[0].firstChild.nodeValue
+    server_template_ssls[template_name] = sslport
+
+  return server_template_ssls, server_template_ports
+
 def main(env):
   try:
     #  Needs to build the domain first

operator/src/main/resources/scripts/utils.py

@@ -64,44 +64,4 @@ def trace(arg1,arg2='SENTINEL'):
   else:
     traceInner(arg1,arg2)
 
-def get_server_template_listening_ports_from_configxml(config_xml):
-  '''
-  get_server_tempalate's listening port and ssl port from the config.xml
-  :param config_xml:         full path to config.xml
-  :return: dictionary of servertemplate ssl port and servertemplate listen port
-  '''
-  DOMTree = parse(config_xml)
-  collection = DOMTree.documentElement
-
-  templates = collection.getElementsByTagName("server-template")
-  server_template_ssls = dict()
-  server_template_ports = dict()
-
-  # if port is not specified in config.xml, set to None
-
-  for template in templates:
-    sslport = None
-    port = None
-    if template.parentNode.nodeName != 'domain':
-      continue
-    template_name = template.getElementsByTagName('name')[0].firstChild.nodeValue
-    # Get listen port
-    listen_ports = template.getElementsByTagName('listen-port')
-
-    for listen_port in listen_ports:
-      if listen_port.parentNode.nodeName == 'server-template':
-        port = listen_port.firstChild.nodeValue
-        break
-    server_template_ports[template_name] = port
-
-    # Get ssl port
-    ssls = template.getElementsByTagName('ssl')
-    if len(ssls) > 0:
-      ssl = ssls.item(0)
-      listen_port = ssl.getElementsByTagName('listen-port')
-      if len(listen_port) > 0:
-        sslport = listen_port[0].firstChild.nodeValue
-    server_template_ssls[template_name] = sslport
-
-  return server_template_ssls, server_template_ports