JIRA WDT-452 - Add configuration/model section to model.yaml; create runtime encryption secret (#704)

Author: rakillen

core/src/main/python/wlsdeploy/tool/util/targets/vz_config_helper.py

@@ -34,11 +34,13 @@
 DATASOURCE_NAME = 'datasourceName'
 DOMAIN_NAME = 'domainName'
 DOMAIN_PREFIX = 'domainPrefix'
+DOMAIN_TYPE = 'domainType'
 DOMAIN_UID = 'domainUid'
 DS_URL = 'url'
 HAS_CLUSTERS = 'hasClusters'
 HAS_DATABASES = 'hasDatabases'
 REPLICAS = 'replicas'
+RUNTIME_ENCRYPTION_SECRET = 'runtimeEncryptionSecret'
 WEBLOGIC_CREDENTIALS_SECRET = 'webLogicCredentialsSecret'
 
 
@@ -54,7 +56,7 @@ def create_vz_configuration(model, model_context, aliases, exception_type):
     # -output_dir argument was previously verified
     output_dir = model_context.get_kubernetes_output_dir()
 
-    template_hash = _build_template_hash(model, aliases)
+    template_hash = _build_template_hash(model, model_context, aliases)
 
     _create_file('model.yaml', template_hash, output_dir, exception_type)
 
@@ -80,10 +82,11 @@ def _create_file(template_name, template_hash, output_dir, exception_type):
     file_template_helper.create_file(template_path, template_hash, output_file, exception_type)
 
 
-def _build_template_hash(model, aliases):
+def _build_template_hash(model, model_context, aliases):
     """
     Create a dictionary of substitution values to apply to the templates.
     :param model: Model object used to derive values
+    :param model_context: used to determine domain type
     :param aliases: used to derive folder names
     :return: the hash dictionary
     """
@@ -110,6 +113,11 @@ def _build_template_hash(model, aliases):
     admin_secret = domain_uid + target_configuration_helper.WEBLOGIC_CREDENTIALS_SECRET_SUFFIX
     template_hash[WEBLOGIC_CREDENTIALS_SECRET] = admin_secret
 
+    # configuration / model
+    template_hash[DOMAIN_TYPE] = model_context.get_domain_type()
+    template_hash[RUNTIME_ENCRYPTION_SECRET] = domain_uid +\
+                                               target_configuration_helper.RUNTIME_ENCRYPTION_SECRET_SUFFIX
+
     # clusters
 
     clusters = []

core/src/main/python/wlsdeploy/util/target_configuration_helper.py

@@ -26,6 +26,10 @@
 __class_name = 'target_configuration_helper'
 __logger = PlatformLogger('wlsdeploy.tool.util')
 
+# secret name for runtime encryption
+RUNTIME_ENCRYPTION_SECRET_NAME = 'runtime-encryption'
+RUNTIME_ENCRYPTION_SECRET_SUFFIX = '-' + RUNTIME_ENCRYPTION_SECRET_NAME
+
 # Kubernetes secret for admin name and password is <domainUid>-weblogic-credentials
 WEBLOGIC_CREDENTIALS_SECRET_NAME = 'weblogic-credentials'
 WEBLOGIC_CREDENTIALS_SECRET_SUFFIX = '-' + WEBLOGIC_CREDENTIALS_SECRET_NAME
@@ -151,6 +155,15 @@ def generate_k8s_script(model_context, token_dictionary, model_dictionary):
         k8s_script.write("# " + message + nl)
         k8s_script.write(command_string + nl)
 
+    # for vz additional output type, add the runtime encryption secret
+    output_types = model_context.get_target_configuration().get_additional_output_types()
+    if VZ_EXTRA_CONFIG in output_types:
+        message = exception_helper.get_message("WLSDPLY-01663", PASSWORD_TAG, RUNTIME_ENCRYPTION_SECRET_NAME)
+        command_string = "create_k8s_secret %s %s " % (RUNTIME_ENCRYPTION_SECRET_NAME, PASSWORD_TAG)
+        k8s_script.write(nl)
+        k8s_script.write("# " + message + nl)
+        k8s_script.write(command_string + nl)
+
     k8s_script.close()
 
 

core/src/main/resources/oracle/weblogic/deploy/targets/vz/model.yaml

@@ -30,6 +30,10 @@ spec:
               value: "-Dweblogic.StdoutDebugEnabled=false"
             - name: USER_MEM_ARGS
               value: "-Djava.security.egd=file:/dev/./urandom -Xms64m -Xmx256m "
+        configuration:
+          model:
+            domainType: {{{domainType}}}
+            runtimeEncryptionSecret: {{{runtimeEncryptionSecret}}}
       connections:
         - ingress:
             - name: {{{domainPrefix}}}-ingress