Target type cleanup (#1090)

* Only include runtime encryption secret for MII targets

* Only add secrets to domain resource if target uses credential secrets

* Combine similar domain resource templates and customize using target configuration

Author: rakillen

core/src/main/python/wlsdeploy/tool/util/targets/additional_output_helper.py

@@ -1,5 +1,5 @@
 """
-Copyright (c) 2020, 2021, Oracle and/or its affiliates.
+Copyright (c) 2020, 2022, Oracle and/or its affiliates.
 Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 Methods for creating Kubernetes resource configuration files for Verrazzano.
@@ -49,6 +49,7 @@
 NAMESPACE = 'namespace'
 REPLICAS = 'replicas'
 RUNTIME_ENCRYPTION_SECRET = "runtimeEncryptionSecret"
+USE_PERSISTENT_VOLUME = "usePersistentVolume"
 WEBLOGIC_CREDENTIALS_SECRET = 'webLogicCredentialsSecret'
 
 
@@ -85,7 +86,7 @@ def _create_file(template_name, template_hash, model_context, output_dir, except
     _method_name = '_create_file'
 
     target_key = model_context.get_target()
-    template_subdir = "targets/" + target_key + "/" + template_name
+    template_subdir = "targets/templates/" + template_name
     template_path = path_utils.find_config_path(template_subdir)
     output_file = File(output_dir, template_name)
 
@@ -104,6 +105,7 @@ def _build_template_hash(model, model_context, aliases, credential_injector):
     :return: the hash dictionary
     """
     template_hash = dict()
+    target_configuration = model_context.get_target_configuration()
 
     # actual domain name
 
@@ -130,9 +132,15 @@ def _build_template_hash(model, model_context, aliases, credential_injector):
 
     # runtime encryption secret
 
-    runtime_secret = domain_uid + target_configuration_helper.RUNTIME_ENCRYPTION_SECRET_SUFFIX
-    declared_secrets.append(runtime_secret)
-    template_hash[RUNTIME_ENCRYPTION_SECRET] = runtime_secret
+    additional_secrets = target_configuration.get_additional_secrets()
+    if target_configuration_helper.RUNTIME_ENCRYPTION_SECRET_NAME in additional_secrets:
+        runtime_secret = domain_uid + target_configuration_helper.RUNTIME_ENCRYPTION_SECRET_SUFFIX
+        declared_secrets.append(runtime_secret)
+        template_hash[RUNTIME_ENCRYPTION_SECRET] = runtime_secret
+
+    # use persistent_volume
+
+    template_hash[USE_PERSISTENT_VOLUME] = target_configuration.use_persistent_volume()
 
     # configuration / model
     template_hash[DOMAIN_TYPE] = model_context.get_domain_type()
@@ -212,11 +220,13 @@ def _build_template_hash(model, model_context, aliases, credential_injector):
 
     # combine user/password properties to get a single list
     secrets = []
-    for property_name in credential_injector.get_variable_cache():
-        halves = property_name.split(':', 1)
-        name = halves[0]
-        if name not in secrets:
-            secrets.append(name)
+
+    if target_configuration.uses_credential_secrets():
+        for property_name in credential_injector.get_variable_cache():
+            halves = property_name.split(':', 1)
+            name = halves[0]
+            if name not in secrets:
+                secrets.append(name)
 
     for secret in secrets:
         secrets_hash = dict()

core/src/main/python/wlsdeploy/util/target_configuration.py

@@ -18,6 +18,9 @@
 # Determines whether the domainBin contents should be excluded
 EXCLUDE_DOMAIN_BIN_CONTENTS = "exclude_domain_bin_contents"
 
+# Determines whether a persistent volume is used
+USE_PERSISTENT_VOLUME = "use_persistent_volume"
+
 # put secret tokens in the model, and build a script to create the secrets.
 SECRETS_METHOD = 'secrets'
 
@@ -149,3 +152,13 @@ def exclude_domain_bin_contents(self):
         if result is None:
             result = False
         return result
+
+    def use_persistent_volume(self):
+        """
+        Determine if this configuration uses a persistent volume for the domain home.
+        :return: True if persistent volume is used, False otherwise
+        """
+        result = dictionary_utils.get_element(self.config_dictionary, USE_PERSISTENT_VOLUME)
+        if result is None:
+            result = False
+        return result

core/src/main/targetconfigs/vz-pv/vz-application.yaml renamed to core/src/main/targetconfigs/templates/vz-application.yaml

@@ -68,10 +68,12 @@ spec:
 
               # WebLogic Image Tool provides modelHome
               modelHome: {{{modelHome}}}
+{{#runtimeEncryptionSecret}}
 
               # encryption for the WDT model and the SystemSerializedIni.data file.
               # used only for model-in-image deployment, can be removed for other types.
               runtimeEncryptionSecret: {{{runtimeEncryptionSecret}}}
+{{/runtimeEncryptionSecret}}
 {{#hasAdditionalSecrets}}
 
             secrets:
@@ -107,6 +109,7 @@ spec:
                 value: "-Dweblogic.StdoutDebugEnabled=false"
               - name: USER_MEM_ARGS
                 value: "-Djava.security.egd=file:/dev/./urandom -Xms64m -Xmx256m "
+{{#usePersistentVolume}}
 
             # volume information for persistent volume
             volumes:
@@ -116,6 +119,7 @@ spec:
             volumeMounts:
               - mountPath: /shared
                 name: weblogic-domain-storage-volume
+{{/usePersistentVolume}}
 ---
 apiVersion: core.oam.dev/v1alpha2
 kind: Component

core/src/main/targetconfigs/wko-pv/wko-domain.yaml renamed to core/src/main/targetconfigs/templates/wko-domain.yaml

@@ -34,6 +34,7 @@ spec:
       value: "-Dweblogic.StdoutDebugEnabled=false"
     - name: USER_MEM_ARGS
       value: "-Djava.security.egd=file:/dev/./urandom -Xms64m -Xmx256m "
+{{#usePersistentVolume}}
 
     # volume information for persistent volume
     volumes:
@@ -43,8 +44,9 @@ spec:
     volumeMounts:
       - mountPath: /shared
         name: weblogic-domain-storage-volume
-
+{{/usePersistentVolume}}
 {{#hasClusters}}
+
   # clusters is used to configure the desired behavior for starting member servers of a cluster.
   # If you use this entry, then the rules will be applied to ALL servers that are members of the named clusters.
   clusters:
@@ -80,10 +82,12 @@ spec:
 
       # WebLogic Image Tool provides modelHome
       modelHome: {{{modelHome}}}
+{{#runtimeEncryptionSecret}}
 
       # encryption for the WDT model and the SystemSerializedIni.data file.
       # used only for model-in-image deployment, can be removed for other types.
       runtimeEncryptionSecret: {{{runtimeEncryptionSecret}}}
+{{/runtimeEncryptionSecret}}
 {{#hasAdditionalSecrets}}
 
     # Secrets that are referenced by model yaml macros

core/src/main/targetconfigs/vz-dii/target.json

@@ -8,6 +8,5 @@
     "validation_method" : "lax",
     "credentials_output_method" : "script",
     "exclude_domain_bin_contents": true,
-    "additional_secrets": "runtime-encryption-secret",
     "additional_output" : "vz-application.yaml"
 }

core/src/main/targetconfigs/vz-dii/vz-application.yaml

@@ -8,6 +8,6 @@
     "validation_method" : "lax",
     "credentials_output_method" : "script",
     "exclude_domain_bin_contents": true,
-    "additional_secrets": "runtime-encryption-secret",
+    "use_persistent_volume" : true,
     "additional_output" : "vz-application.yaml"
 }