Is there a possibility to update properties in archive files?

Question

Is there a possibility to update properties in archive files?

brieucolivier opened this issue 2 years ago · 9 comments

Dears,

We have some files from the archive such as "saml2idppartner.properties" for which we would like to have parameterized configurations like it's the case for the model (see https://oracle.github.io/weblogic-deploy-tooling/concepts/model/#model-tokens).
We did not find in the documentation a way to do so, and the properties remains unreplaced in our archive.

Would there be a way to achieve this?

BR,
Brieuc.

Answer 1 · 2024-01-20T14:06:20.000Z

@brieucolivier WDT does not currently provide any solution for this. You could do this yourself by

preprocessing the file to have the content you want and use the archiveHelper to replace the version in the archive, or
adding the environment-specific version in a second archive file so that the original file is overridden by the second archive, or
copy the environment-specific file into $DOMAIN_HOME/security after running WDT and before starting the admin server.

If you want something in WDT to do this, please explain your use case a little more and why none of the above approaches work for you.

Answer 2 · 2024-01-24T08:34:13.000Z

@robertpatrick, thanks for the reply.
We do not have hand on the code in between copy of the environment files and the startup of the admin server.
The idea would be to have a static image with possibility to have those updatable with placeholders and environment properties and/or application properties files as in the WDT model.
Do you know whether this is planned ?

Answer 3 · 2024-01-24T15:33:43.000Z

@brieucolivier I am the WDT architect and we currently have no plans to do anything like this. I am still struggling to understand why this is needed.

We do not have hand on the code in between copy of the environment files and the startup of the admin server.

Clearly, something is running WDT so I don't understand why you say that there is no place to insert this extra logic. WDT recently added a mechanism to execute a shell script at the end of the createDomain command. This would be one way to inject logic for replacing property values prior to the admin server starting...

Another way would be to change the code that is invoking WDT to download an environment-specific version of the file prior to running WDT and apply that file accordingly.

Answer 4 · 2024-01-24T16:46:21.000Z

Which properties in this file do you need to change "per environment"?
How would you envision that this token replacement would work?
- Would these just be normal @@PROP:xxx@@ references that are resolved in the variables file?
- If so, how is the variables file getting updated with environment-specific values?
Are you deploying this domain in Kubernetes using the WebLogic Kubernetes Operator? If so, are you using Model in Image with Auxiliary Image or Domain on PV with Domain Initialization Image?

Answer 5 · 2024-01-25T08:52:47.000Z

We did not found this mechanism for shell script execution at the end of createDomain, do you have a reference for this feature documentation?

1 - > In the /wdt/wlsdeploy/security/saml/2/ folder we would need to be able to update the metadata file and the various properties of the saml2idppartner.properties file. (E.g., the redirectUris, the mapperClassname...)

2 - > I would indeed expect to replace those properties with variables like "@@ENV:REDIRECT_URIS@@" or "@@PROP:redirectUris@@"

3 - > Sorry for missing this precision : we are deploying Model in Image with Auxiliary Image with the Weblogic Kubernetes Operator.

Answer 6 · 2024-01-25T12:54:06.000Z

@brieucolivier

We did not found this mechanism for shell script execution at the end of createDomain, do you have a reference for this feature documentation?

This feature is something new that we added for Oracle Identity Governance that is really intended as an advanced use case. It is a feature of the typedef file so in order to use this, you would need to either create a new typedef or modify an existing one.

2 - > I would indeed expect to replace those properties with variables like "@@env:REDIRECT_URIS@@" or "@@prop:redirectUris@@"

But this implies that you had to update/override the variables file built into the image with the environment-specific values, right? Why not just update/override the saml2idppartner.properties file directly instead?

Answer 7 · 2024-01-25T16:02:27.000Z

But this implies that you had to update/override the variables file built into the image with the environment-specific values, right? Why not just update/override the saml2idppartner.properties file directly instead?

We must have a unique fix image for all our environments. The idea would be to have in environments variables or in its configmap the properties to be able to complete the saml2idppartner.properties.

Answer 8 · 2024-01-25T21:51:59.000Z

@brieucolivier We are adding support for this to WDT 4.0. However, the WKO introspector will almost certainly require changes to work correctly with this feature.

Answer 9 · 2024-01-26T06:56:45.000Z

Thank you very much for the feedback,
Have a nice day, BR