NEST OSCert - Windoze support (#237)

* daytrader3

* ear

* rename ear

* getNameFromIdFromId error

* add datasource

* db2 debug

* it works

* webserver name

* daytrader tuning

* jython args

* args

* fine tuning

* wsadminlib pre-req

* start cluster

* syncall

* add cluster parm

* debug

* debug

* moved the tuning to it's own role

* instana retention allows /mnt with 2TB not to fill up over time

* better kill twas

* remove dup createDatasource

* twas_cell copy db2jars to targets

* moved db2jar put

* propogate plugin-cfg.kdb

* pluginkey syntax

* python3 tWAS SIB drop tables

* mode 755

* datasourceHelperClassname

* fix v90 package string

* fix extension

* v90 packages

* twas90 alterations

* sdk8 chagnes

* twas90 install template

* py->yml

* wsadminlib.py dest

* common daytrader role and files

* roles->role

* removed symlink due to ansible-galaxy

* separate daytrader resource config and application

* remove readme

* daytrader7 app install

* print debug

* admin role issue still not working

* unintall previous app on re-runs

* use wsadminlib function to delete app

* move ihsplugin to common role

* missing defaults

* complete the gen propagate function

* java/jmeter forceReplace

* java/jmeter forceReplace - helps update existing

* missing =

* jenkins debug

* -vvv debug

* bool

* indent

* indent

* create dir

* forceReplace.sh script

* intial windoze ibm im install debug

* add CYGWIN_NT-10.0-20348

* windoze uninstall im debug

* windoze check

* ihs windoze install path trick

* re-enable no log to mask sensitive info

* sync

* sync

* move actual shared config file later in process

* sync with external updates

* podman for jmeter containers

* podman in jmeter play

ansible/request-rhel-jmeter-fyre-play/jmeter-play.yml

@@ -1,5 +1,11 @@
 ---
 
+- hosts: all
+  vars:
+  - ansible_user: root
+  roles:
+  - role: podman
+
 - hosts: all
   vars:
   - ansible_user: "{{ jmeterUser }}"
@@ -8,4 +14,3 @@
   roles:
   - role: jmeter_java
   - role: jmeter
-

ansible/request-rhel-jmeter-fyre-play/request-rhel-jmeter-fyre-play.yml

@@ -13,6 +13,7 @@
   - role: jmeter_prereqs
   - role: nestuser
   - role: timezone
+  - role: podman
 
 - hosts: jmeter
   vars:

ansible/roles/fyrevm_provision/tasks/fyrevm_provision.yml

@@ -146,4 +146,4 @@
   args: "{{ extra_props| default(omit) }}"
   no_log: True
   changed_when: false
-  when: "fyre_addAnsibleHost|bool == false"
+  when: "fyre_addAnsibleHost|bool == false"

ansible/roles/http_defaults/defaults/main.yml

@@ -2,6 +2,8 @@
 im_driver: 'f5102145.01'
 twas_release: 'WAS90' # WAS855
 install_base: '/home/nest'
+# trick the template to install onto windoze via cygwin
+install_base_win: ''
 daily_or_test: 'test'
 http_dir: 'HTTPServer'
 plugin_dir: 'Plugins'

ansible/roles/ibm_installation_manager/defaults/main.yml

@@ -3,4 +3,6 @@ im_archive_driver_version: '1916'
 im_archive_driver: '1.9.1006.20210614_1906'
 im_archive: 'https://rtpgsa.ibm.com/gsa/rtpgsa/home/w/a/wasngi/web/public/NGI/IM/recommended/drivers/{{ im_archive_driver_version }}/ga'
 install_base: '/home/nest'
+# trick the template to install onto windoze via cygwin
+install_base_win: ''
 shared_dir: 'IM-shared'

ansible/roles/ibm_installation_manager/tasks/ibm_installation_manager.yml

@@ -22,6 +22,7 @@
   - ansible_system == 'Linux'
 - set_fact:
     archive_name_match: 'agent.installer.win32.win32.x86_64_{{ im_archive_driver }}.zip'
+    install_base_win: 'c:\cygwin'
   when:
   - ansible_architecture == 'x86_64'
   - ansible_system == 'Windows' or 'CYG' in ansible_system

ansible/roles/ibm_installation_manager/templates/ibm_im_responsefile.xml.j2

@@ -1,10 +1,10 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <agent-input>
 <server>
-<repository location='{{ install_base }}/im_install' temporary='true'/>
+<repository location='{{ install_base_win}}{{ install_base }}/im_install' temporary='true'/>
 </server>
-<profile kind='self' installLocation='{{ install_base }}/IM' id='IBM Installation Manager'>
-<data key='eclipseLocation' value='{{ install_base }}/IM'/>
+<profile kind='self' installLocation='{{ install_base_win}}{{ install_base }}/IM' id='IBM Installation Manager'>
+<data key='eclipseLocation' value='{{ install_base_win}}{{ install_base }}/IM'/>
 <data key='cic.selector.nl' value='ja,es,ru,en,fr,zh_TW,pl,el,de,cs,zh_HK,ko,hu,pt_BR,tr,it,da,zh'/>
 </profile>
 <install>

ansible/roles/ibm_installation_manager_cic_selector/defaults/main.yml

@@ -10,4 +10,5 @@ cic_selector_os:
   AIX: 'aix'
   Linux: 'linux'
   Windows: 'win32'
-  ZOS: 'zos'
+  CYGWIN_NT-10.0-20348: 'win32' # hard coded to a specific cygwin version
+  ZOS: 'zos'

ansible/roles/im_cleanup_http_liberty_im/tasks/im_cleanup_http_liberty_im.yml

@@ -50,11 +50,23 @@
   debug: 
    msg: "{{ uninstallOutput.stdout_lines }}"
 
-- name:  uninstall ibm installation manager
+# windoze /cygdrive/c/Users/Administrator/AppData/Roaming/IBM/Installation Manager/uninstall/userinstc
+# ansible_user: Administrator
+- name:  uninstall Windoze ibm installation manager
+  ignore_errors: true
+  shell: "~/AppData/Roaming/IBM/Installation Manager/uninstall/userinstc"
+  register: uninstallOutput
+  failed_when: ( uninstallOutput.rc not in [ 0, 1 ] )
+  when: 
+  - ansible_system == 'Windows' or 'CYG' in ansible_system
+
+- name:  uninstall *nix ibm installation manager
   ignore_errors: true
   shell: "~/var/ibm/InstallationManager/uninstall/uninstallc"
   register: uninstallOutput
   failed_when: ( uninstallOutput.rc not in [ 0, 1 ] )
+  when: 
+  - ansible_system != 'Windows' and 'CYG' not in ansible_system
 
 - name: uninstallAll output
   debug: 

ansible/roles/im_install_http_plugin/tasks/im_install_http_plugin.yml

@@ -12,6 +12,12 @@
      path: "{{ install_base }}/IM/eclipse/tools/imcl"
     register: isimcl
     failed_when: isimcl.stat.exists == False
+
+  - set_fact:
+      install_base_win: 'c:\cygwin'
+    when:
+    - ansible_architecture == 'x86_64'
+    - ansible_system == 'Windows' or 'CYG' in ansible_system
 
   - name: copy ihs_plugin.xml template
     template:

ansible/roles/im_install_http_plugin/templates/im_http_plugin_WAS90.xml.j2

@@ -1,12 +1,12 @@
 <?xml version='1.0' encoding='UTF-8'?>
 <agent-input>
   <variables>
-   <variable name='sharedLocation' value='{{ install_base }}/{{ shared_dir }}'/>
+   <variable name='sharedLocation' value='{{ install_base_win }}{{ install_base }}/{{ shared_dir }}'/>
   </variables>
   <server>
 	  <repository location='https://rtpgsa.ibm.com/gsa/rtpgsa/projects/w/was.build/botp/{{ twas_release }}.IM/{{ daily_or_test }}/{{ im_driver }}.linux/linux/zipper/repository/'/>
   </server>
-  <profile id='IBM HTTP Server' installLocation='{{ install_base }}/{{ http_dir }}'>
+  <profile id='IBM HTTP Server' installLocation='{{ install_base_win }}{{ install_base }}/{{ http_dir }}'>
     <data key='cic.selector.arch' value='{{ cic_selector_arch[ansible_architecture] }}'/>
     <data key='cic.selector.os' value='{{ cic_selector_os[ansible_system] }}'/>	  
     <data key='user.ihs.allowNonRootSilentInstall' value='true'/>
@@ -23,7 +23,7 @@
     <!-- IBM SDK, Java Technology Edition, Version 8 8.0.7.0 -->
     <offering profile='IBM HTTP Server' id='{{ im_http_java_package }}' features='com.ibm.sdk.8'/>
   </install>
-  <profile id='Web Server Plug-ins for IBM WebSphere Application Server' installLocation='{{ install_base }}/{{ plugin_dir }}'>
+  <profile id='Web Server Plug-ins for IBM WebSphere Application Server' installLocation='{{ install_base_win }}{{ install_base }}/{{ plugin_dir }}'>
     <data key='cic.selector.arch' value='{{ cic_selector_arch[ansible_architecture] }}'/>
     <data key='cic.selector.os' value='{{ cic_selector_os[ansible_system] }}'/>
   </profile>
@@ -33,7 +33,7 @@
     <!-- IBM SDK, Java Technology Edition, Version 8 8.0.7.0 -->
     <offering profile='Web Server Plug-ins for IBM WebSphere Application Server' id='{{ im_plugin_java_package }}' features='com.ibm.sdk.8'/>
   </install>
-  <profile id='WebSphere Customization Toolbox' installLocation='{{ install_base }}/{{ wct_dir }}'>
+  <profile id='WebSphere Customization Toolbox' installLocation='{{ install_base_win }}{{ install_base }}/{{ wct_dir }}'>
     <data key='cic.selector.arch' value='{{ cic_selector_arch[ansible_architecture] }}'/>
     <data key='cic.selector.os' value='{{ cic_selector_os[ansible_system] }}'/>
   </profile>

ansible/roles/podman/tasks/RedHat.8.yml

@@ -0,0 +1,17 @@
+---
+# specific OS supports wildcards, if preceded with @ its a group
+# if the db is corrupt, this can fix it: rpm --rebuilddb
+- name: dnf update
+  become: yes
+  dnf:
+   name: '*'
+   state: latest
+
+- name: install packages
+  become: yes
+  dnf:
+   name: "{{ packages }}"
+   state: present
+  vars:
+   packages:
+   - 'podman'

ansible/roles/podman/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+- include_tasks: "{{ ansible_distribution }}.{{ ansible_distribution_major_version }}.yml"
+  when: 
+  - ansible_system == 'Linux' 

ansible/roles/was_automation_register/scripts/configuretWasUsageMetering.py

@@ -1,6 +1,6 @@
 #------------------------------------------------------------------------------------
 # configuretWasUsageMetering.py - configure tWAS server with usage metering feature  
-# https://www.ibm.com/docs/en/ws-automation?topic=vulnerabilities-adding-websphere-application-server-server#cf-t-add-was__wsascript
+# https://www.ibm.com/docs/en/ws-automation?topic=monitoring-registering-websphere-application-server-traditional-servers
 #------------------------------------------------------------------------------------
 #
 #  This script configures a traditional WebSphere Application Server with the usage 
@@ -176,8 +176,7 @@ def configuretWasUsageMetering(url, apiKey, sslRef, trustStoreName, trustStorePa
    #-------------------------------------------------------------
    if len(certAlias) == 0:
        # use default certificate alias if it is not specified 
-       # NOTE: the alias is stored in all lower case even if it has CAPS.....
-       certAlias = "meteringalias".lower()
+       certAlias = "meteringalias"
        print "Using default certificate alias: " + certAlias
 
    # delete certificate if it exists in keystore
@@ -187,9 +186,8 @@ def configuretWasUsageMetering(url, apiKey, sslRef, trustStoreName, trustStorePa
        start = cert.find("alias")
        end = cert.find("] [version")
        alias = cert[start+6:end]
-       print "checking signer: " + alias
        if alias == certAlias.lower():
-           print "Deleting signer: " + alias
+           print "Deleting existing certificate ... " + alias
            AdminTask.deleteSignerCertificate(['-keyStoreName', trustStoreName, '-certificateAlias', alias ])
 
    # retrieve new certificate from api-usagemetering-host and port
@@ -1090,7 +1088,7 @@ def _splitlist(s):
     if len(url) > 0:
         print "  url: " + url
     if len(apiKey) > 0:
-        print "  apiKey: " + "********"  #### [email protected] - do not echo sensitive info
+        print "  apiKey: " + "********"
     if len(sslRef) > 0:
         print "  sslRef: " + sslRef
     if len(trustStoreName) > 0:
@@ -1113,3 +1111,5 @@ def _splitlist(s):
     configuretWasUsageMetering(url, apiKey, sslRef, trustStoreName, trustStorePassword, certAlias, nodeName, serverName, clusterName, startServers, namespace)
 
 #endIf
+
+

ansible/roles/was_automation_register/tasks/liberty.yml

@@ -39,6 +39,13 @@
    liberty_usr_dir: "{{ usr_dir[usr_dir_index|int:usr_dir_len|int] }}"
    liberty_shared_config: "{{ usr_dir[usr_dir_index|int:usr_dir_len|int] }}/shared/config"
 
+- name: ensure the liberty shared directory exists
+  file:
+    path: "{{ item }}"
+    state: directory
+  with_items:
+  - "{{ liberty_shared_config }}"
+
 - name: remove existing config
   file:
    path: "{{ item }}"
@@ -58,11 +65,6 @@
   command: "{{ wa_target_path }}/{{ securityUtility_bin.stdout_lines[0] }} encode {{ wa_keystore_pass }}"
   register: xor # DO NOT CHANGE THIS NAME. ITS used in templates/was-usage-metering.xml.j2
 
-- name: Generate config files
-  template:
-   src: was-usage-metering.xml.j2
-   dest: "{{ liberty_shared_config }}/was-usage-metering.xml"
-
 - name: find the keytool
   command: "find . -name keytool"
   args:
@@ -86,6 +88,11 @@
    chdir: "{{ liberty_shared_config }}"
   register: import_cert
 
+- name: Generate config files
+  template:
+   src: was-usage-metering.xml.j2
+   dest: "{{ liberty_shared_config }}/was-usage-metering.xml"
+
 - name: add new config into the servers server.xml file
   lineinfile:
     path: "{{ liberty_usr_dir }}/servers/{{ item }}/server.xml"