You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@brooklyn.apache.org by he...@apache.org on 2017/09/13 17:06:54 UTC
[1/4] brooklyn-server git commit: add out of box support for
`$brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")`
Repository: brooklyn-server
Updated Branches:
refs/heads/master fe84df9db -> 16c788edc
add out of box support for `$brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")`
so we can use this in examples rather than a plain-text password
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/5a505e13
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/5a505e13
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/5a505e13
Branch: refs/heads/master
Commit: 5a505e13807f03d71f33f22ba07d3ac55f652a3d
Parents: 36de666
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Fri Sep 8 13:01:55 2017 +0100
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Fri Sep 8 13:06:37 2017 +0100
----------------------------------------------------------------------
.../internal/BasicExternalConfigSupplierRegistry.java | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/5a505e13/core/src/main/java/org/apache/brooklyn/core/mgmt/internal/BasicExternalConfigSupplierRegistry.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/brooklyn/core/mgmt/internal/BasicExternalConfigSupplierRegistry.java b/core/src/main/java/org/apache/brooklyn/core/mgmt/internal/BasicExternalConfigSupplierRegistry.java
index 7d303a3..3e7fa43 100644
--- a/core/src/main/java/org/apache/brooklyn/core/mgmt/internal/BasicExternalConfigSupplierRegistry.java
+++ b/core/src/main/java/org/apache/brooklyn/core/mgmt/internal/BasicExternalConfigSupplierRegistry.java
@@ -26,7 +26,9 @@ import org.apache.brooklyn.api.mgmt.ManagementContext;
import org.apache.brooklyn.core.config.ConfigPredicates;
import org.apache.brooklyn.core.config.ConfigUtils;
import org.apache.brooklyn.core.config.external.ExternalConfigSupplier;
+import org.apache.brooklyn.core.config.external.InPlaceExternalConfigSupplier;
import org.apache.brooklyn.core.internal.BrooklynProperties;
+import org.apache.brooklyn.util.collections.MutableMap;
import org.apache.brooklyn.util.core.ClassLoaderUtils;
import org.apache.brooklyn.util.exceptions.Exceptions;
import org.apache.brooklyn.util.guava.Maybe;
@@ -46,18 +48,26 @@ public class BasicExternalConfigSupplierRegistry implements ExternalConfigSuppli
private static final Logger LOG = LoggerFactory.getLogger(BasicExternalConfigSupplierRegistry.class);
+ public static final String DEMO_SAMPLE_PROVIDER = "brooklyn-demo-sample";
+ public static final String DEMO_SAMPLE_PROVIDER_PASSWORD_KEY = "hidden-brooklyn-password";
+ public static final String DEMO_SAMPLE_PROVIDER_PASSWORD_VALUE = "br00k11n";
+
private final Map<String, ExternalConfigSupplier> providersByName = Maps.newLinkedHashMap();
private final Object providersMapMutex = new Object();
public BasicExternalConfigSupplierRegistry(ManagementContext mgmt) {
+ addProvider(DEMO_SAMPLE_PROVIDER, new InPlaceExternalConfigSupplier(mgmt, DEMO_SAMPLE_PROVIDER,
+ MutableMap.of(DEMO_SAMPLE_PROVIDER_PASSWORD_KEY, DEMO_SAMPLE_PROVIDER_PASSWORD_VALUE)));
updateFromBrooklynProperties(mgmt);
}
@Override
public void addProvider(String name, ExternalConfigSupplier supplier) {
synchronized (providersMapMutex) {
- if (providersByName.containsKey(name))
+ if (providersByName.containsKey(name) && !DEMO_SAMPLE_PROVIDER.equals(name)) {
+ // allow demo to be overridden
throw new IllegalArgumentException("Provider already registered with name '" + name + "'");
+ }
providersByName.put(name, supplier);
}
LOG.info("Added external config supplier named '" + name + "': " + supplier);
[2/4] brooklyn-server git commit: update all tests/examples to use
externalized password
Posted by he...@apache.org.
update all tests/examples to use externalized password
also tweak mysql config to set up users slightly better
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/c6b41cbb
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/c6b41cbb
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/c6b41cbb
Branch: refs/heads/master
Commit: c6b41cbb9d0be302bdda15e76785ee59e81b360b
Parents: 5a505e1
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Fri Sep 8 13:05:22 2017 +0100
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Fri Sep 8 13:06:43 2017 +0100
----------------------------------------------------------------------
.../java-web-app-and-db-with-function-2.yaml | 9 +++++----
.../java-web-app-and-db-with-function.yaml | 7 ++++---
...st-java-web-app-spec-and-db-with-function.yaml | 7 ++++---
.../test/resources/visitors-creation-script.sql | 18 +++++++++++-------
.../java-web-app-and-db-with-function.yaml | 3 ++-
.../test/resources/visitors-creation-script.sql | 18 +++++++++++-------
.../test/resources/generic-application.tests.bom | 6 ++++--
7 files changed, 41 insertions(+), 27 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/c6b41cbb/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function-2.yaml
----------------------------------------------------------------------
diff --git a/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function-2.yaml b/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function-2.yaml
index 1f02444..6fe3a7a 100644
--- a/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function-2.yaml
+++ b/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function-2.yaml
@@ -19,7 +19,7 @@
name: java-cluster-db-example
location: localhost
services:
-- serviceType: org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster
+- type: org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster
name: My Web
brooklyn.config:
wars.root: http://search.maven.org/remotecontent?filepath=io/brooklyn/example/brooklyn-example-hello-world-sql-webapp/0.6.0-M2/brooklyn-example-hello-world-sql-webapp-0.6.0-M2.war
@@ -29,13 +29,14 @@ services:
brooklyn.example.db.url:
# alternate syntax
$brooklyn:formatString:
- - jdbc:%s%s?user=%s\&password=%s
+ - jdbc:%s%s?user=%s&password=%s
- $brooklyn:component("db").attributeWhenReady("datastore.url")
- visitors
- brooklyn
- - br00k11n
-- serviceType: org.apache.brooklyn.entity.database.mysql.MySqlNode
+ - $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")
+- type: org.apache.brooklyn.entity.database.mysql.MySqlNode
name: My DB
id: db
brooklyn.config:
+ creation.script.password: $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")
datastore.creation.script.url: classpath://visitors-creation-script.sql
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/c6b41cbb/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function.yaml
----------------------------------------------------------------------
diff --git a/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function.yaml b/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function.yaml
index 0f15729..d4f47ee 100644
--- a/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function.yaml
+++ b/camp/camp-brooklyn/src/test/resources/java-web-app-and-db-with-function.yaml
@@ -18,7 +18,7 @@
#
name: java-cluster-db-example
services:
-- serviceType: org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster
+- type: org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster
name: My Web
location: localhost
brooklyn.config:
@@ -27,10 +27,11 @@ services:
proxy.http.port: 9210+
java.sysprops:
brooklyn.example.db.url: $brooklyn:formatString("jdbc:%s%s?user=%s&password=%s",
- component("db").attributeWhenReady("datastore.url"), "visitors", "brooklyn", "br00k11n")
-- serviceType: org.apache.brooklyn.entity.database.mysql.MySqlNode
+ component("db").attributeWhenReady("datastore.url"), "visitors", "brooklyn", external("brooklyn-demo-sample", "hidden-brooklyn-password"))
+- type: org.apache.brooklyn.entity.database.mysql.MySqlNode
id: db
name: My DB
location: localhost
brooklyn.config:
+ creation.script.password: $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")
datastore.creation.script.url: classpath://visitors-creation-script.sql
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/c6b41cbb/camp/camp-brooklyn/src/test/resources/test-java-web-app-spec-and-db-with-function.yaml
----------------------------------------------------------------------
diff --git a/camp/camp-brooklyn/src/test/resources/test-java-web-app-spec-and-db-with-function.yaml b/camp/camp-brooklyn/src/test/resources/test-java-web-app-spec-and-db-with-function.yaml
index 8c7b616..aa29524 100644
--- a/camp/camp-brooklyn/src/test/resources/test-java-web-app-spec-and-db-with-function.yaml
+++ b/camp/camp-brooklyn/src/test/resources/test-java-web-app-spec-and-db-with-function.yaml
@@ -19,7 +19,7 @@
name: java-cluster-db-example
location: localhost
services:
-- serviceType: org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster
+- type: org.apache.brooklyn.entity.webapp.ControlledDynamicWebAppCluster
name: My Web
brooklyn.config:
proxy.http.port: 9210+
@@ -31,9 +31,10 @@ services:
wars.root: http://search.maven.org/remotecontent?filepath=org/apache/brooklyn/example/brooklyn-example-hello-world-sql-webapp/0.8.0-incubating/brooklyn-example-hello-world-sql-webapp-0.8.0-incubating.war
java.sysprops:
brooklyn.example.db.url: $brooklyn:formatString("jdbc:%s%s?user=%s\\&password=%s",
- component("db").attributeWhenReady("datastore.url"), "visitors", "brooklyn", "br00k11n")
-- serviceType: org.apache.brooklyn.entity.database.mysql.MySqlNode
+ component("db").attributeWhenReady("datastore.url"), "visitors", "brooklyn", $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password"))
+- type: org.apache.brooklyn.entity.database.mysql.MySqlNode
id: db
name: My DB
brooklyn.config:
+ creation.script.password: $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")
datastore.creation.script.url: classpath://visitors-creation-script.sql
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/c6b41cbb/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
----------------------------------------------------------------------
diff --git a/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql b/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
index a324d2e..304c060 100644
--- a/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
+++ b/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
@@ -19,18 +19,22 @@
create database visitors;
use visitors;
-# not necessary to create user if we grant (and not supported in some dialects)
-create user 'brooklyn' identified by 'br00k11n';
-
-grant usage on *.* to 'brooklyn'@'%' identified by 'br00k11n';
-
-# ''@localhost is sometimes set up, overriding brooklyn@'%', so do a second explicit grant
-grant usage on *.* to 'brooklyn'@'localhost' identified by 'br00k11n';
+# the below will create user (and note create user not supported in some dialects)
+grant usage on *.* to 'brooklyn'@'%' identified by '${config["creation.script.password"]}';
grant all privileges on visitors.* to 'brooklyn'@'%';
+# useful if sockets work also
+grant all privileges on visitors.* to 'brooklyn'@'localhost';
+
+# drop the anonymous users eg ''@'localhost' and sometimes other local hostnames
+# (necessary for same-host access as these are more restrictive rules that trump the wildcard above)
+delete from mysql.user where User='';
flush privileges;
+
+# and now the table for visitors
+
CREATE TABLE MESSAGES (
id BIGINT NOT NULL AUTO_INCREMENT,
NAME VARCHAR(30) NOT NULL,
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/c6b41cbb/launcher/src/test/resources/java-web-app-and-db-with-function.yaml
----------------------------------------------------------------------
diff --git a/launcher/src/test/resources/java-web-app-and-db-with-function.yaml b/launcher/src/test/resources/java-web-app-and-db-with-function.yaml
index d3c3a04..bc12f50 100644
--- a/launcher/src/test/resources/java-web-app-and-db-with-function.yaml
+++ b/launcher/src/test/resources/java-web-app-and-db-with-function.yaml
@@ -27,10 +27,11 @@ services:
proxy.http.port: 9210+
java.sysprops:
brooklyn.example.db.url: $brooklyn:formatString("jdbc:%s%s?user=%s\\&password=%s",
- component("db").attributeWhenReady("datastore.url"), "visitors", "brooklyn", "br00k11n")
+ component("db").attributeWhenReady("datastore.url"), "visitors", "brooklyn", $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password"))
- serviceType: org.apache.brooklyn.entity.database.mysql.MySqlNode
id: db
name: My DB
location: localhost
brooklyn.config:
+ creation.script.password: $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")
creationScriptUrl: classpath://visitors-creation-script.sql
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/c6b41cbb/launcher/src/test/resources/visitors-creation-script.sql
----------------------------------------------------------------------
diff --git a/launcher/src/test/resources/visitors-creation-script.sql b/launcher/src/test/resources/visitors-creation-script.sql
index 2422f8f..304c060 100644
--- a/launcher/src/test/resources/visitors-creation-script.sql
+++ b/launcher/src/test/resources/visitors-creation-script.sql
@@ -19,18 +19,22 @@
create database visitors;
use visitors;
-# not necessary to create user if we grant (and not supported in some dialects)
-# create user 'brooklyn' identified by 'br00k11n';
-
-grant usage on *.* to 'brooklyn'@'%' identified by 'br00k11n';
-
-# ''@localhost is sometimes set up, overriding brooklyn@'%', so do a second explicit grant
-grant usage on *.* to 'brooklyn'@'localhost' identified by 'br00k11n';
+# the below will create user (and note create user not supported in some dialects)
+grant usage on *.* to 'brooklyn'@'%' identified by '${config["creation.script.password"]}';
grant all privileges on visitors.* to 'brooklyn'@'%';
+# useful if sockets work also
+grant all privileges on visitors.* to 'brooklyn'@'localhost';
+
+# drop the anonymous users eg ''@'localhost' and sometimes other local hostnames
+# (necessary for same-host access as these are more restrictive rules that trump the wildcard above)
+delete from mysql.user where User='';
flush privileges;
+
+# and now the table for visitors
+
CREATE TABLE MESSAGES (
id BIGINT NOT NULL AUTO_INCREMENT,
NAME VARCHAR(30) NOT NULL,
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/c6b41cbb/locations/container/src/test/resources/generic-application.tests.bom
----------------------------------------------------------------------
diff --git a/locations/container/src/test/resources/generic-application.tests.bom b/locations/container/src/test/resources/generic-application.tests.bom
index 0294cc6..e900a5a 100644
--- a/locations/container/src/test/resources/generic-application.tests.bom
+++ b/locations/container/src/test/resources/generic-application.tests.bom
@@ -78,7 +78,7 @@ brooklyn.catalog:
- $brooklyn:config("db.url")
- "visitors"
- "brooklyn"
- - "br00k11n"
+ - $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")
brooklyn.enrichers:
- type: org.apache.brooklyn.core.network.OnPublicNetworkEnricher
brooklyn.config:
@@ -123,6 +123,8 @@ brooklyn.catalog:
provisioning.properties:
osFamily: centos
osVersionRegex: 7
+ creation.script.password: $brooklyn:external("brooklyn-demo-sample", "hidden-brooklyn-password")
+ # config above won't actually be used until link below updated to 0.12 or later (but values are the same so will be fine)
datastore.creation.script.url:
"https://raw.githubusercontent.com/apache/brooklyn-library/0.11.x/examples/simple-web-cluster/src/main/resources/visitors-creation-script.sql"
brooklyn.enrichers:
@@ -464,4 +466,4 @@ brooklyn.catalog:
$brooklyn:formatString:
- "http://%s"
- $brooklyn:entity("httpd").attributeWhenReady("docker.port.80.mapped.public")
- timeout: 30s
\ No newline at end of file
+ timeout: 30s
[4/4] brooklyn-server git commit: This closes #812
Posted by he...@apache.org.
This closes #812
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/16c788ed
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/16c788ed
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/16c788ed
Branch: refs/heads/master
Commit: 16c788edc9968291c59d9a8c7ae293695518cb34
Parents: fe84df9 61c1988
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Wed Sep 13 18:00:17 2017 +0100
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Wed Sep 13 18:00:17 2017 +0100
----------------------------------------------------------------------
.../java-web-app-and-db-with-function-2.yaml | 9 +++++----
.../java-web-app-and-db-with-function.yaml | 7 ++++---
...-java-web-app-spec-and-db-with-function.yaml | 7 ++++---
.../test/resources/visitors-creation-script.sql | 20 +++++++++++++-------
.../BasicExternalConfigSupplierRegistry.java | 12 +++++++++++-
.../java-web-app-and-db-with-function.yaml | 3 ++-
.../test/resources/visitors-creation-script.sql | 20 +++++++++++++-------
.../resources/generic-application.tests.bom | 6 ++++--
8 files changed, 56 insertions(+), 28 deletions(-)
----------------------------------------------------------------------
[3/4] brooklyn-server git commit: include default password in sql for
backwards compatibility
Posted by he...@apache.org.
include default password in sql for backwards compatibility
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo
Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/61c19881
Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/61c19881
Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/61c19881
Branch: refs/heads/master
Commit: 61c1988120ca8fd2284bcbd9ec2b61535eaded1f
Parents: c6b41cb
Author: Alex Heneveld <al...@cloudsoftcorp.com>
Authored: Wed Sep 13 17:58:53 2017 +0100
Committer: Alex Heneveld <al...@cloudsoftcorp.com>
Committed: Wed Sep 13 17:58:53 2017 +0100
----------------------------------------------------------------------
.../src/test/resources/visitors-creation-script.sql | 4 +++-
launcher/src/test/resources/visitors-creation-script.sql | 4 +++-
2 files changed, 6 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/61c19881/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
----------------------------------------------------------------------
diff --git a/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql b/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
index 304c060..1640d1b 100644
--- a/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
+++ b/camp/camp-brooklyn/src/test/resources/visitors-creation-script.sql
@@ -21,7 +21,9 @@ use visitors;
# the below will create user (and note create user not supported in some dialects)
-grant usage on *.* to 'brooklyn'@'%' identified by '${config["creation.script.password"]}';
+# default password specified for compatibility with older blueprints that don't provide config;
+# if your blueprint sets the password it can be removed here
+grant usage on *.* to 'brooklyn'@'%' identified by '${config["creation.script.password"]!"br00k11n"}';
grant all privileges on visitors.* to 'brooklyn'@'%';
# useful if sockets work also
grant all privileges on visitors.* to 'brooklyn'@'localhost';
http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/61c19881/launcher/src/test/resources/visitors-creation-script.sql
----------------------------------------------------------------------
diff --git a/launcher/src/test/resources/visitors-creation-script.sql b/launcher/src/test/resources/visitors-creation-script.sql
index 304c060..1640d1b 100644
--- a/launcher/src/test/resources/visitors-creation-script.sql
+++ b/launcher/src/test/resources/visitors-creation-script.sql
@@ -21,7 +21,9 @@ use visitors;
# the below will create user (and note create user not supported in some dialects)
-grant usage on *.* to 'brooklyn'@'%' identified by '${config["creation.script.password"]}';
+# default password specified for compatibility with older blueprints that don't provide config;
+# if your blueprint sets the password it can be removed here
+grant usage on *.* to 'brooklyn'@'%' identified by '${config["creation.script.password"]!"br00k11n"}';
grant all privileges on visitors.* to 'brooklyn'@'%';
# useful if sockets work also
grant all privileges on visitors.* to 'brooklyn'@'localhost';