changeset 526:cb688221b17b

Add ESS scripts and update workflows to connect to employee self service.
author Marc Davis <marc.davis@mcoecn.org>
date Wed, 10 Apr 2024 11:04:39 -0400 (9 months ago)
parents c941bcc97e5b
children 4b026170dfea
files prod/install-ess-app.sh prod/install-ess-db.sh prod/install-workflows-app.sh
diffstat 3 files changed, 140 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/prod/install-ess-app.sh	Wed Apr 10 11:04:39 2024 -0400
@@ -0,0 +1,119 @@
+#!/bin/bash
+#
+# read required env variables
+BASEDIR="$PWD"
+source $BASEDIR/.env/ess-shared.properties
+source $BASEDIR/.env/ess-app.properties
+#
+# docker login
+echo "Attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
+#
+# docker pull app image
+echo "Attempting to pull $artifactUrl/ess-app:$appVersion"
+docker pull $artifactUrl/ess-app:$appVersion
+#
+# docker stop ess app container
+echo "Attempting to stop $entityId-ess-app container"
+docker stop $entityId-ess-app
+#
+# docker rm ess app container
+echo "Attempting to remove $entityId-ess-app container"
+docker rm $entityId-ess-app
+#
+# Builder docker run command based on settings in env files
+echo "Building docker run command"
+dockerRunCommand="docker run --name $entityId-ess-app
+  --restart=unless-stopped
+  --network $entityId-ess-net
+  -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ess-db:5432/essdb
+  -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver
+  -e SPRING_DATASOURCE_USERNAME=postgres
+  -e SPRING_DATASOURCE_PASSWORD=$dbPassword
+  -e SPRING_PROFILES_ACTIVE=prod
+  -e APPLICATION_ADMIN_PASSWORD=$adminPassword
+  -e APPLICATION_ADMIN_RESET=$resetAdminPassword
+  -e USPS_CONFIGURATION_HOST=$uspsHost
+  -e USPS_CONFIGURATION_PORT=$uspsPort
+  -e USPS_CONFIGURATION_APIKEY=$uspsApiKey
+  -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey
+  -e WORKFLOWS_CONFIGURATION_HOST=$workflowsHost
+  -e WORKFLOWS_CONFIGURATION_PORT=$workflowsPort
+  -e WORKFLOWS_CONFIGURATION_API_KEY=$workflowsApiKey
+  -e WORKFLOWS_CONFIGURATION_REMOTE_API_KEY=$workflowsRemoteApiKey
+  -e JAVA_OPTS=$java_opts"
+#
+if [ ! -z "$virtualHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
+fi
+#
+if [ ! -z "$virtualPort" ]; then
+    dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort"
+fi
+#
+if [ ! -z "$letsencryptHost" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost"
+fi
+#
+if [ ! -z "$letsencryptEmail" ]; then
+    dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail"
+fi
+#
+if [ ! -z "$hostPort" ]; then
+    dockerRunCommand="$dockerRunCommand -p $hostPort"
+fi
+#
+#
+if [ ! -z "$duoEnabled" ]; then
+    echo "Adding Duo Configuration"
+    dockerRunCommand="$dockerRunCommand
+        -e DUO_ENABLED=$duoEnabled
+        -e DUO_CLIENT_ID=$duoClientId
+        -e DUO_CLIENT_SECRET=$duoClientSecret
+        -e DUO_API_HOSTNAME=$duoApiHostname
+        -e DUO_FAIL_OPEN=$duoFailOpen
+        -e DUO_ESS_HOST=$duoEssHost
+        -e DUO_ESS_PORT=$duoEssPort
+        -e DUO_ESS_CONTEXT=$duoEssContext
+        -e DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration"
+fi
+#
+#
+if [ ! -z "$ads_config1_enabled" ]; then
+    echo "Add Window Active Director Configuration 1"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled
+    -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain
+    -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url
+    -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn
+    -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config2_enabled" ]; then
+    echo "Add Window Active Director Configuration 2"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled
+    -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain
+    -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url
+    -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn
+    -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter"
+fi
+#
+#
+if [ ! -z "$ads_config3_enabled" ]; then
+    echo "Add Window Active Director Configuration 3"
+    dockerRunCommand="$dockerRunCommand
+    -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled
+    -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain
+    -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url
+    -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn
+    -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter"
+fi
+#
+#
+dockerRunCommand="$dockerRunCommand -d $artifactUrl/ess-app:$appVersion"
+#
+# Execute constructed docker run command to create $entityId-ess-app container connected to db and docker network
+echo "Executing docker run command"
+$dockerRunCommand
--- a/prod/install-ess-db.sh	Tue Jan 30 10:55:15 2024 -0500
+++ b/prod/install-ess-db.sh	Wed Apr 10 11:04:39 2024 -0400
@@ -6,11 +6,11 @@
 source $BASEDIR/.env/ess-db.properties
 #
 # docker login
-echo "attempting to login to $artifactoryUrl"
-docker login $artifactoryUrl -u $artifactoryUser -p $artifactoryPassword
+echo "attempting to login to $artifactUrl"
+docker login $artifactUrl -u $artifactUser -p $artifactPassword
 # docker pull db image
-echo "attempting to pull $artifactoryUrl/ess-db:$dbVersion"
-docker pull $artifactoryUrl/ess-db:$dbVersion
+echo "attempting to pull $artifactUrl/ess-db:$dbVersion"
+docker pull $artifactUrl/ess-db:$dbVersion
 #
 # create employee self service specific docker network for $entityId
 echo "attempting to create $entityId-ess-net docker network"
@@ -23,4 +23,4 @@
            --network $entityId-ess-net \
            -e POSTGRES_DB=essdb \
            -e POSTGRES_PASSWORD=$dbPassword \
-           -d $artifactUrl/ess-db:$dbVersion
\ No newline at end of file
+           -d $artifactUrl/ess-db:$dbVersion
--- a/prod/install-workflows-app.sh	Tue Jan 30 10:55:15 2024 -0500
+++ b/prod/install-workflows-app.sh	Wed Apr 10 11:04:39 2024 -0400
@@ -41,6 +41,21 @@
     dockerRunCommand="$dockerRunCommand -e USPS_CONFIGURATION_CONTEXT=$uspsContext"
 fi
 #
+# If ESS Host is provided, assuming ESS connection needs configured.
+#
+if [ ! -z "$essHost" ]; then
+    echo "configuring employee self-service environment variables"
+    dockerRunCommand="$dockerRunCommand
+  -e ESS_HOST=$essHost
+  -e ESS_PORT=$essPort
+  -e ESS_API_KEY=$essApiKey
+  -e ESS_REMOTE_API_KEY=$essRemoteApiKey"
+fi
+#
+if [ ! -z "$essContext" ]; then
+    dockerRunCommand="$dockerRunCommand -e ESS_CONTEXT=$essContext"
+fi
+#
 if [ ! -z "$virtualHost" ]; then
     dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost"
 fi
@@ -65,4 +80,4 @@
 #
 # Execute constructed docker run command to create $entityId-workflows-app container connected to db and docker network
 echo "Executing docker run command"
-$dockerRunCommand
\ No newline at end of file
+$dockerRunCommand