From 2226bb243aab7276cac3c67dfc6f1edceaa54859 Mon Sep 17 00:00:00 2001 From: manoj v Date: Fri, 29 Dec 2017 12:45:28 +0530 Subject: [PATCH 001/104] Issue #00 chore: update var names of content service --- .../stack-sunbird/templates/sunbird_content_service.env | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/roles/stack-sunbird/templates/sunbird_content_service.env b/ansible/roles/stack-sunbird/templates/sunbird_content_service.env index 52f77d4cb6..7a8c6d6eb9 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_content_service.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_content_service.env @@ -1,8 +1,8 @@ sunbird_mongo_ip={{sunbird_mongo_ip}} sunbird_mongo_port={{sunbird_mongo_port}} -ekstep_api_base_url={{sunbird_ekstep_api_base_url}} -ekstep_api_key={{sunbird_ekstep_api_key}} -ekstep_proxy_base_url={{sunbird_ekstep_proxy_base_url}} +sunbird_content_provider_api_base_url={{sunbird_ekstep_api_base_url}} +sunbird_content_provider_api_key={{sunbird_ekstep_api_key}} +sunbird_content_plugin_base_url={{sunbird_ekstep_proxy_base_url}} sunbird_learner_service_api_key={{vault_sunbird_api_auth_token}} sunbird_learner_service_base_url={{sunbird_learner_service_base_url}} sunbird_keycloak_auth_server_url={{keycloak_auth_server_url}}/ From 8479eef5bf7ba503ef6934c4958f257c077811c3 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 3 Jan 2018 16:11:21 +0530 Subject: [PATCH 002/104] Issue #00 chore: cadvisor limit memory increased --- ansible/roles/stack-monitor/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/stack-monitor/defaults/main.yml b/ansible/roles/stack-monitor/defaults/main.yml index 1a0cae965b..7252cedf6d 100644 --- a/ansible/roles/stack-monitor/defaults/main.yml +++ b/ansible/roles/stack-monitor/defaults/main.yml @@ -4,8 +4,8 @@ prometheus_limit_memory: 4G node_exporter_reservation_memory: 16M node_exporter_limit_memory: 32M -cadvisor_reservation_memory: 64M -cadvisor_limit_memory: 196M +cadvisor_reservation_memory: 150M +cadvisor_limit_memory: 300M elasticsearch_exporter_reservation_memory: 8M elasticsearch_exporter_limit_memory: 24M From bb7e7860f8c5e61082cf334e1f558cb9abc4225a Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 3 Jan 2018 19:37:12 +0530 Subject: [PATCH 003/104] Issue #00 chore: Jenkins slave limit memory increased --- ansible/roles/stack-jenkins-slave/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/stack-jenkins-slave/defaults/main.yml b/ansible/roles/stack-jenkins-slave/defaults/main.yml index 75fbca33da..e98e047589 100644 --- a/ansible/roles/stack-jenkins-slave/defaults/main.yml +++ b/ansible/roles/stack-jenkins-slave/defaults/main.yml @@ -15,8 +15,8 @@ jenkins_slave_secrets: - name: ops-private-key value: "{{ ops_private_key }}" -general_jenkins_slave_reservation_memory: 512M -general_jenkins_slave_limit_memory: 1536M +general_jenkins_slave_reservation_memory: 1000M +general_jenkins_slave_limit_memory: 2000M api_manager_jenkins_slave_reservation_memory: 512M api_manager_jenkins_slave_limit_memory: 1024M From cee83cdd062314a62de0d1c1e4845159b673f575 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 8 Jan 2018 09:40:54 +0530 Subject: [PATCH 004/104] Issue #00 chore: cadvisor limit memory increased --- ansible/roles/stack-monitor/defaults/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/stack-monitor/defaults/main.yml b/ansible/roles/stack-monitor/defaults/main.yml index 7252cedf6d..a3cda43771 100644 --- a/ansible/roles/stack-monitor/defaults/main.yml +++ b/ansible/roles/stack-monitor/defaults/main.yml @@ -4,8 +4,8 @@ prometheus_limit_memory: 4G node_exporter_reservation_memory: 16M node_exporter_limit_memory: 32M -cadvisor_reservation_memory: 150M -cadvisor_limit_memory: 300M +cadvisor_reservation_memory: 400M +cadvisor_limit_memory: 400M elasticsearch_exporter_reservation_memory: 8M elasticsearch_exporter_limit_memory: 24M From 07f9c73e80e7175a34596cabb0c30ca87d228785 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 8 Jan 2018 13:10:38 +0530 Subject: [PATCH 005/104] Issue #00 chore: diabled the health_check of learner-service --- ansible/roles/stack-sunbird/tasks/learner_service.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/stack-sunbird/tasks/learner_service.yml b/ansible/roles/stack-sunbird/tasks/learner_service.yml index 507c24f6e6..7ac5532ad6 100644 --- a/ansible/roles/stack-sunbird/tasks/learner_service.yml +++ b/ansible/roles/stack-sunbird/tasks/learner_service.yml @@ -8,6 +8,6 @@ ignore_errors: yes - name: Deploy learner service - shell: "docker service create --replicas {{ learner_replicas }} -p 9000:9000 --name learner-service --hostname learner-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --network application_default --env-file /home/deployer/env/sunbird_learner-service.env --health-cmd \"curl -f http://localhost:9000/health || exit 1\" --health-interval 10s --health-timeout 5s --health-retries 5 {{hub_org}}/{{image_name}}:{{image_tag}}" + shell: "docker service create --replicas {{ learner_replicas }} -p 9000:9000 --name learner-service --hostname learner-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --network application_default --env-file /home/deployer/env/sunbird_learner-service.env {{hub_org}}/{{image_name}}:{{image_tag}}" args: chdir: /home/deployer/stack From 0284dcc58e69b86ae5c88ef9f38ead5c2936b927 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 8 Jan 2018 14:52:15 +0530 Subject: [PATCH 006/104] Issue #00 chore: Added health check for learner service --- ansible/roles/stack-sunbird/tasks/learner_service.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/stack-sunbird/tasks/learner_service.yml b/ansible/roles/stack-sunbird/tasks/learner_service.yml index 7ac5532ad6..507c24f6e6 100644 --- a/ansible/roles/stack-sunbird/tasks/learner_service.yml +++ b/ansible/roles/stack-sunbird/tasks/learner_service.yml @@ -8,6 +8,6 @@ ignore_errors: yes - name: Deploy learner service - shell: "docker service create --replicas {{ learner_replicas }} -p 9000:9000 --name learner-service --hostname learner-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --network application_default --env-file /home/deployer/env/sunbird_learner-service.env {{hub_org}}/{{image_name}}:{{image_tag}}" + shell: "docker service create --replicas {{ learner_replicas }} -p 9000:9000 --name learner-service --hostname learner-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --network application_default --env-file /home/deployer/env/sunbird_learner-service.env --health-cmd \"curl -f http://localhost:9000/health || exit 1\" --health-interval 10s --health-timeout 5s --health-retries 5 {{hub_org}}/{{image_name}}:{{image_tag}}" args: chdir: /home/deployer/stack From 393108c6ac2954f51532c8a78d58a6210701ada0 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 8 Jan 2018 15:15:20 +0530 Subject: [PATCH 007/104] Issue #00 chore: incresed exporters limit and reservations memory --- ansible/roles/stack-monitor/defaults/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/stack-monitor/defaults/main.yml b/ansible/roles/stack-monitor/defaults/main.yml index a3cda43771..3836f47e9a 100644 --- a/ansible/roles/stack-monitor/defaults/main.yml +++ b/ansible/roles/stack-monitor/defaults/main.yml @@ -10,8 +10,8 @@ cadvisor_limit_memory: 400M elasticsearch_exporter_reservation_memory: 8M elasticsearch_exporter_limit_memory: 24M -postgres_exporter_reservation_memory: 8M -postgres_exporter_limit_memory: 16M +postgres_exporter_reservation_memory: 16M +postgres_exporter_limit_memory: 32M statsd_exporter_reservation_memory: 8M statsd_exporter_limit_memory: 16M @@ -19,8 +19,8 @@ statsd_exporter_limit_memory: 16M blackbox_exporter_reservation_memory: 16M blackbox_exporter_limit_memory: 32M -jsonpath_exporter_reservation_memory: 16M -jsonpath_exporter_limit_memory: 32M +jsonpath_exporter_reservation_memory: 32M +jsonpath_exporter_limit_memory: 64M azure_blob_exporter_reservation_memory: 16M azure_blob_exporter_limit_memory: 64M From cfaebba953baa2ce96163680048d43c83381f2b5 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 10 Jan 2018 17:20:32 +0530 Subject: [PATCH 008/104] Issue #SB-1236 chore: Add new content service vars --- .../templates/sunbird_content_service.env | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/ansible/roles/stack-sunbird/templates/sunbird_content_service.env b/ansible/roles/stack-sunbird/templates/sunbird_content_service.env index 7a8c6d6eb9..1ebf03356b 100644 --- a/ansible/roles/stack-sunbird/templates/sunbird_content_service.env +++ b/ansible/roles/stack-sunbird/templates/sunbird_content_service.env @@ -1,5 +1,3 @@ -sunbird_mongo_ip={{sunbird_mongo_ip}} -sunbird_mongo_port={{sunbird_mongo_port}} sunbird_content_provider_api_base_url={{sunbird_ekstep_api_base_url}} sunbird_content_provider_api_key={{sunbird_ekstep_api_key}} sunbird_content_plugin_base_url={{sunbird_ekstep_proxy_base_url}} @@ -10,4 +8,10 @@ sunbird_keycloak_realm={{keycloak_realm}} sunbird_keycloak_client_id={{sunbird_keycloak_client_id}} sunbird_keycloak_public={{sunbird_keycloak_public}} sunbird_cache_store={{sunbird_cache_store}} -sunbird_cache_ttl={{sunbird_cache_ttl}} \ No newline at end of file +sunbird_cache_ttl={{sunbird_cache_ttl}} +sunbird_image_storage_url={{sunbird_image_storage_url}} +sunbird_azure_account_name={{sunbird_account_name}} +sunbird_azure_account_key={{sunbird_account_key}} +sunbird_dial_code_registry_url=https://{{proxy_server_name}}/dial/ +sunbird_cassandra_ips={{ cassandra_server_private_ip }} +sunbird_cassandra_port={{ cassandra_port }} From 8a3e9da3c3e1dec8c44fc8008bb07dbae221c15b Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 10 Jan 2018 18:13:04 +0530 Subject: [PATCH 009/104] Issue #SB-1236 chore: Update the content service docker file for installing imagemagik --- ansible/roles/kong-api/defaults/main.yml | 76 ++++++++++++++++++++++++ 1 file changed, 76 insertions(+) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index d695d4ca68..d3812d8031 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -39,6 +39,7 @@ api_manager_perfix: /api-manager meta_service_prefix: /meta dashboard_service_prefix: /dashboard announcement_service_prefix: /announcement +dialcode_service_prefix: /dialcode # Service URLs content_service_url: "http://content_service_content_service:5000" @@ -2143,3 +2144,78 @@ kong_apis: config.limit_by: credential - name: request-size-limiting config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: generateDialcodes + request_path: '{{ dialcode_service_prefix }}/v1/generate' + upstream_url: '{{ content_service_url }}/v1/dialcode/generate' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: readDialcode + request_path: '{{ dialcode_service_prefix }}/v1/read' + upstream_url: '{{ content_service_url }}/v1/dialcode/read' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: updateDialcode + request_path: '{{ dialcode_service_prefix }}/v1/update' + upstream_url: '{{ content_service_url }}/v1/dialcode/update' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: listDialcodes + request_path: '{{ dialcode_service_prefix }}/v1/list' + upstream_url: '{{ content_service_url }}/v1/dialcode/list' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: qrCodeBatchProcessStatus + request_path: '{{ dialcode_service_prefix }}/v1/process/status' + upstream_url: '{{ content_service_url }}/v1/dialcode/process/status' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' From 29264775115378c9d4310b69b3f79bffff95a76a Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 11 Jan 2018 16:05:33 +0530 Subject: [PATCH 010/104] chore #000: api-onboarding --- ansible/roles/kong-api/defaults/main.yml | 86 +++++++++++++++++-- ansible/roles/kong-consumer/defaults/main.yml | 3 +- 2 files changed, 82 insertions(+), 7 deletions(-) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index d3812d8031..76f0af3181 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -39,7 +39,6 @@ api_manager_perfix: /api-manager meta_service_prefix: /meta dashboard_service_prefix: /dashboard announcement_service_prefix: /announcement -dialcode_service_prefix: /dialcode # Service URLs content_service_url: "http://content_service_content_service:5000" @@ -2158,7 +2157,7 @@ kong_apis: config.hour: '{{ medium_rate_limit_per_hour }}' config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: '{{ small_request_size_limit }}' - name: readDialcode request_path: '{{ dialcode_service_prefix }}/v1/read' upstream_url: '{{ content_service_url }}/v1/dialcode/read' @@ -2173,7 +2172,7 @@ kong_apis: config.hour: '{{ medium_rate_limit_per_hour }}' config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: '{{ small_request_size_limit }}' - name: updateDialcode request_path: '{{ dialcode_service_prefix }}/v1/update' upstream_url: '{{ content_service_url }}/v1/dialcode/update' @@ -2188,7 +2187,7 @@ kong_apis: config.hour: '{{ medium_rate_limit_per_hour }}' config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: '{{ small_request_size_limit }}' - name: listDialcodes request_path: '{{ dialcode_service_prefix }}/v1/list' upstream_url: '{{ content_service_url }}/v1/dialcode/list' @@ -2203,7 +2202,37 @@ kong_apis: config.hour: '{{ medium_rate_limit_per_hour }}' config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: publishDialcode + request_path: '{{ dialcode_service_prefix }}/v1/publish' + upstream_url: '{{ content_service_url }}/v1/dialcode/publish' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: searchDialcodes + request_path: '{{ dialcode_service_prefix }}/v1/search' + upstream_url: '{{ content_service_url }}/v1/dialcode/search' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' - name: qrCodeBatchProcessStatus request_path: '{{ dialcode_service_prefix }}/v1/process/status' upstream_url: '{{ content_service_url }}/v1/dialcode/process/status' @@ -2218,4 +2247,49 @@ kong_apis: config.hour: '{{ medium_rate_limit_per_hour }}' config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: createPublisher + request_path: '{{ dialcode_service_prefix }}/v1/publisher/create' + upstream_url: '{{ content_service_url }}/v1/dialcode/publisher/create' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: updatePublisher + request_path: '{{ dialcode_service_prefix }}/v1/publisher/update' + upstream_url: '{{ content_service_url }}/v1/dialcode/publisher/update' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: readPublisher + request_path: '{{ dialcode_service_prefix }}/v1/publisher/read' + upstream_url: '{{ content_service_url }}/v1/dialcode/publisher/read' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' diff --git a/ansible/roles/kong-consumer/defaults/main.yml b/ansible/roles/kong-consumer/defaults/main.yml index 8932d328a4..d26a25fd8b 100644 --- a/ansible/roles/kong-consumer/defaults/main.yml +++ b/ansible/roles/kong-consumer/defaults/main.yml @@ -1,5 +1,5 @@ --- -kong_admin_api_url: "http://localhost:8001" +kong_admin_api_url: "http://{{kong_host}}:8001" mobile_admin_groups: - mobileAdmin @@ -49,6 +49,7 @@ kong_all_consumer_groups: - userAdmin - configUser - dataAdmin + - dialcodeAdmin # List the consumers need to be present as state: present # List the consumers need to be absent as state: absent From 7272dd1b64ce22930c44233bd100d95db50f3767 Mon Sep 17 00:00:00 2001 From: manoj v Date: Thu, 11 Jan 2018 17:00:52 +0530 Subject: [PATCH 011/104] Issue #00 chore: updating mailing list --- ansible/roles/kong-api/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index 76f0af3181..8c18f0473c 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -39,6 +39,7 @@ api_manager_perfix: /api-manager meta_service_prefix: /meta dashboard_service_prefix: /dashboard announcement_service_prefix: /announcement +dialcode_service_prefix: /dialcode # Service URLs content_service_url: "http://content_service_content_service:5000" From c5c29e29d83c10a8d59f65f9112e9436d85351f5 Mon Sep 17 00:00:00 2001 From: Harishkumar Gangula Date: Tue, 16 Jan 2018 14:55:26 +0530 Subject: [PATCH 012/104] Issue #SB-1236 fix: onboarding dialcode apis --- ansible/roles/kong-api/defaults/main.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index 8c18f0473c..23cceb8824 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -2294,3 +2294,18 @@ kong_apis: config.limit_by: credential - name: request-size-limiting config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: linkDialcodeContent + request_path: '{{ dialcode_service_prefix }}/v1/content/link' + upstream_url: '{{ content_service_url }}/v1/dialcode/content/link' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: dialcodeAdmin + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' From 7de8e21f9a33bb206af67c3986b36b3065e6bcba Mon Sep 17 00:00:00 2001 From: manoj v Date: Tue, 16 Jan 2018 18:33:55 +0530 Subject: [PATCH 013/104] Issue #367 chore: fix to the es backup --- ansible/roles/es-azure-snapshot/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ansible/roles/es-azure-snapshot/tasks/main.yml b/ansible/roles/es-azure-snapshot/tasks/main.yml index 322b0cdeb8..7d8266140a 100644 --- a/ansible/roles/es-azure-snapshot/tasks/main.yml +++ b/ansible/roles/es-azure-snapshot/tasks/main.yml @@ -1,12 +1,12 @@ --- -- name: Create azure snapshot - uri: - url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup" - method: PUT - body: "{{ snapshot_create_request_body | to_json }}" - headers: - Content-Type: "application/json" +# - name: Create azure snapshot +# uri: +# url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup" +# method: PUT +# body: "{{ snapshot_create_request_body | to_json }}" +# headers: +# Content-Type: "application/json" - set_fact: snapshot_number="snapshot_{{ansible_date_time.epoch}}" From 600c412014dd014c994f08cb2ce8e0b29f5a575d Mon Sep 17 00:00:00 2001 From: manoj v Date: Tue, 16 Jan 2018 18:35:33 +0530 Subject: [PATCH 014/104] Issue #367 chore: fix to the es backup --- ansible/roles/es-azure-snapshot/tasks/main.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/ansible/roles/es-azure-snapshot/tasks/main.yml b/ansible/roles/es-azure-snapshot/tasks/main.yml index 7d8266140a..ff3d60b295 100644 --- a/ansible/roles/es-azure-snapshot/tasks/main.yml +++ b/ansible/roles/es-azure-snapshot/tasks/main.yml @@ -10,14 +10,14 @@ - set_fact: snapshot_number="snapshot_{{ansible_date_time.epoch}}" -- name: Take new snapshot - uri: - url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup/{{snapshot_number}}" - method: PUT - body: > - {"indices":"*","include_global_state":false} - headers: - Content-Type: "application/json" +# - name: Take new snapshot +# uri: +# url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup/{{snapshot_number}}" +# method: PUT +# body: > +# {"indices":"*","include_global_state":false} +# headers: +# Content-Type: "application/json" - name: Print all snapshots uri: From 3fcb8b9e49f680ae02a3895d39fa343c9b4ed3b3 Mon Sep 17 00:00:00 2001 From: manoj v Date: Tue, 16 Jan 2018 18:39:48 +0530 Subject: [PATCH 015/104] Issue #367 chore: fix to the es backup --- ansible/roles/es-azure-snapshot/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/es-azure-snapshot/defaults/main.yml b/ansible/roles/es-azure-snapshot/defaults/main.yml index ef1f69af97..929c679307 100644 --- a/ansible/roles/es-azure-snapshot/defaults/main.yml +++ b/ansible/roles/es-azure-snapshot/defaults/main.yml @@ -7,5 +7,5 @@ snapshot_create_request_body: { } # Override these values -es_snapshot_host: localhost +es_snapshot_host: 10.10.3.10 snapshot_base_path: default From d5fcb2fbcb0bd2c579304c621305c816c68138d1 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 17 Jan 2018 15:53:00 +0530 Subject: [PATCH 016/104] Issue #365 chore: Cassandra migration --- ansible/cassandra-deploy.yml | 10 ++++++++++ ansible/roles/cassandra-deploy/tasks/main.yml | 5 +++++ 2 files changed, 15 insertions(+) create mode 100644 ansible/cassandra-deploy.yml create mode 100644 ansible/roles/cassandra-deploy/tasks/main.yml diff --git a/ansible/cassandra-deploy.yml b/ansible/cassandra-deploy.yml new file mode 100644 index 0000000000..5e826a8d98 --- /dev/null +++ b/ansible/cassandra-deploy.yml @@ -0,0 +1,10 @@ +- hosts: cassandra + become: yes + environment: + sunbird_cassandra_host: "{{ groups['cassandra'][0] }}" + sunbird_cassandra_port: 9042 + sunbird_cassandra_keyspace: test + vars_files: + - ['{{inventory_dir}}/secrets.yml', 'secrets/{{env}}.yml'] + roles: + - cassandra-deploy \ No newline at end of file diff --git a/ansible/roles/cassandra-deploy/tasks/main.yml b/ansible/roles/cassandra-deploy/tasks/main.yml new file mode 100644 index 0000000000..b4fa0372a8 --- /dev/null +++ b/ansible/roles/cassandra-deploy/tasks/main.yml @@ -0,0 +1,5 @@ +- name: Copy Data Products + copy: src=cassandra-migration-0.0.1-SNAPSHOT-jar-with-dependencies.jar dest=/home/deployer/ + +- name: Run the application + shell: nohup java -cp "cassandra-migration-0.0.1-SNAPSHOT-jar-with-dependencies.jar" com.contrastsecurity.cassandra.migration.utils.MigrationScriptEntryPoint & \ No newline at end of file From c5c651556cecab3e27b3495c408f0b4f89cd22bf Mon Sep 17 00:00:00 2001 From: manoj v Date: Thu, 18 Jan 2018 11:05:34 +0530 Subject: [PATCH 017/104] Issue #367 chore: es backup issue --- .../roles/es-azure-snapshot/defaults/main.yml | 2 +- .../roles/es-azure-snapshot/tasks/main.yml | 30 +++++++++---------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/ansible/roles/es-azure-snapshot/defaults/main.yml b/ansible/roles/es-azure-snapshot/defaults/main.yml index 929c679307..ef1f69af97 100644 --- a/ansible/roles/es-azure-snapshot/defaults/main.yml +++ b/ansible/roles/es-azure-snapshot/defaults/main.yml @@ -7,5 +7,5 @@ snapshot_create_request_body: { } # Override these values -es_snapshot_host: 10.10.3.10 +es_snapshot_host: localhost snapshot_base_path: default diff --git a/ansible/roles/es-azure-snapshot/tasks/main.yml b/ansible/roles/es-azure-snapshot/tasks/main.yml index ff3d60b295..322b0cdeb8 100644 --- a/ansible/roles/es-azure-snapshot/tasks/main.yml +++ b/ansible/roles/es-azure-snapshot/tasks/main.yml @@ -1,23 +1,23 @@ --- -# - name: Create azure snapshot -# uri: -# url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup" -# method: PUT -# body: "{{ snapshot_create_request_body | to_json }}" -# headers: -# Content-Type: "application/json" +- name: Create azure snapshot + uri: + url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup" + method: PUT + body: "{{ snapshot_create_request_body | to_json }}" + headers: + Content-Type: "application/json" - set_fact: snapshot_number="snapshot_{{ansible_date_time.epoch}}" -# - name: Take new snapshot -# uri: -# url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup/{{snapshot_number}}" -# method: PUT -# body: > -# {"indices":"*","include_global_state":false} -# headers: -# Content-Type: "application/json" +- name: Take new snapshot + uri: + url: "http://{{ es_snapshot_host }}:9200/_snapshot/azurebackup/{{snapshot_number}}" + method: PUT + body: > + {"indices":"*","include_global_state":false} + headers: + Content-Type: "application/json" - name: Print all snapshots uri: From 0014691762d4f489d8308521188840d8cb7ecce8 Mon Sep 17 00:00:00 2001 From: Harishkumar Gangula Date: Fri, 19 Jan 2018 18:38:22 +0530 Subject: [PATCH 018/104] Issue #SB-1403 fix: onboarding framework apis --- ansible/roles/kong-api/defaults/main.yml | 274 +++++++++++++++++- ansible/roles/kong-consumer/defaults/main.yml | 1 + 2 files changed, 274 insertions(+), 1 deletion(-) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index 23cceb8824..b645b2c3e5 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -40,6 +40,8 @@ meta_service_prefix: /meta dashboard_service_prefix: /dashboard announcement_service_prefix: /announcement dialcode_service_prefix: /dialcode +channel_service_prefix: /channel +framework_service_prefix: /framework # Service URLs content_service_url: "http://content_service_content_service:5000" @@ -2308,4 +2310,274 @@ kong_apis: config.hour: '{{ medium_rate_limit_per_hour }}' config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: readChannel + request_path: '{{ channel_service_prefix }}/v1/read' + upstream_url: '{{ content_service_url }}v1/channel/read' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: listChannel + request_path: '{{ channel_service_prefix }}/v1/list' + upstream_url: '{{ content_service_url }}v1/channel/list' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: searchChannel + request_path: '{{ channel_service_prefix }}/v1/search' + upstream_url: '{{ content_service_url }}v1/channel/search' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: createChannel + request_path: '{{ channel_service_prefix }}/v1/create' + upstream_url: '{{ content_service_ur l}}v1/channel/create' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: updateChannel + request_path: '{{ channel_service_prefix }}/v1/update' + upstream_url: '{{ content_service_url }}v1/channel/update' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: readFramework + request_path: '{{ framework_service_prefix }}/v1/read' + upstream_url: '{{ content_service_url }}v1/framework/read' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: listFramework + request_path: '{{ framework_service_prefix }}/v1/list' + upstream_url: '{{ content_service_url }}v1/framework/list' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: createFramework + request_path: '{{ framework_service_prefix }}/v1/create' + upstream_url: '{{ content_service_url }}v1/framework/create' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: updateFramework + request_path: '{{ framework_service_prefix }}/v1/update' + upstream_url: '{{ content_service_url }}v1/framework/update' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: readFrameworkTerm + request_path: '{{ framework_service_prefix }}/v1/term/read' + upstream_url: '{{ content_service_url }}v1/framework/term/read' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: searchFrameworkTerm + request_path: '{{ framework_service_prefix }}/v1/term/search' + upstream_url: '{{ content_service_url }}v1/framework/term/search' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: createFrameworkTerm + request_path: '{{ framework_service_prefix }}/v1/term/create' + upstream_url: '{{ content_service_url }}v1/framework/term/create' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: updateFrameworkTerm + request_path: '{{ framework_service_prefix }}/v1/term/update' + upstream_url: '{{ content_service_url }}v1/framework/term/update' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: readFrameworkCategory + request_path: '{{ framework_service_prefix }}/v1/category/read' + upstream_url: '{{ content_service_url }}v1/framework/category/read' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: searchFrameworkCategory + request_path: '{{ framework_service_prefix }}/v1/category/search' + upstream_url: '{{ content_service_url }}v1/framework/category/search' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: createFrameworkCategory + request_path: '{{ framework_service_prefix }}/v1/category/create' + upstream_url: '{{ content_service_url }}v1/framework/category/create' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: createFrameworkCategory + request_path: '{{ framework_service_prefix }}/v1/category/create' + upstream_url: '{{ content_service_url }}v1/framework/category/create' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: updateFrameworkCategory + request_path: '{{ framework_service_prefix }}/v1/category/update' + upstream_url: '{{ content_service_url }}v1/framework/category/update' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' diff --git a/ansible/roles/kong-consumer/defaults/main.yml b/ansible/roles/kong-consumer/defaults/main.yml index d26a25fd8b..e08041e833 100644 --- a/ansible/roles/kong-consumer/defaults/main.yml +++ b/ansible/roles/kong-consumer/defaults/main.yml @@ -50,6 +50,7 @@ kong_all_consumer_groups: - configUser - dataAdmin - dialcodeAdmin + - domainUser # List the consumers need to be present as state: present # List the consumers need to be absent as state: absent From 9a4c792575f1835ddeebba64e048f756e718d2e8 Mon Sep 17 00:00:00 2001 From: Harishkumar Gangula Date: Fri, 19 Jan 2018 19:27:55 +0530 Subject: [PATCH 019/104] Issue #SB-1403 fix: onboarding framework apis --- ansible/roles/kong-api/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index b645b2c3e5..193a9511fb 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -2358,7 +2358,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: createChannel request_path: '{{ channel_service_prefix }}/v1/create' - upstream_url: '{{ content_service_ur l}}v1/channel/create' + upstream_url: '{{ content_service_url }}v1/channel/create' strip_request_path: true plugins: - name: jwt From 26f6b0d7f1ea263ad5583aacbffda9f0488995d1 Mon Sep 17 00:00:00 2001 From: Harishkumar Gangula Date: Fri, 19 Jan 2018 19:30:23 +0530 Subject: [PATCH 020/104] Issue #SB-1403 fix: onboarding framework apis --- ansible/roles/kong-api/defaults/main.yml | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index 193a9511fb..b3c5b83e91 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -2551,21 +2551,6 @@ kong_apis: config.limit_by: credential - name: request-size-limiting config.allowed_payload_size: '{{ small_request_size_limit }}' - - name: createFrameworkCategory - request_path: '{{ framework_service_prefix }}/v1/category/create' - upstream_url: '{{ content_service_url }}v1/framework/category/create' - strip_request_path: true - plugins: - - name: jwt - - name: cors - - '{{ statsd_pulgin }}' - - name: acl - config.whitelist: domainUser - - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' - config.limit_by: credential - - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' - name: updateFrameworkCategory request_path: '{{ framework_service_prefix }}/v1/category/update' upstream_url: '{{ content_service_url }}v1/framework/category/update' From c08684173c4402297a18911b7294e49abb1f4582 Mon Sep 17 00:00:00 2001 From: Harishkumar Gangula Date: Fri, 19 Jan 2018 19:35:43 +0530 Subject: [PATCH 021/104] Issue #SB-1403 fix: onboarding framework apis url fix --- ansible/roles/kong-api/defaults/main.yml | 32 ++++++++++++------------ 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index b3c5b83e91..afe8718ce0 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -2313,7 +2313,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: readChannel request_path: '{{ channel_service_prefix }}/v1/read' - upstream_url: '{{ content_service_url }}v1/channel/read' + upstream_url: '{{ content_service_url }}/v1/channel/read' strip_request_path: true plugins: - name: jwt @@ -2328,7 +2328,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: listChannel request_path: '{{ channel_service_prefix }}/v1/list' - upstream_url: '{{ content_service_url }}v1/channel/list' + upstream_url: '{{ content_service_url }}/v1/channel/list' strip_request_path: true plugins: - name: jwt @@ -2358,7 +2358,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: createChannel request_path: '{{ channel_service_prefix }}/v1/create' - upstream_url: '{{ content_service_url }}v1/channel/create' + upstream_url: '{{ content_service_url }}/v1/channel/create' strip_request_path: true plugins: - name: jwt @@ -2373,7 +2373,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: updateChannel request_path: '{{ channel_service_prefix }}/v1/update' - upstream_url: '{{ content_service_url }}v1/channel/update' + upstream_url: '{{ content_service_url }}/v1/channel/update' strip_request_path: true plugins: - name: jwt @@ -2388,7 +2388,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: readFramework request_path: '{{ framework_service_prefix }}/v1/read' - upstream_url: '{{ content_service_url }}v1/framework/read' + upstream_url: '{{ content_service_url }}/v1/framework/read' strip_request_path: true plugins: - name: jwt @@ -2403,7 +2403,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: listFramework request_path: '{{ framework_service_prefix }}/v1/list' - upstream_url: '{{ content_service_url }}v1/framework/list' + upstream_url: '{{ content_service_url }}/v1/framework/list' strip_request_path: true plugins: - name: jwt @@ -2418,7 +2418,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: createFramework request_path: '{{ framework_service_prefix }}/v1/create' - upstream_url: '{{ content_service_url }}v1/framework/create' + upstream_url: '{{ content_service_url }}/v1/framework/create' strip_request_path: true plugins: - name: jwt @@ -2433,7 +2433,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: updateFramework request_path: '{{ framework_service_prefix }}/v1/update' - upstream_url: '{{ content_service_url }}v1/framework/update' + upstream_url: '{{ content_service_url }}/v1/framework/update' strip_request_path: true plugins: - name: jwt @@ -2448,7 +2448,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: readFrameworkTerm request_path: '{{ framework_service_prefix }}/v1/term/read' - upstream_url: '{{ content_service_url }}v1/framework/term/read' + upstream_url: '{{ content_service_url }}/v1/framework/term/read' strip_request_path: true plugins: - name: jwt @@ -2463,7 +2463,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: searchFrameworkTerm request_path: '{{ framework_service_prefix }}/v1/term/search' - upstream_url: '{{ content_service_url }}v1/framework/term/search' + upstream_url: '{{ content_service_url }}/v1/framework/term/search' strip_request_path: true plugins: - name: jwt @@ -2478,7 +2478,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: createFrameworkTerm request_path: '{{ framework_service_prefix }}/v1/term/create' - upstream_url: '{{ content_service_url }}v1/framework/term/create' + upstream_url: '{{ content_service_url }}/v1/framework/term/create' strip_request_path: true plugins: - name: jwt @@ -2493,7 +2493,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: updateFrameworkTerm request_path: '{{ framework_service_prefix }}/v1/term/update' - upstream_url: '{{ content_service_url }}v1/framework/term/update' + upstream_url: '{{ content_service_url }}/v1/framework/term/update' strip_request_path: true plugins: - name: jwt @@ -2508,7 +2508,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: readFrameworkCategory request_path: '{{ framework_service_prefix }}/v1/category/read' - upstream_url: '{{ content_service_url }}v1/framework/category/read' + upstream_url: '{{ content_service_url }}/v1/framework/category/read' strip_request_path: true plugins: - name: jwt @@ -2523,7 +2523,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: searchFrameworkCategory request_path: '{{ framework_service_prefix }}/v1/category/search' - upstream_url: '{{ content_service_url }}v1/framework/category/search' + upstream_url: '{{ content_service_url }}/v1/framework/category/search' strip_request_path: true plugins: - name: jwt @@ -2538,7 +2538,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: createFrameworkCategory request_path: '{{ framework_service_prefix }}/v1/category/create' - upstream_url: '{{ content_service_url }}v1/framework/category/create' + upstream_url: '{{ content_service_url }}/v1/framework/category/create' strip_request_path: true plugins: - name: jwt @@ -2553,7 +2553,7 @@ kong_apis: config.allowed_payload_size: '{{ small_request_size_limit }}' - name: updateFrameworkCategory request_path: '{{ framework_service_prefix }}/v1/category/update' - upstream_url: '{{ content_service_url }}v1/framework/category/update' + upstream_url: '{{ content_service_url }}/v1/framework/category/update' strip_request_path: true plugins: - name: jwt From 6209481262e35614d4388ce2fb1909300e1cc41a Mon Sep 17 00:00:00 2001 From: Rajath V B Date: Mon, 22 Jan 2018 16:05:22 +0530 Subject: [PATCH 022/104] Issue #SB-1403 feat: added new api' "copy framework" (#25) --- ansible/roles/kong-api/defaults/main.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index afe8718ce0..52ccd5fe63 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -2446,6 +2446,21 @@ kong_apis: config.limit_by: credential - name: request-size-limiting config.allowed_payload_size: '{{ small_request_size_limit }}' + - name: copyFramework + request_path: '{{ framework_service_prefix }}/v1/copy' + upstream_url: '{{ content_service_url }}/v1/framework/copy' + strip_request_path: true + plugins: + - name: jwt + - name: cors + - '{{ statsd_pulgin }}' + - name: acl + config.whitelist: domainUser + - name: rate-limiting + config.hour: '{{ medium_rate_limit_per_hour }}' + config.limit_by: credential + - name: request-size-limiting + config.allowed_payload_size: '{{ small_request_size_limit }}' - name: readFrameworkTerm request_path: '{{ framework_service_prefix }}/v1/term/read' upstream_url: '{{ content_service_url }}/v1/framework/term/read' From d6d25e43ff6c0e81bfe037cebdd15c5ce231ebf0 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 24 Jan 2018 18:01:53 +0530 Subject: [PATCH 023/104] Issue #000 chore: MCF AND SSS --- ansible/inventories/sample/config | 43 ++++++ ansible/inventories/sample/group_vars/sample | 143 +++++++++++-------- ansible/inventories/sample/hosts | 22 ++- ansible/roles/kong-consumer/tasks/main.yml | 4 + deploy/deploy-apis.sh | 2 +- deploy/deploy-keycloak.sh | 17 --- 6 files changed, 140 insertions(+), 91 deletions(-) create mode 100644 ansible/inventories/sample/config delete mode 100755 deploy/deploy-keycloak.sh diff --git a/ansible/inventories/sample/config b/ansible/inventories/sample/config new file mode 100644 index 0000000000..1f774dd174 --- /dev/null +++ b/ansible/inventories/sample/config @@ -0,0 +1,43 @@ +#Basic +environment: +implementation_name: +ssh_ansible_user: +ansible_private_key_path: + +#Application +application_host: +app_address_space: +msg_91_auth: +msg_sender: +player_tenant_dir: + +#Proxy +cert_path: +keypath_path: +dns_name: + +#Database +database_host: +database_password: + +#Ekstep +ekstep_base_url: +ekstep_api_key: + +#Keycloak +sso_username: +sso_password: +keycloak_admin_password: +keycloak_theme_path: +trampoline_secret: + +#Portal mail +mail_server_host: +mail_server_port: +mail_server_username: +mail_server_password: +mail_server_from_email: + + + + diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index edb1c01880..1d34850f1a 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -1,86 +1,81 @@ # ENVIRONMENT CONFIGURATION -env: #Name of the environment, e.g. dev, staging or production. -proxy_server_name: #Domain on which the portal will be accessed. e.g. staging.{implementation-name}.org +env: "{{environment}}" #Name of the environment, e.g. dev, staging or production. +proxy_server_name: "{{dns_name}}" #Domain on which the portal will be accessed. e.g. staging.{implementation-name}.org proxy_site_key: #SSL certificate's site.key file contents. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service proxy_site_crt: #SSL certificate's site.crt file contents. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service # DB CONFIGURATION - ## Below passwords are used by DB install scripts when creating databases. Please use strong passwords. -application_postgres_password: #Password for Application database. -keycloak_postgres_password: #Password for Keycloak (Authentication service) database. -kong_postgres_password: #Password for Kong (API Manager) database. +application_postgres_password: "{{database_password}}" #Password for Application database. +keycloak_postgres_password: "{{database_password}}" #Password for Keycloak (Authentication service) database. +kong_postgres_password: "{{database_password}}" #Password for Kong (API Manager) database. ## Postgres configuration -swarm_address_space: #Application server address space (e.g. 10.3.0.0/24), also the agentpublicSubnet if using Azure scripts provided +swarm_address_space: "{{app_address_space}}" #Application server address space (e.g. 10.3.0.0/24), also the agentpublicSubnet if using Azure scripts provided ## Cassandra configuration -cassandra_server_private_ip: #Private IP of cassandra server -keystore_password: #Password to use for encrypting cassandra keystore. Use a strong password. -truststore_password: #Password to use for encrypting cassandra truststore. Use a strong password. +keystore_password: "{{database_password}}" #Password to use for encrypting cassandra keystore. Use a strong password. +truststore_password: "{{database_password}}" #Password to use for encrypting cassandra truststore. Use a strong password. +cassandra_listen_address: "{{ database_host }}" +cassandra_seeds: "{{ database_host }}" +cassandra_broadcast_rpc_address: "{{ database_host }}" +cassandra_broadcast_address: "{{ database_host }}" +cassandra_listen_interface: '' +cassandra_log_dir: '/var/log/cassandra' +cassandra_root_dir: '/etc/cassandra' +cassandra_version: '3.9' +cassandra_port: 9042 +cassandra_rpc_address: 0.0.0.0 +cassandra_restore_dir: /home/deployer/ + # APPLICATION CONFIGURATION -kong_host: # Private IP of the application server -keycloak_url: #Internal url of keycloak. Example: http://:8080 +kong_host: api-manager_kong # Private IP of the application server +keycloak_url: 'http://"{{ application_host }}":8080' #Internal url of keycloak. Example: http://:8080 ## DB address -application_postgres_host: #Private IP of Postgres server -keycloak_postgres_host: #Private IP of Postgres server -kong_postgres_host: #Private IP of Postgres server -sunbird_mongo_ip: #Private IP of Mongo DB server -sunbird_cassandra_host: #Private IP of Cassandra server -sunbird_es_host: #Private IP of Elastic Search server. If ES cluster has multiple nodes then add all nodes by separating them with comma. e.g. 10.2.0.1,10.2.0.2,10.2.0.3 +application_postgres_host: "{{ database_host }}" #Private IP of Postgres server +keycloak_postgres_host: "{{ database_host }}" #Private IP of Postgres server +kong_postgres_host: "{{ database_host }}" #Private IP of Postgres server +sunbird_cassandra_host: "{{ database_host }}" #Private IP of Cassandra server +sunbird_es_host: "{{ database_host }}" #Private IP of Elastic Search server. If ES cluster has multiple nodes then add all nodes by separating them with comma. e.g. 10.2.0.1,10.2.0.2,10.2.0.3 ## Application server configurations -sunbird_ekstep_api_base_url: #API base URL of the Ekstep environment. Use `https://qa.ekstep.in/api` for non-prod deployments, and use `https://api.ekstep.in/` for prod deployment. -sunbird_ekstep_proxy_base_url: #Base URL of the Ekstep environment. Use `https://qa.ekstep.in/` for non-prod deployments, and `https://community.ekstep.in/` for prod deployment. -sunbird_env: #Ekstep environment to connect to. Use `qa` for non-prod deployments, and `prod` for prod deployment. -sunbird_mail_server_host: #SMTP server IP. Could be ignored if not mails are to be sent. -sunbird_mail_server_port: #SMTP port. Could be ignored if not mails are to be sent. -sunbird_mail_server_username: #SMTP username. Could be ignored if not mails are to be sent. -sunbird_mail_server_password: #SMTP server pasword. Could be ignored if not mails are to be sent. -sunbird_mail_server_from_email: #Email ID that should be as from address in mails -#player_tenant_dir: #Configure if customising the image, path in which volume should be mounted. -sunbird_background_actor_host: -sunbird_actor_system_name: +sunbird_ekstep_api_base_url: "{{ekstep_base_url}}/api" #API base URL of the Ekstep environment. Use `https://qa.ekstep.in/api` for non-prod deployments, and use `https://api.ekstep.in/` for prod deployment. +sunbird_ekstep_proxy_base_url: "{{ekstep_base_url}}" #Base URL of the Ekstep environment. Use `https://qa.ekstep.in/` for non-prod deployments, and `https://community.ekstep.in/` for prod deployment. +sunbird_env: qa #Ekstep environment to connect to. Use `qa` for non-prod deployments, and `prod` for prod deployment. +sunbird_mail_server_host: "{{mail_server_host}}" #SMTP server IP. Could be ignored if not mails are to be sent. +sunbird_mail_server_port: "{{mail_server_port}}" #SMTP port. Could be ignored if not mails are to be sent. +sunbird_mail_server_username: "{{mail_server_username}}" #SMTP username. Could be ignored if not mails are to be sent. +sunbird_mail_server_password: "{{mail_server_password}}" #SMTP server pasword. Could be ignored if not mails are to be sent. +sunbird_mail_server_from_email: "{{mail_server_from_email}}" #Email ID that should be as from address in mails + +#player_tenant_dir: "{{player_tenant_dir}}" #Configure if customising the image, path in which volume should be mounted. +sunbird_background_actor_host: actor-service +sunbird_actor_system_name: BackGroundRemoteMiddlewareActorSystem ## Keycloak (auth server) login details -sunbird_sso_username: -sunbird_sso_password: -keycloak_admin_username: #username for the keycloak_auth login -keycloak_admin_password: #password for the keycloak_auth login +sunbird_sso_username: "{{sso_username}}" +sunbird_sso_password: "{{sso_password}}" +keycloak_password: "{{keycloak_admin_password}}" #admin password for the keycloak_auth login +keycloak_theme_path: "{{keycloak_theme_path}}" #path to the keycloak theme files ## Content Repo configuration -sunbird_api_auth_token: #Authorization key (JWT) to access Sunbird APIs. This will be in the output of deploy-apis.sh script, extracting it out is documented in the deployment wiki. -sunbird_ekstep_api_key: #Authorization key (JWT) to access Ekstep APIs. Steps to generate this are documented on https://github.com/project-sunbird/sunbird-commons/wiki/Obtaining-API-token-for-accessing-ekstep-APIs -sunbird_trampoline_secret: +sunbird_api_auth_token: #Authorization key (JWT) to access Sunbird APIs. This will be in the output of deploy-apis.sh script, extracting it out is documented in the deployment wiki. +sunbird_ekstep_api_key: "{{ekstep_api_key}}" #Authorization key (JWT) to access Ekstep APIs. Steps to generate this are documented on https://github.com/project-sunbird/sunbird-commons/wiki/Obtaining-API-token-for-accessing-ekstep-APIs +sunbird_trampoline_secret: "{{trampoline_secret}}" # ADVANCED CONFIGURATIONS - -cassandra_listen_address: "{{ cassandra_server_private_ip }}" -cassandra_seeds: "{{ cassandra_server_private_ip }}" -cassandra_broadcast_rpc_address: "{{ cassandra_server_private_ip }}" -cassandra_broadcast_address: "{{ cassandra_server_private_ip }}" -cassandra_listen_interface: '' -cassandra_log_dir: '/var/log/cassandra' -cassandra_root_dir: '/etc/cassandra' -cassandra_version: '3.9' -cassandra_port: 9042 -cassandra_rpc_address: 0.0.0.0 -cassandra_restore_dir: /home/deployer/ - -keycloak_auth_server_url: "https://{{ proxy_server_name }}/auth/" +keycloak_auth_server_url: "https://{{ proxy_server_name }}/auth" keycloak_realm: sunbird sunbird_content_player_url: https://{{ proxy_server_name }}/api/ sunbird_learner_player_url: https://{{ proxy_server_name }}/api/ sunbird_sso_url: https://{{ proxy_server_name }}/auth/ sunbird_sso_client_id: admin-cli -sunbird_mongo_port: 27017 -sunbird_mongodb_port: 27017 sunbird_portal_realm: sunbird sunbird_portal_auth_server_client: portal sunbird_trampoline_client_id: trampoline @@ -98,10 +93,11 @@ sunbird_account_key: sunbird_sunbird_quartz_mode: cluster #Use `embedded` to run Quartz without any database, use any other value to use Postgres as database sunbird_cassandra_urls: "{{ cassandra_server_private_ip }}:{{ cassandra_port }}" sunbird_session_store_type: cassandra -sunbird_portal_title_name: -sunbird_keycloak_client_id: -keycloak_admin_initial_password: - +sunbird_portal_title_name: portal +sunbird_keycloak_client_id: 'portal' +sunbird_msg_91_auth: +sunbird_keycloak_public: true +sunbird_msg_sender: project: sunbird application_postgres_database: quartz application_postgres_user: quartz @@ -120,10 +116,9 @@ cassandra_repo_key: 'https://www.apache.org/dist/cassandra/KEYS' #API Manager kong_postgres_port: 5432 -kong_postgres_user: api_manager_sample -kong_postgres_database: api_manager_sample +kong_postgres_user: "api_manager_{{environment}}" +kong_postgres_database: "api_manager_{{environment}}" -es_curl_host: ## Logging details syslog: @@ -151,3 +146,33 @@ postgresql_users: password: "{{application_postgres_password}}" db: "{{application_postgres_database}}" priv: "ALL" + + +proxy_replicas: 1 +proxy_reservation_memory: 64M +proxy_limit_memory: 128M +kong_replicas: 1 +kong_reservation_memory: 120M +kong_limit_memory: 256M +echo_service_replicas: 1 +echo_service_reservation_memory: 16M +echo_service_limit_memory: 32M +adminutil_replicas: 1 +adminutil_reservation_memory: 512M +adminutil_limit_memory: 1024M + +actor_replicas: 1 +actor_reservation_memory: 500M +actor_limit_memory: 1024M + +learner_replicas: 1 +learner_reservation_memory: 1500M +learner_limit_memory: 1500M + +player_replicas: 1 +player_reservation_memory: 256M +player_limit_memory: 512M + +content_replicas: 1 +content_reservation_memory: 125M +content_limit_memory: 256M \ No newline at end of file diff --git a/ansible/inventories/sample/hosts b/ansible/inventories/sample/hosts index 45e1bd0aff..afb2a80128 100644 --- a/ansible/inventories/sample/hosts +++ b/ansible/inventories/sample/hosts @@ -1,5 +1,5 @@ [swarm-manager-1] -localhost ansible_connection=local swarm_master=true +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" swarm_master=true [swarm-manager:children] swarm-manager-1 @@ -8,23 +8,20 @@ swarm-manager-1 swarm-manager-1 [postgresql-1] -localhost ansible_connection=local +"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [es-1] -localhost ansible_connection=local es_instance_name=es-1 es_etc_node_master=true es_etc_node_data=true +"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [cassandra-1] -localhost ansible_connection=local +"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [keycloak-1] -localhost ansible_connection=local +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [keycloak:children] keycloak-1 -[mongodb-1] -localhost ansible_connection=local - [postgresql-master:children] postgresql-1 @@ -39,17 +36,14 @@ cassandra-1 [kong-api] localhost ansible_connection=local -[mongodb:children] -mongodb-1 - [swarm-agent-for-prometheus] -localhost ansible_connection=local +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-grafana] -localhost ansible_connection=local +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-alertmanager] -localhost ansible_connection=local +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [non-swarm-nodes:children] postgresql-master diff --git a/ansible/roles/kong-consumer/tasks/main.yml b/ansible/roles/kong-consumer/tasks/main.yml index 144f6ee57e..afceae05b6 100644 --- a/ansible/roles/kong-consumer/tasks/main.yml +++ b/ansible/roles/kong-consumer/tasks/main.yml @@ -26,3 +26,7 @@ - name: Run script to save consumers shell: "python /tmp/kong-api-scripts/kong_consumers.py /tmp/kong_consumers.json --kong-admin-api-url={{ kong_admin_api_url }}" + register: jwt_token + +- name: write to file + copy: content="{{jwt_token.stdout}}" dest="/home/ops/jwt_token.txt" diff --git a/deploy/deploy-apis.sh b/deploy/deploy-apis.sh index e2bf180c48..18cb41e1f8 100755 --- a/deploy/deploy-apis.sh +++ b/deploy/deploy-apis.sh @@ -27,7 +27,7 @@ ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-adminuti # Onboard APIs echo "@@@@@@@@@ Onboard APIs" -ansible-playbook -i $INVENTORY_PATH ../ansible/api-manager.yml --tags kong-api +ansible-playbook -i $INVENTORY_PATH ../ansible/api-manager.yml --tags kong-api # Onboard Consumers echo "@@@@@@@@@ Onboard Consumers" diff --git a/deploy/deploy-keycloak.sh b/deploy/deploy-keycloak.sh deleted file mode 100755 index 21164f7da8..0000000000 --- a/deploy/deploy-keycloak.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh -set -e - -if [ "$#" -ne 1 ]; then - echo "ERROR: Illegal number of parameters" - echo "Usage: $0 " - exit 1 -fi - -INVENTORY_PATH=$1 - -ORG=sunbird -KEYCLOAK_VERSION=3.2.1.Final-bronze - -# Create application network -echo "@@@@@@@@@ Keycloak deploy" -ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-keycloak1" --extra-vars "deploy_keycloak1=true hub_org=${ORG} image_name=keycloak_image image_tag=$KEYCLOAK_VERSION service_name=keycloak1" From ad13aa318f8c3c724e0c35a768b461a40868f246 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Wed, 24 Jan 2018 23:00:42 +0530 Subject: [PATCH 024/104] Issue #22 feat: unified script for sunbird installation --- deploy/sss.sh | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100755 deploy/sss.sh diff --git a/deploy/sss.sh b/deploy/sss.sh new file mode 100755 index 0000000000..e2241360dd --- /dev/null +++ b/deploy/sss.sh @@ -0,0 +1,62 @@ +#!/bin/bash + +usage() { echo "Usage: $0 -s {config|dbs|apis|proxy|keycloak|core}" 1>&2; exit 1; } + +# Reading environment and implimentation name +implimentation_name=$(awk '/implementation_name: / {print $2}' mcf) +env_name=$(awk '/environment: / {print $2}' mcf) + +ansible_variable_path=$implimentation_name-devops/ansible/inventories/$env_name/group_vars/$env_name + +# Installing dependencies +./install-deps.sh + +# Generating configs +config() { ./generate-config.sh $implimentation_name $env_name core; } + +# Installing and initializing dbs +dbs() { ./install-dbs.sh $ansible_variable_path; ./init-dbs.sh $ansible_variable_path; } + +# Apis +apis() { ./deploy-apis.sh $ansible_variable_path; } + +# Proxy +proxy() { ./deploy-proxy.sh; } + +# Keycloak +keycloak() { ./provision-keycloak.sh; ./deploy-keycloak-vm.sh; } + +# Core services +core() { ./deploy-core.sh; } + +while getopts "s:h" o;do + case "${o}" in + s) + s=${OPTARG} + echo "help.." + case "${s}" in + config) + config + ;; + dbs) + dbs + ;; + apis) + apis + ;; + proxy) + proxy + ;; + keycloak) + keycloak + ;; + *) + usage + ;; + esac + ;; + *) + usage + ;; + esac +done From d1f1aefe4586506d5ee227ba5d856deeefced962 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Wed, 24 Jan 2018 23:05:09 +0530 Subject: [PATCH 025/104] Issue #22 fix: fixed su permission --- deploy/sss.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/sss.sh b/deploy/sss.sh index e2241360dd..01dda8638f 100755 --- a/deploy/sss.sh +++ b/deploy/sss.sh @@ -9,7 +9,7 @@ env_name=$(awk '/environment: / {print $2}' mcf) ansible_variable_path=$implimentation_name-devops/ansible/inventories/$env_name/group_vars/$env_name # Installing dependencies -./install-deps.sh +sudo ./install-deps.sh # Generating configs config() { ./generate-config.sh $implimentation_name $env_name core; } From 0f011f4d489b573638a8270598556d5f935876fa Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Wed, 24 Jan 2018 23:16:15 +0530 Subject: [PATCH 026/104] Issue #22 fix: updated script for better compatibility --- deploy/sss.sh | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/deploy/sss.sh b/deploy/sss.sh index 01dda8638f..3fc2e9f189 100755 --- a/deploy/sss.sh +++ b/deploy/sss.sh @@ -1,24 +1,26 @@ #!/bin/bash -usage() { echo "Usage: $0 -s {config|dbs|apis|proxy|keycloak|core}" 1>&2; exit 1; } +set -e + +usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak|core} ]" 1>&2; exit 1; } # Reading environment and implimentation name -implimentation_name=$(awk '/implementation_name: / {print $2}' mcf) -env_name=$(awk '/environment: / {print $2}' mcf) +IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' mcf) +ENV_NAME=$(awk '/environment: / {print $2}' mcf) -ansible_variable_path=$implimentation_name-devops/ansible/inventories/$env_name/group_vars/$env_name +ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME/group_vars/$ENV_NAME # Installing dependencies -sudo ./install-deps.sh +deps() { sudo ./install-deps.sh; } # Generating configs -config() { ./generate-config.sh $implimentation_name $env_name core; } +config() { ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; } # Installing and initializing dbs -dbs() { ./install-dbs.sh $ansible_variable_path; ./init-dbs.sh $ansible_variable_path; } +dbs() { ./install-dbs.sh $ANSIBLE_VARIABLE_PATH; ./init-dbs.sh $ANSIBLE_VARIABLE_PATH; } # Apis -apis() { ./deploy-apis.sh $ansible_variable_path; } +apis() { ./deploy-apis.sh $ANSIBLE_VARIABLE_PATH; } # Proxy proxy() { ./deploy-proxy.sh; } @@ -52,11 +54,17 @@ while getopts "s:h" o;do ;; *) usage + exit 0 ;; esac ;; + *) usage + exit 0 ;; esac done + +# Default action: install and configure from scratch +deps; config; dbs; apis; proxy; keycloak From f0c115a7175c7dcb99576cf4be4b8068b389b1f3 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 10:02:58 +0530 Subject: [PATCH 027/104] Issue #22 feat: updated generate config --- deploy/generate-config.sh | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/deploy/generate-config.sh b/deploy/generate-config.sh index 6469dfdcd1..917409c98c 100755 --- a/deploy/generate-config.sh +++ b/deploy/generate-config.sh @@ -3,8 +3,8 @@ if [ "$#" -ne 3 ]; then echo "ERROR: Illegal number of parameters" echo "Usage: $0 " - echo "\nOPTIONS\n" - echo "type: deploy, app or db" + echo -e "\nOPTIONS\n" + echo "type: core, azure" echo "implementation-name: Name of the implementation organization or the project using sunbird eg: ntp, nile" echo "environment-name: Name of the environment for which config should be generated. eg: dev, staging, production" exit 1 @@ -19,14 +19,16 @@ CONFIG_TYPE=$3 IMPLEMENTATION_DEVOPS_DIR="$IMPLEMENTATION_NAME-devops" SCRIPT_BASE_DIR=$(dirname $0) +echo "SCRIPT_BASE_DIR" $SCRIPT_BASE_DIR SUNBIRD_DEVOPS_FOLDER=$SCRIPT_BASE_DIR/.. # TODO: This should be derived from script base path +echo "SUNBIRD_DEVOPS_FOLDER" $SUNBIRD_DEVOPS_FOLDER SAMPLE_ENVIRONMENT_NAME=sample BACKUP_SUFFIX=-`date +"%Y-%m-%d-%H-%M-%S"`.bak -if [ $3 == "deploy" ]; then - echo "Creating deployment configuration files...\n" - +if [ $3 == "core" ]; then + echo -e "Creating core service/db configuration files...\n" + sleep 1 SAMPLE_INVENTORY_FILE=$SUNBIRD_DEVOPS_FOLDER/ansible/inventories/sample/hosts SAMPLE_GROUP_VARS_DIR=$SUNBIRD_DEVOPS_FOLDER/ansible/inventories/sample/group_vars SAMPLE_GROUP_VARS_FILE=$SAMPLE_GROUP_VARS_DIR/sample @@ -59,9 +61,9 @@ if [ $3 == "deploy" ]; then echo "Successfully generated $IMPLEMENTATION_DEVOPS_DIR directory with environment $ENVIRONMENT_NAME" echo "Please review & edit files $ENVIRONMENT_INVENTORY_HOSTS_FILE and $ENVIRONMENT_GROUP_VARS_FILE" echo "You can remove backup files by running find $IMPLEMENTATION_DEVOPS_DIR -name *.bak -type f -delete" -elif [ $3 == "cloud" ]; then - echo "Creating cloud configuration files..." - +elif [ $3 == "azure" ]; then + echo "Creating azure cloud configuration files..." + sleep 1 APP_DEPLOY_PARAMS_DIR=$IMPLEMENTATION_DEVOPS_DIR/$ENVIRONMENT_NAME/azure/app SAMPLE_APP_DEPLOY_PARAMS_DIR=$SUNBIRD_DEVOPS_FOLDER/cloud/azure/arm/swarm/acs-engine SAMPLE_DEPLOY_PARAMS_COMMON_FILE=$SAMPLE_APP_DEPLOY_PARAMS_DIR/common/azuredeploy.json From ccce06e9ced546ba51e9bbdaa8d937e4f05c469a Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 10:07:37 +0530 Subject: [PATCH 028/104] Issue #22 feat: updated logging --- deploy/sss.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/deploy/sss.sh b/deploy/sss.sh index 3fc2e9f189..bad87b0437 100755 --- a/deploy/sss.sh +++ b/deploy/sss.sh @@ -14,7 +14,7 @@ ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME/ deps() { sudo ./install-deps.sh; } # Generating configs -config() { ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; } +config() { time ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; } # Installing and initializing dbs dbs() { ./install-dbs.sh $ANSIBLE_VARIABLE_PATH; ./init-dbs.sh $ANSIBLE_VARIABLE_PATH; } @@ -67,4 +67,9 @@ while getopts "s:h" o;do done # Default action: install and configure from scratch -deps; config; dbs; apis; proxy; keycloak +deps 2>&1 | tee deps.log +config 2>&1 | tee config.log +dbs 2>&1 | tee dbs.log +apis 2>&1 | tee apis.log +proxy 2>&1 | tee proxies.log +keycloak 2>&1 | tee keycloak.log From f3610faead882e0f22ffd3b5f41770e59648a5a6 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 10:10:45 +0530 Subject: [PATCH 029/104] Issue #22 fix: updated atomic execution --- deploy/sss.sh | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/deploy/sss.sh b/deploy/sss.sh index bad87b0437..115ec70bb2 100755 --- a/deploy/sss.sh +++ b/deploy/sss.sh @@ -38,19 +38,24 @@ while getopts "s:h" o;do echo "help.." case "${s}" in config) - config + config 2>&1 | tee config.log + exit 0 ;; dbs) - dbs + dbs 2>&1 | tee dbs.log + exit 0 ;; apis) - apis + apis 2>&1 | tee apis.log + exit 0 ;; proxy) - proxy + proxy 2>&1 | tee proxy.log + exit 0 ;; keycloak) - keycloak + keycloak 2>&1 | tee keycloak.log + exit 0 ;; *) usage From 8f363ec7d46d7f346006d7e5aa1154e74d2565ea Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 10:44:58 +0530 Subject: [PATCH 030/104] Issue #22 fix: ansible versioning fix --- deploy/install-deps.sh | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/deploy/install-deps.sh b/deploy/install-deps.sh index 19c38d418a..713d37dc2c 100755 --- a/deploy/install-deps.sh +++ b/deploy/install-deps.sh @@ -3,7 +3,7 @@ # set -o errexit DOCKER_VERSION=17.06.2~ce-0~ubuntu -ANSIBLE_VERSION=2.4.1.0-1ppa~xenial +ANSIBLE_VERSION=2.4.1.0 SWARM_MASTER_IP=$(ip route get 8.8.8.8 | awk '{print $NF; exit}') echo "MasterIP: $SWARM_MASTER_IP" @@ -34,10 +34,8 @@ apt-get -y update apt-get -y install docker-ce=$DOCKER_VERSION # Install Ansible -apt-get -y install software-properties-common -apt-add-repository -y ppa:ansible/ansible -apt-get update -apt-get -y install ansible=$ANSIBLE_VERSION +apt install -y python-pip +pip install ansible==$ANSIBLE_VERSION # Setup docker to system service systemctl enable docker @@ -46,4 +44,4 @@ systemctl restart docker # Initialise Docker Swarm, with current machine as Master (which is active) docker swarm init --advertise-addr $SWARM_MASTER_IP -docker node ls \ No newline at end of file +docker node ls From c5dfc7dbee7cad5c5be3010ac1dcd5da7e0cf9e2 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 11:07:13 +0530 Subject: [PATCH 031/104] Issue #22 fix: removed duplicated ansible installation --- deploy/deploy-keycloak-vm.sh | 9 +-------- deploy/install-dbs.sh | 7 ------- deploy/provision-keycloak.sh | 9 +-------- 3 files changed, 2 insertions(+), 23 deletions(-) diff --git a/deploy/deploy-keycloak-vm.sh b/deploy/deploy-keycloak-vm.sh index a0ff227d6f..7c91201bd1 100755 --- a/deploy/deploy-keycloak-vm.sh +++ b/deploy/deploy-keycloak-vm.sh @@ -7,15 +7,8 @@ if [ "$#" -ne 1 ]; then exit 1 fi -ANSIBLE_VERSION=2.4.1.0-1ppa~xenial -# Install Ansible -apt-get -y install software-properties-common -apt-add-repository -y ppa:ansible/ansible -apt-get update -apt-get -y install ansible=$ANSIBLE_VERSION - INVENTORY_PATH=$1 #Deploy keycloak echo "@@@@@@@@@ Keycloak " -ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags deploy \ No newline at end of file +ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags deploy diff --git a/deploy/install-dbs.sh b/deploy/install-dbs.sh index 8690151415..8ae69abf69 100755 --- a/deploy/install-dbs.sh +++ b/deploy/install-dbs.sh @@ -7,13 +7,6 @@ if [ "$#" -ne 1 ]; then exit 1 fi -ANSIBLE_VERSION=2.4.1.0-1ppa~xenial -# Install Ansible -apt-get -y install software-properties-common -apt-add-repository -y ppa:ansible/ansible -apt-get update -apt-get -y install ansible=$ANSIBLE_VERSION - INVENTORY_PATH=$1 #Elasticsearch installation diff --git a/deploy/provision-keycloak.sh b/deploy/provision-keycloak.sh index 73a201bde0..fcdc5f6db8 100755 --- a/deploy/provision-keycloak.sh +++ b/deploy/provision-keycloak.sh @@ -7,15 +7,8 @@ if [ "$#" -ne 1 ]; then exit 1 fi -ANSIBLE_VERSION=2.4.1.0-1ppa~xenial -# Install Ansible -apt-get -y install software-properties-common -apt-add-repository -y ppa:ansible/ansible -apt-get update -apt-get -y install ansible=$ANSIBLE_VERSION - INVENTORY_PATH=$1 #Keycloak installation echo "@@@@@@@@@ Keycloak " -ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags provision \ No newline at end of file +ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags provision From e1ca1d72e90806c07da1433f9528560180b87a8f Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 11:21:00 +0530 Subject: [PATCH 032/104] Issue #22 fix : renamed mcf to config --- {ansible/inventories/sample => deploy}/config | 0 deploy/mcf | 39 +++++++++++++++++++ deploy/sss.sh | 4 +- 3 files changed, 41 insertions(+), 2 deletions(-) rename {ansible/inventories/sample => deploy}/config (100%) create mode 100644 deploy/mcf diff --git a/ansible/inventories/sample/config b/deploy/config similarity index 100% rename from ansible/inventories/sample/config rename to deploy/config diff --git a/deploy/mcf b/deploy/mcf new file mode 100644 index 0000000000..de1c177e57 --- /dev/null +++ b/deploy/mcf @@ -0,0 +1,39 @@ +#Basic +environment: dev +implementation_name: rajesh +ssh_ansible_user: +ansible_private_key_path: + +#Application +application_host: +app_address_space: +msg_91_auth: +msg_sender: +player_tenant_dir: + +#Proxy +cert_path: +keypath_path: +dns_name: + +#Database +database_host: +database_password: + +#Ekstep +ekstep_base_url: +ekstep_api_key: + +#Keycloak +sso_username: +sso_password: +keycloak_admin_password: +keycloak_theme_path: +trampoline_secret: + +#Portal mail +mail_server_host: +mail_server_port: +mail_server_username: +mail_server_password: +mail_server_from_email: diff --git a/deploy/sss.sh b/deploy/sss.sh index 115ec70bb2..68d83c6e0b 100755 --- a/deploy/sss.sh +++ b/deploy/sss.sh @@ -5,8 +5,8 @@ set -e usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak|core} ]" 1>&2; exit 1; } # Reading environment and implimentation name -IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' mcf) -ENV_NAME=$(awk '/environment: / {print $2}' mcf) +IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' config) +ENV_NAME=$(awk '/environment: / {print $2}' config) ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME/group_vars/$ENV_NAME From 4d1523908e73684d330e246df788ef2a5a79f64b Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 11:27:27 +0530 Subject: [PATCH 033/104] Issue #22 fix: removed core from sunbird installation --- deploy/{sss.sh => sunbird_install.sh} | 3 --- 1 file changed, 3 deletions(-) rename deploy/{sss.sh => sunbird_install.sh} (97%) diff --git a/deploy/sss.sh b/deploy/sunbird_install.sh similarity index 97% rename from deploy/sss.sh rename to deploy/sunbird_install.sh index 68d83c6e0b..2ec3d9ebc3 100755 --- a/deploy/sss.sh +++ b/deploy/sunbird_install.sh @@ -28,9 +28,6 @@ proxy() { ./deploy-proxy.sh; } # Keycloak keycloak() { ./provision-keycloak.sh; ./deploy-keycloak-vm.sh; } -# Core services -core() { ./deploy-core.sh; } - while getopts "s:h" o;do case "${o}" in s) From 1789b58b0b3647c38f031b8693dd1dd66ea1a90e Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 13:13:25 +0530 Subject: [PATCH 034/104] Issue #22 feat: updated logging for script --- deploy/sunbird_install.sh | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 2ec3d9ebc3..31ff2d485c 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -35,23 +35,23 @@ while getopts "s:h" o;do echo "help.." case "${s}" in config) - config 2>&1 | tee config.log + echo -e "\n$(date)\n">>config.log; config 2>&1 | tee -a config.log exit 0 ;; dbs) - dbs 2>&1 | tee dbs.log + echo -e "\n$(date)\n">>dbs.log; dbs 2>&1 | tee -a dbs.log exit 0 ;; apis) - apis 2>&1 | tee apis.log + echo -e "\n$(date)\n">>apis.log; apis 2>&1 | tee -a apis.log exit 0 ;; proxy) - proxy 2>&1 | tee proxy.log + echo -e "\n$(date)\n">>proxy.log; proxy 2>&1 | tee -a proxy.log exit 0 ;; keycloak) - keycloak 2>&1 | tee keycloak.log + echo -e "\n$(date)\n">>keycloak.log; keycloak 2>&1 | tee -a keycloak.log exit 0 ;; *) @@ -69,9 +69,9 @@ while getopts "s:h" o;do done # Default action: install and configure from scratch -deps 2>&1 | tee deps.log -config 2>&1 | tee config.log -dbs 2>&1 | tee dbs.log -apis 2>&1 | tee apis.log -proxy 2>&1 | tee proxies.log -keycloak 2>&1 | tee keycloak.log +echo -e \n$(date)\n >> deps.log; deps 2>&1 | tee -a deps.log +echo -e \n$(date)\n >> config.log; config 2>&1 | tee -a config.log +echo -e \n$(date)\n >> dbs.log; dbs 2>&1 | tee -a dbs.log +echo -e \n$(date)\n >> apis.log; apis 2>&1 | tee -a apis.log +echo -e \n$(date)\n >> proxies.log; proxy 2>&1 | tee -a proxies.log +echo -e \n$(date)\n >> keycloak.log; keycloak 2>&1 | tee -a keycloak.log From 34199761ea5a49c55437a09caf437adfe83b4991 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 13:20:12 +0530 Subject: [PATCH 035/104] Issue #22 fix: removed core from unified script --- deploy/sunbird_install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 31ff2d485c..a9ff092951 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -2,7 +2,7 @@ set -e -usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak|core} ]" 1>&2; exit 1; } +usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak} ]" 1>&2; exit 1; } # Reading environment and implimentation name IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' config) From c81c35072c0b0a25cb6259b85a3fa26e297e4ff4 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Thu, 25 Jan 2018 17:10:09 +0530 Subject: [PATCH 036/104] Issue #22 feat: changed ssl content to path --- ansible/inventories/sample/group_vars/sample | 6 +++--- deploy/config | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index 1d34850f1a..73273f6770 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -1,8 +1,8 @@ # ENVIRONMENT CONFIGURATION env: "{{environment}}" #Name of the environment, e.g. dev, staging or production. proxy_server_name: "{{dns_name}}" #Domain on which the portal will be accessed. e.g. staging.{implementation-name}.org -proxy_site_key: #SSL certificate's site.key file contents. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service -proxy_site_crt: #SSL certificate's site.crt file contents. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service +proxy_site_key: "{{lookup('file',key_path)}}" #SSL certificate's site.key file path. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service +proxy_site_crt: "{{lookup('file',cert_path)}}" #SSL certificate's site.crt file path. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service # DB CONFIGURATION @@ -175,4 +175,4 @@ player_limit_memory: 512M content_replicas: 1 content_reservation_memory: 125M -content_limit_memory: 256M \ No newline at end of file +content_limit_memory: 256M diff --git a/deploy/config b/deploy/config index 1f774dd174..5ce231e1ab 100644 --- a/deploy/config +++ b/deploy/config @@ -1,6 +1,6 @@ #Basic -environment: -implementation_name: +environment: dev +implementation_name: tester ssh_ansible_user: ansible_private_key_path: @@ -13,7 +13,7 @@ player_tenant_dir: #Proxy cert_path: -keypath_path: +key_path: dns_name: #Database From a4c80b0b0c09f636aa1c6dc4b7815b0418d16b09 Mon Sep 17 00:00:00 2001 From: manoj v Date: Thu, 25 Jan 2018 17:42:10 +0530 Subject: [PATCH 037/104] Issue #367 chore: es backup issue --- ansible/roles/stack-sunbird/tasks/learner_service.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/stack-sunbird/tasks/learner_service.yml b/ansible/roles/stack-sunbird/tasks/learner_service.yml index 507c24f6e6..7ac5532ad6 100644 --- a/ansible/roles/stack-sunbird/tasks/learner_service.yml +++ b/ansible/roles/stack-sunbird/tasks/learner_service.yml @@ -8,6 +8,6 @@ ignore_errors: yes - name: Deploy learner service - shell: "docker service create --replicas {{ learner_replicas }} -p 9000:9000 --name learner-service --hostname learner-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --network application_default --env-file /home/deployer/env/sunbird_learner-service.env --health-cmd \"curl -f http://localhost:9000/health || exit 1\" --health-interval 10s --health-timeout 5s --health-retries 5 {{hub_org}}/{{image_name}}:{{image_tag}}" + shell: "docker service create --replicas {{ learner_replicas }} -p 9000:9000 --name learner-service --hostname learner-service --reserve-memory {{ learner_reservation_memory }} --limit-memory {{ learner_limit_memory }} --network application_default --env-file /home/deployer/env/sunbird_learner-service.env {{hub_org}}/{{image_name}}:{{image_tag}}" args: chdir: /home/deployer/stack From c50add8103eb44d55c12e3a5d91e5f5c4eff5835 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 13:45:40 +0530 Subject: [PATCH 038/104] Issue #22 feat: dynamic inventory creation --- deploy/config | 8 ++------ deploy/sunbird_install.sh | 19 ++++++++++++++++--- 2 files changed, 18 insertions(+), 9 deletions(-) diff --git a/deploy/config b/deploy/config index 5ce231e1ab..5697b0c496 100644 --- a/deploy/config +++ b/deploy/config @@ -5,8 +5,8 @@ ssh_ansible_user: ansible_private_key_path: #Application -application_host: -app_address_space: +application_host: #Private ip of the application server +app_address_space: #Application server address space (e.g. 10.3.0.0/24) msg_91_auth: msg_sender: player_tenant_dir: @@ -37,7 +37,3 @@ mail_server_port: mail_server_username: mail_server_password: mail_server_from_email: - - - - diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index a9ff092951..b5c2f79387 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -7,14 +7,27 @@ usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak} ]" 1>&2; exit 1; # Reading environment and implimentation name IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' config) ENV_NAME=$(awk '/environment: / {print $2}' config) - -ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME/group_vars/$ENV_NAME +APP_HOST=$(awk '/application_host: / {print $2}' config) +DB_HOST=$(awk '/database_host: / {print $2}' config) +SSH_ANSIBLE_USER=$(awk '/ssh_ansible_user: / {print $2}' config) +SSH_ANSIBLE_FILE=$(awk '/ssh_ansible_file: / {print $2}' config) +ANSIBLE_PRIVATE_KEY_PATH=$(awk '/ansible_private_key_path: / {print $2}' config) +ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME # Installing dependencies deps() { sudo ./install-deps.sh; } # Generating configs -config() { time ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; } +config() { + time ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; + # Creating inventory + sed -i s#\"{{database_host}}\"#$DB_HOST#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{application_host}}\"#$APP_HOST#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{ssh_ansible_user}}\"#$SSH_ANSIBLE_USER#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{ssh_ansible_file}}\"#$SSH_ANSIBLE_FILE#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{ansible_private_key_path}}\"#$ANSIBLE_PRIVATE_KEY_PATH#g $ANSIBLE_VARIABLE_PATH/hosts +} + # Installing and initializing dbs dbs() { ./install-dbs.sh $ANSIBLE_VARIABLE_PATH; ./init-dbs.sh $ANSIBLE_VARIABLE_PATH; } From 015fe2902b765b50b8935bbf65a627c67019a884 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 13:48:00 +0530 Subject: [PATCH 039/104] Issue #22 feat: cleanup config --- deploy/config | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/config b/deploy/config index 5697b0c496..51971a5551 100644 --- a/deploy/config +++ b/deploy/config @@ -1,6 +1,6 @@ #Basic -environment: dev -implementation_name: tester +environment: +implementation_name: ssh_ansible_user: ansible_private_key_path: From e4f084f297d05878470d542fc80bd06a8e087281 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 14:26:32 +0530 Subject: [PATCH 040/104] Issue #22 fix: theme copying is not mandatory --- ansible/roles/keycloak/tasks/deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ansible/roles/keycloak/tasks/deploy.yml b/ansible/roles/keycloak/tasks/deploy.yml index b057ad9f30..db0ea430ad 100644 --- a/ansible/roles/keycloak/tasks/deploy.yml +++ b/ansible/roles/keycloak/tasks/deploy.yml @@ -40,6 +40,7 @@ - name: copy the artifacts copy: src={{keycloak_theme_path}} dest="{{keycloak_home}}/themes/" owner={{wildfly_user}} group={{wildfly_group}} + ignore_errors: true - name: XML file template: @@ -99,4 +100,4 @@ command: /etc/init.d/keycloak start poll: 5 async: 5 - \ No newline at end of file + From a183262c3bdeca376b4c7d44764f036ec24dea0d Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 14:39:53 +0530 Subject: [PATCH 041/104] Issue #22 feat: overriding vars with config --- deploy/deploy-apis.sh | 10 +++++----- deploy/deploy-proxy.sh | 4 ++-- deploy/install-dbs.sh | 8 ++++---- deploy/provision-keycloak.sh | 2 +- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/deploy/deploy-apis.sh b/deploy/deploy-apis.sh index 18cb41e1f8..df9bf47a8c 100755 --- a/deploy/deploy-apis.sh +++ b/deploy/deploy-apis.sh @@ -15,20 +15,20 @@ ADMIN_UTILS_VERSION=0.0.1-SNAPSHOT-gold # Bootstrap swarm echo "@@@@@@@@@ Bootstrap swarm" -ansible-playbook -i $INVENTORY_PATH ../ansible/bootstrap.yml --extra-vars "hosts=swarm-manager" --tags bootstrap_swarm +ansible-playbook -i $INVENTORY_PATH ../ansible/bootstrap.yml --extra-vars "hosts=swarm-manager" --tags bootstrap_swarm --extra-vars=@config # Deploy API Manager echo "@@@@@@@@@ Deploy API Manager" -ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-api-manager" --extra-vars "hub_org=${ORG} echo_server_image_name=echo-server echo_server_image_tag=${ECHO_SERVER_VERSION}" +ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-api-manager" --extra-vars "hub_org=${ORG} echo_server_image_name=echo-server echo_server_image_tag=${ECHO_SERVER_VERSION}" --extra-vars=@config # Deploy Admin Utils API echo "@@@@@@@@@ Deploy Admin Utils API" -ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-adminutil" --extra-vars "hub_org=${ORG} image_name=adminutil image_tag=${ADMIN_UTILS_VERSION}" +ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-adminutil" --extra-vars "hub_org=${ORG} image_name=adminutil image_tag=${ADMIN_UTILS_VERSION}" --extra-vars=@config # Onboard APIs echo "@@@@@@@@@ Onboard APIs" -ansible-playbook -i $INVENTORY_PATH ../ansible/api-manager.yml --tags kong-api +ansible-playbook -i $INVENTORY_PATH ../ansible/api-manager.yml --tags kong-api --extra-vars=@config # Onboard Consumers echo "@@@@@@@@@ Onboard Consumers" -ansible-playbook -v -i $INVENTORY_PATH ../ansible/api-manager.yml --tags kong-consumer +ansible-playbook -v -i $INVENTORY_PATH ../ansible/api-manager.yml --tags kong-consumer --extra-vars=@config diff --git a/deploy/deploy-proxy.sh b/deploy/deploy-proxy.sh index f4857c964f..a15b05e8a1 100755 --- a/deploy/deploy-proxy.sh +++ b/deploy/deploy-proxy.sh @@ -14,8 +14,8 @@ PROXY_VERSION=0.0.1-gold # Bootstrap swarm echo "@@@@@@@@@ Bootstrap swarm" -ansible-playbook -i $INVENTORY_PATH ../ansible/bootstrap.yml --extra-vars "hosts=swarm-manager" --tags bootstrap_swarm +ansible-playbook -i $INVENTORY_PATH ../ansible/bootstrap.yml --extra-vars "hosts=swarm-manager" --tags bootstrap_swarm --extra-vars=@config # Re-deploy Proxy echo "Redeploy Proxy" -ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-proxy" --extra-vars "hub_org=${ORG} image_name=proxy image_tag=${PROXY_VERSION}" +ansible-playbook -i $INVENTORY_PATH ../ansible/deploy.yml --tags "stack-proxy" --extra-vars "hub_org=${ORG} image_name=proxy image_tag=${PROXY_VERSION}" --extra-vars=@config diff --git a/deploy/install-dbs.sh b/deploy/install-dbs.sh index 8ae69abf69..eabc83f5cd 100755 --- a/deploy/install-dbs.sh +++ b/deploy/install-dbs.sh @@ -11,16 +11,16 @@ INVENTORY_PATH=$1 #Elasticsearch installation echo "@@@@@@@@@ Elasticsearch installation" -ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags es +ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags es --extra-vars=@config # Cassandra installation echo "@@@@@@@@@ Cassandra installation" -ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags cassandra +ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags cassandra --extra-vars=@config # Postgresql-master installation echo "@@@@@@@@@ Postgresql-master installation" -ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags postgresql-master +ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags postgresql-master --extra-vars=@config # Mongodb installation echo "@@@@@@@@@ Mongodb installation" -ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags "mongodb" +ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags "mongodb" --extra-vars=@config diff --git a/deploy/provision-keycloak.sh b/deploy/provision-keycloak.sh index fcdc5f6db8..5082de41c3 100755 --- a/deploy/provision-keycloak.sh +++ b/deploy/provision-keycloak.sh @@ -11,4 +11,4 @@ INVENTORY_PATH=$1 #Keycloak installation echo "@@@@@@@@@ Keycloak " -ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags provision +ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags provision --extra-vars=@config From ba242ce30acf127966567ecaa2fc2231491d18e3 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 16:33:05 +0530 Subject: [PATCH 042/104] Issue #22 fix: removed depricated mongodb --- ansible/inventories/sample/hosts | 1 - 1 file changed, 1 deletion(-) diff --git a/ansible/inventories/sample/hosts b/ansible/inventories/sample/hosts index afb2a80128..37f4e10ad0 100644 --- a/ansible/inventories/sample/hosts +++ b/ansible/inventories/sample/hosts @@ -52,7 +52,6 @@ es cassandra kong-api keycloak -mongodb [swarm-nodes:children] swarm-manager From ebef274e3880d8d50a2c76a702541745820a5636 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 16:40:26 +0530 Subject: [PATCH 043/104] Issue #22 fix: keycloak ansible inventory path --- deploy/sunbird_install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index b5c2f79387..30a660e5cf 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -36,10 +36,10 @@ dbs() { ./install-dbs.sh $ANSIBLE_VARIABLE_PATH; ./init-dbs.sh $ANSIBLE_VARIABLE apis() { ./deploy-apis.sh $ANSIBLE_VARIABLE_PATH; } # Proxy -proxy() { ./deploy-proxy.sh; } +proxy() { ./deploy-proxy.sh $ANSIBLE_VARIABLE_PATH; } # Keycloak -keycloak() { ./provision-keycloak.sh; ./deploy-keycloak-vm.sh; } +keycloak() { ./provision-keycloak.sh $ANSIBLE_VARIABLE_PATH; ./deploy-keycloak-vm.sh $ANSIBLE_VARIABLE_PATH; } while getopts "s:h" o;do case "${o}" in From b7482b10934592150713c7fa2494493f93102a11 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 16:53:28 +0530 Subject: [PATCH 044/104] Issue #22 fix: docker daemon permission denied --- ansible/bootstrap.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ansible/bootstrap.yml b/ansible/bootstrap.yml index 783da972cd..c71d4e2891 100644 --- a/ansible/bootstrap.yml +++ b/ansible/bootstrap.yml @@ -1,10 +1,12 @@ - hosts: "{{hosts}}" + become: yes roles: - role: bootstrap_any tags: - bootstrap_any - hosts: "{{hosts}}" + become: yes roles: - role: bootstrap_swarm when: swarm_master From d0f933c2146b3f6dc4188816c9e241611645cf62 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 17:00:58 +0530 Subject: [PATCH 045/104] Issue #22 fix: overriding vars --- deploy/deploy-keycloak-vm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/deploy-keycloak-vm.sh b/deploy/deploy-keycloak-vm.sh index 7c91201bd1..ae77b3d106 100755 --- a/deploy/deploy-keycloak-vm.sh +++ b/deploy/deploy-keycloak-vm.sh @@ -11,4 +11,4 @@ INVENTORY_PATH=$1 #Deploy keycloak echo "@@@@@@@@@ Keycloak " -ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags deploy +ansible-playbook -i $INVENTORY_PATH ../ansible/keycloak.yml --tags deploy --extra-vars=@config From 849982d4f11728d662aee467e500d14a29f6e2d0 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 20:44:52 +0530 Subject: [PATCH 046/104] Issue #22 fix: postgres user not found error --- ansible/roles/postgresql-data-update/tasks/main.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/roles/postgresql-data-update/tasks/main.yml b/ansible/roles/postgresql-data-update/tasks/main.yml index 64218d9ba7..800624ff43 100644 --- a/ansible/roles/postgresql-data-update/tasks/main.yml +++ b/ansible/roles/postgresql-data-update/tasks/main.yml @@ -1,9 +1,9 @@ -- name: Verifying db users are present else creating them - include: users.yml - - name: creating database include: databases.yml +- name: Verifying db users are present else creating them + include: users.yml + - name: Copy the templates become: yes template: src={{item}} dest=/tmp/{{item}} From 511397e223494faaa27d202509a02e6b82b867fd Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 22:08:50 +0530 Subject: [PATCH 047/104] Issue #22 fix: changed templatig to copying to avoid infinite variable looping --- ansible/roles/cassandra-cql-update/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/roles/cassandra-cql-update/tasks/main.yml b/ansible/roles/cassandra-cql-update/tasks/main.yml index 628ce09439..d29f8876de 100644 --- a/ansible/roles/cassandra-cql-update/tasks/main.yml +++ b/ansible/roles/cassandra-cql-update/tasks/main.yml @@ -1,6 +1,6 @@ - name: Copy the templates become: yes - template: src={{item}} dest=/tmp/{{item}} + copy: src=files/{{item}} dest=/tmp/{{item}} with_items: - cassandra.cql - pageMgmt.csv @@ -36,4 +36,4 @@ become: yes command: "cqlsh -f /tmp/content_service.cql" tags: - - content_service \ No newline at end of file + - content_service From 39b10b4943e377dba01564d19ccb4566f4570b5b Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 22:28:51 +0530 Subject: [PATCH 048/104] Issue #22 fix: idiomatic syntaxing --- ansible/roles/kong-api/defaults/main.yml | 1676 +++++++++++----------- 1 file changed, 838 insertions(+), 838 deletions(-) diff --git a/ansible/roles/kong-api/defaults/main.yml b/ansible/roles/kong-api/defaults/main.yml index 52ccd5fe63..5c2ca9f30b 100644 --- a/ansible/roles/kong-api/defaults/main.yml +++ b/ansible/roles/kong-api/defaults/main.yml @@ -8,9 +8,9 @@ statsd_port: 9125 statsd_pulgin: name: statsd - config.metrics: '{{ statsd_metrics }}' - config.host: '{{ statsd_host }}' - config.port: '{{ statsd_port }}' + config.metrics: "{{ statsd_metrics }}" + config.host: "{{ statsd_host }}" + config.port: "{{ statsd_port }}" # Default Rate limits small_rate_limit_per_hour: 100 @@ -76,2508 +76,2508 @@ premium_consumer_rate_limits: # - {name: 'request-size-limiting', config.allowed_payload_size: "{{ medium_request_size_limit }}" } kong_apis: - name: createContent - request_path: '{{ content_service_prefix }}/v1/create' - upstream_url: '{{ content_service_url }}/v1/content/create' + request_path: "{{ content_service_prefix }}/v1/create" + upstream_url: "{{ content_service_url }}/v1/content/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchContent - request_path: '{{ content_service_prefix }}/v1/search' - upstream_url: '{{ content_service_url }}/v1/content/search' + request_path: "{{ content_service_prefix }}/v1/search" + upstream_url: "{{ content_service_url }}/v1/content/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateContent - request_path: '{{ content_service_prefix }}/v1/update' - upstream_url: '{{ content_service_url }}/v1/content/update' + request_path: "{{ content_service_prefix }}/v1/update" + upstream_url: "{{ content_service_url }}/v1/content/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readContent - request_path: '{{ content_service_prefix }}/v1/read' - upstream_url: '{{ content_service_url }}/v1/content/read' + request_path: "{{ content_service_prefix }}/v1/read" + upstream_url: "{{ content_service_url }}/v1/content/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: submitContentForReview - request_path: '{{ content_service_prefix }}/v1/review' - upstream_url: '{{ content_service_url }}/v1/content/review' + request_path: "{{ content_service_prefix }}/v1/review" + upstream_url: "{{ content_service_url }}/v1/content/review" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: publishContent - request_path: '{{ content_service_prefix }}/v1/publish' - upstream_url: '{{ content_service_url }}/v1/content/publish' + request_path: "{{ content_service_prefix }}/v1/publish" + upstream_url: "{{ content_service_url }}/v1/content/publish" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: uploadContent - request_path: '{{ content_service_prefix }}/v1/upload' - upstream_url: '{{ content_service_url }}/v1/content/upload' + request_path: "{{ content_service_prefix }}/v1/upload" + upstream_url: "{{ content_service_url }}/v1/content/upload" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ large_request_size_limit }}' + config.allowed_payload_size: "{{ large_request_size_limit }}" - name: retireContent - request_path: '{{ content_service_prefix }}/v1/retire' - upstream_url: '{{ content_service_url }}/v1/content/retire' + request_path: "{{ content_service_prefix }}/v1/retire" + upstream_url: "{{ content_service_url }}/v1/content/retire" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createCourse - request_path: '{{ course_service_prefix }}/v1/create' - upstream_url: '{{ content_service_url }}/v1/course/create' + request_path: "{{ course_service_prefix }}/v1/create" + upstream_url: "{{ content_service_url }}/v1/course/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchCourse - request_path: '{{ course_service_prefix }}/v1/search' - upstream_url: '{{ content_service_url }}/v1/course/search' + request_path: "{{ course_service_prefix }}/v1/search" + upstream_url: "{{ content_service_url }}/v1/course/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateCourse - request_path: '{{ course_service_prefix }}/v1/update' - upstream_url: '{{ content_service_url }}/v1/course/update' + request_path: "{{ course_service_prefix }}/v1/update" + upstream_url: "{{ content_service_url }}/v1/course/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readCourse - request_path: '{{ course_service_prefix }}/v1/read' - upstream_url: '{{ content_service_url }}/v1/course/read' + request_path: "{{ course_service_prefix }}/v1/read" + upstream_url: "{{ content_service_url }}/v1/course/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: submitCourseForReview - request_path: '{{ course_service_prefix }}/v1/review' - upstream_url: '{{ content_service_url }}/v1/course/review' + request_path: "{{ course_service_prefix }}/v1/review" + upstream_url: "{{ content_service_url }}/v1/course/review" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: publishCourse - request_path: '{{ course_service_prefix }}/v1/publish' - upstream_url: '{{ content_service_url }}/v1/course/publish' + request_path: "{{ course_service_prefix }}/v1/publish" + upstream_url: "{{ content_service_url }}/v1/course/publish" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: retireCourse - request_path: '{{ course_service_prefix }}/v1/retire' - upstream_url: '{{ content_service_url }}/v1/course/retire' + request_path: "{{ course_service_prefix }}/v1/retire" + upstream_url: "{{ content_service_url }}/v1/course/retire" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getCourseHierarchy - request_path: '{{ course_service_prefix }}/v1/hierarchy' - upstream_url: '{{ content_service_url }}/v1/course/hierarchy' + request_path: "{{ course_service_prefix }}/v1/hierarchy" + upstream_url: "{{ content_service_url }}/v1/course/hierarchy" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: courseEnrolment - request_path: '{{ course_service_prefix }}/v1/enrol' - upstream_url: '{{ learning_service_url }}/v1/course/enrol' + request_path: "{{ course_service_prefix }}/v1/enrol" + upstream_url: "{{ learning_service_url }}/v1/course/enrol" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listCourseEnrollments - request_path: '{{ course_service_prefix }}/v1/user/enrollment/list' - upstream_url: '{{ learning_service_url }}/v1/user/courses/list' + request_path: "{{ course_service_prefix }}/v1/user/enrollment/list" + upstream_url: "{{ learning_service_url }}/v1/user/courses/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readContentState - request_path: '{{ course_service_prefix }}/v1/content/state/read' - upstream_url: '{{ learning_service_url }}/v1/content/state/read' + request_path: "{{ course_service_prefix }}/v1/content/state/read" + upstream_url: "{{ learning_service_url }}/v1/content/state/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateContentState - request_path: '{{ course_service_prefix }}/v1/content/state/update' - upstream_url: '{{ learning_service_url }}/v1/content/state/update' + request_path: "{{ course_service_prefix }}/v1/content/state/update" + upstream_url: "{{ learning_service_url }}/v1/content/state/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createUser - request_path: '{{ user_service_prefix }}/v1/create' - upstream_url: '{{ learning_service_url }}/v1/user/create' + request_path: "{{ user_service_prefix }}/v1/create" + upstream_url: "{{ learning_service_url }}/v1/user/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateUser - request_path: '{{ user_service_prefix }}/v1/update' - upstream_url: '{{ learning_service_url }}/v1/user/update' + request_path: "{{ user_service_prefix }}/v1/update" + upstream_url: "{{ learning_service_url }}/v1/user/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getUserProfile - request_path: '{{ user_service_prefix }}/v1/read' - upstream_url: '{{ learning_service_url }}/v1/user/read' + request_path: "{{ user_service_prefix }}/v1/read" + upstream_url: "{{ learning_service_url }}/v1/user/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchUser - request_path: '{{ user_service_prefix }}/v1/search' - upstream_url: '{{ learning_service_url }}/v1/user/search' + request_path: "{{ user_service_prefix }}/v1/search" + upstream_url: "{{ learning_service_url }}/v1/user/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: retireUser - request_path: '{{ user_service_prefix }}/v1/retire' - upstream_url: '{{ learning_service_url }}/v1/user/retire' + request_path: "{{ user_service_prefix }}/v1/retire" + upstream_url: "{{ learning_service_url }}/v1/user/retire" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createPage - request_path: '{{ data_service_prefix }}/v1/page/create' - upstream_url: '{{ learning_service_url }}/v1/page/create' + request_path: "{{ data_service_prefix }}/v1/page/create" + upstream_url: "{{ learning_service_url }}/v1/page/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updatePage - request_path: '{{ data_service_prefix }}/v1/page/update' - upstream_url: '{{ learning_service_url }}/v1/page/update' + request_path: "{{ data_service_prefix }}/v1/page/update" + upstream_url: "{{ learning_service_url }}/v1/page/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getPageSettings - request_path: '{{ data_service_prefix }}/v1/page/read' - upstream_url: '{{ learning_service_url }}/v1/page/read' + request_path: "{{ data_service_prefix }}/v1/page/read" + upstream_url: "{{ learning_service_url }}/v1/page/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: assemblePage - request_path: '{{ data_service_prefix }}/v1/page/assemble' - upstream_url: '{{ learning_service_url }}/v1/page/assemble' + request_path: "{{ data_service_prefix }}/v1/page/assemble" + upstream_url: "{{ learning_service_url }}/v1/page/assemble" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createNote - request_path: '{{ notes_service_prefix }}/v1/create' - upstream_url: '{{ learning_service_url }}/v1/note/create' + request_path: "{{ notes_service_prefix }}/v1/create" + upstream_url: "{{ learning_service_url }}/v1/note/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: noteAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateNote - request_path: '{{ notes_service_prefix }}/v1/update' - upstream_url: '{{ learning_service_url }}/v1/note/update' + request_path: "{{ notes_service_prefix }}/v1/update" + upstream_url: "{{ learning_service_url }}/v1/note/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: noteAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readNote - request_path: '{{ notes_service_prefix }}/v1/read' - upstream_url: '{{ learning_service_url }}/v1/note/read' + request_path: "{{ notes_service_prefix }}/v1/read" + upstream_url: "{{ learning_service_url }}/v1/note/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: noteUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchNotes - request_path: '{{ notes_service_prefix }}/v1/search' - upstream_url: '{{ learning_service_url }}/v1/note/search' + request_path: "{{ notes_service_prefix }}/v1/search" + upstream_url: "{{ learning_service_url }}/v1/note/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: noteUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createOrg - request_path: '{{ org_service_prefix }}/v1/create' - upstream_url: '{{ learning_service_url }}/v1/org/create' + request_path: "{{ org_service_prefix }}/v1/create" + upstream_url: "{{ learning_service_url }}/v1/org/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateOrg - request_path: '{{ org_service_prefix }}/v1/update' - upstream_url: '{{ learning_service_url }}/v1/org/update' + request_path: "{{ org_service_prefix }}/v1/update" + upstream_url: "{{ learning_service_url }}/v1/org/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readOrg - request_path: '{{ org_service_prefix }}/v1/read' - upstream_url: '{{ learning_service_url }}/v1/org/read' + request_path: "{{ org_service_prefix }}/v1/read" + upstream_url: "{{ learning_service_url }}/v1/org/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchOrg - request_path: '{{ org_service_prefix }}/v1/search' - upstream_url: '{{ learning_service_url }}/v1/org/search' + request_path: "{{ org_service_prefix }}/v1/search" + upstream_url: "{{ learning_service_url }}/v1/org/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: addMember - request_path: '{{ org_service_prefix }}/v1/member/add' - upstream_url: '{{ learning_service_url }}/v1/org/member/add' + request_path: "{{ org_service_prefix }}/v1/member/add" + upstream_url: "{{ learning_service_url }}/v1/org/member/add" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: removeMember - request_path: '{{ org_service_prefix }}/v1/member/remove' - upstream_url: '{{ learning_service_url }}/v1/org/member/remove' + request_path: "{{ org_service_prefix }}/v1/member/remove" + upstream_url: "{{ learning_service_url }}/v1/org/member/remove" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: suspendMember - request_path: '{{ org_service_prefix }}/v1/member/suspend' - upstream_url: '{{ learning_service_url }}/v1/org/member/suspend' + request_path: "{{ org_service_prefix }}/v1/member/suspend" + upstream_url: "{{ learning_service_url }}/v1/org/member/suspend" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateMembership - request_path: '{{ org_service_prefix }}/v1/member/update' - upstream_url: '{{ learning_service_url }}/v1/org/member/update' + request_path: "{{ org_service_prefix }}/v1/member/update" + upstream_url: "{{ learning_service_url }}/v1/org/member/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: echo - request_path: '{{ echo_service_prefix }}' - upstream_url: '{{ echo_service_url }}' + request_path: "{{ echo_service_prefix }}" + upstream_url: "{{ echo_service_url }}" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: echoUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createPageSection - request_path: '{{ data_service_prefix }}/v1/page/section/create' - upstream_url: '{{ learning_service_url }}/v1/page/section/create' + request_path: "{{ data_service_prefix }}/v1/page/section/create" + upstream_url: "{{ learning_service_url }}/v1/page/section/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updatePageSection - request_path: '{{ data_service_prefix }}/v1/page/section/update' - upstream_url: '{{ learning_service_url }}/v1/page/section/update' + request_path: "{{ data_service_prefix }}/v1/page/section/update" + upstream_url: "{{ learning_service_url }}/v1/page/section/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listPageSections - request_path: '{{ data_service_prefix }}/v1/page/section/list' - upstream_url: '{{ learning_service_url }}/v1/page/section/list' + request_path: "{{ data_service_prefix }}/v1/page/section/list" + upstream_url: "{{ learning_service_url }}/v1/page/section/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readPageSection - request_path: '{{ data_service_prefix }}/v1/page/section/read' - upstream_url: '{{ learning_service_url }}/v1/page/section/read' + request_path: "{{ data_service_prefix }}/v1/page/section/read" + upstream_url: "{{ learning_service_url }}/v1/page/section/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readRoleMapping - request_path: '{{ data_service_prefix }}/v1/role/read' - upstream_url: '{{ learning_service_url }}/v1/role/read' + request_path: "{{ data_service_prefix }}/v1/role/read" + upstream_url: "{{ learning_service_url }}/v1/role/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateAssessment - request_path: '{{ course_service_prefix }}/v1/assessment/update' - upstream_url: '{{ learning_service_url }}/v1/assessment/update' + request_path: "{{ course_service_prefix }}/v1/assessment/update" + upstream_url: "{{ learning_service_url }}/v1/assessment/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readAssessmentResult - request_path: '{{ course_service_prefix }}/v1/assessment/result/read' - upstream_url: '{{ learning_service_url }}/v1/assessment/result/read' + request_path: "{{ course_service_prefix }}/v1/assessment/result/read" + upstream_url: "{{ learning_service_url }}/v1/assessment/result/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: approveOrg - request_path: '{{ org_service_prefix }}/v1/approve' - upstream_url: '{{ learning_service_url }}/v1/org/approve ' + request_path: "{{ org_service_prefix }}/v1/approve" + upstream_url: "{{ learning_service_url }}/v1/org/approve " strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateOrgStatus - request_path: '{{ org_service_prefix }}/v1/status/update' - upstream_url: '{{ learning_service_url }}/v1/org/status/update' + request_path: "{{ org_service_prefix }}/v1/status/update" + upstream_url: "{{ learning_service_url }}/v1/org/status/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readUserProfile - request_path: '{{ user_service_prefix }}/v1/profile/read' - upstream_url: '{{ learning_service_url }}/v1/user/getuser' + request_path: "{{ user_service_prefix }}/v1/profile/read" + upstream_url: "{{ learning_service_url }}/v1/user/getuser" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: registerMobileApp - request_path: '{{ api_manager_perfix }}/v1/consumer/mobile_app/credential/register' - upstream_url: '{{ am_util_url }}/v1/consumer/mobile_app/credential/register' + request_path: "{{ api_manager_perfix }}/v1/consumer/mobile_app/credential/register" + upstream_url: "{{ am_util_url }}/v1/consumer/mobile_app/credential/register" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: mobileAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: registerMobileDevice - request_path: '{{ api_manager_perfix }}/v1/consumer/mobile_device/credential/register' - upstream_url: '{{ am_util_url }}/v1/consumer/mobile_device/credential/register' + request_path: "{{ api_manager_perfix }}/v1/consumer/mobile_device/credential/register" + upstream_url: "{{ am_util_url }}/v1/consumer/mobile_device/credential/register" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: mobileApp - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: joinOrg - request_path: '{{ org_service_prefix }}/v1/member/join' - upstream_url: '{{ learning_service_url }}/v1/org/member/join' + request_path: "{{ org_service_prefix }}/v1/member/join" + upstream_url: "{{ learning_service_url }}/v1/org/member/join" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: approveOrgRequest - request_path: '{{ org_service_prefix }}/v1/member/approve' - upstream_url: '{{ learning_service_url }}/v1/org/member/approve' + request_path: "{{ org_service_prefix }}/v1/member/approve" + upstream_url: "{{ learning_service_url }}/v1/org/member/approve" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: rejectOrgRequest - request_path: '{{ org_service_prefix }}/v1/member/reject' - upstream_url: '{{ learning_service_url }}/v1/org/member/reject' + request_path: "{{ org_service_prefix }}/v1/member/reject" + upstream_url: "{{ learning_service_url }}/v1/org/member/reject" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: compositeSearch - request_path: '{{ composite_service_prefix }}/v1/search' - upstream_url: '{{ content_service_url }}/v1/search' + request_path: "{{ composite_service_prefix }}/v1/search" + upstream_url: "{{ content_service_url }}/v1/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listTerms - request_path: '{{ meta_service_prefix }}/v1/terms/list' - upstream_url: '{{ content_service_url }}/v1/terms/list' + request_path: "{{ meta_service_prefix }}/v1/terms/list" + upstream_url: "{{ content_service_url }}/v1/terms/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: configUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listResourceBundles - request_path: '{{ meta_service_prefix }}/v1/resourcebundles/list' - upstream_url: '{{ content_service_url }}/v1/resourcebundles/list' + request_path: "{{ meta_service_prefix }}/v1/resourcebundles/list" + upstream_url: "{{ content_service_url }}/v1/resourcebundles/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: configUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listOrdinals - request_path: '{{ meta_service_prefix }}/v1/ordinals/list' - upstream_url: '{{ content_service_url }}/v1/ordinals/list' + request_path: "{{ meta_service_prefix }}/v1/ordinals/list" + upstream_url: "{{ content_service_url }}/v1/ordinals/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: configUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: telemetry - request_path: '{{ data_service_prefix }}/v1/telemetry' - upstream_url: '{{ content_service_url }}/v1/telemetry' + request_path: "{{ data_service_prefix }}/v1/telemetry" + upstream_url: "{{ content_service_url }}/v1/telemetry" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: flagContent - request_path: '{{ content_service_prefix }}/v1/flag' - upstream_url: '{{ content_service_url }}/v1/content/flag' + request_path: "{{ content_service_prefix }}/v1/flag" + upstream_url: "{{ content_service_url }}/v1/content/flag" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: acceptContentFlag - request_path: '{{ content_service_prefix }}/v1/flag/accept' - upstream_url: '{{ content_service_url }}/v1/content/flag/accept' + request_path: "{{ content_service_prefix }}/v1/flag/accept" + upstream_url: "{{ content_service_url }}/v1/content/flag/accept" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: rejectContentFlag - request_path: '{{ content_service_prefix }}/v1/flag/reject' - upstream_url: '{{ content_service_url }}/v1/content/flag/reject' + request_path: "{{ content_service_prefix }}/v1/flag/reject" + upstream_url: "{{ content_service_url }}/v1/content/flag/reject" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getOrgCreationDashboard - request_path: '{{ dashboard_service_prefix }}/v1/creation/org' - upstream_url: '{{ learning_service_url }}/v1/dashboard/creation/org' + request_path: "{{ dashboard_service_prefix }}/v1/creation/org" + upstream_url: "{{ learning_service_url }}/v1/dashboard/creation/org" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getOrgConsumptionDashboard - request_path: '{{ dashboard_service_prefix }}/v1/consumption/org' - upstream_url: '{{ learning_service_url }}/v1/dashboard/consumption/org' + request_path: "{{ dashboard_service_prefix }}/v1/consumption/org" + upstream_url: "{{ learning_service_url }}/v1/dashboard/consumption/org" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getCourseProgressDashboard - request_path: '{{ dashboard_service_prefix }}/v1/progress/course' - upstream_url: '{{ learning_service_url }}/v1/dashboard/progress/course' + request_path: "{{ dashboard_service_prefix }}/v1/progress/course" + upstream_url: "{{ learning_service_url }}/v1/dashboard/progress/course" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getCourseConsumptionDashboard - request_path: '{{ dashboard_service_prefix }}/v1/consumption/course' - upstream_url: '{{ learning_service_url }}/v1/dashboard/consumption/course' + request_path: "{{ dashboard_service_prefix }}/v1/consumption/course" + upstream_url: "{{ learning_service_url }}/v1/dashboard/consumption/course" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getUserCreationDashboard - request_path: '{{ dashboard_service_prefix }}/v1/creation/user' - upstream_url: '{{ learning_service_url }}/v1/dashboard/creation/user' + request_path: "{{ dashboard_service_prefix }}/v1/creation/user" + upstream_url: "{{ learning_service_url }}/v1/dashboard/creation/user" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getUserConsumptionDasbhoard - request_path: '{{ dashboard_service_prefix }}/v1/consumption/user' - upstream_url: '{{ learning_service_url }}/v1/dashboard/consumption/user' + request_path: "{{ dashboard_service_prefix }}/v1/consumption/user" + upstream_url: "{{ learning_service_url }}/v1/dashboard/consumption/user" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: userBulkUpload - request_path: '{{ user_service_prefix }}/v1/upload' - upstream_url: '{{ learning_service_url }}/v1/user/upload' + request_path: "{{ user_service_prefix }}/v1/upload" + upstream_url: "{{ learning_service_url }}/v1/user/upload" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: orgBulkUpload - request_path: '{{ org_service_prefix }}/v1/upload' - upstream_url: '{{ learning_service_url }}/v1/org/upload' + request_path: "{{ org_service_prefix }}/v1/upload" + upstream_url: "{{ learning_service_url }}/v1/org/upload" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: checkUploadJobStatus - request_path: '{{ data_service_prefix }}/v1/upload/status' - upstream_url: '{{ learning_service_url }}/v1/upload/status' + request_path: "{{ data_service_prefix }}/v1/upload/status" + upstream_url: "{{ learning_service_url }}/v1/upload/status" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createBatch - request_path: '{{ course_service_prefix }}/v1/batch/create' - upstream_url: '{{ learning_service_url }}/v1/course/batch/create' + request_path: "{{ course_service_prefix }}/v1/batch/create" + upstream_url: "{{ learning_service_url }}/v1/course/batch/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateBatch - request_path: '{{ course_service_prefix }}/v1/batch/update' - upstream_url: '{{ learning_service_url }}/v1/course/batch/update' + request_path: "{{ course_service_prefix }}/v1/batch/update" + upstream_url: "{{ learning_service_url }}/v1/course/batch/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: addUserToBatch - request_path: '{{ course_service_prefix }}/v1/batch/user/add' - upstream_url: '{{ learning_service_url }}/v1/course/batch/users/add' + request_path: "{{ course_service_prefix }}/v1/batch/user/add" + upstream_url: "{{ learning_service_url }}/v1/course/batch/users/add" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getBatch - request_path: '{{ course_service_prefix }}/v1/batch/read' - upstream_url: '{{ learning_service_url }}/v1/course/batch/read' + request_path: "{{ course_service_prefix }}/v1/batch/read" + upstream_url: "{{ learning_service_url }}/v1/course/batch/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: assignRole - request_path: '{{ org_service_prefix }}/v1/role/assign' - upstream_url: '{{ learning_service_url }}/v1/user/assign/role' + request_path: "{{ org_service_prefix }}/v1/role/assign" + upstream_url: "{{ learning_service_url }}/v1/user/assign/role" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: indexSync - request_path: '{{ data_service_prefix }}/v1/index/sync' - upstream_url: '{{ learning_service_url }}/v1/data/sync' + request_path: "{{ data_service_prefix }}/v1/index/sync" + upstream_url: "{{ learning_service_url }}/v1/data/sync" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: blockUser - request_path: '{{ user_service_prefix }}/v1/block' - upstream_url: '{{ learning_service_url }}/v1/user/block' + request_path: "{{ user_service_prefix }}/v1/block" + upstream_url: "{{ learning_service_url }}/v1/user/block" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: unblockUser - request_path: '{{ user_service_prefix }}/v1/unblock' - upstream_url: '{{ learning_service_url }}/v1/user/unblock' + request_path: "{{ user_service_prefix }}/v1/unblock" + upstream_url: "{{ learning_service_url }}/v1/user/unblock" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: uploadMedia - request_path: '{{ content_service_prefix }}/v1/media/upload' - upstream_url: '{{ learning_service_url }}/v1/file/upload' + request_path: "{{ content_service_prefix }}/v1/media/upload" + upstream_url: "{{ learning_service_url }}/v1/file/upload" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: listCourseBatches - request_path: '{{ course_service_prefix }}/v1/batch/list' - upstream_url: '{{ learning_service_url }}/v1/course/batch/search' + request_path: "{{ course_service_prefix }}/v1/batch/list" + upstream_url: "{{ learning_service_url }}/v1/course/batch/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: courseUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: batchBulkEnrolment - request_path: '{{ course_service_prefix }}/v1/batch/bulk/enrollment' - upstream_url: '{{ learning_service_url }}/v1/batch/bulk/enrollment' + request_path: "{{ course_service_prefix }}/v1/batch/bulk/enrollment" + upstream_url: "{{ learning_service_url }}/v1/batch/bulk/enrollment" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getTenantInfo - request_path: '{{ org_service_prefix }}/v1/tenant/info' - upstream_url: '{{ player_service_url }}/v1/tenant/info' + request_path: "{{ org_service_prefix }}/v1/tenant/info" + upstream_url: "{{ player_service_url }}/v1/tenant/info" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getContentUploadUrl - request_path: '{{ content_service_prefix }}/v1/upload/url/read' - upstream_url: '{{ content_service_url }}/v1/content/upload/url' + request_path: "{{ content_service_prefix }}/v1/upload/url/read" + upstream_url: "{{ content_service_url }}/v1/content/upload/url" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: rejectContent - request_path: '{{ content_service_prefix }}/v1/reject' - upstream_url: '{{ content_service_url }}/v1/content/reject' + request_path: "{{ content_service_prefix }}/v1/reject" + upstream_url: "{{ content_service_url }}/v1/content/reject" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: contentAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: deleteNote - request_path: '{{ notes_service_prefix }}/v1/delete' - upstream_url: '{{ learning_service_url }}/v1/note/delete' + request_path: "{{ notes_service_prefix }}/v1/delete" + upstream_url: "{{ learning_service_url }}/v1/note/delete" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: noteAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: sendEmailNotification - request_path: '{{ user_service_prefix }}/v1/notification/email' - upstream_url: '{{ learning_service_url }}/v1/notification/email' + request_path: "{{ user_service_prefix }}/v1/notification/email" + upstream_url: "{{ learning_service_url }}/v1/notification/email" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: listAllBadges - request_path: '{{ org_service_prefix }}/v1/badges/list' - upstream_url: '{{ learning_service_url }}/v1/badges/list' + request_path: "{{ org_service_prefix }}/v1/badges/list" + upstream_url: "{{ learning_service_url }}/v1/badges/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: addBadgeToUser - request_path: '{{ user_service_prefix }}/v1/badges/add' - upstream_url: '{{ learning_service_url }}/v1/user/badges/add' + request_path: "{{ user_service_prefix }}/v1/badges/add" + upstream_url: "{{ learning_service_url }}/v1/user/badges/add" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: listOrgTypes - request_path: '{{ org_service_prefix }}/v1/type/list' - upstream_url: '{{ learning_service_url }}/v1/org/type/list' + request_path: "{{ org_service_prefix }}/v1/type/list" + upstream_url: "{{ learning_service_url }}/v1/org/type/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: createOrgType - request_path: '{{ org_service_prefix }}/v1/type/create' - upstream_url: '{{ learning_service_url }}/v1/org/type/create' + request_path: "{{ org_service_prefix }}/v1/type/create" + upstream_url: "{{ learning_service_url }}/v1/org/type/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: updateOrgType - request_path: '{{ org_service_prefix }}/v1/type/update' - upstream_url: '{{ learning_service_url }}/v1/org/type/update' + request_path: "{{ org_service_prefix }}/v1/type/update" + upstream_url: "{{ learning_service_url }}/v1/org/type/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: updateUserloginTime - request_path: '{{ user_service_prefix }}/v1/update/logintime' - upstream_url: '{{ learning_service_url }}/v1/user/update/logintime' + request_path: "{{ user_service_prefix }}/v1/update/logintime" + upstream_url: "{{ learning_service_url }}/v1/user/update/logintime" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: userAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: getMediaTypes - request_path: '{{ user_service_prefix }}/v1/mediatype/list' - upstream_url: '{{ learning_service_url }}/v1/user/mediatype/list' + request_path: "{{ user_service_prefix }}/v1/mediatype/list" + upstream_url: "{{ learning_service_url }}/v1/user/mediatype/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: DecryptData - request_path: '{{ data_service_prefix }}/v1/user/decrypt' - upstream_url: '{{ learning_service_url }}/v1/user/data/decrypt' + request_path: "{{ data_service_prefix }}/v1/user/decrypt" + upstream_url: "{{ learning_service_url }}/v1/user/data/decrypt" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: encryptData - request_path: '{{ data_service_prefix }}/v1/user/encrypt' - upstream_url: '{{ learning_service_url }}/v1/user/data/encrypt' + request_path: "{{ data_service_prefix }}/v1/user/encrypt" + upstream_url: "{{ learning_service_url }}/v1/user/data/encrypt" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: searchAuditHistory - request_path: '{{ data_service_prefix }}/v1/audit/history' - upstream_url: '{{ learning_service_url }}/v1/audit/history' + request_path: "{{ data_service_prefix }}/v1/audit/history" + upstream_url: "{{ learning_service_url }}/v1/audit/history" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: appAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: forgotpassword - request_path: '{{ user_service_prefix }}/v1/forgotpassword' - upstream_url: '{{ learning_service_url }}/v1/user/forgotpassword' + request_path: "{{ user_service_prefix }}/v1/forgotpassword" + upstream_url: "{{ learning_service_url }}/v1/user/forgotpassword" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: userLogin - request_path: '{{ user_service_prefix }}/v1/login' - upstream_url: '{{ learning_service_url }}/v1/user/login' + request_path: "{{ user_service_prefix }}/v1/login" + upstream_url: "{{ learning_service_url }}/v1/user/login" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: changePassword - request_path: '{{ user_service_prefix }}/v1/changepassword' - upstream_url: '{{ learning_service_url }}/v1/user/changepassword' + request_path: "{{ user_service_prefix }}/v1/changepassword" + upstream_url: "{{ learning_service_url }}/v1/user/changepassword" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: Logout - request_path: '{{ user_service_prefix }}/v1/logout' - upstream_url: '{{ learning_service_url }}/v1/user/logout' + request_path: "{{ user_service_prefix }}/v1/logout" + upstream_url: "{{ learning_service_url }}/v1/user/logout" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: addUserSkill - request_path: '{{ user_service_prefix }}/v1/skill/add' - upstream_url: '{{ learning_service_url }}/v1/user/skill/add' + request_path: "{{ user_service_prefix }}/v1/skill/add" + upstream_url: "{{ learning_service_url }}/v1/user/skill/add" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: getUserSkill - request_path: '{{ user_service_prefix }}/v1/skill/read' - upstream_url: '{{ learning_service_url }}/v1/user/skill/read' + request_path: "{{ user_service_prefix }}/v1/skill/read" + upstream_url: "{{ learning_service_url }}/v1/user/skill/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: getSkills - request_path: '{{ data_service_prefix }}/v1/skills' - upstream_url: '{{ learning_service_url }}/v1/skills' + request_path: "{{ data_service_prefix }}/v1/skills" + upstream_url: "{{ learning_service_url }}/v1/skills" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: getAllData - request_path: '{{ data_service_prefix }}/v1/object/read/list' - upstream_url: '{{ learning_service_url }}/v1/object/read/list' + request_path: "{{ data_service_prefix }}/v1/object/read/list" + upstream_url: "{{ learning_service_url }}/v1/object/read/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: getData - request_path: '{{ data_service_prefix }}/v1/object/read' - upstream_url: '{{ learning_service_url }}/v1/object/read' + request_path: "{{ data_service_prefix }}/v1/object/read" + upstream_url: "{{ learning_service_url }}/v1/object/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: createData - request_path: '{{ data_service_prefix }}/v1/object/create' - upstream_url: '{{ learning_service_url }}/v1/object/create' + request_path: "{{ data_service_prefix }}/v1/object/create" + upstream_url: "{{ learning_service_url }}/v1/object/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ large_request_size_limit }}' + config.allowed_payload_size: "{{ large_request_size_limit }}" - name: updateData - request_path: '{{ data_service_prefix }}/v1/object/update' - upstream_url: '{{ learning_service_url }}/v1/object/update' + request_path: "{{ data_service_prefix }}/v1/object/update" + upstream_url: "{{ learning_service_url }}/v1/object/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: deleteData - request_path: '{{ data_service_prefix }}/v1/object/delete' - upstream_url: '{{ learning_service_url }}/v1/object/delete' + request_path: "{{ data_service_prefix }}/v1/object/delete" + upstream_url: "{{ learning_service_url }}/v1/object/delete" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: searchData - request_path: '{{ data_service_prefix }}/v1/object/search' - upstream_url: '{{ learning_service_url }}/v1/object/search' + request_path: "{{ data_service_prefix }}/v1/object/search" + upstream_url: "{{ learning_service_url }}/v1/object/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ large_rate_limit_per_hour }}' + config.hour: "{{ large_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ medium_request_size_limit }}' + config.allowed_payload_size: "{{ medium_request_size_limit }}" - name: getAnnouncementDefinitions - request_path: '{{announcement_service_prefix}}/v1/definitions' - upstream_url: '{{ player_service_url }}/announcement/v1/definitions' + request_path: "{{announcement_service_prefix}}/v1/definitions" + upstream_url: "{{ player_service_url }}/announcement/v1/definitions" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createAnnouncement - request_path: '{{announcement_service_prefix}}/v1/create' - upstream_url: '{{ player_service_url }}/announcement/v1/create' + request_path: "{{announcement_service_prefix}}/v1/create" + upstream_url: "{{ player_service_url }}/announcement/v1/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: cancelAnnouncement - request_path: '{{announcement_service_prefix}}/v1/cancel' - upstream_url: '{{ player_service_url }}/announcement/v1/cancel' + request_path: "{{announcement_service_prefix}}/v1/cancel" + upstream_url: "{{ player_service_url }}/announcement/v1/cancel" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getAnnouncementInbox - request_path: '{{announcement_service_prefix}}/v1/user/inbox' - upstream_url: '{{ player_service_url }}/announcement/v1/user/inbox' + request_path: "{{announcement_service_prefix}}/v1/user/inbox" + upstream_url: "{{ player_service_url }}/announcement/v1/user/inbox" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getAnnouncementOutbox - request_path: '{{announcement_service_prefix}}/v1/user/outbox' - upstream_url: '{{ player_service_url }}/announcement/v1/user/outbox' + request_path: "{{announcement_service_prefix}}/v1/user/outbox" + upstream_url: "{{ player_service_url }}/announcement/v1/user/outbox" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getAnnouncement - request_path: '{{announcement_service_prefix}}/v1/get' - upstream_url: '{{ player_service_url }}/announcement/v1/get' + request_path: "{{announcement_service_prefix}}/v1/get" + upstream_url: "{{ player_service_url }}/announcement/v1/get" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: registerClient - request_path: '{{ data_service_prefix }}/v1/client/register' - upstream_url: '{{ learning_service_url }}/v1/client/register' + request_path: "{{ data_service_prefix }}/v1/client/register" + upstream_url: "{{ learning_service_url }}/v1/client/register" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateClientKey - request_path: '{{ data_service_prefix }}/v1/client/key/update' - upstream_url: '{{ learning_service_url }}/v1/client/key/update' + request_path: "{{ data_service_prefix }}/v1/client/key/update" + upstream_url: "{{ learning_service_url }}/v1/client/key/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getClientKey - request_path: '{{ data_service_prefix }}/v1/client/key/read' - upstream_url: '{{ learning_service_url }}/v1/client/key/read' + request_path: "{{ data_service_prefix }}/v1/client/key/read" + upstream_url: "{{ learning_service_url }}/v1/client/key/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getTenantPreference - request_path: '{{ org_service_prefix }}/v1/tc/read' - upstream_url: '{{ learning_service_url }}/v1/org/tc/read' + request_path: "{{ org_service_prefix }}/v1/tc/read" + upstream_url: "{{ learning_service_url }}/v1/org/tc/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createTenantPreference - request_path: '{{ org_service_prefix }}/v1/tc/create' - upstream_url: '{{ learning_service_url }}/v1/org/tc/create' + request_path: "{{ org_service_prefix }}/v1/tc/create" + upstream_url: "{{ learning_service_url }}/v1/org/tc/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateTenantPreference - request_path: '{{ org_service_prefix }}/v1/tc/update' - upstream_url: '{{ learning_service_url }}/v1/org/tc/update' + request_path: "{{ org_service_prefix }}/v1/tc/update" + upstream_url: "{{ learning_service_url }}/v1/org/tc/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateUserTcStatus - request_path: '{{ user_service_prefix }}/v1/tc/update' - upstream_url: '{{ learning_service_url }}/v1/user/tc/update' + request_path: "{{ user_service_prefix }}/v1/tc/update" + upstream_url: "{{ learning_service_url }}/v1/user/tc/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createLocation - request_path: '{{ org_service_prefix }}/v1/location/create' - upstream_url: '{{ learning_service_url }}/v1/location/create' + request_path: "{{ org_service_prefix }}/v1/location/create" + upstream_url: "{{ learning_service_url }}/v1/location/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getLocation - request_path: '{{ org_service_prefix }}/v1/location/read' - upstream_url: '{{ learning_service_url }}/v1/location/read' + request_path: "{{ org_service_prefix }}/v1/location/read" + upstream_url: "{{ learning_service_url }}/v1/location/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: deleteLocation - request_path: '{{ org_service_prefix }}/v1/location/delete' - upstream_url: '{{ learning_service_url }}/v1/location/delete' + request_path: "{{ org_service_prefix }}/v1/location/delete" + upstream_url: "{{ learning_service_url }}/v1/location/delete" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateLocation - request_path: '{{ org_service_prefix }}/v1/location/update' - upstream_url: '{{ learning_service_url }}/v1/location/update' + request_path: "{{ org_service_prefix }}/v1/location/update" + upstream_url: "{{ learning_service_url }}/v1/location/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: orgAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: profileVisibility - request_path: '{{ user_service_prefix }}/v1/profile/visibility' - upstream_url: '{{ learning_service_url }}/v1/user/profile/visibility' + request_path: "{{ user_service_prefix }}/v1/profile/visibility" + upstream_url: "{{ learning_service_url }}/v1/user/profile/visibility" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: sendNotification - request_path: '{{ data_service_prefix }}/v1/notification/send' - upstream_url: '{{ learning_service_url }}/v1/notification/send' + request_path: "{{ data_service_prefix }}/v1/notification/send" + upstream_url: "{{ learning_service_url }}/v1/notification/send" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: announcementResend - request_path: '{{ announcement_service_prefix }}/v1/resend' - upstream_url: '{{ player_service_url }}/announcement/v1/resend' + request_path: "{{ announcement_service_prefix }}/v1/resend" + upstream_url: "{{ player_service_url }}/announcement/v1/resend" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: announcementReceived - request_path: '{{ announcement_service_prefix }}/v1/received' - upstream_url: '{{ player_service_url }}/announcement/v1/received' + request_path: "{{ announcement_service_prefix }}/v1/received" + upstream_url: "{{ player_service_url }}/announcement/v1/received" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: announcementRead - request_path: '{{ announcement_service_prefix }}/v1/read' - upstream_url: '{{ player_service_url }}/announcement/v1/read' + request_path: "{{ announcement_service_prefix }}/v1/read" + upstream_url: "{{ player_service_url }}/announcement/v1/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: publicUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: metricsSearchData - request_path: '{{ data_service_prefix }}/v1/object/metrics' - upstream_url: '{{ learning_service_url }}/v1/object/metrics' + request_path: "{{ data_service_prefix }}/v1/object/metrics" + upstream_url: "{{ learning_service_url }}/v1/object/metrics" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateSystemSettings - request_path: '{{ data_service_prefix }}/v1/system/settings' - upstream_url: '{{ learning_service_url }}/v1/system/settings' + request_path: "{{ data_service_prefix }}/v1/system/settings" + upstream_url: "{{ learning_service_url }}/v1/system/settings" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: getAudienceCount - request_path: '{{ data_service_prefix }}/v1/notification/audience' - upstream_url: '{{ learning_service_url }}/v1/notification/audience' + request_path: "{{ data_service_prefix }}/v1/notification/audience" + upstream_url: "{{ learning_service_url }}/v1/notification/audience" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dataAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: generateDialcodes - request_path: '{{ dialcode_service_prefix }}/v1/generate' - upstream_url: '{{ content_service_url }}/v1/dialcode/generate' + request_path: "{{ dialcode_service_prefix }}/v1/generate" + upstream_url: "{{ content_service_url }}/v1/dialcode/generate" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readDialcode - request_path: '{{ dialcode_service_prefix }}/v1/read' - upstream_url: '{{ content_service_url }}/v1/dialcode/read' + request_path: "{{ dialcode_service_prefix }}/v1/read" + upstream_url: "{{ content_service_url }}/v1/dialcode/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateDialcode - request_path: '{{ dialcode_service_prefix }}/v1/update' - upstream_url: '{{ content_service_url }}/v1/dialcode/update' + request_path: "{{ dialcode_service_prefix }}/v1/update" + upstream_url: "{{ content_service_url }}/v1/dialcode/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listDialcodes - request_path: '{{ dialcode_service_prefix }}/v1/list' - upstream_url: '{{ content_service_url }}/v1/dialcode/list' + request_path: "{{ dialcode_service_prefix }}/v1/list" + upstream_url: "{{ content_service_url }}/v1/dialcode/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: publishDialcode - request_path: '{{ dialcode_service_prefix }}/v1/publish' - upstream_url: '{{ content_service_url }}/v1/dialcode/publish' + request_path: "{{ dialcode_service_prefix }}/v1/publish" + upstream_url: "{{ content_service_url }}/v1/dialcode/publish" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchDialcodes - request_path: '{{ dialcode_service_prefix }}/v1/search' - upstream_url: '{{ content_service_url }}/v1/dialcode/search' + request_path: "{{ dialcode_service_prefix }}/v1/search" + upstream_url: "{{ content_service_url }}/v1/dialcode/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: qrCodeBatchProcessStatus - request_path: '{{ dialcode_service_prefix }}/v1/process/status' - upstream_url: '{{ content_service_url }}/v1/dialcode/process/status' + request_path: "{{ dialcode_service_prefix }}/v1/process/status" + upstream_url: "{{ content_service_url }}/v1/dialcode/process/status" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createPublisher - request_path: '{{ dialcode_service_prefix }}/v1/publisher/create' - upstream_url: '{{ content_service_url }}/v1/dialcode/publisher/create' + request_path: "{{ dialcode_service_prefix }}/v1/publisher/create" + upstream_url: "{{ content_service_url }}/v1/dialcode/publisher/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updatePublisher - request_path: '{{ dialcode_service_prefix }}/v1/publisher/update' - upstream_url: '{{ content_service_url }}/v1/dialcode/publisher/update' + request_path: "{{ dialcode_service_prefix }}/v1/publisher/update" + upstream_url: "{{ content_service_url }}/v1/dialcode/publisher/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readPublisher - request_path: '{{ dialcode_service_prefix }}/v1/publisher/read' - upstream_url: '{{ content_service_url }}/v1/dialcode/publisher/read' + request_path: "{{ dialcode_service_prefix }}/v1/publisher/read" + upstream_url: "{{ content_service_url }}/v1/dialcode/publisher/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: linkDialcodeContent - request_path: '{{ dialcode_service_prefix }}/v1/content/link' - upstream_url: '{{ content_service_url }}/v1/dialcode/content/link' + request_path: "{{ dialcode_service_prefix }}/v1/content/link" + upstream_url: "{{ content_service_url }}/v1/dialcode/content/link" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: dialcodeAdmin - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readChannel - request_path: '{{ channel_service_prefix }}/v1/read' - upstream_url: '{{ content_service_url }}/v1/channel/read' + request_path: "{{ channel_service_prefix }}/v1/read" + upstream_url: "{{ content_service_url }}/v1/channel/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listChannel - request_path: '{{ channel_service_prefix }}/v1/list' - upstream_url: '{{ content_service_url }}/v1/channel/list' + request_path: "{{ channel_service_prefix }}/v1/list" + upstream_url: "{{ content_service_url }}/v1/channel/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchChannel - request_path: '{{ channel_service_prefix }}/v1/search' - upstream_url: '{{ content_service_url }}v1/channel/search' + request_path: "{{ channel_service_prefix }}/v1/search" + upstream_url: "{{ content_service_url }}v1/channel/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createChannel - request_path: '{{ channel_service_prefix }}/v1/create' - upstream_url: '{{ content_service_url }}/v1/channel/create' + request_path: "{{ channel_service_prefix }}/v1/create" + upstream_url: "{{ content_service_url }}/v1/channel/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateChannel - request_path: '{{ channel_service_prefix }}/v1/update' - upstream_url: '{{ content_service_url }}/v1/channel/update' + request_path: "{{ channel_service_prefix }}/v1/update" + upstream_url: "{{ content_service_url }}/v1/channel/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readFramework - request_path: '{{ framework_service_prefix }}/v1/read' - upstream_url: '{{ content_service_url }}/v1/framework/read' + request_path: "{{ framework_service_prefix }}/v1/read" + upstream_url: "{{ content_service_url }}/v1/framework/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: listFramework - request_path: '{{ framework_service_prefix }}/v1/list' - upstream_url: '{{ content_service_url }}/v1/framework/list' + request_path: "{{ framework_service_prefix }}/v1/list" + upstream_url: "{{ content_service_url }}/v1/framework/list" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createFramework - request_path: '{{ framework_service_prefix }}/v1/create' - upstream_url: '{{ content_service_url }}/v1/framework/create' + request_path: "{{ framework_service_prefix }}/v1/create" + upstream_url: "{{ content_service_url }}/v1/framework/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateFramework - request_path: '{{ framework_service_prefix }}/v1/update' - upstream_url: '{{ content_service_url }}/v1/framework/update' + request_path: "{{ framework_service_prefix }}/v1/update" + upstream_url: "{{ content_service_url }}/v1/framework/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: copyFramework - request_path: '{{ framework_service_prefix }}/v1/copy' - upstream_url: '{{ content_service_url }}/v1/framework/copy' + request_path: "{{ framework_service_prefix }}/v1/copy" + upstream_url: "{{ content_service_url }}/v1/framework/copy" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readFrameworkTerm - request_path: '{{ framework_service_prefix }}/v1/term/read' - upstream_url: '{{ content_service_url }}/v1/framework/term/read' + request_path: "{{ framework_service_prefix }}/v1/term/read" + upstream_url: "{{ content_service_url }}/v1/framework/term/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchFrameworkTerm - request_path: '{{ framework_service_prefix }}/v1/term/search' - upstream_url: '{{ content_service_url }}/v1/framework/term/search' + request_path: "{{ framework_service_prefix }}/v1/term/search" + upstream_url: "{{ content_service_url }}/v1/framework/term/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createFrameworkTerm - request_path: '{{ framework_service_prefix }}/v1/term/create' - upstream_url: '{{ content_service_url }}/v1/framework/term/create' + request_path: "{{ framework_service_prefix }}/v1/term/create" + upstream_url: "{{ content_service_url }}/v1/framework/term/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateFrameworkTerm - request_path: '{{ framework_service_prefix }}/v1/term/update' - upstream_url: '{{ content_service_url }}/v1/framework/term/update' + request_path: "{{ framework_service_prefix }}/v1/term/update" + upstream_url: "{{ content_service_url }}/v1/framework/term/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: readFrameworkCategory - request_path: '{{ framework_service_prefix }}/v1/category/read' - upstream_url: '{{ content_service_url }}/v1/framework/category/read' + request_path: "{{ framework_service_prefix }}/v1/category/read" + upstream_url: "{{ content_service_url }}/v1/framework/category/read" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: searchFrameworkCategory - request_path: '{{ framework_service_prefix }}/v1/category/search' - upstream_url: '{{ content_service_url }}/v1/framework/category/search' + request_path: "{{ framework_service_prefix }}/v1/category/search" + upstream_url: "{{ content_service_url }}/v1/framework/category/search" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: createFrameworkCategory - request_path: '{{ framework_service_prefix }}/v1/category/create' - upstream_url: '{{ content_service_url }}/v1/framework/category/create' + request_path: "{{ framework_service_prefix }}/v1/category/create" + upstream_url: "{{ content_service_url }}/v1/framework/category/create" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" - name: updateFrameworkCategory - request_path: '{{ framework_service_prefix }}/v1/category/update' - upstream_url: '{{ content_service_url }}/v1/framework/category/update' + request_path: "{{ framework_service_prefix }}/v1/category/update" + upstream_url: "{{ content_service_url }}/v1/framework/category/update" strip_request_path: true plugins: - name: jwt - name: cors - - '{{ statsd_pulgin }}' + - "{{ statsd_pulgin }}" - name: acl config.whitelist: domainUser - name: rate-limiting - config.hour: '{{ medium_rate_limit_per_hour }}' + config.hour: "{{ medium_rate_limit_per_hour }}" config.limit_by: credential - name: request-size-limiting - config.allowed_payload_size: '{{ small_request_size_limit }}' + config.allowed_payload_size: "{{ small_request_size_limit }}" From 5bc60a1e4e571773001475190694f75a75c848b1 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 23:39:22 +0530 Subject: [PATCH 049/104] Issue #22 fix: syntax error --- ansible/inventories/sample/group_vars/sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index 73273f6770..6d22b77b51 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -33,7 +33,7 @@ cassandra_restore_dir: /home/deployer/ # APPLICATION CONFIGURATION kong_host: api-manager_kong # Private IP of the application server -keycloak_url: 'http://"{{ application_host }}":8080' #Internal url of keycloak. Example: http://:8080 +keycloak_url: "http://{{ application_host }}:8080" #Internal url of keycloak. Example: http://:8080 ## DB address application_postgres_host: "{{ database_host }}" #Private IP of Postgres server From a07232151b301d359fc5e63e5c8ed58f337d99b8 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 23:50:22 +0530 Subject: [PATCH 050/104] Issue #22 fix: syntax errors --- ansible/inventories/sample/group_vars/sample | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index 6d22b77b51..ea0d719590 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -1,5 +1,5 @@ # ENVIRONMENT CONFIGURATION -env: "{{environment}}" #Name of the environment, e.g. dev, staging or production. +env: "{{env}}" #Name of the environment, e.g. dev, staging or production. proxy_server_name: "{{dns_name}}" #Domain on which the portal will be accessed. e.g. staging.{implementation-name}.org proxy_site_key: "{{lookup('file',key_path)}}" #SSL certificate's site.key file path. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service proxy_site_crt: "{{lookup('file',cert_path)}}" #SSL certificate's site.crt file path. More details in this wiki: https://github.com/project-sunbird/sunbird-devops/wiki/Updating-SSL-certificates-in-Sunbird-Proxy-service @@ -32,7 +32,7 @@ cassandra_restore_dir: /home/deployer/ # APPLICATION CONFIGURATION -kong_host: api-manager_kong # Private IP of the application server +kong_host: "{{application_host}}" # Private IP of the application server keycloak_url: "http://{{ application_host }}:8080" #Internal url of keycloak. Example: http://:8080 ## DB address @@ -116,8 +116,8 @@ cassandra_repo_key: 'https://www.apache.org/dist/cassandra/KEYS' #API Manager kong_postgres_port: 5432 -kong_postgres_user: "api_manager_{{environment}}" -kong_postgres_database: "api_manager_{{environment}}" +kong_postgres_user: "api_manager" +kong_postgres_database: "api_manager" ## Logging details From 9624345c18805360d8be02a7dd57b30f5d61572b Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 27 Jan 2018 23:51:20 +0530 Subject: [PATCH 051/104] Issue #22 fix: removed templating for static files --- .../templates/cassandra.cql | 563 ------------------ .../templates/content_service.cql | 9 - .../templates/notes-dev.csv | 157 ----- .../templates/notes-staging.csv | 109 ---- .../templates/pageMgmt.csv | 6 - .../templates/pageSection.csv | 12 - 6 files changed, 856 deletions(-) delete mode 100644 ansible/roles/cassandra-cql-update/templates/cassandra.cql delete mode 100644 ansible/roles/cassandra-cql-update/templates/content_service.cql delete mode 100644 ansible/roles/cassandra-cql-update/templates/notes-dev.csv delete mode 100644 ansible/roles/cassandra-cql-update/templates/notes-staging.csv delete mode 100644 ansible/roles/cassandra-cql-update/templates/pageMgmt.csv delete mode 100644 ansible/roles/cassandra-cql-update/templates/pageSection.csv diff --git a/ansible/roles/cassandra-cql-update/templates/cassandra.cql b/ansible/roles/cassandra-cql-update/templates/cassandra.cql deleted file mode 100644 index 647ce251c0..0000000000 --- a/ansible/roles/cassandra-cql-update/templates/cassandra.cql +++ /dev/null @@ -1,563 +0,0 @@ - -CREATE KEYSPACE IF NOT EXISTS sunbird WITH replication = {'class':'SimpleStrategy','replication_factor':1}; - -//to change cluster name -//UPDATE system.local SET cluster_name = 'sunbird' where key='local'; -//ALTER USER cassandra WITH PASSWORD 'password'; -USE sunbird; - -/* -creation of id= one way hash of (userId##courseId) here courseId is identifier of course mgmt table -toc url we have to generate through json of content id from ekStep -here status is (default(0),inProgress(1),completed(2)) -progress is no of content completed -*/ -CREATE TABLE IF NOT EXISTS sunbird.course_enrollment(id text, courseId text, courseName text,userId text,enrolledDate text, -description text,tocUrl text,status int,active boolean,delta text,grade text,progress int,lastReadContentId text, -lastReadContentStatus int,addedBy text,courseLogoUrl text,dateTime timestamp,contentId text,PRIMARY KEY (id)); - -CREATE INDEX inx_ce_userId ON sunbird.course_enrollment (userId); -CREATE INDEX inx_ce_courseId ON sunbird.course_enrollment (courseId); -CREATE INDEX inx_ce_course_name ON sunbird.course_enrollment (courseName); -CREATE INDEX inx_ce_status ON sunbird.course_enrollment (status); - -/* -creation of id = one way hash of (userId##contentId##courseId##batchId) -status is (default(0),inProgress(1),completed(2)) -*/ -CREATE TABLE IF NOT EXISTS sunbird.content_consumption(id text, contentId text, courseId text, userId text,viewPosition text,viewCount int,lastAccessTime text, -contentVersion text,completedCount int,status int,result text,score text,grade text,lastUpdatedTime text,lastCompletedTime text,dateTime timestamp,PRIMARY KEY (id)); - -CREATE INDEX inx_cc_userId ON sunbird.content_consumption (userId); -CREATE INDEX inx_cc_contentId ON sunbird.content_consumption (contentId); -CREATE INDEX inx_cc_status ON sunbird.content_consumption (status); -CREATE INDEX inx_cc_courseId ON sunbird.content_consumption (courseId); - -/* -creation of id = using timestamp and env - id and courseId both are same -content id is from ekstep -status DRAFT("draft"), LIVE("live"), RETIRED("retired") -contentType (pdf,video,word doc etc) -tutor map -*/ -CREATE TABLE IF NOT EXISTS sunbird.course_management(id text, courseId text, contentId text, courseName text,courseType text, -facultyId text,facultyName text,organisationId text,organisationName text,enrollementStartDate text,enrollementEndDate text, -courseDuration text,description text,status text,addedBy text,addedByName text,publishedBy text,publishedByName text,createdDate text, -publishedDate text,updatedDate text,updatedBy text,updatedByName text,contentType text,createdfor list,noOfLectures int,tocUrl text, -tutor map,courseLogoUrl text,courseRating text,userCount int,PRIMARY KEY (id)); - -CREATE INDEX inx_cm_facultyId ON sunbird.course_management (facultyId); -CREATE INDEX inx_cm_organisationId ON sunbird.course_management (organisationId); -CREATE INDEX inx_cm_courseId ON sunbird.course_management (courseId); -CREATE INDEX inx_cm_course_name ON sunbird.course_management (courseName); -CREATE INDEX inx_cm_status ON sunbird.course_management (status); -CREATE INDEX inx_cm_contentId ON sunbird.course_management (contentId); - -/* -creation of id = one way hash of userName -here id and userId both are same - currently username and email is same -email and username is unique -*/ -CREATE TABLE IF NOT EXISTS sunbird.user(id text,userId text,userName text, email text,phone text,aadhaarNo text,createdDate text,updatedDate text,updatedBy text, -lastLoginTime text,status int,firstName text,lastName text,password text,avatar text,gender text,language list,subject list,grade list,regOrgId text, -dob text,thumbnail text,PRIMARY KEY (id)); - -CREATE INDEX inx_u_email ON sunbird.user (email); -CREATE INDEX inx_u_phone ON sunbird.user (phone); -CREATE INDEX inx_u_status ON sunbird.user (status); -CREATE INDEX inx_u_userId ON sunbird.user (userId); -CREATE INDEX inx_u_userName ON sunbird.user (userName); - -//user_auth -//id is auth token -CREATE TABLE IF NOT EXISTS sunbird.user_auth(id text, userId text,createdDate text,updatedDate text,source text,PRIMARY KEY (id)); -CREATE INDEX inx_ua_userId ON sunbird.user_auth (userId); -CREATE INDEX inx_ua_source ON sunbird.user_auth (source); - -//organisation -CREATE TABLE IF NOT EXISTS sunbird.organisation(id text, orgName text, description text,communityId text,createdBy text,createdDate text, -updatedDate text,updatedBy text,status int,parentOrgId text,orgType text,orgCode text,dateTime timestamp,PRIMARY KEY (id)); - -CREATE INDEX inx_org_orgName ON sunbird.organisation (orgName); -CREATE INDEX inx_org_status ON sunbird.organisation (status); -//page_management -//id= using timestamp and env -CREATE TABLE IF NOT EXISTS sunbird.page_management(id text, name text, appMap text,portalMap text,createdDate text,createdBy text, -updatedDate text,updatedBy text,organisationId text,PRIMARY KEY (id)); - -CREATE INDEX inx_pm_pageName ON sunbird.page_management (name); -CREATE INDEX inx_vm_organisationId ON sunbird.page_management (organisationId); - -//page_section -//id= using timestamp and env -CREATE TABLE IF NOT EXISTS sunbird.page_section(id text, name text, sectionDataType text,description text,display text, -searchQuery text,createdDate text,createdBy text,updatedDate text,updatedBy text,imgUrl text,alt text,status int,PRIMARY KEY (id)); -CREATE INDEX inx_ps_sectionDataType ON sunbird.page_section (sectionDataType); -CREATE INDEX inx_ps_sectionName ON sunbird.page_section (name); - -//Assessment Eval -//id= using timestamp and env -CREATE TABLE IF NOT EXISTS sunbird.assessment_eval(id text, contentId text, courseId text, userId text, -createdDate text,result text,score text,attemptId text,attemptedCount int,PRIMARY KEY (id)); - -CREATE INDEX inx_ae_userId ON sunbird.assessment_eval (userId); -CREATE INDEX inx_ae_contentId ON sunbird.assessment_eval (contentId); -CREATE INDEX inx_ae_courseId ON sunbird.assessment_eval (courseId); - -//Assessment item -//id= using timestamp and userId -CREATE TABLE IF NOT EXISTS sunbird.assessment_item(id text, contentId text, courseId text, userId text,assessmentItemId text, -assessmentType text,attemptedDate text,createdDate text,timeTaken int,result text,score text,maxScore text,answers text, -evaluationStatus boolean,processingStatus boolean,attemptId text,PRIMARY KEY (id)); - -CREATE INDEX inx_ai_userId ON sunbird.assessment_item (userId); -CREATE INDEX inx_ai_contentId ON sunbird.assessment_item (contentId); -CREATE INDEX inx_ai_assessmentItemId ON sunbird.assessment_item (assessmentItemId); -CREATE INDEX inx_ai_courseId ON sunbird.assessment_item (courseId); -CREATE INDEX inx_ai_processingStatus ON sunbird.assessment_item (processingStatus); - -DROP INDEX IF EXISTS sunbird.inx_ai_processingStatus; -DROP INDEX IF EXISTS sunbird.inx_ae_assessmentitemid; - - -CREATE TABLE IF NOT EXISTS sunbird.user_external_identity(id text, userId text, externalId text,source text,isVerified boolean,PRIMARY KEY (id)); -CREATE INDEX inx_uei_userid ON sunbird.user_external_identity (userId); -CREATE INDEX inx_uei_externalId ON sunbird.user_external_identity (externalId); -CREATE INDEX inx_uei_source ON sunbird.user_external_identity (source); - -//Address Type values(permanent, current, office, home) -CREATE TABLE IF NOT EXISTS sunbird.address(id text, userId text, country text,state text,city text,zipCode text,addType text,createdDate text,createdBy text,updatedDate text,updatedBy text, PRIMARY KEY (id)); -CREATE INDEX inx_add_userid ON sunbird.address (userId); -CREATE INDEX inx_add_addType ON sunbird.address (addType); - -CREATE TABLE IF NOT EXISTS sunbird.user_education(id text, userId text, courseName text,duration int,yearOfPassing int,percentage double,grade text,name text,boardOrUniversity text,addressId text,createdDate text,createdBy text,updatedDate text,updatedBy text, PRIMARY KEY (id)); -CREATE INDEX inx_ueu_userid ON sunbird.user_education (userId); - -CREATE TABLE IF NOT EXISTS sunbird.user_job_profile(id text, userId text, jobName text,role text,joiningDate text,endDate text,orgName text,orgId text,subject list,addressId text,boardName text,isVerified boolean,isRejected boolean,verifiedDate text,verifiedBy text,createdDate text,createdBy text,updatedDate text,updatedBy text, PRIMARY KEY (id)); -CREATE INDEX inx_ujp_userid ON sunbird.user_job_profile (userId); - -CREATE TABLE IF NOT EXISTS sunbird.user_org(id text, userId text, role text,orgId text,orgJoinDate text,orgLeftDate text,isApproved boolean, -isRejected boolean,approvedBy text,approvalDate text,updatedDate text,updatedBy text, PRIMARY KEY (id)); -CREATE INDEX inx_uorg_userid ON sunbird.user_org(userId); -CREATE INDEX inx_uorg_orgId ON sunbird.user_org(orgId); - -CREATE TABLE IF NOT EXISTS sunbird.subject(id text, name text, PRIMARY KEY (id)); -CREATE INDEX inx_sb_name ON sunbird.subject(name); - - -ALTER TABLE sunbird.organisation ADD imgUrl text; -ALTER TABLE sunbird.organisation ADD thumbnail text; -ALTER TABLE sunbird.organisation ADD channel text; -ALTER TABLE sunbird.organisation ADD preferredLanguage text; -ALTER TABLE sunbird.organisation ADD homeUrl text; -ALTER TABLE sunbird.organisation ADD isRootOrg boolean; -ALTER TABLE sunbird.organisation ADD addId text; -ALTER TABLE sunbird.organisation ADD noOfmembers int; -ALTER TABLE sunbird.organisation ADD isApproved boolean; -ALTER TABLE sunbird.organisation ADD approvedBy text; -ALTER TABLE sunbird.organisation ADD approvedDate text; - - -CREATE INDEX inx_org_channel ON sunbird.organisation(channel); -CREATE INDEX inx_org_orgType ON sunbird.organisation(orgType); -CREATE INDEX inx_org_orgCode ON sunbird.organisation(orgCode); - -CREATE TABLE IF NOT EXISTS sunbird.org_type(id text, name text, PRIMARY KEY (id)); -CREATE INDEX inx_ot_name ON sunbird.org_type(name); - -CREATE TABLE IF NOT EXISTS sunbird.org_mapping(id text, orgIdOne text,relation text,orgIdTwo text, PRIMARY KEY (id)); -CREATE INDEX inx_om_orgIdOne ON sunbird.org_mapping(orgIdOne); -CREATE INDEX inx_om_orgIdTwo ON sunbird.org_mapping(orgIdTwo); - -ALTER TABLE sunbird.user ADD rootOrgId text; -ALTER TABLE sunbird.address ADD addressLine1 text; -ALTER TABLE sunbird.address ADD addressLine2 text; -ALTER TABLE sunbird.user_education ADD degree text; - -CREATE TABLE IF NOT EXISTS sunbird.master_action(id text, name text, PRIMARY KEY (id)); -CREATE INDEX inx_ma_name ON sunbird.master_action(name); - -CREATE TABLE IF NOT EXISTS sunbird.action_group(id text, actionId list,groupName text, PRIMARY KEY (id)); -CREATE INDEX inx_uacg_groupName ON sunbird.action_group(groupName); - -CREATE TABLE IF NOT EXISTS sunbird.user_action_role(id text, actionGroupId list,roleId text, PRIMARY KEY (id)); -CREATE INDEX inx_uactr_roleId ON sunbird.user_action_role(roleId); - - -insert into sunbird.action_group(id,actionId,groupName) values ('ag_12',['1','2'],'SYSTEM_ADMINISTRATION'); -insert into sunbird.action_group(id,actionId,groupName) values ('ag_13',['3','4','7','8','5'],'ORG_MANAGEMENT'); -insert into sunbird.action_group(id,actionId,groupName) values ('ag_14',['6','9','10'],'MEMBERSHIP_MANAGEMENT'); - -insert into sunbird.action_group(id,actionId,groupName) values ('ag_15',['11','12','13','14'],'CONTENT_CREATION'); -insert into sunbird.action_group(id,actionId,groupName) values ('ag_16',['15','16'],'CONTENT_REVIEW'); -insert into sunbird.action_group(id,actionId,groupName) values ('ag_17',['17','18','10'],'CONTENT_CURATION'); -insert into sunbird.action_group(id,actionId,groupName) values ('ag_17',['19','20','21','22','23','24','25','26'],'PUBLIC'); - -ALTER TABLE sunbird.user ADD loginId text; -ALTER TABLE sunbird.user ADD provider text; -ALTER TABLE sunbird.user_external_identity ADD idType text; - -insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_1',['ag_17'],'r_107'); -insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_2',['ag_13'],'r_102'); -insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_14'],'r_103'); - insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_15'],'r_104'); - insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_16'],'r_105'); - insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_12'],'r_101'); - -ALTER TABLE sunbird.organisation DROP addId; -ALTER TABLE sunbird.organisation ADD addressId text; -ALTER TABLE sunbird.user ADD roles List; - - - CREATE TABLE IF NOT EXISTS sunbird.role_group(id text, name text, PRIMARY KEY (id)); - insert into sunbird.role_group (id,name) values ('SYSTEM_ADMINISTRATION','System Administration'); - insert into sunbird.role_group (id,name) values ('ORG_MANAGEMENT','Org Management'); - insert into sunbird.role_group (id,name) values ('MEMBERSHIP_MANAGEMENT','Membership Management'); - insert into sunbird.role_group (id,name) values ('CONTENT_CREATION','Content Creation'); - insert into sunbird.role_group (id,name) values ('CONTENT_CURATION','Content Curation'); - insert into sunbird.role_group (id,name) values ('CONTENT_REVIEW','Content Review'); - -CREATE TABLE IF NOT EXISTS sunbird.role(id text, name text,roleGroupId List,status int, PRIMARY KEY (id)); -CREATE INDEX inx_ro_master_name ON sunbird.role(name); - insert into sunbird.role (id,name,rolegroupid,status) values ('ADMIN','Admin',['SYSTEM_ADMINISTRATION','ORG_MANAGEMENT'],1); - insert into sunbird.role (id,name,rolegroupid,status) values ('ORG_ADMIN','Org Admin',['ORG_MANAGEMENT','MEMBERSHIP_MANAGEMENT'],1); - insert into sunbird.role (id,name,rolegroupid,status) values ('ORG_MODERATOR','Org Moderator',['MEMBERSHIP_MANAGEMENT'],1); - insert into sunbird.role (id,name,rolegroupid,status) values ('CONTENT_CREATOR','Content Creator',['CONTENT_CREATION'],1); - insert into sunbird.role (id,name,rolegroupid,status) values ('CONTENT_REVIEWER','Content Reviewer',['CONTENT_CREATION','CONTENT_CURATION','CONTENT_REVIEW'],1); - - CREATE TABLE IF NOT EXISTS sunbird.url_action(id text, url list,name text, PRIMARY KEY (id)); - CREATE INDEX inx_ua_name ON sunbird.url_action(name); -CREATE INDEX inx_ua_url ON sunbird.url_action(url); - -insert into sunbird.url_action (id,name) values ('suspendOrg','suspendOrg'); - insert into sunbird.url_action (id,name) values ('suspendUser','suspendUser'); - insert into sunbird.url_action (id,name) values ('createOrg','createOrg'); - insert into sunbird.url_action (id,name) values ('updateOrg','updateOrg'); - insert into sunbird.url_action (id,name) values ('removeOrg','removeOrg'); - insert into sunbird.url_action (id,name) values ('createUser','createUser'); - insert into sunbird.url_action (id,name) values ('updateUser','updateUser'); - insert into sunbird.url_action (id,name) values ('ORG_MANAGEMENT','Org Management'); - insert into sunbird.url_action (id,name) values ('createOrg','createOrg'); - insert into sunbird.url_action (id,name) values ('addMember','addMember'); - insert into sunbird.url_action (id,name) values ('removeMember','removeMember'); - insert into sunbird.url_action (id,name) values ('suspendMember','suspendMember'); - insert into sunbird.url_action (id,name) values ('createCourse','createCourse'); - insert into sunbird.url_action (id,name) values ('updateCourse','updateCourse'); - insert into sunbird.url_action (id,name) values ('createContent','createContent'); - insert into sunbird.url_action (id,name) values ('updateContent','updateContent'); - insert into sunbird.url_action (id,name) values ('flagCourse','flagCourse'); - insert into sunbird.url_action (id,name) values ('flagContent','flagContent'); - insert into sunbird.url_action (id,name) values ('publishCourse','publishCourse'); - insert into sunbird.url_action (id,name) values ('publishContent','publishContent'); - ALTER table sunbird.role_group add url_action_ids list; - - update sunbird.role_group set url_action_ids=['addMember','removeMember','suspendMember'] where id='MEMBERSHIP_MANAGEMENT'; - update sunbird.role_group set url_action_ids=['createCourse','updateCourse','createContent','updateContent'] where id='CONTENT_CREATION'; - update sunbird.role_group set url_action_ids=['suspendOrg','suspendUser'] where id='SYSTEM_ADMINISTRATION'; - update sunbird.role_group set url_action_ids=['publishCourse','publishContent'] where id='CONTENT_REVIEW'; - update sunbird.role_group set url_action_ids=['createOrg','updateOrg','removeOrg','createUser','updateUser'] where id='ORG_MANAGEMENT'; - update sunbird.role_group set url_action_ids=['flagCourse','flagContent'] where id='CONTENT_CURATION'; - - update sunbird.url_action set url=['/v1/course/publish'] where id='publishContent'; -update sunbird.url_action set url=['/v1/user/create'] where id='addMember'; - update sunbird.url_action set url=['v1/course/create'] where id='createCourse'; -update sunbird.url_action set url=['/v1/user/create'] where id='createUser'; - update sunbird.url_action set url=['/v1/course/publish'] where id='publishCourse'; -update sunbird.url_action set url=['/v1/organisation/update'] where id='updateOrg'; - -drop index inx_uorg_orgid; -ALTER TABLE sunbird.user_org DROP orgid; -ALTER TABLE sunbird.user_org ADD organisationid text; -ALTER TABLE sunbird.user_org ADD addedby text; -ALTER TABLE sunbird.user_org ADD addedbyname text; -CREATE INDEX inx_uorg_orgid ON sunbird.user_org (organisationid); - - -/* -creation of id= one way hash of (userId##courseId##batchId) here courseId is identifier of EkStep course -toc url is generated from ekStep -here status is (default(0),inProgress(1),completed(2)) -progress is no of content completed -*/ -CREATE TABLE IF NOT EXISTS sunbird.user_courses(id text, courseId text, courseName text, userId text, batchId text, enrolledDate text, -description text,tocUrl text,status int,active boolean,delta text,grade text,progress int,lastReadContentId text, -lastReadContentStatus int,addedBy text,courseLogoUrl text, dateTime timestamp, contentId text, PRIMARY KEY (id)); - -CREATE INDEX inx_ucs_userId ON sunbird.user_courses (userId); -CREATE INDEX inx_ucs_courseId ON sunbird.user_courses (courseId); -CREATE INDEX inx_ucs_batchId ON sunbird.user_courses (batchId); -CREATE INDEX inx_ucs_course_name ON sunbird.user_courses (courseName); -CREATE INDEX inx_ucs_status ON sunbird.user_courses (status); - -DROP INDEX IF EXISTS inx_uei_source; -ALTER TABLE sunbird.user_external_identity DROP source; -ALTER TABLE sunbird.user_external_identity ADD provider text; -ALTER TABLE sunbird.user_external_identity ADD externalIdValue text; -CREATE INDEX inx_uei_provider ON sunbird.user_external_identity (provider); - -//changes 7 July 2017 updated organization table -ALTER TABLE sunbird.organisation ADD rootOrgID text; -ALTER TABLE sunbird.org_mapping ADD rootOrgID text; -CREATE TABLE IF NOT EXISTS sunbird.org_type(id text, name text, PRIMARY KEY (id)); -DROP INDEX sunbird.inx_org_status; -ALTER TABLE sunbird.organisation DROP status ; -ALTER TABLE sunbird.organisation ADD status text; - -CREATE INDEX inx_org_status ON sunbird.organisation (status); - -CREATE INDEX inx_u_loginId ON sunbird.user(loginId); - -ALTER TABLE sunbird.user_job_profile ADD isCurrentJob boolean; -ALTER TABLE sunbird.content_consumption ADD progress int; -ALTER TABLE sunbird.content_consumption DROP viewPosition; - -//changes on 12th july 2017 -ALTER TABLE sunbird.user_job_profile ADD isDeleted boolean; -ALTER TABLE sunbird.user_education ADD isDeleted boolean; -ALTER TABLE sunbird.address ADD isDeleted boolean; -ALTER TABLE sunbird.user_org ADD isDeleted boolean; -ALTER TABLE sunbird.user ADD profileSummary text; - -ALTER TABLE sunbird.organisation ADD source text; -ALTER TABLE sunbird.organisation ADD externalId text; - -ALTER TABLE sunbird.user_org drop role; -ALTER TABLE sunbird.user_org ADD roles list; - -//to export data from csv to cassandra table run below command(for page_section and page_management table) -// change the path of csv file -//COPY sunbird.page_management(id, appmap,createdby ,createddate ,name ,organisationid ,portalmap ,updatedby ,updateddate ) FROM '/tmp/cql/pageMgmt.csv'; - -//COPY sunbird.page_section(id, alt,createdby ,createddate ,description ,display ,imgurl ,name,searchquery , sectiondatatype ,status , updatedby ,updateddate) FROM '/tmp/cql/pageSection.csv'; - -// insert default root organisation -- July 15,2017 -ALTER TABLE sunbird.organisation ADD isDefault boolean; - -ALTER TABLE sunbird.user_courses ADD leafNodesCount int; -// change organisation status field from text to int -- July 19,2017 -drop index inx_org_status; -ALTER TABLE sunbird.organisation DROP status ; -ALTER TABLE sunbird.organisation ADD status int; -CREATE INDEX inx_org_status ON sunbird.organisation (status); -INSERT INTO sunbird.organisation(id , isRootOrg , isDefault, status) values('ORG_001' , true , true, 1); - -// add isdeleted field to user table -- July 31,2017 -ALTER TABLE sunbird.user ADD isDeleted boolean; - -//added for course batch -CREATE TABLE IF NOT EXISTS sunbird.course_batch(id text, courseId text,courseCreator text,createdBy text,createdOn text,enrollmentType text,startDate text,endDate text,name text,description text,status int,lastUpdatedOn text,mentors List,participants List,createdFor List,PRIMARY KEY (id)); -CREATE INDEX inx_cou_bat_status ON sunbird.course_batch (status); -CREATE INDEX inx_cou_bat_courseId ON sunbird.course_batch (courseId); -CREATE INDEX inx_cou_bat_courseCreator ON sunbird.course_batch (courseCreator); -CREATE INDEX inx_cou_bat_createdBy ON sunbird.course_batch (createdBy); -CREATE INDEX inx_cou_bat_enrolmentType ON sunbird.course_batch (enrollmentType); -ALTER TABLE sunbird.course_batch DROP createdon; -ALTER TABLE sunbird.course_batch ADD createdDate text; -ALTER TABLE sunbird.course_batch DROP lastupdatedon; -ALTER TABLE sunbird.course_batch ADD updatedDate text; - -ALTER TABLE sunbird.organisation add provider text; -ALTER TABLE sunbird.organisation DROP source; -//Id is courseId -CREATE TABLE IF NOT EXISTS sunbird.course_publish_status(id text,submitDate text,status int,PRIMARY KEY (id)); - -// convert data type of participants from List to map -- Aug 7,2017 -ALTER TABLE sunbird.course_batch DROP participants; -ALTER TABLE sunbird.course_batch ADD participant map; - -ALTER TABLE sunbird.course_batch ADD courseAdditionalInfo map; - -// adding the batchId column to content consumption table -- Aug 8,2017 -ALTER TABLE sunbird.content_consumption ADD batchId text; - -CREATE TABLE IF NOT EXISTS sunbird.bulk_upload_process(id text, status int,data text,successResult text,failureResult text,uploadedBy text,uploadedDate text,processStartTime text,processEndTime text,ObjectType text,organisationId text, PRIMARY KEY (id)); -CREATE INDEX inx_status ON sunbird.bulk_upload_process(status); -insert into sunbird.role_group (id,name) values ('COURSE_MENTOR','Course Mentor'); -update sunbird.role_group set url_action_ids=['courseMentor'] where id='COURSE_MENTOR'; - -ALTER TABLE sunbird.course_batch ADD countIncrementStatus boolean; -ALTER TABLE sunbird.course_batch ADD countIncrementDate text; -ALTER TABLE sunbird.course_batch ADD countDecrementStatus boolean; -ALTER TABLE sunbird.course_batch ADD countDecrementDate text; - -CREATE INDEX inx_org_provider ON sunbird.organisation (provider); -CREATE INDEX inx_org_externalId ON sunbird.organisation (externalId); - -insert into sunbird.url_action (id,name) values ('orgupload','orgupload'); -update sunbird.role_group set url_action_ids=['suspendOrg','suspendUser','orgupload'] where id='SYSTEM_ADMINISTRATION'; -update sunbird.url_action set url=['/v1/org/suspend'] where id='suspendOrg'; -update sunbird.url_action set url=['/v1/user/block'] where id='suspendUser'; -update sunbird.url_action set url=['/v1/org/upload'] where id='orgupload'; -insert into sunbird.role (id,name,rolegroupid,status) values ('COURSE_MENTOR','Course Mentor',['COURSE_MENTOR'],1); - -// changes on Aug 16,2017 -ALTER TABLE sunbird.organisation ADD slug text; -ALTER TABLE sunbird.organisation ADD hashTagId text; -ALTER TABLE sunbird.organisation ADD theme text; -ALTER TABLE sunbird.user_org ADD position text; -ALTER TABLE sunbird.course_batch ADD hashTagId text; -CREATE INDEX inx_cps_status ON sunbird.course_publish_status (status); -ALTER TABLE sunbird.user ADD location text; -ALTER TABLE sunbird.organisation ADD contactDetails map; -insert into sunbird.role_group (id,name) values ('FLAG_REVIEWER ','Flag Reviewer'); -insert into sunbird.url_action (id,name) values ('FLAG_REVIEWER','flag Review'); -insert into sunbird.role (id,name,rolegroupid,status) values ('FLAG_REVIEWER','Flag Reviewer',['FLAG_REVIEWER'],1); -update sunbird.role_group set url_action_ids=['flagReview'] where id='FLAG_REVIEWER'; -ALTER TABLE sunbird.organisation DROP contactdetails; -ALTER TABLE sunbird.organisation ADD contactdetail text; - -//update course_batch set countdecrementstatus=false ,countincrementstatus=false where id in ('01231295903433523233', '01231300152093900880', '01231362610791219226', '012311485318971392184', '012311507396763648187', '01231446621414195215', '012311399697334272167', '012310182931898368117', '01231437156529766411', '0123143731552501769', '012315729890295808125', '01231515693522124824', '012315105801404416176', '012315113121030144181', '0123156336446914560', '0123152537517178880', '012311452395159552176', '012310182079651840116', '01231365904918118428', '012315115229880320201', '01231297804052070441', '01231295967369625632', '01231437649992908813', '01231298538289561658', '01231290682958643227', '012310176900218880115', '012311394333097984166', '012311400451145728168', '01231513667683942421', '012315115088601088183', '0123153123053158404', '01231363201368064027', '01231290412171264026', '0123151248760258560', '01231514986607411223', '012311580166266880203', '01231217800957952058', '01231304911540224098', '0123152769465384961', '012310190924496896119', '01231569596413542494', '01231299360593510461', '01231437480674099212', '012310195742662656126', '012311489586135040185', '01231298390404300857', '012311415973486592169', '01231298670022656060', '01231569429976678493', '01231294824787148831', '012310173385113600114', '01231385960518451255', '012315785629794304137', '01231296418316288037', '012310193544601600118', '012311447751262208177', '012311507213688832188', '01231437595463680010', '0123156778024960005', '012311505273479168186', '01231300602153369682', '01231298422152396859', '0123152820520222722', '012311511755972608189', '012315179912159232103', '012315751464787968136', '012315736241045504130', '01231288911727001615', '01231514371529113622', '01231366031184691229', '01231383864920473645', '012315107363119104182', '012311574182944768202', '01231516784369664088', '01231443633637785614', '01231300661683814481' ); -insert into sunbird.role_group (id,name) values ('COURSE_ADMIN','Course Admin'); -update sunbird.role_group set url_action_ids=['courseAdmin'] where id='COURSE_ADMIN'; -insert into sunbird.role (id,name,rolegroupid,status) values ('COURSE_ADMIN','Course Admin',['COURSE_ADMIN'],1); -insert into sunbird.role_group (id,name) values ('COURSE_CREATOR','Course Creator'); -update sunbird.role_group set url_action_ids=['courseCreator'] where id='COURSE_CREATOR'; -insert into sunbird.role (id,name,rolegroupid,status) values ('COURSE_CREATOR','Course Creator',['COURSE_CREATOR'],1); -update sunbird.role_group set name='Flag Reviewer' where id='FLAG_REVIEWER'; -//changes on Aug 29,2017 -CREATE TABLE IF NOT EXISTS sunbird.badge(id text, name text, description text, isActive boolean, PRIMARY KEY (id)); -CREATE TABLE IF NOT EXISTS sunbird.user_badge(id text, createdDate text, createdBy text, updatedDate text,updatedBy text,badgeTypeId text,receivedDate text,receiverId text,providerId text,providerName text,providerEmail text,providerPhone text,description text,validityDate int,expiryDate text,image text,isVerified boolean,isExpired boolean,isRevoked boolean,revocationReason text,revocationDate text,revokedBy text,verifiedBy text,verifiedDate text ,PRIMARY KEY (id)); - CREATE INDEX inx_usr_badg ON sunbird.user_badge (badgeTypeId); - insert into sunbird.badge (id,name,description,isactive) values ('0123206539020943360','President''s Gold Medal','Gold medal provided by President',true); - CREATE INDEX inx_usr_badg_receiverid ON sunbird.user_badge (receiverid); -CREATE INDEX inx_uei_externalIdValue ON sunbird.user_external_identity (externalIdValue); - -//adding for report tracking -CREATE TABLE IF NOT EXISTS sunbird.report_tracking(id text, status int,type text,createdDate text,userId text,uploadedDate text,email text,fileUrl text,emailTryCount int, PRIMARY KEY (id)); -CREATE INDEX inx_report_tracking_status ON sunbird.report_tracking(status); -CREATE INDEX inx_report_tracking_userId ON sunbird.report_tracking(userId); -ALTER TABLE sunbird.report_tracking ADD firstName text; -ALTER TABLE sunbird.report_tracking ADD batchId text; -ALTER TABLE sunbird.report_tracking ADD period text; -ALTER TABLE sunbird.report_tracking ADD data text; -insert into sunbird.role_group (id,name) values ('PUBLIC','Public'); -update sunbird.role_group set url_action_ids=['public'] where id='PUBLIC'; -insert into sunbird.role (id,name,rolegroupid,status) values ('PUBLIC','Public',['PUBLIC'],1); -ALTER TABLE sunbird.report_tracking ADD tryCount int; -ALTER TABLE sunbird.report_tracking DROP emailTryCount; -ALTER TABLE sunbird.report_tracking ADD updatedDate text; - -//Changes on Aug 31st 2017 -ALTER TABLE sunbird.report_tracking DROP batchId; -ALTER TABLE sunbird.report_tracking ADD resourceId text; - -// adding fileFormat for dashboard metrics report tracking -- Sep 1,2017 -ALTER TABLE sunbird.report_tracking ADD format text; - -ALTER TABLE sunbird.user DROP aadhaarno; -update organisation set channel='ROOT_ORG' where id='ORG_001'; - -// Sept 18th 2017 -ALTER TABLE sunbird.org_type ADD createdDate text; -ALTER TABLE sunbird.org_type ADD createdBy text; -ALTER TABLE sunbird.org_type ADD updatedDate text; -ALTER TABLE sunbird.org_type ADD updatedBy text; -//Adding table user_notes --Sep 13th 2017 -CREATE TABLE IF NOT EXISTS sunbird.user_notes(id text, userId text, courseId text, -contentId text, title text, note text, tags list, createdDate text, createdBy text, -updatedDate text, updatedBy text, isDeleted boolean, PRIMARY KEY (id)); -CREATE INDEX inx_un_userId ON sunbird.user_notes(userId); -CREATE INDEX inx_un_courseId ON sunbird.user_notes(courseId); -CREATE INDEX inx_un_contentId ON sunbird.user_notes(contentId); -ALTER TABLE sunbird.user ADD createdBy text; - -//Adding changes related to social media in user table -ALTER TABLE sunbird.user ADD webpages list>>; -CREATE TABLE IF NOT EXISTS sunbird.media_type(id text, name text, PRIMARY KEY (id)); - -insert into media_type(id,name) values('fb', 'facebook'); -insert into media_type(id,name) values('twitter','twitter'); -insert into media_type(id,name) values('in','linkedin'); -insert into media_type(id,name) values('blog','blog'); -//Oct 12th -ALTER TABLE sunbird.user ADD tempPassword text; -ALTER TABLE sunbird.user ADD currentLoginTime text; -//Oct 18th -UPDATE sunbird.media_type SET name = 'Facebook' where id = 'fb'; -UPDATE sunbird.media_type SET name = 'Twitter' where id = 'twitter'; -UPDATE sunbird.media_type SET name = 'LinkedIn' where id = 'in'; -UPDATE sunbird.media_type SET name = 'Blog' where id = 'blog'; - -ALTER TABLE sunbird.bulk_upload_process ADD retryCount int; - -// userSkill table to store the user skills - Oct 18, 2017 --- -/* -creation of id = one way hash of (userId##skillnametolowercase) -*/ -CREATE TABLE IF NOT EXISTS sunbird.user_skills(id text, userId text, skillname text,skillnametolowercase text, addedby text, addedat text, endorsementcount int ,endorsers Map, PRIMARY KEY (id)); -CREATE INDEX inx_us_userId ON sunbird.user_skills(userId); - -// skills table - Oct 18, 2017 --- -/* -creation of id = one way hash of (userId##skillnametolowercase) -*/ -CREATE TABLE IF NOT EXISTS sunbird.skills(id text,skills list, PRIMARY KEY (id)); - -//25th Oct -ALTER TABLE sunbird.organisation ADD orgTypeId text; - -//Announcement apis -27th Oct -CREATE KEYSPACE IF NOT EXISTS sunbirdplugin WITH replication = {'class':'SimpleStrategy','replication_factor':1}; -//CREATE TYPE IF NOT EXISTS sunbirdplugin.attachment (id text,filename text,mimetype text); -CREATE TABLE sunbirdplugin.announcement (id text,userid text,sourceid text,details map,links list,attachments list,target text,sentcount int,priority text,expiry text,status text,createddate text,updateddate text, PRIMARY KEY (id)); -CREATE TABLE sunbirdplugin.attachment (id text,file text,filename text,mimetype text,createdby text,status text,createddate text, PRIMARY KEY (id)); -CREATE TABLE sunbirdplugin.metrics (id text,userid text,announcementid text,activity text,channel text,createddate text, PRIMARY KEY (id)); -CREATE TABLE sunbirdplugin.announcementtype (id text,rootorgid text,name text,status text,createddate text, PRIMARY KEY (id)); -CREATE TABLE sunbirdplugin.announcementauth (id text,userid text,rootorgid text,permissions map,status text,createddate text, PRIMARY KEY (id)); - -insert into sunbird.role_group (id,name) values ('ANNOUNCEMENT_SENDER','Announcement Sender'); -update sunbird.role_group set url_action_ids=['Announcement Sender'] where id='ANNOUNCEMENT_SENDER'; -insert into sunbird.role (id,name,rolegroupid,status) values ('ANNOUNCEMENT_SENDER','Announcement Sender',['ANNOUNCEMENT_SENDER'],1); - -//mongodb import , env var is taken from group_vars -//COPY sunbird.user_notes(id, userid,courseid,contentid,title,note,tags,createddate,updateddate,isdeleted) FROM '/tmp/notes-{{env}}.csv'; -//2nd Nov -CREATE TABLE IF NOT EXISTS sunbird.tenant_preference(id text,tenantName text,orgId text,role text, data text, PRIMARY KEY (id)); -CREATE INDEX inx_tp_userId ON sunbird.tenant_preference(orgId); -ALTER TABLE sunbird.user ADD tcstatus text; -//CLIENT_INFO table for master key -CREATE TABLE IF NOT EXISTS sunbird.client_info(id text, clientname text, masterkey text, createddate text, updateddate text, PRIMARY KEY (id)); -CREATE INDEX inx_ci_clientname ON sunbird.client_info(clientname); -// Geo Location - Oct 31,2017 - -ALTER TABLE sunbird.user ADD tcupdateddate text; - -CREATE TABLE IF NOT EXISTS sunbird.geo_location(id text,locationName text,rootOrgId text,type text, createdDate text,createdBy text,updatedDate text,updatedBy text,topicName text,topicId text, PRIMARY KEY (id)); -CREATE INDEX inx_gl_rootOrgId ON sunbird.geo_location(rootOrgId); -ALTER TABLE sunbird.geo_location DROP topicId ; -ALTER TABLE sunbird.geo_location DROP topicName ; -ALTER TABLE sunbird.geo_location ADD topic text; -ALTER TABLE sunbird.geo_location DROP locationName ; -ALTER TABLE sunbird.geo_location ADD location text; -// 3rd Nov 2017 -ALTER TABLE sunbird.organisation ADD locationId text; - -ALTER TABLE sunbird.user ADD profileVisibility map; - -// 9th Nov 2017 -ALTER TABLE sunbirdplugin.announcement DROP target ; -ALTER TABLE sunbirdplugin.announcement ADD target map>>>>; -//adding default one Skills. -insert into skills (id,skills) values ('001',['java']); -ALTER TABLE sunbird.user_skills drop endorsers; -ALTER TABLE sunbird.user_skills ADD endorsersList frozen>>; -// 16th Nov 2017 -ALTER TABLE sunbird.user ADD emailVerified boolean; - -// 23rd Nov 2017 -ALTER TABLE sunbird.user ADD countryCode text; -CREATE TABLE IF NOT EXISTS sunbird.system_settings (id text ,field text ,value text ,PRIMARY KEY (id)); - -// Dec 5th 2017 - -ALTER TABLE sunbird.geo_location ADD userCount int; - -insert into sunbird.system_settings (id,field,value) values ('phoneUnique','phoneUnique','false'); -insert into sunbird.system_settings (id,field,value) values ('emailUnique','emailUnique','false'); -// Dec 6th 2017 -ALTER TABLE sunbird.geo_location ADD userCountTTL text; -// adding new column in client-info to save the channel -ALTER TABLE sunbird.client_info ADD channel text; -CREATE INDEX inx_ci_clientchannel ON sunbird.client_info(channel); \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/templates/content_service.cql b/ansible/roles/cassandra-cql-update/templates/content_service.cql deleted file mode 100644 index bf7bf42317..0000000000 --- a/ansible/roles/cassandra-cql-update/templates/content_service.cql +++ /dev/null @@ -1,9 +0,0 @@ -CREATE KEYSPACE portal -WITH replication = {'class':'SimpleStrategy', 'replication_factor' : 1}; -USE portal; -CREATE TABLE IF NOT EXISTS sessions ( - sid text, - session text, - expires timestamp, - PRIMARY KEY(sid) -); \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/templates/notes-dev.csv b/ansible/roles/cassandra-cql-update/templates/notes-dev.csv deleted file mode 100644 index b393b6684b..0000000000 --- a/ansible/roles/cassandra-cql-update/templates/notes-dev.csv +++ /dev/null @@ -1,157 +0,0 @@ -_id,userId,courseId,contentId,title,note,tags,createdOn,updatedOn,isDeleted -596498de7d86310001a25a0b,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-11T09:22:38.568Z,,FALSE -5964a4ef7d86310001a25a0c,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-11T10:14:07.765Z,,FALSE -59688176f1d958000115b9db,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-14T08:31:50.145Z,,FALSE -596e5a1645fdfd0001acbce6,995c35d3-e56b-4607-9211-e2096c9d8304,do_212282810256941056178,,My New Note,"The sunbirds and spiderhunters make up a family, Nectariniidae, of passerine birds. They are small, slender passerines from the Old World, usually with downward-curved bills. Many are brightly coloured, often with iridescent feathers, particularly in the males. Many species also have especially long tail feathers. Their range extends through most of Africa to the Middle East, South Asia, South-east Asia and southern China, to Indonesia, New Guinea and northern Australia. Species diversity is highest in equatorial regions. - -There are 132 species in 15 genera. Most sunbirds feed largely on nectar, but will also eat insects and spiders, especially when feeding their young. Flowers that prevent access to their nectar because of their shape (for example, very long and narrow flowers are simply punctured at the base near the nectaries, from which the birds sip the nectar. Fruit is also part of the diet of some species. Their flight is fast and direct, thanks to their short wings. - -The sunbirds have counterparts in two very distantly related groups: the hummingbirds of the Americas and the honeyeaters of Australia. The resemblances are due to convergent evolution brought about by a similar nectar-feeding lifestyle.[1] Some sunbird species can take nectar by hovering like a hummingbird, but they usually perch to feed.",[],2017-07-18T18:57:26.440Z,,FALSE -5976d385c63dfb0001b5677e,8964a7ab-4712-464c-8b19-cb87221cfcfa,,do_212196910336131072127,fdsf,fdsff,[],2017-07-25T05:13:41.222Z,,FALSE -5976d39ad4982000012dc47a,8964a7ab-4712-464c-8b19-cb87221cfcfa,,do_212196910336131072127,fdsfs,fdsfsf,[],2017-07-25T05:14:02.180Z,,FALSE -5976f025eaf481000173124d,50ba4694-931e-4a04-87a5-5b81211d7773,,do_212292629199077376116,fdsfdsfsf,fdsf,[],2017-07-25T07:15:49.926Z,,FALSE -597882d0780e410001491290,8c44ad33-34dd-4291-a1b2-1061cc4d75c4,do_2122951809560002561251,do_2122951778195865601246,jkjkjkjkj`klk,klklk,[],2017-07-26T11:53:52.058Z,,FALSE -597882e4eaf481000173124e,8c44ad33-34dd-4291-a1b2-1061cc4d75c4,do_2122951809560002561251,,"m,m,m","mm,m",[],2017-07-26T11:54:12.870Z,,FALSE -5978851eeaf481000173124f,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20052842,Hi,got full marks,[],2017-07-26T12:03:42.712Z,,FALSE -597885f8eaf4810001731250,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212296625948319744173,,Course content,course content is not there,[],2017-07-26T12:07:20.596Z,,FALSE -59796e61afffc9000158e236,74e6f8d6-026c-4031-af7d-48ed20622fa1,do_212296625948319744173,,jlk,jknkjjk,[],2017-07-27T04:38:57.703Z,,FALSE -5979953aafffc9000158e238,107240bc-918c-4e42-9545-4f8d596ee24e,,do_20052842,Test,Test,[],2017-07-27T07:24:42.269Z,,FALSE -597ee8546e3d9a0001592e6d,944d23ab-46ba-45f7-ac9a-0e332fc8dce5,,do_2122161647443476481281,Test,**Test**,[],2017-07-31T08:20:36.235Z,,FALSE -597ee899642d550001376053,944d23ab-46ba-45f7-ac9a-0e332fc8dce5,,do_2122161647443476481281,test 2,test2,[],2017-07-31T08:21:45.748Z,,FALSE -59817b596e3d9a0001592e6e,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,lkaskldjasalksdj,askd;laskd;lsa,[],2017-08-02T07:12:25.200Z,,FALSE -59817b64642d550001376054,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,kkasldkas,klaskdl;aks;das,[],2017-08-02T07:12:36.109Z,,FALSE -598196d0642d550001376055,107240bc-918c-4e42-9545-4f8d596ee24e,do_212296625948319744173,,erewr,wrwerwer,[],2017-08-02T09:09:36.420Z,,FALSE -59821f366e3d9a0001592e6f,f7e98666-8d10-447f-821b-1431682e626f,do_2122951809560002561251,,I WANT KNOW MORE INFORMATION,I WANT KNOW MORE INFORMATION,[],2017-08-02T18:51:34.347Z,,FALSE -59821fa6642d550001376056,f7e98666-8d10-447f-821b-1431682e626f,do_2122951853379502081260,,I AM HAPPY,I AM HAPPY****,[],2017-08-02T18:53:26.987Z,,FALSE -59836517c13e0300019972e3,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,do_2122951778195865601246,Note Title,Note description updated,[],2017-08-03T18:01:59.855Z,,FALSE -59840b2c9c4b6d0001dd6bce,89cf1a7e-dfd3-46c9-a428-d37e9a2bc001,do_212296625948319744173,,Test,a das das dasda sad asd as das da,[],2017-08-04T05:50:36.808Z,,FALSE -598421a39c4b6d0001dd6bcf,89cf1a7e-dfd3-46c9-a428-d37e9a2bc001,do_212296625948319744173,,Test 2,as dasd asd asd asd asd asd asd as,[],2017-08-04T07:26:27.148Z,,FALSE -598817499c4b6d0001dd6bd0,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,lksd;f,lsdlskjdf,[],2017-08-07T07:31:21.656Z,,FALSE -59881755c13e0300019972e4,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,sdkl;fkds;l;l,lkasdlksaj,[],2017-08-07T07:31:33.283Z,,FALSE -598817f49c4b6d0001dd6bd1,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,sfjlksd,sdjfds,[],2017-08-07T07:34:12.081Z,,FALSE -598c0366f016e20001c4b8ae,5681bb50-9058-4733-b47d-cb93981eb441,,do_30030419,test,testsss,[],2017-08-10T06:55:34.371Z,,FALSE -598c399e189c9700019188ea,064c0b3d-eb1c-4a12-aeeb-3f65bbb2a8d3,,do_20043627,Note updated,Description,[],2017-08-10T10:46:54.229Z,,FALSE -598dfeb3468165000107e7e1,cda6c36c-d77a-4a64-a564-9f9b0c655adc,do_212296706898190336145,,SS,d,[],2017-08-11T19:00:03.335Z,,FALSE -59956d3e6c7bfc0001a8e123,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123101488779837441168,,ssss,sss,[],2017-08-17T10:17:34.134Z,,FALSE -599578de6c7bfc0001a8e124,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_20043647,SCZC,scscsc,[],2017-08-17T11:07:10.981Z,,FALSE -5996ec0421a4e10001c040da,be325d93-600d-4cb2-b2c9-728717c31765,do_2123100228521082881103,do_20045289,sdfsdf,dsfsdf,[],2017-08-18T13:30:44.124Z,,FALSE -5996ec1821a4e10001c040db,be325d93-600d-4cb2-b2c9-728717c31765,do_2123100228521082881103,do_20045289,sdafsdf,afsfdfdsfasf,[],2017-08-18T13:31:04.605Z,,FALSE -5996f36bf7cd6600016c9496,be325d93-600d-4cb2-b2c9-728717c31765,,do_30013525,article4,bvb,[],2017-08-18T14:02:19.556Z,,FALSE -59984cf0a66fa00001a3df05,e886f4a8-890e-4e73-adc2-5afebad93c08,do_212282810437918720179,,note12,test desc,[],2017-08-19T14:36:32.084Z,,FALSE -599a64b4d2049300014fccde,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,Test,Note,[],2017-08-21T04:42:28.599Z,,FALSE -599a655ed2049300014fccdf,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,fsdfs,sdfsdfsdfsd,[],2017-08-21T04:45:18.189Z,,FALSE -599a65a1a66fa00001a3df06,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,wqwererw,werwerwerwe,[],2017-08-21T04:46:25.029Z,,FALSE -599a65ded2049300014fcce0,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,sdsdfssds,sdfsdfsdfs,[],2017-08-21T04:47:26.390Z,,FALSE -599a6664d2049300014fcce1,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,fsdfsdfewerwe,wrwerwer,[],2017-08-21T04:49:40.841Z,,FALSE -599a6677a66fa00001a3df07,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,aafasdf,sfsdfsd,[],2017-08-21T04:49:59.425Z,,FALSE -599a6d94d2049300014fcce2,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,LP_FT_6987122,tetest,Test,[],2017-08-21T05:20:20.274Z,,FALSE -599a7468d2049300014fcce3,e886f4a8-890e-4e73-adc2-5afebad93c08,do_212282810437918720179,,sdsdsd,zzczz,[],2017-08-21T05:49:28.102Z,,FALSE -599a8c1ea66fa00001a3df08,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,Test,Test,[],2017-08-21T07:30:38.673Z,,FALSE -599ae92ca66fa00001a3df09,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212282810555342848180,,XZX,ZXZX,[],2017-08-21T14:07:40.076Z,,FALSE -599aef8bd2049300014fcce4,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123138572751912961138,,CXAZx,zxzxz,[],2017-08-21T14:34:51.737Z,,FALSE -599afaa4a66fa00001a3df0a,064c0b3d-eb1c-4a12-aeeb-3f65bbb2a8d3,,LP_FT_6987122,test,vb,[],2017-08-21T15:22:12.854Z,,FALSE -599bd772a66fa00001a3df0c,be325d93-600d-4cb2-b2c9-728717c31765,do_2123157035537367041285,do_2123143396291133441148,Test note,Test note,[],2017-08-22T07:04:18.873Z,,FALSE -599bdbf3a66fa00001a3df0d,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123157276909076481290,,new note,new note info,[],2017-08-22T07:23:31.434Z,,FALSE -599bdf1aa66fa00001a3df0e,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123157276909076481290,LP_FT_6987122,jkjkj,jkjkj,[],2017-08-22T07:36:58.214Z,,FALSE -599bf331d2049300014fcce5,5862af1a-7741-46eb-bbf5-71358dcd3539,,do_30013509,Test,Hide,[],2017-08-22T09:02:41.330Z,,FALSE -599bf37ea66fa00001a3df0f,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Test,Test update,[],2017-08-22T09:03:58.333Z,,FALSE -599c528ad2049300014fcce6,be325d93-600d-4cb2-b2c9-728717c31765,do_212312962784133120110,,kjhjkll,jkhkh,[],2017-08-22T15:49:30.319Z,,FALSE -599c5295d2049300014fcce7,be325d93-600d-4cb2-b2c9-728717c31765,do_212312962784133120110,,kjhkjhjkh,jlkjkljkl,[],2017-08-22T15:49:41.943Z,,FALSE -599d4d01d2049300014fcce8,0b9e4ff4-390b-4f8e-b6d9-59767d07099a,do_2123157276909076481290,do_2123138285329448961126,qerfwef,sdfsdf,[],2017-08-23T09:38:09.646Z,,FALSE -599e538bd2049300014fcce9,7bdaec59-2cd6-4646-8cee-f3b485e3da99,do_212312303635816448169,,Sample Note to myself,this is a sample note to myself,[],2017-08-24T04:18:19.172Z,,FALSE -599e702ea66fa00001a3df10,fc2892a6-58b2-4bee-abe9-3ae224519640,do_2123157276909076481290,,jkjkj,kjkj,[],2017-08-24T06:20:30.528Z,,FALSE -599e7bb5d2049300014fccea,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_2123171371115560961478,xcvxzvcxz,xzcvzxvczxc,[],2017-08-24T07:09:41.907Z,,FALSE -599e96f6a66fa00001a3df11,d1924601-9ce1-4b6e-b3b1-1442a3d61ac4,,do_212295888406224896127,Test,Test,[],2017-08-24T09:05:58.556Z,,FALSE -599e9810a66fa00001a3df12,d1924601-9ce1-4b6e-b3b1-1442a3d61ac4,,do_212295888406224896127,New,New,[],2017-08-24T09:10:40.875Z,,FALSE -59a3b0340c950300016667c9,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-08-28T05:55:00.839Z,,FALSE -59a3b3580c950300016667ca,be325d93-600d-4cb2-b2c9-728717c31765,,do_2123101458899271681167,Test,Test,[],2017-08-28T06:08:24.891Z,,FALSE -59a3de490c950300016667cb,be325d93-600d-4cb2-b2c9-728717c31765,,do_212155118871101440166,This is test,This is test,[],2017-08-28T09:11:37.606Z,,FALSE -59a3de6a0c950300016667cc,be325d93-600d-4cb2-b2c9-728717c31765,,do_212155118871101440166,another,Another Note,[],2017-08-28T09:12:10.518Z,,FALSE -59a3e7ffbfebc300016e15a1,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123187253665792001586,Test,Test,[],2017-08-28T09:53:03.657Z,,FALSE -59a69f6dbfebc300016e15a2,fae8f720-51a6-48cb-8834-33641a42c30e,,do_2123165408517406721432,S. Radhakrishnan,"Sarvepalli Radhakrishnan About this sound listen (help·info (5 September 1888 – 17 April 1975 was an Indian philosopher and statesman[1] who was the first Vice President of India (1952–1962 and the second President of India from 1962 to 1967.[web 1] - -One of India's most distinguished twentieth-century scholars of comparative religion and philosophy,[2][web 2] his academic appointments included the King George V Chair of Mental and Moral Science at the University of Calcutta (1921–1932 and Spalding Professor of Eastern Religion and Ethics at University of Oxford (1936–1952. - -His philosophy was grounded in Advaita Vedanta, reinterpreting this tradition for a contemporary understanding.[web 2] He defended Hinduism against ""uninformed Western criticism"",[3] contributing to the formation of contemporary Hindu identity.[4] He has been influential in shaping the understanding of Hinduism, in both India and the west, and earned a reputation as a bridge-builder between India and the West.[5] - -Radhakrishnan was awarded several high awards during his life, including a knighthood in 1931, the Bharat Ratna, the highest civilian award in India, in 1954, and honorary membership of the British Royal Order of Merit in 1963. Radhakrishnan believed that ""teachers should be the best minds in the country"". Since 1962, his birthday is celebrated in India as Teachers' Day on 5 September.[web 3]",[],2017-08-30T11:20:13.099Z,,FALSE -59a69ff20c950300016667cd,fae8f720-51a6-48cb-8834-33641a42c30e,,do_2123165408517406721432,Teachers Day,"The birth date of the second President of India, Dr. Sarvepalli Radhakrishnan, 5 September 1888, has been celebrated as Teacher's Day since 1962. On this day, teachers and students report to school as usual but the usual activities and classes are replaced by activities of celebration, thanks and remembrance. In some schools, senior students take the responsibility of teaching in order to show their appreciation for the teachers. - -Traditional and Vedic Teachers' Day Festival is on Guru Purnima according to Indian Calendar, a festival dedicated to spiritual and academic teachers. This festival is traditionally celebrated by Buddhists, Jains and Hindus in India and Nepal, to pay their respects to their teachers and express their gratitude.",[],2017-08-30T11:22:26.735Z,,FALSE -59a6b05ebfebc300016e15a3,107240bc-918c-4e42-9545-4f8d596ee24e,,do_21230291297746944015,test,test,[],2017-08-30T12:32:30.969Z,,FALSE -59a6b0a6bfebc300016e15a4,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123165408517406721432,test,test,[],2017-08-30T12:33:42.491Z,,FALSE -59a799330c950300016667ce,be325d93-600d-4cb2-b2c9-728717c31765,,do_212295888406224896127,Test,Test updated,[],2017-08-31T05:05:55.819Z,,FALSE -59a799620c950300016667cf,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-08-31T05:06:42.929Z,,FALSE -59a79a940c950300016667d0,be325d93-600d-4cb2-b2c9-728717c31765,,do_212295888406224896127,Test,Test,[],2017-08-31T05:11:48.065Z,,FALSE -59a79a9ebfebc300016e15a6,be325d93-600d-4cb2-b2c9-728717c31765,,do_212295888406224896127,1,2,[],2017-08-31T05:11:58.042Z,,FALSE -59a7b4500c950300016667d1,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_21230291297746944015,Test,Test,[],2017-08-31T07:01:36.613Z,,FALSE -59a7b458bfebc300016e15a7,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_21230291297746944015,2,1,[],2017-08-31T07:01:44.279Z,,FALSE -59a7dac10c950300016667d2,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123178605500334081568,Test,test,[],2017-08-31T09:45:37.875Z,,FALSE -59a812e80c950300016667d3,14df02ff-7e68-4c52-a600-1b1f30c62ffe,,do_2123200653407354881657,Test,Test update,[],2017-08-31T13:45:12.434Z,,FALSE -59a8133bbfebc300016e15a8,be325d93-600d-4cb2-b2c9-728717c31765,do_2123157035537367041285,,Test,Test,[],2017-08-31T13:46:35.135Z,,FALSE -59a821cb0c950300016667d4,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123200147342622721628,Test,"Test -**Test** -*Test* - - 1. item",[],2017-08-31T14:48:43.362Z,,FALSE -59a821f20c950300016667d5,df6f285a-531c-4fed-bb54-6cc8235968f4,,do_2123178605500334081568,hg,fgfdfgvhbj heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note,[],2017-08-31T14:49:22.402Z,,FALSE -59a93e5ebfebc300016e15aa,8557fa44-6b3a-4a4a-bb99-7907e635b2f7,,do_2123200147342622721628,fd,dg,[],2017-09-01T11:02:54.958Z,,FALSE -59ace276514fcb0001548980,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_2123158123070668801318,test notes,nknkjn,[],2017-09-04T05:19:50.005Z,,FALSE -59ace5aa514fcb0001548981,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123236730327941121242,new note for youtubeW,dadaDAdad,[],2017-09-04T05:33:30.997Z,,FALSE -59ace7b5514fcb0001548982,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,,mwflelkjeofkk,klklfkflskdflkslfksf,[],2017-09-04T05:42:13.118Z,,FALSE -59ace7d8514fcb0001548983,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_2123158123070668801318,o'iwjw'oerjpo',po,[],2017-09-04T05:42:48.311Z,,FALSE -59ace8c4514fcb0001548984,be325d93-600d-4cb2-b2c9-728717c31765,,do_2123215064116756481869,Test,Test,[],2017-09-04T05:46:44.278Z,,FALSE -59ace9da514fcb0001548985,be325d93-600d-4cb2-b2c9-728717c31765,,do_2123215064116756481869,New Note,New note,[],2017-09-04T05:51:22.230Z,,FALSE -59acea49514fcb0001548986,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_20045289,c zvzcv,vcxvxc,[],2017-09-04T05:53:13.629Z,,FALSE -59acedf4514fcb0001548987,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,,;l;l;l,;l;l;l,[],2017-09-04T06:08:52.026Z,,FALSE -59aceea1514fcb0001548988,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_2123228937193799681199,new page note,mnojo,[],2017-09-04T06:11:45.944Z,,FALSE -59acf35f514fcb0001548989,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_2123158123070668801318,test,test data,[],2017-09-04T06:31:59.233Z,,FALSE -59acf763514fcb000154898a,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123138572751912961138,do_212156477194846208131,wewew,wewewe,[],2017-09-04T06:49:07.322Z,,FALSE -59acf859514fcb000154898b,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123138572751912961138,do_20047090,klklklk,klkl,[],2017-09-04T06:53:13.564Z,,FALSE -59acfaf6514fcb000154898c,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123100894929960961150,do_2122930886356172801130,jkjkjkj,jkjkj,[],2017-09-04T07:04:22.969Z,,FALSE -59ad50654432590001efa772,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123251055368765441634,,finall course note,note,[],2017-09-04T13:08:53.038Z,,FALSE -59ad50ad4fd5900001efadbc,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123251055368765441634,do_212201190513950720137,g,hghghghgh,[],2017-09-04T13:10:05.882Z,,FALSE -59ad50c84432590001efa773,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_2123243093954805761356,hjhjh,hjhjh,[],2017-09-04T13:10:32.494Z,,FALSE -59ad544e4432590001efa775,28f7bf03-68be-4d62-b794-23040eada4e1,,do_2123215064116756481869,Test,Test,[],2017-09-04T13:25:34.844Z,,FALSE -59ad54574432590001efa776,28f7bf03-68be-4d62-b794-23040eada4e1,,do_2123215064116756481869,1,1,[],2017-09-04T13:25:43.457Z,,FALSE -59af9f4b4fd5900001efadbe,8557fa44-6b3a-4a4a-bb99-7907e635b2f7,,do_212290229532762112188,lklklkkl,jjkdjfkdjfd,[],2017-09-06T07:10:03.792Z,,FALSE -59b7a2e64645e500015ea526,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Hello,"Heelo![enter image description here][1] - - -![enter image description here][2] - - -sfdsfsdfsdfsfsdfsdfsdfsdfsdfsfsd - - -![enter image description here][3] - - - [1]: http://Heelo.cosasadas - [2]: http://12333433 - [3]: wpihttp://werwerwer78978987978",[],2017-09-12T09:03:34.427Z,,FALSE -59b7a6e9585c7a00011401dd,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,jkhjhjjjh,"hjhjhjhjj![enter image description here][1] - - - [1]: http://jhjhjhjhjh",[],2017-09-12T09:20:41.570Z,,FALSE -59b7a8df4645e500015ea527,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Google image,"google image linl![enter image description here][1] - - - [1]: https://upload.wikimedia.org/wikipedia/commons/thumb/7/77/Google_Images_2015_logo.svg/1200px-Google_Images_2015_logo.svg.png",[],2017-09-12T09:29:03.983Z,,FALSE -59b7a9104645e500015ea528,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Google image,"google image linl![enter image description here][1] - - - [1]: https://upload.wikimedia.org/wikipedia/commons/thumb/7/77/Google_Images_2015_logo.svg/1200px-Google_Images_2015_logo.svg.png",[],2017-09-12T09:29:52.274Z,,FALSE -59b7a93e585c7a00011401de,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Test,Google image,[],2017-09-12T09:30:38.144Z,,FALSE -59b7aa844645e500015ea529,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-09-12T09:36:04.601Z,,FALSE -59b7d5f4585c7a00011401df,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-09-12T12:41:24.290Z,,FALSE -59b7e3f54645e500015ea52a,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-09-12T13:41:09.308Z,,FALSE -59b7e763585c7a00011401e0,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-09-12T13:55:47.984Z,,FALSE -59b8de3e4645e500015ea52b,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-09-13T07:29:02.334Z,,FALSE -59b9296d4645e500015ea52c,b2d7a285-b874-4aaf-abc3-e64d8b57f86d,,do_2123208084832829441775,new note,new,[],2017-09-13T12:49:49.051Z,,FALSE -59b929934645e500015ea52d,b2d7a285-b874-4aaf-abc3-e64d8b57f86d,,do_2123208084832829441775,ojkjkjkj,jkjkj,[],2017-09-13T12:50:27.050Z,,FALSE -59b929a74645e500015ea52e,b2d7a285-b874-4aaf-abc3-e64d8b57f86d,,do_2123208084832829441775,llkklk,lklklk,[],2017-09-13T12:50:47.929Z,,FALSE -59b92b55585c7a00011401e1,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,new note,new data,[],2017-09-13T12:57:57.235Z,,FALSE -59b92b7d4645e500015ea52f,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,erere,ewe,[],2017-09-13T12:58:37.649Z,,FALSE -59b92cf9585c7a00011401e2,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,dsdsd,sdsd,[],2017-09-13T13:04:57.819Z,,FALSE -59b92d1d4645e500015ea530,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,mlmlklkkq,llklklklklkl,[],2017-09-13T13:05:33.068Z,,FALSE \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/templates/notes-staging.csv b/ansible/roles/cassandra-cql-update/templates/notes-staging.csv deleted file mode 100644 index 59fd51fc21..0000000000 --- a/ansible/roles/cassandra-cql-update/templates/notes-staging.csv +++ /dev/null @@ -1,109 +0,0 @@ -_id,userId,courseId,contentId,title,note,tags,createdOn,updatedOn,isDeleted -5968a1d580b8bc000163a528,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-14T10:49:57.505Z,,FALSE -59693afb605e9a0001e9dfd6,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-14T21:43:23.960Z,,FALSE -596e60ce7cace000013cc4b7,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,do_212282810256941056178,,Sunbird Note 1,"The sunbirds and spiderhunters make up a family, Nectariniidae, of passerine birds. They are small, slender passerines from the Old World, usually with downward-curved bills. Many are brightly coloured, often with iridescent feathers, particularly in the males. Many species also have especially long tail feathers. Their range extends through most of Africa to the Middle East, South Asia, South-east Asia and southern China, to Indonesia, New Guinea and northern Australia. Species diversity is highest in equatorial regions. - -There are 132 species in 15 genera. Most sunbirds feed largely on nectar, but will also eat insects and spiders, especially when feeding their young. Flowers that prevent access to their nectar because of their shape (for example, very long and narrow flowers are simply punctured at the base near the nectaries, from which the birds sip the nectar. Fruit is also part of the diet of some species. Their flight is fast and direct, thanks to their short wings. - -The sunbirds have counterparts in two very distantly related groups: the hummingbirds of the Americas and the honeyeaters of Australia. The resemblances are due to convergent evolution brought about by a similar nectar-feeding lifestyle.[1] Some sunbird species can take nectar by hovering like a hummingbird, but they usually perch to feed.",[],2017-07-18T19:26:06.374Z,,FALSE -596ee80b30e8240001635a61,ca8fb15e-0e5a-43f3-96f2-2e15742b7f45,do_212282810555342848180,do_212216610159968256113,Note 1,**strong text**,[],2017-07-19T05:03:07.841Z,,FALSE -596f25ee30e8240001635a63,07aed82b-2a55-4e5d-bd22-36efb0e9d615,do_212282810555342848180,do_212216610159968256113,noite 1,sssss,[],2017-07-19T09:27:10.024Z,,FALSE -596f9f1430e8240001635a64,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,,do_212217290209730560120,Scored 100%,Similar test be suggested and used by others,[],2017-07-19T18:04:04.858Z,,FALSE -597038f830e8240001635a65,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,ffsdfsdfsdfsdfsdfs,fsdfsdf,[],2017-07-20T05:00:40.875Z,,FALSE -5970395c30e8240001635a66,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,dfsfsdfsdf,fdgvfcg dgdfhttps://staging.open-sunbird.org/private/index#!/profile,[],2017-07-20T05:02:20.698Z,,FALSE -5970396730e8240001635a67,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,https://staging.open-sunbird.org/private/index#!/profile,https://staging.open-sunbird.org/private/index#!/profile,[],2017-07-20T05:02:31.242Z,,FALSE -597039e830e8240001635a68,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,now1,now,[],2017-07-20T05:04:40.943Z,,FALSE -597039f330e8240001635a69,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,now 2,now 2,[],2017-07-20T05:04:51.444Z,,FALSE -59703a1030e8240001635a6a,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,now 3,now 3,[],2017-07-20T05:05:20.206Z,,FALSE -59705d81001d200001095db8,6a7299e2-41c3-4a6a-b75a-22c326c211ff,do_212282810555342848180,do_212216610159968256113,jkjkkl,mnlkjlk,[],2017-07-20T07:36:33.750Z,,FALSE -597167999e866200010b902f,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_212292720862715904142,,Test NoteAAAAA,"The sunbirds and spiderhunters make up a family, Nectariniidae, of passerine birds. They are small, slender passerines from the Old World, usually with downward-curved bills. Many are brightly coloured, often with iridescent feathers, particularly in the males. Many species also have especially long tail feathers. Their range extends through most of Africa to the Middle East, South Asia, South-east Asia and southern China, to Indonesia, New Guinea and northern Australia. Species diversity is highest in equatorial regions. - -There are 132 species in 15 genera. Most sunbirds feed largely on nectar, but will also eat insects and spiders, especially when feeding their young. Flowers that prevent access to their nectar because of their shape (for example, very long and narrow flowers are simply punctured at the base near the nectaries, from which the birds sip the nectar. Fruit is also part of the diet of some species. Their flight is fast and direct, thanks to their short wings. - -The sunbirds have counterparts in two very distantly related groups: the hummingbirds of the Americas and the honeyeaters of Australia. The resemblances are due to convergent evolution brought about by a similar nectar-feeding lifestyle.[1] Some sunbird species can take nectar by hovering like a hummingbird, but they usually perch to feed.",[],2017-07-21T02:31:53.466Z,,FALSE -597175ac9e866200010b9030,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_212292720862715904142,do_20047090,Test Notes,Test Notes,[],2017-07-21T03:31:56.680Z,,FALSE -5971d85f9e866200010b9031,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_212292781238452224152,,girl,"It’s too dark!” she argued when shown a perfectly acceptable one, according to mum. -“It’s too boring!” she cried when mum tried to convince her about a very sensible option she had recommended. -Mum had given up trying to convince her of anything and they were walking home, frustrated at the wasted morning. The newly descending fog just added to the gloom. She looked down the alley to where Lucy was pointing.",[],2017-07-21T10:33:03.037Z,,FALSE -5971e1d39e866200010b9032,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N1,N1,[],2017-07-21T11:13:23.490Z,,FALSE -5971e1dc9e866200010b9033,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N2,2,[],2017-07-21T11:13:32.676Z,,FALSE -5971e1e89e866200010b9034,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N3,3,[],2017-07-21T11:13:44.130Z,,FALSE -5971e1f09e866200010b9035,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N4,4,[],2017-07-21T11:13:52.162Z,,FALSE -5971e2139e866200010b9036,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N5,5,[],2017-07-21T11:14:27.775Z,,FALSE -5971eafe9e866200010b9037,784c732a-e03f-4b85-bc04-8a58ee1be6aa,do_2122867365871943681194,,screen,s,[],2017-07-21T11:52:30.682Z,,FALSE -5975dd8f9c05a10001957812,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,do_212282810256941056178,do_2122528241634754561234,Kinda interesting,whats this,[],2017-07-24T11:44:15.324Z,,FALSE -5975e0ed9c05a10001957813,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,do_212282810256941056178,do_2122432175175761921186,note 2,Here's a smaple note.,[],2017-07-24T11:58:37.582Z,,FALSE -5976c15aa9e30b0001971c65,8c44ad33-34dd-4291-a1b2-1061cc4d75c4,,do_20052842,Test,test,[],2017-07-25T03:56:10.784Z,,FALSE -5977555aee20880001251c4c,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20052842,Test34,1234,[],2017-07-25T14:27:38.896Z,,FALSE -5978a7b2ee20880001251c4d,944d23ab-46ba-45f7-ac9a-0e332fc8dce5,,do_20043627,jkjkj,kjkj,[],2017-07-26T14:31:14.976Z,,FALSE -5979981f3ba2da0001f5eebf,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_2122161647443476481281,test,test,[],2017-07-27T07:37:03.964Z,,FALSE -597998393ba2da0001f5eec0,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_30013486,Test update,Testt,[],2017-07-27T07:37:29.702Z,,FALSE -5979984f3ba2da0001f5eec1,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212282810555342848180,do_2122432175175761921186,New Note,New,[],2017-07-27T07:37:51.284Z,,FALSE -5979985c3ba2da0001f5eec2,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212282810555342848180,do_2122432175175761921186,1,3,[],2017-07-27T07:38:04.799Z,,FALSE -5979986e3ba2da0001f5eec3,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212282810555342848180,,5,6,[],2017-07-27T07:38:22.323Z,,FALSE -597b12c3cd861e000193140b,613bedaa-19c6-4f90-8fc0-1b9ed3b866a2,do_212296625948319744173,,Testnote,testing,[],2017-07-28T10:32:35.856Z,,FALSE -597f0a83725a490001d7d40b,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2123000999568752641219,,Note1,Note1,[],2017-07-31T10:46:27.877Z,,FALSE -597f0acb725a490001d7d40c,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2123000999568752641219,do_212265445709848576118,C1,C1,[],2017-07-31T10:47:39.279Z,,FALSE -597f1811725a490001d7d40e,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2122951809560002561251,do_2122951778195865601246,Market Inputs : Meeting Invitaion,ok...........,[],2017-07-31T11:44:17.794Z,,FALSE -5988363e6e34080001280b17,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212300234602971136120,do_212178412953821184120,note,note not added,[],2017-08-07T09:43:26.509Z,,FALSE -598836526e34080001280b18,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212300234602971136120,do_212178412953821184120,note 2,note 2,[],2017-08-07T09:43:46.825Z,,FALSE -5988b395cbda570001c855c8,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2123000999568752641219,do_20046116,Title,Description,[],2017-08-07T18:38:13.157Z,,FALSE -598d3512c5ccb60001404d45,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20044433,ewerwe,werwerwrwe,[],2017-08-11T04:39:46.226Z,,FALSE -598d3531c5ccb60001404d46,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,wrwerwe,werwerwerwe,[],2017-08-11T04:40:17.274Z,,FALSE -598d35dbc5ccb60001404d47,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,fsdsdsf,fdsfsdf,[],2017-08-11T04:43:07.975Z,,FALSE -598d35f4c5ccb60001404d48,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,sdfsdfs,dsfsdfsdfsdfs,[],2017-08-11T04:43:32.286Z,,FALSE -598d35fdc5ccb60001404d49,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,wewerwerwerwe,rwerwerwerwerwe,[],2017-08-11T04:43:41.315Z,,FALSE -598d3609c5ccb60001404d4a,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,gsgfdgdfg,dfgdfgdfgdf,[],2017-08-11T04:43:53.826Z,,FALSE -598d3625c5ccb60001404d4b,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,1`1,1,[],2017-08-11T04:44:21.537Z,,FALSE -598d3880c5ccb60001404d4c,064c0b3d-eb1c-4a12-aeeb-3f65bbb2a8d3,,do_30032277,Note,Note,[],2017-08-11T04:54:24.029Z,,FALSE -599941c45640c0000120e6af,fbb16dbb-469f-4a1c-a64f-11f25f0a5e08,,do_2123143396291133441148,note,nnnn,[],2017-08-20T08:01:08.429Z,,FALSE -599980c45640c0000120e6b0,db705067-0516-483f-bc6a-aa57d44b51b9,do_21229665263726592014,,1,fdsf,[],2017-08-20T12:29:56.857Z,,FALSE -599a61515640c0000120e6b1,dba37d67-ed11-4824-bee3-bed665f237af,,do_30013510,Test Note,Test description,[],2017-08-21T04:28:01.323Z,,FALSE -599a61755640c0000120e6b2,dba37d67-ed11-4824-bee3-bed665f237af,,do_30013509,Test Note,Notes,[],2017-08-21T04:28:37.107Z,,FALSE -599a640e5640c0000120e6b3,dba37d67-ed11-4824-bee3-bed665f237af,,do_30013509,Test,Testsdgsdgdfg,[],2017-08-21T04:39:42.035Z,,FALSE -599a6cb35640c0000120e6b4,fbb16dbb-469f-4a1c-a64f-11f25f0a5e08,,do_30013510,test,test,[],2017-08-21T05:16:35.622Z,,FALSE -599a99435640c0000120e6b5,dba37d67-ed11-4824-bee3-bed665f237af,do_21231295967811174417,do_2122162576275701761294,dasda,dasd,[],2017-08-21T08:26:43.464Z,,FALSE -599aa9a05640c0000120e6b6,e654c117-81c9-4acf-bee4-0eb9943587f0,do_212312897236066304117,,hfgh,hgfhfgh,[],2017-08-21T09:36:32.526Z,,FALSE -599aa9af5640c0000120e6b7,e654c117-81c9-4acf-bee4-0eb9943587f0,,do_20047090,hfghfh,hfgh,[],2017-08-21T09:36:47.337Z,,FALSE -599ab8845640c0000120e6b8,9608d921-5f22-4ce7-9b19-d7950e1b2528,do_2123138572751912961138,do_20047090,test,test,[],2017-08-21T10:40:04.270Z,,FALSE -599b0a7a5640c0000120e6b9,55dba7dc-88f3-4a7c-93fc-d9b9a2b95edd,do_212313579799609344156,,hjhjh,hjhj,[],2017-08-21T16:29:46.663Z,,FALSE -599c0c0a5640c0000120e6bb,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,,do_2123073460161249281249,bad,bad,[],2017-08-22T10:48:42.326Z,,FALSE -599cfcc45640c0000120e6bc,2bc099bc-4c64-4826-83f6-d292f2a82012,do_2123163419216117761353,,fdsfdsf,fdsfsf,[],2017-08-23T03:55:48.385Z,,FALSE -599d17a65640c0000120e6bd,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,,do_20044433,note,kisadsadsadsad,[],2017-08-23T05:50:30.088Z,,FALSE -599d17e55640c0000120e6be,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_21229665429644083218,,dadadad,dadadadad,[],2017-08-23T05:51:33.926Z,,FALSE -599d18765640c0000120e6bf,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,,do_212295919848210432184,sasaS,SAsSSaaSASASASA,[],2017-08-23T05:53:58.244Z,,FALSE -599d23765640c0000120e6c0,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_2122951778195865601246,xzxzxzxzxz,xzxzxz,[],2017-08-23T06:40:54.997Z,,FALSE -599d23c15640c0000120e6c1,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_2122951778195865601246,sds,sd,[],2017-08-23T06:42:09.438Z,,FALSE -599d24045640c0000120e6c2,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_2122162678233579521298,kk,hh,[],2017-08-23T06:43:16.262Z,,FALSE -599d24775640c0000120e6c3,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_20045620,fdsfsd,fsdf,[],2017-08-23T06:45:11.504Z,,FALSE -59a4fe7b96eb0d000156e389,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,vhvhv,"nj,b nm",[],2017-08-29T05:41:15.658Z,,FALSE -59a4fea796eb0d000156e38a,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,bv b n,"vhb,aqwhb",[],2017-08-29T05:41:59.852Z,,FALSE -59a4feb496eb0d000156e38b,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,vvn n,qazxswedcv,[],2017-08-29T05:42:12.569Z,,FALSE -59a4fec696eb0d000156e38c,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,rtyuui,gggbbb,[],2017-08-29T05:42:30.661Z,,FALSE -59a683dd96eb0d000156e38e,2aade7d9-6abf-433b-9a05-3b02cd2eb664,,do_212295888406224896127,m,n,[],2017-08-30T09:22:37.520Z,,FALSE -59a683e996eb0d000156e38f,2aade7d9-6abf-433b-9a05-3b02cd2eb664,,do_212295888406224896127,n,n,[],2017-08-30T09:22:49.281Z,,FALSE -59a683f396eb0d000156e390,2aade7d9-6abf-433b-9a05-3b02cd2eb664,,do_212295888406224896127,m,m,[],2017-08-30T09:22:59.806Z,,FALSE -59a6995f96eb0d000156e391,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123164561966202881387,,," - -",[],2017-08-30T10:54:23.018Z,,FALSE -59a69f3a96eb0d000156e392,2bc099bc-4c64-4826-83f6-d292f2a82012,,do_2123165408517406721432,Test,test,[],2017-08-30T11:19:22.946Z,,FALSE -59a7ce4496eb0d000156e394,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note1,Note1,[],2017-08-31T08:52:20.106Z,,FALSE -59a7cee796eb0d000156e395,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note61,Note61,[],2017-08-31T08:55:03.755Z,,FALSE -59a7d0be96eb0d000156e396,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note1,Note1,[],2017-08-31T09:02:54.062Z,,FALSE -59a7d12296eb0d000156e397,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note2,Note2,[],2017-08-31T09:04:34.900Z,,FALSE -59a7d18296eb0d000156e398,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note3,Note3,[],2017-08-31T09:06:10.586Z,,FALSE -59a7d1de96eb0d000156e399,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note5,Note5,[],2017-08-31T09:07:42.116Z,,FALSE -59a7d25b96eb0d000156e39a,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note6,Note6,[],2017-08-31T09:09:47.651Z,,FALSE -59a7dce496eb0d000156e39b,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note6,Note6,[],2017-08-31T09:54:44.472Z,,FALSE -59a7dd3296eb0d000156e39c,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note6,Note6,[],2017-08-31T09:56:02.596Z,,FALSE -59b224da2e8d950001a15294,2aade7d9-6abf-433b-9a05-3b02cd2eb664,do_2123277035616337921104,domain_4083,dd,dddd,[],2017-09-08T05:04:26.101Z,,FALSE -59b2357f5fdcd10001251fb8,2aade7d9-6abf-433b-9a05-3b02cd2eb664,do_2123200404256931841636,do_2123164671596052481388,aa,aaa,[],2017-09-08T06:15:27.043Z,,FALSE -59b7aabf5fdcd10001251fb9,dba37d67-ed11-4824-bee3-bed665f237af,do_212306471794638848176,,Test,Test,[],2017-09-12T09:37:03.101Z,,FALSE -59b7e77d5fdcd10001251fba,dba37d67-ed11-4824-bee3-bed665f237af,do_212306471794638848176,,test,Test,[],2017-09-12T13:56:13.716Z,,FALSE -59b80e8be737a90001875ac4,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-09-12T16:42:51.580Z,,FALSE -59ba179ae737a90001875ac5,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,do_2122951778195865601246,Note Title,Note description,[],2017-09-14T05:46:02.758Z,,FALSE -59bb84885fdcd10001251fbb,d882967f-b3e1-456b-b984-d800470837ab,,do_2123208084832829441775,Note 1,Des,[],2017-09-15T07:43:04.060Z,,FALSE -59bb84b3e737a90001875ac6,d882967f-b3e1-456b-b984-d800470837ab,,do_2123208084832829441775,abc,desc,[],2017-09-15T07:43:47.924Z,,FALSE -59bb84cde737a90001875ac7,d882967f-b3e1-456b-b984-d800470837ab,,do_2123208084832829441775,efg,desc,[],2017-09-15T07:44:13.398Z,,FALSE -59bbdb6a5fdcd10001251fbe,1234567,1234565678,12345656758,updated title,My notes1 update 1,"[""tag1""]",2017-09-15T13:53:46.761Z,,FALSE -59c142ec5fdcd10001251fbf,be7efb23-6af9-4d92-82b3-a4d78fcfa2f6,do_2123215064116756481869,do_2123347975635599361299, title 3,My notes 3,"[""tags 1""]",2017-09-19T16:16:44.029Z,,FALSE \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/templates/pageMgmt.csv b/ansible/roles/cassandra-cql-update/templates/pageMgmt.csv deleted file mode 100644 index e010f0fb40..0000000000 --- a/ansible/roles/cassandra-cql-update/templates/pageMgmt.csv +++ /dev/null @@ -1,6 +0,0 @@ -0122838911932661768,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 07:17:36:831+0000,Resource,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",, -01228382486252748821,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:03:29:672+0000,Course,,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",, -0122838909618585607,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 07:17:36:827+0000,Resource,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",, -01228394137835929612,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 08:54:56:574+0000,Resourcessss,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 09:01:26:990+0000 -01228382478150860822,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:03:29:679+0000,Course,,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",, -01228393775303884811,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 08:54:56:572+0000,Resources,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",, \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/templates/pageSection.csv b/ansible/roles/cassandra-cql-update/templates/pageSection.csv deleted file mode 100644 index b10991659d..0000000000 --- a/ansible/roles/cassandra-cql-update/templates/pageSection.csv +++ /dev/null @@ -1,12 +0,0 @@ -01228383133972889627,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:10:20:043+0000,,"{\"name\":{\"en\":\"Popular Template\",\"hi\":\"????????\"}}",,Popular Template,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Template\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, -01228382966064742425,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:09:40:595+0000,,"{\"name\":{\"en\":\"Popular Worksheet\",\"hi\":\"????????\"}}",,Popular Worksheet,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Worksheet\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, -01228382278062080019,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:55:600+0000,,"{\"name\":{\"en\":\"Latest Courses\",\"hi\":\"????????\"}}",,Latest Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"lastPublishedOn\":\"desc\"},\"limit\":10}}",course,1,, -01228383082462412826,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:09:40:595+0000,,"{\"name\":{\"en\":\"Popular Worksheet\",\"hi\":\"????????\"}}",,Popular Worksheet,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Worksheet\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, -01228382897002905629,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:11:14:511+0000,,"{\"name\":{\"en\":\"Popular Simulation\",\"hi\":\"????????\"}}",,Popular Simulation,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Simulation\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, -01228382681137152020,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:55:601+0000,,"{\"name\":{\"en\":\"Latest Courses\",\"hi\":\"????????\"}}",,Latest Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"lastPublishedOn\":\"desc\"},\"limit\":10}}",course,1,, -01228382662997606424,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:08:56:272+0000,,"{\"name\":{\"en\":\"Popular Story\",\"hi\":\"????????\"}}",,Popular Story,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Story\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, -01228382337862041618,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:16:949+0000,,"{\"name\":{\"en\":\"Popular Courses\",\"hi\":\"????????\"}}",,Popular Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"name\":\"asc\"},\"limit\":10}}",course,1,, -01228383171081011228,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:10:20:049+0000,,"{\"name\":{\"en\":\"Popular Template\",\"hi\":\"????????\"}}",,Popular Template,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Template\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, -01228382243946496017,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:16:949+0000,,"{\"name\":{\"en\":\"Popular Courses\",\"hi\":\"????????\"}}",,Popular Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"name\":\"asc\"},\"limit\":10}}",course,1,, -01228383384379392023,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:08:56:272+0000,,"{\"name\":{\"en\":\"Popular Story\",\"hi\":\"????????\"}}",,Popular Story,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Story\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, -01228383260541747230,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:11:14:512+0000,,"{\"name\":{\"en\":\"Popular Simulation\",\"hi\":\"????????\"}}",,Popular Simulation,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Simulation\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, \ No newline at end of file From dd89b552c4363b9a359c6f8161a6291e9f13758c Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sun, 28 Jan 2018 00:01:08 +0530 Subject: [PATCH 052/104] Issue #22 fix: variable --- deploy/sunbird_install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 30a660e5cf..3eb328421a 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -6,7 +6,7 @@ usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak} ]" 1>&2; exit 1; # Reading environment and implimentation name IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' config) -ENV_NAME=$(awk '/environment: / {print $2}' config) +ENV_NAME=$(awk '/env: / {print $2}' config) APP_HOST=$(awk '/application_host: / {print $2}' config) DB_HOST=$(awk '/database_host: / {print $2}' config) SSH_ANSIBLE_USER=$(awk '/ssh_ansible_user: / {print $2}' config) From 7fc6f6237c2cce22bb2b5943d550b357c934ed88 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sun, 28 Jan 2018 00:07:37 +0530 Subject: [PATCH 053/104] Issue #22 fix: added static files --- .../cassandra-cql-update/files/cassandra.cql | 563 ++++++++++++++++++ .../files/content_service.cql | 9 + .../cassandra-cql-update/files/notes-dev.csv | 157 +++++ .../files/notes-staging.csv | 109 ++++ .../cassandra-cql-update/files/pageMgmt.csv | 6 + .../files/pageSection.csv | 12 + 6 files changed, 856 insertions(+) create mode 100644 ansible/roles/cassandra-cql-update/files/cassandra.cql create mode 100644 ansible/roles/cassandra-cql-update/files/content_service.cql create mode 100644 ansible/roles/cassandra-cql-update/files/notes-dev.csv create mode 100644 ansible/roles/cassandra-cql-update/files/notes-staging.csv create mode 100644 ansible/roles/cassandra-cql-update/files/pageMgmt.csv create mode 100644 ansible/roles/cassandra-cql-update/files/pageSection.csv diff --git a/ansible/roles/cassandra-cql-update/files/cassandra.cql b/ansible/roles/cassandra-cql-update/files/cassandra.cql new file mode 100644 index 0000000000..647ce251c0 --- /dev/null +++ b/ansible/roles/cassandra-cql-update/files/cassandra.cql @@ -0,0 +1,563 @@ + +CREATE KEYSPACE IF NOT EXISTS sunbird WITH replication = {'class':'SimpleStrategy','replication_factor':1}; + +//to change cluster name +//UPDATE system.local SET cluster_name = 'sunbird' where key='local'; +//ALTER USER cassandra WITH PASSWORD 'password'; +USE sunbird; + +/* +creation of id= one way hash of (userId##courseId) here courseId is identifier of course mgmt table +toc url we have to generate through json of content id from ekStep +here status is (default(0),inProgress(1),completed(2)) +progress is no of content completed +*/ +CREATE TABLE IF NOT EXISTS sunbird.course_enrollment(id text, courseId text, courseName text,userId text,enrolledDate text, +description text,tocUrl text,status int,active boolean,delta text,grade text,progress int,lastReadContentId text, +lastReadContentStatus int,addedBy text,courseLogoUrl text,dateTime timestamp,contentId text,PRIMARY KEY (id)); + +CREATE INDEX inx_ce_userId ON sunbird.course_enrollment (userId); +CREATE INDEX inx_ce_courseId ON sunbird.course_enrollment (courseId); +CREATE INDEX inx_ce_course_name ON sunbird.course_enrollment (courseName); +CREATE INDEX inx_ce_status ON sunbird.course_enrollment (status); + +/* +creation of id = one way hash of (userId##contentId##courseId##batchId) +status is (default(0),inProgress(1),completed(2)) +*/ +CREATE TABLE IF NOT EXISTS sunbird.content_consumption(id text, contentId text, courseId text, userId text,viewPosition text,viewCount int,lastAccessTime text, +contentVersion text,completedCount int,status int,result text,score text,grade text,lastUpdatedTime text,lastCompletedTime text,dateTime timestamp,PRIMARY KEY (id)); + +CREATE INDEX inx_cc_userId ON sunbird.content_consumption (userId); +CREATE INDEX inx_cc_contentId ON sunbird.content_consumption (contentId); +CREATE INDEX inx_cc_status ON sunbird.content_consumption (status); +CREATE INDEX inx_cc_courseId ON sunbird.content_consumption (courseId); + +/* +creation of id = using timestamp and env + id and courseId both are same +content id is from ekstep +status DRAFT("draft"), LIVE("live"), RETIRED("retired") +contentType (pdf,video,word doc etc) +tutor map +*/ +CREATE TABLE IF NOT EXISTS sunbird.course_management(id text, courseId text, contentId text, courseName text,courseType text, +facultyId text,facultyName text,organisationId text,organisationName text,enrollementStartDate text,enrollementEndDate text, +courseDuration text,description text,status text,addedBy text,addedByName text,publishedBy text,publishedByName text,createdDate text, +publishedDate text,updatedDate text,updatedBy text,updatedByName text,contentType text,createdfor list,noOfLectures int,tocUrl text, +tutor map,courseLogoUrl text,courseRating text,userCount int,PRIMARY KEY (id)); + +CREATE INDEX inx_cm_facultyId ON sunbird.course_management (facultyId); +CREATE INDEX inx_cm_organisationId ON sunbird.course_management (organisationId); +CREATE INDEX inx_cm_courseId ON sunbird.course_management (courseId); +CREATE INDEX inx_cm_course_name ON sunbird.course_management (courseName); +CREATE INDEX inx_cm_status ON sunbird.course_management (status); +CREATE INDEX inx_cm_contentId ON sunbird.course_management (contentId); + +/* +creation of id = one way hash of userName +here id and userId both are same + currently username and email is same +email and username is unique +*/ +CREATE TABLE IF NOT EXISTS sunbird.user(id text,userId text,userName text, email text,phone text,aadhaarNo text,createdDate text,updatedDate text,updatedBy text, +lastLoginTime text,status int,firstName text,lastName text,password text,avatar text,gender text,language list,subject list,grade list,regOrgId text, +dob text,thumbnail text,PRIMARY KEY (id)); + +CREATE INDEX inx_u_email ON sunbird.user (email); +CREATE INDEX inx_u_phone ON sunbird.user (phone); +CREATE INDEX inx_u_status ON sunbird.user (status); +CREATE INDEX inx_u_userId ON sunbird.user (userId); +CREATE INDEX inx_u_userName ON sunbird.user (userName); + +//user_auth +//id is auth token +CREATE TABLE IF NOT EXISTS sunbird.user_auth(id text, userId text,createdDate text,updatedDate text,source text,PRIMARY KEY (id)); +CREATE INDEX inx_ua_userId ON sunbird.user_auth (userId); +CREATE INDEX inx_ua_source ON sunbird.user_auth (source); + +//organisation +CREATE TABLE IF NOT EXISTS sunbird.organisation(id text, orgName text, description text,communityId text,createdBy text,createdDate text, +updatedDate text,updatedBy text,status int,parentOrgId text,orgType text,orgCode text,dateTime timestamp,PRIMARY KEY (id)); + +CREATE INDEX inx_org_orgName ON sunbird.organisation (orgName); +CREATE INDEX inx_org_status ON sunbird.organisation (status); +//page_management +//id= using timestamp and env +CREATE TABLE IF NOT EXISTS sunbird.page_management(id text, name text, appMap text,portalMap text,createdDate text,createdBy text, +updatedDate text,updatedBy text,organisationId text,PRIMARY KEY (id)); + +CREATE INDEX inx_pm_pageName ON sunbird.page_management (name); +CREATE INDEX inx_vm_organisationId ON sunbird.page_management (organisationId); + +//page_section +//id= using timestamp and env +CREATE TABLE IF NOT EXISTS sunbird.page_section(id text, name text, sectionDataType text,description text,display text, +searchQuery text,createdDate text,createdBy text,updatedDate text,updatedBy text,imgUrl text,alt text,status int,PRIMARY KEY (id)); +CREATE INDEX inx_ps_sectionDataType ON sunbird.page_section (sectionDataType); +CREATE INDEX inx_ps_sectionName ON sunbird.page_section (name); + +//Assessment Eval +//id= using timestamp and env +CREATE TABLE IF NOT EXISTS sunbird.assessment_eval(id text, contentId text, courseId text, userId text, +createdDate text,result text,score text,attemptId text,attemptedCount int,PRIMARY KEY (id)); + +CREATE INDEX inx_ae_userId ON sunbird.assessment_eval (userId); +CREATE INDEX inx_ae_contentId ON sunbird.assessment_eval (contentId); +CREATE INDEX inx_ae_courseId ON sunbird.assessment_eval (courseId); + +//Assessment item +//id= using timestamp and userId +CREATE TABLE IF NOT EXISTS sunbird.assessment_item(id text, contentId text, courseId text, userId text,assessmentItemId text, +assessmentType text,attemptedDate text,createdDate text,timeTaken int,result text,score text,maxScore text,answers text, +evaluationStatus boolean,processingStatus boolean,attemptId text,PRIMARY KEY (id)); + +CREATE INDEX inx_ai_userId ON sunbird.assessment_item (userId); +CREATE INDEX inx_ai_contentId ON sunbird.assessment_item (contentId); +CREATE INDEX inx_ai_assessmentItemId ON sunbird.assessment_item (assessmentItemId); +CREATE INDEX inx_ai_courseId ON sunbird.assessment_item (courseId); +CREATE INDEX inx_ai_processingStatus ON sunbird.assessment_item (processingStatus); + +DROP INDEX IF EXISTS sunbird.inx_ai_processingStatus; +DROP INDEX IF EXISTS sunbird.inx_ae_assessmentitemid; + + +CREATE TABLE IF NOT EXISTS sunbird.user_external_identity(id text, userId text, externalId text,source text,isVerified boolean,PRIMARY KEY (id)); +CREATE INDEX inx_uei_userid ON sunbird.user_external_identity (userId); +CREATE INDEX inx_uei_externalId ON sunbird.user_external_identity (externalId); +CREATE INDEX inx_uei_source ON sunbird.user_external_identity (source); + +//Address Type values(permanent, current, office, home) +CREATE TABLE IF NOT EXISTS sunbird.address(id text, userId text, country text,state text,city text,zipCode text,addType text,createdDate text,createdBy text,updatedDate text,updatedBy text, PRIMARY KEY (id)); +CREATE INDEX inx_add_userid ON sunbird.address (userId); +CREATE INDEX inx_add_addType ON sunbird.address (addType); + +CREATE TABLE IF NOT EXISTS sunbird.user_education(id text, userId text, courseName text,duration int,yearOfPassing int,percentage double,grade text,name text,boardOrUniversity text,addressId text,createdDate text,createdBy text,updatedDate text,updatedBy text, PRIMARY KEY (id)); +CREATE INDEX inx_ueu_userid ON sunbird.user_education (userId); + +CREATE TABLE IF NOT EXISTS sunbird.user_job_profile(id text, userId text, jobName text,role text,joiningDate text,endDate text,orgName text,orgId text,subject list,addressId text,boardName text,isVerified boolean,isRejected boolean,verifiedDate text,verifiedBy text,createdDate text,createdBy text,updatedDate text,updatedBy text, PRIMARY KEY (id)); +CREATE INDEX inx_ujp_userid ON sunbird.user_job_profile (userId); + +CREATE TABLE IF NOT EXISTS sunbird.user_org(id text, userId text, role text,orgId text,orgJoinDate text,orgLeftDate text,isApproved boolean, +isRejected boolean,approvedBy text,approvalDate text,updatedDate text,updatedBy text, PRIMARY KEY (id)); +CREATE INDEX inx_uorg_userid ON sunbird.user_org(userId); +CREATE INDEX inx_uorg_orgId ON sunbird.user_org(orgId); + +CREATE TABLE IF NOT EXISTS sunbird.subject(id text, name text, PRIMARY KEY (id)); +CREATE INDEX inx_sb_name ON sunbird.subject(name); + + +ALTER TABLE sunbird.organisation ADD imgUrl text; +ALTER TABLE sunbird.organisation ADD thumbnail text; +ALTER TABLE sunbird.organisation ADD channel text; +ALTER TABLE sunbird.organisation ADD preferredLanguage text; +ALTER TABLE sunbird.organisation ADD homeUrl text; +ALTER TABLE sunbird.organisation ADD isRootOrg boolean; +ALTER TABLE sunbird.organisation ADD addId text; +ALTER TABLE sunbird.organisation ADD noOfmembers int; +ALTER TABLE sunbird.organisation ADD isApproved boolean; +ALTER TABLE sunbird.organisation ADD approvedBy text; +ALTER TABLE sunbird.organisation ADD approvedDate text; + + +CREATE INDEX inx_org_channel ON sunbird.organisation(channel); +CREATE INDEX inx_org_orgType ON sunbird.organisation(orgType); +CREATE INDEX inx_org_orgCode ON sunbird.organisation(orgCode); + +CREATE TABLE IF NOT EXISTS sunbird.org_type(id text, name text, PRIMARY KEY (id)); +CREATE INDEX inx_ot_name ON sunbird.org_type(name); + +CREATE TABLE IF NOT EXISTS sunbird.org_mapping(id text, orgIdOne text,relation text,orgIdTwo text, PRIMARY KEY (id)); +CREATE INDEX inx_om_orgIdOne ON sunbird.org_mapping(orgIdOne); +CREATE INDEX inx_om_orgIdTwo ON sunbird.org_mapping(orgIdTwo); + +ALTER TABLE sunbird.user ADD rootOrgId text; +ALTER TABLE sunbird.address ADD addressLine1 text; +ALTER TABLE sunbird.address ADD addressLine2 text; +ALTER TABLE sunbird.user_education ADD degree text; + +CREATE TABLE IF NOT EXISTS sunbird.master_action(id text, name text, PRIMARY KEY (id)); +CREATE INDEX inx_ma_name ON sunbird.master_action(name); + +CREATE TABLE IF NOT EXISTS sunbird.action_group(id text, actionId list,groupName text, PRIMARY KEY (id)); +CREATE INDEX inx_uacg_groupName ON sunbird.action_group(groupName); + +CREATE TABLE IF NOT EXISTS sunbird.user_action_role(id text, actionGroupId list,roleId text, PRIMARY KEY (id)); +CREATE INDEX inx_uactr_roleId ON sunbird.user_action_role(roleId); + + +insert into sunbird.action_group(id,actionId,groupName) values ('ag_12',['1','2'],'SYSTEM_ADMINISTRATION'); +insert into sunbird.action_group(id,actionId,groupName) values ('ag_13',['3','4','7','8','5'],'ORG_MANAGEMENT'); +insert into sunbird.action_group(id,actionId,groupName) values ('ag_14',['6','9','10'],'MEMBERSHIP_MANAGEMENT'); + +insert into sunbird.action_group(id,actionId,groupName) values ('ag_15',['11','12','13','14'],'CONTENT_CREATION'); +insert into sunbird.action_group(id,actionId,groupName) values ('ag_16',['15','16'],'CONTENT_REVIEW'); +insert into sunbird.action_group(id,actionId,groupName) values ('ag_17',['17','18','10'],'CONTENT_CURATION'); +insert into sunbird.action_group(id,actionId,groupName) values ('ag_17',['19','20','21','22','23','24','25','26'],'PUBLIC'); + +ALTER TABLE sunbird.user ADD loginId text; +ALTER TABLE sunbird.user ADD provider text; +ALTER TABLE sunbird.user_external_identity ADD idType text; + +insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_1',['ag_17'],'r_107'); +insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_2',['ag_13'],'r_102'); +insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_14'],'r_103'); + insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_15'],'r_104'); + insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_16'],'r_105'); + insert into sunbird.user_action_role(id,actiongroupid,roleid) values ('uar_3',['ag_12'],'r_101'); + +ALTER TABLE sunbird.organisation DROP addId; +ALTER TABLE sunbird.organisation ADD addressId text; +ALTER TABLE sunbird.user ADD roles List; + + + CREATE TABLE IF NOT EXISTS sunbird.role_group(id text, name text, PRIMARY KEY (id)); + insert into sunbird.role_group (id,name) values ('SYSTEM_ADMINISTRATION','System Administration'); + insert into sunbird.role_group (id,name) values ('ORG_MANAGEMENT','Org Management'); + insert into sunbird.role_group (id,name) values ('MEMBERSHIP_MANAGEMENT','Membership Management'); + insert into sunbird.role_group (id,name) values ('CONTENT_CREATION','Content Creation'); + insert into sunbird.role_group (id,name) values ('CONTENT_CURATION','Content Curation'); + insert into sunbird.role_group (id,name) values ('CONTENT_REVIEW','Content Review'); + +CREATE TABLE IF NOT EXISTS sunbird.role(id text, name text,roleGroupId List,status int, PRIMARY KEY (id)); +CREATE INDEX inx_ro_master_name ON sunbird.role(name); + insert into sunbird.role (id,name,rolegroupid,status) values ('ADMIN','Admin',['SYSTEM_ADMINISTRATION','ORG_MANAGEMENT'],1); + insert into sunbird.role (id,name,rolegroupid,status) values ('ORG_ADMIN','Org Admin',['ORG_MANAGEMENT','MEMBERSHIP_MANAGEMENT'],1); + insert into sunbird.role (id,name,rolegroupid,status) values ('ORG_MODERATOR','Org Moderator',['MEMBERSHIP_MANAGEMENT'],1); + insert into sunbird.role (id,name,rolegroupid,status) values ('CONTENT_CREATOR','Content Creator',['CONTENT_CREATION'],1); + insert into sunbird.role (id,name,rolegroupid,status) values ('CONTENT_REVIEWER','Content Reviewer',['CONTENT_CREATION','CONTENT_CURATION','CONTENT_REVIEW'],1); + + CREATE TABLE IF NOT EXISTS sunbird.url_action(id text, url list,name text, PRIMARY KEY (id)); + CREATE INDEX inx_ua_name ON sunbird.url_action(name); +CREATE INDEX inx_ua_url ON sunbird.url_action(url); + +insert into sunbird.url_action (id,name) values ('suspendOrg','suspendOrg'); + insert into sunbird.url_action (id,name) values ('suspendUser','suspendUser'); + insert into sunbird.url_action (id,name) values ('createOrg','createOrg'); + insert into sunbird.url_action (id,name) values ('updateOrg','updateOrg'); + insert into sunbird.url_action (id,name) values ('removeOrg','removeOrg'); + insert into sunbird.url_action (id,name) values ('createUser','createUser'); + insert into sunbird.url_action (id,name) values ('updateUser','updateUser'); + insert into sunbird.url_action (id,name) values ('ORG_MANAGEMENT','Org Management'); + insert into sunbird.url_action (id,name) values ('createOrg','createOrg'); + insert into sunbird.url_action (id,name) values ('addMember','addMember'); + insert into sunbird.url_action (id,name) values ('removeMember','removeMember'); + insert into sunbird.url_action (id,name) values ('suspendMember','suspendMember'); + insert into sunbird.url_action (id,name) values ('createCourse','createCourse'); + insert into sunbird.url_action (id,name) values ('updateCourse','updateCourse'); + insert into sunbird.url_action (id,name) values ('createContent','createContent'); + insert into sunbird.url_action (id,name) values ('updateContent','updateContent'); + insert into sunbird.url_action (id,name) values ('flagCourse','flagCourse'); + insert into sunbird.url_action (id,name) values ('flagContent','flagContent'); + insert into sunbird.url_action (id,name) values ('publishCourse','publishCourse'); + insert into sunbird.url_action (id,name) values ('publishContent','publishContent'); + ALTER table sunbird.role_group add url_action_ids list; + + update sunbird.role_group set url_action_ids=['addMember','removeMember','suspendMember'] where id='MEMBERSHIP_MANAGEMENT'; + update sunbird.role_group set url_action_ids=['createCourse','updateCourse','createContent','updateContent'] where id='CONTENT_CREATION'; + update sunbird.role_group set url_action_ids=['suspendOrg','suspendUser'] where id='SYSTEM_ADMINISTRATION'; + update sunbird.role_group set url_action_ids=['publishCourse','publishContent'] where id='CONTENT_REVIEW'; + update sunbird.role_group set url_action_ids=['createOrg','updateOrg','removeOrg','createUser','updateUser'] where id='ORG_MANAGEMENT'; + update sunbird.role_group set url_action_ids=['flagCourse','flagContent'] where id='CONTENT_CURATION'; + + update sunbird.url_action set url=['/v1/course/publish'] where id='publishContent'; +update sunbird.url_action set url=['/v1/user/create'] where id='addMember'; + update sunbird.url_action set url=['v1/course/create'] where id='createCourse'; +update sunbird.url_action set url=['/v1/user/create'] where id='createUser'; + update sunbird.url_action set url=['/v1/course/publish'] where id='publishCourse'; +update sunbird.url_action set url=['/v1/organisation/update'] where id='updateOrg'; + +drop index inx_uorg_orgid; +ALTER TABLE sunbird.user_org DROP orgid; +ALTER TABLE sunbird.user_org ADD organisationid text; +ALTER TABLE sunbird.user_org ADD addedby text; +ALTER TABLE sunbird.user_org ADD addedbyname text; +CREATE INDEX inx_uorg_orgid ON sunbird.user_org (organisationid); + + +/* +creation of id= one way hash of (userId##courseId##batchId) here courseId is identifier of EkStep course +toc url is generated from ekStep +here status is (default(0),inProgress(1),completed(2)) +progress is no of content completed +*/ +CREATE TABLE IF NOT EXISTS sunbird.user_courses(id text, courseId text, courseName text, userId text, batchId text, enrolledDate text, +description text,tocUrl text,status int,active boolean,delta text,grade text,progress int,lastReadContentId text, +lastReadContentStatus int,addedBy text,courseLogoUrl text, dateTime timestamp, contentId text, PRIMARY KEY (id)); + +CREATE INDEX inx_ucs_userId ON sunbird.user_courses (userId); +CREATE INDEX inx_ucs_courseId ON sunbird.user_courses (courseId); +CREATE INDEX inx_ucs_batchId ON sunbird.user_courses (batchId); +CREATE INDEX inx_ucs_course_name ON sunbird.user_courses (courseName); +CREATE INDEX inx_ucs_status ON sunbird.user_courses (status); + +DROP INDEX IF EXISTS inx_uei_source; +ALTER TABLE sunbird.user_external_identity DROP source; +ALTER TABLE sunbird.user_external_identity ADD provider text; +ALTER TABLE sunbird.user_external_identity ADD externalIdValue text; +CREATE INDEX inx_uei_provider ON sunbird.user_external_identity (provider); + +//changes 7 July 2017 updated organization table +ALTER TABLE sunbird.organisation ADD rootOrgID text; +ALTER TABLE sunbird.org_mapping ADD rootOrgID text; +CREATE TABLE IF NOT EXISTS sunbird.org_type(id text, name text, PRIMARY KEY (id)); +DROP INDEX sunbird.inx_org_status; +ALTER TABLE sunbird.organisation DROP status ; +ALTER TABLE sunbird.organisation ADD status text; + +CREATE INDEX inx_org_status ON sunbird.organisation (status); + +CREATE INDEX inx_u_loginId ON sunbird.user(loginId); + +ALTER TABLE sunbird.user_job_profile ADD isCurrentJob boolean; +ALTER TABLE sunbird.content_consumption ADD progress int; +ALTER TABLE sunbird.content_consumption DROP viewPosition; + +//changes on 12th july 2017 +ALTER TABLE sunbird.user_job_profile ADD isDeleted boolean; +ALTER TABLE sunbird.user_education ADD isDeleted boolean; +ALTER TABLE sunbird.address ADD isDeleted boolean; +ALTER TABLE sunbird.user_org ADD isDeleted boolean; +ALTER TABLE sunbird.user ADD profileSummary text; + +ALTER TABLE sunbird.organisation ADD source text; +ALTER TABLE sunbird.organisation ADD externalId text; + +ALTER TABLE sunbird.user_org drop role; +ALTER TABLE sunbird.user_org ADD roles list; + +//to export data from csv to cassandra table run below command(for page_section and page_management table) +// change the path of csv file +//COPY sunbird.page_management(id, appmap,createdby ,createddate ,name ,organisationid ,portalmap ,updatedby ,updateddate ) FROM '/tmp/cql/pageMgmt.csv'; + +//COPY sunbird.page_section(id, alt,createdby ,createddate ,description ,display ,imgurl ,name,searchquery , sectiondatatype ,status , updatedby ,updateddate) FROM '/tmp/cql/pageSection.csv'; + +// insert default root organisation -- July 15,2017 +ALTER TABLE sunbird.organisation ADD isDefault boolean; + +ALTER TABLE sunbird.user_courses ADD leafNodesCount int; +// change organisation status field from text to int -- July 19,2017 +drop index inx_org_status; +ALTER TABLE sunbird.organisation DROP status ; +ALTER TABLE sunbird.organisation ADD status int; +CREATE INDEX inx_org_status ON sunbird.organisation (status); +INSERT INTO sunbird.organisation(id , isRootOrg , isDefault, status) values('ORG_001' , true , true, 1); + +// add isdeleted field to user table -- July 31,2017 +ALTER TABLE sunbird.user ADD isDeleted boolean; + +//added for course batch +CREATE TABLE IF NOT EXISTS sunbird.course_batch(id text, courseId text,courseCreator text,createdBy text,createdOn text,enrollmentType text,startDate text,endDate text,name text,description text,status int,lastUpdatedOn text,mentors List,participants List,createdFor List,PRIMARY KEY (id)); +CREATE INDEX inx_cou_bat_status ON sunbird.course_batch (status); +CREATE INDEX inx_cou_bat_courseId ON sunbird.course_batch (courseId); +CREATE INDEX inx_cou_bat_courseCreator ON sunbird.course_batch (courseCreator); +CREATE INDEX inx_cou_bat_createdBy ON sunbird.course_batch (createdBy); +CREATE INDEX inx_cou_bat_enrolmentType ON sunbird.course_batch (enrollmentType); +ALTER TABLE sunbird.course_batch DROP createdon; +ALTER TABLE sunbird.course_batch ADD createdDate text; +ALTER TABLE sunbird.course_batch DROP lastupdatedon; +ALTER TABLE sunbird.course_batch ADD updatedDate text; + +ALTER TABLE sunbird.organisation add provider text; +ALTER TABLE sunbird.organisation DROP source; +//Id is courseId +CREATE TABLE IF NOT EXISTS sunbird.course_publish_status(id text,submitDate text,status int,PRIMARY KEY (id)); + +// convert data type of participants from List to map -- Aug 7,2017 +ALTER TABLE sunbird.course_batch DROP participants; +ALTER TABLE sunbird.course_batch ADD participant map; + +ALTER TABLE sunbird.course_batch ADD courseAdditionalInfo map; + +// adding the batchId column to content consumption table -- Aug 8,2017 +ALTER TABLE sunbird.content_consumption ADD batchId text; + +CREATE TABLE IF NOT EXISTS sunbird.bulk_upload_process(id text, status int,data text,successResult text,failureResult text,uploadedBy text,uploadedDate text,processStartTime text,processEndTime text,ObjectType text,organisationId text, PRIMARY KEY (id)); +CREATE INDEX inx_status ON sunbird.bulk_upload_process(status); +insert into sunbird.role_group (id,name) values ('COURSE_MENTOR','Course Mentor'); +update sunbird.role_group set url_action_ids=['courseMentor'] where id='COURSE_MENTOR'; + +ALTER TABLE sunbird.course_batch ADD countIncrementStatus boolean; +ALTER TABLE sunbird.course_batch ADD countIncrementDate text; +ALTER TABLE sunbird.course_batch ADD countDecrementStatus boolean; +ALTER TABLE sunbird.course_batch ADD countDecrementDate text; + +CREATE INDEX inx_org_provider ON sunbird.organisation (provider); +CREATE INDEX inx_org_externalId ON sunbird.organisation (externalId); + +insert into sunbird.url_action (id,name) values ('orgupload','orgupload'); +update sunbird.role_group set url_action_ids=['suspendOrg','suspendUser','orgupload'] where id='SYSTEM_ADMINISTRATION'; +update sunbird.url_action set url=['/v1/org/suspend'] where id='suspendOrg'; +update sunbird.url_action set url=['/v1/user/block'] where id='suspendUser'; +update sunbird.url_action set url=['/v1/org/upload'] where id='orgupload'; +insert into sunbird.role (id,name,rolegroupid,status) values ('COURSE_MENTOR','Course Mentor',['COURSE_MENTOR'],1); + +// changes on Aug 16,2017 +ALTER TABLE sunbird.organisation ADD slug text; +ALTER TABLE sunbird.organisation ADD hashTagId text; +ALTER TABLE sunbird.organisation ADD theme text; +ALTER TABLE sunbird.user_org ADD position text; +ALTER TABLE sunbird.course_batch ADD hashTagId text; +CREATE INDEX inx_cps_status ON sunbird.course_publish_status (status); +ALTER TABLE sunbird.user ADD location text; +ALTER TABLE sunbird.organisation ADD contactDetails map; +insert into sunbird.role_group (id,name) values ('FLAG_REVIEWER ','Flag Reviewer'); +insert into sunbird.url_action (id,name) values ('FLAG_REVIEWER','flag Review'); +insert into sunbird.role (id,name,rolegroupid,status) values ('FLAG_REVIEWER','Flag Reviewer',['FLAG_REVIEWER'],1); +update sunbird.role_group set url_action_ids=['flagReview'] where id='FLAG_REVIEWER'; +ALTER TABLE sunbird.organisation DROP contactdetails; +ALTER TABLE sunbird.organisation ADD contactdetail text; + +//update course_batch set countdecrementstatus=false ,countincrementstatus=false where id in ('01231295903433523233', '01231300152093900880', '01231362610791219226', '012311485318971392184', '012311507396763648187', '01231446621414195215', '012311399697334272167', '012310182931898368117', '01231437156529766411', '0123143731552501769', '012315729890295808125', '01231515693522124824', '012315105801404416176', '012315113121030144181', '0123156336446914560', '0123152537517178880', '012311452395159552176', '012310182079651840116', '01231365904918118428', '012315115229880320201', '01231297804052070441', '01231295967369625632', '01231437649992908813', '01231298538289561658', '01231290682958643227', '012310176900218880115', '012311394333097984166', '012311400451145728168', '01231513667683942421', '012315115088601088183', '0123153123053158404', '01231363201368064027', '01231290412171264026', '0123151248760258560', '01231514986607411223', '012311580166266880203', '01231217800957952058', '01231304911540224098', '0123152769465384961', '012310190924496896119', '01231569596413542494', '01231299360593510461', '01231437480674099212', '012310195742662656126', '012311489586135040185', '01231298390404300857', '012311415973486592169', '01231298670022656060', '01231569429976678493', '01231294824787148831', '012310173385113600114', '01231385960518451255', '012315785629794304137', '01231296418316288037', '012310193544601600118', '012311447751262208177', '012311507213688832188', '01231437595463680010', '0123156778024960005', '012311505273479168186', '01231300602153369682', '01231298422152396859', '0123152820520222722', '012311511755972608189', '012315179912159232103', '012315751464787968136', '012315736241045504130', '01231288911727001615', '01231514371529113622', '01231366031184691229', '01231383864920473645', '012315107363119104182', '012311574182944768202', '01231516784369664088', '01231443633637785614', '01231300661683814481' ); +insert into sunbird.role_group (id,name) values ('COURSE_ADMIN','Course Admin'); +update sunbird.role_group set url_action_ids=['courseAdmin'] where id='COURSE_ADMIN'; +insert into sunbird.role (id,name,rolegroupid,status) values ('COURSE_ADMIN','Course Admin',['COURSE_ADMIN'],1); +insert into sunbird.role_group (id,name) values ('COURSE_CREATOR','Course Creator'); +update sunbird.role_group set url_action_ids=['courseCreator'] where id='COURSE_CREATOR'; +insert into sunbird.role (id,name,rolegroupid,status) values ('COURSE_CREATOR','Course Creator',['COURSE_CREATOR'],1); +update sunbird.role_group set name='Flag Reviewer' where id='FLAG_REVIEWER'; +//changes on Aug 29,2017 +CREATE TABLE IF NOT EXISTS sunbird.badge(id text, name text, description text, isActive boolean, PRIMARY KEY (id)); +CREATE TABLE IF NOT EXISTS sunbird.user_badge(id text, createdDate text, createdBy text, updatedDate text,updatedBy text,badgeTypeId text,receivedDate text,receiverId text,providerId text,providerName text,providerEmail text,providerPhone text,description text,validityDate int,expiryDate text,image text,isVerified boolean,isExpired boolean,isRevoked boolean,revocationReason text,revocationDate text,revokedBy text,verifiedBy text,verifiedDate text ,PRIMARY KEY (id)); + CREATE INDEX inx_usr_badg ON sunbird.user_badge (badgeTypeId); + insert into sunbird.badge (id,name,description,isactive) values ('0123206539020943360','President''s Gold Medal','Gold medal provided by President',true); + CREATE INDEX inx_usr_badg_receiverid ON sunbird.user_badge (receiverid); +CREATE INDEX inx_uei_externalIdValue ON sunbird.user_external_identity (externalIdValue); + +//adding for report tracking +CREATE TABLE IF NOT EXISTS sunbird.report_tracking(id text, status int,type text,createdDate text,userId text,uploadedDate text,email text,fileUrl text,emailTryCount int, PRIMARY KEY (id)); +CREATE INDEX inx_report_tracking_status ON sunbird.report_tracking(status); +CREATE INDEX inx_report_tracking_userId ON sunbird.report_tracking(userId); +ALTER TABLE sunbird.report_tracking ADD firstName text; +ALTER TABLE sunbird.report_tracking ADD batchId text; +ALTER TABLE sunbird.report_tracking ADD period text; +ALTER TABLE sunbird.report_tracking ADD data text; +insert into sunbird.role_group (id,name) values ('PUBLIC','Public'); +update sunbird.role_group set url_action_ids=['public'] where id='PUBLIC'; +insert into sunbird.role (id,name,rolegroupid,status) values ('PUBLIC','Public',['PUBLIC'],1); +ALTER TABLE sunbird.report_tracking ADD tryCount int; +ALTER TABLE sunbird.report_tracking DROP emailTryCount; +ALTER TABLE sunbird.report_tracking ADD updatedDate text; + +//Changes on Aug 31st 2017 +ALTER TABLE sunbird.report_tracking DROP batchId; +ALTER TABLE sunbird.report_tracking ADD resourceId text; + +// adding fileFormat for dashboard metrics report tracking -- Sep 1,2017 +ALTER TABLE sunbird.report_tracking ADD format text; + +ALTER TABLE sunbird.user DROP aadhaarno; +update organisation set channel='ROOT_ORG' where id='ORG_001'; + +// Sept 18th 2017 +ALTER TABLE sunbird.org_type ADD createdDate text; +ALTER TABLE sunbird.org_type ADD createdBy text; +ALTER TABLE sunbird.org_type ADD updatedDate text; +ALTER TABLE sunbird.org_type ADD updatedBy text; +//Adding table user_notes --Sep 13th 2017 +CREATE TABLE IF NOT EXISTS sunbird.user_notes(id text, userId text, courseId text, +contentId text, title text, note text, tags list, createdDate text, createdBy text, +updatedDate text, updatedBy text, isDeleted boolean, PRIMARY KEY (id)); +CREATE INDEX inx_un_userId ON sunbird.user_notes(userId); +CREATE INDEX inx_un_courseId ON sunbird.user_notes(courseId); +CREATE INDEX inx_un_contentId ON sunbird.user_notes(contentId); +ALTER TABLE sunbird.user ADD createdBy text; + +//Adding changes related to social media in user table +ALTER TABLE sunbird.user ADD webpages list>>; +CREATE TABLE IF NOT EXISTS sunbird.media_type(id text, name text, PRIMARY KEY (id)); + +insert into media_type(id,name) values('fb', 'facebook'); +insert into media_type(id,name) values('twitter','twitter'); +insert into media_type(id,name) values('in','linkedin'); +insert into media_type(id,name) values('blog','blog'); +//Oct 12th +ALTER TABLE sunbird.user ADD tempPassword text; +ALTER TABLE sunbird.user ADD currentLoginTime text; +//Oct 18th +UPDATE sunbird.media_type SET name = 'Facebook' where id = 'fb'; +UPDATE sunbird.media_type SET name = 'Twitter' where id = 'twitter'; +UPDATE sunbird.media_type SET name = 'LinkedIn' where id = 'in'; +UPDATE sunbird.media_type SET name = 'Blog' where id = 'blog'; + +ALTER TABLE sunbird.bulk_upload_process ADD retryCount int; + +// userSkill table to store the user skills - Oct 18, 2017 --- +/* +creation of id = one way hash of (userId##skillnametolowercase) +*/ +CREATE TABLE IF NOT EXISTS sunbird.user_skills(id text, userId text, skillname text,skillnametolowercase text, addedby text, addedat text, endorsementcount int ,endorsers Map, PRIMARY KEY (id)); +CREATE INDEX inx_us_userId ON sunbird.user_skills(userId); + +// skills table - Oct 18, 2017 --- +/* +creation of id = one way hash of (userId##skillnametolowercase) +*/ +CREATE TABLE IF NOT EXISTS sunbird.skills(id text,skills list, PRIMARY KEY (id)); + +//25th Oct +ALTER TABLE sunbird.organisation ADD orgTypeId text; + +//Announcement apis -27th Oct +CREATE KEYSPACE IF NOT EXISTS sunbirdplugin WITH replication = {'class':'SimpleStrategy','replication_factor':1}; +//CREATE TYPE IF NOT EXISTS sunbirdplugin.attachment (id text,filename text,mimetype text); +CREATE TABLE sunbirdplugin.announcement (id text,userid text,sourceid text,details map,links list,attachments list,target text,sentcount int,priority text,expiry text,status text,createddate text,updateddate text, PRIMARY KEY (id)); +CREATE TABLE sunbirdplugin.attachment (id text,file text,filename text,mimetype text,createdby text,status text,createddate text, PRIMARY KEY (id)); +CREATE TABLE sunbirdplugin.metrics (id text,userid text,announcementid text,activity text,channel text,createddate text, PRIMARY KEY (id)); +CREATE TABLE sunbirdplugin.announcementtype (id text,rootorgid text,name text,status text,createddate text, PRIMARY KEY (id)); +CREATE TABLE sunbirdplugin.announcementauth (id text,userid text,rootorgid text,permissions map,status text,createddate text, PRIMARY KEY (id)); + +insert into sunbird.role_group (id,name) values ('ANNOUNCEMENT_SENDER','Announcement Sender'); +update sunbird.role_group set url_action_ids=['Announcement Sender'] where id='ANNOUNCEMENT_SENDER'; +insert into sunbird.role (id,name,rolegroupid,status) values ('ANNOUNCEMENT_SENDER','Announcement Sender',['ANNOUNCEMENT_SENDER'],1); + +//mongodb import , env var is taken from group_vars +//COPY sunbird.user_notes(id, userid,courseid,contentid,title,note,tags,createddate,updateddate,isdeleted) FROM '/tmp/notes-{{env}}.csv'; +//2nd Nov +CREATE TABLE IF NOT EXISTS sunbird.tenant_preference(id text,tenantName text,orgId text,role text, data text, PRIMARY KEY (id)); +CREATE INDEX inx_tp_userId ON sunbird.tenant_preference(orgId); +ALTER TABLE sunbird.user ADD tcstatus text; +//CLIENT_INFO table for master key +CREATE TABLE IF NOT EXISTS sunbird.client_info(id text, clientname text, masterkey text, createddate text, updateddate text, PRIMARY KEY (id)); +CREATE INDEX inx_ci_clientname ON sunbird.client_info(clientname); +// Geo Location - Oct 31,2017 + +ALTER TABLE sunbird.user ADD tcupdateddate text; + +CREATE TABLE IF NOT EXISTS sunbird.geo_location(id text,locationName text,rootOrgId text,type text, createdDate text,createdBy text,updatedDate text,updatedBy text,topicName text,topicId text, PRIMARY KEY (id)); +CREATE INDEX inx_gl_rootOrgId ON sunbird.geo_location(rootOrgId); +ALTER TABLE sunbird.geo_location DROP topicId ; +ALTER TABLE sunbird.geo_location DROP topicName ; +ALTER TABLE sunbird.geo_location ADD topic text; +ALTER TABLE sunbird.geo_location DROP locationName ; +ALTER TABLE sunbird.geo_location ADD location text; +// 3rd Nov 2017 +ALTER TABLE sunbird.organisation ADD locationId text; + +ALTER TABLE sunbird.user ADD profileVisibility map; + +// 9th Nov 2017 +ALTER TABLE sunbirdplugin.announcement DROP target ; +ALTER TABLE sunbirdplugin.announcement ADD target map>>>>; +//adding default one Skills. +insert into skills (id,skills) values ('001',['java']); +ALTER TABLE sunbird.user_skills drop endorsers; +ALTER TABLE sunbird.user_skills ADD endorsersList frozen>>; +// 16th Nov 2017 +ALTER TABLE sunbird.user ADD emailVerified boolean; + +// 23rd Nov 2017 +ALTER TABLE sunbird.user ADD countryCode text; +CREATE TABLE IF NOT EXISTS sunbird.system_settings (id text ,field text ,value text ,PRIMARY KEY (id)); + +// Dec 5th 2017 + +ALTER TABLE sunbird.geo_location ADD userCount int; + +insert into sunbird.system_settings (id,field,value) values ('phoneUnique','phoneUnique','false'); +insert into sunbird.system_settings (id,field,value) values ('emailUnique','emailUnique','false'); +// Dec 6th 2017 +ALTER TABLE sunbird.geo_location ADD userCountTTL text; +// adding new column in client-info to save the channel +ALTER TABLE sunbird.client_info ADD channel text; +CREATE INDEX inx_ci_clientchannel ON sunbird.client_info(channel); \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/files/content_service.cql b/ansible/roles/cassandra-cql-update/files/content_service.cql new file mode 100644 index 0000000000..bf7bf42317 --- /dev/null +++ b/ansible/roles/cassandra-cql-update/files/content_service.cql @@ -0,0 +1,9 @@ +CREATE KEYSPACE portal +WITH replication = {'class':'SimpleStrategy', 'replication_factor' : 1}; +USE portal; +CREATE TABLE IF NOT EXISTS sessions ( + sid text, + session text, + expires timestamp, + PRIMARY KEY(sid) +); \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/files/notes-dev.csv b/ansible/roles/cassandra-cql-update/files/notes-dev.csv new file mode 100644 index 0000000000..b393b6684b --- /dev/null +++ b/ansible/roles/cassandra-cql-update/files/notes-dev.csv @@ -0,0 +1,157 @@ +_id,userId,courseId,contentId,title,note,tags,createdOn,updatedOn,isDeleted +596498de7d86310001a25a0b,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-11T09:22:38.568Z,,FALSE +5964a4ef7d86310001a25a0c,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-11T10:14:07.765Z,,FALSE +59688176f1d958000115b9db,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-14T08:31:50.145Z,,FALSE +596e5a1645fdfd0001acbce6,995c35d3-e56b-4607-9211-e2096c9d8304,do_212282810256941056178,,My New Note,"The sunbirds and spiderhunters make up a family, Nectariniidae, of passerine birds. They are small, slender passerines from the Old World, usually with downward-curved bills. Many are brightly coloured, often with iridescent feathers, particularly in the males. Many species also have especially long tail feathers. Their range extends through most of Africa to the Middle East, South Asia, South-east Asia and southern China, to Indonesia, New Guinea and northern Australia. Species diversity is highest in equatorial regions. + +There are 132 species in 15 genera. Most sunbirds feed largely on nectar, but will also eat insects and spiders, especially when feeding their young. Flowers that prevent access to their nectar because of their shape (for example, very long and narrow flowers are simply punctured at the base near the nectaries, from which the birds sip the nectar. Fruit is also part of the diet of some species. Their flight is fast and direct, thanks to their short wings. + +The sunbirds have counterparts in two very distantly related groups: the hummingbirds of the Americas and the honeyeaters of Australia. The resemblances are due to convergent evolution brought about by a similar nectar-feeding lifestyle.[1] Some sunbird species can take nectar by hovering like a hummingbird, but they usually perch to feed.",[],2017-07-18T18:57:26.440Z,,FALSE +5976d385c63dfb0001b5677e,8964a7ab-4712-464c-8b19-cb87221cfcfa,,do_212196910336131072127,fdsf,fdsff,[],2017-07-25T05:13:41.222Z,,FALSE +5976d39ad4982000012dc47a,8964a7ab-4712-464c-8b19-cb87221cfcfa,,do_212196910336131072127,fdsfs,fdsfsf,[],2017-07-25T05:14:02.180Z,,FALSE +5976f025eaf481000173124d,50ba4694-931e-4a04-87a5-5b81211d7773,,do_212292629199077376116,fdsfdsfsf,fdsf,[],2017-07-25T07:15:49.926Z,,FALSE +597882d0780e410001491290,8c44ad33-34dd-4291-a1b2-1061cc4d75c4,do_2122951809560002561251,do_2122951778195865601246,jkjkjkjkj`klk,klklk,[],2017-07-26T11:53:52.058Z,,FALSE +597882e4eaf481000173124e,8c44ad33-34dd-4291-a1b2-1061cc4d75c4,do_2122951809560002561251,,"m,m,m","mm,m",[],2017-07-26T11:54:12.870Z,,FALSE +5978851eeaf481000173124f,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20052842,Hi,got full marks,[],2017-07-26T12:03:42.712Z,,FALSE +597885f8eaf4810001731250,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212296625948319744173,,Course content,course content is not there,[],2017-07-26T12:07:20.596Z,,FALSE +59796e61afffc9000158e236,74e6f8d6-026c-4031-af7d-48ed20622fa1,do_212296625948319744173,,jlk,jknkjjk,[],2017-07-27T04:38:57.703Z,,FALSE +5979953aafffc9000158e238,107240bc-918c-4e42-9545-4f8d596ee24e,,do_20052842,Test,Test,[],2017-07-27T07:24:42.269Z,,FALSE +597ee8546e3d9a0001592e6d,944d23ab-46ba-45f7-ac9a-0e332fc8dce5,,do_2122161647443476481281,Test,**Test**,[],2017-07-31T08:20:36.235Z,,FALSE +597ee899642d550001376053,944d23ab-46ba-45f7-ac9a-0e332fc8dce5,,do_2122161647443476481281,test 2,test2,[],2017-07-31T08:21:45.748Z,,FALSE +59817b596e3d9a0001592e6e,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,lkaskldjasalksdj,askd;laskd;lsa,[],2017-08-02T07:12:25.200Z,,FALSE +59817b64642d550001376054,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,kkasldkas,klaskdl;aks;das,[],2017-08-02T07:12:36.109Z,,FALSE +598196d0642d550001376055,107240bc-918c-4e42-9545-4f8d596ee24e,do_212296625948319744173,,erewr,wrwerwer,[],2017-08-02T09:09:36.420Z,,FALSE +59821f366e3d9a0001592e6f,f7e98666-8d10-447f-821b-1431682e626f,do_2122951809560002561251,,I WANT KNOW MORE INFORMATION,I WANT KNOW MORE INFORMATION,[],2017-08-02T18:51:34.347Z,,FALSE +59821fa6642d550001376056,f7e98666-8d10-447f-821b-1431682e626f,do_2122951853379502081260,,I AM HAPPY,I AM HAPPY****,[],2017-08-02T18:53:26.987Z,,FALSE +59836517c13e0300019972e3,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,do_2122951778195865601246,Note Title,Note description updated,[],2017-08-03T18:01:59.855Z,,FALSE +59840b2c9c4b6d0001dd6bce,89cf1a7e-dfd3-46c9-a428-d37e9a2bc001,do_212296625948319744173,,Test,a das das dasda sad asd as das da,[],2017-08-04T05:50:36.808Z,,FALSE +598421a39c4b6d0001dd6bcf,89cf1a7e-dfd3-46c9-a428-d37e9a2bc001,do_212296625948319744173,,Test 2,as dasd asd asd asd asd asd asd as,[],2017-08-04T07:26:27.148Z,,FALSE +598817499c4b6d0001dd6bd0,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,lksd;f,lsdlskjdf,[],2017-08-07T07:31:21.656Z,,FALSE +59881755c13e0300019972e4,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,sdkl;fkds;l;l,lkasdlksaj,[],2017-08-07T07:31:33.283Z,,FALSE +598817f49c4b6d0001dd6bd1,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,,sfjlksd,sdjfds,[],2017-08-07T07:34:12.081Z,,FALSE +598c0366f016e20001c4b8ae,5681bb50-9058-4733-b47d-cb93981eb441,,do_30030419,test,testsss,[],2017-08-10T06:55:34.371Z,,FALSE +598c399e189c9700019188ea,064c0b3d-eb1c-4a12-aeeb-3f65bbb2a8d3,,do_20043627,Note updated,Description,[],2017-08-10T10:46:54.229Z,,FALSE +598dfeb3468165000107e7e1,cda6c36c-d77a-4a64-a564-9f9b0c655adc,do_212296706898190336145,,SS,d,[],2017-08-11T19:00:03.335Z,,FALSE +59956d3e6c7bfc0001a8e123,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123101488779837441168,,ssss,sss,[],2017-08-17T10:17:34.134Z,,FALSE +599578de6c7bfc0001a8e124,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_20043647,SCZC,scscsc,[],2017-08-17T11:07:10.981Z,,FALSE +5996ec0421a4e10001c040da,be325d93-600d-4cb2-b2c9-728717c31765,do_2123100228521082881103,do_20045289,sdfsdf,dsfsdf,[],2017-08-18T13:30:44.124Z,,FALSE +5996ec1821a4e10001c040db,be325d93-600d-4cb2-b2c9-728717c31765,do_2123100228521082881103,do_20045289,sdafsdf,afsfdfdsfasf,[],2017-08-18T13:31:04.605Z,,FALSE +5996f36bf7cd6600016c9496,be325d93-600d-4cb2-b2c9-728717c31765,,do_30013525,article4,bvb,[],2017-08-18T14:02:19.556Z,,FALSE +59984cf0a66fa00001a3df05,e886f4a8-890e-4e73-adc2-5afebad93c08,do_212282810437918720179,,note12,test desc,[],2017-08-19T14:36:32.084Z,,FALSE +599a64b4d2049300014fccde,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,Test,Note,[],2017-08-21T04:42:28.599Z,,FALSE +599a655ed2049300014fccdf,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,fsdfs,sdfsdfsdfsd,[],2017-08-21T04:45:18.189Z,,FALSE +599a65a1a66fa00001a3df06,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,wqwererw,werwerwerwe,[],2017-08-21T04:46:25.029Z,,FALSE +599a65ded2049300014fcce0,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,sdsdfssds,sdfsdfsdfs,[],2017-08-21T04:47:26.390Z,,FALSE +599a6664d2049300014fcce1,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,fsdfsdfewerwe,wrwerwer,[],2017-08-21T04:49:40.841Z,,FALSE +599a6677a66fa00001a3df07,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,aafasdf,sfsdfsd,[],2017-08-21T04:49:59.425Z,,FALSE +599a6d94d2049300014fcce2,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,LP_FT_6987122,tetest,Test,[],2017-08-21T05:20:20.274Z,,FALSE +599a7468d2049300014fcce3,e886f4a8-890e-4e73-adc2-5afebad93c08,do_212282810437918720179,,sdsdsd,zzczz,[],2017-08-21T05:49:28.102Z,,FALSE +599a8c1ea66fa00001a3df08,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_30013509,Test,Test,[],2017-08-21T07:30:38.673Z,,FALSE +599ae92ca66fa00001a3df09,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212282810555342848180,,XZX,ZXZX,[],2017-08-21T14:07:40.076Z,,FALSE +599aef8bd2049300014fcce4,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123138572751912961138,,CXAZx,zxzxz,[],2017-08-21T14:34:51.737Z,,FALSE +599afaa4a66fa00001a3df0a,064c0b3d-eb1c-4a12-aeeb-3f65bbb2a8d3,,LP_FT_6987122,test,vb,[],2017-08-21T15:22:12.854Z,,FALSE +599bd772a66fa00001a3df0c,be325d93-600d-4cb2-b2c9-728717c31765,do_2123157035537367041285,do_2123143396291133441148,Test note,Test note,[],2017-08-22T07:04:18.873Z,,FALSE +599bdbf3a66fa00001a3df0d,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123157276909076481290,,new note,new note info,[],2017-08-22T07:23:31.434Z,,FALSE +599bdf1aa66fa00001a3df0e,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123157276909076481290,LP_FT_6987122,jkjkj,jkjkj,[],2017-08-22T07:36:58.214Z,,FALSE +599bf331d2049300014fcce5,5862af1a-7741-46eb-bbf5-71358dcd3539,,do_30013509,Test,Hide,[],2017-08-22T09:02:41.330Z,,FALSE +599bf37ea66fa00001a3df0f,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Test,Test update,[],2017-08-22T09:03:58.333Z,,FALSE +599c528ad2049300014fcce6,be325d93-600d-4cb2-b2c9-728717c31765,do_212312962784133120110,,kjhjkll,jkhkh,[],2017-08-22T15:49:30.319Z,,FALSE +599c5295d2049300014fcce7,be325d93-600d-4cb2-b2c9-728717c31765,do_212312962784133120110,,kjhkjhjkh,jlkjkljkl,[],2017-08-22T15:49:41.943Z,,FALSE +599d4d01d2049300014fcce8,0b9e4ff4-390b-4f8e-b6d9-59767d07099a,do_2123157276909076481290,do_2123138285329448961126,qerfwef,sdfsdf,[],2017-08-23T09:38:09.646Z,,FALSE +599e538bd2049300014fcce9,7bdaec59-2cd6-4646-8cee-f3b485e3da99,do_212312303635816448169,,Sample Note to myself,this is a sample note to myself,[],2017-08-24T04:18:19.172Z,,FALSE +599e702ea66fa00001a3df10,fc2892a6-58b2-4bee-abe9-3ae224519640,do_2123157276909076481290,,jkjkj,kjkj,[],2017-08-24T06:20:30.528Z,,FALSE +599e7bb5d2049300014fccea,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_2123171371115560961478,xcvxzvcxz,xzcvzxvczxc,[],2017-08-24T07:09:41.907Z,,FALSE +599e96f6a66fa00001a3df11,d1924601-9ce1-4b6e-b3b1-1442a3d61ac4,,do_212295888406224896127,Test,Test,[],2017-08-24T09:05:58.556Z,,FALSE +599e9810a66fa00001a3df12,d1924601-9ce1-4b6e-b3b1-1442a3d61ac4,,do_212295888406224896127,New,New,[],2017-08-24T09:10:40.875Z,,FALSE +59a3b0340c950300016667c9,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-08-28T05:55:00.839Z,,FALSE +59a3b3580c950300016667ca,be325d93-600d-4cb2-b2c9-728717c31765,,do_2123101458899271681167,Test,Test,[],2017-08-28T06:08:24.891Z,,FALSE +59a3de490c950300016667cb,be325d93-600d-4cb2-b2c9-728717c31765,,do_212155118871101440166,This is test,This is test,[],2017-08-28T09:11:37.606Z,,FALSE +59a3de6a0c950300016667cc,be325d93-600d-4cb2-b2c9-728717c31765,,do_212155118871101440166,another,Another Note,[],2017-08-28T09:12:10.518Z,,FALSE +59a3e7ffbfebc300016e15a1,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123187253665792001586,Test,Test,[],2017-08-28T09:53:03.657Z,,FALSE +59a69f6dbfebc300016e15a2,fae8f720-51a6-48cb-8834-33641a42c30e,,do_2123165408517406721432,S. Radhakrishnan,"Sarvepalli Radhakrishnan About this sound listen (help·info (5 September 1888 – 17 April 1975 was an Indian philosopher and statesman[1] who was the first Vice President of India (1952–1962 and the second President of India from 1962 to 1967.[web 1] + +One of India's most distinguished twentieth-century scholars of comparative religion and philosophy,[2][web 2] his academic appointments included the King George V Chair of Mental and Moral Science at the University of Calcutta (1921–1932 and Spalding Professor of Eastern Religion and Ethics at University of Oxford (1936–1952. + +His philosophy was grounded in Advaita Vedanta, reinterpreting this tradition for a contemporary understanding.[web 2] He defended Hinduism against ""uninformed Western criticism"",[3] contributing to the formation of contemporary Hindu identity.[4] He has been influential in shaping the understanding of Hinduism, in both India and the west, and earned a reputation as a bridge-builder between India and the West.[5] + +Radhakrishnan was awarded several high awards during his life, including a knighthood in 1931, the Bharat Ratna, the highest civilian award in India, in 1954, and honorary membership of the British Royal Order of Merit in 1963. Radhakrishnan believed that ""teachers should be the best minds in the country"". Since 1962, his birthday is celebrated in India as Teachers' Day on 5 September.[web 3]",[],2017-08-30T11:20:13.099Z,,FALSE +59a69ff20c950300016667cd,fae8f720-51a6-48cb-8834-33641a42c30e,,do_2123165408517406721432,Teachers Day,"The birth date of the second President of India, Dr. Sarvepalli Radhakrishnan, 5 September 1888, has been celebrated as Teacher's Day since 1962. On this day, teachers and students report to school as usual but the usual activities and classes are replaced by activities of celebration, thanks and remembrance. In some schools, senior students take the responsibility of teaching in order to show their appreciation for the teachers. + +Traditional and Vedic Teachers' Day Festival is on Guru Purnima according to Indian Calendar, a festival dedicated to spiritual and academic teachers. This festival is traditionally celebrated by Buddhists, Jains and Hindus in India and Nepal, to pay their respects to their teachers and express their gratitude.",[],2017-08-30T11:22:26.735Z,,FALSE +59a6b05ebfebc300016e15a3,107240bc-918c-4e42-9545-4f8d596ee24e,,do_21230291297746944015,test,test,[],2017-08-30T12:32:30.969Z,,FALSE +59a6b0a6bfebc300016e15a4,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123165408517406721432,test,test,[],2017-08-30T12:33:42.491Z,,FALSE +59a799330c950300016667ce,be325d93-600d-4cb2-b2c9-728717c31765,,do_212295888406224896127,Test,Test updated,[],2017-08-31T05:05:55.819Z,,FALSE +59a799620c950300016667cf,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-08-31T05:06:42.929Z,,FALSE +59a79a940c950300016667d0,be325d93-600d-4cb2-b2c9-728717c31765,,do_212295888406224896127,Test,Test,[],2017-08-31T05:11:48.065Z,,FALSE +59a79a9ebfebc300016e15a6,be325d93-600d-4cb2-b2c9-728717c31765,,do_212295888406224896127,1,2,[],2017-08-31T05:11:58.042Z,,FALSE +59a7b4500c950300016667d1,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_21230291297746944015,Test,Test,[],2017-08-31T07:01:36.613Z,,FALSE +59a7b458bfebc300016e15a7,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_21230291297746944015,2,1,[],2017-08-31T07:01:44.279Z,,FALSE +59a7dac10c950300016667d2,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123178605500334081568,Test,test,[],2017-08-31T09:45:37.875Z,,FALSE +59a812e80c950300016667d3,14df02ff-7e68-4c52-a600-1b1f30c62ffe,,do_2123200653407354881657,Test,Test update,[],2017-08-31T13:45:12.434Z,,FALSE +59a8133bbfebc300016e15a8,be325d93-600d-4cb2-b2c9-728717c31765,do_2123157035537367041285,,Test,Test,[],2017-08-31T13:46:35.135Z,,FALSE +59a821cb0c950300016667d4,ac6fd279-ff03-4323-93a2-19a3cd2c7d47,,do_2123200147342622721628,Test,"Test +**Test** +*Test* + + 1. item",[],2017-08-31T14:48:43.362Z,,FALSE +59a821f20c950300016667d5,df6f285a-531c-4fed-bb54-6cc8235968f4,,do_2123178605500334081568,hg,fgfdfgvhbj heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note heloo note,[],2017-08-31T14:49:22.402Z,,FALSE +59a93e5ebfebc300016e15aa,8557fa44-6b3a-4a4a-bb99-7907e635b2f7,,do_2123200147342622721628,fd,dg,[],2017-09-01T11:02:54.958Z,,FALSE +59ace276514fcb0001548980,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_2123158123070668801318,test notes,nknkjn,[],2017-09-04T05:19:50.005Z,,FALSE +59ace5aa514fcb0001548981,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123236730327941121242,new note for youtubeW,dadaDAdad,[],2017-09-04T05:33:30.997Z,,FALSE +59ace7b5514fcb0001548982,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,,mwflelkjeofkk,klklfkflskdflkslfksf,[],2017-09-04T05:42:13.118Z,,FALSE +59ace7d8514fcb0001548983,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_2123158123070668801318,o'iwjw'oerjpo',po,[],2017-09-04T05:42:48.311Z,,FALSE +59ace8c4514fcb0001548984,be325d93-600d-4cb2-b2c9-728717c31765,,do_2123215064116756481869,Test,Test,[],2017-09-04T05:46:44.278Z,,FALSE +59ace9da514fcb0001548985,be325d93-600d-4cb2-b2c9-728717c31765,,do_2123215064116756481869,New Note,New note,[],2017-09-04T05:51:22.230Z,,FALSE +59acea49514fcb0001548986,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_20045289,c zvzcv,vcxvxc,[],2017-09-04T05:53:13.629Z,,FALSE +59acedf4514fcb0001548987,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,,;l;l;l,;l;l;l,[],2017-09-04T06:08:52.026Z,,FALSE +59aceea1514fcb0001548988,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_2123228937193799681199,new page note,mnojo,[],2017-09-04T06:11:45.944Z,,FALSE +59acf35f514fcb0001548989,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123248707513630721382,do_2123158123070668801318,test,test data,[],2017-09-04T06:31:59.233Z,,FALSE +59acf763514fcb000154898a,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123138572751912961138,do_212156477194846208131,wewew,wewewe,[],2017-09-04T06:49:07.322Z,,FALSE +59acf859514fcb000154898b,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123138572751912961138,do_20047090,klklklk,klkl,[],2017-09-04T06:53:13.564Z,,FALSE +59acfaf6514fcb000154898c,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123100894929960961150,do_2122930886356172801130,jkjkjkj,jkjkj,[],2017-09-04T07:04:22.969Z,,FALSE +59ad50654432590001efa772,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123251055368765441634,,finall course note,note,[],2017-09-04T13:08:53.038Z,,FALSE +59ad50ad4fd5900001efadbc,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_2123251055368765441634,do_212201190513950720137,g,hghghghgh,[],2017-09-04T13:10:05.882Z,,FALSE +59ad50c84432590001efa773,cd650921-5c54-48a7-aff1-e1f56b7f530a,,do_2123243093954805761356,hjhjh,hjhjh,[],2017-09-04T13:10:32.494Z,,FALSE +59ad544e4432590001efa775,28f7bf03-68be-4d62-b794-23040eada4e1,,do_2123215064116756481869,Test,Test,[],2017-09-04T13:25:34.844Z,,FALSE +59ad54574432590001efa776,28f7bf03-68be-4d62-b794-23040eada4e1,,do_2123215064116756481869,1,1,[],2017-09-04T13:25:43.457Z,,FALSE +59af9f4b4fd5900001efadbe,8557fa44-6b3a-4a4a-bb99-7907e635b2f7,,do_212290229532762112188,lklklkkl,jjkdjfkdjfd,[],2017-09-06T07:10:03.792Z,,FALSE +59b7a2e64645e500015ea526,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Hello,"Heelo![enter image description here][1] + + +![enter image description here][2] + + +sfdsfsdfsdfsfsdfsdfsdfsdfsdfsfsd + + +![enter image description here][3] + + + [1]: http://Heelo.cosasadas + [2]: http://12333433 + [3]: wpihttp://werwerwer78978987978",[],2017-09-12T09:03:34.427Z,,FALSE +59b7a6e9585c7a00011401dd,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,jkhjhjjjh,"hjhjhjhjj![enter image description here][1] + + + [1]: http://jhjhjhjhjh",[],2017-09-12T09:20:41.570Z,,FALSE +59b7a8df4645e500015ea527,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Google image,"google image linl![enter image description here][1] + + + [1]: https://upload.wikimedia.org/wikipedia/commons/thumb/7/77/Google_Images_2015_logo.svg/1200px-Google_Images_2015_logo.svg.png",[],2017-09-12T09:29:03.983Z,,FALSE +59b7a9104645e500015ea528,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Google image,"google image linl![enter image description here][1] + + + [1]: https://upload.wikimedia.org/wikipedia/commons/thumb/7/77/Google_Images_2015_logo.svg/1200px-Google_Images_2015_logo.svg.png",[],2017-09-12T09:29:52.274Z,,FALSE +59b7a93e585c7a00011401de,cd650921-5c54-48a7-aff1-e1f56b7f530a,do_212306471794638848176,,Test,Google image,[],2017-09-12T09:30:38.144Z,,FALSE +59b7aa844645e500015ea529,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-09-12T09:36:04.601Z,,FALSE +59b7d5f4585c7a00011401df,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-09-12T12:41:24.290Z,,FALSE +59b7e3f54645e500015ea52a,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-09-12T13:41:09.308Z,,FALSE +59b7e763585c7a00011401e0,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-09-12T13:55:47.984Z,,FALSE +59b8de3e4645e500015ea52b,be325d93-600d-4cb2-b2c9-728717c31765,do_212306471794638848176,,Test,Test,[],2017-09-13T07:29:02.334Z,,FALSE +59b9296d4645e500015ea52c,b2d7a285-b874-4aaf-abc3-e64d8b57f86d,,do_2123208084832829441775,new note,new,[],2017-09-13T12:49:49.051Z,,FALSE +59b929934645e500015ea52d,b2d7a285-b874-4aaf-abc3-e64d8b57f86d,,do_2123208084832829441775,ojkjkjkj,jkjkj,[],2017-09-13T12:50:27.050Z,,FALSE +59b929a74645e500015ea52e,b2d7a285-b874-4aaf-abc3-e64d8b57f86d,,do_2123208084832829441775,llkklk,lklklk,[],2017-09-13T12:50:47.929Z,,FALSE +59b92b55585c7a00011401e1,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,new note,new data,[],2017-09-13T12:57:57.235Z,,FALSE +59b92b7d4645e500015ea52f,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,erere,ewe,[],2017-09-13T12:58:37.649Z,,FALSE +59b92cf9585c7a00011401e2,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,dsdsd,sdsd,[],2017-09-13T13:04:57.819Z,,FALSE +59b92d1d4645e500015ea530,76001486-a7c8-48e4-8014-281dea0db0a5,,do_2123208084832829441775,mlmlklkkq,llklklklklkl,[],2017-09-13T13:05:33.068Z,,FALSE \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/files/notes-staging.csv b/ansible/roles/cassandra-cql-update/files/notes-staging.csv new file mode 100644 index 0000000000..59fd51fc21 --- /dev/null +++ b/ansible/roles/cassandra-cql-update/files/notes-staging.csv @@ -0,0 +1,109 @@ +_id,userId,courseId,contentId,title,note,tags,createdOn,updatedOn,isDeleted +5968a1d580b8bc000163a528,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-14T10:49:57.505Z,,FALSE +59693afb605e9a0001e9dfd6,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-07-14T21:43:23.960Z,,FALSE +596e60ce7cace000013cc4b7,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,do_212282810256941056178,,Sunbird Note 1,"The sunbirds and spiderhunters make up a family, Nectariniidae, of passerine birds. They are small, slender passerines from the Old World, usually with downward-curved bills. Many are brightly coloured, often with iridescent feathers, particularly in the males. Many species also have especially long tail feathers. Their range extends through most of Africa to the Middle East, South Asia, South-east Asia and southern China, to Indonesia, New Guinea and northern Australia. Species diversity is highest in equatorial regions. + +There are 132 species in 15 genera. Most sunbirds feed largely on nectar, but will also eat insects and spiders, especially when feeding their young. Flowers that prevent access to their nectar because of their shape (for example, very long and narrow flowers are simply punctured at the base near the nectaries, from which the birds sip the nectar. Fruit is also part of the diet of some species. Their flight is fast and direct, thanks to their short wings. + +The sunbirds have counterparts in two very distantly related groups: the hummingbirds of the Americas and the honeyeaters of Australia. The resemblances are due to convergent evolution brought about by a similar nectar-feeding lifestyle.[1] Some sunbird species can take nectar by hovering like a hummingbird, but they usually perch to feed.",[],2017-07-18T19:26:06.374Z,,FALSE +596ee80b30e8240001635a61,ca8fb15e-0e5a-43f3-96f2-2e15742b7f45,do_212282810555342848180,do_212216610159968256113,Note 1,**strong text**,[],2017-07-19T05:03:07.841Z,,FALSE +596f25ee30e8240001635a63,07aed82b-2a55-4e5d-bd22-36efb0e9d615,do_212282810555342848180,do_212216610159968256113,noite 1,sssss,[],2017-07-19T09:27:10.024Z,,FALSE +596f9f1430e8240001635a64,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,,do_212217290209730560120,Scored 100%,Similar test be suggested and used by others,[],2017-07-19T18:04:04.858Z,,FALSE +597038f830e8240001635a65,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,ffsdfsdfsdfsdfsdfs,fsdfsdf,[],2017-07-20T05:00:40.875Z,,FALSE +5970395c30e8240001635a66,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,dfsfsdfsdf,fdgvfcg dgdfhttps://staging.open-sunbird.org/private/index#!/profile,[],2017-07-20T05:02:20.698Z,,FALSE +5970396730e8240001635a67,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,https://staging.open-sunbird.org/private/index#!/profile,https://staging.open-sunbird.org/private/index#!/profile,[],2017-07-20T05:02:31.242Z,,FALSE +597039e830e8240001635a68,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,now1,now,[],2017-07-20T05:04:40.943Z,,FALSE +597039f330e8240001635a69,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,now 2,now 2,[],2017-07-20T05:04:51.444Z,,FALSE +59703a1030e8240001635a6a,e7bbff12-8c2a-4d0a-aa29-0f89edfcb9c5,do_212282810555342848180,do_212216610159968256113,now 3,now 3,[],2017-07-20T05:05:20.206Z,,FALSE +59705d81001d200001095db8,6a7299e2-41c3-4a6a-b75a-22c326c211ff,do_212282810555342848180,do_212216610159968256113,jkjkkl,mnlkjlk,[],2017-07-20T07:36:33.750Z,,FALSE +597167999e866200010b902f,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_212292720862715904142,,Test NoteAAAAA,"The sunbirds and spiderhunters make up a family, Nectariniidae, of passerine birds. They are small, slender passerines from the Old World, usually with downward-curved bills. Many are brightly coloured, often with iridescent feathers, particularly in the males. Many species also have especially long tail feathers. Their range extends through most of Africa to the Middle East, South Asia, South-east Asia and southern China, to Indonesia, New Guinea and northern Australia. Species diversity is highest in equatorial regions. + +There are 132 species in 15 genera. Most sunbirds feed largely on nectar, but will also eat insects and spiders, especially when feeding their young. Flowers that prevent access to their nectar because of their shape (for example, very long and narrow flowers are simply punctured at the base near the nectaries, from which the birds sip the nectar. Fruit is also part of the diet of some species. Their flight is fast and direct, thanks to their short wings. + +The sunbirds have counterparts in two very distantly related groups: the hummingbirds of the Americas and the honeyeaters of Australia. The resemblances are due to convergent evolution brought about by a similar nectar-feeding lifestyle.[1] Some sunbird species can take nectar by hovering like a hummingbird, but they usually perch to feed.",[],2017-07-21T02:31:53.466Z,,FALSE +597175ac9e866200010b9030,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_212292720862715904142,do_20047090,Test Notes,Test Notes,[],2017-07-21T03:31:56.680Z,,FALSE +5971d85f9e866200010b9031,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_212292781238452224152,,girl,"It’s too dark!” she argued when shown a perfectly acceptable one, according to mum. +“It’s too boring!” she cried when mum tried to convince her about a very sensible option she had recommended. +Mum had given up trying to convince her of anything and they were walking home, frustrated at the wasted morning. The newly descending fog just added to the gloom. She looked down the alley to where Lucy was pointing.",[],2017-07-21T10:33:03.037Z,,FALSE +5971e1d39e866200010b9032,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N1,N1,[],2017-07-21T11:13:23.490Z,,FALSE +5971e1dc9e866200010b9033,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N2,2,[],2017-07-21T11:13:32.676Z,,FALSE +5971e1e89e866200010b9034,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N3,3,[],2017-07-21T11:13:44.130Z,,FALSE +5971e1f09e866200010b9035,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N4,4,[],2017-07-21T11:13:52.162Z,,FALSE +5971e2139e866200010b9036,8964a7ab-4712-464c-8b19-cb87221cfcfa,do_2122931469935493121136,,N5,5,[],2017-07-21T11:14:27.775Z,,FALSE +5971eafe9e866200010b9037,784c732a-e03f-4b85-bc04-8a58ee1be6aa,do_2122867365871943681194,,screen,s,[],2017-07-21T11:52:30.682Z,,FALSE +5975dd8f9c05a10001957812,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,do_212282810256941056178,do_2122528241634754561234,Kinda interesting,whats this,[],2017-07-24T11:44:15.324Z,,FALSE +5975e0ed9c05a10001957813,ecb93d66-8d53-4ad2-8dcb-ce04eb983798,do_212282810256941056178,do_2122432175175761921186,note 2,Here's a smaple note.,[],2017-07-24T11:58:37.582Z,,FALSE +5976c15aa9e30b0001971c65,8c44ad33-34dd-4291-a1b2-1061cc4d75c4,,do_20052842,Test,test,[],2017-07-25T03:56:10.784Z,,FALSE +5977555aee20880001251c4c,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20052842,Test34,1234,[],2017-07-25T14:27:38.896Z,,FALSE +5978a7b2ee20880001251c4d,944d23ab-46ba-45f7-ac9a-0e332fc8dce5,,do_20043627,jkjkj,kjkj,[],2017-07-26T14:31:14.976Z,,FALSE +5979981f3ba2da0001f5eebf,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_2122161647443476481281,test,test,[],2017-07-27T07:37:03.964Z,,FALSE +597998393ba2da0001f5eec0,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_30013486,Test update,Testt,[],2017-07-27T07:37:29.702Z,,FALSE +5979984f3ba2da0001f5eec1,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212282810555342848180,do_2122432175175761921186,New Note,New,[],2017-07-27T07:37:51.284Z,,FALSE +5979985c3ba2da0001f5eec2,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212282810555342848180,do_2122432175175761921186,1,3,[],2017-07-27T07:38:04.799Z,,FALSE +5979986e3ba2da0001f5eec3,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212282810555342848180,,5,6,[],2017-07-27T07:38:22.323Z,,FALSE +597b12c3cd861e000193140b,613bedaa-19c6-4f90-8fc0-1b9ed3b866a2,do_212296625948319744173,,Testnote,testing,[],2017-07-28T10:32:35.856Z,,FALSE +597f0a83725a490001d7d40b,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2123000999568752641219,,Note1,Note1,[],2017-07-31T10:46:27.877Z,,FALSE +597f0acb725a490001d7d40c,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2123000999568752641219,do_212265445709848576118,C1,C1,[],2017-07-31T10:47:39.279Z,,FALSE +597f1811725a490001d7d40e,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2122951809560002561251,do_2122951778195865601246,Market Inputs : Meeting Invitaion,ok...........,[],2017-07-31T11:44:17.794Z,,FALSE +5988363e6e34080001280b17,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212300234602971136120,do_212178412953821184120,note,note not added,[],2017-08-07T09:43:26.509Z,,FALSE +598836526e34080001280b18,0915208f-3b77-4eca-ba27-58f0b2d81019,do_212300234602971136120,do_212178412953821184120,note 2,note 2,[],2017-08-07T09:43:46.825Z,,FALSE +5988b395cbda570001c855c8,0915208f-3b77-4eca-ba27-58f0b2d81019,do_2123000999568752641219,do_20046116,Title,Description,[],2017-08-07T18:38:13.157Z,,FALSE +598d3512c5ccb60001404d45,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20044433,ewerwe,werwerwrwe,[],2017-08-11T04:39:46.226Z,,FALSE +598d3531c5ccb60001404d46,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,wrwerwe,werwerwerwe,[],2017-08-11T04:40:17.274Z,,FALSE +598d35dbc5ccb60001404d47,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,fsdsdsf,fdsfsdf,[],2017-08-11T04:43:07.975Z,,FALSE +598d35f4c5ccb60001404d48,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,sdfsdfs,dsfsdfsdfsdfs,[],2017-08-11T04:43:32.286Z,,FALSE +598d35fdc5ccb60001404d49,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,wewerwerwerwe,rwerwerwerwerwe,[],2017-08-11T04:43:41.315Z,,FALSE +598d3609c5ccb60001404d4a,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,gsgfdgdfg,dfgdfgdfgdf,[],2017-08-11T04:43:53.826Z,,FALSE +598d3625c5ccb60001404d4b,0915208f-3b77-4eca-ba27-58f0b2d81019,,do_20043627,1`1,1,[],2017-08-11T04:44:21.537Z,,FALSE +598d3880c5ccb60001404d4c,064c0b3d-eb1c-4a12-aeeb-3f65bbb2a8d3,,do_30032277,Note,Note,[],2017-08-11T04:54:24.029Z,,FALSE +599941c45640c0000120e6af,fbb16dbb-469f-4a1c-a64f-11f25f0a5e08,,do_2123143396291133441148,note,nnnn,[],2017-08-20T08:01:08.429Z,,FALSE +599980c45640c0000120e6b0,db705067-0516-483f-bc6a-aa57d44b51b9,do_21229665263726592014,,1,fdsf,[],2017-08-20T12:29:56.857Z,,FALSE +599a61515640c0000120e6b1,dba37d67-ed11-4824-bee3-bed665f237af,,do_30013510,Test Note,Test description,[],2017-08-21T04:28:01.323Z,,FALSE +599a61755640c0000120e6b2,dba37d67-ed11-4824-bee3-bed665f237af,,do_30013509,Test Note,Notes,[],2017-08-21T04:28:37.107Z,,FALSE +599a640e5640c0000120e6b3,dba37d67-ed11-4824-bee3-bed665f237af,,do_30013509,Test,Testsdgsdgdfg,[],2017-08-21T04:39:42.035Z,,FALSE +599a6cb35640c0000120e6b4,fbb16dbb-469f-4a1c-a64f-11f25f0a5e08,,do_30013510,test,test,[],2017-08-21T05:16:35.622Z,,FALSE +599a99435640c0000120e6b5,dba37d67-ed11-4824-bee3-bed665f237af,do_21231295967811174417,do_2122162576275701761294,dasda,dasd,[],2017-08-21T08:26:43.464Z,,FALSE +599aa9a05640c0000120e6b6,e654c117-81c9-4acf-bee4-0eb9943587f0,do_212312897236066304117,,hfgh,hgfhfgh,[],2017-08-21T09:36:32.526Z,,FALSE +599aa9af5640c0000120e6b7,e654c117-81c9-4acf-bee4-0eb9943587f0,,do_20047090,hfghfh,hfgh,[],2017-08-21T09:36:47.337Z,,FALSE +599ab8845640c0000120e6b8,9608d921-5f22-4ce7-9b19-d7950e1b2528,do_2123138572751912961138,do_20047090,test,test,[],2017-08-21T10:40:04.270Z,,FALSE +599b0a7a5640c0000120e6b9,55dba7dc-88f3-4a7c-93fc-d9b9a2b95edd,do_212313579799609344156,,hjhjh,hjhj,[],2017-08-21T16:29:46.663Z,,FALSE +599c0c0a5640c0000120e6bb,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,,do_2123073460161249281249,bad,bad,[],2017-08-22T10:48:42.326Z,,FALSE +599cfcc45640c0000120e6bc,2bc099bc-4c64-4826-83f6-d292f2a82012,do_2123163419216117761353,,fdsfdsf,fdsfsf,[],2017-08-23T03:55:48.385Z,,FALSE +599d17a65640c0000120e6bd,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,,do_20044433,note,kisadsadsadsad,[],2017-08-23T05:50:30.088Z,,FALSE +599d17e55640c0000120e6be,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_21229665429644083218,,dadadad,dadadadad,[],2017-08-23T05:51:33.926Z,,FALSE +599d18765640c0000120e6bf,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,,do_212295919848210432184,sasaS,SAsSSaaSASASASA,[],2017-08-23T05:53:58.244Z,,FALSE +599d23765640c0000120e6c0,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_2122951778195865601246,xzxzxzxzxz,xzxzxz,[],2017-08-23T06:40:54.997Z,,FALSE +599d23c15640c0000120e6c1,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_2122951778195865601246,sds,sd,[],2017-08-23T06:42:09.438Z,,FALSE +599d24045640c0000120e6c2,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_2122162678233579521298,kk,hh,[],2017-08-23T06:43:16.262Z,,FALSE +599d24775640c0000120e6c3,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123163551322849281354,do_20045620,fdsfsd,fsdf,[],2017-08-23T06:45:11.504Z,,FALSE +59a4fe7b96eb0d000156e389,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,vhvhv,"nj,b nm",[],2017-08-29T05:41:15.658Z,,FALSE +59a4fea796eb0d000156e38a,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,bv b n,"vhb,aqwhb",[],2017-08-29T05:41:59.852Z,,FALSE +59a4feb496eb0d000156e38b,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,vvn n,qazxswedcv,[],2017-08-29T05:42:12.569Z,,FALSE +59a4fec696eb0d000156e38c,fcc60c6f-578e-4c5e-8257-6eaca81fb62b,do_2123138572751912961138,,rtyuui,gggbbb,[],2017-08-29T05:42:30.661Z,,FALSE +59a683dd96eb0d000156e38e,2aade7d9-6abf-433b-9a05-3b02cd2eb664,,do_212295888406224896127,m,n,[],2017-08-30T09:22:37.520Z,,FALSE +59a683e996eb0d000156e38f,2aade7d9-6abf-433b-9a05-3b02cd2eb664,,do_212295888406224896127,n,n,[],2017-08-30T09:22:49.281Z,,FALSE +59a683f396eb0d000156e390,2aade7d9-6abf-433b-9a05-3b02cd2eb664,,do_212295888406224896127,m,m,[],2017-08-30T09:22:59.806Z,,FALSE +59a6995f96eb0d000156e391,ebec55da-7bd5-4e48-b895-34630e16975f,do_2123164561966202881387,,," + +",[],2017-08-30T10:54:23.018Z,,FALSE +59a69f3a96eb0d000156e392,2bc099bc-4c64-4826-83f6-d292f2a82012,,do_2123165408517406721432,Test,test,[],2017-08-30T11:19:22.946Z,,FALSE +59a7ce4496eb0d000156e394,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note1,Note1,[],2017-08-31T08:52:20.106Z,,FALSE +59a7cee796eb0d000156e395,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note61,Note61,[],2017-08-31T08:55:03.755Z,,FALSE +59a7d0be96eb0d000156e396,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note1,Note1,[],2017-08-31T09:02:54.062Z,,FALSE +59a7d12296eb0d000156e397,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note2,Note2,[],2017-08-31T09:04:34.900Z,,FALSE +59a7d18296eb0d000156e398,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note3,Note3,[],2017-08-31T09:06:10.586Z,,FALSE +59a7d1de96eb0d000156e399,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note5,Note5,[],2017-08-31T09:07:42.116Z,,FALSE +59a7d25b96eb0d000156e39a,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note6,Note6,[],2017-08-31T09:09:47.651Z,,FALSE +59a7dce496eb0d000156e39b,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note6,Note6,[],2017-08-31T09:54:44.472Z,,FALSE +59a7dd3296eb0d000156e39c,be9e7184-dffd-45af-9e3c-147fdf2c771d,do_2123215323635384321882,do_2122952599231856641325,Note6,Note6,[],2017-08-31T09:56:02.596Z,,FALSE +59b224da2e8d950001a15294,2aade7d9-6abf-433b-9a05-3b02cd2eb664,do_2123277035616337921104,domain_4083,dd,dddd,[],2017-09-08T05:04:26.101Z,,FALSE +59b2357f5fdcd10001251fb8,2aade7d9-6abf-433b-9a05-3b02cd2eb664,do_2123200404256931841636,do_2123164671596052481388,aa,aaa,[],2017-09-08T06:15:27.043Z,,FALSE +59b7aabf5fdcd10001251fb9,dba37d67-ed11-4824-bee3-bed665f237af,do_212306471794638848176,,Test,Test,[],2017-09-12T09:37:03.101Z,,FALSE +59b7e77d5fdcd10001251fba,dba37d67-ed11-4824-bee3-bed665f237af,do_212306471794638848176,,test,Test,[],2017-09-12T13:56:13.716Z,,FALSE +59b80e8be737a90001875ac4,1234567,1234565678,12345656758, title 3,My notes 3,"[""tags 1""]",2017-09-12T16:42:51.580Z,,FALSE +59ba179ae737a90001875ac5,107240bc-918c-4e42-9545-4f8d596ee24e,do_2122951809560002561251,do_2122951778195865601246,Note Title,Note description,[],2017-09-14T05:46:02.758Z,,FALSE +59bb84885fdcd10001251fbb,d882967f-b3e1-456b-b984-d800470837ab,,do_2123208084832829441775,Note 1,Des,[],2017-09-15T07:43:04.060Z,,FALSE +59bb84b3e737a90001875ac6,d882967f-b3e1-456b-b984-d800470837ab,,do_2123208084832829441775,abc,desc,[],2017-09-15T07:43:47.924Z,,FALSE +59bb84cde737a90001875ac7,d882967f-b3e1-456b-b984-d800470837ab,,do_2123208084832829441775,efg,desc,[],2017-09-15T07:44:13.398Z,,FALSE +59bbdb6a5fdcd10001251fbe,1234567,1234565678,12345656758,updated title,My notes1 update 1,"[""tag1""]",2017-09-15T13:53:46.761Z,,FALSE +59c142ec5fdcd10001251fbf,be7efb23-6af9-4d92-82b3-a4d78fcfa2f6,do_2123215064116756481869,do_2123347975635599361299, title 3,My notes 3,"[""tags 1""]",2017-09-19T16:16:44.029Z,,FALSE \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/files/pageMgmt.csv b/ansible/roles/cassandra-cql-update/files/pageMgmt.csv new file mode 100644 index 0000000000..e010f0fb40 --- /dev/null +++ b/ansible/roles/cassandra-cql-update/files/pageMgmt.csv @@ -0,0 +1,6 @@ +0122838911932661768,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 07:17:36:831+0000,Resource,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",, +01228382486252748821,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:03:29:672+0000,Course,,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",, +0122838909618585607,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 07:17:36:827+0000,Resource,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",, +01228394137835929612,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 08:54:56:574+0000,Resourcessss,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 09:01:26:990+0000 +01228382478150860822,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:03:29:679+0000,Course,,"[{\"id\":\"01228382278062080019\",\"index\":1,\"group\":1},{\"id\":\"01228382243946496017\",\"index\":1,\"group\":2}]",, +01228393775303884811,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",ad54e968-d52f-30a0-bdba-de182aab43b1,2017-07-08 08:54:56:572+0000,Resources,,"[{\"id\":\"01228383082462412826\",\"index\":1,\"group\":1},{\"id\":\"01228383384379392023\",\"index\":1,\"group\":2}]",, \ No newline at end of file diff --git a/ansible/roles/cassandra-cql-update/files/pageSection.csv b/ansible/roles/cassandra-cql-update/files/pageSection.csv new file mode 100644 index 0000000000..b10991659d --- /dev/null +++ b/ansible/roles/cassandra-cql-update/files/pageSection.csv @@ -0,0 +1,12 @@ +01228383133972889627,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:10:20:043+0000,,"{\"name\":{\"en\":\"Popular Template\",\"hi\":\"????????\"}}",,Popular Template,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Template\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, +01228382966064742425,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:09:40:595+0000,,"{\"name\":{\"en\":\"Popular Worksheet\",\"hi\":\"????????\"}}",,Popular Worksheet,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Worksheet\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, +01228382278062080019,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:55:600+0000,,"{\"name\":{\"en\":\"Latest Courses\",\"hi\":\"????????\"}}",,Latest Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"lastPublishedOn\":\"desc\"},\"limit\":10}}",course,1,, +01228383082462412826,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:09:40:595+0000,,"{\"name\":{\"en\":\"Popular Worksheet\",\"hi\":\"????????\"}}",,Popular Worksheet,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Worksheet\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, +01228382897002905629,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:11:14:511+0000,,"{\"name\":{\"en\":\"Popular Simulation\",\"hi\":\"????????\"}}",,Popular Simulation,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Simulation\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, +01228382681137152020,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:55:601+0000,,"{\"name\":{\"en\":\"Latest Courses\",\"hi\":\"????????\"}}",,Latest Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"lastPublishedOn\":\"desc\"},\"limit\":10}}",course,1,, +01228382662997606424,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:08:56:272+0000,,"{\"name\":{\"en\":\"Popular Story\",\"hi\":\"????????\"}}",,Popular Story,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Story\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, +01228382337862041618,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:16:949+0000,,"{\"name\":{\"en\":\"Popular Courses\",\"hi\":\"????????\"}}",,Popular Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"name\":\"asc\"},\"limit\":10}}",course,1,, +01228383171081011228,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:10:20:049+0000,,"{\"name\":{\"en\":\"Popular Template\",\"hi\":\"????????\"}}",,Popular Template,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Template\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, +01228382243946496017,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:00:16:949+0000,,"{\"name\":{\"en\":\"Popular Courses\",\"hi\":\"????????\"}}",,Popular Courses,"{\"request\":{\"filters\":{\"contentType\":[\"Course\"],\"objectType\":[\"Content\"],\"status\":[\"Live\"]},\"sort_by\":{\"name\":\"asc\"},\"limit\":10}}",course,1,, +01228383384379392023,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:08:56:272+0000,,"{\"name\":{\"en\":\"Popular Story\",\"hi\":\"????????\"}}",,Popular Story,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Story\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, +01228383260541747230,,490ed1d2-c69d-4cf0-a50c-f37e658c128d,2017-07-08 05:11:14:512+0000,,"{\"name\":{\"en\":\"Popular Simulation\",\"hi\":\"????????\"}}",,Popular Simulation,"{\"request\":{\"query\":\"\",\"filters\":{\"language\":[\"English\"],\"contentType\":[\"Simulation\"]},\"limit\":10,\"sort_by\":{\"lastUpdatedOn\":\"desc\"}}}",content,1,, \ No newline at end of file From e395f5c0493c4c87c88a7a054d89eb9b6f886a47 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sun, 28 Jan 2018 00:53:11 +0530 Subject: [PATCH 054/104] Issue #22 fix: es variable not decalred --- ansible/inventories/sample/hosts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/inventories/sample/hosts b/ansible/inventories/sample/hosts index 37f4e10ad0..71cb3bbe43 100644 --- a/ansible/inventories/sample/hosts +++ b/ansible/inventories/sample/hosts @@ -11,7 +11,7 @@ swarm-manager-1 "{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [es-1] -"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" es_instance_name=es-1 es_etc_node_master=true es_etc_node_data=true [cassandra-1] "{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" From 2ead971f818b94ac9f1d119ee4a89fe70d872eb6 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sun, 28 Jan 2018 01:07:41 +0530 Subject: [PATCH 055/104] Issue #22 feat: ignoring failed message because of data already present at db --- ansible/roles/cassandra-cql-update/tasks/main.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ansible/roles/cassandra-cql-update/tasks/main.yml b/ansible/roles/cassandra-cql-update/tasks/main.yml index d29f8876de..626bda313b 100644 --- a/ansible/roles/cassandra-cql-update/tasks/main.yml +++ b/ansible/roles/cassandra-cql-update/tasks/main.yml @@ -6,8 +6,6 @@ - pageMgmt.csv - pageSection.csv - content_service.cql - # - notes-{{env}}.csv - tags: - always @@ -35,5 +33,6 @@ - name: Run the content_service.cql file become: yes command: "cqlsh -f /tmp/content_service.cql" + ignore_errors: yes tags: - content_service From e329058eba23ce32957bdd27e5a639621cda6404 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sun, 28 Jan 2018 01:09:52 +0530 Subject: [PATCH 056/104] Issue #22 feat: overriding vars --- deploy/init-dbs.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/init-dbs.sh b/deploy/init-dbs.sh index b9e4f791de..2ac777254f 100755 --- a/deploy/init-dbs.sh +++ b/deploy/init-dbs.sh @@ -11,8 +11,8 @@ INVENTORY_PATH=$1 # Cassandra installation echo "@@@@@@@@@ Cassandra data" -ansible-playbook -i $INVENTORY_PATH ../ansible/cassandra-data.yml +ansible-playbook -i $INVENTORY_PATH ../ansible/cassandra-data.yml --extra-vars=@config # Postgresql installation echo "@@@@@@@@@ Postgresql data" -ansible-playbook -i $INVENTORY_PATH ../ansible/postgresql-data-update.yml \ No newline at end of file +ansible-playbook -i $INVENTORY_PATH ../ansible/postgresql-data-update.yml --extra-vars=@config From cd218f01747712942e0b6198131fd4bb9b8a686f Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 12:04:52 +0530 Subject: [PATCH 057/104] Issue #22 chore: updated the core services versions --- deploy/deploy-core.sh | 8 ++++---- deploy/install-dbs.sh | 4 ---- deploy/mcf | 39 --------------------------------------- 3 files changed, 4 insertions(+), 47 deletions(-) delete mode 100644 deploy/mcf diff --git a/deploy/deploy-core.sh b/deploy/deploy-core.sh index 9cb7530a79..3c2cadd139 100755 --- a/deploy/deploy-core.sh +++ b/deploy/deploy-core.sh @@ -11,10 +11,10 @@ INVENTORY_PATH=$1 ENV=sample ORG=sunbird -ACTOR_SERVICE_VERSION=0.0.1-gold -PLAYER_VERSION=0.0.6-gold -CONTENT_SERVICE_VERSION=0.0.1-gold -LEARNER_SERVICE_VERSION=0.0.1-gold +ACTOR_SERVICE_VERSION=0.0.4-silver +PLAYER_VERSION=0.0.9-silver +CONTENT_SERVICE_VERSION=0.0.4-silver +LEARNER_SERVICE_VERSION=0.0.4-silver PROXY_VERSION=0.0.1-gold # Bootstrap swarm diff --git a/deploy/install-dbs.sh b/deploy/install-dbs.sh index eabc83f5cd..15cedc9fab 100755 --- a/deploy/install-dbs.sh +++ b/deploy/install-dbs.sh @@ -20,7 +20,3 @@ ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags cassandra -- # Postgresql-master installation echo "@@@@@@@@@ Postgresql-master installation" ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags postgresql-master --extra-vars=@config - -# Mongodb installation -echo "@@@@@@@@@ Mongodb installation" -ansible-playbook -i $INVENTORY_PATH ../ansible/provision.yml --tags "mongodb" --extra-vars=@config diff --git a/deploy/mcf b/deploy/mcf deleted file mode 100644 index de1c177e57..0000000000 --- a/deploy/mcf +++ /dev/null @@ -1,39 +0,0 @@ -#Basic -environment: dev -implementation_name: rajesh -ssh_ansible_user: -ansible_private_key_path: - -#Application -application_host: -app_address_space: -msg_91_auth: -msg_sender: -player_tenant_dir: - -#Proxy -cert_path: -keypath_path: -dns_name: - -#Database -database_host: -database_password: - -#Ekstep -ekstep_base_url: -ekstep_api_key: - -#Keycloak -sso_username: -sso_password: -keycloak_admin_password: -keycloak_theme_path: -trampoline_secret: - -#Portal mail -mail_server_host: -mail_server_port: -mail_server_username: -mail_server_password: -mail_server_from_email: From cdb874d4dd0339faf0aa9bfef7ec205a0ff290e1 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 12:39:15 +0530 Subject: [PATCH 058/104] Issue #22 chore: Change the environment to env in mcf --- deploy/config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/config b/deploy/config index 51971a5551..dd5b12ac1e 100644 --- a/deploy/config +++ b/deploy/config @@ -1,5 +1,5 @@ #Basic -environment: +env: implementation_name: ssh_ansible_user: ansible_private_key_path: From 3cda3e99951157551fc0b448b71cbe479dad1c4a Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 12:51:53 +0530 Subject: [PATCH 059/104] Issue #22 chore: Change the kong host details --- ansible/inventories/sample/hosts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/inventories/sample/hosts b/ansible/inventories/sample/hosts index 71cb3bbe43..d7b5d2a88e 100644 --- a/ansible/inventories/sample/hosts +++ b/ansible/inventories/sample/hosts @@ -34,7 +34,7 @@ es-1 cassandra-1 [kong-api] -localhost ansible_connection=local +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-prometheus] "{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" From 6ec9ac2bfce7d20674ee427368f362ffd8b9638a Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 29 Jan 2018 14:33:39 +0530 Subject: [PATCH 060/104] Issue #22 fix: stop at any error --- deploy/sunbird_install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 3eb328421a..fd992d79d4 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -e +set -eu -o pipefail usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak} ]" 1>&2; exit 1; } From e37b453e9b327e8ccbcbb2b13709791b7feb0f91 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 14:46:57 +0530 Subject: [PATCH 061/104] Issue #22 chore: jwt token copying --- ansible/roles/kong-consumer/tasks/main.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/ansible/roles/kong-consumer/tasks/main.yml b/ansible/roles/kong-consumer/tasks/main.yml index afceae05b6..585bb77f57 100644 --- a/ansible/roles/kong-consumer/tasks/main.yml +++ b/ansible/roles/kong-consumer/tasks/main.yml @@ -29,4 +29,14 @@ register: jwt_token - name: write to file - copy: content="{{jwt_token.stdout}}" dest="/home/ops/jwt_token.txt" + copy: content="{{jwt_token.stdout}}" dest=~/jwt_token.txt + +- name: run the sed command + shell: cat ~/jwt_token.txt | grep 'JWT token for player is' + register: token + +- name: Copy the script + copy: content="{{token.stdout}}" dest=~/jwt_token_player.txt + +- name: remove the file + file: path=~/jwt_token.txt state=absent \ No newline at end of file From 349218cf324929f672cb4101f5617a23adeeb999 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 14:54:56 +0530 Subject: [PATCH 062/104] Issue #22 chore: skip ansible_host_key_verification --- deploy/sunbird_install.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index fd992d79d4..7caa54ea36 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -14,6 +14,9 @@ SSH_ANSIBLE_FILE=$(awk '/ssh_ansible_file: / {print $2}' config) ANSIBLE_PRIVATE_KEY_PATH=$(awk '/ansible_private_key_path: / {print $2}' config) ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME +#TO skip the host key verification +export ANSIBLE_HOST_KEY_CHECKING=False + # Installing dependencies deps() { sudo ./install-deps.sh; } From 72fc7469379ee6a15b0216b7a17d63c945828279 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 16:04:44 +0530 Subject: [PATCH 063/104] Issue #22 chore: certbot script added --- deploy/certbot.sh | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 deploy/certbot.sh diff --git a/deploy/certbot.sh b/deploy/certbot.sh new file mode 100644 index 0000000000..08a05b325c --- /dev/null +++ b/deploy/certbot.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +DNS_NAME=$(awk '/dns_name: / {print $2}' config) +SSH_ANSIBLE_USER=$(awk '/ssh_ansible_user: / {print $2}' config) +CERTBOT_HOME=/etc/letsencrypt/archive/$DNS_NAME + + +#Check certbot installed or not +dpkg -S `which certbot` +if [ $? -eq 0 ] +then + echo "certbot is already installed" +else + sudo apt-get update + sudo apt-get install -y software-properties-common + sudo add-apt-repository ppa:certbot/certbot + sudo apt-get update + sudo apt-get install -y certbot +fi + +sudo ls $CERTBOT_HOME +if [ $? -eq 0 ] +then + echo "Certs are already created" +else + sudo certbot certonly --standalone -d $DNS_NAME +fi +sudo cp -r $CERTBOT_HOME/cert1.pem $CERTBOT_HOME/privkey1.pem /home/$SSH_ANSIBLE_USER/ +sudo chown -R $SSH_ANSIBLE_USER:$SSH_ANSIBLE_USER /home/$SSH_ANSIBLE_USER/cert1.pem /home/$SSH_ANSIBLE_USER/privkey1.pem +sudo chmod 775 /home/$SSH_ANSIBLE_USER/cert1.pem /home/$SSH_ANSIBLE_USER/privkey1.pem \ No newline at end of file From c13cea6b5ded66da349d31901b96b84b70216302 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 16:20:55 +0530 Subject: [PATCH 064/104] Issue #22 chore: certbot script added --- deploy/certbot.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 deploy/certbot.sh diff --git a/deploy/certbot.sh b/deploy/certbot.sh old mode 100644 new mode 100755 From 50f19862d10f42cb979d4fecce91dccf59be5c19 Mon Sep 17 00:00:00 2001 From: manoj v Date: Mon, 29 Jan 2018 17:27:38 +0530 Subject: [PATCH 065/104] Issue #22 chore: certbot script added --- deploy/config | 50 ++++++++++++++++++++++---------------------------- 1 file changed, 22 insertions(+), 28 deletions(-) diff --git a/deploy/config b/deploy/config index dd5b12ac1e..be404206d0 100644 --- a/deploy/config +++ b/deploy/config @@ -1,39 +1,33 @@ #Basic -env: -implementation_name: -ssh_ansible_user: -ansible_private_key_path: +env: # Name of the environment you are deploying. Typically, it is one of development, test, staging, production, etc. +implementation_name: #Name of your sunbird implementation. Let's say for the sake of this document, it is ntp. +ssh_ansible_user: #ssh user for deploying scripts +ansible_private_key_path: #path to the private key file to allow ansible to deploy + #Application -application_host: #Private ip of the application server -app_address_space: #Application server address space (e.g. 10.3.0.0/24) -msg_91_auth: -msg_sender: -player_tenant_dir: +application_host: #Private ip of the application server +app_address_space: #Application server address space (e.g. 10.3.0.0/24) + #Proxy -cert_path: -key_path: -dns_name: +cert_path: #Path to .cert file for nginx +key_path: #Path to .key file for nginx +dns_name: #Public DNS url of the app the server #Database -database_host: -database_password: +database_host: #db server private ip +database_password: #common password for all the databases #Ekstep -ekstep_base_url: -ekstep_api_key: +ekstep_base_url: # Ekstep community url ex: https://qa.ekstep.in +ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal. #Keycloak -sso_username: -sso_password: -keycloak_admin_password: -keycloak_theme_path: -trampoline_secret: - -#Portal mail -mail_server_host: -mail_server_port: -mail_server_username: -mail_server_password: -mail_server_from_email: +sso_username: #get the username from keycloak realm import doc ex:user-manager +sso_password: #password for keycloak ss_username +keycloak_admin_password: #keycloak admin console password +keycloak_theme_path: #Path to the keycloak themes +trampoline_secret: #get the trampoline secret from the keycloak realm import doc. + + \ No newline at end of file From 990910ac1fde59507ec69d4ded69bc882f0c5515 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 00:46:54 +0530 Subject: [PATCH 066/104] Issue #22 fix: ansible host overriding --- ansible/inventories/sample/hosts | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ansible/inventories/sample/hosts b/ansible/inventories/sample/hosts index d7b5d2a88e..723d1a931a 100644 --- a/ansible/inventories/sample/hosts +++ b/ansible/inventories/sample/hosts @@ -1,5 +1,5 @@ [swarm-manager-1] -"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" swarm_master=true +sm-1 ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" swarm_master=true [swarm-manager:children] swarm-manager-1 @@ -8,16 +8,16 @@ swarm-manager-1 swarm-manager-1 [postgresql-1] -"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +postgres-1 ansible_host="{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [es-1] -"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" es_instance_name=es-1 es_etc_node_master=true es_etc_node_data=true +es-1 ansible_host="{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" es_instance_name=es-1 es_etc_node_master=true es_etc_node_data=true [cassandra-1] -"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +cassandra-1 ansible_host="{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [keycloak-1] -"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +keycloak-1 ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [keycloak:children] keycloak-1 @@ -34,16 +34,16 @@ es-1 cassandra-1 [kong-api] -"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +kong-api ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-prometheus] -"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +swarm-agent-for-prometheus ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-grafana] -"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +swarm-agent-for-grafana ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-alertmanager] -"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +swarm-agent-for-alertmanager ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [non-swarm-nodes:children] postgresql-master From a9cfacf112c408c8490b14ea55fac767110f87d5 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 00:49:46 +0530 Subject: [PATCH 067/104] Issue #22 fix: ansible hosts overriding --- deploy/sunbird_install.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 7caa54ea36..e96b8f27c8 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -23,12 +23,6 @@ deps() { sudo ./install-deps.sh; } # Generating configs config() { time ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; - # Creating inventory - sed -i s#\"{{database_host}}\"#$DB_HOST#g $ANSIBLE_VARIABLE_PATH/hosts - sed -i s#\"{{application_host}}\"#$APP_HOST#g $ANSIBLE_VARIABLE_PATH/hosts - sed -i s#\"{{ssh_ansible_user}}\"#$SSH_ANSIBLE_USER#g $ANSIBLE_VARIABLE_PATH/hosts - sed -i s#\"{{ssh_ansible_file}}\"#$SSH_ANSIBLE_FILE#g $ANSIBLE_VARIABLE_PATH/hosts - sed -i s#\"{{ansible_private_key_path}}\"#$ANSIBLE_PRIVATE_KEY_PATH#g $ANSIBLE_VARIABLE_PATH/hosts } From 429316afe5988713ba9dc4aa5df685e677816cb3 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 00:59:20 +0530 Subject: [PATCH 068/104] Issue #22 feat: removed mcf deps and posix naming conventions --- deploy/certbot.sh | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/deploy/certbot.sh b/deploy/certbot.sh index 08a05b325c..3a96de41b6 100755 --- a/deploy/certbot.sh +++ b/deploy/certbot.sh @@ -1,8 +1,15 @@ #!/bin/sh -DNS_NAME=$(awk '/dns_name: / {print $2}' config) -SSH_ANSIBLE_USER=$(awk '/ssh_ansible_user: / {print $2}' config) -CERTBOT_HOME=/etc/letsencrypt/archive/$DNS_NAME +# This script won't work for aws, as it's black listed + +echo -e "This script won't work for aws, as it's black listed\n so if youre running on aws please press ctrl+c" + +sleep 5 + +echo please enter your dns name +read dns_name +ssh_ansible_user=$(whoami) +certbot_home=/etc/letsencrypt/archive/$dns_name #Check certbot installed or not @@ -18,13 +25,13 @@ else sudo apt-get install -y certbot fi -sudo ls $CERTBOT_HOME +sudo ls $certbot_home if [ $? -eq 0 ] then echo "Certs are already created" else - sudo certbot certonly --standalone -d $DNS_NAME + sudo certbot certonly --standalone -d $dns_name fi -sudo cp -r $CERTBOT_HOME/cert1.pem $CERTBOT_HOME/privkey1.pem /home/$SSH_ANSIBLE_USER/ -sudo chown -R $SSH_ANSIBLE_USER:$SSH_ANSIBLE_USER /home/$SSH_ANSIBLE_USER/cert1.pem /home/$SSH_ANSIBLE_USER/privkey1.pem -sudo chmod 775 /home/$SSH_ANSIBLE_USER/cert1.pem /home/$SSH_ANSIBLE_USER/privkey1.pem \ No newline at end of file +sudo cp -r $certbot_home/cert1.pem $certbot_home/privkey1.pem /home/$ssh_ansible_user/ +sudo chown -R $ssh_ansible_user:$ssh_ansible_user /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem +sudo chmod 775 /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem From 13a7a49d574224d8896aad08844b98a7747499e0 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 10:58:37 +0530 Subject: [PATCH 069/104] Issue #22 feat: removed custom sed and bought posix naming conventions custom sed used to replace the ansible inventory, implimented ansible idiomatic way. --- deploy/certbot.sh | 20 +++++++++++++++----- deploy/sunbird_install.sh | 23 +++++++---------------- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/deploy/certbot.sh b/deploy/certbot.sh index 3a96de41b6..b0cdc0c2bc 100755 --- a/deploy/certbot.sh +++ b/deploy/certbot.sh @@ -1,8 +1,10 @@ #!/bin/sh +set -e + # This script won't work for aws, as it's black listed -echo -e "This script won't work for aws, as it's black listed\n so if youre running on aws please press ctrl+c" +echo -e "This script won't work for aws, as it's black listed in letsencrypt\n so if youre running on aws please press ctrl+c with in 5 seconds" sleep 5 @@ -12,17 +14,17 @@ ssh_ansible_user=$(whoami) certbot_home=/etc/letsencrypt/archive/$dns_name -#Check certbot installed or not +#Check certbot installed or not dpkg -S `which certbot` if [ $? -eq 0 ] then echo "certbot is already installed" -else +else sudo apt-get update sudo apt-get install -y software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update - sudo apt-get install -y certbot + sudo apt-get install -y certbot fi sudo ls $certbot_home @@ -30,8 +32,16 @@ if [ $? -eq 0 ] then echo "Certs are already created" else - sudo certbot certonly --standalone -d $dns_name + sudo certbot certonly --standalone -d $dns_name fi sudo cp -r $certbot_home/cert1.pem $certbot_home/privkey1.pem /home/$ssh_ansible_user/ sudo chown -R $ssh_ansible_user:$ssh_ansible_user /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem sudo chmod 775 /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem + + +echo -e "Please take a note of these, and fill it up in config file: \ + \n\n dns_name: $dns_name \n + cert_path: /home/$ssh_ansible_user/cert1.pem \n + key_path: /home/$ssh_ansible_user/privkey1.pem\n + +please remove after the installation process. or keep these in a safe place." diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index e96b8f27c8..5cd6150d94 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -5,14 +5,8 @@ set -eu -o pipefail usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak} ]" 1>&2; exit 1; } # Reading environment and implimentation name -IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' config) -ENV_NAME=$(awk '/env: / {print $2}' config) -APP_HOST=$(awk '/application_host: / {print $2}' config) -DB_HOST=$(awk '/database_host: / {print $2}' config) -SSH_ANSIBLE_USER=$(awk '/ssh_ansible_user: / {print $2}' config) -SSH_ANSIBLE_FILE=$(awk '/ssh_ansible_file: / {print $2}' config) -ANSIBLE_PRIVATE_KEY_PATH=$(awk '/ansible_private_key_path: / {print $2}' config) -ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME +implimentation_name=$(awk '/implementation_name: / {print $2}' config) +env_name=$(awk '/env: / {print $2}' config) #TO skip the host key verification export ANSIBLE_HOST_KEY_CHECKING=False @@ -21,22 +15,19 @@ export ANSIBLE_HOST_KEY_CHECKING=False deps() { sudo ./install-deps.sh; } # Generating configs -config() { - time ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; -} - +config() { time ./generate-config.sh $implimentation_name $env_name core; } # Installing and initializing dbs -dbs() { ./install-dbs.sh $ANSIBLE_VARIABLE_PATH; ./init-dbs.sh $ANSIBLE_VARIABLE_PATH; } +dbs() { ./install-dbs.sh $ansible_variable_path; ./init-dbs.sh $ansible_variable_path; } # Apis -apis() { ./deploy-apis.sh $ANSIBLE_VARIABLE_PATH; } +apis() { ./deploy-apis.sh $ansible_variable_path; } # Proxy -proxy() { ./deploy-proxy.sh $ANSIBLE_VARIABLE_PATH; } +proxy() { ./deploy-proxy.sh $ansible_variable_path; } # Keycloak -keycloak() { ./provision-keycloak.sh $ANSIBLE_VARIABLE_PATH; ./deploy-keycloak-vm.sh $ANSIBLE_VARIABLE_PATH; } +keycloak() { ./provision-keycloak.sh $ansible_variable_path; ./deploy-keycloak-vm.sh $ansible_variable_path; } while getopts "s:h" o;do case "${o}" in From 28550af298387df649d2cb4e1a70e6ebb0d45eb1 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 12:52:19 +0530 Subject: [PATCH 070/104] Issue #23 feat: restore cassandra to a fresh installation --- deploy/complete_backup.sh | 23 +++++++++++++++++++++++ deploy/complete_restore.sh | 27 +++++++++++++++++++++++++++ deploy/config | 24 ++++++++++++++---------- 3 files changed, 64 insertions(+), 10 deletions(-) create mode 100644 deploy/complete_backup.sh create mode 100644 deploy/complete_restore.sh diff --git a/deploy/complete_backup.sh b/deploy/complete_backup.sh new file mode 100644 index 0000000000..d91a89644a --- /dev/null +++ b/deploy/complete_backup.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +CASS_DATA_PATH=/var/lib/cassandra/data + +mkdir keyspace_backup schemas + +echo 'Clearing old snapshots' +nodetool clearsnapshot + +nodetool flush + +echo 'Backing up schema and keyspaces' +ls $CASS_DATA_PATH | grep -v system* > dbs.log + +while read keyspace +do + cp -rf $CASS_DATA_PATH/$keyspace keyspace_backup/ + cqlsh -e "DESC $keyspace" > schemas/$keyspace.schema +done < dbs.log + +echo 'creating zip' + +tar -cvf complete_cassandra_bakup_$(date +%Y%m%d) keyspace_backup schemas dbs.log diff --git a/deploy/complete_restore.sh b/deploy/complete_restore.sh new file mode 100644 index 0000000000..d34e5224cd --- /dev/null +++ b/deploy/complete_restore.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +############################################## +# This scipt is designed to restore data to # +# fresh installation of cassandra # +############################################## + +if [ $# -ne 1 ];then + echo -e "$0 " + exit 1 +fi + +CASS_DATA_PATH=/var/lib/cassandra/data +CASS_ROOT_PATH=$1 + +echo 'Restoring schemas' +for schema in $CASS_ROOT_PATH/schemas/*.schema; do + cqlsh $CASS_IP -e "source '$schema'" +done + +echo 'Restoring KeySpaces' + +for keyspace in $CASS_ROOT_PATH/keyspace_backup/*;do + for table in $keyspace/*; do + sstableloader -d localhost $table + done +done diff --git a/deploy/config b/deploy/config index be404206d0..be6f099871 100644 --- a/deploy/config +++ b/deploy/config @@ -1,33 +1,37 @@ +## Mandatory + #Basic env: # Name of the environment you are deploying. Typically, it is one of development, test, staging, production, etc. implementation_name: #Name of your sunbird implementation. Let's say for the sake of this document, it is ntp. ssh_ansible_user: #ssh user for deploying scripts ansible_private_key_path: #path to the private key file to allow ansible to deploy - +#Database +database_host: #db server private ip +database_password: #common password for all the databases + #Application application_host: #Private ip of the application server app_address_space: #Application server address space (e.g. 10.3.0.0/24) - #Proxy cert_path: #Path to .cert file for nginx key_path: #Path to .key file for nginx dns_name: #Public DNS url of the app the server -#Database -database_host: #db server private ip -database_password: #common password for all the databases - +#Keycloak +keycloak_admin_password: #keycloak admin console password + +#Ekstep +ekstep_base_url: # Ekstep community url ex: https://qa.ekstep.in, for non production + +## Optional, but necessory for core deployment + #Ekstep -ekstep_base_url: # Ekstep community url ex: https://qa.ekstep.in ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal. #Keycloak sso_username: #get the username from keycloak realm import doc ex:user-manager sso_password: #password for keycloak ss_username keycloak_admin_password: #keycloak admin console password -keycloak_theme_path: #Path to the keycloak themes trampoline_secret: #get the trampoline secret from the keycloak realm import doc. - - \ No newline at end of file From 459954084d960d1df51c6f03fcfba494ac4e5a38 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 16:54:13 +0530 Subject: [PATCH 071/104] Issue #23 feat: cassandra restore --- deploy/cassandra_complete_restore.sh | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 deploy/cassandra_complete_restore.sh diff --git a/deploy/cassandra_complete_restore.sh b/deploy/cassandra_complete_restore.sh new file mode 100644 index 0000000000..6992a6bc38 --- /dev/null +++ b/deploy/cassandra_complete_restore.sh @@ -0,0 +1,28 @@ +#!/bin/bash + +############################################## +# This scipt is designed to restore data to # +# fresh installation of cassandra # +############################################## + +if [ $# -ne 1 ];then + echo -e "$0 " + exit 1 +fi + +CASS_DATA_PATH=/var/lib/cassandra/data +CASS_ROOT_PATH=$1 +CASS_IP=$(hostname -I | awk '{print $1}') + +echo 'Restoring schemas' +for schema in $CASS_ROOT_PATH/schemas/*.schema; do + cqlsh $CASS_IP -e "source '$schema'" +done + +echo 'Restoring KeySpaces' + +for keyspace in $CASS_ROOT_PATH/keyspace_backup/*;do + for table in $keyspace/*; do + sstableloader -d $CASS_IP $table + done +done From 5db2eda1829e3cc3eec20be579e87a009925bdb9 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 16:54:52 +0530 Subject: [PATCH 072/104] Issue #23 feat: cassandra backup --- deploy/cassandra_complete_backup.sh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 deploy/cassandra_complete_backup.sh diff --git a/deploy/cassandra_complete_backup.sh b/deploy/cassandra_complete_backup.sh new file mode 100644 index 0000000000..e0569c19b7 --- /dev/null +++ b/deploy/cassandra_complete_backup.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +CASS_DATA_PATH=/var/lib/cassandra/data + +mkdir keyspace_backup schemas + +echo 'Clearing old snapshots' +nodetool clearsnapshot + +nodetool flush + +echo 'Backing up schema and keyspaces' +ls $CASS_DATA_PATH | grep -v system* > dbs.log + +while read keyspace +do + cp -rf $CASS_DATA_PATH/$keyspace keyspace_backup/ + cqlsh -e "DESC $keyspace" > schemas/$keyspace.schema +done < dbs.log + +echo 'creating tar' + +tar -cvf complete_cassandra_bakup_$(date +%Y%m%d).tar keyspace_backup schemas dbs.log From 451a9aab4626cbaa85b0f4ee11af70bf2a844d04 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 30 Jan 2018 16:59:21 +0530 Subject: [PATCH 073/104] Issue #23 feat: cleaning up --- deploy/cassandra_complete_backup.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy/cassandra_complete_backup.sh b/deploy/cassandra_complete_backup.sh index e0569c19b7..d70fc137dd 100644 --- a/deploy/cassandra_complete_backup.sh +++ b/deploy/cassandra_complete_backup.sh @@ -21,3 +21,7 @@ done < dbs.log echo 'creating tar' tar -cvf complete_cassandra_bakup_$(date +%Y%m%d).tar keyspace_backup schemas dbs.log + +if [ $# -eq 0 ];then + rm -rf keyspace_backup schemas dbs.log +fi From 8a45fcf699985e348f33821214643bd3cc6e32c8 Mon Sep 17 00:00:00 2001 From: Rajesh Rajendran Date: Wed, 31 Jan 2018 10:30:35 +0530 Subject: [PATCH 074/104] duplicate of cassandra_complete_backup --- deploy/complete_backup.sh | 23 ----------------------- 1 file changed, 23 deletions(-) delete mode 100644 deploy/complete_backup.sh diff --git a/deploy/complete_backup.sh b/deploy/complete_backup.sh deleted file mode 100644 index d91a89644a..0000000000 --- a/deploy/complete_backup.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -CASS_DATA_PATH=/var/lib/cassandra/data - -mkdir keyspace_backup schemas - -echo 'Clearing old snapshots' -nodetool clearsnapshot - -nodetool flush - -echo 'Backing up schema and keyspaces' -ls $CASS_DATA_PATH | grep -v system* > dbs.log - -while read keyspace -do - cp -rf $CASS_DATA_PATH/$keyspace keyspace_backup/ - cqlsh -e "DESC $keyspace" > schemas/$keyspace.schema -done < dbs.log - -echo 'creating zip' - -tar -cvf complete_cassandra_bakup_$(date +%Y%m%d) keyspace_backup schemas dbs.log From a0878437860123ecd2794eff5c3ef45f0bfd74bb Mon Sep 17 00:00:00 2001 From: Rajesh Rajendran Date: Wed, 31 Jan 2018 10:31:11 +0530 Subject: [PATCH 075/104] duplicate complete_restore --- deploy/complete_restore.sh | 27 --------------------------- 1 file changed, 27 deletions(-) delete mode 100644 deploy/complete_restore.sh diff --git a/deploy/complete_restore.sh b/deploy/complete_restore.sh deleted file mode 100644 index d34e5224cd..0000000000 --- a/deploy/complete_restore.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -############################################## -# This scipt is designed to restore data to # -# fresh installation of cassandra # -############################################## - -if [ $# -ne 1 ];then - echo -e "$0 " - exit 1 -fi - -CASS_DATA_PATH=/var/lib/cassandra/data -CASS_ROOT_PATH=$1 - -echo 'Restoring schemas' -for schema in $CASS_ROOT_PATH/schemas/*.schema; do - cqlsh $CASS_IP -e "source '$schema'" -done - -echo 'Restoring KeySpaces' - -for keyspace in $CASS_ROOT_PATH/keyspace_backup/*;do - for table in $keyspace/*; do - sstableloader -d localhost $table - done -done From ee97e13ddd8a909540322ee17a10fc2ddbcf17d5 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Wed, 31 Jan 2018 10:40:09 +0530 Subject: [PATCH 076/104] Issue #23 feat: posix nomenclature --- deploy/cassandra_complete_backup.sh | 6 +++--- deploy/cassandra_complete_restore.sh | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/deploy/cassandra_complete_backup.sh b/deploy/cassandra_complete_backup.sh index d70fc137dd..b97c1681b4 100644 --- a/deploy/cassandra_complete_backup.sh +++ b/deploy/cassandra_complete_backup.sh @@ -1,6 +1,6 @@ #!/bin/bash -CASS_DATA_PATH=/var/lib/cassandra/data +cass_data_path=/var/lib/cassandra/data mkdir keyspace_backup schemas @@ -10,11 +10,11 @@ nodetool clearsnapshot nodetool flush echo 'Backing up schema and keyspaces' -ls $CASS_DATA_PATH | grep -v system* > dbs.log +ls $Cass_data_path | grep -v system* > dbs.log while read keyspace do - cp -rf $CASS_DATA_PATH/$keyspace keyspace_backup/ + cp -rf $cass_data_path/$keyspace keyspace_backup/ cqlsh -e "DESC $keyspace" > schemas/$keyspace.schema done < dbs.log diff --git a/deploy/cassandra_complete_restore.sh b/deploy/cassandra_complete_restore.sh index 6992a6bc38..59008f0566 100644 --- a/deploy/cassandra_complete_restore.sh +++ b/deploy/cassandra_complete_restore.sh @@ -10,19 +10,19 @@ if [ $# -ne 1 ];then exit 1 fi -CASS_DATA_PATH=/var/lib/cassandra/data -CASS_ROOT_PATH=$1 -CASS_IP=$(hostname -I | awk '{print $1}') +cass_data_path=/var/lib/cassandra/data +cass_root_path=$1 +cass_ip=$(hostname -I | awk '{print $1}') echo 'Restoring schemas' -for schema in $CASS_ROOT_PATH/schemas/*.schema; do - cqlsh $CASS_IP -e "source '$schema'" +for schema in $cass_root_path/schemas/*.schema; do + cqlsh $cass_ip -e "source '$schema'" done echo 'Restoring KeySpaces' -for keyspace in $CASS_ROOT_PATH/keyspace_backup/*;do +for keyspace in $cass_root_path/keyspace_backup/*;do for table in $keyspace/*; do - sstableloader -d $CASS_IP $table + sstableloader -d $cass_ip $table done done From cc9151fc4845723e6388d22554a5b27eaf45a94a Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 31 Jan 2018 16:46:10 +0530 Subject: [PATCH 077/104] Issue #369 chore: fix alerts --- ansible/roles/kong-consumer/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/kong-consumer/tasks/main.yml b/ansible/roles/kong-consumer/tasks/main.yml index 585bb77f57..96de3a8113 100644 --- a/ansible/roles/kong-consumer/tasks/main.yml +++ b/ansible/roles/kong-consumer/tasks/main.yml @@ -29,14 +29,14 @@ register: jwt_token - name: write to file - copy: content="{{jwt_token.stdout}}" dest=~/jwt_token.txt + copy: content="{{jwt_token.stdout}}" dest=/tmp/jwt_token.txt - name: run the sed command - shell: cat ~/jwt_token.txt | grep 'JWT token for player is' + shell: cat /tmp/jwt_token.txt | grep 'JWT token for player is' register: token - name: Copy the script - copy: content="{{token.stdout}}" dest=~/jwt_token_player.txt + copy: content="{{token.stdout}}" dest=/tmp/jwt_token_player.txt - name: remove the file - file: path=~/jwt_token.txt state=absent \ No newline at end of file + file: path=/tmp/jwt_token.txt state=absent \ No newline at end of file From e4b315d50617cedd0c707cc9226f3b74acaf0d0a Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 31 Jan 2018 16:49:09 +0530 Subject: [PATCH 078/104] Issue #369 chore: fix alerts --- ansible/roles/kong-consumer/tasks/main.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/ansible/roles/kong-consumer/tasks/main.yml b/ansible/roles/kong-consumer/tasks/main.yml index 96de3a8113..0ddb6f05ad 100644 --- a/ansible/roles/kong-consumer/tasks/main.yml +++ b/ansible/roles/kong-consumer/tasks/main.yml @@ -29,14 +29,18 @@ register: jwt_token - name: write to file - copy: content="{{jwt_token.stdout}}" dest=/tmp/jwt_token.txt + copy: content="{{jwt_token.stdout}}" dest=~/jwt_token.txt + ignore_erros: yes - name: run the sed command - shell: cat /tmp/jwt_token.txt | grep 'JWT token for player is' + shell: cat ~/jwt_token.txt | grep 'JWT token for player is' register: token + ignore_erros: yes - name: Copy the script - copy: content="{{token.stdout}}" dest=/tmp/jwt_token_player.txt + copy: content="{{token.stdout}}" dest=~/jwt_token_player.txt + ignore_erros: yes - name: remove the file - file: path=/tmp/jwt_token.txt state=absent \ No newline at end of file + file: path=~/jwt_token.txt state=absent + ignore_erros: yes \ No newline at end of file From de2f813f4b3572993be7daf941216e7c9b8c05e7 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 31 Jan 2018 16:52:54 +0530 Subject: [PATCH 079/104] Issue #369 chore: fix alerts --- ansible/roles/kong-consumer/tasks/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/kong-consumer/tasks/main.yml b/ansible/roles/kong-consumer/tasks/main.yml index 0ddb6f05ad..956644825d 100644 --- a/ansible/roles/kong-consumer/tasks/main.yml +++ b/ansible/roles/kong-consumer/tasks/main.yml @@ -30,17 +30,17 @@ - name: write to file copy: content="{{jwt_token.stdout}}" dest=~/jwt_token.txt - ignore_erros: yes + ignore_errors: yes - name: run the sed command shell: cat ~/jwt_token.txt | grep 'JWT token for player is' register: token - ignore_erros: yes + ignore_errors: yes - name: Copy the script copy: content="{{token.stdout}}" dest=~/jwt_token_player.txt - ignore_erros: yes + ignore_errors: yes - name: remove the file file: path=~/jwt_token.txt state=absent - ignore_erros: yes \ No newline at end of file + ignore_errors: yes \ No newline at end of file From 50acdb197344ec532d9c1f69a915d613ee5bd81d Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Fri, 2 Feb 2018 17:13:46 +0530 Subject: [PATCH 080/104] Issue #22 fix: updated missing var --- deploy/sunbird_install.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 5cd6150d94..184e86717e 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -7,6 +7,7 @@ usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak} ]" 1>&2; exit 1; # Reading environment and implimentation name implimentation_name=$(awk '/implementation_name: / {print $2}' config) env_name=$(awk '/env: / {print $2}' config) +ansible_variable_path=$implimentation_name-devops/ansible/inventories/$env_name #TO skip the host key verification export ANSIBLE_HOST_KEY_CHECKING=False From 7a6fac820a1ae69f0880c35572f2e28cb6ad8101 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 3 Feb 2018 08:15:47 +0530 Subject: [PATCH 081/104] Issue #22 feat: updated unused vars --- ansible/inventories/sample/group_vars/sample | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index ea0d719590..f9db0b98c4 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -61,7 +61,7 @@ sunbird_actor_system_name: BackGroundRemoteMiddlewareActorSystem sunbird_sso_username: "{{sso_username}}" sunbird_sso_password: "{{sso_password}}" keycloak_password: "{{keycloak_admin_password}}" #admin password for the keycloak_auth login -keycloak_theme_path: "{{keycloak_theme_path}}" #path to the keycloak theme files +keycloak_theme_path: #path to the keycloak theme files ## Content Repo configuration sunbird_api_auth_token: #Authorization key (JWT) to access Sunbird APIs. This will be in the output of deploy-apis.sh script, extracting it out is documented in the deployment wiki. From a6e3b9b5923113b96b4442177ff9cfc66988dfe8 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 3 Feb 2018 08:53:06 +0530 Subject: [PATCH 082/104] Issue #22 fix: cleanup unused vars --- ansible/inventories/sample/group_vars/sample | 12 +++++----- deploy/config | 25 +++++++------------- 2 files changed, 14 insertions(+), 23 deletions(-) diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index f9db0b98c4..4cbc06ba14 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -46,13 +46,13 @@ sunbird_es_host: "{{ database_host }}" #Private IP of Elastic Search server. If sunbird_ekstep_api_base_url: "{{ekstep_base_url}}/api" #API base URL of the Ekstep environment. Use `https://qa.ekstep.in/api` for non-prod deployments, and use `https://api.ekstep.in/` for prod deployment. sunbird_ekstep_proxy_base_url: "{{ekstep_base_url}}" #Base URL of the Ekstep environment. Use `https://qa.ekstep.in/` for non-prod deployments, and `https://community.ekstep.in/` for prod deployment. sunbird_env: qa #Ekstep environment to connect to. Use `qa` for non-prod deployments, and `prod` for prod deployment. -sunbird_mail_server_host: "{{mail_server_host}}" #SMTP server IP. Could be ignored if not mails are to be sent. -sunbird_mail_server_port: "{{mail_server_port}}" #SMTP port. Could be ignored if not mails are to be sent. -sunbird_mail_server_username: "{{mail_server_username}}" #SMTP username. Could be ignored if not mails are to be sent. -sunbird_mail_server_password: "{{mail_server_password}}" #SMTP server pasword. Could be ignored if not mails are to be sent. -sunbird_mail_server_from_email: "{{mail_server_from_email}}" #Email ID that should be as from address in mails +sunbird_mail_server_host: #SMTP server IP. Could be ignored if not mails are to be sent. +sunbird_mail_server_port: #SMTP port. Could be ignored if not mails are to be sent. +sunbird_mail_server_username: #SMTP username. Could be ignored if not mails are to be sent. +sunbird_mail_server_password: #SMTP server pasword. Could be ignored if not mails are to be sent. +sunbird_mail_server_from_email: #Email ID that should be as from address in mails -#player_tenant_dir: "{{player_tenant_dir}}" #Configure if customising the image, path in which volume should be mounted. +#player_tenant_dir: #Configure if customising the image, path in which volume should be mounted. sunbird_background_actor_host: actor-service sunbird_actor_system_name: BackGroundRemoteMiddlewareActorSystem diff --git a/deploy/config b/deploy/config index be6f099871..aa5ff6d5e9 100644 --- a/deploy/config +++ b/deploy/config @@ -1,37 +1,28 @@ -## Mandatory - #Basic env: # Name of the environment you are deploying. Typically, it is one of development, test, staging, production, etc. implementation_name: #Name of your sunbird implementation. Let's say for the sake of this document, it is ntp. ssh_ansible_user: #ssh user for deploying scripts ansible_private_key_path: #path to the private key file to allow ansible to deploy -#Database -database_host: #db server private ip -database_password: #common password for all the databases - #Application -application_host: #Private ip of the application server -app_address_space: #Application server address space (e.g. 10.3.0.0/24) +application_host: #Private ip of the application server +app_address_space: #Application server address space (e.g. 10.3.0.0/24) #Proxy cert_path: #Path to .cert file for nginx key_path: #Path to .key file for nginx dns_name: #Public DNS url of the app the server -#Keycloak -keycloak_admin_password: #keycloak admin console password - -#Ekstep -ekstep_base_url: # Ekstep community url ex: https://qa.ekstep.in, for non production - -## Optional, but necessory for core deployment - +#Database +database_host: #db server private ip +database_password: #common password for all the databases + #Ekstep +ekstep_base_url: # Ekstep community url ex: https://qa.ekstep.in ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal. #Keycloak -sso_username: #get the username from keycloak realm import doc ex:user-manager +sso_username: #get the username from keycloak realm import doc eg. user-manager sso_password: #password for keycloak ss_username keycloak_admin_password: #keycloak admin console password trampoline_secret: #get the trampoline secret from the keycloak realm import doc. From af7969a0a5006f4a58033ffc976fcdfcd5daf65d Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Sat, 3 Feb 2018 09:12:31 +0530 Subject: [PATCH 083/104] Issue #22 feat: improved docker installation check --- deploy/install-deps.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy/install-deps.sh b/deploy/install-deps.sh index 713d37dc2c..1252771154 100755 --- a/deploy/install-deps.sh +++ b/deploy/install-deps.sh @@ -8,7 +8,9 @@ SWARM_MASTER_IP=$(ip route get 8.8.8.8 | awk '{print $NF; exit}') echo "MasterIP: $SWARM_MASTER_IP" # Remove other versions of docker +if [ $(which docker) ]; apt-get -y remove docker docker-engine docker.io +fi # Install extra packages needed for docker apt-get -y update && \ From c86bfb4e8439648aab68daf6a0a03dcfd981ad5a Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 5 Feb 2018 11:17:13 +0530 Subject: [PATCH 084/104] Issue #22 feat: idempotency --- deploy/install-deps.sh | 78 ++++++++++++++++++++++-------------------- 1 file changed, 41 insertions(+), 37 deletions(-) diff --git a/deploy/install-deps.sh b/deploy/install-deps.sh index 1252771154..67ac432454 100755 --- a/deploy/install-deps.sh +++ b/deploy/install-deps.sh @@ -7,43 +7,47 @@ ANSIBLE_VERSION=2.4.1.0 SWARM_MASTER_IP=$(ip route get 8.8.8.8 | awk '{print $NF; exit}') echo "MasterIP: $SWARM_MASTER_IP" -# Remove other versions of docker -if [ $(which docker) ]; -apt-get -y remove docker docker-engine docker.io +# Check for docker +if [ ! $(which docker) ];then + # Remove other versions of docker + apt-get -y remove docker docker-engine docker.io + + # Install extra packages needed for docker + apt-get -y update && \ + apt-get -y install \ + linux-image-extra-$(uname -r) \ + linux-image-extra-virtual + + # Setup docker repository + apt-get -y install \ + apt-transport-https \ + ca-certificates \ + curl \ + software-properties-common + curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - + apt-key fingerprint 0EBFCD88 + add-apt-repository \ + "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ + $(lsb_release -cs) \ + stable" + apt-get -y update + + # Install Docker engine + apt-get -y install docker-ce=$DOCKER_VERSION + + # Setup docker to system service + systemctl enable docker + systemctl restart docker + + # Initialise Docker Swarm, with current machine as Master (which is active) + docker swarm init --advertise-addr $SWARM_MASTER_IP + + docker node ls fi -# Install extra packages needed for docker -apt-get -y update && \ - apt-get -y install \ - linux-image-extra-$(uname -r) \ - linux-image-extra-virtual - -# Setup docker repository -apt-get -y install \ - apt-transport-https \ - ca-certificates \ - curl \ - software-properties-common -curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - -apt-key fingerprint 0EBFCD88 -add-apt-repository \ - "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ - $(lsb_release -cs) \ - stable" -apt-get -y update - -# Install Docker engine -apt-get -y install docker-ce=$DOCKER_VERSION - +# Checking for ansible +if [ ! $(which ansible) ];then # Install Ansible -apt install -y python-pip -pip install ansible==$ANSIBLE_VERSION - -# Setup docker to system service -systemctl enable docker -systemctl restart docker - -# Initialise Docker Swarm, with current machine as Master (which is active) -docker swarm init --advertise-addr $SWARM_MASTER_IP - -docker node ls + apt install -y python-pip + pip install ansible==$ANSIBLE_VERSION +fi From 18ed3889d13b0e8e39c036cefa021476961e4870 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 5 Feb 2018 12:50:57 +0530 Subject: [PATCH 085/104] Issue #22 fix: Idempotent deps --- deploy/install-deps.sh | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/deploy/install-deps.sh b/deploy/install-deps.sh index 67ac432454..80cd062932 100755 --- a/deploy/install-deps.sh +++ b/deploy/install-deps.sh @@ -2,13 +2,16 @@ # Build script # set -o errexit -DOCKER_VERSION=17.06.2~ce-0~ubuntu -ANSIBLE_VERSION=2.4.1.0 -SWARM_MASTER_IP=$(ip route get 8.8.8.8 | awk '{print $NF; exit}') -echo "MasterIP: $SWARM_MASTER_IP" +docker_version=17.06.2~ce-0~ubuntu +ansible_versioN=2.4.1.0 +swarm_master_iP=$(ip route get 8.8.8.8 | awk '{print $NF; exit}') +echo "MasterIP: $swarm_master_iP" # Check for docker -if [ ! $(which docker) ];then +case "$(docker --version)" in + *17.06.2-ce*) + ;; + *) # Remove other versions of docker apt-get -y remove docker docker-engine docker.io @@ -33,21 +36,26 @@ if [ ! $(which docker) ];then apt-get -y update # Install Docker engine - apt-get -y install docker-ce=$DOCKER_VERSION + apt-get -y install docker-ce=$docker_version # Setup docker to system service systemctl enable docker systemctl restart docker # Initialise Docker Swarm, with current machine as Master (which is active) - docker swarm init --advertise-addr $SWARM_MASTER_IP + docker swarm init --advertise-addr $swarm_master_iP docker node ls -fi + ;; + esac # Checking for ansible -if [ ! $(which ansible) ];then -# Install Ansible - apt install -y python-pip - pip install ansible==$ANSIBLE_VERSION -fi +case "$(ansible --version | head -n1)" in + *2.4.1.0*) + ;; + *) + # Install Ansible + sudo apt install -y python-pip + sudo pip install ansible==$ansible_versioN + ;; +esac From a077f76e45e3e552adbcfcdfa2139b411f41e68c Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 5 Feb 2018 13:04:18 +0530 Subject: [PATCH 086/104] Issue #29 fix: dpkg search failing --- deploy/certbot.sh | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/deploy/certbot.sh b/deploy/certbot.sh index b0cdc0c2bc..209743f745 100755 --- a/deploy/certbot.sh +++ b/deploy/certbot.sh @@ -8,16 +8,14 @@ echo -e "This script won't work for aws, as it's black listed in letsencrypt\n s sleep 5 -echo please enter your dns name +echo please enter your dns name : read dns_name ssh_ansible_user=$(whoami) certbot_home=/etc/letsencrypt/archive/$dns_name #Check certbot installed or not -dpkg -S `which certbot` -if [ $? -eq 0 ] -then +if $(which certbot) ; then echo "certbot is already installed" else sudo apt-get update From 978a270986764df9f023fc84e66e23c4fdfe06be Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 5 Feb 2018 14:05:36 +0530 Subject: [PATCH 087/104] Issue #29 fix: certbot ssl was not getting created --- deploy/certbot.sh | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/deploy/certbot.sh b/deploy/certbot.sh index 209743f745..81b8f29b59 100755 --- a/deploy/certbot.sh +++ b/deploy/certbot.sh @@ -15,7 +15,7 @@ certbot_home=/etc/letsencrypt/archive/$dns_name #Check certbot installed or not -if $(which certbot) ; then +if [ $(which certbot) ]; then echo "certbot is already installed" else sudo apt-get update @@ -25,13 +25,7 @@ else sudo apt-get install -y certbot fi -sudo ls $certbot_home -if [ $? -eq 0 ] -then - echo "Certs are already created" -else - sudo certbot certonly --standalone -d $dns_name -fi +sudo certbot certonly --standalone -d $dns_name sudo cp -r $certbot_home/cert1.pem $certbot_home/privkey1.pem /home/$ssh_ansible_user/ sudo chown -R $ssh_ansible_user:$ssh_ansible_user /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem sudo chmod 775 /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem From be2b3c8828759fd47c903850a0db27539366a906 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 5 Feb 2018 14:15:21 +0530 Subject: [PATCH 088/104] Issue #22 feat: Updated mandatory and optional fields --- deploy/certbot.sh | 1 + deploy/config | 13 +++++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/deploy/certbot.sh b/deploy/certbot.sh index 81b8f29b59..e85d5b306a 100755 --- a/deploy/certbot.sh +++ b/deploy/certbot.sh @@ -26,6 +26,7 @@ else fi sudo certbot certonly --standalone -d $dns_name + sudo cp -r $certbot_home/cert1.pem $certbot_home/privkey1.pem /home/$ssh_ansible_user/ sudo chown -R $ssh_ansible_user:$ssh_ansible_user /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem sudo chmod 775 /home/$ssh_ansible_user/cert1.pem /home/$ssh_ansible_user/privkey1.pem diff --git a/deploy/config b/deploy/config index aa5ff6d5e9..7f7f04d6a2 100644 --- a/deploy/config +++ b/deploy/config @@ -1,3 +1,5 @@ +## Mandatory + #Basic env: # Name of the environment you are deploying. Typically, it is one of development, test, staging, production, etc. implementation_name: #Name of your sunbird implementation. Let's say for the sake of this document, it is ntp. @@ -19,10 +21,17 @@ database_password: #common password for all the databases #Ekstep ekstep_base_url: # Ekstep community url ex: https://qa.ekstep.in -ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal. + +#Keycloak +keycloak_admin_password: #keycloak admin console password + + +## optional; But mandatory for 2nd part of the installation, ie installing core services #Keycloak sso_username: #get the username from keycloak realm import doc eg. user-manager sso_password: #password for keycloak ss_username -keycloak_admin_password: #keycloak admin console password trampoline_secret: #get the trampoline secret from the keycloak realm import doc. + +#Ekstep +ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal. From afb37403214a4cf3f3b879fa95b2cc8d64fbe647 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 5 Feb 2018 14:18:39 +0530 Subject: [PATCH 089/104] Issue #22 feat: updated for core services --- deploy/sunbird_install.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 184e86717e..5d60f434a3 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -30,6 +30,9 @@ proxy() { ./deploy-proxy.sh $ansible_variable_path; } # Keycloak keycloak() { ./provision-keycloak.sh $ansible_variable_path; ./deploy-keycloak-vm.sh $ansible_variable_path; } +# Core +core() { ./deploy-core.sh $ansible_variable_path; } + while getopts "s:h" o;do case "${o}" in s) @@ -56,6 +59,10 @@ while getopts "s:h" o;do echo -e "\n$(date)\n">>keycloak.log; keycloak 2>&1 | tee -a keycloak.log exit 0 ;; + core) + echo -e "\n$(date)\n">>core.log; core 2>&1 | tee -a core.log + exit 0 + ;; *) usage exit 0 From 1d85d710a9d5148edf08aee46d00e943a10401a4 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Mon, 5 Feb 2018 14:29:10 +0530 Subject: [PATCH 090/104] Issue #22 feat: Updated with jwt creation --- ansible/inventories/sample/group_vars/sample | 2 +- deploy/config | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index 4cbc06ba14..759f63c16f 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -64,7 +64,7 @@ keycloak_password: "{{keycloak_admin_password}}" #admin password for the keycloa keycloak_theme_path: #path to the keycloak theme files ## Content Repo configuration -sunbird_api_auth_token: #Authorization key (JWT) to access Sunbird APIs. This will be in the output of deploy-apis.sh script, extracting it out is documented in the deployment wiki. +sunbird_api_auth_token: "{{ekstep_auth_token}}" #Authorization key (JWT) to access Sunbird APIs. This will be in the output of deploy-apis.sh script, extracting it out is documented in the deployment wiki. sunbird_ekstep_api_key: "{{ekstep_api_key}}" #Authorization key (JWT) to access Ekstep APIs. Steps to generate this are documented on https://github.com/project-sunbird/sunbird-commons/wiki/Obtaining-API-token-for-accessing-ekstep-APIs sunbird_trampoline_secret: "{{trampoline_secret}}" diff --git a/deploy/config b/deploy/config index 7f7f04d6a2..1b2384e1e7 100644 --- a/deploy/config +++ b/deploy/config @@ -34,4 +34,5 @@ sso_password: #password for keycloak ss_username trampoline_secret: #get the trampoline secret from the keycloak realm import doc. #Ekstep -ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal. +ekstep_auth_token: # JWT token generated by ansible, you can get it from ~/jwt.txt. +ekstep_api_key: # Jwt token generated by the key,secret produced from the ekstep portal. Please go through this url for more about jwt: https://community.ekstep.in/developer-knowledgebase/45-getting-started-with-apis From 687fb0b1d331e24bfa0f172099bea4d613dce303 Mon Sep 17 00:00:00 2001 From: Amol Ghatol Date: Mon, 5 Feb 2018 17:17:36 +0530 Subject: [PATCH 091/104] Issue #496 feat: Script to automate realm management user creation and initial realm import for new keycloak install --- ansible/roles/keycloak/defaults/main.yml | 11 +- .../files/python-keycloak-0.12.0/PKG-INFO | 19 + .../files/python-keycloak-0.12.0/README.md | 210 ++ .../keycloak-realm.json | 1999 +++++++++++++++++ .../keycloak/__init__.py | 20 + .../keycloak/authorization/__init__.py | 87 + .../keycloak/authorization/permission.py | 98 + .../keycloak/authorization/policy.py | 107 + .../keycloak/authorization/role.py | 39 + .../keycloak/connection.py | 199 ++ .../keycloak/exceptions.py | 93 + .../keycloak/keycloak_admin.py | 670 ++++++ .../keycloak/keycloak_adminchild.py | 10 + .../keycloak/keycloak_main.py | 82 + .../keycloak/keycloak_openid.py | 390 ++++ .../python_keycloak.egg-info/PKG-INFO | 18 + .../python_keycloak.egg-info/SOURCES.txt | 0 .../dependency_links.txt | 1 + .../python_keycloak.egg-info/requires.txt | 3 + .../python_keycloak.egg-info/top_level.txt | 1 + .../keycloak/tests/__init__.py | 0 .../keycloak/tests/test_connection.py | 148 ++ .../keycloak/urls_patterns.py | 54 + .../python_keycloak.egg-info/PKG-INFO | 18 + .../python_keycloak.egg-info/SOURCES.txt | 22 + .../dependency_links.txt | 1 + .../python_keycloak.egg-info/requires.txt | 3 + .../python_keycloak.egg-info/top_level.txt | 1 + .../files/python-keycloak-0.12.0/roles.json | 28 + .../files/python-keycloak-0.12.0/setup.cfg | 7 + .../files/python-keycloak-0.12.0/setup.py | 25 + .../keycloak/tasks/keycloak_bootstrap.yml | 8 + ansible/roles/keycloak/tasks/main.yml | 3 + .../templates/keycloak-bootstrap.conf.j2 | 13 + 34 files changed, 4386 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/SOURCES.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/__init__.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py create mode 100644 ansible/roles/keycloak/tasks/keycloak_bootstrap.yml create mode 100644 ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 diff --git a/ansible/roles/keycloak/defaults/main.yml b/ansible/roles/keycloak/defaults/main.yml index 7836d421f7..637f62a59a 100644 --- a/ansible/roles/keycloak/defaults/main.yml +++ b/ansible/roles/keycloak/defaults/main.yml @@ -57,11 +57,11 @@ wildfly_standalone_config_path: /opt/keycloak/keycloak/standalone/configuration/ keycloak_ext: #keycloak_subsystem: #keycloak_cache_container: -#keycloak_default_ds: +#keycloak_default_ds: keycloak_download_file: keycloak-3.2.0.Final.tar.gz keycloak_ds_driver_url: https://jdbc.postgresql.org/download/postgresql-9.2.1212.jar -#keycloak_ds_driver_path: +#keycloak_ds_driver_path: keycloak_ds_driver_name: "postgresql" keycloak_ds_driver_module: ' @@ -106,3 +106,10 @@ theme: "sunrise.tar.gz" dest_theme: "/opt/keycloak/themes/" theme_file: sunrise keycloak_home: /opt/keycloak +keycloak_realm_json_file_path: "roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json" +keycloak_user_manager_roles_json_file_path: "roles/keycloak/files/python-keycloak-0.12.0/roles.json" +keycloak_api_management_username: "" +keycloak_api_management_user_email: "" +keycloak_api_management_user_first_name: "" +keycloak_api_management_user_last_name: "" +keycloak_api_management_user_password: "" diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO b/ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO new file mode 100644 index 0000000000..e71b54e3b9 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO @@ -0,0 +1,19 @@ +Metadata-Version: 1.1 +Name: python-keycloak +Version: 0.12.0 +Summary: python-keycloak is a Python package providing access to the Keycloak API. +Home-page: https://bitbucket.org/agriness/python-keycloak +Author: Marcos Pereira +Author-email: marcospereira.mpj@gmail.com +License: GNU General Public License - V3 +Description-Content-Type: UNKNOWN +Description: UNKNOWN +Keywords: keycloak openid +Platform: UNKNOWN +Classifier: Programming Language :: Python :: 3 +Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3) +Classifier: Development Status :: 3 - Alpha +Classifier: Operating System :: MacOS +Classifier: Operating System :: Unix +Classifier: Operating System :: Microsoft :: Windows +Classifier: Topic :: Utilities diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md b/ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md new file mode 100644 index 0000000000..c6b0940b08 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md @@ -0,0 +1,210 @@ +[![Documentation Status](https://readthedocs.org/projects/python-keycloak/badge/?version=latest)](http://python-keycloak.readthedocs.io/en/latest/?badge=latest) + +Python Keycloak +==================== + +For review- see https://bitbucket.org/agriness/python-keycloak + +**python-keycloak** is a Python package providing access to the Keycloak API. + +## Installation + +### Via Pypi Package: + +``` $ pip install python-keycloak ``` + +### Manually + +``` $ python setup.py install ``` + +## Dependencies + +python-keycloak depends on: + +* Python 3 +* [requests](http://docs.python-requests.org/en/master/) +* [python-jose](http://python-jose.readthedocs.io/en/latest/) + +### Tests Dependencies + +* unittest +* [httmock](https://github.com/patrys/httmock) + +## Bug reports + +Please report bugs and feature requests at +https://bitbucket.org/agriness/python-keycloak/issues + +## Documentation + +The documentation for python-keycloak is available on [readthedocs](http://python-keycloak.readthedocs.io). + +## Contributors + +* [Agriness Team](http://www.agriness.com/pt/) +* [Marcos Pereira](marcospereira.mpj@gmail.com) +* [Martin Devlin](martin.devlin@pearson.com) +* [Shon T. Urbas](shon.urbas@gmail.com>) + +## Usage + +```python +from keycloak import KeycloakOpenID + +# Configure client +keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/", + client_id="example_client", + realm_name="example_realm", + client_secret_key="secret") + +# Get WellKnow +config_well_know = keycloak_openid.well_know() + +# Get Token +token = keycloak_openid.token("user", "password") + +# Get Userinfo +userinfo = keycloak_openid.userinfo(token['access_token']) + +# Refresh token +token = keycloak_openid.refresh_token(token['refresh_token']) + +# Logout +keycloak_openid.logout(token['refresh_token']) + +# Get Certs +certs = keycloak_openid.certs() + +# Get RPT (Entitlement) +token = keycloak_openid.token("user", "password") +rpt = keycloak_openid.entitlement(token['access_token'], "resource_id") + +# Instropect RPT +token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['access_token'], rpt=rpt['rpt'], + token_type_hint="requesting_party_token")) + +# Introspect Token +token_info = keycloak_openid.introspect(token['access_token'])) + +# Decode Token +KEYCLOAK_PUBLIC_KEY = "secret" +options = {"verify_signature": True, "verify_aud": True, "exp": True} +token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options) + +# Get permissions by token +token = keycloak_openid.token("user", "password") +keycloak_openid.load_authorization_config("example-authz-config.json") +policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY) +permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect') + +# KEYCLOAK ADMIN + +from keycloak import KeycloakAdmin + +keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/", + username='example-admin', + password='secret', + realm_name="example_realm", + verify=True) + +# Add user +new_user = keycloak_admin.create_user({"email": "example@example.com", + "username": "example@example.com", + "enabled": True, + "firstName": "Example", + "lastName": "Example", + "realmRoles": ["user_default", ], + "attributes": {"example": "1,2,3,3,"}}) + + +# Add user and set password +new_user = keycloak_admin.create_user({"email": "example@example.com", + "username": "example@example.com", + "enabled": True, + "firstName": "Example", + "lastName": "Example", + "credentials": [{"value": "secret","type": "password",}], + "realmRoles": ["user_default", ], + "attributes": {"example": "1,2,3,3,"}}) + +# User counter +count_users = keycloak_admin.users_count() + +# Get users Returns a list of users, filtered according to query parameters +users = keycloak_admin.get_users({}) + +# Get user ID from name +user-id-keycloak = keycloak_admin.get_user_id("example@example.com") + +# Get User +user = keycloak_admin.get_user("user-id-keycloak") + +# Update User +response = keycloak_admin.update_user(user_id="user-id-keycloak", + payload={'firstName': 'Example Update'}) + +# Update User Password +response = set_user_password(user_id="user-id-keycloak", password="secret", temporary=True) + +# Delete User +response = keycloak_admin.delete_user(user_id="user-id-keycloak") + +# Get consents granted by the user +consents = keycloak_admin.consents_user(user_id="user-id-keycloak") + +# Send User Action +response = keycloak_admin.send_update_account(user_id="user-id-keycloak", + payload=json.dumps(['UPDATE_PASSWORD'])) + +# Send Verify Email +response = keycloak_admin.send_verify_email(user_id="user-id-keycloak") + +# Get sessions associated with the user +sessions = keycloak_admin.get_sessions(user_id="user-id-keycloak") + +# Get themes, social providers, auth providers, and event listeners available on this server +server_info = keycloak_admin.get_server_info() + +# Get clients belonging to the realm Returns a list of clients belonging to the realm +clients = keycloak_admin.get_clients() + +# Get client - id (not client-id) from client by name +client_id=keycloak_admin.get_client_id("my-client") + +# Get representation of the client - id of client (not client-id) +client = keycloak_admin.get_client(client_id="client_id") + +# Get all roles for the realm or client +realm_roles = keycloak_admin.get_realm_roles() + +# Get all roles for the client +client_roles = keycloak_admin.get_client_roles(client_id="client_id") + +# Get client role +role = keycloak_admin.get_client_role(client_id="client_id", role_name="role_name") + +# Warning: Deprecated +# Get client role id from name +role_id = keycloak_admin.get_client_role_id(client_id="client_id", role_name="test") + +# Create client role +keycloak_admin.create_client_role(client_id, "test") + +# Assign client role to user. Note that BOTH role_name and role_id appear to be required. +keycloak_admin.assign_client_role(client_id="client_id", user_id="user_id", role_id="role_id", role_name="test") + +# Create new group +group = keycloak_admin.create_group(name="Example Group") + +# Get all groups +groups = keycloak_admin.get_groups() + +# Get group +group = keycloak_admin.get_group(group_id='group_id') + +# Get group by name +group = keycloak_admin.get_group_by_name(name_or_path='group_id', search_in_subgroups=True) + +# Function to trigger user sync from provider +sync_users(storage_id="storage_di", action="action") +``` diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json new file mode 100644 index 0000000000..72416d4de4 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json @@ -0,0 +1,1999 @@ +{ + "id": "sunbird", + "realm": "sunbird", + "notBefore": 0, + "revokeRefreshToken": false, + "accessTokenLifespan": 21600, + "accessTokenLifespanForImplicitFlow": 7200, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 21600, + "offlineSessionIdleTimeout": 43200, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": true, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "7b955d7f-0a1e-4935-8391-642886d34612", + "name": "offline_access", + "description": "${role_offline-access}", + "scopeParamRequired": true, + "composite": false, + "clientRole": false, + "containerId": "sunbird" + }, + { + "id": "96adf368-c8e2-4b39-b2a5-2559573edb63", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "scopeParamRequired": false, + "composite": false, + "clientRole": false, + "containerId": "sunbird" + } + ], + "client": { + "realm-management": [ + { + "id": "3f8bf7e5-5d66-4394-8f06-1270529c605f", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "601fa2c9-29d4-49c1-87ac-939a1260f6ce", + "name": "query-realms", + "description": "${role_query-realms}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "9aa1dcd9-cb93-4496-af5f-41b9ecacc1da", + "name": "view-authorization", + "description": "${role_view-authorization}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "98999987-faf5-4c4e-958a-e5463bc4edc6", + "name": "manage-events", + "description": "${role_manage-events}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "f898fca8-5361-49d5-900a-ebf5b775a939", + "name": "impersonation", + "description": "${role_impersonation}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "698dfeb0-b8d2-4240-b8a8-acd4b7a12ad3", + "name": "view-realm", + "description": "${role_view-realm}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "3ff462fc-b33c-431a-b54b-861c3298d910", + "name": "manage-users", + "description": "${role_manage-users}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "be1802b1-558c-404c-bcb9-b9bf77af9788", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "387b44e4-e901-4431-b9af-6abd9377ed46", + "name": "query-clients", + "description": "${role_query-clients}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "a408b6e8-03c9-46a2-97ba-305d09db0c3c", + "name": "view-events", + "description": "${role_view-events}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "41c2f39a-3008-4f9d-9e1e-a7738c118570", + "name": "query-groups", + "description": "${role_query-groups}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "26d3289b-d2eb-4cf2-a501-f1e3fa07344c", + "name": "manage-clients", + "description": "${role_manage-clients}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "e2077ab0-6efb-450d-9cba-89cacd887b71", + "name": "create-client", + "description": "${role_create-client}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "46019462-3dc8-46a8-9786-ffcbad293f43", + "name": "view-users", + "description": "${role_view-users}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "d269f220-e93f-4b43-96a1-9f2c117a2dfb", + "name": "view-clients", + "description": "${role_view-clients}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "0c998f1b-7363-47fb-a493-4b6f4aacb0ba", + "name": "realm-admin", + "description": "${role_realm-admin}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-authorization", + "query-realms", + "view-authorization", + "manage-events", + "impersonation", + "view-realm", + "manage-users", + "manage-identity-providers", + "query-clients", + "view-events", + "query-groups", + "manage-clients", + "create-client", + "view-users", + "view-clients", + "manage-realm", + "view-identity-providers", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "d77bf5a5-5877-450b-b11e-5f874f410e10", + "name": "manage-realm", + "description": "${role_manage-realm}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "d97009ed-d0c7-4afb-b9a3-6ee03ef01a74", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "57118202-c5e5-4c49-829b-c2ed796bfdea", + "name": "query-users", + "description": "${role_query-users}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + } + ], + "security-admin-console": [], + "android": [], + "admin-cli": [], + "trampoline": [], + "broker": [ + { + "id": "19ef58ac-2d90-40a4-a158-0e2f8893264a", + "name": "read-token", + "description": "${role_read-token}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "c3950efa-6684-44c2-b50a-c7b3d16df04b" + } + ], + "portal": [], + "account": [ + { + "id": "1fef7ac5-b042-462b-8298-0446044788b3", + "name": "manage-account", + "description": "${role_manage-account}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d" + }, + { + "id": "f8786348-6fa4-4b13-828e-9f080c9c6824", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d" + }, + { + "id": "91c5c738-9c39-4c4d-bae8-75f18fd7c5e4", + "name": "view-profile", + "description": "${role_view-profile}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d" + } + ] + } + }, + "groups": [], + "defaultRoles": [ + "offline_access", + "uma_authorization" + ], + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "hashIterations(20000)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "clientScopeMappings": { + "realm-management": [ + { + "client": "admin-cli", + "roles": [ + "realm-admin" + ] + }, + { + "client": "security-admin-console", + "roles": [ + "realm-admin" + ] + } + ] + }, + "clients": [ + { + "id": "9a901d18-377b-4615-9b89-677b544be3c5", + "clientId": "trampoline", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "/", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + ], + "webOrigins": [ + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "saml.authnstatement": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "saml.onetimeuse.condition": "false" + }, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "12134027-94cc-401c-bbf6-be565078ddfb", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "6a956bf1-6c40-4549-b335-9fe8c788b18f", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "d32ba1d4-3fef-42ff-aa2b-98cb4bfef6f9", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "9e899fc7-1ddd-447d-810c-d91333d6621c", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "74e4d13f-bd02-4f17-bbbc-d4b79bab1971", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "48fe23c2-a6fb-4c5e-8930-28ad1913829a", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "da893beb-6ac7-420d-b51b-f05dadf56bbc", + "clientId": "android", + "rootUrl": "", + "baseUrl": "/", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "saml.authnstatement": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "saml.onetimeuse.condition": "false" + }, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ff7dac46-16b4-4ab6-a054-dd03d5411fa9", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "32fad9c0-0dfe-45b2-94a1-3e2f74d756ec", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "4fb4d644-c609-4a27-a407-d451bcd83e16", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "84e7c6e5-1afb-44d8-b507-1ed31fa0f351", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "e7ca189f-94de-4996-a192-e93ba960bbba", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "16bedb3b-7571-4106-9a47-66151915ac31", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "8891d8e9-35e6-4a1c-b32b-027be03b0f24", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "32d6a3a4-8635-4a36-bd14-8ac5b73a49cc", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "900fa741-d1b2-467e-88a6-b454a9519568", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "8ea14714-d160-49b8-b612-59102d50ef53", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "bd167b99-5d23-49c1-90c7-85c2b088fed7", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "c4fe56a1-8d15-455a-b87b-cf051454b57c", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "26e3bf4c-8f9a-4548-b0db-5bbb7c398991", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "c3950efa-6684-44c2-b50a-c7b3d16df04b", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "54c3bbc3-850b-4636-82d1-ed4f3a46a00a", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "0f0d9b74-c476-4981-a783-dd4bdbe041ec", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "d6f625cc-eac1-49d0-bea5-17e6f9d3860c", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "bbf35056-9bbe-49a0-aefc-2bde2379ccdc", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "38b04951-1043-4dc6-9504-7b0f31ed71a4", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "88bb836b-7feb-45eb-b004-fb3be8436908", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "b2f45201-1362-4b10-83c3-207d470f44bf", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "71605238-bf41-400e-8c03-a5d78f54b00b", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "a0cb6f3a-30ef-4475-b73f-ca6c2f1f3675", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "3a7708b1-63b9-4116-af7f-969fc1bf61a4", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "c393d7b7-fa22-4e90-9ad7-07d520632c20", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "2d8cbac4-e4dd-4fa6-bf71-98adf826b9dd", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "e77aae69-8ea4-4ee4-bcd6-ba7ef3958c02", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "8c12290d-d62f-48ce-913b-c93bf995ca59", + "clientId": "portal", + "rootUrl": "", + "adminUrl": "/callback", + "baseUrl": "/", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + ], + "webOrigins": [ + "" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "saml.authnstatement": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "saml.onetimeuse.condition": "false" + }, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "63071ff2-a5e5-4d38-b534-a9f25a075403", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "9bf9cad5-dbce-41e9-aa36-d84cc5a768a2", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "238e55b7-6545-467e-856b-f95477afe1ff", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "edb1ff4e-b452-46bc-8c3b-d6075f6ee579", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "7a0118e2-57ff-4d23-bf74-cbfe1f545d1d", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "b59a913e-118a-4dc4-a8d7-66c44ced5345", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "79c518d7-b41a-4e6f-be42-4ef365824100", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "baseUrl": "/auth/admin/sunbird/console/index.html", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + "/auth/admin/sunbird/console/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "c989a8c8-cb8b-40ff-b4b9-86122bad7aa9", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "b180fb8c-997c-4f6a-b774-af677f903139", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "c373dc9a-49d7-4d28-9b94-06cf20fb1955", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "24c7b1c4-62c2-4d92-ab19-49bfaedcc3d4", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "883a39a7-37b4-46ef-a761-3e51b95ccc35", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "95ed8e44-38cc-4f09-8adc-19c12d5eada0", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "consentText": "${locale}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "c66c6a41-eb22-443f-8a77-e68d404ad26f", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d", + "clientId": "account", + "name": "${client_account}", + "baseUrl": "/auth/realms/sunbird/account", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "defaultRoles": [ + "manage-account", + "view-profile" + ], + "redirectUris": [ + "/auth/realms/sunbird/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "a64118ab-33c8-4060-9f3e-3ed817ba8e0d", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "1f4a0c5e-7c8a-4693-8be5-14681b243868", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "8d88a133-a399-4e75-b051-5b0d4ae850ab", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "45593258-916c-4158-8577-d9806c16415a", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "027be48e-b7dc-4c3a-a648-414a466b67dd", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "c93937f9-0446-4be9-8b47-3c6de857497e", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + } + ], + "clientTemplates": [], + "browserSecurityHeaders": { + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "xXSSProtection": "1; mode=block", + "contentSecurityPolicy": "frame-src 'self'" + }, + "smtpServer": { + "password": "", + "starttls": "", + "auth": "true", + "port": "587", + "host": "", + "from": "", + "ssl": "", + "user": "" + }, + "loginTheme": "sunrise", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "84078bbb-e005-44c8-9c7d-a1b4821558da", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "346d857e-4385-4f8f-a2fc-072fd11a10ec", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper" + ], + "consent-required-for-all-mappers": [ + "true" + ] + } + }, + { + "id": "eed64f9f-4b66-45ad-bdb4-4070e3802366", + "name": "Allowed Client Templates", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": {} + }, + { + "id": "17ac4eaa-9139-4b3a-b1db-c82d44c1531d", + "name": "Allowed Client Templates", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "38532936-be91-40e4-b65d-c0abfaf9547c", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "8c1690a2-6eea-4d61-ab66-7a015e3bea3c", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper", + "saml-user-attribute-mapper" + ], + "consent-required-for-all-mappers": [ + "true" + ] + } + }, + { + "id": "3dcc314c-07f8-484d-9535-29424dbaddfc", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "ab52b781-64b9-42a0-99f5-cbeba6710763", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "bd30c46f-9ee3-443d-9faa-6ed8075aac87", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "a93cc73f-b070-48cd-bf08-9b290707c2f5", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "no", + "ru", + "sv", + "pt-BR", + "ja", + "lt", + "en", + "it", + "fr", + "es", + "ca" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "6c9d3423-9956-4d08-a124-41cd17aceb5a", + "alias": "Direct Grant 2", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "requirement": "OPTIONAL", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a7a49eb1-4386-499a-8a8f-13454b428f98", + "alias": "Direct Grant w/o Password", + "description": "Grant user access using only the username and no password.", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [] + }, + { + "id": "c7b2f9c2-525b-486a-b2a8-148606caac0e", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "idp-email-verification", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c4674fef-8631-43c5-8f44-deb8867fa866", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "OPTIONAL", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "35016b3a-a041-47fd-8a85-a131c6f7b745", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8e85927e-349d-4a0a-a7da-efb352ba78ce", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b62ac783-8af6-429e-a8ff-7c8073195675", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "requirement": "OPTIONAL", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e16e69c8-a3e8-480c-8201-8474d614e172", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "487ab3f9-33bf-49e2-8b03-5c45c85ea8b5", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a6d19ee2-387a-4db8-9ecb-2e9f806a88a1", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "OPTIONAL", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "43fc7877-ad15-4c93-b327-15d4ca83f3e1", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8a77377f-60eb-4a23-8bfe-b7c360d7b48f", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "30bd3dd1-f2f1-4708-a07d-08cf759c7b28", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "requirement": "OPTIONAL", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "226a50b1-059a-44ef-8cfe-082dee5d60b9", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "aec72381-3c1d-4a96-b436-ddb72b3737b9", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "51f3fa48-bf74-4df9-9724-c0a9d6fe7c80", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": true, + "defaultAction": false, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "Direct Grant 2", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "_browser_header.xXSSProtection": "1; mode=block", + "_browser_header.xFrameOptions": "SAMEORIGIN", + "permanentLockout": "false", + "quickLoginCheckMilliSeconds": "1000", + "_browser_header.xRobotsTag": "none", + "maxFailureWaitSeconds": "900", + "minimumQuickLoginWaitSeconds": "60", + "failureFactor": "30", + "actionTokenGeneratedByUserLifespan": "300", + "maxDeltaTimeSeconds": "43200", + "_browser_header.xContentTypeOptions": "nosniff", + "actionTokenGeneratedByAdminLifespan": "43200", + "bruteForceProtected": "false", + "_browser_header.contentSecurityPolicy": "frame-src 'self'", + "waitIncrementSeconds": "60" + }, + "keycloakVersion": "3.2.0.Final" +} diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py new file mode 100644 index 0000000000..6da124c13c --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py @@ -0,0 +1,20 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from .keycloak_openid import * +from .keycloak_admin import * +from .keycloak_adminchild import * diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py new file mode 100644 index 0000000000..4a1d86dbeb --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py @@ -0,0 +1,87 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +import ast +import json + +from .permission import Permission +from .policy import Policy +from .role import Role + + +class Authorization: + """ + Keycloak Authorization (policies, roles, scopes and resources). + + https://keycloak.gitbooks.io/documentation/authorization_services/index.html + + """ + + def __init__(self): + self._policies = {} + + @property + def policies(self): + return self._policies + + @policies.setter + def policies(self, value): + self._policies = value + + def load_config(self, data): + """ + Load policies, roles and permissions (scope/resources). + + :param data: keycloak authorization data (dict) + :return: + """ + for pol in data['policies']: + if pol['type'] == 'role': + policy = Policy(name=pol['name'], + type=pol['type'], + logic=pol['logic'], + decision_strategy=pol['decisionStrategy']) + + config_roles = json.loads(pol['config']['roles']) + for role in config_roles: + policy.add_role(Role(name=role['id'], + required=role['required'])) + + self.policies[policy.name] = policy + + if pol['type'] == 'scope': + permission = Permission(name=pol['name'], + type=pol['type'], + logic=pol['logic'], + decision_strategy=pol['decisionStrategy']) + + permission.scopes = ast.literal_eval(pol['config']['scopes']) + + for policy_name in ast.literal_eval(pol['config']['applyPolicies']): + self.policies[policy_name].add_permission(permission) + + if pol['type'] == 'resource': + permission = Permission(name=pol['name'], + type=pol['type'], + logic=pol['logic'], + decision_strategy=pol['decisionStrategy']) + + permission.resources = ast.literal_eval(pol['config']['resources']) + + for policy_name in ast.literal_eval(pol['config']['applyPolicies']): + self.policies[policy_name].add_permission(permission) + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py new file mode 100644 index 0000000000..94eca77954 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py @@ -0,0 +1,98 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + + +class Permission: + """ + Consider this simple and very common permission: + + A permission associates the object being protected with the policies that must be evaluated to determine whether access is granted. + + X CAN DO Y ON RESOURCE Z + + where … + X represents one or more users, roles, or groups, or a combination of them. You can + also use claims and context here. + Y represents an action to be performed, for example, write, view, and so on. + Z represents a protected resource, for example, "/accounts". + + https://keycloak.gitbooks.io/documentation/authorization_services/topics/permission/overview.html + + """ + + def __init__(self, name, type, logic, decision_strategy): + self._name = name + self._type = type + self._logic = logic + self._decision_strategy = decision_strategy + self._resources = [] + self._scopes = [] + + def __repr__(self): + return "" % (self.name, self.type) + + def __str__(self): + return "Permission: %s (%s)" % (self.name, self.type) + + @property + def name(self): + return self._name + + @name.setter + def name(self, value): + self._name = value + + @property + def type(self): + return self._type + + @type.setter + def type(self, value): + self._type = value + + @property + def logic(self): + return self._logic + + @logic.setter + def logic(self, value): + self._logic = value + + @property + def decision_strategy(self): + return self._decision_strategy + + @decision_strategy.setter + def decision_strategy(self, value): + self._decision_strategy = value + + @property + def resources(self): + return self._resources + + @resources.setter + def resources(self, value): + self._resources = value + + @property + def scopes(self): + return self._scopes + + @scopes.setter + def scopes(self, value): + self._scopes = value + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py new file mode 100644 index 0000000000..66512bac3a --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py @@ -0,0 +1,107 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from ..exceptions import KeycloakAuthorizationConfigError + + +class Policy: + """ + A policy defines the conditions that must be satisfied to grant access to an object. + Unlike permissions, you do not specify the object being protected but rather the conditions + that must be satisfied for access to a given object (for example, resource, scope, or both). + Policies are strongly related to the different access control mechanisms (ACMs) that you can use to + protect your resources. With policies, you can implement strategies for attribute-based access control + (ABAC), role-based access control (RBAC), context-based access control, or any combination of these. + + https://keycloak.gitbooks.io/documentation/authorization_services/topics/policy/overview.html + + """ + + def __init__(self, name, type, logic, decision_strategy): + self._name = name + self._type = type + self._logic = logic + self._decision_strategy = decision_strategy + self._roles = [] + self._permissions = [] + + def __repr__(self): + return "" % (self.name, self.type) + + def __str__(self): + return "Policy: %s (%s)" % (self.name, self.type) + + @property + def name(self): + return self._name + + @name.setter + def name(self, value): + self._name = value + + @property + def type(self): + return self._type + + @type.setter + def type(self, value): + self._type = value + + @property + def logic(self): + return self._logic + + @logic.setter + def logic(self, value): + self._logic = value + + @property + def decision_strategy(self): + return self._decision_strategy + + @decision_strategy.setter + def decision_strategy(self, value): + self._decision_strategy = value + + @property + def roles(self): + return self._roles + + @property + def permissions(self): + return self._permissions + + def add_role(self, role): + """ + Add keycloak role in policy. + + :param role: keycloak role. + :return: + """ + if self.type != 'role': + raise KeycloakAuthorizationConfigError( + "Can't add role. Policy type is different of role") + self._roles.append(role) + + def add_permission(self, permission): + """ + Add keycloak permission in policy. + + :param permission: keycloak permission. + :return: + """ + self._permissions.append(permission) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py new file mode 100644 index 0000000000..8d398b09ee --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py @@ -0,0 +1,39 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + + +class Role: + """ + Roles identify a type or category of user. Admin, user, + manager, and employee are all typical roles that may exist in an organization. + + https://keycloak.gitbooks.io/documentation/server_admin/topics/roles.html + + """ + + def __init__(self, name, required=False): + self.name = name + self.required = required + + @property + def get_name(self): + return self.name + + def __eq__(self, other): + if isinstance(other, str): + return self.name == other + return NotImplemented diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py new file mode 100644 index 0000000000..503b688a7f --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py @@ -0,0 +1,199 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +try: + from urllib.parse import urljoin +except ImportError: + from urlparse import urljoin + +from .exceptions import * +import requests + + +class ConnectionManager(object): + """ Represents a simple server connection. + Args: + base_url (str): The server URL. + headers (dict): The header parameters of the requests to the server. + timeout (int): Timeout to use for requests to the server. + verify (bool): Verify server SSL. + """ + + def __init__(self, base_url, headers={}, timeout=60, verify=True): + self._base_url = base_url + self._headers = headers + self._timeout = timeout + self._verify = verify + + @property + def base_url(self): + """ Return base url in use for requests to the server. """ + return self._base_url + + @base_url.setter + def base_url(self, value): + """ """ + self._base_url = value + + @property + def timeout(self): + """ Return timeout in use for request to the server. """ + return self._timeout + + @timeout.setter + def timeout(self, value): + """ """ + self._timeout = value + + @property + def verify(self): + """ Return verify in use for request to the server. """ + return self._verify + + @verify.setter + def verify(self, value): + """ """ + self._verify = value + + @property + def headers(self): + """ Return header request to the server. """ + return self._headers + + @headers.setter + def headers(self, value): + """ """ + self._headers = value + + def param_headers(self, key): + """ Return a specific header parameter. + :arg + key (str): Header parameters key. + :return: + If the header parameters exist, return its value. + """ + return self.headers.get(key) + + def clean_headers(self): + """ Clear header parameters. """ + self.headers = {} + + def exist_param_headers(self, key): + """ Check if the parameter exists in the header. + :arg + key (str): Header parameters key. + :return: + If the header parameters exist, return True. + """ + return self.param_headers(key) is not None + + def add_param_headers(self, key, value): + """ Add a single parameter inside the header. + :arg + key (str): Header parameters key. + value (str): Value to be added. + """ + self.headers[key] = value + + def del_param_headers(self, key): + """ Remove a specific parameter. + :arg + key (str): Key of the header parameters. + """ + self.headers.pop(key, None) + + def raw_get(self, path, **kwargs): + """ Submit get request to the path. + :arg + path (str): Path for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + + try: + return requests.get(urljoin(self.base_url, path), + params=kwargs, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) + + def raw_post(self, path, data, **kwargs): + """ Submit post request to the path. + :arg + path (str): Path for request. + data (dict): Payload for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + try: + return requests.post(urljoin(self.base_url, path), + params=kwargs, + data=data, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) + + def raw_put(self, path, data, **kwargs): + """ Submit put request to the path. + :arg + path (str): Path for request. + data (dict): Payload for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + try: + return requests.put(urljoin(self.base_url, path), + params=kwargs, + data=data, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) + + def raw_delete(self, path, **kwargs): + """ Submit delete request to the path. + + :arg + path (str): Path for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + try: + return requests.delete(urljoin(self.base_url, path), + params=kwargs, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py new file mode 100644 index 0000000000..27d8b14c15 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py @@ -0,0 +1,93 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +import requests + + +class KeycloakError(Exception): + def __init__(self, error_message="", response_code=None, + response_body=None): + + Exception.__init__(self, error_message) + + self.response_code = response_code + self.response_body = response_body + self.error_message = error_message + + def __str__(self): + if self.response_code is not None: + return "{0}: {1}".format(self.response_code, self.error_message) + else: + return "{0}".format(self.error_message) + + +class KeycloakAuthenticationError(KeycloakError): + pass + + +class KeycloakConnectionError(KeycloakError): + pass + + +class KeycloakOperationError(KeycloakError): + pass + + +class KeycloakGetError(KeycloakOperationError): + pass + + +class KeycloakSecretNotFound(KeycloakOperationError): + pass + + +class KeycloakRPTNotFound(KeycloakOperationError): + pass + + +class KeycloakAuthorizationConfigError(KeycloakOperationError): + pass + + +class KeycloakInvalidTokenError(KeycloakOperationError): + pass + + +def raise_error_from_response(response, error, expected_code=200): + + if expected_code == response.status_code: + if expected_code == requests.codes.no_content: + return {} + try: + return response.json() + except ValueError: + return response.content + + try: + message = response.json()['message'] + except (KeyError, ValueError): + message = response.content + + if isinstance(error, dict): + error = error.get(response.status_code, KeycloakOperationError) + else: + if response.status_code == 401: + error = KeycloakAuthenticationError + + raise error(error_message=message, + response_code=response.status_code, + response_body=response.content) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py new file mode 100644 index 0000000000..79f5c2c6d3 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py @@ -0,0 +1,670 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +# Unless otherwise stated in the comments, "id", in e.g. user_id, refers to the +# internal Keycloak server ID, usually a uuid string +from keycloak.urls_patterns import URL_ADMIN_CLIENT_ROLE +from .urls_patterns import \ + URL_ADMIN_USERS_COUNT, URL_ADMIN_USER, URL_ADMIN_USER_CONSENTS, \ + URL_ADMIN_SEND_UPDATE_ACCOUNT, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_GET_SESSIONS, \ + URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENTS, URL_ADMIN_CLIENT, URL_ADMIN_CLIENT_ROLES, URL_ADMIN_REALM_ROLES, \ + URL_ADMIN_GROUP, URL_ADMIN_GROUPS, URL_ADMIN_GROUP_CHILD, URL_ADMIN_USER_GROUP,\ + URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_USER_CLIENT_ROLES, URL_ADMIN_USER_STORAGE, URL_ADMIN_REALM + +from .keycloak_openid import KeycloakOpenID + +from .exceptions import raise_error_from_response, KeycloakGetError + +from .urls_patterns import ( + URL_ADMIN_USERS, +) + +from .connection import ConnectionManager +import json + + +class KeycloakAdmin: + + def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli', verify=True): + """ + + :param server_url: Keycloak server url + :param username: admin username + :param password: admin password + :param realm_name: realm name + :param client_id: client id + :param verify: True if want check connection SSL + """ + self._username = username + self._password = password + self._client_id = client_id + self._realm_name = realm_name + + # Get token Admin + keycloak_openid = KeycloakOpenID(server_url=server_url, client_id=client_id, realm_name=realm_name, + verify=verify) + self._token = keycloak_openid.token(username, password) + + self._connection = ConnectionManager(base_url=server_url, + headers={'Authorization': 'Bearer ' + self.token.get('access_token'), + 'Content-Type': 'application/json'}, + timeout=60, + verify=verify) + + @property + def realm_name(self): + return self._realm_name + + @realm_name.setter + def realm_name(self, value): + self._realm_name = value + + @property + def connection(self): + return self._connection + + @connection.setter + def connection(self, value): + self._connection = value + + @property + def client_id(self): + return self._client_id + + @client_id.setter + def client_id(self, value): + self._client_id = value + + @property + def username(self): + return self._username + + @username.setter + def username(self, value): + self._username = value + + @property + def password(self): + return self._password + + @password.setter + def password(self, value): + self._password = value + + @property + def token(self): + return self._token + + @token.setter + def token(self, value): + self._token = value + + def get_users(self, query=None): + """ + Get users Returns a list of users, filtered according to query parameters + + :return: users list + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_USERS.format(**params_path), **query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def create_user(self, payload): + """ + Create a new user Username must be unique + + UserRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation + + :param payload: UserRepresentation + + :return: UserRepresentation + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_post(URL_ADMIN_USERS.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def users_count(self): + """ + User counter + + :return: counter + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_USERS_COUNT.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_user_id(self, username): + """ + Get internal keycloak user id from username + This is required for further actions against this user. + + UserRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation + + :param username: id in UserRepresentation + + :return: user_id + """ + params_path = {"realm-name": self.realm_name, "username": username} + data_raw = self.connection.raw_get(URL_ADMIN_USERS.format(**params_path)) + data_content = raise_error_from_response(data_raw, KeycloakGetError) + + for user in data_content: + this_use_rname = json.dumps(user["username"]).strip('"') + if this_use_rname == username: + return json.dumps(user["id"]).strip('"') + + return None + + def get_user(self, user_id): + """ + Get representation of the user + + :param user_id: User id + + UserRepresentation: http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation + + :return: UserRepresentation + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_get(URL_ADMIN_USER.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def update_user(self, user_id, payload): + """ + Update the user + + :param user_id: User id + :param payload: UserRepresentation + + :return: Http response + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_put(URL_ADMIN_USER.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def delete_user(self, user_id): + """ + Delete the user + + :param user_id: User id + + :return: Http response + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_delete(URL_ADMIN_USER.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def set_user_password(self, user_id, password, temporary=True): + """ + Set up a password for the user. If temporary is True, the user will have to reset + the temporary password next time they log in. + + http://www.keycloak.org/docs-api/3.2/rest-api/#_users_resource + http://www.keycloak.org/docs-api/3.2/rest-api/#_credentialrepresentation + + :param user_id: User id + :param password: New password + :param temporary: True if password is temporary + + :return: + """ + payload = {"type": "password", "temporary": temporary, "value": password} + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_put(URL_ADMIN_RESET_PASSWORD.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def consents_user(self, user_id): + """ + Get consents granted by the user + + :param user_id: User id + + :return: consents + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_get(URL_ADMIN_USER_CONSENTS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def send_update_account(self, user_id, payload, client_id=None, lifespan=None, redirect_uri=None): + """ + Send a update account email to the user An email contains a + link the user can click to perform a set of required actions. + + :param user_id: + :param payload: + :param client_id: + :param lifespan: + :param redirect_uri: + + :return: + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + params_query = {"client_id": client_id, "lifespan": lifespan, "redirect_uri": redirect_uri} + data_raw = self.connection.raw_put(URL_ADMIN_SEND_UPDATE_ACCOUNT.format(**params_path), + data=payload, **params_query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def send_verify_email(self, user_id, client_id=None, redirect_uri=None): + """ + Send a update account email to the user An email contains a + link the user can click to perform a set of required actions. + + :param user_id: User id + :param client_id: Client id + :param redirect_uri: Redirect uri + + :return: + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + params_query = {"client_id": client_id, "redirect_uri": redirect_uri} + data_raw = self.connection.raw_put(URL_ADMIN_SEND_VERIFY_EMAIL.format(**params_path), + data={}, **params_query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_sessions(self, user_id): + """ + Get sessions associated with the user + + :param user_id: id of user + + UserSessionRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_usersessionrepresentation + + :return: UserSessionRepresentation + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_get(URL_ADMIN_GET_SESSIONS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_server_info(self): + """ + Get themes, social providers, auth providers, and event listeners available on this server + + ServerInfoRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_serverinforepresentation + + :return: ServerInfoRepresentation + """ + data_raw = self.connection.raw_get(URL_ADMIN_SERVER_INFO) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_groups(self): + """ + Get groups belonging to the realm. Returns a list of groups belonging to the realm + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :return: array GroupRepresentation + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_GROUPS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_group(self, group_id): + """ + Get group by id. Returns full group details + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :return: Keycloak server response (GroupRepresentation) + """ + params_path = {"realm-name": self.realm_name, "id": group_id} + data_raw = self.connection.raw_get(URL_ADMIN_GROUP.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_group_by_name(self, name_or_path, search_in_subgroups=False): + """ + Get group id based on name or path. + A straight name or path match with a top-level group will return first. + Subgroups are traversed, the first to match path (or name with path) is returned. + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :param name: group name + :param path: group path + :param search_in_subgroups: True if want search in the subgroups + :return: Keycloak server response (GroupRepresentation) + """ + + groups = self.get_groups() + + # TODO: Review this code is necessary + for group in groups: + if group['name'] == name_or_path or group['path'] == name_or_path: + return group + elif search_in_subgroups and group["subGroups"]: + for subgroup in group["subGroups"]: + if subgroup['name'] == name_or_path or subgroup['path'] == name_or_path: + return subgroup + + return None + + def create_group(self, name=None, client_roles={}, realm_roles=[], sub_groups=[], path=None, parent=None): + """ + Create a group in the Realm + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :param name: group name + :param client_roles: (Dict) Client roles to include in groupp # Not demonstrated to work + :param realm_roles: (List) Realm roles to include in group # Not demonstrated to work + :param sub_groups: (List) Subgroups to include in groupp # Not demonstrated to work + :param path: group path + :param parent: parent group's id. Required to create a sub-group. + + :return: Keycloak server response (GroupRepresentation) + """ + + data = {"name": name or path, + "path": path, + "clientRoles": client_roles, + "realmRoles": realm_roles, + "subGroups": sub_groups} + + if parent is None: + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_post(URL_ADMIN_GROUPS.format(**params_path), + data=json.dumps(data)) + else: + params_path = {"realm-name": self.realm_name, "id": parent} + data_raw = self.connection.raw_post(URL_ADMIN_GROUP_CHILD.format(**params_path), + data=json.dumps(data)) + + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def group_set_permissions(self, group_id, enabled=True): + """ + Enable/Disable permissions for a group. Cannot delete group if disabled + + :param group_id: id of group + :param enabled: boolean + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": group_id} + data_raw = self.connection.raw_put(URL_ADMIN_GROUP_PERMISSIONS.format(**params_path), + data=json.dumps({"enabled": enabled})) + return raise_error_from_response(data_raw, KeycloakGetError) + + def group_user_add(self, user_id, group_id): + """ + Add user to group (user_id and group_id) + + :param group_id: id of group + :param user_id: id of user + :param group_id: id of group to add to + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id} + data_raw = self.connection.raw_put(URL_ADMIN_USER_GROUP.format(**params_path), data=None) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def group_user_remove(self, user_id, group_id): + """ + Remove user from group (user_id and group_id) + + :param group_id: id of group + :param user_id: id of user + :param group_id: id of group to add to + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id} + data_raw = self.connection.raw_delete(URL_ADMIN_USER_GROUP.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def delete_group(self, group_id): + """ + Deletes a group in the Realm + + :param group_id: id of group to delete + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": group_id} + data_raw = self.connection.raw_delete(URL_ADMIN_GROUP.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def get_clients(self): + """ + Get clients belonging to the realm Returns a list of clients belonging to the realm + + ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :return: Keycloak server response (ClientRepresentation) + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENTS.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client(self, client_id): + """ + Get representation of the client + + ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :param client_id: id of client (not client-id) + :return: Keycloak server response (ClientRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": client_id} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENT.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_id(self, client_name): + """ + Get internal keycloak client id from client-id. + This is required for further actions against this client. + + :param client_name: name in ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + :return: client_id (uuid as string) + """ + + clients = self.get_clients() + + for client in clients: + if client_name == client['name']: + return client["id"] + + return None + + def create_client(self, payload): + """ + Create a client + + ClientRepresentation: http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :param payload: ClientRepresentation + :return: Keycloak server response (UserRepresentation) + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_post(URL_ADMIN_CLIENTS.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def delete_client(self, client_id): + """ + Get representation of the client + + ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :param client_id: keycloak client id (not oauth client-id) + :return: Keycloak server response (ClientRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": client_id} + data_raw = self.connection.raw_delete(URL_ADMIN_CLIENT.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def get_realm_roles(self): + """ + Get all roles for the realm or client + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: Keycloak server response (RoleRepresentation) + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_REALM_ROLES.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_roles(self, client_id): + """ + Get all roles for the client + + :param client_id: id of client (not client-id) + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: Keycloak server response (RoleRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": client_id} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ROLES.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_role(self, client_id, role_name): + """ + Get client role id by name + This is required for further actions with this role. + + :param client_id: id of client (not client-id) + :param role_name: role’s name (not id!) + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: role_id + """ + params_path = {"realm-name": self.realm_name, "id": client_id, "role-name": role_name} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ROLE.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_role_id(self, client_id, role_name): + """ + Warning: Deprecated + + Get client role id by name + This is required for further actions with this role. + + :param client_id: id of client (not client-id) + :param role_name: role’s name (not id!) + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: role_id + """ + role = self.get_client_role(client_id, role_name) + return role.get("id") + + def create_client_role(self, payload): + """ + Create a client role + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :param payload: id of client (not client-id), role_name: name of role + :return: Keycloak server response (RoleRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": self.client_id} + data_raw = self.connection.raw_post(URL_ADMIN_CLIENT_ROLES.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def delete_client_role(self, role_name): + """ + Create a client role + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :param role_name: role’s name (not id!) + """ + params_path = {"realm-name": self.realm_name, "id": self.client_id, "role-name": role_name} + data_raw = self.connection.raw_delete(URL_ADMIN_CLIENT_ROLE.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def assign_client_role(self, user_id, client_id, roles): + """ + Assign a client role to a user + + :param client_id: id of client (not client-id) + :param user_id: id of user + :param client_id: id of client containing role, + :param roles: roles list or role (use RoleRepresentation) + :return Keycloak server response + """ + + payload = roles if isinstance(roles, list) else [roles] + params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id} + data_raw = self.connection.raw_post(URL_ADMIN_USER_CLIENT_ROLES.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def sync_users(self, storage_id, action): + """ + Function to trigger user sync from provider + + :param storage_id: + :param action: + :return: + """ + data = {'action': action} + params_query = {"action": action} + + params_path = {"realm-name": self.realm_name, "id": storage_id} + data_raw = self.connection.raw_post(URL_ADMIN_USER_STORAGE.format(**params_path), + data=json.dumps(data), **params_query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def import_realm(self, payload): + """ + Imports a realm from a full representation of that realm + + Realmrepresentation + http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_import_a_realm + + :param payload: Realmrepresentation + + :return: Realmrepresentation + """ + data_raw = self.connection.raw_post(URL_ADMIN_REALM, + data = json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) \ No newline at end of file diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py new file mode 100644 index 0000000000..22b3d50bc4 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py @@ -0,0 +1,10 @@ +from .keycloak_admin import KeycloakAdmin + +class KeycloakAdminChild(KeycloakAdmin): + + def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli', verify=True): + print "in child" + KeycloakAdmin.__init__(self, server_url, username, password, realm_name, client_id, verify); + + def mymethod(): + print "called method" diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py new file mode 100644 index 0000000000..ccddc9cd05 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py @@ -0,0 +1,82 @@ +import json + +from keycloak import KeycloakOpenID +from keycloak import KeycloakAdmin +import urllib2, argparse, json + +# Import realm +def keycloak_import_realm(keycloak_realm_file): + data = json.load(open(keycloak_realm_file)) + print data + realm_import = keycloak_admin.import_realm(data) + +# Add user and set password +def keycloak_create_user(email, username, firstName, lastName, password): + new_user = keycloak_admin.create_user({"email": email, + "username": username, + "emailVerified": True, + "enabled": True, + "firstName": firstName, + "lastName": lastName, + "credentials": [{"value": "12345","type": password}], + "realmRoles": ["user_default"]}) + +# Update client roles under role mappings to ensure that this user has the manage-users, query-users, query-groups and view-users permissions. +def update_user_roles(config): + realm_json = json.load(open(config['keycloak_realm_json_file_path'])) + clientId = "realm-management" + + for client in realm_json['clients']: + if clientId == client['clientId']: + client_id = client["id"] + break + + # @Todo get username from ansible + user = keycloak_admin.get_users({"username":config['keycloak_api_management_username']}) + user_id = user[0]['id']; + + print config['keycloak_user_manager_roles_json_file_path'] + # Read the role from file + with open(config['keycloak_user_manager_roles_json_file_path'], 'r') as data_file: + json_data = data_file.read() + + roles = json.loads(json_data) + keycloak_admin.assign_client_role(user_id, client_id, roles) + + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description='Configure keycloak user apis') + parser.add_argument('keycloak_bootstrap_config', help='keycloak server url') + args = parser.parse_args() + + with open(args.keycloak_bootstrap_config) as keycloak_bootstrap_config: + config = json.load(keycloak_bootstrap_config) + + try: + # Get access token + keycloak_admin = KeycloakAdmin(server_url=config['keycloak_auth_server_url'], + username=config['keycloak_management_user'], + password=config['keycloak_management_password'], + realm_name="master", + client_id='admin-cli', + verify=False) + # Import realm + keycloak_import_realm(config['keycloak_realm_json_file_path']) + + # Set realm name to sunbird + keycloak_admin.realm_name = config['keycloak_realm'] + + # Add user for user api + keycloak_create_user(email=config['keycloak_api_management_user_email'], + username=config['keycloak_api_management_username'], + firstName=config['keycloak_api_management_user_first_name'], + lastName=config['keycloak_api_management_user_last_name'], + password=config['keycloak_api_management_user_password']) + + # Update user roles for access user management API's + update_user_roles(config) + + except urllib2.HTTPError as e: + error_message = e.read() + print error_message + raise diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py new file mode 100644 index 0000000000..f1dcde44e3 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py @@ -0,0 +1,390 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from .authorization import Authorization +from .exceptions import raise_error_from_response, KeycloakGetError, \ + KeycloakRPTNotFound, KeycloakAuthorizationConfigError, KeycloakInvalidTokenError +from .urls_patterns import ( + URL_TOKEN, + URL_USERINFO, + URL_WELL_KNOWN, + URL_LOGOUT, + URL_CERTS, + URL_ENTITLEMENT, + URL_INTROSPECT +) +from .connection import ConnectionManager +from jose import jwt +import json + + +class KeycloakOpenID: + + def __init__(self, server_url, realm_name, client_id, client_secret_key=None, verify=True): + """ + + :param server_url: Keycloak server url + :param client_id: client id + :param realm_name: realm name + :param client_secret_key: client secret key + :param verify: True if want check connection SSL + """ + self._client_id = client_id + self._client_secret_key = client_secret_key + self._realm_name = realm_name + self._connection = ConnectionManager(base_url=server_url, + headers={}, + timeout=60, + verify=verify) + + self._authorization = Authorization() + + @property + def client_id(self): + return self._client_id + + @client_id.setter + def client_id(self, value): + self._client_id = value + + @property + def client_secret_key(self): + return self._client_secret_key + + @client_secret_key.setter + def client_secret_key(self, value): + self._client_secret_key = value + + @property + def realm_name(self): + return self._realm_name + + @realm_name.setter + def realm_name(self, value): + self._realm_name = value + + @property + def connection(self): + return self._connection + + @connection.setter + def connection(self, value): + self._connection = value + + @property + def authorization(self): + return self._authorization + + @authorization.setter + def authorization(self, value): + self._authorization = value + + def _add_secret_key(self, payload): + """ + Add secret key if exist. + + :param payload: + :return: + """ + if self.client_secret_key: + payload.update({"client_secret": self.client_secret_key}) + + return payload + + def _build_name_role(self, role): + """ + + :param role: + :return: + """ + return self.client_id + "/" + role + + def _token_info(self, token, method_token_info, **kwargs): + """ + + :param token: + :param method_token_info: + :param kwargs: + :return: + """ + if method_token_info == 'introspect': + token_info = self.introspect(token) + else: + token_info = self.decode_token(token, **kwargs) + + return token_info + + def well_know(self): + """ The most important endpoint to understand is the well-known configuration + endpoint. It lists endpoints and other configuration options relevant to + the OpenID Connect implementation in Keycloak. + + :return It lists endpoints and other configuration options relevant. + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_WELL_KNOWN.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def auth_url(self, redirect_uri): + """ + + http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint + + :return: + """ + return NotImplemented + + def token(self, username, password, grant_type=["password"]): + """ + The token endpoint is used to obtain tokens. Tokens can either be obtained by + exchanging an authorization code or by supplying credentials directly depending on + what flow is used. The token endpoint is also used to obtain new access tokens + when they expire. + + http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint + + :param username: + :param password: + :param grant_type: + :return: + """ + params_path = {"realm-name": self.realm_name} + payload = {"username": username, "password": password, + "client_id": self.client_id, "grant_type": grant_type} + + payload = self._add_secret_key(payload) + data_raw = self.connection.raw_post(URL_TOKEN.format(**params_path), + data=payload) + return raise_error_from_response(data_raw, KeycloakGetError) + + def refresh_token(self, refresh_token, grant_type=["refresh_token"]): + """ + The token endpoint is used to obtain tokens. Tokens can either be obtained by + exchanging an authorization code or by supplying credentials directly depending on + what flow is used. The token endpoint is also used to obtain new access tokens + when they expire. + + http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint + + :param refresh_token: + :param grant_type: + :return: + """ + params_path = {"realm-name": self.realm_name} + payload = {"client_id": self.client_id, "grant_type": grant_type, "refresh_token": refresh_token} + payload = self._add_secret_key(payload) + data_raw = self.connection.raw_post(URL_TOKEN.format(**params_path), + data=payload) + return raise_error_from_response(data_raw, KeycloakGetError) + + def userinfo(self, token): + """ + The userinfo endpoint returns standard claims about the authenticated user, + and is protected by a bearer token. + + http://openid.net/specs/openid-connect-core-1_0.html#UserInfo + + :param token: + :return: + """ + + self.connection.add_param_headers("Authorization", "Bearer " + token) + params_path = {"realm-name": self.realm_name} + + data_raw = self.connection.raw_get(URL_USERINFO.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def logout(self, refresh_token): + """ + The logout endpoint logs out the authenticated user. + :param refresh_token: + :return: + """ + params_path = {"realm-name": self.realm_name} + payload = {"client_id": self.client_id, "refresh_token": refresh_token} + + payload = self._add_secret_key(payload) + data_raw = self.connection.raw_post(URL_LOGOUT.format(**params_path), + data=payload) + + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def certs(self): + """ + The certificate endpoint returns the public keys enabled by the realm, encoded as a + JSON Web Key (JWK). Depending on the realm settings there can be one or more keys enabled + for verifying tokens. + + https://tools.ietf.org/html/rfc7517 + + :return: + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_CERTS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def entitlement(self, token, resource_server_id): + """ + Client applications can use a specific endpoint to obtain a special security token + called a requesting party token (RPT). This token consists of all the entitlements + (or permissions) for a user as a result of the evaluation of the permissions and authorization + policies associated with the resources being requested. With an RPT, client applications can + gain access to protected resources at the resource server. + + :return: + """ + self.connection.add_param_headers("Authorization", "Bearer " + token) + params_path = {"realm-name": self.realm_name, "resource-server-id": resource_server_id} + data_raw = self.connection.raw_get(URL_ENTITLEMENT.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def introspect(self, token, rpt=None, token_type_hint=None): + """ + The introspection endpoint is used to retrieve the active state of a token. It is can only be + invoked by confidential clients. + + https://tools.ietf.org/html/rfc7662 + + :param token: + :param rpt: + :param token_type_hint: + + :return: + """ + params_path = {"realm-name": self.realm_name} + + payload = {"client_id": self.client_id, "token": token} + + if token_type_hint == 'requesting_party_token': + if rpt: + payload.update({"token": rpt, "token_type_hint": token_type_hint}) + self.connection.add_param_headers("Authorization", "Bearer " + token) + else: + raise KeycloakRPTNotFound("Can't found RPT.") + + payload = self._add_secret_key(payload) + + data_raw = self.connection.raw_post(URL_INTROSPECT.format(**params_path), + data=payload) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def decode_token(self, token, key, algorithms=['RS256'], **kwargs): + """ + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data + structure that represents a cryptographic key. This specification + also defines a JWK Set JSON data structure that represents a set of + JWKs. Cryptographic algorithms and identifiers for use with this + specification are described in the separate JSON Web Algorithms (JWA) + specification and IANA registries established by that specification. + + https://tools.ietf.org/html/rfc7517 + + :param token: + :param key: + :param algorithms: + :return: + """ + + return jwt.decode(token, key, algorithms=algorithms, + audience=self.client_id, **kwargs) + + def load_authorization_config(self, path): + """ + Load Keycloak settings (authorization) + + :param path: settings file (json) + :return: + """ + authorization_file = open(path, 'r') + authorization_json = json.loads(authorization_file.read()) + self.authorization.load_config(authorization_json) + authorization_file.close() + + def get_policies(self, token, method_token_info='introspect', **kwargs): + """ + Get policies by user token + + :param token: user token + :return: policies list + """ + + if not self.authorization.policies: + raise KeycloakAuthorizationConfigError( + "Keycloak settings not found. Load Authorization Keycloak settings." + ) + + token_info = self._token_info(token, method_token_info, **kwargs) + + if method_token_info == 'introspect' and not token_info['active']: + raise KeycloakInvalidTokenError( + "Token expired or invalid." + ) + + user_resources = token_info['resource_access'].get(self.client_id) + + if not user_resources: + return None + + policies = [] + + for policy_name, policy in self.authorization.policies.items(): + for role in user_resources['roles']: + if self._build_name_role(role) in policy.roles: + policies.append(policy) + + return list(set(policies)) + + def get_permissions(self, token, method_token_info='introspect', **kwargs): + """ + Get permission by user token + + :param token: user token + :param method_token_info: Decode token method + :param kwargs: parameters for decode + :return: permissions list + """ + + if not self.authorization.policies: + raise KeycloakAuthorizationConfigError( + "Keycloak settings not found. Load Authorization Keycloak settings." + ) + + token_info = self._token_info(token, method_token_info, **kwargs) + + if method_token_info == 'introspect' and not token_info['active']: + raise KeycloakInvalidTokenError( + "Token expired or invalid." + ) + + user_resources = token_info['resource_access'].get(self.client_id) + + if not user_resources: + return None + + permissions = [] + + for policy_name, policy in self.authorization.policies.items(): + for role in user_resources['roles']: + if self._build_name_role(role) in policy.roles: + permissions += policy.permissions + + return list(set(permissions)) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO new file mode 100644 index 0000000000..e98a1ee3c0 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO @@ -0,0 +1,18 @@ +Metadata-Version: 1.1 +Name: python-keycloak +Version: 0.12.0 +Summary: python-keycloak is a Python package providing access to the Keycloak API. +Home-page: https://bitbucket.org/agriness/python-keycloak +Author: Marcos Pereira +Author-email: marcospereira.mpj@gmail.com +License: GNU General Public License - V3 +Description: UNKNOWN +Keywords: keycloak openid +Platform: UNKNOWN +Classifier: Programming Language :: Python :: 3 +Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3) +Classifier: Development Status :: 3 - Alpha +Classifier: Operating System :: MacOS +Classifier: Operating System :: Unix +Classifier: Operating System :: Microsoft :: Windows +Classifier: Topic :: Utilities diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/SOURCES.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/SOURCES.txt new file mode 100644 index 0000000000..e69de29bb2 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt @@ -0,0 +1 @@ + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt new file mode 100644 index 0000000000..d6eafdf657 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt @@ -0,0 +1,3 @@ +requests==2.18.4 +httmock==1.2.5 +python-jose==1.4.0 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt new file mode 100644 index 0000000000..26c07c1da4 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt @@ -0,0 +1 @@ +keycloak diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/__init__.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py new file mode 100644 index 0000000000..97ec1792df --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py @@ -0,0 +1,148 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from httmock import urlmatch, response, HTTMock, all_requests + +from ..connection import ConnectionManager + + +try: + import unittest +except ImportError: + import unittest2 as unittest + + +class TestConnection(unittest.TestCase): + + def setUp(self): + self._conn = ConnectionManager( + base_url="http://localhost:8080/", + headers={}, + timeout=60) + + @all_requests + def response_content_success(self, url, request): + headers = {'content-type': 'application/json'} + content = b'response_ok' + return response(200, content, headers, None, 5, request) + + def test_raw_get(self): + with HTTMock(self.response_content_success): + resp = self._conn.raw_get("/known_path") + self.assertEqual(resp.content, b'response_ok') + self.assertEqual(resp.status_code, 200) + + def test_raw_post(self): + + @urlmatch(path="/known_path", method="post") + def response_post_success(url, request): + headers = {'content-type': 'application/json'} + content = 'response'.encode("utf-8") + return response(201, content, headers, None, 5, request) + + with HTTMock(response_post_success): + resp = self._conn.raw_post("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, b'response') + self.assertEqual(resp.status_code, 201) + + def test_raw_put(self): + @urlmatch(netloc="localhost", path="/known_path", method="put") + def response_put_success(url, request): + headers = {'content-type': 'application/json'} + content = 'response'.encode("utf-8") + return response(200, content, headers, None, 5, request) + + with HTTMock(response_put_success): + resp = self._conn.raw_put("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, b'response') + self.assertEqual(resp.status_code, 200) + + def test_raw_get_fail(self): + + @urlmatch(netloc="localhost", path="/known_path", method="get") + def response_get_fail(url, request): + headers = {'content-type': 'application/json'} + content = "404 page not found".encode("utf-8") + return response(404, content, headers, None, 5, request) + + with HTTMock(response_get_fail): + resp = self._conn.raw_get("/known_path") + + self.assertEqual(resp.content, b"404 page not found") + self.assertEqual(resp.status_code, 404) + + def test_raw_post_fail(self): + + @urlmatch(netloc="localhost", path="/known_path", method="post") + def response_post_fail(url, request): + headers = {'content-type': 'application/json'} + content = str(["Start can't be blank"]).encode("utf-8") + return response(404, content, headers, None, 5, request) + + with HTTMock(response_post_fail): + resp = self._conn.raw_post("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, str(["Start can't be blank"]).encode("utf-8")) + self.assertEqual(resp.status_code, 404) + + def test_raw_put_fail(self): + + @urlmatch(netloc="localhost", path="/known_path", method="put") + def response_put_fail(url, request): + headers = {'content-type': 'application/json'} + content = str(["Start can't be blank"]).encode("utf-8") + return response(404, content, headers, None, 5, request) + + with HTTMock(response_put_fail): + resp = self._conn.raw_put("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, str(["Start can't be blank"]).encode("utf-8")) + self.assertEqual(resp.status_code, 404) + + def test_add_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertEqual(self._conn.headers, + {"test": "value"}) + + def test_del_param_headers(self): + self._conn.add_param_headers("test", "value") + self._conn.del_param_headers("test") + self.assertEqual(self._conn.headers, {}) + + def test_clean_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertEqual(self._conn.headers, + {"test": "value"}) + self._conn.clean_headers() + self.assertEqual(self._conn.headers, {}) + + def test_exist_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertTrue(self._conn.exist_param_headers("test")) + self.assertFalse(self._conn.exist_param_headers("test_no")) + + def test_get_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertTrue(self._conn.exist_param_headers("test")) + self.assertFalse(self._conn.exist_param_headers("test_no")) + + def test_get_headers(self): + self._conn.add_param_headers("test", "value") + self.assertEqual(self._conn.headers, + {"test": "value"}) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py new file mode 100644 index 0000000000..b57212950b --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +# OPENID URLS +URL_WELL_KNOWN = "realms/{realm-name}/.well-known/openid-configuration" +URL_TOKEN = "realms/{realm-name}/protocol/openid-connect/token" +URL_USERINFO = "realms/{realm-name}/protocol/openid-connect/userinfo" +URL_LOGOUT = "realms/{realm-name}/protocol/openid-connect/logout" +URL_CERTS = "realms/{realm-name}/protocol/openid-connect/certs" +URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect" +URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}" + +# ADMIN URLS +URL_ADMIN_USERS = "admin/realms/{realm-name}/users" +URL_ADMIN_USERS_COUNT = "admin/realms/{realm-name}/users/count" +URL_ADMIN_USER = "admin/realms/{realm-name}/users/{id}" +URL_ADMIN_USER_CONSENTS = "admin/realms/{realm-name}/users/{id}/consents" +URL_ADMIN_SEND_UPDATE_ACCOUNT = "admin/realms/{realm-name}/users/{id}/execute-actions-email" +URL_ADMIN_SEND_VERIFY_EMAIL = "admin/realms/{realm-name}/users/{id}/send-verify-email" +URL_ADMIN_RESET_PASSWORD = "admin/realms/{realm-name}/users/{id}/reset-password" +URL_ADMIN_GET_SESSIONS = "admin/realms/{realm-name}/users/{id}/sessions" +URL_ADMIN_USER_CLIENT_ROLES = "admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}" +URL_ADMIN_USER_GROUP = "admin/realms/{realm-name}/users/{id}/groups/{group-id}" + +URL_ADMIN_SERVER_INFO = "admin/serverinfo" + +URL_ADMIN_GROUPS = "admin/realms/{realm-name}/groups" +URL_ADMIN_GROUP = "admin/realms/{realm-name}/groups/{id}" +URL_ADMIN_GROUP_CHILD = "admin/realms/{realm-name}/groups/{id}/children" +URL_ADMIN_GROUP_PERMISSIONS = "admin/realms/{realm-name}/groups/{id}/management/permissions" + +URL_ADMIN_CLIENTS = "admin/realms/{realm-name}/clients" +URL_ADMIN_CLIENT = "admin/realms/{realm-name}/clients/{id}" +URL_ADMIN_CLIENT_ROLES = "admin/realms/{realm-name}/clients/{id}/roles" +URL_ADMIN_CLIENT_ROLE = "admin/realms/{realm-name}/clients/{id}/roles/{role-name}" + +URL_ADMIN_REALM_ROLES = "admin/realms/{realm-name}/roles" + +URL_ADMIN_USER_STORAGE = "admin/realms/{realm-name}/user-storage/{id}/sync" +URL_ADMIN_REALM = "admin/realms" diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO new file mode 100644 index 0000000000..e98a1ee3c0 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO @@ -0,0 +1,18 @@ +Metadata-Version: 1.1 +Name: python-keycloak +Version: 0.12.0 +Summary: python-keycloak is a Python package providing access to the Keycloak API. +Home-page: https://bitbucket.org/agriness/python-keycloak +Author: Marcos Pereira +Author-email: marcospereira.mpj@gmail.com +License: GNU General Public License - V3 +Description: UNKNOWN +Keywords: keycloak openid +Platform: UNKNOWN +Classifier: Programming Language :: Python :: 3 +Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3) +Classifier: Development Status :: 3 - Alpha +Classifier: Operating System :: MacOS +Classifier: Operating System :: Unix +Classifier: Operating System :: Microsoft :: Windows +Classifier: Topic :: Utilities diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt new file mode 100644 index 0000000000..d0e7305a6e --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt @@ -0,0 +1,22 @@ +README.md +setup.cfg +setup.py +keycloak/__init__.py +keycloak/connection.py +keycloak/exceptions.py +keycloak/keycloak_admin.py +keycloak/keycloak_adminchild.py +keycloak/keycloak_main.py +keycloak/keycloak_openid.py +keycloak/urls_patterns.py +keycloak/authorization/__init__.py +keycloak/authorization/permission.py +keycloak/authorization/policy.py +keycloak/authorization/role.py +keycloak/tests/__init__.py +keycloak/tests/test_connection.py +python_keycloak.egg-info/PKG-INFO +python_keycloak.egg-info/SOURCES.txt +python_keycloak.egg-info/dependency_links.txt +python_keycloak.egg-info/requires.txt +python_keycloak.egg-info/top_level.txt \ No newline at end of file diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt @@ -0,0 +1 @@ + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt new file mode 100644 index 0000000000..d6eafdf657 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt @@ -0,0 +1,3 @@ +requests==2.18.4 +httmock==1.2.5 +python-jose==1.4.0 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt new file mode 100644 index 0000000000..26c07c1da4 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt @@ -0,0 +1 @@ +keycloak diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json b/ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json new file mode 100644 index 0000000000..9aba580d52 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json @@ -0,0 +1,28 @@ +[ + { + "id": "3ff462fc-b33c-431a-b54b-861c3298d910", + "name": "manage-users", + "description": "${role_manage-users}", + "scopeParamRequired": false, + "composite": false,"clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "57118202-c5e5-4c49-829b-c2ed796bfdea", + "name": "query-users", + "description": "${role_query-users}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id":"46019462-3dc8-46a8-9786-ffcbad293f43", + "name":"view-users", + "description":"${role_view-users}", + "scopeParamRequired":false, + "composite":true, + "clientRole":true, + "containerId":"b2f45201-1362-4b10-83c3-207d470f44bf" + } +] \ No newline at end of file diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg new file mode 100644 index 0000000000..9f88734b50 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg @@ -0,0 +1,7 @@ +[metadata] +description-file = README.md + +[egg_info] +tag_build = +tag_date = 0 + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py new file mode 100644 index 0000000000..bf6a505f0a --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py @@ -0,0 +1,25 @@ +# -*- coding: utf-8 -*- + +from setuptools import setup + +setup( + name='python-keycloak', + version='0.12.0', + url='https://bitbucket.org/agriness/python-keycloak', + license='GNU General Public License - V3', + author='Marcos Pereira', + author_email='marcospereira.mpj@gmail.com', + keywords='keycloak openid', + description=u'python-keycloak is a Python package providing access to the Keycloak API.', + packages=['keycloak', 'keycloak.authorization', 'keycloak.tests'], + install_requires=['requests==2.18.4', 'httmock==1.2.5', 'python-jose==1.4.0'], + classifiers=[ + 'Programming Language :: Python :: 3', + 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', + 'Development Status :: 3 - Alpha', + 'Operating System :: MacOS', + 'Operating System :: Unix', + 'Operating System :: Microsoft :: Windows', + 'Topic :: Utilities' + ] +) diff --git a/ansible/roles/keycloak/tasks/keycloak_bootstrap.yml b/ansible/roles/keycloak/tasks/keycloak_bootstrap.yml new file mode 100644 index 0000000000..6b4807a15a --- /dev/null +++ b/ansible/roles/keycloak/tasks/keycloak_bootstrap.yml @@ -0,0 +1,8 @@ +- name: initialize python library to run keycloak bootstrap script + shell: python roles/keycloak/files/python-keycloak-0.12.0/keycloak/setup.py install + +- name: Save keycalok vars to json + template: src="roles/keycloak/templates/keycloak-bootstrap.conf.j2" dest="/tmp/keycloak-bootstrap.conf.json" mode="0644" + +- name: Run the keycloak bootstrap script + shell: python keycloak_main.py /tmp/keycloak-bootstrap.conf.json \ No newline at end of file diff --git a/ansible/roles/keycloak/tasks/main.yml b/ansible/roles/keycloak/tasks/main.yml index 0965ef98af..23f4fa229f 100644 --- a/ansible/roles/keycloak/tasks/main.yml +++ b/ansible/roles/keycloak/tasks/main.yml @@ -6,3 +6,6 @@ tags: - deploy +- include: keycloak_bootstrap.yml + tags: + - keycloak-bootstrap.yml \ No newline at end of file diff --git a/ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 b/ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 new file mode 100644 index 0000000000..e17a8594c1 --- /dev/null +++ b/ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 @@ -0,0 +1,13 @@ +{ + "keycloak_auth_server_url": "{{ keycloak_auth_server_url }}", + "keycloak_management_user": "{{ keycloak_management_user }}", + "keycloak_management_password": "{{ keycloak_management_password }}", + "keycloak_realm": "{{ keycloak_realm }}", + "keycloak_realm_json_file_path": "{{keycloak_realm_json_file_path}}", + "keycloak_user_manager_roles_json_file_path": "{{ keycloak_user_manager_roles_json_file_path }}", + "keycloak_api_management_username": "{{ keycloak_api_management_username }}", + "keycloak_api_management_user_email": "{{ keycloak_api_management_user_email }}", + "keycloak_api_management_user_first_name": "{{ keycloak_api_management_user_first_name }}", + "keycloak_api_management_user_last_name": "{{ keycloak_api_management_user_last_name }}", + "keycloak_api_management_user_password": "{{ keycloak_api_management_user_password }}" +} From 8a745c6656a89b97943b7ada400d4e7dfd258f97 Mon Sep 17 00:00:00 2001 From: Amol Ghatol Date: Mon, 5 Feb 2018 17:21:25 +0530 Subject: [PATCH 092/104] Issue #496 feat: Script to automate realm management user creation and initial realm import for new keycloak install --- .../keycloak/keycloak_adminchild.py | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py deleted file mode 100644 index 22b3d50bc4..0000000000 --- a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_adminchild.py +++ /dev/null @@ -1,10 +0,0 @@ -from .keycloak_admin import KeycloakAdmin - -class KeycloakAdminChild(KeycloakAdmin): - - def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli', verify=True): - print "in child" - KeycloakAdmin.__init__(self, server_url, username, password, realm_name, client_id, verify); - - def mymethod(): - print "called method" From 49bbd6afb1f6fd709fb50bdae1920e8da27a12e8 Mon Sep 17 00:00:00 2001 From: Amol Ghatol Date: Mon, 5 Feb 2018 17:27:07 +0530 Subject: [PATCH 093/104] Issue #496 feat: Script to automate realm management user creation and initial realm import for new keycloak install --- .../files/python-keycloak-0.12.0/keycloak/keycloak_main.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py index ccddc9cd05..6511412c2c 100644 --- a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py @@ -21,7 +21,7 @@ def keycloak_create_user(email, username, firstName, lastName, password): "credentials": [{"value": "12345","type": password}], "realmRoles": ["user_default"]}) -# Update client roles under role mappings to ensure that this user has the manage-users, query-users, query-groups and view-users permissions. +# Create the user and assign the role to access the user management API def update_user_roles(config): realm_json = json.load(open(config['keycloak_realm_json_file_path'])) clientId = "realm-management" @@ -31,7 +31,6 @@ def update_user_roles(config): client_id = client["id"] break - # @Todo get username from ansible user = keycloak_admin.get_users({"username":config['keycloak_api_management_username']}) user_id = user[0]['id']; From 5ab1acbf7a598b2ba8c0a04e295a7244e66f1273 Mon Sep 17 00:00:00 2001 From: Amol Ghatol Date: Tue, 6 Feb 2018 15:19:20 +0530 Subject: [PATCH 094/104] Issue #31 chore: Script to automate realm management user creation and initial realm import for new keycloak install --- .../files/python-keycloak-0.12.0/keycloak/keycloak_main.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py index 6511412c2c..1098521545 100644 --- a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py @@ -7,7 +7,6 @@ # Import realm def keycloak_import_realm(keycloak_realm_file): data = json.load(open(keycloak_realm_file)) - print data realm_import = keycloak_admin.import_realm(data) # Add user and set password @@ -34,7 +33,6 @@ def update_user_roles(config): user = keycloak_admin.get_users({"username":config['keycloak_api_management_username']}) user_id = user[0]['id']; - print config['keycloak_user_manager_roles_json_file_path'] # Read the role from file with open(config['keycloak_user_manager_roles_json_file_path'], 'r') as data_file: json_data = data_file.read() From 631c13f12d0c55fbab7347a5ca1547d9004d8b9e Mon Sep 17 00:00:00 2001 From: manoj v Date: Tue, 6 Feb 2018 17:07:54 +0530 Subject: [PATCH 095/104] Issue #30 chore: hardcoding the deployer sudo pass --- ansible/roles/bootstrap_any/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/bootstrap_any/tasks/main.yml b/ansible/roles/bootstrap_any/tasks/main.yml index c8fd9cb522..a8c1c8f1f5 100644 --- a/ansible/roles/bootstrap_any/tasks/main.yml +++ b/ansible/roles/bootstrap_any/tasks/main.yml @@ -9,7 +9,7 @@ become: yes - name: Create user deployer - user: name=deployer comment="deployer" group=deployer groups=sudo shell=/bin/bash password='{{ sudo_crypt_deployer }}' update_password=always + user: name=deployer comment="deployer" group=deployer groups=sudo shell=/bin/bash password=d3pl0y3r update_password=always become: yes - name: Add ssh public key deployer From cbee3f558ad715731fd733af37b353878bab1c62 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 6 Feb 2018 11:58:33 +0000 Subject: [PATCH 096/104] Issue #22 fix: keycloak is not working after ansible ip overriding --- ansible/inventories/sample/hosts | 18 ++++++++-------- deploy/sunbird_install.sh | 37 +++++++++++++++++++------------- 2 files changed, 31 insertions(+), 24 deletions(-) diff --git a/ansible/inventories/sample/hosts b/ansible/inventories/sample/hosts index 723d1a931a..d7b5d2a88e 100644 --- a/ansible/inventories/sample/hosts +++ b/ansible/inventories/sample/hosts @@ -1,5 +1,5 @@ [swarm-manager-1] -sm-1 ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" swarm_master=true +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" swarm_master=true [swarm-manager:children] swarm-manager-1 @@ -8,16 +8,16 @@ swarm-manager-1 swarm-manager-1 [postgresql-1] -postgres-1 ansible_host="{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [es-1] -es-1 ansible_host="{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" es_instance_name=es-1 es_etc_node_master=true es_etc_node_data=true +"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" es_instance_name=es-1 es_etc_node_master=true es_etc_node_data=true [cassandra-1] -cassandra-1 ansible_host="{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{database_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [keycloak-1] -keycloak-1 ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [keycloak:children] keycloak-1 @@ -34,16 +34,16 @@ es-1 cassandra-1 [kong-api] -kong-api ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-prometheus] -swarm-agent-for-prometheus ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-grafana] -swarm-agent-for-grafana ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [swarm-agent-for-alertmanager] -swarm-agent-for-alertmanager ansible_host="{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" +"{{application_host}}" ansible_ssh_user="{{ssh_ansible_user}}" ansible_ssh_private_key_file="{{ansible_private_key_path}}" [non-swarm-nodes:children] postgresql-master diff --git a/deploy/sunbird_install.sh b/deploy/sunbird_install.sh index 5d60f434a3..7caa54ea36 100755 --- a/deploy/sunbird_install.sh +++ b/deploy/sunbird_install.sh @@ -5,9 +5,14 @@ set -eu -o pipefail usage() { echo "Usage: $0 [ -s {config|dbs|apis|proxy|keycloak} ]" 1>&2; exit 1; } # Reading environment and implimentation name -implimentation_name=$(awk '/implementation_name: / {print $2}' config) -env_name=$(awk '/env: / {print $2}' config) -ansible_variable_path=$implimentation_name-devops/ansible/inventories/$env_name +IMPLIMENTATION_NAME=$(awk '/implementation_name: / {print $2}' config) +ENV_NAME=$(awk '/env: / {print $2}' config) +APP_HOST=$(awk '/application_host: / {print $2}' config) +DB_HOST=$(awk '/database_host: / {print $2}' config) +SSH_ANSIBLE_USER=$(awk '/ssh_ansible_user: / {print $2}' config) +SSH_ANSIBLE_FILE=$(awk '/ssh_ansible_file: / {print $2}' config) +ANSIBLE_PRIVATE_KEY_PATH=$(awk '/ansible_private_key_path: / {print $2}' config) +ANSIBLE_VARIABLE_PATH=$IMPLIMENTATION_NAME-devops/ansible/inventories/$ENV_NAME #TO skip the host key verification export ANSIBLE_HOST_KEY_CHECKING=False @@ -16,22 +21,28 @@ export ANSIBLE_HOST_KEY_CHECKING=False deps() { sudo ./install-deps.sh; } # Generating configs -config() { time ./generate-config.sh $implimentation_name $env_name core; } +config() { + time ./generate-config.sh $IMPLIMENTATION_NAME $ENV_NAME core; + # Creating inventory + sed -i s#\"{{database_host}}\"#$DB_HOST#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{application_host}}\"#$APP_HOST#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{ssh_ansible_user}}\"#$SSH_ANSIBLE_USER#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{ssh_ansible_file}}\"#$SSH_ANSIBLE_FILE#g $ANSIBLE_VARIABLE_PATH/hosts + sed -i s#\"{{ansible_private_key_path}}\"#$ANSIBLE_PRIVATE_KEY_PATH#g $ANSIBLE_VARIABLE_PATH/hosts +} + # Installing and initializing dbs -dbs() { ./install-dbs.sh $ansible_variable_path; ./init-dbs.sh $ansible_variable_path; } +dbs() { ./install-dbs.sh $ANSIBLE_VARIABLE_PATH; ./init-dbs.sh $ANSIBLE_VARIABLE_PATH; } # Apis -apis() { ./deploy-apis.sh $ansible_variable_path; } +apis() { ./deploy-apis.sh $ANSIBLE_VARIABLE_PATH; } # Proxy -proxy() { ./deploy-proxy.sh $ansible_variable_path; } +proxy() { ./deploy-proxy.sh $ANSIBLE_VARIABLE_PATH; } # Keycloak -keycloak() { ./provision-keycloak.sh $ansible_variable_path; ./deploy-keycloak-vm.sh $ansible_variable_path; } - -# Core -core() { ./deploy-core.sh $ansible_variable_path; } +keycloak() { ./provision-keycloak.sh $ANSIBLE_VARIABLE_PATH; ./deploy-keycloak-vm.sh $ANSIBLE_VARIABLE_PATH; } while getopts "s:h" o;do case "${o}" in @@ -59,10 +70,6 @@ while getopts "s:h" o;do echo -e "\n$(date)\n">>keycloak.log; keycloak 2>&1 | tee -a keycloak.log exit 0 ;; - core) - echo -e "\n$(date)\n">>core.log; core 2>&1 | tee -a core.log - exit 0 - ;; *) usage exit 0 From 04bd100de938a844ae62be0306a780b47cdcab54 Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 6 Feb 2018 12:03:16 +0000 Subject: [PATCH 097/104] Issue #22 feat: update variables --- deploy/install-deps.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/deploy/install-deps.sh b/deploy/install-deps.sh index 80cd062932..6ef9a9619d 100755 --- a/deploy/install-deps.sh +++ b/deploy/install-deps.sh @@ -3,9 +3,9 @@ # set -o errexit docker_version=17.06.2~ce-0~ubuntu -ansible_versioN=2.4.1.0 -swarm_master_iP=$(ip route get 8.8.8.8 | awk '{print $NF; exit}') -echo "MasterIP: $swarm_master_iP" +ansible_version=2.4.1.0 +swarm_master_ip=$(ip route get 8.8.8.8 | awk '{print $NF; exit}') +echo "MasterIP: $swarm_master_ip" # Check for docker case "$(docker --version)" in @@ -43,11 +43,11 @@ case "$(docker --version)" in systemctl restart docker # Initialise Docker Swarm, with current machine as Master (which is active) - docker swarm init --advertise-addr $swarm_master_iP + docker swarm init --advertise-addr $swarm_master_ip docker node ls ;; - esac +esac # Checking for ansible case "$(ansible --version | head -n1)" in @@ -56,6 +56,6 @@ case "$(ansible --version | head -n1)" in *) # Install Ansible sudo apt install -y python-pip - sudo pip install ansible==$ansible_versioN + sudo pip install ansible==$ansible_version ;; esac From 2a90f6123f5cdc1a6800264762c1bce851bcc206 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 7 Feb 2018 00:29:21 +0530 Subject: [PATCH 098/104] Issue #30 chore: changed the inventory file --- ansible/roles/bootstrap_any/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/bootstrap_any/tasks/main.yml b/ansible/roles/bootstrap_any/tasks/main.yml index a8c1c8f1f5..b9aa9bd26a 100644 --- a/ansible/roles/bootstrap_any/tasks/main.yml +++ b/ansible/roles/bootstrap_any/tasks/main.yml @@ -9,7 +9,7 @@ become: yes - name: Create user deployer - user: name=deployer comment="deployer" group=deployer groups=sudo shell=/bin/bash password=d3pl0y3r update_password=always + user: name=deployer comment="deployer" group=deployer groups=sudo shell=/bin/bash password="{{sudo_crypt_paasword}}" update_password=always become: yes - name: Add ssh public key deployer From d009427b1990ffc207b6501350e210436af39a39 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 7 Feb 2018 00:29:49 +0530 Subject: [PATCH 099/104] Issue #30 chore: changed the inventory file --- ansible/roles/bootstrap_any/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/bootstrap_any/tasks/main.yml b/ansible/roles/bootstrap_any/tasks/main.yml index b9aa9bd26a..4afd97e2a4 100644 --- a/ansible/roles/bootstrap_any/tasks/main.yml +++ b/ansible/roles/bootstrap_any/tasks/main.yml @@ -9,7 +9,7 @@ become: yes - name: Create user deployer - user: name=deployer comment="deployer" group=deployer groups=sudo shell=/bin/bash password="{{sudo_crypt_paasword}}" update_password=always + user: name=deployer comment="deployer" group=deployer groups=sudo shell=/bin/bash password="{{sudo_crypt_deployer}}" update_password=always become: yes - name: Add ssh public key deployer From 16c59d4a342898d961696ead2e3d99f7eede284f Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 7 Feb 2018 09:07:45 +0530 Subject: [PATCH 100/104] Issue #30 chore: postgres installation --- ansible/roles/postgresql-slave/tasks/main.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ansible/roles/postgresql-slave/tasks/main.yml b/ansible/roles/postgresql-slave/tasks/main.yml index b71f719962..2b04cc9272 100644 --- a/ansible/roles/postgresql-slave/tasks/main.yml +++ b/ansible/roles/postgresql-slave/tasks/main.yml @@ -10,13 +10,13 @@ - name: Move the old data directory to a backup location command: mv {{ postgresql_data_dir }} {{ postgresql_data_dir_backup_path }} -- name: Backup data from master - command: pg_basebackup -h {{ postgresql_master_host }} -D {{ postgresql_data_dir }} -U {{ postgres_replication_user_name }} -P --xlog-method=stream - environment: - PGPASSWORD: "{{ postgres_replication_user_password }}" - become_user: "{{ postgresql_user }}" - async: 3600 - poll: 10 +# - name: Backup data from master +# command: pg_basebackup -h {{ postgresql_master_host }} -D {{ postgresql_data_dir }} -U {{ postgres_replication_user_name }} -P --xlog-method=stream +# environment: +# PGPASSWORD: "{{ postgres_replication_user_password }}" +# become_user: "{{ postgresql_user }}" +# async: 3600 +# poll: 10 - name: ensure trigger file does not exist file: path="{{ postgres_slave_to_master_trigger_file }}" state=absent From 25fded9f9cb625f26c91f07195dba2219c57a080 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 7 Feb 2018 09:26:02 +0530 Subject: [PATCH 101/104] Issue #30 chore: postgres installation --- ansible/roles/bootstrap_any/tasks/main.yml | 46 ------------------- ansible/roles/postgresql-slave/tasks/main.yml | 14 +++--- 2 files changed, 7 insertions(+), 53 deletions(-) diff --git a/ansible/roles/bootstrap_any/tasks/main.yml b/ansible/roles/bootstrap_any/tasks/main.yml index 4afd97e2a4..e7d5e92d1a 100644 --- a/ansible/roles/bootstrap_any/tasks/main.yml +++ b/ansible/roles/bootstrap_any/tasks/main.yml @@ -1,9 +1,5 @@ - include_vars: "{{inventory_dir}}/secrets.yml" -# - name: APT update -# become: yes -# apt: update_cache=yes - - name: Create group deployer group: name=deployer state=present become: yes @@ -16,48 +12,6 @@ authorized_key: user=deployer key='{{ssh_public_key_deployer}}' become: yes -# - name: SSH configuration file change -# become: yes -# template: -# src: sshd.j2 -# dest: /etc/ssh/sshd_config -# group: root -# owner: root -# mode: 0644 - -# - name: Forward ssh-agent -# become: yes -# template: -# src: ssh.j2 -# dest: /etc/ssh/ssh_config -# group: root -# owner: root -# mode: 0644 - -# - name: Creating banner -# become: yes -# template: -# src: banner.j2 -# dest: /etc/issue.net -# group: root -# owner: root -# mode: 0644 - -# - name: Install python-dev -# apt: name=python-dev state=present -# become: yes - -# - name: Install pip -# apt: name=python-pip state=present -# become: yes - -# - name: Install zip -# apt: name=zip state=present -# become: yes - -# - name: Install unzip -# apt: name=unzip state=present -# become: yes - name: Create ulimit configuration template: diff --git a/ansible/roles/postgresql-slave/tasks/main.yml b/ansible/roles/postgresql-slave/tasks/main.yml index 2b04cc9272..b71f719962 100644 --- a/ansible/roles/postgresql-slave/tasks/main.yml +++ b/ansible/roles/postgresql-slave/tasks/main.yml @@ -10,13 +10,13 @@ - name: Move the old data directory to a backup location command: mv {{ postgresql_data_dir }} {{ postgresql_data_dir_backup_path }} -# - name: Backup data from master -# command: pg_basebackup -h {{ postgresql_master_host }} -D {{ postgresql_data_dir }} -U {{ postgres_replication_user_name }} -P --xlog-method=stream -# environment: -# PGPASSWORD: "{{ postgres_replication_user_password }}" -# become_user: "{{ postgresql_user }}" -# async: 3600 -# poll: 10 +- name: Backup data from master + command: pg_basebackup -h {{ postgresql_master_host }} -D {{ postgresql_data_dir }} -U {{ postgres_replication_user_name }} -P --xlog-method=stream + environment: + PGPASSWORD: "{{ postgres_replication_user_password }}" + become_user: "{{ postgresql_user }}" + async: 3600 + poll: 10 - name: ensure trigger file does not exist file: path="{{ postgres_slave_to_master_trigger_file }}" state=absent From aef9931b0946680fd48b0eff6de3e6329f57cf4e Mon Sep 17 00:00:00 2001 From: ahghatol Date: Wed, 7 Feb 2018 12:20:46 +0530 Subject: [PATCH 102/104] Script to automate realm management user creation and initial realm import for new keycloak install (#31) * Issue #496 feat: Script to automate realm management user creation and initial realm import for new keycloak install * Issue #496 feat: Script to automate realm management user creation and initial realm import for new keycloak install * Issue #496 feat: Script to automate realm management user creation and initial realm import for new keycloak install * Issue #31 chore: Script to automate realm management user creation and initial realm import for new keycloak install --- ansible/roles/keycloak/defaults/main.yml | 11 +- .../files/python-keycloak-0.12.0/PKG-INFO | 19 + .../files/python-keycloak-0.12.0/README.md | 210 ++ .../keycloak-realm.json | 1999 +++++++++++++++++ .../keycloak/__init__.py | 20 + .../keycloak/authorization/__init__.py | 87 + .../keycloak/authorization/permission.py | 98 + .../keycloak/authorization/policy.py | 107 + .../keycloak/authorization/role.py | 39 + .../keycloak/connection.py | 199 ++ .../keycloak/exceptions.py | 93 + .../keycloak/keycloak_admin.py | 670 ++++++ .../keycloak/keycloak_main.py | 79 + .../keycloak/keycloak_openid.py | 390 ++++ .../python_keycloak.egg-info/PKG-INFO | 18 + .../python_keycloak.egg-info/SOURCES.txt | 0 .../dependency_links.txt | 1 + .../python_keycloak.egg-info/requires.txt | 3 + .../python_keycloak.egg-info/top_level.txt | 1 + .../keycloak/tests/__init__.py | 0 .../keycloak/tests/test_connection.py | 148 ++ .../keycloak/urls_patterns.py | 54 + .../python_keycloak.egg-info/PKG-INFO | 18 + .../python_keycloak.egg-info/SOURCES.txt | 22 + .../dependency_links.txt | 1 + .../python_keycloak.egg-info/requires.txt | 3 + .../python_keycloak.egg-info/top_level.txt | 1 + .../files/python-keycloak-0.12.0/roles.json | 28 + .../files/python-keycloak-0.12.0/setup.cfg | 7 + .../files/python-keycloak-0.12.0/setup.py | 25 + .../keycloak/tasks/keycloak_bootstrap.yml | 8 + ansible/roles/keycloak/tasks/main.yml | 3 + .../templates/keycloak-bootstrap.conf.j2 | 13 + 33 files changed, 4373 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/SOURCES.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/__init__.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg create mode 100644 ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py create mode 100644 ansible/roles/keycloak/tasks/keycloak_bootstrap.yml create mode 100644 ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 diff --git a/ansible/roles/keycloak/defaults/main.yml b/ansible/roles/keycloak/defaults/main.yml index 7836d421f7..637f62a59a 100644 --- a/ansible/roles/keycloak/defaults/main.yml +++ b/ansible/roles/keycloak/defaults/main.yml @@ -57,11 +57,11 @@ wildfly_standalone_config_path: /opt/keycloak/keycloak/standalone/configuration/ keycloak_ext: #keycloak_subsystem: #keycloak_cache_container: -#keycloak_default_ds: +#keycloak_default_ds: keycloak_download_file: keycloak-3.2.0.Final.tar.gz keycloak_ds_driver_url: https://jdbc.postgresql.org/download/postgresql-9.2.1212.jar -#keycloak_ds_driver_path: +#keycloak_ds_driver_path: keycloak_ds_driver_name: "postgresql" keycloak_ds_driver_module: ' @@ -106,3 +106,10 @@ theme: "sunrise.tar.gz" dest_theme: "/opt/keycloak/themes/" theme_file: sunrise keycloak_home: /opt/keycloak +keycloak_realm_json_file_path: "roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json" +keycloak_user_manager_roles_json_file_path: "roles/keycloak/files/python-keycloak-0.12.0/roles.json" +keycloak_api_management_username: "" +keycloak_api_management_user_email: "" +keycloak_api_management_user_first_name: "" +keycloak_api_management_user_last_name: "" +keycloak_api_management_user_password: "" diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO b/ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO new file mode 100644 index 0000000000..e71b54e3b9 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/PKG-INFO @@ -0,0 +1,19 @@ +Metadata-Version: 1.1 +Name: python-keycloak +Version: 0.12.0 +Summary: python-keycloak is a Python package providing access to the Keycloak API. +Home-page: https://bitbucket.org/agriness/python-keycloak +Author: Marcos Pereira +Author-email: marcospereira.mpj@gmail.com +License: GNU General Public License - V3 +Description-Content-Type: UNKNOWN +Description: UNKNOWN +Keywords: keycloak openid +Platform: UNKNOWN +Classifier: Programming Language :: Python :: 3 +Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3) +Classifier: Development Status :: 3 - Alpha +Classifier: Operating System :: MacOS +Classifier: Operating System :: Unix +Classifier: Operating System :: Microsoft :: Windows +Classifier: Topic :: Utilities diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md b/ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md new file mode 100644 index 0000000000..c6b0940b08 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/README.md @@ -0,0 +1,210 @@ +[![Documentation Status](https://readthedocs.org/projects/python-keycloak/badge/?version=latest)](http://python-keycloak.readthedocs.io/en/latest/?badge=latest) + +Python Keycloak +==================== + +For review- see https://bitbucket.org/agriness/python-keycloak + +**python-keycloak** is a Python package providing access to the Keycloak API. + +## Installation + +### Via Pypi Package: + +``` $ pip install python-keycloak ``` + +### Manually + +``` $ python setup.py install ``` + +## Dependencies + +python-keycloak depends on: + +* Python 3 +* [requests](http://docs.python-requests.org/en/master/) +* [python-jose](http://python-jose.readthedocs.io/en/latest/) + +### Tests Dependencies + +* unittest +* [httmock](https://github.com/patrys/httmock) + +## Bug reports + +Please report bugs and feature requests at +https://bitbucket.org/agriness/python-keycloak/issues + +## Documentation + +The documentation for python-keycloak is available on [readthedocs](http://python-keycloak.readthedocs.io). + +## Contributors + +* [Agriness Team](http://www.agriness.com/pt/) +* [Marcos Pereira](marcospereira.mpj@gmail.com) +* [Martin Devlin](martin.devlin@pearson.com) +* [Shon T. Urbas](shon.urbas@gmail.com>) + +## Usage + +```python +from keycloak import KeycloakOpenID + +# Configure client +keycloak_openid = KeycloakOpenID(server_url="http://localhost:8080/auth/", + client_id="example_client", + realm_name="example_realm", + client_secret_key="secret") + +# Get WellKnow +config_well_know = keycloak_openid.well_know() + +# Get Token +token = keycloak_openid.token("user", "password") + +# Get Userinfo +userinfo = keycloak_openid.userinfo(token['access_token']) + +# Refresh token +token = keycloak_openid.refresh_token(token['refresh_token']) + +# Logout +keycloak_openid.logout(token['refresh_token']) + +# Get Certs +certs = keycloak_openid.certs() + +# Get RPT (Entitlement) +token = keycloak_openid.token("user", "password") +rpt = keycloak_openid.entitlement(token['access_token'], "resource_id") + +# Instropect RPT +token_rpt_info = keycloak_openid.introspect(keycloak_openid.introspect(token['access_token'], rpt=rpt['rpt'], + token_type_hint="requesting_party_token")) + +# Introspect Token +token_info = keycloak_openid.introspect(token['access_token'])) + +# Decode Token +KEYCLOAK_PUBLIC_KEY = "secret" +options = {"verify_signature": True, "verify_aud": True, "exp": True} +token_info = keycloak_openid.decode_token(token['access_token'], key=KEYCLOAK_PUBLIC_KEY, options=options) + +# Get permissions by token +token = keycloak_openid.token("user", "password") +keycloak_openid.load_authorization_config("example-authz-config.json") +policies = keycloak_openid.get_policies(token['access_token'], method_token_info='decode', key=KEYCLOAK_PUBLIC_KEY) +permissions = keycloak_openid.get_permissions(token['access_token'], method_token_info='introspect') + +# KEYCLOAK ADMIN + +from keycloak import KeycloakAdmin + +keycloak_admin = KeycloakAdmin(server_url="http://localhost:8080/auth/", + username='example-admin', + password='secret', + realm_name="example_realm", + verify=True) + +# Add user +new_user = keycloak_admin.create_user({"email": "example@example.com", + "username": "example@example.com", + "enabled": True, + "firstName": "Example", + "lastName": "Example", + "realmRoles": ["user_default", ], + "attributes": {"example": "1,2,3,3,"}}) + + +# Add user and set password +new_user = keycloak_admin.create_user({"email": "example@example.com", + "username": "example@example.com", + "enabled": True, + "firstName": "Example", + "lastName": "Example", + "credentials": [{"value": "secret","type": "password",}], + "realmRoles": ["user_default", ], + "attributes": {"example": "1,2,3,3,"}}) + +# User counter +count_users = keycloak_admin.users_count() + +# Get users Returns a list of users, filtered according to query parameters +users = keycloak_admin.get_users({}) + +# Get user ID from name +user-id-keycloak = keycloak_admin.get_user_id("example@example.com") + +# Get User +user = keycloak_admin.get_user("user-id-keycloak") + +# Update User +response = keycloak_admin.update_user(user_id="user-id-keycloak", + payload={'firstName': 'Example Update'}) + +# Update User Password +response = set_user_password(user_id="user-id-keycloak", password="secret", temporary=True) + +# Delete User +response = keycloak_admin.delete_user(user_id="user-id-keycloak") + +# Get consents granted by the user +consents = keycloak_admin.consents_user(user_id="user-id-keycloak") + +# Send User Action +response = keycloak_admin.send_update_account(user_id="user-id-keycloak", + payload=json.dumps(['UPDATE_PASSWORD'])) + +# Send Verify Email +response = keycloak_admin.send_verify_email(user_id="user-id-keycloak") + +# Get sessions associated with the user +sessions = keycloak_admin.get_sessions(user_id="user-id-keycloak") + +# Get themes, social providers, auth providers, and event listeners available on this server +server_info = keycloak_admin.get_server_info() + +# Get clients belonging to the realm Returns a list of clients belonging to the realm +clients = keycloak_admin.get_clients() + +# Get client - id (not client-id) from client by name +client_id=keycloak_admin.get_client_id("my-client") + +# Get representation of the client - id of client (not client-id) +client = keycloak_admin.get_client(client_id="client_id") + +# Get all roles for the realm or client +realm_roles = keycloak_admin.get_realm_roles() + +# Get all roles for the client +client_roles = keycloak_admin.get_client_roles(client_id="client_id") + +# Get client role +role = keycloak_admin.get_client_role(client_id="client_id", role_name="role_name") + +# Warning: Deprecated +# Get client role id from name +role_id = keycloak_admin.get_client_role_id(client_id="client_id", role_name="test") + +# Create client role +keycloak_admin.create_client_role(client_id, "test") + +# Assign client role to user. Note that BOTH role_name and role_id appear to be required. +keycloak_admin.assign_client_role(client_id="client_id", user_id="user_id", role_id="role_id", role_name="test") + +# Create new group +group = keycloak_admin.create_group(name="Example Group") + +# Get all groups +groups = keycloak_admin.get_groups() + +# Get group +group = keycloak_admin.get_group(group_id='group_id') + +# Get group by name +group = keycloak_admin.get_group_by_name(name_or_path='group_id', search_in_subgroups=True) + +# Function to trigger user sync from provider +sync_users(storage_id="storage_di", action="action") +``` diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json new file mode 100644 index 0000000000..72416d4de4 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json @@ -0,0 +1,1999 @@ +{ + "id": "sunbird", + "realm": "sunbird", + "notBefore": 0, + "revokeRefreshToken": false, + "accessTokenLifespan": 21600, + "accessTokenLifespanForImplicitFlow": 7200, + "ssoSessionIdleTimeout": 1800, + "ssoSessionMaxLifespan": 21600, + "offlineSessionIdleTimeout": 43200, + "accessCodeLifespan": 60, + "accessCodeLifespanUserAction": 300, + "accessCodeLifespanLogin": 1800, + "actionTokenGeneratedByAdminLifespan": 43200, + "actionTokenGeneratedByUserLifespan": 300, + "enabled": true, + "sslRequired": "external", + "registrationAllowed": false, + "registrationEmailAsUsername": false, + "rememberMe": true, + "verifyEmail": false, + "loginWithEmailAllowed": true, + "duplicateEmailsAllowed": false, + "resetPasswordAllowed": true, + "editUsernameAllowed": false, + "bruteForceProtected": false, + "permanentLockout": false, + "maxFailureWaitSeconds": 900, + "minimumQuickLoginWaitSeconds": 60, + "waitIncrementSeconds": 60, + "quickLoginCheckMilliSeconds": 1000, + "maxDeltaTimeSeconds": 43200, + "failureFactor": 30, + "roles": { + "realm": [ + { + "id": "7b955d7f-0a1e-4935-8391-642886d34612", + "name": "offline_access", + "description": "${role_offline-access}", + "scopeParamRequired": true, + "composite": false, + "clientRole": false, + "containerId": "sunbird" + }, + { + "id": "96adf368-c8e2-4b39-b2a5-2559573edb63", + "name": "uma_authorization", + "description": "${role_uma_authorization}", + "scopeParamRequired": false, + "composite": false, + "clientRole": false, + "containerId": "sunbird" + } + ], + "client": { + "realm-management": [ + { + "id": "3f8bf7e5-5d66-4394-8f06-1270529c605f", + "name": "manage-authorization", + "description": "${role_manage-authorization}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "601fa2c9-29d4-49c1-87ac-939a1260f6ce", + "name": "query-realms", + "description": "${role_query-realms}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "9aa1dcd9-cb93-4496-af5f-41b9ecacc1da", + "name": "view-authorization", + "description": "${role_view-authorization}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "98999987-faf5-4c4e-958a-e5463bc4edc6", + "name": "manage-events", + "description": "${role_manage-events}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "f898fca8-5361-49d5-900a-ebf5b775a939", + "name": "impersonation", + "description": "${role_impersonation}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "698dfeb0-b8d2-4240-b8a8-acd4b7a12ad3", + "name": "view-realm", + "description": "${role_view-realm}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "3ff462fc-b33c-431a-b54b-861c3298d910", + "name": "manage-users", + "description": "${role_manage-users}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "be1802b1-558c-404c-bcb9-b9bf77af9788", + "name": "manage-identity-providers", + "description": "${role_manage-identity-providers}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "387b44e4-e901-4431-b9af-6abd9377ed46", + "name": "query-clients", + "description": "${role_query-clients}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "a408b6e8-03c9-46a2-97ba-305d09db0c3c", + "name": "view-events", + "description": "${role_view-events}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "41c2f39a-3008-4f9d-9e1e-a7738c118570", + "name": "query-groups", + "description": "${role_query-groups}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "26d3289b-d2eb-4cf2-a501-f1e3fa07344c", + "name": "manage-clients", + "description": "${role_manage-clients}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "e2077ab0-6efb-450d-9cba-89cacd887b71", + "name": "create-client", + "description": "${role_create-client}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "46019462-3dc8-46a8-9786-ffcbad293f43", + "name": "view-users", + "description": "${role_view-users}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-groups", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "d269f220-e93f-4b43-96a1-9f2c117a2dfb", + "name": "view-clients", + "description": "${role_view-clients}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "realm-management": [ + "query-clients" + ] + } + }, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "0c998f1b-7363-47fb-a493-4b6f4aacb0ba", + "name": "realm-admin", + "description": "${role_realm-admin}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "realm-management": [ + "manage-authorization", + "query-realms", + "view-authorization", + "manage-events", + "impersonation", + "view-realm", + "manage-users", + "manage-identity-providers", + "query-clients", + "view-events", + "query-groups", + "manage-clients", + "create-client", + "view-users", + "view-clients", + "manage-realm", + "view-identity-providers", + "query-users" + ] + } + }, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "d77bf5a5-5877-450b-b11e-5f874f410e10", + "name": "manage-realm", + "description": "${role_manage-realm}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "d97009ed-d0c7-4afb-b9a3-6ee03ef01a74", + "name": "view-identity-providers", + "description": "${role_view-identity-providers}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "57118202-c5e5-4c49-829b-c2ed796bfdea", + "name": "query-users", + "description": "${role_query-users}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + } + ], + "security-admin-console": [], + "android": [], + "admin-cli": [], + "trampoline": [], + "broker": [ + { + "id": "19ef58ac-2d90-40a4-a158-0e2f8893264a", + "name": "read-token", + "description": "${role_read-token}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "c3950efa-6684-44c2-b50a-c7b3d16df04b" + } + ], + "portal": [], + "account": [ + { + "id": "1fef7ac5-b042-462b-8298-0446044788b3", + "name": "manage-account", + "description": "${role_manage-account}", + "scopeParamRequired": false, + "composite": true, + "composites": { + "client": { + "account": [ + "manage-account-links" + ] + } + }, + "clientRole": true, + "containerId": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d" + }, + { + "id": "f8786348-6fa4-4b13-828e-9f080c9c6824", + "name": "manage-account-links", + "description": "${role_manage-account-links}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d" + }, + { + "id": "91c5c738-9c39-4c4d-bae8-75f18fd7c5e4", + "name": "view-profile", + "description": "${role_view-profile}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d" + } + ] + } + }, + "groups": [], + "defaultRoles": [ + "offline_access", + "uma_authorization" + ], + "requiredCredentials": [ + "password" + ], + "passwordPolicy": "hashIterations(20000)", + "otpPolicyType": "totp", + "otpPolicyAlgorithm": "HmacSHA1", + "otpPolicyInitialCounter": 0, + "otpPolicyDigits": 6, + "otpPolicyLookAheadWindow": 1, + "otpPolicyPeriod": 30, + "clientScopeMappings": { + "realm-management": [ + { + "client": "admin-cli", + "roles": [ + "realm-admin" + ] + }, + { + "client": "security-admin-console", + "roles": [ + "realm-admin" + ] + } + ] + }, + "clients": [ + { + "id": "9a901d18-377b-4615-9b89-677b544be3c5", + "clientId": "trampoline", + "rootUrl": "", + "adminUrl": "", + "baseUrl": "/", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + ], + "webOrigins": [ + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "saml.authnstatement": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "saml.onetimeuse.condition": "false" + }, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "12134027-94cc-401c-bbf6-be565078ddfb", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "6a956bf1-6c40-4549-b335-9fe8c788b18f", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "d32ba1d4-3fef-42ff-aa2b-98cb4bfef6f9", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "9e899fc7-1ddd-447d-810c-d91333d6621c", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "74e4d13f-bd02-4f17-bbbc-d4b79bab1971", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "48fe23c2-a6fb-4c5e-8930-28ad1913829a", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "da893beb-6ac7-420d-b51b-f05dadf56bbc", + "clientId": "android", + "rootUrl": "", + "baseUrl": "/", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "saml.authnstatement": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "saml.onetimeuse.condition": "false" + }, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "ff7dac46-16b4-4ab6-a054-dd03d5411fa9", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "32fad9c0-0dfe-45b2-94a1-3e2f74d756ec", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "4fb4d644-c609-4a27-a407-d451bcd83e16", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "84e7c6e5-1afb-44d8-b507-1ed31fa0f351", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "e7ca189f-94de-4996-a192-e93ba960bbba", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "16bedb3b-7571-4106-9a47-66151915ac31", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "8891d8e9-35e6-4a1c-b32b-027be03b0f24", + "clientId": "admin-cli", + "name": "${client_admin-cli}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": false, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": true, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "32d6a3a4-8635-4a36-bd14-8ac5b73a49cc", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "900fa741-d1b2-467e-88a6-b454a9519568", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "8ea14714-d160-49b8-b612-59102d50ef53", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "bd167b99-5d23-49c1-90c7-85c2b088fed7", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "c4fe56a1-8d15-455a-b87b-cf051454b57c", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "26e3bf4c-8f9a-4548-b0db-5bbb7c398991", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "c3950efa-6684-44c2-b50a-c7b3d16df04b", + "clientId": "broker", + "name": "${client_broker}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "54c3bbc3-850b-4636-82d1-ed4f3a46a00a", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "0f0d9b74-c476-4981-a783-dd4bdbe041ec", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "d6f625cc-eac1-49d0-bea5-17e6f9d3860c", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "bbf35056-9bbe-49a0-aefc-2bde2379ccdc", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "38b04951-1043-4dc6-9504-7b0f31ed71a4", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "88bb836b-7feb-45eb-b004-fb3be8436908", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "b2f45201-1362-4b10-83c3-207d470f44bf", + "clientId": "realm-management", + "name": "${client_realm-management}", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": true, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "71605238-bf41-400e-8c03-a5d78f54b00b", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "a0cb6f3a-30ef-4475-b73f-ca6c2f1f3675", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "3a7708b1-63b9-4116-af7f-969fc1bf61a4", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "c393d7b7-fa22-4e90-9ad7-07d520632c20", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "2d8cbac4-e4dd-4fa6-bf71-98adf826b9dd", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "e77aae69-8ea4-4ee4-bcd6-ba7ef3958c02", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "8c12290d-d62f-48ce-913b-c93bf995ca59", + "clientId": "portal", + "rootUrl": "", + "adminUrl": "/callback", + "baseUrl": "/", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + ], + "webOrigins": [ + "" + ], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": { + "saml.assertion.signature": "false", + "saml.force.post.binding": "false", + "saml.multivalued.roles": "false", + "saml.encrypt": "false", + "saml_force_name_id_format": "false", + "saml.client.signature": "false", + "saml.authnstatement": "false", + "saml.server.signature": "false", + "saml.server.signature.keyinfo.ext": "false", + "saml.onetimeuse.condition": "false" + }, + "fullScopeAllowed": true, + "nodeReRegistrationTimeout": -1, + "protocolMappers": [ + { + "id": "63071ff2-a5e5-4d38-b534-a9f25a075403", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "9bf9cad5-dbce-41e9-aa36-d84cc5a768a2", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "238e55b7-6545-467e-856b-f95477afe1ff", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "edb1ff4e-b452-46bc-8c3b-d6075f6ee579", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "7a0118e2-57ff-4d23-bf74-cbfe1f545d1d", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "b59a913e-118a-4dc4-a8d7-66c44ced5345", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "79c518d7-b41a-4e6f-be42-4ef365824100", + "clientId": "security-admin-console", + "name": "${client_security-admin-console}", + "baseUrl": "/auth/admin/sunbird/console/index.html", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "redirectUris": [ + "/auth/admin/sunbird/console/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": true, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "c989a8c8-cb8b-40ff-b4b9-86122bad7aa9", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "b180fb8c-997c-4f6a-b774-af677f903139", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "c373dc9a-49d7-4d28-9b94-06cf20fb1955", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "24c7b1c4-62c2-4d92-ab19-49bfaedcc3d4", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "883a39a7-37b4-46ef-a761-3e51b95ccc35", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + }, + { + "id": "95ed8e44-38cc-4f09-8adc-19c12d5eada0", + "name": "locale", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-attribute-mapper", + "consentRequired": false, + "consentText": "${locale}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "locale", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "locale", + "jsonType.label": "String" + } + }, + { + "id": "c66c6a41-eb22-443f-8a77-e68d404ad26f", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + }, + { + "id": "c2d24d3f-65ca-46de-9cd8-3eeb71a7f83d", + "clientId": "account", + "name": "${client_account}", + "baseUrl": "/auth/realms/sunbird/account", + "surrogateAuthRequired": false, + "enabled": true, + "clientAuthenticatorType": "client-secret", + "secret": "", + "defaultRoles": [ + "manage-account", + "view-profile" + ], + "redirectUris": [ + "/auth/realms/sunbird/account/*" + ], + "webOrigins": [], + "notBefore": 0, + "bearerOnly": false, + "consentRequired": false, + "standardFlowEnabled": true, + "implicitFlowEnabled": false, + "directAccessGrantsEnabled": false, + "serviceAccountsEnabled": false, + "publicClient": false, + "frontchannelLogout": false, + "protocol": "openid-connect", + "attributes": {}, + "fullScopeAllowed": false, + "nodeReRegistrationTimeout": 0, + "protocolMappers": [ + { + "id": "a64118ab-33c8-4060-9f3e-3ed817ba8e0d", + "name": "role list", + "protocol": "saml", + "protocolMapper": "saml-role-list-mapper", + "consentRequired": false, + "config": { + "single": "false", + "attribute.nameformat": "Basic", + "attribute.name": "Role" + } + }, + { + "id": "1f4a0c5e-7c8a-4693-8be5-14681b243868", + "name": "username", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${username}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "username", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "preferred_username", + "jsonType.label": "String" + } + }, + { + "id": "8d88a133-a399-4e75-b051-5b0d4ae850ab", + "name": "full name", + "protocol": "openid-connect", + "protocolMapper": "oidc-full-name-mapper", + "consentRequired": true, + "consentText": "${fullName}", + "config": { + "id.token.claim": "true", + "access.token.claim": "true", + "userinfo.token.claim": "true" + } + }, + { + "id": "45593258-916c-4158-8577-d9806c16415a", + "name": "email", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${email}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "email", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "email", + "jsonType.label": "String" + } + }, + { + "id": "027be48e-b7dc-4c3a-a648-414a466b67dd", + "name": "family name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${familyName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "lastName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "family_name", + "jsonType.label": "String" + } + }, + { + "id": "c93937f9-0446-4be9-8b47-3c6de857497e", + "name": "given name", + "protocol": "openid-connect", + "protocolMapper": "oidc-usermodel-property-mapper", + "consentRequired": true, + "consentText": "${givenName}", + "config": { + "userinfo.token.claim": "true", + "user.attribute": "firstName", + "id.token.claim": "true", + "access.token.claim": "true", + "claim.name": "given_name", + "jsonType.label": "String" + } + } + ], + "useTemplateConfig": false, + "useTemplateScope": false, + "useTemplateMappers": false + } + ], + "clientTemplates": [], + "browserSecurityHeaders": { + "xContentTypeOptions": "nosniff", + "xRobotsTag": "none", + "xFrameOptions": "SAMEORIGIN", + "xXSSProtection": "1; mode=block", + "contentSecurityPolicy": "frame-src 'self'" + }, + "smtpServer": { + "password": "", + "starttls": "", + "auth": "true", + "port": "587", + "host": "", + "from": "", + "ssl": "", + "user": "" + }, + "loginTheme": "sunrise", + "eventsEnabled": false, + "eventsListeners": [ + "jboss-logging" + ], + "enabledEventTypes": [], + "adminEventsEnabled": false, + "adminEventsDetailsEnabled": false, + "components": { + "org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy": [ + { + "id": "84078bbb-e005-44c8-9c7d-a1b4821558da", + "name": "Max Clients Limit", + "providerId": "max-clients", + "subType": "anonymous", + "subComponents": {}, + "config": { + "max-clients": [ + "200" + ] + } + }, + { + "id": "346d857e-4385-4f8f-a2fc-072fd11a10ec", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "authenticated", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "saml-user-attribute-mapper", + "oidc-usermodel-attribute-mapper", + "oidc-usermodel-property-mapper", + "saml-role-list-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-address-mapper", + "oidc-sha256-pairwise-sub-mapper" + ], + "consent-required-for-all-mappers": [ + "true" + ] + } + }, + { + "id": "eed64f9f-4b66-45ad-bdb4-4070e3802366", + "name": "Allowed Client Templates", + "providerId": "allowed-client-templates", + "subType": "authenticated", + "subComponents": {}, + "config": {} + }, + { + "id": "17ac4eaa-9139-4b3a-b1db-c82d44c1531d", + "name": "Allowed Client Templates", + "providerId": "allowed-client-templates", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "38532936-be91-40e4-b65d-c0abfaf9547c", + "name": "Full Scope Disabled", + "providerId": "scope", + "subType": "anonymous", + "subComponents": {}, + "config": {} + }, + { + "id": "8c1690a2-6eea-4d61-ab66-7a015e3bea3c", + "name": "Allowed Protocol Mapper Types", + "providerId": "allowed-protocol-mappers", + "subType": "anonymous", + "subComponents": {}, + "config": { + "allowed-protocol-mapper-types": [ + "oidc-usermodel-property-mapper", + "saml-user-property-mapper", + "oidc-full-name-mapper", + "oidc-sha256-pairwise-sub-mapper", + "oidc-address-mapper", + "oidc-usermodel-attribute-mapper", + "saml-role-list-mapper", + "saml-user-attribute-mapper" + ], + "consent-required-for-all-mappers": [ + "true" + ] + } + }, + { + "id": "3dcc314c-07f8-484d-9535-29424dbaddfc", + "name": "Trusted Hosts", + "providerId": "trusted-hosts", + "subType": "anonymous", + "subComponents": {}, + "config": { + "host-sending-registration-request-must-match": [ + "true" + ], + "client-uris-must-match": [ + "true" + ] + } + }, + { + "id": "ab52b781-64b9-42a0-99f5-cbeba6710763", + "name": "Consent Required", + "providerId": "consent-required", + "subType": "anonymous", + "subComponents": {}, + "config": {} + } + ], + "org.keycloak.keys.KeyProvider": [ + { + "id": "bd30c46f-9ee3-443d-9faa-6ed8075aac87", + "name": "rsa-generated", + "providerId": "rsa-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + }, + { + "id": "a93cc73f-b070-48cd-bf08-9b290707c2f5", + "name": "hmac-generated", + "providerId": "hmac-generated", + "subComponents": {}, + "config": { + "priority": [ + "100" + ] + } + } + ] + }, + "internationalizationEnabled": true, + "supportedLocales": [ + "de", + "no", + "ru", + "sv", + "pt-BR", + "ja", + "lt", + "en", + "it", + "fr", + "es", + "ca" + ], + "defaultLocale": "en", + "authenticationFlows": [ + { + "id": "6c9d3423-9956-4d08-a124-41cd17aceb5a", + "alias": "Direct Grant 2", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "requirement": "OPTIONAL", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "a7a49eb1-4386-499a-8a8f-13454b428f98", + "alias": "Direct Grant w/o Password", + "description": "Grant user access using only the username and no password.", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": false, + "authenticationExecutions": [] + }, + { + "id": "c7b2f9c2-525b-486a-b2a8-148606caac0e", + "alias": "Handle Existing Account", + "description": "Handle what to do if there is existing account with same email/username like authenticated identity provider", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-confirm-link", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "idp-email-verification", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "Verify Existing Account by Re-authentication", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "c4674fef-8631-43c5-8f44-deb8867fa866", + "alias": "Verify Existing Account by Re-authentication", + "description": "Reauthentication of existing account", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "idp-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "OPTIONAL", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "35016b3a-a041-47fd-8a85-a131c6f7b745", + "alias": "browser", + "description": "browser based authentication", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-cookie", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-spnego", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "identity-provider-redirector", + "requirement": "ALTERNATIVE", + "priority": 25, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "forms", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8e85927e-349d-4a0a-a7da-efb352ba78ce", + "alias": "clients", + "description": "Base authentication for clients", + "providerId": "client-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "client-secret", + "requirement": "ALTERNATIVE", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "client-jwt", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "b62ac783-8af6-429e-a8ff-7c8073195675", + "alias": "direct grant", + "description": "OpenID Connect Resource Owner Grant", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "direct-grant-validate-username", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-password", + "requirement": "DISABLED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "direct-grant-validate-otp", + "requirement": "OPTIONAL", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "e16e69c8-a3e8-480c-8201-8474d614e172", + "alias": "docker auth", + "description": "Used by Docker clients to authenticate against the IDP", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "docker-http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "487ab3f9-33bf-49e2-8b03-5c45c85ea8b5", + "alias": "first broker login", + "description": "Actions taken after first broker login with identity provider account, which is not yet linked to any Keycloak account", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticatorConfig": "review profile config", + "authenticator": "idp-review-profile", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticatorConfig": "create unique user config", + "authenticator": "idp-create-user-if-unique", + "requirement": "ALTERNATIVE", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "requirement": "ALTERNATIVE", + "priority": 30, + "flowAlias": "Handle Existing Account", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "a6d19ee2-387a-4db8-9ecb-2e9f806a88a1", + "alias": "forms", + "description": "Username, password, otp and other auth forms.", + "providerId": "basic-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "auth-username-password-form", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "auth-otp-form", + "requirement": "OPTIONAL", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "43fc7877-ad15-4c93-b327-15d4ca83f3e1", + "alias": "registration", + "description": "registration flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-page-form", + "requirement": "REQUIRED", + "priority": 10, + "flowAlias": "registration form", + "userSetupAllowed": false, + "autheticatorFlow": true + } + ] + }, + { + "id": "8a77377f-60eb-4a23-8bfe-b7c360d7b48f", + "alias": "registration form", + "description": "registration form", + "providerId": "form-flow", + "topLevel": false, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "registration-user-creation", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-profile-action", + "requirement": "REQUIRED", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-password-action", + "requirement": "REQUIRED", + "priority": 50, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "registration-recaptcha-action", + "requirement": "DISABLED", + "priority": 60, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "30bd3dd1-f2f1-4708-a07d-08cf759c7b28", + "alias": "reset credentials", + "description": "Reset credentials for a user if they forgot their password or something", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "reset-credentials-choose-user", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-credential-email", + "requirement": "REQUIRED", + "priority": 20, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-password", + "requirement": "REQUIRED", + "priority": 30, + "userSetupAllowed": false, + "autheticatorFlow": false + }, + { + "authenticator": "reset-otp", + "requirement": "OPTIONAL", + "priority": 40, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + }, + { + "id": "226a50b1-059a-44ef-8cfe-082dee5d60b9", + "alias": "saml ecp", + "description": "SAML ECP Profile Authentication Flow", + "providerId": "basic-flow", + "topLevel": true, + "builtIn": true, + "authenticationExecutions": [ + { + "authenticator": "http-basic-authenticator", + "requirement": "REQUIRED", + "priority": 10, + "userSetupAllowed": false, + "autheticatorFlow": false + } + ] + } + ], + "authenticatorConfig": [ + { + "id": "aec72381-3c1d-4a96-b436-ddb72b3737b9", + "alias": "create unique user config", + "config": { + "require.password.update.after.registration": "false" + } + }, + { + "id": "51f3fa48-bf74-4df9-9724-c0a9d6fe7c80", + "alias": "review profile config", + "config": { + "update.profile.on.first.login": "missing" + } + } + ], + "requiredActions": [ + { + "alias": "CONFIGURE_TOTP", + "name": "Configure OTP", + "providerId": "CONFIGURE_TOTP", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "UPDATE_PASSWORD", + "name": "Update Password", + "providerId": "UPDATE_PASSWORD", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "UPDATE_PROFILE", + "name": "Update Profile", + "providerId": "UPDATE_PROFILE", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "VERIFY_EMAIL", + "name": "Verify Email", + "providerId": "VERIFY_EMAIL", + "enabled": true, + "defaultAction": false, + "config": {} + }, + { + "alias": "terms_and_conditions", + "name": "Terms and Conditions", + "providerId": "terms_and_conditions", + "enabled": true, + "defaultAction": false, + "config": {} + } + ], + "browserFlow": "browser", + "registrationFlow": "registration", + "directGrantFlow": "Direct Grant 2", + "resetCredentialsFlow": "reset credentials", + "clientAuthenticationFlow": "clients", + "dockerAuthenticationFlow": "docker auth", + "attributes": { + "_browser_header.xXSSProtection": "1; mode=block", + "_browser_header.xFrameOptions": "SAMEORIGIN", + "permanentLockout": "false", + "quickLoginCheckMilliSeconds": "1000", + "_browser_header.xRobotsTag": "none", + "maxFailureWaitSeconds": "900", + "minimumQuickLoginWaitSeconds": "60", + "failureFactor": "30", + "actionTokenGeneratedByUserLifespan": "300", + "maxDeltaTimeSeconds": "43200", + "_browser_header.xContentTypeOptions": "nosniff", + "actionTokenGeneratedByAdminLifespan": "43200", + "bruteForceProtected": "false", + "_browser_header.contentSecurityPolicy": "frame-src 'self'", + "waitIncrementSeconds": "60" + }, + "keycloakVersion": "3.2.0.Final" +} diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py new file mode 100644 index 0000000000..6da124c13c --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/__init__.py @@ -0,0 +1,20 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from .keycloak_openid import * +from .keycloak_admin import * +from .keycloak_adminchild import * diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py new file mode 100644 index 0000000000..4a1d86dbeb --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/__init__.py @@ -0,0 +1,87 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +import ast +import json + +from .permission import Permission +from .policy import Policy +from .role import Role + + +class Authorization: + """ + Keycloak Authorization (policies, roles, scopes and resources). + + https://keycloak.gitbooks.io/documentation/authorization_services/index.html + + """ + + def __init__(self): + self._policies = {} + + @property + def policies(self): + return self._policies + + @policies.setter + def policies(self, value): + self._policies = value + + def load_config(self, data): + """ + Load policies, roles and permissions (scope/resources). + + :param data: keycloak authorization data (dict) + :return: + """ + for pol in data['policies']: + if pol['type'] == 'role': + policy = Policy(name=pol['name'], + type=pol['type'], + logic=pol['logic'], + decision_strategy=pol['decisionStrategy']) + + config_roles = json.loads(pol['config']['roles']) + for role in config_roles: + policy.add_role(Role(name=role['id'], + required=role['required'])) + + self.policies[policy.name] = policy + + if pol['type'] == 'scope': + permission = Permission(name=pol['name'], + type=pol['type'], + logic=pol['logic'], + decision_strategy=pol['decisionStrategy']) + + permission.scopes = ast.literal_eval(pol['config']['scopes']) + + for policy_name in ast.literal_eval(pol['config']['applyPolicies']): + self.policies[policy_name].add_permission(permission) + + if pol['type'] == 'resource': + permission = Permission(name=pol['name'], + type=pol['type'], + logic=pol['logic'], + decision_strategy=pol['decisionStrategy']) + + permission.resources = ast.literal_eval(pol['config']['resources']) + + for policy_name in ast.literal_eval(pol['config']['applyPolicies']): + self.policies[policy_name].add_permission(permission) + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py new file mode 100644 index 0000000000..94eca77954 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/permission.py @@ -0,0 +1,98 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + + +class Permission: + """ + Consider this simple and very common permission: + + A permission associates the object being protected with the policies that must be evaluated to determine whether access is granted. + + X CAN DO Y ON RESOURCE Z + + where … + X represents one or more users, roles, or groups, or a combination of them. You can + also use claims and context here. + Y represents an action to be performed, for example, write, view, and so on. + Z represents a protected resource, for example, "/accounts". + + https://keycloak.gitbooks.io/documentation/authorization_services/topics/permission/overview.html + + """ + + def __init__(self, name, type, logic, decision_strategy): + self._name = name + self._type = type + self._logic = logic + self._decision_strategy = decision_strategy + self._resources = [] + self._scopes = [] + + def __repr__(self): + return "" % (self.name, self.type) + + def __str__(self): + return "Permission: %s (%s)" % (self.name, self.type) + + @property + def name(self): + return self._name + + @name.setter + def name(self, value): + self._name = value + + @property + def type(self): + return self._type + + @type.setter + def type(self, value): + self._type = value + + @property + def logic(self): + return self._logic + + @logic.setter + def logic(self, value): + self._logic = value + + @property + def decision_strategy(self): + return self._decision_strategy + + @decision_strategy.setter + def decision_strategy(self, value): + self._decision_strategy = value + + @property + def resources(self): + return self._resources + + @resources.setter + def resources(self, value): + self._resources = value + + @property + def scopes(self): + return self._scopes + + @scopes.setter + def scopes(self, value): + self._scopes = value + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py new file mode 100644 index 0000000000..66512bac3a --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/policy.py @@ -0,0 +1,107 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from ..exceptions import KeycloakAuthorizationConfigError + + +class Policy: + """ + A policy defines the conditions that must be satisfied to grant access to an object. + Unlike permissions, you do not specify the object being protected but rather the conditions + that must be satisfied for access to a given object (for example, resource, scope, or both). + Policies are strongly related to the different access control mechanisms (ACMs) that you can use to + protect your resources. With policies, you can implement strategies for attribute-based access control + (ABAC), role-based access control (RBAC), context-based access control, or any combination of these. + + https://keycloak.gitbooks.io/documentation/authorization_services/topics/policy/overview.html + + """ + + def __init__(self, name, type, logic, decision_strategy): + self._name = name + self._type = type + self._logic = logic + self._decision_strategy = decision_strategy + self._roles = [] + self._permissions = [] + + def __repr__(self): + return "" % (self.name, self.type) + + def __str__(self): + return "Policy: %s (%s)" % (self.name, self.type) + + @property + def name(self): + return self._name + + @name.setter + def name(self, value): + self._name = value + + @property + def type(self): + return self._type + + @type.setter + def type(self, value): + self._type = value + + @property + def logic(self): + return self._logic + + @logic.setter + def logic(self, value): + self._logic = value + + @property + def decision_strategy(self): + return self._decision_strategy + + @decision_strategy.setter + def decision_strategy(self, value): + self._decision_strategy = value + + @property + def roles(self): + return self._roles + + @property + def permissions(self): + return self._permissions + + def add_role(self, role): + """ + Add keycloak role in policy. + + :param role: keycloak role. + :return: + """ + if self.type != 'role': + raise KeycloakAuthorizationConfigError( + "Can't add role. Policy type is different of role") + self._roles.append(role) + + def add_permission(self, permission): + """ + Add keycloak permission in policy. + + :param permission: keycloak permission. + :return: + """ + self._permissions.append(permission) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py new file mode 100644 index 0000000000..8d398b09ee --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/authorization/role.py @@ -0,0 +1,39 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + + +class Role: + """ + Roles identify a type or category of user. Admin, user, + manager, and employee are all typical roles that may exist in an organization. + + https://keycloak.gitbooks.io/documentation/server_admin/topics/roles.html + + """ + + def __init__(self, name, required=False): + self.name = name + self.required = required + + @property + def get_name(self): + return self.name + + def __eq__(self, other): + if isinstance(other, str): + return self.name == other + return NotImplemented diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py new file mode 100644 index 0000000000..503b688a7f --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/connection.py @@ -0,0 +1,199 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +try: + from urllib.parse import urljoin +except ImportError: + from urlparse import urljoin + +from .exceptions import * +import requests + + +class ConnectionManager(object): + """ Represents a simple server connection. + Args: + base_url (str): The server URL. + headers (dict): The header parameters of the requests to the server. + timeout (int): Timeout to use for requests to the server. + verify (bool): Verify server SSL. + """ + + def __init__(self, base_url, headers={}, timeout=60, verify=True): + self._base_url = base_url + self._headers = headers + self._timeout = timeout + self._verify = verify + + @property + def base_url(self): + """ Return base url in use for requests to the server. """ + return self._base_url + + @base_url.setter + def base_url(self, value): + """ """ + self._base_url = value + + @property + def timeout(self): + """ Return timeout in use for request to the server. """ + return self._timeout + + @timeout.setter + def timeout(self, value): + """ """ + self._timeout = value + + @property + def verify(self): + """ Return verify in use for request to the server. """ + return self._verify + + @verify.setter + def verify(self, value): + """ """ + self._verify = value + + @property + def headers(self): + """ Return header request to the server. """ + return self._headers + + @headers.setter + def headers(self, value): + """ """ + self._headers = value + + def param_headers(self, key): + """ Return a specific header parameter. + :arg + key (str): Header parameters key. + :return: + If the header parameters exist, return its value. + """ + return self.headers.get(key) + + def clean_headers(self): + """ Clear header parameters. """ + self.headers = {} + + def exist_param_headers(self, key): + """ Check if the parameter exists in the header. + :arg + key (str): Header parameters key. + :return: + If the header parameters exist, return True. + """ + return self.param_headers(key) is not None + + def add_param_headers(self, key, value): + """ Add a single parameter inside the header. + :arg + key (str): Header parameters key. + value (str): Value to be added. + """ + self.headers[key] = value + + def del_param_headers(self, key): + """ Remove a specific parameter. + :arg + key (str): Key of the header parameters. + """ + self.headers.pop(key, None) + + def raw_get(self, path, **kwargs): + """ Submit get request to the path. + :arg + path (str): Path for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + + try: + return requests.get(urljoin(self.base_url, path), + params=kwargs, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) + + def raw_post(self, path, data, **kwargs): + """ Submit post request to the path. + :arg + path (str): Path for request. + data (dict): Payload for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + try: + return requests.post(urljoin(self.base_url, path), + params=kwargs, + data=data, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) + + def raw_put(self, path, data, **kwargs): + """ Submit put request to the path. + :arg + path (str): Path for request. + data (dict): Payload for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + try: + return requests.put(urljoin(self.base_url, path), + params=kwargs, + data=data, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) + + def raw_delete(self, path, **kwargs): + """ Submit delete request to the path. + + :arg + path (str): Path for request. + :return + Response the request. + :exception + HttpError: Can't connect to server. + """ + try: + return requests.delete(urljoin(self.base_url, path), + params=kwargs, + headers=self.headers, + timeout=self.timeout, + verify=self.verify) + except Exception as e: + raise KeycloakConnectionError( + "Can't connect to server (%s)" % e) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py new file mode 100644 index 0000000000..27d8b14c15 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/exceptions.py @@ -0,0 +1,93 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +import requests + + +class KeycloakError(Exception): + def __init__(self, error_message="", response_code=None, + response_body=None): + + Exception.__init__(self, error_message) + + self.response_code = response_code + self.response_body = response_body + self.error_message = error_message + + def __str__(self): + if self.response_code is not None: + return "{0}: {1}".format(self.response_code, self.error_message) + else: + return "{0}".format(self.error_message) + + +class KeycloakAuthenticationError(KeycloakError): + pass + + +class KeycloakConnectionError(KeycloakError): + pass + + +class KeycloakOperationError(KeycloakError): + pass + + +class KeycloakGetError(KeycloakOperationError): + pass + + +class KeycloakSecretNotFound(KeycloakOperationError): + pass + + +class KeycloakRPTNotFound(KeycloakOperationError): + pass + + +class KeycloakAuthorizationConfigError(KeycloakOperationError): + pass + + +class KeycloakInvalidTokenError(KeycloakOperationError): + pass + + +def raise_error_from_response(response, error, expected_code=200): + + if expected_code == response.status_code: + if expected_code == requests.codes.no_content: + return {} + try: + return response.json() + except ValueError: + return response.content + + try: + message = response.json()['message'] + except (KeyError, ValueError): + message = response.content + + if isinstance(error, dict): + error = error.get(response.status_code, KeycloakOperationError) + else: + if response.status_code == 401: + error = KeycloakAuthenticationError + + raise error(error_message=message, + response_code=response.status_code, + response_body=response.content) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py new file mode 100644 index 0000000000..79f5c2c6d3 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_admin.py @@ -0,0 +1,670 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +# Unless otherwise stated in the comments, "id", in e.g. user_id, refers to the +# internal Keycloak server ID, usually a uuid string +from keycloak.urls_patterns import URL_ADMIN_CLIENT_ROLE +from .urls_patterns import \ + URL_ADMIN_USERS_COUNT, URL_ADMIN_USER, URL_ADMIN_USER_CONSENTS, \ + URL_ADMIN_SEND_UPDATE_ACCOUNT, URL_ADMIN_RESET_PASSWORD, URL_ADMIN_SEND_VERIFY_EMAIL, URL_ADMIN_GET_SESSIONS, \ + URL_ADMIN_SERVER_INFO, URL_ADMIN_CLIENTS, URL_ADMIN_CLIENT, URL_ADMIN_CLIENT_ROLES, URL_ADMIN_REALM_ROLES, \ + URL_ADMIN_GROUP, URL_ADMIN_GROUPS, URL_ADMIN_GROUP_CHILD, URL_ADMIN_USER_GROUP,\ + URL_ADMIN_GROUP_PERMISSIONS, URL_ADMIN_USER_CLIENT_ROLES, URL_ADMIN_USER_STORAGE, URL_ADMIN_REALM + +from .keycloak_openid import KeycloakOpenID + +from .exceptions import raise_error_from_response, KeycloakGetError + +from .urls_patterns import ( + URL_ADMIN_USERS, +) + +from .connection import ConnectionManager +import json + + +class KeycloakAdmin: + + def __init__(self, server_url, username, password, realm_name='master', client_id='admin-cli', verify=True): + """ + + :param server_url: Keycloak server url + :param username: admin username + :param password: admin password + :param realm_name: realm name + :param client_id: client id + :param verify: True if want check connection SSL + """ + self._username = username + self._password = password + self._client_id = client_id + self._realm_name = realm_name + + # Get token Admin + keycloak_openid = KeycloakOpenID(server_url=server_url, client_id=client_id, realm_name=realm_name, + verify=verify) + self._token = keycloak_openid.token(username, password) + + self._connection = ConnectionManager(base_url=server_url, + headers={'Authorization': 'Bearer ' + self.token.get('access_token'), + 'Content-Type': 'application/json'}, + timeout=60, + verify=verify) + + @property + def realm_name(self): + return self._realm_name + + @realm_name.setter + def realm_name(self, value): + self._realm_name = value + + @property + def connection(self): + return self._connection + + @connection.setter + def connection(self, value): + self._connection = value + + @property + def client_id(self): + return self._client_id + + @client_id.setter + def client_id(self, value): + self._client_id = value + + @property + def username(self): + return self._username + + @username.setter + def username(self, value): + self._username = value + + @property + def password(self): + return self._password + + @password.setter + def password(self, value): + self._password = value + + @property + def token(self): + return self._token + + @token.setter + def token(self, value): + self._token = value + + def get_users(self, query=None): + """ + Get users Returns a list of users, filtered according to query parameters + + :return: users list + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_USERS.format(**params_path), **query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def create_user(self, payload): + """ + Create a new user Username must be unique + + UserRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation + + :param payload: UserRepresentation + + :return: UserRepresentation + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_post(URL_ADMIN_USERS.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def users_count(self): + """ + User counter + + :return: counter + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_USERS_COUNT.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_user_id(self, username): + """ + Get internal keycloak user id from username + This is required for further actions against this user. + + UserRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation + + :param username: id in UserRepresentation + + :return: user_id + """ + params_path = {"realm-name": self.realm_name, "username": username} + data_raw = self.connection.raw_get(URL_ADMIN_USERS.format(**params_path)) + data_content = raise_error_from_response(data_raw, KeycloakGetError) + + for user in data_content: + this_use_rname = json.dumps(user["username"]).strip('"') + if this_use_rname == username: + return json.dumps(user["id"]).strip('"') + + return None + + def get_user(self, user_id): + """ + Get representation of the user + + :param user_id: User id + + UserRepresentation: http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_userrepresentation + + :return: UserRepresentation + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_get(URL_ADMIN_USER.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def update_user(self, user_id, payload): + """ + Update the user + + :param user_id: User id + :param payload: UserRepresentation + + :return: Http response + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_put(URL_ADMIN_USER.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def delete_user(self, user_id): + """ + Delete the user + + :param user_id: User id + + :return: Http response + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_delete(URL_ADMIN_USER.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def set_user_password(self, user_id, password, temporary=True): + """ + Set up a password for the user. If temporary is True, the user will have to reset + the temporary password next time they log in. + + http://www.keycloak.org/docs-api/3.2/rest-api/#_users_resource + http://www.keycloak.org/docs-api/3.2/rest-api/#_credentialrepresentation + + :param user_id: User id + :param password: New password + :param temporary: True if password is temporary + + :return: + """ + payload = {"type": "password", "temporary": temporary, "value": password} + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_put(URL_ADMIN_RESET_PASSWORD.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def consents_user(self, user_id): + """ + Get consents granted by the user + + :param user_id: User id + + :return: consents + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_get(URL_ADMIN_USER_CONSENTS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def send_update_account(self, user_id, payload, client_id=None, lifespan=None, redirect_uri=None): + """ + Send a update account email to the user An email contains a + link the user can click to perform a set of required actions. + + :param user_id: + :param payload: + :param client_id: + :param lifespan: + :param redirect_uri: + + :return: + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + params_query = {"client_id": client_id, "lifespan": lifespan, "redirect_uri": redirect_uri} + data_raw = self.connection.raw_put(URL_ADMIN_SEND_UPDATE_ACCOUNT.format(**params_path), + data=payload, **params_query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def send_verify_email(self, user_id, client_id=None, redirect_uri=None): + """ + Send a update account email to the user An email contains a + link the user can click to perform a set of required actions. + + :param user_id: User id + :param client_id: Client id + :param redirect_uri: Redirect uri + + :return: + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + params_query = {"client_id": client_id, "redirect_uri": redirect_uri} + data_raw = self.connection.raw_put(URL_ADMIN_SEND_VERIFY_EMAIL.format(**params_path), + data={}, **params_query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_sessions(self, user_id): + """ + Get sessions associated with the user + + :param user_id: id of user + + UserSessionRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_usersessionrepresentation + + :return: UserSessionRepresentation + """ + params_path = {"realm-name": self.realm_name, "id": user_id} + data_raw = self.connection.raw_get(URL_ADMIN_GET_SESSIONS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_server_info(self): + """ + Get themes, social providers, auth providers, and event listeners available on this server + + ServerInfoRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_serverinforepresentation + + :return: ServerInfoRepresentation + """ + data_raw = self.connection.raw_get(URL_ADMIN_SERVER_INFO) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_groups(self): + """ + Get groups belonging to the realm. Returns a list of groups belonging to the realm + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :return: array GroupRepresentation + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_GROUPS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_group(self, group_id): + """ + Get group by id. Returns full group details + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :return: Keycloak server response (GroupRepresentation) + """ + params_path = {"realm-name": self.realm_name, "id": group_id} + data_raw = self.connection.raw_get(URL_ADMIN_GROUP.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_group_by_name(self, name_or_path, search_in_subgroups=False): + """ + Get group id based on name or path. + A straight name or path match with a top-level group will return first. + Subgroups are traversed, the first to match path (or name with path) is returned. + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :param name: group name + :param path: group path + :param search_in_subgroups: True if want search in the subgroups + :return: Keycloak server response (GroupRepresentation) + """ + + groups = self.get_groups() + + # TODO: Review this code is necessary + for group in groups: + if group['name'] == name_or_path or group['path'] == name_or_path: + return group + elif search_in_subgroups and group["subGroups"]: + for subgroup in group["subGroups"]: + if subgroup['name'] == name_or_path or subgroup['path'] == name_or_path: + return subgroup + + return None + + def create_group(self, name=None, client_roles={}, realm_roles=[], sub_groups=[], path=None, parent=None): + """ + Create a group in the Realm + + GroupRepresentation + http://www.keycloak.org/docs-api/3.2/rest-api/#_grouprepresentation + + :param name: group name + :param client_roles: (Dict) Client roles to include in groupp # Not demonstrated to work + :param realm_roles: (List) Realm roles to include in group # Not demonstrated to work + :param sub_groups: (List) Subgroups to include in groupp # Not demonstrated to work + :param path: group path + :param parent: parent group's id. Required to create a sub-group. + + :return: Keycloak server response (GroupRepresentation) + """ + + data = {"name": name or path, + "path": path, + "clientRoles": client_roles, + "realmRoles": realm_roles, + "subGroups": sub_groups} + + if parent is None: + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_post(URL_ADMIN_GROUPS.format(**params_path), + data=json.dumps(data)) + else: + params_path = {"realm-name": self.realm_name, "id": parent} + data_raw = self.connection.raw_post(URL_ADMIN_GROUP_CHILD.format(**params_path), + data=json.dumps(data)) + + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def group_set_permissions(self, group_id, enabled=True): + """ + Enable/Disable permissions for a group. Cannot delete group if disabled + + :param group_id: id of group + :param enabled: boolean + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": group_id} + data_raw = self.connection.raw_put(URL_ADMIN_GROUP_PERMISSIONS.format(**params_path), + data=json.dumps({"enabled": enabled})) + return raise_error_from_response(data_raw, KeycloakGetError) + + def group_user_add(self, user_id, group_id): + """ + Add user to group (user_id and group_id) + + :param group_id: id of group + :param user_id: id of user + :param group_id: id of group to add to + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id} + data_raw = self.connection.raw_put(URL_ADMIN_USER_GROUP.format(**params_path), data=None) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def group_user_remove(self, user_id, group_id): + """ + Remove user from group (user_id and group_id) + + :param group_id: id of group + :param user_id: id of user + :param group_id: id of group to add to + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": user_id, "group-id": group_id} + data_raw = self.connection.raw_delete(URL_ADMIN_USER_GROUP.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def delete_group(self, group_id): + """ + Deletes a group in the Realm + + :param group_id: id of group to delete + :return: Keycloak server response + """ + + params_path = {"realm-name": self.realm_name, "id": group_id} + data_raw = self.connection.raw_delete(URL_ADMIN_GROUP.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def get_clients(self): + """ + Get clients belonging to the realm Returns a list of clients belonging to the realm + + ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :return: Keycloak server response (ClientRepresentation) + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENTS.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client(self, client_id): + """ + Get representation of the client + + ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :param client_id: id of client (not client-id) + :return: Keycloak server response (ClientRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": client_id} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENT.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_id(self, client_name): + """ + Get internal keycloak client id from client-id. + This is required for further actions against this client. + + :param client_name: name in ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + :return: client_id (uuid as string) + """ + + clients = self.get_clients() + + for client in clients: + if client_name == client['name']: + return client["id"] + + return None + + def create_client(self, payload): + """ + Create a client + + ClientRepresentation: http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :param payload: ClientRepresentation + :return: Keycloak server response (UserRepresentation) + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_post(URL_ADMIN_CLIENTS.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def delete_client(self, client_id): + """ + Get representation of the client + + ClientRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_clientrepresentation + + :param client_id: keycloak client id (not oauth client-id) + :return: Keycloak server response (ClientRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": client_id} + data_raw = self.connection.raw_delete(URL_ADMIN_CLIENT.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def get_realm_roles(self): + """ + Get all roles for the realm or client + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: Keycloak server response (RoleRepresentation) + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_ADMIN_REALM_ROLES.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_roles(self, client_id): + """ + Get all roles for the client + + :param client_id: id of client (not client-id) + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: Keycloak server response (RoleRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": client_id} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ROLES.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_role(self, client_id, role_name): + """ + Get client role id by name + This is required for further actions with this role. + + :param client_id: id of client (not client-id) + :param role_name: role’s name (not id!) + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: role_id + """ + params_path = {"realm-name": self.realm_name, "id": client_id, "role-name": role_name} + data_raw = self.connection.raw_get(URL_ADMIN_CLIENT_ROLE.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def get_client_role_id(self, client_id, role_name): + """ + Warning: Deprecated + + Get client role id by name + This is required for further actions with this role. + + :param client_id: id of client (not client-id) + :param role_name: role’s name (not id!) + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :return: role_id + """ + role = self.get_client_role(client_id, role_name) + return role.get("id") + + def create_client_role(self, payload): + """ + Create a client role + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :param payload: id of client (not client-id), role_name: name of role + :return: Keycloak server response (RoleRepresentation) + """ + + params_path = {"realm-name": self.realm_name, "id": self.client_id} + data_raw = self.connection.raw_post(URL_ADMIN_CLIENT_ROLES.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) + + def delete_client_role(self, role_name): + """ + Create a client role + + RoleRepresentation + http://www.keycloak.org/docs-api/3.3/rest-api/index.html#_rolerepresentation + + :param role_name: role’s name (not id!) + """ + params_path = {"realm-name": self.realm_name, "id": self.client_id, "role-name": role_name} + data_raw = self.connection.raw_delete(URL_ADMIN_CLIENT_ROLE.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def assign_client_role(self, user_id, client_id, roles): + """ + Assign a client role to a user + + :param client_id: id of client (not client-id) + :param user_id: id of user + :param client_id: id of client containing role, + :param roles: roles list or role (use RoleRepresentation) + :return Keycloak server response + """ + + payload = roles if isinstance(roles, list) else [roles] + params_path = {"realm-name": self.realm_name, "id": user_id, "client-id": client_id} + data_raw = self.connection.raw_post(URL_ADMIN_USER_CLIENT_ROLES.format(**params_path), + data=json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def sync_users(self, storage_id, action): + """ + Function to trigger user sync from provider + + :param storage_id: + :param action: + :return: + """ + data = {'action': action} + params_query = {"action": action} + + params_path = {"realm-name": self.realm_name, "id": storage_id} + data_raw = self.connection.raw_post(URL_ADMIN_USER_STORAGE.format(**params_path), + data=json.dumps(data), **params_query) + return raise_error_from_response(data_raw, KeycloakGetError) + + def import_realm(self, payload): + """ + Imports a realm from a full representation of that realm + + Realmrepresentation + http://www.keycloak.org/docs-api/2.5/rest-api/index.html#_import_a_realm + + :param payload: Realmrepresentation + + :return: Realmrepresentation + """ + data_raw = self.connection.raw_post(URL_ADMIN_REALM, + data = json.dumps(payload)) + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=201) \ No newline at end of file diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py new file mode 100644 index 0000000000..1098521545 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_main.py @@ -0,0 +1,79 @@ +import json + +from keycloak import KeycloakOpenID +from keycloak import KeycloakAdmin +import urllib2, argparse, json + +# Import realm +def keycloak_import_realm(keycloak_realm_file): + data = json.load(open(keycloak_realm_file)) + realm_import = keycloak_admin.import_realm(data) + +# Add user and set password +def keycloak_create_user(email, username, firstName, lastName, password): + new_user = keycloak_admin.create_user({"email": email, + "username": username, + "emailVerified": True, + "enabled": True, + "firstName": firstName, + "lastName": lastName, + "credentials": [{"value": "12345","type": password}], + "realmRoles": ["user_default"]}) + +# Create the user and assign the role to access the user management API +def update_user_roles(config): + realm_json = json.load(open(config['keycloak_realm_json_file_path'])) + clientId = "realm-management" + + for client in realm_json['clients']: + if clientId == client['clientId']: + client_id = client["id"] + break + + user = keycloak_admin.get_users({"username":config['keycloak_api_management_username']}) + user_id = user[0]['id']; + + # Read the role from file + with open(config['keycloak_user_manager_roles_json_file_path'], 'r') as data_file: + json_data = data_file.read() + + roles = json.loads(json_data) + keycloak_admin.assign_client_role(user_id, client_id, roles) + + +if __name__ == "__main__": + parser = argparse.ArgumentParser(description='Configure keycloak user apis') + parser.add_argument('keycloak_bootstrap_config', help='keycloak server url') + args = parser.parse_args() + + with open(args.keycloak_bootstrap_config) as keycloak_bootstrap_config: + config = json.load(keycloak_bootstrap_config) + + try: + # Get access token + keycloak_admin = KeycloakAdmin(server_url=config['keycloak_auth_server_url'], + username=config['keycloak_management_user'], + password=config['keycloak_management_password'], + realm_name="master", + client_id='admin-cli', + verify=False) + # Import realm + keycloak_import_realm(config['keycloak_realm_json_file_path']) + + # Set realm name to sunbird + keycloak_admin.realm_name = config['keycloak_realm'] + + # Add user for user api + keycloak_create_user(email=config['keycloak_api_management_user_email'], + username=config['keycloak_api_management_username'], + firstName=config['keycloak_api_management_user_first_name'], + lastName=config['keycloak_api_management_user_last_name'], + password=config['keycloak_api_management_user_password']) + + # Update user roles for access user management API's + update_user_roles(config) + + except urllib2.HTTPError as e: + error_message = e.read() + print error_message + raise diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py new file mode 100644 index 0000000000..f1dcde44e3 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/keycloak_openid.py @@ -0,0 +1,390 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from .authorization import Authorization +from .exceptions import raise_error_from_response, KeycloakGetError, \ + KeycloakRPTNotFound, KeycloakAuthorizationConfigError, KeycloakInvalidTokenError +from .urls_patterns import ( + URL_TOKEN, + URL_USERINFO, + URL_WELL_KNOWN, + URL_LOGOUT, + URL_CERTS, + URL_ENTITLEMENT, + URL_INTROSPECT +) +from .connection import ConnectionManager +from jose import jwt +import json + + +class KeycloakOpenID: + + def __init__(self, server_url, realm_name, client_id, client_secret_key=None, verify=True): + """ + + :param server_url: Keycloak server url + :param client_id: client id + :param realm_name: realm name + :param client_secret_key: client secret key + :param verify: True if want check connection SSL + """ + self._client_id = client_id + self._client_secret_key = client_secret_key + self._realm_name = realm_name + self._connection = ConnectionManager(base_url=server_url, + headers={}, + timeout=60, + verify=verify) + + self._authorization = Authorization() + + @property + def client_id(self): + return self._client_id + + @client_id.setter + def client_id(self, value): + self._client_id = value + + @property + def client_secret_key(self): + return self._client_secret_key + + @client_secret_key.setter + def client_secret_key(self, value): + self._client_secret_key = value + + @property + def realm_name(self): + return self._realm_name + + @realm_name.setter + def realm_name(self, value): + self._realm_name = value + + @property + def connection(self): + return self._connection + + @connection.setter + def connection(self, value): + self._connection = value + + @property + def authorization(self): + return self._authorization + + @authorization.setter + def authorization(self, value): + self._authorization = value + + def _add_secret_key(self, payload): + """ + Add secret key if exist. + + :param payload: + :return: + """ + if self.client_secret_key: + payload.update({"client_secret": self.client_secret_key}) + + return payload + + def _build_name_role(self, role): + """ + + :param role: + :return: + """ + return self.client_id + "/" + role + + def _token_info(self, token, method_token_info, **kwargs): + """ + + :param token: + :param method_token_info: + :param kwargs: + :return: + """ + if method_token_info == 'introspect': + token_info = self.introspect(token) + else: + token_info = self.decode_token(token, **kwargs) + + return token_info + + def well_know(self): + """ The most important endpoint to understand is the well-known configuration + endpoint. It lists endpoints and other configuration options relevant to + the OpenID Connect implementation in Keycloak. + + :return It lists endpoints and other configuration options relevant. + """ + + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_WELL_KNOWN.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def auth_url(self, redirect_uri): + """ + + http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint + + :return: + """ + return NotImplemented + + def token(self, username, password, grant_type=["password"]): + """ + The token endpoint is used to obtain tokens. Tokens can either be obtained by + exchanging an authorization code or by supplying credentials directly depending on + what flow is used. The token endpoint is also used to obtain new access tokens + when they expire. + + http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint + + :param username: + :param password: + :param grant_type: + :return: + """ + params_path = {"realm-name": self.realm_name} + payload = {"username": username, "password": password, + "client_id": self.client_id, "grant_type": grant_type} + + payload = self._add_secret_key(payload) + data_raw = self.connection.raw_post(URL_TOKEN.format(**params_path), + data=payload) + return raise_error_from_response(data_raw, KeycloakGetError) + + def refresh_token(self, refresh_token, grant_type=["refresh_token"]): + """ + The token endpoint is used to obtain tokens. Tokens can either be obtained by + exchanging an authorization code or by supplying credentials directly depending on + what flow is used. The token endpoint is also used to obtain new access tokens + when they expire. + + http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint + + :param refresh_token: + :param grant_type: + :return: + """ + params_path = {"realm-name": self.realm_name} + payload = {"client_id": self.client_id, "grant_type": grant_type, "refresh_token": refresh_token} + payload = self._add_secret_key(payload) + data_raw = self.connection.raw_post(URL_TOKEN.format(**params_path), + data=payload) + return raise_error_from_response(data_raw, KeycloakGetError) + + def userinfo(self, token): + """ + The userinfo endpoint returns standard claims about the authenticated user, + and is protected by a bearer token. + + http://openid.net/specs/openid-connect-core-1_0.html#UserInfo + + :param token: + :return: + """ + + self.connection.add_param_headers("Authorization", "Bearer " + token) + params_path = {"realm-name": self.realm_name} + + data_raw = self.connection.raw_get(URL_USERINFO.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def logout(self, refresh_token): + """ + The logout endpoint logs out the authenticated user. + :param refresh_token: + :return: + """ + params_path = {"realm-name": self.realm_name} + payload = {"client_id": self.client_id, "refresh_token": refresh_token} + + payload = self._add_secret_key(payload) + data_raw = self.connection.raw_post(URL_LOGOUT.format(**params_path), + data=payload) + + return raise_error_from_response(data_raw, KeycloakGetError, expected_code=204) + + def certs(self): + """ + The certificate endpoint returns the public keys enabled by the realm, encoded as a + JSON Web Key (JWK). Depending on the realm settings there can be one or more keys enabled + for verifying tokens. + + https://tools.ietf.org/html/rfc7517 + + :return: + """ + params_path = {"realm-name": self.realm_name} + data_raw = self.connection.raw_get(URL_CERTS.format(**params_path)) + return raise_error_from_response(data_raw, KeycloakGetError) + + def entitlement(self, token, resource_server_id): + """ + Client applications can use a specific endpoint to obtain a special security token + called a requesting party token (RPT). This token consists of all the entitlements + (or permissions) for a user as a result of the evaluation of the permissions and authorization + policies associated with the resources being requested. With an RPT, client applications can + gain access to protected resources at the resource server. + + :return: + """ + self.connection.add_param_headers("Authorization", "Bearer " + token) + params_path = {"realm-name": self.realm_name, "resource-server-id": resource_server_id} + data_raw = self.connection.raw_get(URL_ENTITLEMENT.format(**params_path)) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def introspect(self, token, rpt=None, token_type_hint=None): + """ + The introspection endpoint is used to retrieve the active state of a token. It is can only be + invoked by confidential clients. + + https://tools.ietf.org/html/rfc7662 + + :param token: + :param rpt: + :param token_type_hint: + + :return: + """ + params_path = {"realm-name": self.realm_name} + + payload = {"client_id": self.client_id, "token": token} + + if token_type_hint == 'requesting_party_token': + if rpt: + payload.update({"token": rpt, "token_type_hint": token_type_hint}) + self.connection.add_param_headers("Authorization", "Bearer " + token) + else: + raise KeycloakRPTNotFound("Can't found RPT.") + + payload = self._add_secret_key(payload) + + data_raw = self.connection.raw_post(URL_INTROSPECT.format(**params_path), + data=payload) + + return raise_error_from_response(data_raw, KeycloakGetError) + + def decode_token(self, token, key, algorithms=['RS256'], **kwargs): + """ + A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data + structure that represents a cryptographic key. This specification + also defines a JWK Set JSON data structure that represents a set of + JWKs. Cryptographic algorithms and identifiers for use with this + specification are described in the separate JSON Web Algorithms (JWA) + specification and IANA registries established by that specification. + + https://tools.ietf.org/html/rfc7517 + + :param token: + :param key: + :param algorithms: + :return: + """ + + return jwt.decode(token, key, algorithms=algorithms, + audience=self.client_id, **kwargs) + + def load_authorization_config(self, path): + """ + Load Keycloak settings (authorization) + + :param path: settings file (json) + :return: + """ + authorization_file = open(path, 'r') + authorization_json = json.loads(authorization_file.read()) + self.authorization.load_config(authorization_json) + authorization_file.close() + + def get_policies(self, token, method_token_info='introspect', **kwargs): + """ + Get policies by user token + + :param token: user token + :return: policies list + """ + + if not self.authorization.policies: + raise KeycloakAuthorizationConfigError( + "Keycloak settings not found. Load Authorization Keycloak settings." + ) + + token_info = self._token_info(token, method_token_info, **kwargs) + + if method_token_info == 'introspect' and not token_info['active']: + raise KeycloakInvalidTokenError( + "Token expired or invalid." + ) + + user_resources = token_info['resource_access'].get(self.client_id) + + if not user_resources: + return None + + policies = [] + + for policy_name, policy in self.authorization.policies.items(): + for role in user_resources['roles']: + if self._build_name_role(role) in policy.roles: + policies.append(policy) + + return list(set(policies)) + + def get_permissions(self, token, method_token_info='introspect', **kwargs): + """ + Get permission by user token + + :param token: user token + :param method_token_info: Decode token method + :param kwargs: parameters for decode + :return: permissions list + """ + + if not self.authorization.policies: + raise KeycloakAuthorizationConfigError( + "Keycloak settings not found. Load Authorization Keycloak settings." + ) + + token_info = self._token_info(token, method_token_info, **kwargs) + + if method_token_info == 'introspect' and not token_info['active']: + raise KeycloakInvalidTokenError( + "Token expired or invalid." + ) + + user_resources = token_info['resource_access'].get(self.client_id) + + if not user_resources: + return None + + permissions = [] + + for policy_name, policy in self.authorization.policies.items(): + for role in user_resources['roles']: + if self._build_name_role(role) in policy.roles: + permissions += policy.permissions + + return list(set(permissions)) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO new file mode 100644 index 0000000000..e98a1ee3c0 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/PKG-INFO @@ -0,0 +1,18 @@ +Metadata-Version: 1.1 +Name: python-keycloak +Version: 0.12.0 +Summary: python-keycloak is a Python package providing access to the Keycloak API. +Home-page: https://bitbucket.org/agriness/python-keycloak +Author: Marcos Pereira +Author-email: marcospereira.mpj@gmail.com +License: GNU General Public License - V3 +Description: UNKNOWN +Keywords: keycloak openid +Platform: UNKNOWN +Classifier: Programming Language :: Python :: 3 +Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3) +Classifier: Development Status :: 3 - Alpha +Classifier: Operating System :: MacOS +Classifier: Operating System :: Unix +Classifier: Operating System :: Microsoft :: Windows +Classifier: Topic :: Utilities diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/SOURCES.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/SOURCES.txt new file mode 100644 index 0000000000..e69de29bb2 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/dependency_links.txt @@ -0,0 +1 @@ + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt new file mode 100644 index 0000000000..d6eafdf657 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/requires.txt @@ -0,0 +1,3 @@ +requests==2.18.4 +httmock==1.2.5 +python-jose==1.4.0 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt new file mode 100644 index 0000000000..26c07c1da4 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/python_keycloak.egg-info/top_level.txt @@ -0,0 +1 @@ +keycloak diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/__init__.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py new file mode 100644 index 0000000000..97ec1792df --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/tests/test_connection.py @@ -0,0 +1,148 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +from httmock import urlmatch, response, HTTMock, all_requests + +from ..connection import ConnectionManager + + +try: + import unittest +except ImportError: + import unittest2 as unittest + + +class TestConnection(unittest.TestCase): + + def setUp(self): + self._conn = ConnectionManager( + base_url="http://localhost:8080/", + headers={}, + timeout=60) + + @all_requests + def response_content_success(self, url, request): + headers = {'content-type': 'application/json'} + content = b'response_ok' + return response(200, content, headers, None, 5, request) + + def test_raw_get(self): + with HTTMock(self.response_content_success): + resp = self._conn.raw_get("/known_path") + self.assertEqual(resp.content, b'response_ok') + self.assertEqual(resp.status_code, 200) + + def test_raw_post(self): + + @urlmatch(path="/known_path", method="post") + def response_post_success(url, request): + headers = {'content-type': 'application/json'} + content = 'response'.encode("utf-8") + return response(201, content, headers, None, 5, request) + + with HTTMock(response_post_success): + resp = self._conn.raw_post("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, b'response') + self.assertEqual(resp.status_code, 201) + + def test_raw_put(self): + @urlmatch(netloc="localhost", path="/known_path", method="put") + def response_put_success(url, request): + headers = {'content-type': 'application/json'} + content = 'response'.encode("utf-8") + return response(200, content, headers, None, 5, request) + + with HTTMock(response_put_success): + resp = self._conn.raw_put("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, b'response') + self.assertEqual(resp.status_code, 200) + + def test_raw_get_fail(self): + + @urlmatch(netloc="localhost", path="/known_path", method="get") + def response_get_fail(url, request): + headers = {'content-type': 'application/json'} + content = "404 page not found".encode("utf-8") + return response(404, content, headers, None, 5, request) + + with HTTMock(response_get_fail): + resp = self._conn.raw_get("/known_path") + + self.assertEqual(resp.content, b"404 page not found") + self.assertEqual(resp.status_code, 404) + + def test_raw_post_fail(self): + + @urlmatch(netloc="localhost", path="/known_path", method="post") + def response_post_fail(url, request): + headers = {'content-type': 'application/json'} + content = str(["Start can't be blank"]).encode("utf-8") + return response(404, content, headers, None, 5, request) + + with HTTMock(response_post_fail): + resp = self._conn.raw_post("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, str(["Start can't be blank"]).encode("utf-8")) + self.assertEqual(resp.status_code, 404) + + def test_raw_put_fail(self): + + @urlmatch(netloc="localhost", path="/known_path", method="put") + def response_put_fail(url, request): + headers = {'content-type': 'application/json'} + content = str(["Start can't be blank"]).encode("utf-8") + return response(404, content, headers, None, 5, request) + + with HTTMock(response_put_fail): + resp = self._conn.raw_put("/known_path", + {'field': 'value'}) + self.assertEqual(resp.content, str(["Start can't be blank"]).encode("utf-8")) + self.assertEqual(resp.status_code, 404) + + def test_add_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertEqual(self._conn.headers, + {"test": "value"}) + + def test_del_param_headers(self): + self._conn.add_param_headers("test", "value") + self._conn.del_param_headers("test") + self.assertEqual(self._conn.headers, {}) + + def test_clean_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertEqual(self._conn.headers, + {"test": "value"}) + self._conn.clean_headers() + self.assertEqual(self._conn.headers, {}) + + def test_exist_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertTrue(self._conn.exist_param_headers("test")) + self.assertFalse(self._conn.exist_param_headers("test_no")) + + def test_get_param_headers(self): + self._conn.add_param_headers("test", "value") + self.assertTrue(self._conn.exist_param_headers("test")) + self.assertFalse(self._conn.exist_param_headers("test_no")) + + def test_get_headers(self): + self._conn.add_param_headers("test", "value") + self.assertEqual(self._conn.headers, + {"test": "value"}) diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py new file mode 100644 index 0000000000..b57212950b --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/keycloak/urls_patterns.py @@ -0,0 +1,54 @@ +# -*- coding: utf-8 -*- +# +# Copyright (C) 2017 Marcos Pereira +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + +# OPENID URLS +URL_WELL_KNOWN = "realms/{realm-name}/.well-known/openid-configuration" +URL_TOKEN = "realms/{realm-name}/protocol/openid-connect/token" +URL_USERINFO = "realms/{realm-name}/protocol/openid-connect/userinfo" +URL_LOGOUT = "realms/{realm-name}/protocol/openid-connect/logout" +URL_CERTS = "realms/{realm-name}/protocol/openid-connect/certs" +URL_INTROSPECT = "realms/{realm-name}/protocol/openid-connect/token/introspect" +URL_ENTITLEMENT = "realms/{realm-name}/authz/entitlement/{resource-server-id}" + +# ADMIN URLS +URL_ADMIN_USERS = "admin/realms/{realm-name}/users" +URL_ADMIN_USERS_COUNT = "admin/realms/{realm-name}/users/count" +URL_ADMIN_USER = "admin/realms/{realm-name}/users/{id}" +URL_ADMIN_USER_CONSENTS = "admin/realms/{realm-name}/users/{id}/consents" +URL_ADMIN_SEND_UPDATE_ACCOUNT = "admin/realms/{realm-name}/users/{id}/execute-actions-email" +URL_ADMIN_SEND_VERIFY_EMAIL = "admin/realms/{realm-name}/users/{id}/send-verify-email" +URL_ADMIN_RESET_PASSWORD = "admin/realms/{realm-name}/users/{id}/reset-password" +URL_ADMIN_GET_SESSIONS = "admin/realms/{realm-name}/users/{id}/sessions" +URL_ADMIN_USER_CLIENT_ROLES = "admin/realms/{realm-name}/users/{id}/role-mappings/clients/{client-id}" +URL_ADMIN_USER_GROUP = "admin/realms/{realm-name}/users/{id}/groups/{group-id}" + +URL_ADMIN_SERVER_INFO = "admin/serverinfo" + +URL_ADMIN_GROUPS = "admin/realms/{realm-name}/groups" +URL_ADMIN_GROUP = "admin/realms/{realm-name}/groups/{id}" +URL_ADMIN_GROUP_CHILD = "admin/realms/{realm-name}/groups/{id}/children" +URL_ADMIN_GROUP_PERMISSIONS = "admin/realms/{realm-name}/groups/{id}/management/permissions" + +URL_ADMIN_CLIENTS = "admin/realms/{realm-name}/clients" +URL_ADMIN_CLIENT = "admin/realms/{realm-name}/clients/{id}" +URL_ADMIN_CLIENT_ROLES = "admin/realms/{realm-name}/clients/{id}/roles" +URL_ADMIN_CLIENT_ROLE = "admin/realms/{realm-name}/clients/{id}/roles/{role-name}" + +URL_ADMIN_REALM_ROLES = "admin/realms/{realm-name}/roles" + +URL_ADMIN_USER_STORAGE = "admin/realms/{realm-name}/user-storage/{id}/sync" +URL_ADMIN_REALM = "admin/realms" diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO new file mode 100644 index 0000000000..e98a1ee3c0 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/PKG-INFO @@ -0,0 +1,18 @@ +Metadata-Version: 1.1 +Name: python-keycloak +Version: 0.12.0 +Summary: python-keycloak is a Python package providing access to the Keycloak API. +Home-page: https://bitbucket.org/agriness/python-keycloak +Author: Marcos Pereira +Author-email: marcospereira.mpj@gmail.com +License: GNU General Public License - V3 +Description: UNKNOWN +Keywords: keycloak openid +Platform: UNKNOWN +Classifier: Programming Language :: Python :: 3 +Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3) +Classifier: Development Status :: 3 - Alpha +Classifier: Operating System :: MacOS +Classifier: Operating System :: Unix +Classifier: Operating System :: Microsoft :: Windows +Classifier: Topic :: Utilities diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt new file mode 100644 index 0000000000..d0e7305a6e --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/SOURCES.txt @@ -0,0 +1,22 @@ +README.md +setup.cfg +setup.py +keycloak/__init__.py +keycloak/connection.py +keycloak/exceptions.py +keycloak/keycloak_admin.py +keycloak/keycloak_adminchild.py +keycloak/keycloak_main.py +keycloak/keycloak_openid.py +keycloak/urls_patterns.py +keycloak/authorization/__init__.py +keycloak/authorization/permission.py +keycloak/authorization/policy.py +keycloak/authorization/role.py +keycloak/tests/__init__.py +keycloak/tests/test_connection.py +python_keycloak.egg-info/PKG-INFO +python_keycloak.egg-info/SOURCES.txt +python_keycloak.egg-info/dependency_links.txt +python_keycloak.egg-info/requires.txt +python_keycloak.egg-info/top_level.txt \ No newline at end of file diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/dependency_links.txt @@ -0,0 +1 @@ + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt new file mode 100644 index 0000000000..d6eafdf657 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/requires.txt @@ -0,0 +1,3 @@ +requests==2.18.4 +httmock==1.2.5 +python-jose==1.4.0 diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt new file mode 100644 index 0000000000..26c07c1da4 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/python_keycloak.egg-info/top_level.txt @@ -0,0 +1 @@ +keycloak diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json b/ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json new file mode 100644 index 0000000000..9aba580d52 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/roles.json @@ -0,0 +1,28 @@ +[ + { + "id": "3ff462fc-b33c-431a-b54b-861c3298d910", + "name": "manage-users", + "description": "${role_manage-users}", + "scopeParamRequired": false, + "composite": false,"clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id": "57118202-c5e5-4c49-829b-c2ed796bfdea", + "name": "query-users", + "description": "${role_query-users}", + "scopeParamRequired": false, + "composite": false, + "clientRole": true, + "containerId": "b2f45201-1362-4b10-83c3-207d470f44bf" + }, + { + "id":"46019462-3dc8-46a8-9786-ffcbad293f43", + "name":"view-users", + "description":"${role_view-users}", + "scopeParamRequired":false, + "composite":true, + "clientRole":true, + "containerId":"b2f45201-1362-4b10-83c3-207d470f44bf" + } +] \ No newline at end of file diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg new file mode 100644 index 0000000000..9f88734b50 --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.cfg @@ -0,0 +1,7 @@ +[metadata] +description-file = README.md + +[egg_info] +tag_build = +tag_date = 0 + diff --git a/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py new file mode 100644 index 0000000000..bf6a505f0a --- /dev/null +++ b/ansible/roles/keycloak/files/python-keycloak-0.12.0/setup.py @@ -0,0 +1,25 @@ +# -*- coding: utf-8 -*- + +from setuptools import setup + +setup( + name='python-keycloak', + version='0.12.0', + url='https://bitbucket.org/agriness/python-keycloak', + license='GNU General Public License - V3', + author='Marcos Pereira', + author_email='marcospereira.mpj@gmail.com', + keywords='keycloak openid', + description=u'python-keycloak is a Python package providing access to the Keycloak API.', + packages=['keycloak', 'keycloak.authorization', 'keycloak.tests'], + install_requires=['requests==2.18.4', 'httmock==1.2.5', 'python-jose==1.4.0'], + classifiers=[ + 'Programming Language :: Python :: 3', + 'License :: OSI Approved :: GNU General Public License v3 (GPLv3)', + 'Development Status :: 3 - Alpha', + 'Operating System :: MacOS', + 'Operating System :: Unix', + 'Operating System :: Microsoft :: Windows', + 'Topic :: Utilities' + ] +) diff --git a/ansible/roles/keycloak/tasks/keycloak_bootstrap.yml b/ansible/roles/keycloak/tasks/keycloak_bootstrap.yml new file mode 100644 index 0000000000..6b4807a15a --- /dev/null +++ b/ansible/roles/keycloak/tasks/keycloak_bootstrap.yml @@ -0,0 +1,8 @@ +- name: initialize python library to run keycloak bootstrap script + shell: python roles/keycloak/files/python-keycloak-0.12.0/keycloak/setup.py install + +- name: Save keycalok vars to json + template: src="roles/keycloak/templates/keycloak-bootstrap.conf.j2" dest="/tmp/keycloak-bootstrap.conf.json" mode="0644" + +- name: Run the keycloak bootstrap script + shell: python keycloak_main.py /tmp/keycloak-bootstrap.conf.json \ No newline at end of file diff --git a/ansible/roles/keycloak/tasks/main.yml b/ansible/roles/keycloak/tasks/main.yml index 0965ef98af..23f4fa229f 100644 --- a/ansible/roles/keycloak/tasks/main.yml +++ b/ansible/roles/keycloak/tasks/main.yml @@ -6,3 +6,6 @@ tags: - deploy +- include: keycloak_bootstrap.yml + tags: + - keycloak-bootstrap.yml \ No newline at end of file diff --git a/ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 b/ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 new file mode 100644 index 0000000000..e17a8594c1 --- /dev/null +++ b/ansible/roles/keycloak/templates/keycloak-bootstrap.conf.j2 @@ -0,0 +1,13 @@ +{ + "keycloak_auth_server_url": "{{ keycloak_auth_server_url }}", + "keycloak_management_user": "{{ keycloak_management_user }}", + "keycloak_management_password": "{{ keycloak_management_password }}", + "keycloak_realm": "{{ keycloak_realm }}", + "keycloak_realm_json_file_path": "{{keycloak_realm_json_file_path}}", + "keycloak_user_manager_roles_json_file_path": "{{ keycloak_user_manager_roles_json_file_path }}", + "keycloak_api_management_username": "{{ keycloak_api_management_username }}", + "keycloak_api_management_user_email": "{{ keycloak_api_management_user_email }}", + "keycloak_api_management_user_first_name": "{{ keycloak_api_management_user_first_name }}", + "keycloak_api_management_user_last_name": "{{ keycloak_api_management_user_last_name }}", + "keycloak_api_management_user_password": "{{ keycloak_api_management_user_password }}" +} From 6a6e9d7e65219ef1a8b9caf28bafdf69518e53e3 Mon Sep 17 00:00:00 2001 From: manoj v Date: Wed, 7 Feb 2018 13:57:51 +0530 Subject: [PATCH 103/104] Issue #30 chore: sunbird_image_storage_url is added to defaults --- ansible/roles/stack-sunbird/defaults/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/roles/stack-sunbird/defaults/main.yml b/ansible/roles/stack-sunbird/defaults/main.yml index 0a80017178..420871a117 100644 --- a/ansible/roles/stack-sunbird/defaults/main.yml +++ b/ansible/roles/stack-sunbird/defaults/main.yml @@ -43,4 +43,5 @@ sunbird_background_actor_port: sunbird_actor_system_name: sunbird_fcm_account_key: sunbird_app_url: +sunbird_image_storage_url: From ff296ea005d728fbdcd233f6b433585808534290 Mon Sep 17 00:00:00 2001 From: Amol Ghatol Date: Thu, 8 Feb 2018 11:25:48 +0530 Subject: [PATCH 104/104] Issue #31 chore: Script to automate realm management user creation and initial realm import for new keycloak install --- ansible/inventories/sample/group_vars/sample | 9 +++++++++ ansible/roles/keycloak/tasks/main.yml | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/ansible/inventories/sample/group_vars/sample b/ansible/inventories/sample/group_vars/sample index 759f63c16f..93f3fdd931 100644 --- a/ansible/inventories/sample/group_vars/sample +++ b/ansible/inventories/sample/group_vars/sample @@ -63,6 +63,15 @@ sunbird_sso_password: "{{sso_password}}" keycloak_password: "{{keycloak_admin_password}}" #admin password for the keycloak_auth login keycloak_theme_path: #path to the keycloak theme files +## Keycloak bootstrap +keycloak_realm_json_file_path: "roles/keycloak/files/python-keycloak-0.12.0/keycloak-realm.json" +keycloak_user_manager_roles_json_file_path: "roles/keycloak/files/python-keycloak-0.12.0/roles.json" +keycloak_api_management_username: "" +keycloak_api_management_user_email: "" +keycloak_api_management_user_first_name: "" +keycloak_api_management_user_last_name: "" +keycloak_api_management_user_password: "" + ## Content Repo configuration sunbird_api_auth_token: "{{ekstep_auth_token}}" #Authorization key (JWT) to access Sunbird APIs. This will be in the output of deploy-apis.sh script, extracting it out is documented in the deployment wiki. sunbird_ekstep_api_key: "{{ekstep_api_key}}" #Authorization key (JWT) to access Ekstep APIs. Steps to generate this are documented on https://github.com/project-sunbird/sunbird-commons/wiki/Obtaining-API-token-for-accessing-ekstep-APIs diff --git a/ansible/roles/keycloak/tasks/main.yml b/ansible/roles/keycloak/tasks/main.yml index 23f4fa229f..09786a20e2 100644 --- a/ansible/roles/keycloak/tasks/main.yml +++ b/ansible/roles/keycloak/tasks/main.yml @@ -8,4 +8,4 @@ - include: keycloak_bootstrap.yml tags: - - keycloak-bootstrap.yml \ No newline at end of file + - keycloak-bootstrap \ No newline at end of file