Skip to content

Commit 9b0afd5

Browse files
Jan Lieskovskypskopek
Jan Lieskovsky
authored and
pskopek
committed
[CIAM-696] Replace Bash "read -r -d '' variable <<- Here
String" constructs with the "variable=$(cat <-- Here String)" ones, since the former doesn't work correctly with the Bash "set -e" setting, which is simultaneously set on RH-SSO image modules scripts. This fixes the RH-SSO 7.5-1's image's failure to start when JGROUPS_ENCRYPT_PROTOCOL variable is set to ASYM_ENCRYPT protocol Also add vim-minimal RPM to the list of RPMs installed in the image (handy for debugging) Signed-off-by: Jan Lieskovsky <[email protected]>
1 parent c2ad7c2 commit 9b0afd5

File tree

4 files changed

+50
-11
lines changed

4 files changed

+50
-11
lines changed

modules/eap/setup/eap/modules/added/launch/jgroups.sh

Lines changed: 28 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,12 +33,17 @@ create_jgroups_elytron_encrypt() {
3333
declare jg_encrypt_protocol="${1}" jg_encrypt_keystore="${2}" jg_encrypt_key_alias="${3}" jg_encrypt_password="${4}"
3434
local encrypt
3535

36-
read -r -d '' encrypt <<- EOF
36+
### CIAM-696: Start of RH-SSO add-on:
37+
encrypt=$(cat <<- EOF
3738
<encrypt-protocol type="${jg_encrypt_protocol}" key-store="${jg_encrypt_keystore}" key-alias="${jg_encrypt_key_alias}">
3839
<key-credential-reference clear-text="${jg_encrypt_password}"/>
3940
</encrypt-protocol>
4041
4142
EOF
43+
)
44+
### Escape all newlines in the string
45+
encrypt="${encrypt//$'\n'/\\n}"
46+
### End of RH-SSO add-on for CIAM-696
4247

4348
echo "${encrypt}"
4449
}
@@ -88,7 +93,9 @@ create_jgroups_encrypt_asym() {
8893
# TODO: make these properties configurable, this is currently just falling back on defaults.
8994
declare sym_keylength="${1:-}" sym_algorithm="${2:-}" asym_keylength="${3:-}" asym_algorithm="${4:-}" change_key_on_leave="${5:-}"
9095
local jgroups_encrypt
91-
read -r -d '' jgroups_encrypt <<- EOF
96+
97+
### CIAM-696: Start of RH-SSO add-on:
98+
jgroups_encrypt=$(cat <<- EOF
9299
<protocol type="ASYM_ENCRYPT">
93100
<property name="sym_keylength">${sym_keylength:-128}</property>
94101
<property name="sym_algorithm">${sym_algorithm:-AES/ECB/PKCS5Padding}</property>
@@ -97,6 +104,11 @@ create_jgroups_encrypt_asym() {
97104
<property name="change_key_on_leave">${change_key_on_leave:-true}</property>
98105
</protocol>
99106
EOF
107+
)
108+
### Escape all newlines in the string
109+
jgroups_encrypt="${jgroups_encrypt//$'\n'/\\n}"
110+
### End of RH-SSO add-on for CIAM-696
111+
100112
echo "${jgroups_encrypt}"
101113
}
102114

@@ -148,7 +160,9 @@ create_jgroups_elytron_legacy() {
148160
declare jg_encrypt_keystore="$1" jg_encrypt_password="$2" jg_encrypt_name="$3" jg_encrypt_keystore_dir="$4"
149161
# compatibility with old marker, only used if new marker is not present
150162
local legacy_encrypt
151-
read -r -d '' legacy_encrypt <<- EOF
163+
164+
### CIAM-696: Start of RH-SSO add-on:
165+
legacy_encrypt=$(cat <<- EOF
152166
<protocol type="SYM_ENCRYPT">
153167
<property name="provider">SunJCE</property>
154168
<property name="sym_algorithm">AES</property>
@@ -158,6 +172,10 @@ create_jgroups_elytron_legacy() {
158172
<property name="alias">${jg_encrypt_name}</property>
159173
</protocol>
160174
EOF
175+
)
176+
### Escape all newlines in the string
177+
legacy_encrypt="${legacy_encrypt//$'\n'/\\n}"
178+
### End of RH-SSO add-on for CIAM-696
161179

162180
echo "${legacy_encrypt}"
163181
}
@@ -385,12 +403,18 @@ configure_jgroups_encryption() {
385403
create_jgroups_encrypt_elytron_asym() {
386404
declare jg_encrypt_keystore="$1" jg_encrypt_key_alias="$2" jg_encrypt_password="$3" jg_encrypt_entire_message="$4"
387405
local encrypt
388-
read -r -d '' encrypt <<- EOF
406+
407+
### CIAM-696: Start of RH-SSO add-on:
408+
encrypt=$(cat <<- EOF
389409
<encrypt-protocol type="ASYM_ENCRYPT" key-alias="${jg_encrypt_key_alias}" keystore="${jg_encrypt_keystore}">
390410
<key-credential-reference clear-text="${jg_encrypt_password}"/>
391411
<property name="encrypt_entire_message">"${jg_encrypt_entire_message}"</property>
392412
</encrypt-protocol>
393413
EOF
414+
)
415+
### Escape all newlines in the string
416+
encrypt="${encrypt//$'\n'/\\n}"
417+
### End of RH-SSO add-on for CIAM-696
394418

395419
echo "${encrypt}"
396420
}

modules/eap/setup/eap/modules/added/launch/jgroups_common.sh

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,14 @@ configure_protocol_cli_helper() {
66
local stack=${params[0]}
77
local protocol=${params[1]}
88
local result
9-
IFS= read -rd '' result <<- EOF
9+
10+
### CIAM-696: Start of RH-SSO add-on:
11+
### ---------------------------------
12+
### Replace bash "read -r -d '' variable <<- Here String" constructs with
13+
### "variable=$(cat <<- Here String)" form since the former doesn't work
14+
### correctly in combination with "set -e" directive being simultaneously set
15+
### on container modules scripts
16+
IFS= result=$(cat <<- EOF
1017
1118
if (outcome == success) of /subsystem=jgroups/stack="${stack}"/protocol="${protocol}":read-resource
1219
echo Cannot configure jgroups '${protocol}' protocol under '${stack}' stack. This protocol is already configured. >> \${error_file}
@@ -16,6 +23,9 @@ configure_protocol_cli_helper() {
1623
if (outcome != success) of /subsystem=jgroups/stack="${stack}"/protocol="${protocol}":read-resource
1724
batch
1825
EOF
26+
)
27+
### End of RH-SSO add-on for CIAM-696
28+
1929
# removes the latest new line added by read builtin command
2030
result=$(echo -n "${result}")
2131

@@ -25,12 +35,14 @@ EOF
2535
${params[j]}"
2636
done
2737

28-
IFS= read -r -d '' result <<- EOF
38+
### CIAM-696: Start of RH-SSO add-on
39+
IFS= result=$(cat <<- EOF
2940
${result}
3041
run-batch
3142
end-if
3243
EOF
33-
44+
)
45+
### End of RH-SSO add-on for CIAM-696
3446

3547
echo "${result}"
3648
}

modules/eap/setup/eap/modules/added/launch/json_logging.sh

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,13 +56,16 @@ function consoleHandlerName() {
5656
declare name="$1"
5757
local result=""
5858

59-
read -r -d '' result <<EOF
59+
### CIAM-696: Start of RH-SSO add-on:
60+
result=$(cat <<EOF
6061
if (outcome != success) of /subsystem=logging/console-handler=CONSOLE:read-resource
6162
/subsystem=logging/console-handler=CONSOLE:add(named-formatter=${name})
6263
else
6364
/subsystem=logging/console-handler=CONSOLE:write-attribute(name=named-formatter, value=${name})
6465
end-if
6566
EOF
67+
)
68+
### End of RH-SSO add-on for CIAM-696
6669

6770
echo "$result"
6871
}

modules/eap/setup/eap/modules/module.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,11 @@ packages:
1717
- python3-requests
1818
# RH-SSO add-on:
1919
# -------------
20-
# Add 'which' & 'tree' RPM packages
21-
# "which" tool is handy for debugging issues / troubleshooting
20+
# Add 'which', 'tree' & 'vim-minimal' RPM packages, which are handy for
21+
# issue debugging / troubleshooting purposes
2222
- which
23-
# "tree" tool is handy to inspect directory structure when needed
2423
- tree
24+
- vim-minimal
2525
# End of RH-SSO add-on
2626
# --------------------
2727
ports:

0 commit comments

Comments
 (0)