Skip to content

Commit

Permalink
Merge pull request #1008 from ministryofjustice/TM/TM-494/onr-bods-au…
Browse files Browse the repository at this point in the history
…tomation

Tm/tm 494/onr bods automation
  • Loading branch information
robertsweetman authored Sep 20, 2024
2 parents 7cdf164 + feccf74 commit 6c5d10c
Show file tree
Hide file tree
Showing 3 changed files with 347 additions and 0 deletions.
118 changes: 118 additions & 0 deletions powershell/Configs/ONROracle19cResponse.rsp
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
###############################################################################
## Copyright(c) Oracle Corporation 1998,2019. All rights reserved. ##
## ##
## Specify values for the variables listed below to customize ##
## your installation. ##
## ##
## Each variable is associated with a comment. The comment ##
## can help to populate the variables with the appropriate ##
## values. ##
## ##
###############################################################################


#-------------------------------------------------------------------------------
# Do not change the following system generated value.
#-------------------------------------------------------------------------------
oracle.install.responseFileVersion=/oracle/install/rspfmt_clientinstall_response_schema_v19.0.0

#-------------------------------------------------------------------------------
# Unix group to be set for the inventory directory.
#-------------------------------------------------------------------------------
UNIX_GROUP_NAME=
#-------------------------------------------------------------------------------
# Complete path of the Oracle Home
#-------------------------------------------------------------------------------
ORACLE_HOME=E:\app\client\oracle\product\19.0.0\client_1
#-------------------------------------------------------------------------------
# Complete path of the Oracle Base.
#-------------------------------------------------------------------------------
ORACLE_BASE=E:\app\client\oracle
#--------------------------------------------------------------------------------------------
# Specify the Oracle Home user.
#
# Use Built-in Account or specify a Windows User Account with limited privilege to
# install and configure the Oracle Home.
#
# Set oracle.install.IsBuiltInAccount to true if you want to use BuiltIn Account.
#
# Set oracle.install.IsBuiltInAccount to false if you want to use Windows Account
# user as Oracle Home user.
#--------------------------------------------------------------------------------------------
oracle.install.IsBuiltInAccount=true
oracle.install.OracleHomeUserName=
oracle.install.OracleHomeUserPassword=
#------------------------------------------------------------------------------
#Name : INSTALL_TYPE
#Datatype : String
#Description: Installation type of the component.
#
# The following choices are available. The value should contain
# only one of these choices.
# - Administrator
# - Runtime
# - InstantClient
# - Custom
#
#Example : INSTALL_TYPE = Administrator
#------------------------------------------------------------------------------
oracle.install.client.installType=Administrator

#-------------------------------------------------------------------------------
# Name : oracle.install.client.customComponents
# Datatype : StringList
#
# This property is considered only if INSTALL_TYPE is set to "Custom"
#
# Description: List of Client Components you would like to install
#
# The following choices are available. You may specify any
# combination of these choices. The components you choose should
# be specified in the form "internal-component-name:version"
# Below is a list of components you may specify to install.
#
# oracle.sqlj:19.0.0.0.0 -- "Oracle SQLJ"
# oracle.rdbms.util:19.0.0.0.0 -- "Oracle Database Utilities"
# oracle.javavm.client:19.0.0.0.0 -- "Oracle Java Client"
# oracle.sqlplus:19.0.0.0.0 -- "SQL*Plus"
# oracle.dbjava.jdbc:19.0.0.0.0 -- "Oracle JDBC/THIN Interfaces"
# oracle.ldap.client:19.0.0.0.0 -- "Oracle Internet Directory Client"
# oracle.rdbms.oci:19.0.0.0.0 -- "Oracle Call Interface (OCI)"
# oracle.precomp:19.0.0.0.0 -- "Oracle Programmer"
# oracle.xdk:19.0.0.0.0 -- "Oracle XML Development Kit"
# oracle.network.aso:19.0.0.0.0 -- "Oracle Advanced Security"
# oracle.oraolap.mgmt:19.0.0.0.0 -- "OLAP Analytic Workspace Manager and Worksheet"
# oracle.network.client:19.0.0.0.0 -- "Oracle Net"
# oracle.network.cman:19.0.0.0.0 -- "Oracle Connection Manager"
# oracle.network.listener:19.0.0.0.0 -- "Oracle Net Listener"
# oracle.ordim.client:19.0.0.0.0 -- "Oracle Multimedia Client Option"
# oracle.odbc:19.0.0.0.0 -- "Oracle ODBC Driver"
# oracle.has.client:19.0.0.0.0 -- "Oracle Clusterware High Availability API"
# oracle.dbdev:19.0.0.0.0 -- "Oracle SQL Developer"
# oracle.rdbms.scheduler:19.0.0.0.0 -- "Oracle Scheduler Agent"
# oracle.ntoramts:19.0.0.0.0 -- "Oracle Services For Microsoft Transaction Server"
# oracle.ntoledb:19.0.0.0.0 -- "Oracle Provider for OLE DB"
# oracle.ntoledb.odp_net_2:19.0.0.0.0 -- "Oracle Data Provider for .NET"
# oracle.aspnet_2:19.0.0.0.0 -- "Oracle Providers for ASP.NET"
#
# Example : oracle.install.client.customComponents="oracle.precomp:19.0.0.0.0","oracle.oraolap.mgmt:19.0.0.0.0","oracle.rdbms.scheduler:19.0.0.0.0"
#-------------------------------------------------------------------------------
oracle.install.client.customComponents=

#-------------------------------------------------------------------------------
# Host name to be used for by the Oracle Scheduler Agent.
# This needs to be entered in case oracle.rdbms.scheduler is selected in the
# list of custom components during custom install
#
# Example : oracle.install.client.schedulerAgentHostName = acme.domain.com
#------------------------------------------------------------------------------
oracle.install.client.schedulerAgentHostName=

#------------------------------------------------------------------------------
# Port number to be used for by the Oracle Scheduler Agent.
# This needs to be entered in case oracle.rdbms.scheduler is selected in the
# list of custom components during custom install
#
# Example: oracle.install.client.schedulerAgentPortNumber = 1500
#------------------------------------------------------------------------------
oracle.install.client.schedulerAgentPortNumber=
19 changes: 19 additions & 0 deletions powershell/Configs/tnsnames_T2_BODS.ora
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
T2BOSYS =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = t2-onr-db-a.oasys.hmpps-test.modernisation-platform.internal)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = BOSYS_TAF)
)
)

T2BOAUD =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = t2-onr-db-a.oasys.hmpps-test.modernisation-platform.internal)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = BOAUD_TAF)
)
)
210 changes: 210 additions & 0 deletions powershell/Scripts/UserDataScripts/OnrBods.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,210 @@
$GlobalConfig = @{
"all" = @{
"WindowsClientS3Bucket" = "mod-platform-image-artefact-bucket20230203091453221500000001"
"WindowsClientS3Folder" = "hmpps/onr"
"OracleClientS3File" = "WINDOWS.X64_193000_client.zip" # Oracle 19c client SW, install 1st
"ORACLE_HOME" = "E:\app\oracle\product\19.0.0\client_1"
"ORACLE_BASE" = "E:\app\oracle"
"IPSS3File" = "51054935.ZIP" # Information Platform Services 4.2 SP9 Patch 0
"DataServicesS3File" = "DS4214P_11-20011165.exe" # Data Services 4.2 SP14 Patch 11
"LINK_DIR" = "E:\SAP BusinessObjects\Data Services"
"RegistryPath" = "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\winlogon"
"LegalNoticeCaption" = "IMPORTANT"
"LegalNoticeText" = "This system is restricted to authorized users only. Individuals who attempt unauthorized access will be prosecuted. If you are unauthorized terminate access now. Click OK to indicate your acceptance of this information"
}
"oasys-national-reporting-development" = @{
"sysDbName" = "T2BOSYS"
"audDbName" = "T2BOAUD"
"tnsorafile" = "tnsnames_T2_BODS.ora"
"OnrShortcuts" = @{
}
}
"oasys-national-reporting-test" = @{
"OnrShortcuts" = @{
}
}
"oasys-national-reporting-preproduction" = @{
"OnrShortcuts" = @{
}
}
"oasys-national-reporting-production" = @{
"OnrShortcuts" = @{
}
}
}
$ConfigurationManagementRepo = "C:\Users\Administrator\AppData\Local\Temp\modernisation-platform-configuration-management"
$ErrorActionPreference = "Stop"
$WorkingDirectory = "D:\Software"
$AppDirectory = "E:\App"

# {{{ functions
function Get-Config {
$tokenParams = @{
TimeoutSec = 10
Headers = @{"X-aws-ec2-metadata-token-ttl-seconds" = 3600}
Method = 'PUT'
Uri = 'http://169.254.169.254/latest/api/token'
}
$Token = Invoke-RestMethod @tokenParams

$instanceIdParams = @{
TimeoutSec = 10
Headers = @{"X-aws-ec2-metadata-token" = $Token}
Method = 'GET'
Uri = 'http://169.254.169.254/latest/meta-data/instance-id'
}
$InstanceId = Invoke-RestMethod @instanceIdParams

$awsParams = @(
'ec2',
'describe-tags',
'--filters',
"Name=resource-id,Values=$InstanceId"
)

$TagsRaw = & aws @awsParams

$Tags = $TagsRaw | ConvertFrom-Json
$EnvironmentNameTag = ($Tags.Tags | Where-Object { $_.Key -eq "environment-name" }).Value

if (-not $GlobalConfig.Contains($EnvironmentNameTag)) {
Write-Error "Unexpected environment-name tag value $EnvironmentNameTag"
}

Return $GlobalConfig.all + $GlobalConfig[$EnvironmentNameTag]
}

function Get-Installer {
param (
[Parameter(Mandatory)]
[string]$Key,

[Parameter(Mandatory)]
[string]$Destination
)

$s3Params = @{
BucketName = $Config.WindowsClientS3Bucket
Key = ($Config.WindowsClientS3Folder + "/" + $Key)
File = $Destination
Verbose = $true
}

Read-S3Object @s3Params
}

function Get-SecretValue {
param (
[Parameter(Mandatory)]
[string]$SecretId,
[Parameter(Mandatory)]
[string]$SecretKey
)
$secretJson = aws secretsmanager get-secret-value --secret-id $SecretId --query SecretString --output text
$secretObject = $secretJson | ConvertFrom-Json
return $secretObject.$SecretKey
}

function Get-InstanceTags {
$Token = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token-ttl-seconds"=3600} -Method PUT -Uri http://169.254.169.254/latest/api/token
$InstanceId = Invoke-RestMethod -TimeoutSec 10 -Headers @{"X-aws-ec2-metadata-token" = $Token} -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id
$TagsRaw = aws ec2 describe-tags --filters "Name=resource-id,Values=$InstanceId"
$Tags = $TagsRaw | ConvertFrom-Json
$Tags.Tags
}

# }}}

# {{{ prepare assets
$Config = Get-Config
New-Item -ItemType Directory -Path $WorkingDirectory -Force
New-Item -ItemType Directory -Path $AppDirectory -Force

Set-Location -Path $WorkingDirectory
Get-Installer -Key $Config.OracleClientS3File -Destination (".\" + $Config.OracleClientS3File)
Get-Installer -Key $Config.IPSS3File -Destination (".\" + $Config.IPSS3File)
Get-Installer -Key $Config.DataServicesS3File -Destination (".\" + $Config.DataServicesS3File)

Expand-Archive ( ".\" + $Config.OracleClientS3File) -Destination ".\OracleClient"
Expand-Archive ( ".\" + $Config.IPSS3File) -Destination ".\IPS"
# }}}

# {{{ Install Oracle Client
# documentation: https://docs.oracle.com/en/database/oracle/oracle-database/19/ntcli/running-oracle-universal-installe-using-the-response-file.html

# Create response file for silent install
$ResponseFileContent = @"
oracle.install.responseFileVersion=/oracle/install/rspfmt_clientinstall_response_schema_v19.0.0
ORACLE_HOME=$($Config.ORACLE_HOME)
ORACLE_BASE=$($Config.ORACLE_BASE)
oracle.install.IsBuiltInAccount=true
oracle.install.client.installType=Administrator
"@

$ResponseFileContent | Out-File -FilePath "$WorkingDirectory\OracleClient\client\client_install.rsp" -Force -Encoding ascii

# Install Oracle Client silent install
$OracleClientInstallParams = @{
FilePath = "$WorkingDirectory\OracleClient\client\setup.exe"
WorkingDirectory = "$WorkingDirectory\OracleClient\client"
ArgumentList = "-silent -noconfig -nowait -responseFile $WorkingDirectory\OracleClient\client\client_install.rsp"
Wait = $true
NoNewWindow = $true
}

Start-Process @OracleClientInstallParams

# Copy tnsnames.ora file to correct location
Copy-Item -Path "$ConfigurationManagementRepo\powershell\Configs\$($Config.tnsorafile)" -Destination "$($Config.ORACLE_HOME)\network\admin\tnsnames.ora" -Force

# Install Oracle configuration tools
$oracleConfigToolsParams = @{
FilePath = "$WorkingDirectory\OracleClient\client\setup.exe"
WorkingDirectory = "$WorkingDirectory\OracleClient\client"
ArgumentList = "-executeConfigTools -silent -nowait -responseFile $WorkingDirectory\OracleClient\client\client_install.rsp"
Wait = $true
NoNewWindow = $true
}

Start-Process @oracleConfigToolsParams
# }}}

# {{{ install IPS
$Tags = Get-InstanceTags

# set Secret Names based on environment
$dbenv = ($Tags | Where-Object { $_.Key -eq "oasys-national-reporting-environment" }).Value
$bodsSecretName = "/ec2/onr-bods/$dbenv/passwords"
$sysDbSecretName = "/oracle/database/$($Config.sysDbName)/passwords"
$audDbSecretName = "/oracle/database/$($Config.audDbName)/passwords"

$onr_system_owner = Get-SecretValue -SecretId $sysDbSecretName -SecretKey "onr_system_owner"
$onr_audit_owner = Get-SecretValue -SecretId $audDbSecretName -SecretKey "onr_audit_owner"
$bods_cluster_key = Get-SecretValue -SecretId $bodsSecretName -SecretKey "bods_cluster_key"
#
# }}}

# {{{ install Data Services
#
# }}}

# {{{ login text
# Apply to all environments that aren't on the domain
$ErrorActionPreference = "Stop"
Write-Output "Add Legal Notice"

if (-NOT (Test-Path $Config.RegistryPath)) {
Write-Output " - Registry path does not exist, creating"
New-Item -Path $Config.RegistryPath -Force | Out-Null
}

$RegistryPath = $Config.RegistryPath
$LegalNoticeCaption = $Config.LegalNoticeCaption
$LegalNoticeText = $Config.LegalNoticeText

Write-Output " - Set Legal Notice Caption"
New-ItemProperty -Path $RegistryPath -Name LegalNoticeCaption -Value $LegalNoticeCaption -PropertyType String -Force

Write-Output " - Set Legal Notice Text"
New-ItemProperty -Path $RegistryPath -Name LegalNoticeText -Value $LegalNoticeText -PropertyType String -Force
# }}}

0 comments on commit 6c5d10c

Please sign in to comment.