...
When importing a service into multiple domains/devices, DPOD will run a separate import action for each service, so the scripts will run multiple times, each time the current imported service parameters will be passed and a new folder structure will be created.
Deployment Policy Selector Script
...
- Device Name of the target
- Domain Name of the target
- Service Name
- Object Class (MPGW, XMLFW)
- Executing User Name
- Execution Source (UI or REST)
- Execution UUID
- The deployment policy file name that was selected by the user (without the path), or the value "noPolicy" if no policy was selected
- The path where all policy files are stored (you may change this path from system parameters)
Sample Flow:
- If the user selected deployment policy name X and the service name is Y - leave the deployment policy name as it is
- If the user selected deployment policy name Z and the service name is Q or the Device Name is T - change the deployment policy name to V...
- Next, if the deployment policy's extension is ZIP - extract it to a temp folder (and use /deppolicy/export.xml as the deployment policy file name)
- Read the file as an XML tree
- Run some validations on the XML - check that there is only one deployment policy element in the XML
- Read the inner XML part of /configuration/ConfigDeploymentPolicy and write it to "deployment-policy.txt" for DPOD to use
- Return with RC=0
Output:
- For the import process to continue, the script must end with RC=0, in this case, DPOD will use the deployment policy content that was written to the file "deployment-policy.txt"
The deployment policy should contain the inner part of the XML path /configuration/ConfigDeploymentPolicy (check out the sample script for an example on how to extract it):,
for example:
Paste code macro |
---|
<configRoot><configuration domain="testDomain"><ConfigDeploymentPolicy name="testPolicy" xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:dp="http://www.datapower.com/schemas/management"> <mAdminState read-only="true">enabled</mAdminState> <AcceptedConfig>*/*/wsm/wsm-endpointrewrite</AcceptedConfig> <FilteredConfig>*/*/xml/samlattr</FilteredConfig> <ModifiedConfig> <Match>*/*/network/host-alias?Name=.*&Property=IPAddress&Value=1.1.1.1</Match> <Type>change</Type> <Property /> <Value>2.2.2.2</Value></ModifiedConfig> </ConfigDeploymentPolicy></configuration></configRoot> |
2. If the script returns an RC > 0, DPOD's processing will stop, and an error message will be displayed, the error message will be the content of the file "deployment-policy.txt"
Sample Flow:
- If the user selected deployment policy name X and the service name is Y - leave the deployment policy name as it is
- If the user selected deployment policy name Z and the service name is Q or the Device Name is T - change the deployment policy name to V...
- Next, if the deployment policy's extension is ZIP - extract it to a temp folder (and use /deppolicy/export.xml as the deployment policy file name)
- Read the file as an XML tree
- Run some validations on the XML - check that there is only one deployment policy element in the XML
- Read the inner XML part of /configuration/ConfigDeploymentPolicy and write it to "deployment-policy.txt" for DPOD to use
- Return with RC=0
Import File Validation Script
...
- Import File Name
- Import File Format (ZIP, XML, XCFG)
- Device Name of the target
- Domain Name of the target
- Service Name
- Object Class (MPGW, XMLFW)
- Executing User Name
- Execution Source (UI or REST)
- Execution UUID
- The deployment policy file name that was selected by the user, or the value "noPolicy" if none was selected, the deployment policy may have been overridden by the deployment policy selector script, you can read its content from deployment-policy.txt
Note: Changes made to deployment-policy.txt by this validator script will not be reflected.
Output:
- For the import process to continue - the script must end with RC=0
- If the script ends with RC>0, the import will stop, any error messages written to the file "validation-output.txt" will be shown in the web console and the logs
Sample Flow:
- if the file is a ZIP file - extract it
- Make sure the "export.xml" file exists - if not, end with an error (write and error message to the file "validation-output.txt" and end with RC=1)
- Read the export.xml file as XML tree
- Make sure there is no /domains element (and if there is - end with error, domain export is not allowed)
- Make sure there is only one service's configuration in the export file
- Search the XML tree for /configuration/objectClass[@name=serviceName] - to make sure the file contains an export for the selected service - if not, end with error
- Exit with RC=0
Output:
- For the import process to continue - the script must end with RC=0If the script ends with RC>0, the import will stop, any error messages written to the file "validation-output.txt" will be shown in the web console and the logs