tested setup
This commit is contained in:
parent
7d79d73399
commit
b9dc4a2249
|
@ -0,0 +1,8 @@
|
||||||
|
FROM alpine:latest
|
||||||
|
RUN apk --no-cache add curl
|
||||||
|
RUN mkdir /var/resources
|
||||||
|
RUN mkdir /var/scripts
|
||||||
|
VOLUME /var/resources
|
||||||
|
VOLUME /var/scripts
|
||||||
|
ENTRYPOINT /var/scripts/entrypoint.sh
|
||||||
|
|
|
@ -5,7 +5,7 @@ services:
|
||||||
container_name: conductorserver
|
container_name: conductorserver
|
||||||
ports:
|
ports:
|
||||||
- "5000:5000"
|
- "5000:5000"
|
||||||
- "8080:8080"
|
- "9090:8080"
|
||||||
networks:
|
networks:
|
||||||
- orchestrator
|
- orchestrator
|
||||||
pyworkers:
|
pyworkers:
|
||||||
|
@ -13,5 +13,16 @@ services:
|
||||||
container_name: pyworkers
|
container_name: pyworkers
|
||||||
networks:
|
networks:
|
||||||
- orchestrator
|
- orchestrator
|
||||||
|
init:
|
||||||
|
build: .
|
||||||
|
image: init
|
||||||
|
networks:
|
||||||
|
- orchestrator
|
||||||
|
volumes:
|
||||||
|
- ./resources:/var/resources:ro
|
||||||
|
- ./scripts:/var/scripts:ro
|
||||||
|
entrypoint: /var/scripts/entrypoint.sh
|
||||||
|
networks:
|
||||||
|
- orchestrator
|
||||||
networks:
|
networks:
|
||||||
orchestrator:
|
orchestrator:
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
[
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"description" : "Execute an HTTP request with pyrest worker",
|
||||||
|
"inputKeys" : ["url", "body", "contentType", "method", "accept", "headers", "connectionTimeout", "readTimeout", "expect"],
|
||||||
|
"outputKeys" : ["body", "status", "reason", "headers"],
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyexec",
|
||||||
|
"description" : "Execute PyExec operations. Currently allowed operations: Nop, Identity, Http, Eval",
|
||||||
|
"inputKeys" : ["operation"],
|
||||||
|
"outputKeys" : ["output"],
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com"
|
||||||
|
}
|
||||||
|
]
|
|
@ -0,0 +1,233 @@
|
||||||
|
{
|
||||||
|
"ownerApp" : "Orchestrator",
|
||||||
|
"name" : "group_created",
|
||||||
|
"createBy" : "Marco Lettere",
|
||||||
|
"description": "Handle workflow related to Portal event group_created",
|
||||||
|
"version" : 1,
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
||||||
|
"inputParameters" : ["user", "group"],
|
||||||
|
"tasks" : [
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "init",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science",
|
||||||
|
"keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science",
|
||||||
|
"clientId" : "${workflow.input.group}",
|
||||||
|
"scriptExpression": "return { 'name' : $.clientId.split('%2F').join('/').split('%2f').join('/')}"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "authorize",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Accept" : "application/json"
|
||||||
|
},
|
||||||
|
"body" : {
|
||||||
|
"client_id" : "orchestrator",
|
||||||
|
"client_secret" : "c93501bd-abeb-4228-bc28-afac38877338",
|
||||||
|
"grant_type" : "client_credentials"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_client",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients",
|
||||||
|
"body" : {
|
||||||
|
"clientId": "${init.input.clientId}",
|
||||||
|
"name": "${init.output.result.name}",
|
||||||
|
"description": "Client representation for ${init.output.result.name} context",
|
||||||
|
"rootUrl": "http://localhost${init.output.result.name}",
|
||||||
|
"enabled": true,
|
||||||
|
"serviceAccountsEnabled": true,
|
||||||
|
"standardFlowEnabled": true,
|
||||||
|
"authorizationServicesEnabled": true,
|
||||||
|
"publicClient": false,
|
||||||
|
"protocol": "openid-connect"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "fork_join",
|
||||||
|
"taskReferenceName" : "fork_role_creation",
|
||||||
|
"type" : "FORK_JOIN",
|
||||||
|
"forkTasks" : [
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_member",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "Member", "description" : "Simple membership for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_accountingmanager",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "Accounting-Manager", "description" : "Accounting-Manager for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_catalogueadmin",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "Catalogue-Admin", "description" : "Catalogue-Admin for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_catalogueeditor",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "Catalogue-Editor", "description" : "Catalogue-Editor for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_datamanager",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "Data-Manager", "description" : "Data-Manager for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_dataminermanager",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "Dataminer-Manager", "description" : "Dataminer-Manager for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_voadmin",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "VO-Admin", "description" : "VO-Admin for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_vredesigner",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "VRE-Designer", "description" : "VRE-Designer for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}],
|
||||||
|
[{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "create_role_vremanager",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${create_client.output.headers.location}/roles",
|
||||||
|
"body" : {
|
||||||
|
"clientRole" : true, "name" : "VRE-Manager", "description" : "VRE-Manager for ${init.output.result.name}"
|
||||||
|
},
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}]
|
||||||
|
]
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "join",
|
||||||
|
"taskReferenceName" : "join_role_creation",
|
||||||
|
"type" : "JOIN"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,64 @@
|
||||||
|
{
|
||||||
|
"ownerApp" : "Orchestrator",
|
||||||
|
"name" : "group_deleted",
|
||||||
|
"createBy" : "Marco Lettere",
|
||||||
|
"description": "Handle workflow related to Portal event group_created",
|
||||||
|
"version" : 1,
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
||||||
|
"inputParameters" : ["user", "group"],
|
||||||
|
"tasks" : [
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "init",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science",
|
||||||
|
"keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science",
|
||||||
|
"scriptExpression" : "1"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "authorize",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Accept" : "application/json"
|
||||||
|
},
|
||||||
|
"body" : {
|
||||||
|
"client_id" : "orchestrator",
|
||||||
|
"client_secret" : "c93501bd-abeb-4228-bc28-afac38877338",
|
||||||
|
"grant_type" : "client_credentials"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_client",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients",
|
||||||
|
"params" : { "clientId" : "${workflow.input.group}"},
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "delete_client",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}",
|
||||||
|
"method" : "DELETE",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,103 @@
|
||||||
|
{
|
||||||
|
"ownerApp" : "Orchestrator",
|
||||||
|
"name" : "user-group-role_created",
|
||||||
|
"createBy" : "Marco Lettere",
|
||||||
|
"description": "Handle workflow related to Portal event user-group-role_created",
|
||||||
|
"version" : 1,
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
||||||
|
"inputParameters" : ["role", "user", "group"],
|
||||||
|
"tasks" : [
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "init",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science",
|
||||||
|
"keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science",
|
||||||
|
"scriptExpression": "1"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "authorize",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Accept" : "application/json"
|
||||||
|
},
|
||||||
|
"body" : {
|
||||||
|
"client_id" : "orchestrator",
|
||||||
|
"client_secret" : "c93501bd-abeb-4228-bc28-afac38877338",
|
||||||
|
"grant_type" : "client_credentials"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_client",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients",
|
||||||
|
"params" : { "clientId" : "${workflow.input.group}"},
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "get_client_roles",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "select_role",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"role": "${workflow.input.role}",
|
||||||
|
"roles" : "${get_client_roles.output.body}",
|
||||||
|
"scriptExpression": "for(var i=0; i < $.roles.length;i++){if($.roles[i]['name'] == $.role) return Java.to([$.roles[i]], 'java.lang.Object[]')}"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "assign_role_to_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}",
|
||||||
|
"expect" : 204,
|
||||||
|
"method" : "POST",
|
||||||
|
"body" : "${select_role.output.result}",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,103 @@
|
||||||
|
{
|
||||||
|
"ownerApp" : "Orchestrator",
|
||||||
|
"name" : "user-group-role_deleted",
|
||||||
|
"createBy" : "Marco Lettere",
|
||||||
|
"description": "Handle workflow related to Portal event user-group-role_deleted",
|
||||||
|
"version" : 1,
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
||||||
|
"inputParameters" : ["role", "user", "group"],
|
||||||
|
"tasks" : [
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "init",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science",
|
||||||
|
"keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science",
|
||||||
|
"scriptExpression": "1"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "authorize",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Accept" : "application/json"
|
||||||
|
},
|
||||||
|
"body" : {
|
||||||
|
"client_id" : "orchestrator",
|
||||||
|
"client_secret" : "c93501bd-abeb-4228-bc28-afac38877338",
|
||||||
|
"grant_type" : "client_credentials"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_client",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients",
|
||||||
|
"params" : { "clientId" : "${workflow.input.group}"},
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "get_client_roles",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "select_role",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"role": "${workflow.input.role}",
|
||||||
|
"roles" : "${get_client_roles.output.body}",
|
||||||
|
"scriptExpression": "for(var i=0; i < $.roles.length;i++){if($.roles[i]['name'] == $.role) return Java.to([$.roles[i]], 'java.lang.Object[]')}"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "remove_role_from_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}",
|
||||||
|
"expect" : 204,
|
||||||
|
"method" : "DELETE",
|
||||||
|
"body" : "${select_role.output.result}",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,117 @@
|
||||||
|
{
|
||||||
|
"ownerApp" : "Orchestrator",
|
||||||
|
"name" : "user-group_created",
|
||||||
|
"createBy" : "Marco Lettere",
|
||||||
|
"description": "Handle workflow related to Portal event user-group_created",
|
||||||
|
"version" : 1,
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
||||||
|
"inputParameters" : ["user", "group"],
|
||||||
|
"tasks" : [
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "init",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science",
|
||||||
|
"keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science",
|
||||||
|
"scriptExpression": "1"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "authorize",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Accept" : "application/json"
|
||||||
|
},
|
||||||
|
"body" : {
|
||||||
|
"client_id" : "orchestrator",
|
||||||
|
"client_secret" : "c93501bd-abeb-4228-bc28-afac38877338",
|
||||||
|
"grant_type" : "client_credentials"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_client",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients",
|
||||||
|
"params" : { "clientId" : "${workflow.input.group}"},
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "get_client_roles",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles",
|
||||||
|
"expect" : [200, 404],
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "check_role_existance",
|
||||||
|
"taskReferenceName" : "check_role_existance",
|
||||||
|
"type" : "DECISION",
|
||||||
|
"inputParameters" :{
|
||||||
|
"previous_outcome" : "${get_client_roles.output.status}"
|
||||||
|
},
|
||||||
|
"caseValueParam" : "previous_outcome",
|
||||||
|
"decisionCases" : {
|
||||||
|
"200" : [
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "select_role",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"role": "${workflow.input.role}",
|
||||||
|
"roles" : "${get_client_roles.output.body}",
|
||||||
|
"scriptExpression": "for(var i=0; i < $.roles.length;i++){if($.roles[i]['name'] == 'Member') return Java.to([$.roles[i]], 'java.lang.Object[]')}"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "assign_role_to_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}",
|
||||||
|
"expect" : 204,
|
||||||
|
"method" : "POST",
|
||||||
|
"body" : "${select_role.output.result}",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,93 @@
|
||||||
|
{
|
||||||
|
"ownerApp" : "Orchestrator",
|
||||||
|
"name" : "user-group_deleted",
|
||||||
|
"createBy" : "Marco Lettere",
|
||||||
|
"description": "Handle workflow related to Portal event user-group_deleted",
|
||||||
|
"version" : 1,
|
||||||
|
"ownerEmail" : "marco.lettere@nubisware.com",
|
||||||
|
"inputParameters" : ["role", "user", "group"],
|
||||||
|
"tasks" : [
|
||||||
|
{
|
||||||
|
"name": "LAMBDA_TASK",
|
||||||
|
"taskReferenceName": "init",
|
||||||
|
"type": "LAMBDA",
|
||||||
|
"inputParameters": {
|
||||||
|
"keycloak": "https://accounts.dev.d4science.org/auth/realms/d4science",
|
||||||
|
"keycloak_admin" : "https://accounts.dev.d4science.org/auth/admin/realms/d4science",
|
||||||
|
"scriptExpression": "1"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "authorize",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak}/protocol/openid-connect/token",
|
||||||
|
"method" : "POST",
|
||||||
|
"headers" : {
|
||||||
|
"Accept" : "application/json"
|
||||||
|
},
|
||||||
|
"body" : {
|
||||||
|
"client_id" : "orchestrator",
|
||||||
|
"client_secret" : "c93501bd-abeb-4228-bc28-afac38877338",
|
||||||
|
"grant_type" : "client_credentials"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users?username=${workflow.input.user}",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "lookup_client",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients",
|
||||||
|
"params" : { "clientId" : "${workflow.input.group}"},
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "get_client_roles",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/clients/${lookup_client.output.body[0].id}/roles",
|
||||||
|
"method" : "GET",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Accept" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name" : "pyrest",
|
||||||
|
"taskReferenceName" : "remove_all_roles_from_user",
|
||||||
|
"type" : "SIMPLE",
|
||||||
|
"inputParameters" : {
|
||||||
|
"url" : "${init.input.keycloak_admin}/users/${lookup_user.output.body[0].id}/role-mappings/clients/${lookup_client.output.body[0].id}",
|
||||||
|
"expect" : 204,
|
||||||
|
"method" : "DELETE",
|
||||||
|
"body" : "${get_client_roles.body}",
|
||||||
|
"headers" : {
|
||||||
|
"Authorization" : "Bearer ${authorize.output.body.access_token}",
|
||||||
|
"Content-Type" : "application/json"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,24 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
export BASE="http://conductorserver:8080/api"
|
||||||
|
|
||||||
|
until $(curl --output /dev/null --silent --fail $BASE/health); do
|
||||||
|
printf '.'
|
||||||
|
sleep 5
|
||||||
|
done
|
||||||
|
|
||||||
|
printf 'Contact ... starting upload'
|
||||||
|
|
||||||
|
curl -s -o /dev/null -w "%{http_code}\n" -X POST -H 'Content-Type: application/json' -d @/var/resources/tasks/pytasks.json $BASE/metadata/taskdefs
|
||||||
|
|
||||||
|
curl -s -o /dev/null -w "%{http_code}\n" -X POST -H 'Content-Type: application/json' -d @/var/resources/workflows/portal/user-group-role_created.json $BASE/metadata/workflow
|
||||||
|
|
||||||
|
curl -s -o /dev/null -w "%{http_code}\n" -X POST -H 'Content-Type: application/json' -d @/var/resources/workflows/portal/user-group-role_deleted.json $BASE/metadata/workflow
|
||||||
|
|
||||||
|
curl -s -o /dev/null -w "%{http_code}\n" -X POST -H 'Content-Type: application/json' -d @/var/resources/workflows/portal/user-group_created.json $BASE/metadata/workflow
|
||||||
|
|
||||||
|
curl -s -o /dev/null -w "%{http_code}\n" -X POST -H 'Content-Type: application/json' -d @/var/resources/workflows/portal/user-group_deleted.json $BASE/metadata/workflow
|
||||||
|
|
||||||
|
curl -s -o /dev/null -w "%{http_code}\n" -X POST -H 'Content-Type: application/json' -d @/var/resources/workflows/portal/group_created.json $BASE/metadata/workflow
|
||||||
|
|
||||||
|
curl -s -o /dev/null -w "%{http_code}\n" -X POST -H 'Content-Type: application/json' -d @/var/resources/workflows/portal/group_deleted.json $BASE/metadata/workflow
|
Loading…
Reference in New Issue