Joseph Doherty
666ee95095
Mirror docker/seed-sites.sh: create the MxGateway connection (10.100.0.48:5120) on the env2 site and deploy artifacts so the DCL establishes it.
99 lines
4.5 KiB
Bash
Executable File
99 lines
4.5 KiB
Bash
Executable File
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
# Seed env2's single test site with Akka and gRPC addresses.
|
|
# Run after deploy.sh once the env2 central cluster is healthy.
|
|
#
|
|
# Prerequisites:
|
|
# - Infrastructure services running (infra/docker-compose up -d)
|
|
# - Env2 application containers running (docker-env2/deploy.sh)
|
|
# - Env2 central cluster healthy (curl http://localhost:9100/health/ready)
|
|
#
|
|
# Usage:
|
|
# docker-env2/seed-sites.sh
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
|
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
|
|
CLI="dotnet run --project $PROJECT_ROOT/src/ZB.MOM.WW.ScadaBridge.CLI --"
|
|
AUTH="--username multi-role --password password"
|
|
URL="--url http://localhost:9100"
|
|
|
|
echo "=== Seeding ScadaBridge Env2 Sites ==="
|
|
|
|
echo ""
|
|
echo "Creating Site-X (Env2 Site X)..."
|
|
$CLI $URL $AUTH site create \
|
|
--name "Env2 Site X" \
|
|
--identifier "site-x" \
|
|
--description "Env2 test site - two-node cluster" \
|
|
--node-a-address "akka.tcp://scadabridge@scadabridge-env2-site-x-a:8082" \
|
|
--node-b-address "akka.tcp://scadabridge@scadabridge-env2-site-x-b:8082" \
|
|
--grpc-node-a-address "http://scadabridge-env2-site-x-a:8083" \
|
|
--grpc-node-b-address "http://scadabridge-env2-site-x-b:8083" \
|
|
|| echo " (Site-X may already exist)"
|
|
|
|
echo ""
|
|
echo "Creating Engineering Alerts notification list..."
|
|
$CLI $URL $AUTH notification create \
|
|
--name "Engineering Alerts" \
|
|
--emails "engineer@company.com" \
|
|
|| echo " (Engineering Alerts may already exist)"
|
|
|
|
echo ""
|
|
echo "Creating MxGateway data connection (shared gateway) on site-x..."
|
|
# Shared MxGateway data connection pointing at the MxAccess Gateway. Data
|
|
# connections are site-scoped (the DCL runs on site clusters only), so it is
|
|
# created on the env2 site. Config is the typed MxGatewayEndpointConfig JSON
|
|
# (camelCase keys), matching MxGatewayEndpointConfigSerializer.
|
|
MXGW_ENDPOINT="http://10.100.0.48:5120"
|
|
MXGW_APIKEY="mxgw_scadabridgeshared_O193yRm28zftUAcL-HPkTjAuE-vPz86MUtNLFWpcbOY"
|
|
MXGW_CONFIG="{\"endpoint\":\"${MXGW_ENDPOINT}\",\"apiKey\":\"${MXGW_APIKEY}\",\"clientName\":\"\",\"writeUserId\":0,\"useTls\":false,\"caFile\":\"\",\"serverName\":\"\",\"readTimeoutMs\":5000}"
|
|
|
|
SITE_X_ID=$($CLI $URL $AUTH --format json site list \
|
|
| python3 -c "import sys,json; print(next((s['id'] for s in json.load(sys.stdin) if s.get('siteIdentifier')=='site-x'), ''))" 2>/dev/null)
|
|
if [ -n "$SITE_X_ID" ]; then
|
|
echo " site-x (id=$SITE_X_ID): creating 'MxGateway Shared'..."
|
|
$CLI $URL $AUTH data-connection create \
|
|
--site-id "$SITE_X_ID" \
|
|
--name "MxGateway Shared" \
|
|
--protocol "MxGateway" \
|
|
--primary-config "$MXGW_CONFIG" \
|
|
|| echo " (MxGateway connection may already exist on site-x)"
|
|
else
|
|
echo " (site-x not found — skipping MxGateway connection)"
|
|
fi
|
|
|
|
echo ""
|
|
echo "Seeding LDAP group mappings (Design + Deployment)..."
|
|
# SecurityConfiguration.HasData declares 4 mappings but the InitialSchema
|
|
# migration only inserts the Admin row, so a fresh ScadaBridgeConfig2 starts
|
|
# with multi-role getting Admin only -- no Design and no Deployment access.
|
|
# Insert the missing three idempotently. (Mirror of docker/seed-sites.sh.)
|
|
docker exec -i scadabridge-mssql /opt/mssql-tools18/bin/sqlcmd \
|
|
-S localhost -U sa -P 'ScadaBridge_Dev1#' -C \
|
|
-d ScadaBridgeConfig2 -Q "
|
|
SET IDENTITY_INSERT LdapGroupMappings ON;
|
|
IF NOT EXISTS (SELECT 1 FROM LdapGroupMappings WHERE Id = 2)
|
|
INSERT INTO LdapGroupMappings (Id, LdapGroupName, Role) VALUES (2, 'SCADA-Designers', 'Design');
|
|
IF NOT EXISTS (SELECT 1 FROM LdapGroupMappings WHERE Id = 3)
|
|
INSERT INTO LdapGroupMappings (Id, LdapGroupName, Role) VALUES (3, 'SCADA-Deploy-All', 'Deployment');
|
|
IF NOT EXISTS (SELECT 1 FROM LdapGroupMappings WHERE Id = 4)
|
|
INSERT INTO LdapGroupMappings (Id, LdapGroupName, Role) VALUES (4, 'SCADA-Deploy-SiteA', 'Deployment');
|
|
SET IDENTITY_INSERT LdapGroupMappings OFF;
|
|
"
|
|
|
|
echo ""
|
|
echo "Deploying artifacts to all env2 sites (pushes the data connection so the"
|
|
echo "site establishes it — the MxGateway DataConnectionActor connects eagerly)..."
|
|
$CLI $URL $AUTH deploy artifacts \
|
|
|| echo " (artifact deploy reported an issue — check 'deploy status')"
|
|
|
|
echo ""
|
|
echo "=== Env2 site seeding complete ==="
|
|
echo ""
|
|
echo "Verify with: $CLI $URL $AUTH site list"
|
|
echo "Verify connections: $CLI $URL $AUTH data-connection list"
|
|
echo "Verify MxGateway is live: docker logs scadabridge-env2-site-x-a 2>&1 | grep -i mxgateway"
|
|
echo "Multi-role test user now has Admin + Design + Deployment in env2."
|
|
echo "Sign out and back in to refresh session role claims."
|