On branch e2etest: output secured urls exposed by Lb service.

Signed-off-by: galiacheng <[email protected]>

 Changes to be committed:
	modified:   weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh
	modified:   weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep
	modified:   weblogic-azure-aks/src/main/bicep/modules/networking.bicep

Author: galiacheng

weblogic-azure-aks/src/main/arm/scripts/createLbSvc.sh

@@ -180,12 +180,14 @@ function create_lb_svc_for_admin_server_default_channel() {
 
   adminServerEndpoint=$(kubectl get svc ${adminServerLBSVCName} -n ${wlsDomainNS} \
     -o=jsonpath='{.status.loadBalancer.ingress[0].ip}:{.spec.ports[0].port}')
-  adminConsoleEndpoint="${adminServerEndpoint}/console"
 
   if [ "${enableCustomDNSAlias,,}" == "true" ]; then
     create_dns_A_record "${adminServerEndpoint%%:*}" ${dnsAdminLabel} ${dnsRGName} ${dnsZoneName}
-    adminConsoleEndpoint="${dnsAdminLabel}.${dnsZoneName}:${adminServerEndpoint#*:}/console"
+    adminServerEndpoint="${dnsAdminLabel}.${dnsZoneName}:${adminServerEndpoint#*:}"
   fi
+
+  adminConsoleEndpoint="${adminServerEndpoint}/console"
+  adminRemoteEndpoint=${adminServerEndpoint}
 }
 
 function create_lb_svc_for_admin_t3_channel() {
@@ -360,19 +362,48 @@ EOF
   fi
 }
 
+function validate_admin_console_url() {
+  local podName=$(kubectl -n ${wlsDomainNS} get pod -l weblogic.serverName=${constAdminServerName} -o json |
+    jq '.items[0] | .metadata.name' |
+    tr -d "\"")
+
+  if [[ "${podName}" == "null" ]]; then
+    echo "Ensure your domain has at least one admin server."
+    exit 1
+  fi
+
+  adminTargetPort=$(kubectl get svc ${svcAdminServer} -n ${wlsDomainNS} -o json |
+    jq '.spec.ports[] | select(.name=="default") | .port')
+  local adminConsoleUrl="http://${svcAdminServer}.${wlsDomainNS}:${adminTargetPort}/console/"
+
+  kubectl exec -it ${podName} -n ${wlsDomainNS} -c ${wlsContainerName} \
+    -- bash -c 'curl --write-out "%{http_code}\n" --silent --output /dev/null "'${adminConsoleUrl}'" | grep "302"'
+
+  if [ $? == 1 ]; then
+    echo "admin console is not accessible."
+    # reset admin console endpoint
+    adminConsoleEndpoint="null"
+  fi
+}
+
 #Output value to deployment scripts
 function output_result() {
   echo ${adminConsoleEndpoint}
   echo ${clusterEndpoint}
   echo ${adminServerT3Endpoint}
   echo ${clusterT3Endpoint}
+  echo ${adminRemoteEndpoint}
+
+  # check if the admin console is accessible, do not output it
+  validate_admin_console_url
 
   result=$(jq -n -c \
     --arg adminEndpoint $adminConsoleEndpoint \
     --arg clusterEndpoint $clusterEndpoint \
     --arg adminT3Endpoint $adminServerT3Endpoint \
     --arg clusterT3Endpoint $clusterT3Endpoint \
-    '{adminConsoleEndpoint: $adminEndpoint, clusterEndpoint: $clusterEndpoint, adminServerT3Endpoint: $adminT3Endpoint, clusterT3Endpoint: $clusterT3Endpoint}')
+    --arg adminRemoteEndpoint ${adminRemoteEndpoint} \
+    '{adminConsoleEndpoint: $adminEndpoint, clusterEndpoint: $clusterEndpoint, adminServerT3Endpoint: $adminT3Endpoint, clusterT3Endpoint: $clusterT3Endpoint, adminRemoteEndpoint: $adminRemoteEndpoint}')
   echo "result is: $result"
   echo $result >$AZ_SCRIPTS_OUTPUT_PATH
 }
@@ -461,6 +492,7 @@ wlsDomainUID=${11}
 adminConsoleEndpoint="null"
 adminServerName=${constAdminServerName} # define in common.sh
 adminServerT3Endpoint="null"
+adminRemoteEndpoint="null"
 clusterEndpoint="null"
 clusterName=${constClusterName}
 clusterT3Endpoint="null"

weblogic-azure-aks/src/main/bicep/modules/_deployment-scripts/_ds-create-networking.bicep

@@ -54,6 +54,7 @@ var const_scriptLocation = uri(_artifactsLocation, 'scripts/')
 var const_setupNetworkingScript= 'setupNetworking.sh'
 var const_primaryScript = 'invokeSetupNetworking.sh'
 var const_utilityScript= 'utility.sh'
+var name_deploymentName='ds-networking-deployment'
 
 resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
   name: 'ds-networking-deployment'
@@ -80,8 +81,12 @@ resource deploymentScript 'Microsoft.Resources/deploymentScripts@2020-10-01' = {
   }
 }
 
-output adminConsoleLBUrl string = length(lbSvcValues) > 0 && (reference('ds-networking-deployment').outputs.adminConsoleEndpoint != 'null') ? format('http://{0}/',reference('ds-networking-deployment').outputs.adminConsoleEndpoint): ''
-output adminServerT3LBUrl string = length(lbSvcValues) > 0 && (reference('ds-networking-deployment').outputs.adminServerT3Endpoint != 'null') ? reference('ds-networking-deployment').outputs.adminServerT3Endpoint: ''
-output clusterLBUrl string = length(lbSvcValues) > 0 && (reference('ds-networking-deployment').outputs.clusterEndpoint != 'null') ? format('http://{0}/',reference('ds-networking-deployment').outputs.clusterEndpoint): ''
-output clusterT3LBUrl string = length(lbSvcValues) > 0 && (reference('ds-networking-deployment').outputs.clusterT3Endpoint != 'null') ? reference('ds-networking-deployment').outputs.clusterT3Endpoint: ''
+output adminConsoleLBUrl string = (!enableCustomSSL) && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminConsoleEndpoint != 'null') ? format('http://{0}/',reference(name_deploymentName).outputs.adminConsoleEndpoint): ''
+output adminConsoleLBSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminConsoleEndpoint != 'null') ? format('https://{0}/',reference(name_deploymentName).outputs.adminConsoleEndpoint): ''
+output adminServerT3LBUrl string = length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminServerT3Endpoint != 'null') ? reference(name_deploymentName).outputs.adminServerT3Endpoint: ''
+output adminRemoteUrl string = (!enableCustomSSL) && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminRemoteEndpoint != 'null') ? format('http://{0}',reference(name_deploymentName).outputs.adminRemoteEndpoint): ''
+output adminRemoteSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.adminRemoteEndpoint != 'null') ? format('https://{0}',reference(name_deploymentName).outputs.adminRemoteEndpoint): ''
+output clusterLBUrl string = (!enableCustomSSL) && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('https://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): ''
+output clusterLBSecuredUrl string = enableCustomSSL && length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterEndpoint != 'null') ? format('http://{0}/',reference(name_deploymentName).outputs.clusterEndpoint): ''
+output clusterT3LBUrl string = length(lbSvcValues) > 0 && (reference(name_deploymentName).outputs.clusterT3Endpoint != 'null') ? reference(name_deploymentName).outputs.clusterT3Endpoint: ''
 

weblogic-azure-aks/src/main/bicep/modules/networking.bicep

@@ -269,11 +269,11 @@ module pidNetworkingEnd './_pids/_pid.bicep' = {
   ]
 }
 
-output adminConsoleExternalUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}console', const_appgwAdminCustomDNSAlias) : format('http://{0}/console', appgwDeployment.outputs.appGatewayAlias)) : networkingDeployment3.outputs.adminConsoleLBUrl
-output adminConsoleExternalSecuredUrl string = enableAppGWIngress && enableCustomSSL && enableDNSConfiguration ? format('https://{0}console', const_appgwAdminCustomDNSAlias) : ''
-output adminRemoteConsoleUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}remoteconsole', const_appgwAdminCustomDNSAlias) : format('http://{0}/remoteconsole', appgwDeployment.outputs.appGatewayAlias)) : replace(networkingDeployment3.outputs.adminConsoleLBUrl, '/console/', '')
-output adminRemoteConsoleSecuredUrl string = enableAppGWIngress && enableCustomSSL && enableDNSConfiguration ? format('https://{0}remoteconsole', const_appgwAdminCustomDNSAlias) : ''
+output adminConsoleExternalUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}console', const_appgwAdminCustomDNSAlias) : format('http://{0}/console', appgwDeployment.outputs.appGatewayAlias)) : ref_networkDeployment.outputs.adminConsoleLBUrl
+output adminConsoleExternalSecuredUrl string = enableAppGWIngress && enableCustomSSL && enableDNSConfiguration ? format('https://{0}console', const_appgwAdminCustomDNSAlias) : ref_networkDeployment.outputs.adminConsoleLBSecuredUrl
+output adminRemoteConsoleUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}remoteconsole', const_appgwAdminCustomDNSAlias) : format('http://{0}/remoteconsole', appgwDeployment.outputs.appGatewayAlias)) : ref_networkDeployment.outputs.adminRemoteUrl
+output adminRemoteConsoleSecuredUrl string = enableAppGWIngress && enableCustomSSL && enableDNSConfiguration ? format('https://{0}remoteconsole', const_appgwAdminCustomDNSAlias) : ref_networkDeployment.outputs.adminRemoteSecuredUrl
 output adminServerT3ChannelUrl string = ref_networkDeployment.outputs.adminServerT3LBUrl.value
-output clusterExternalUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewayURL) : networkingDeployment3.outputs.clusterLBUrl
-output clusterExternalSecuredUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('https://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewaySecuredURL) : ''
+output clusterExternalUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('http://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewayURL) : ref_networkDeployment.outputs.clusterLBUrl
+output clusterExternalSecuredUrl string = enableAppGWIngress ? (enableDNSConfiguration ? format('https://{0}', const_appgwCustomDNSAlias) : appgwDeployment.outputs.appGatewaySecuredURL) : ref_networkDeployment.outputs.clusterLBSecuredUrl
 output clusterT3ChannelUrl string = ref_networkDeployment.outputs.clusterT3LBUrl.value