From eb381398ef2a8d30e8556d3ef16f8062711f2218 Mon Sep 17 00:00:00 2001 From: Bin Xia Date: Fri, 9 Jun 2017 06:57:19 +0000 Subject: [PATCH] Vendor nodejs dependencies --- .cfignore | 9 +- docs/how-admin-deploy-the-broker.md | 274 ++++++++++++++-------------- pcf-tile/generate-tile.sh | 2 +- 3 files changed, 146 insertions(+), 139 deletions(-) diff --git a/.cfignore b/.cfignore index 307b218..1d69f0f 100644 --- a/.cfignore +++ b/.cfignore @@ -1,8 +1,7 @@ -test/ -docs/ -scripts/ -examples/ -node_modules/ +/test +/docs +/scripts +/examples .vscode/ README.md .env diff --git a/docs/how-admin-deploy-the-broker.md b/docs/how-admin-deploy-the-broker.md index 3378a7c..f4c4b2f 100644 --- a/docs/how-admin-deploy-the-broker.md +++ b/docs/how-admin-deploy-the-broker.md @@ -33,166 +33,174 @@ In the `mssql` command line, create tables `instances` and `bindings` by loading [schema.sql](../lib/broker/db/sqlserver/schema.sql). + ## Deploy the meta Azure service broker as an application in Cloud Foundry 1. Get the source code from Github. - ``` - git clone https://github.com/Azure/meta-azure-service-broker - cd meta-azure-service-broker + ``` + git clone https://github.com/Azure/meta-azure-service-broker + cd meta-azure-service-broker ``` -2. Update `manifest.yml` with your credentials. +1. Update `manifest.yml` with your credentials. - The contents of `manifest.yml` are: + The contents of `manifest.yml` are: - ``` - --- - applications: - - name: meta-azure-service-broker - buildpack: https://github.com/cloudfoundry/nodejs-buildpack - instances: 1 - env: - ENVIRONMENT: REPLACE-ME - SUBSCRIPTION_ID: REPLACE-ME - TENANT_ID: REPLACE-ME - CLIENT_ID: REPLACE-ME - CLIENT_SECRET: REPLACE-ME - SECURITY_USER_NAME: REPLACE-ME - SECURITY_USER_PASSWORD: REPLACE-ME + ``` + --- + applications: + - name: meta-azure-service-broker + buildpack: https://github.com/cloudfoundry/nodejs-buildpack + instances: 1 + env: + ENVIRONMENT: REPLACE-ME + SUBSCRIPTION_ID: REPLACE-ME + TENANT_ID: REPLACE-ME + CLIENT_ID: REPLACE-ME + CLIENT_SECRET: REPLACE-ME + SECURITY_USER_NAME: REPLACE-ME + SECURITY_USER_PASSWORD: REPLACE-ME + AZURE_BROKER_DATABASE_PROVIDER: REPLACE-ME + AZURE_BROKER_DATABASE_SERVER: REPLACE-ME + AZURE_BROKER_DATABASE_USER: REPLACE-ME + AZURE_BROKER_DATABASE_PASSWORD: REPLACE-ME + AZURE_BROKER_DATABASE_NAME: REPLACE-ME + AZURE_BROKER_DATABASE_ENCRYPTION_KEY: REPLACE-ME + ``` + + * `ENVIRONMENT` + + Two options `AzureCloud` and `AzureChinaCloud` are supported as an `ENVIRONMENT`. For example, if you want to create services in `AzureChinaCloud`, you should specify `AzureChinaCloud` as the `ENVIRONMENT`. + + The following table is about the support for each service in different environments. + + | Service Name | AzureCloud | AzureChinaCloud | + |:---|:---|:---| + | DocumentDB Service (deprecated) | yes | yes | + | CosmosDB Service | yes | no | + | Event Hub Service | yes | yes | + | Redis Cache Service | yes | yes | + | Service Bus Service | yes | yes | + | Storage Service | yes | yes | + | SQL Database Service | yes | yes | + | Database for MySQL Service (preview) | yes | no | + | Database for PostgreSQL Service (preview) | yes | no | + + * `SUBSCRIPTION_ID` + + You can list the providers in the subscription, and make sure that the namespace is registered. For example, if you want to enable Service Bus service, `Microsoft.ServiceBus` should be registered. If the specific provider is not registered, you need to run `azure provider register ` to register it. + + ``` + $ azure provider list + info: Executing command provider list + + Getting ARM registered providers + data: Namespace Registered + data: ------------------------- ------------- + data: Microsoft.Batch Registered + data: Microsoft.Cache Registered + data: Microsoft.Compute Registered + data: Microsoft.DocumentDB Registered + data: Microsoft.EventHub Registered + data: microsoft.insights Registered + data: Microsoft.KeyVault Registered + data: Microsoft.MySql Registered + data: Microsoft.Network Registering + data: Microsoft.ServiceBus Registered + data: Microsoft.Sql Registered + data: Microsoft.Storage Registered + data: Microsoft.ApiManagement NotRegistered + data: Microsoft.Authorization Registered + data: Microsoft.ClassicCompute NotRegistered + data: Microsoft.ClassicNetwork NotRegistered + data: Microsoft.ClassicStorage NotRegistered + data: Microsoft.Devices NotRegistered + data: Microsoft.Features Registered + data: Microsoft.HDInsight NotRegistered + data: Microsoft.Resources Registered + data: Microsoft.Scheduler Registered + data: Microsoft.ServiceFabric NotRegistered + data: Microsoft.StreamAnalytics NotRegistered + data: Microsoft.Web NotRegistered + info: provider list command OK + ``` + + * `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET` + + A [service principal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) is composed of `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET`. + + In [Azure CPI guidance](https://github.com/cloudfoundry-incubator/bosh-azure-cpi-release/tree/master/docs), the roles `Virtual Machine Contributor` and `Network Contributor` are recommended to deploy Cloud Foundry on Azure. However, for the service broker, these two roles are not enough. You can follow [RBAC: Built-in roles](https://azure.microsoft.com/en-us/documentation/articles/role-based-access-built-in-roles/) to get the appropriate roles. + + For example, you can use `Storage Account Contributor` if you only use the service broker to create a storage account. + + If you want to create all the services, you may need the role `Contributor`. + + * `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD` + + Cloud Controller authenticates with the Broker using HTTP basic authentication (the `Authorization:` header) on every request and will reject any broker registrations that do not contain a username and password. `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD` are the username and password of HTTP basic authentication. They are maken up by yourself. When you register the service broker using `cf create-service-broker`, the same values should be used. + + * Database related configurations + + ``` AZURE_BROKER_DATABASE_PROVIDER: REPLACE-ME AZURE_BROKER_DATABASE_SERVER: REPLACE-ME AZURE_BROKER_DATABASE_USER: REPLACE-ME AZURE_BROKER_DATABASE_PASSWORD: REPLACE-ME AZURE_BROKER_DATABASE_NAME: REPLACE-ME AZURE_BROKER_DATABASE_ENCRYPTION_KEY: REPLACE-ME - ``` + ``` - * `ENVIRONMENT` + `AZURE_BROKER_DATABASE_ENCRYPTION_KEY` is used to encrypt the information in the database. It should contain 32 character. **You need to keep it same if you re-deploy the service broker. Otherwise, the information can't be decrypted so that the service broker can't manage the service instances.** - Two options `AzureCloud` and `AzureChinaCloud` are supported as an `ENVIRONMENT`. For example, if you want to create services in `AzureChinaCloud`, you should specify `AzureChinaCloud` as the `ENVIRONMENT`. + Currently, only `sqlserver` is supported for `AZURE_BROKER_DATABASE_PROVIDER`. - The following table is about the support for each service in different environments. + ``` + AZURE_BROKER_DATABASE_PROVIDER: sqlserver + AZURE_BROKER_DATABASE_SERVER: .database.windows.net + AZURE_BROKER_DATABASE_USER: + AZURE_BROKER_DATABASE_PASSWORD: + AZURE_BROKER_DATABASE_NAME: + AZURE_BROKER_DATABASE_ENCRYPTION_KEY: + ``` - | Service Name | AzureCloud | AzureChinaCloud | - |:---|:---|:---| - | DocumentDB Service (depreciated) | yes | yes | - | CosmosDB Service | yes | no | - | Event Hub Service | yes | yes | - | Redis Cache Service | yes | yes | - | Service Bus Service | yes | yes | - | Storage Service | yes | yes | - | SQL Database Service | yes | yes | - | Database for MySQL Service (preview) | yes | no | - | Database for PostgreSQL Service (preview) | yes | no | - - * `SUBSCRIPTION_ID` + * Modules related configurations - You can list the providers in the subscription, and make sure that the namespace is registered. For example, if you want to enable Service Bus service, `Microsoft.ServiceBus` should be registered. If the specific provider is not registered, you need to run `azure provider register ` to register it. + Only SQL database service has the configurations for now. The default value of `AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER` is `true`. The default value of `AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION` is `false`. `AZURE_SQLDB_SQL_SERVER_POOL` is an array of SQL server credentials. Each element in the array should contain all the five parameters: resourceGroup, location, sqlServerName, administratorLogin and administratorLoginPassword. + + ``` + AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER: true | false + AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION: true | false + AZURE_SQLDB_SQL_SERVER_POOL: '[ + { + "resourceGroup": "REPLACE-ME", + "location": "REPLACE-ME", + "sqlServerName": "REPLACE-ME", + "administratorLogin": "REPLACE-ME", + "administratorLoginPassword": "REPLACE-ME" + }, + { + "resourceGroup": "REPLACE-ME", + "location": "REPLACE-ME", + "sqlServerName": "REPLACE-ME", + "administratorLogin": "REPLACE-ME", + "administratorLoginPassword": "REPLACE-ME" + } + ]' + ``` + +1. Install the Node dependencies for production environment. ``` - $ azure provider list - info: Executing command provider list - + Getting ARM registered providers - data: Namespace Registered - data: ------------------------- ------------- - data: Microsoft.Batch Registered - data: Microsoft.Cache Registered - data: Microsoft.Compute Registered - data: Microsoft.DocumentDB Registered - data: Microsoft.EventHub Registered - data: microsoft.insights Registered - data: Microsoft.KeyVault Registered - data: Microsoft.MySql Registered - data: Microsoft.Network Registering - data: Microsoft.ServiceBus Registered - data: Microsoft.Sql Registered - data: Microsoft.Storage Registered - data: Microsoft.ApiManagement NotRegistered - data: Microsoft.Authorization Registered - data: Microsoft.ClassicCompute NotRegistered - data: Microsoft.ClassicNetwork NotRegistered - data: Microsoft.ClassicStorage NotRegistered - data: Microsoft.Devices NotRegistered - data: Microsoft.Features Registered - data: Microsoft.HDInsight NotRegistered - data: Microsoft.Resources Registered - data: Microsoft.Scheduler Registered - data: Microsoft.ServiceFabric NotRegistered - data: Microsoft.StreamAnalytics NotRegistered - data: Microsoft.Web NotRegistered - info: provider list command OK + export NODE_ENV=production + npm install ``` - * `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET` - - A [service principal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) is composed of `TENANT_ID`, `CLIENT_ID` and `CLIENT_SECRET`. - - In [Azure CPI guidance](https://github.com/cloudfoundry-incubator/bosh-azure-cpi-release/tree/master/docs), the roles `Virtual Machine Contributor` and `Network Contributor` are recommended to deploy Cloud Foundry on Azure. However, for the service broker, these two roles are not enough. You can follow [RBAC: Built-in roles](https://azure.microsoft.com/en-us/documentation/articles/role-based-access-built-in-roles/) to get the appropriate roles. - - For example, you can use `Storage Account Contributor` if you only use the service broker to create a storage account. - - If you want to create all the services, you may need the role `Contributor`. - - * `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD` - - Cloud Controller authenticates with the Broker using HTTP basic authentication (the `Authorization:` header) on every request and will reject any broker registrations that do not contain a username and password. `SECURITY_USER_NAME` and `SECURITY_USER_PASSWORD` are the username and password of HTTP basic authentication. They are maken up by yourself. When you register the service broker using `cf create-service-broker`, the same values should be used. - - * Database related configurations +1. Push the broker to Cloud Foundry ``` - AZURE_BROKER_DATABASE_PROVIDER: REPLACE-ME - AZURE_BROKER_DATABASE_SERVER: REPLACE-ME - AZURE_BROKER_DATABASE_USER: REPLACE-ME - AZURE_BROKER_DATABASE_PASSWORD: REPLACE-ME - AZURE_BROKER_DATABASE_NAME: REPLACE-ME - AZURE_BROKER_DATABASE_ENCRYPTION_KEY: REPLACE-ME + cf push ``` - `AZURE_BROKER_DATABASE_ENCRYPTION_KEY` is used to encrypt the information in the database. It should contain 32 character. **You need to keep it same if you re-deploy the service broker. Otherwise, the information can't be decrypted so that the service broker can't manage the service instances.** - - Currently, only `sqlserver` is supported for `AZURE_BROKER_DATABASE_PROVIDER`. - - ``` - AZURE_BROKER_DATABASE_PROVIDER: sqlserver - AZURE_BROKER_DATABASE_SERVER: .database.windows.net - AZURE_BROKER_DATABASE_USER: - AZURE_BROKER_DATABASE_PASSWORD: - AZURE_BROKER_DATABASE_NAME: - AZURE_BROKER_DATABASE_ENCRYPTION_KEY: - ``` - - * Modules related configurations - - Only SQL database service has the configurations for now. The default value of `AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER` is `true`. The default value of `AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION` is `false`. `AZURE_SQLDB_SQL_SERVER_POOL` is an array of SQL server credentials. Each element in the array should contain all the five parameters: resourceGroup, location, sqlServerName, administratorLogin and administratorLoginPassword. - - ``` - AZURE_SQLDB_ALLOW_TO_CREATE_SQL_SERVER: true | false - AZURE_SQLDB_ENABLE_TRANSPARENT_DATA_ENCRYPTION: true | false - AZURE_SQLDB_SQL_SERVER_POOL: '[ - { - "resourceGroup": "REPLACE-ME", - "location": "REPLACE-ME", - "sqlServerName": "REPLACE-ME", - "administratorLogin": "REPLACE-ME", - "administratorLoginPassword": "REPLACE-ME" - }, - { - "resourceGroup": "REPLACE-ME", - "location": "REPLACE-ME", - "sqlServerName": "REPLACE-ME", - "administratorLogin": "REPLACE-ME", - "administratorLoginPassword": "REPLACE-ME" - } - ]' - ``` - -3. Push the broker to Cloud Foundry - - ``` - cf push - ``` - ## Register a service broker ``` diff --git a/pcf-tile/generate-tile.sh b/pcf-tile/generate-tile.sh index b9d5114..de58569 100755 --- a/pcf-tile/generate-tile.sh +++ b/pcf-tile/generate-tile.sh @@ -1,7 +1,7 @@ #!/bin/bash pushd .. rm -f pcf-tile/resources/meta-azure-service-broker.zip - zip -r pcf-tile/resources/meta-azure-service-broker.zip brokerserver.js index.js lib LICENSE NOTICE package.json + zip -r pcf-tile/resources/meta-azure-service-broker.zip brokerserver.js index.js lib LICENSE NOTICE package.json winston.json node_modules popd if [ "$1" = "-major" ]; then tile build major