JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 31

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 32

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagebash
titleExamples for Exporting Objects
linenumberstrue
# common options for connectionconnections to the JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

# export workflows
./deploy-workflow.sh export "${request_options[@]}" \
    --file=export.zip --path=/ap/ap3jobs,/ap/Agent/apRunAsUser --type=WORKFLOW

# export draft schedules
./deploy-workflow.sh export "${request_options[@]}" \
    --file=export.zip --path=/ap/Agent/apAgentSchedule01,/ap/Agent/apAgentSchedule02 --type=SCHEDULE --no-released

# export objects from folder
./deploy-workflow.sh export "${request_options[@]}" \
    --file=export.zip --folder=/ap --recursive

# export objects from folder using relative path
./deploy-workflow.sh export "${request_options[@]}" \
    --file=export.zip --folder=/ap/Agent --recursive --use-short-path

# export objects from folder, limiting object types and validity, feeding audit log
./deploy-workflow.sh export "${request_options[@]}" \
    --file=export.zip --folder=/ap --recursive --type=WORKFLOW,JOBRESOURCE --no-invalid --audit-message="export to production"

...

Code Block
languagebash
titleExamples for Importing Objects
linenumberstrue
# common options for connectionconnections to the JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

# import objects
./deploy-workflow.sh import "${request_options[@]}" \
    --file=export.zip --overwrite

# import objects to a new top-level folder and apply suffix
./deploy-workflow.sh import "${request_options[@]}" \
    --file=export.zip --folder=/Version22 --suffix=v22

# revalidate objects from folder
./deploy-workflow.sh revalidate "${request_options[@]}" \
    --folder=/Version22 --recursive

...

Code Block
languagebash
titleExample for Exporting, Signing and Importing/Deploying for High Security Level
linenumberstrue
# common options for connectionconnections to the JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

# export objects from folder for signing
./deploy-workflow.sh export "${request_options[@]}" \
    --file=export.zip --folder=/myFolder --recursive --for-signing

# digitally sign objects
mkdir -p ./temp
rm -fr ./temp/*
unzip -d ./temp ./export.zip

./deploy-workflow.sh sign \
    --directory=./temp --key=./ecdsa.key --cert=./ecdsa.crt --hash=sha512

rm -f ./import-from-signing.zip
cd ./temp
zip -r ../import-from-signing.zip *
cd -

# import/deploy objects
./deploy-workflow.sh import-deploy "${request_options[@]}" \
    --file=import-from-signing.zip

...

Code Block
languagebash
titleExamples for Deploying and Revoking Objects
linenumberstrue
# common options for connectionconnections to the JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

# deploy workflows and update daily plan
./deploy-workflow.sh deploy "${request_options[@]}" \
    --path=/ap/ap3jobs,/ap/apEnv --type=WORKFLOW --date-from=now

# deploy objects from folder recursively and update daily plan
./deploy-workflow.sh deploy "${request_options[@]}" \
    --folder=/ap/Agent --recursive --date-from=now

# revoke workflows
./deploy-workflow.sh revoke "${request_options[@]}" \
    --path=/ap/ap3jobs,/ap/apEnv --type=WORKFLOW

# revoke objects from folder
./deploy-workflow.sh revoke "${request_options[@]} " \
    --folder=/ap/Agent --recursive

...

Code Block
languagebash
titleExamples for Releasing and Recalling Objects
linenumberstrue
# common options for connectionconnections to the JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

 # release schedules and update daily plan
./deploy-workflow.sh release "${request_options[@]}" \
    --path=/ap/Agent/apAgentSchedule01,/ap/Agent/apAgentSchedule02 --type=SCHEDULE --date-from=now
 
# release objects from folder and update daily plan
./deploy-workflow.sh release "${request_options[@]}" \
    --folder=/ap/Agent --recursive --date-from=now

# recall schedules
./deploy-workflow.sh recall "${request_options[@]}" \
    --path=/ap/Agent/apAgentSchedule01,/ap/Agent/apAgentSchedule02 --type=SCHEDULE

# recall objects from folder
./deploy-workflow.sh recall "${request_options[@]}" \
    --folder=/ap/Agent --recursive

...

Code Block
languagebash
titleExamples for Storing and Removing Objects
linenumberstrue
# common options for connectionconnections to the JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

# store object
./deploy-workflow.sh store "${request_options[@]}" \
    --path=/ap/NewFolder01/NewWorkflow01 --type=WORKFLOW --file=NewWorkflow01.workflow.json

# remove object, update daily plan
./deploy-workflow.sh remove "${request_options[@]}" \
    --path=/ap/NewFolder01/NewWorkflow01 --type=WORKFLOW --date-from=now

# remove objects from folder, update daily plan
./deploy-workflow.sh remove "${request_options[@]}" \
    --folder=/ap/NewFolder01 --date-from=now

...

Code Block
languagebash
titleExamples for Restoring and Deleting Objects
linenumberstrue
# common options for connectionconnections to the JS7 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

# restore object from trash, using suffix for restored objectd
./deploy-workflow.sh restore "${request_options[@]}" \
    --path=/ap/NewFolder01/NewWorkflow01 --type=WORKFLOW --new-path=/ap/NewFolder01/NewWorkflow01 --suffix=restored

# delete object from trash
./deploy-workflow.sh delete "${request_options[@]}" \
    --path=/ap/NewFolder01/NewWorkflow01 --type=WORKFLOW

# delete objects from trash by folder
./deploy-workflow.sh delete "${request_options[@]}" \
    --folder=/ap/NewFolder01

Encrypting and Decrypting

  • Secrets can be encrypted an decrypted as explaind with JS7 - Encryption and Decryption.
  • Encryption/decryption require related Java libraries that are available from the ./lib sub-directory
  • Objects that have previously been removed reside in the trash.
  • Objects can be restored or can be permanently deleted from the trash.
    To restore objects from the trash the path, object type and new path in the inventory must be specified. Optionally a prefix or suffix can be added to restored object names. Restored objects are set to draft status.
  • To permanently delete objects from the trash they can be specified from their path & object type or from a folder.

Code Block
languagebash
titleExample for Encrypting and Decrypting
linenumberstrue
# commoncreate optionsPrivate forKey
openssl connectionecparam to-name JS7secp384r1 REST API
request_options=(--url=http://localhost:4446 --user=root --password=root --controller-id=controller)

# create Private Key
openssl ecparam -name secp384r1 -genkey -noout --genkey -noout -out encrypt.key

# create Certificate Signing Request
openssl req -new -sha512 -nodes -key encrypt.key -out encrypt.csr -subj "/C=DE/ST=Berlin/L=Berlin/O=SOS/OU=IT/CN=Encrypt"

# create Certificate
openssl x509 -req -sha512 -days 1825 -signkey encrypt.key -in encrypt.csr -out encrypt.crt -extfile <(printf "keyUsage=critical,keyEncipherment,keyAgreement\n")


# encrypt a secret such as a password using the recipient's Certificate
result=$(./deploy-workflow.sh encrypt --in="root" --cert=encrypt.crt)

# decrypt
./deploy-workflow.sh decrypt --in="$result" --key=./ca/private/common options for connections to the JS7 REST API can include the result returned from a previous encryption step and the Private Key used to decrypt
request_options=(--url=http://localhost:4446 --user=root --password=="enc:BEXbHYacGkm/2bcx5NjYgLnsoxVMt1lpD3k+Dgc34aaTZIXnjbcatL5IQysNx1SUcnSNC6cr/Msfpv1Gau8znH6NiXAt08sAWTRpXQ5+YIALHl+ENt89lSfDCvfrEek82oJTAXStDHyfYMvYlJQYlb4BoelnHo7MagPiQP/E1ukqLI6S2w== VLJEgsBsKJedUUlSsMCCyQ== 7ajEelvz8w6HMvmFiGBIFA==" --key=encrypt.key --controller-id=controller)

# for example, when exporting workflows the encrypted password and Private Key can be used to decrypt the password for access to the REST API on-the-fly
./deploy-workflow.sh export "${request_options[@]}" --file=export.zip --path=/ap/ap3jobs,/ap/Agent/apRunAsUser --type=WORKFLOW

# decrypt an encrypted secret from the recipient's Private Key
./deploy-workflow.sh decrypt --in="$result" --key=encrypt.key

Resources

...