Page History
...
--url
- Specifies the URL by which JOC Cockpit is accessible using
<http|https>://<host>:<port>
. - Example: http://centostest-primary.sos:4446
- Example: https://centostest-primary.sos:4443
- Specifies the URL by which JOC Cockpit is accessible using
--user
- Specifies the user account for login to JOC Cockpit. If JS7 - Identity Services are available for Client authentication certificates that are specified with the
--client-cert
and--client-key
options then their common name (CN) attribute has to match the user account. - If a user account is specified then a password can be specified using the
--password
option or interactive keyboard input can be prompted using the-p
switch.
- Specifies the user account for login to JOC Cockpit. If JS7 - Identity Services are available for Client authentication certificates that are specified with the
--password
- Specifies the password used for the account specified with the
--user
option for login to JOC Cockpit. - Password input from the command line is considered insecure.
- Consider use of the
-p
switch offering a secure option for interactive keyboard input. - Consider use of the
encrypt
command to encrypt a password:./deploy-workflow.sh encrypt --in=root --cert=encrypt.crt
.- The encryption result will include the prefix
enc:
followed by the encrypted symmetric key, initialization vector and encrypted secret separated by space. - If an encrypted password is specified, then it will be decrypted using the Private Key file:
./deploy-workflow.sh <command> --password="enc:BF8J8KP7TPlxy..." --key=encrypt.key
.
- The encryption result will include the prefix
- Consider use of the
- Specifies the password used for the account specified with the
--controller-id
- Specifies the identification of the Controller that holds related orders.
- More than one Controller ID can be specified, separated by comma, for the
export
operation when using the--for-signing
switch.
--ca-cert
- Specifies the path to a file in PEM format that holds the Root CA Certificate and optionally Intermediate CA Certificates to verify HTTPS connections to JOC Cockpit.
--client-cert
- Specifies the path to a file in PEM format that holds the Client Certificate if HTTPS mutual authentication is used..
--client-key
- Specifies the path to a file in PEM format that holds the Client Private Key if HTTPS mutual authentication is used..
--timeout
- Specifies the maximum duration for requests to the JS7 REST Web Service. Default:
60
seconds.
- Specifies the maximum duration for requests to the JS7 REST Web Service. Default:
--file
- Specifies the location of an archive file that is used with
export
,import
andimport-deploy
commands. - On export an existing archive file will be overwritten.
- Specifies the location of an archive file that is used with
--format
- Specifies the format of the archive file indicated with the
--file
option. - The format can be one of
ZIP
orTAR_GZ
. Default:ZIP
. The JS7 can process archive files in .zip format on Unix.
- Specifies the format of the archive file indicated with the
--folder
- Specifies the inventory folder used for the related operation.
- Folder specification starts from a
/
followed by one or more sub-folders. - More than one folder can be specified using comma as in
--folder=/ProductDemo/AgentCluster,/ProductDemo/ScheduledExecution
.
- Folder specification starts from a
- When used with the
import
andimport-deploy
commands, a single folder can be specified that is prepended the folders included with the archive file.
- Specifies the inventory folder used for the related operation.
--start-folder
- Specifies the inventory folder used for relative paths in archive files when using the
export
command with the--path
option, see--use-short-path
switch.
- Specifies the inventory folder used for relative paths in archive files when using the
--path
- Specifies the path of an object such as a workflow, job resource, schedule. A path starts from a /, optionally followed by a hierarchy of sub-folders, and the object name.
- Objects are identified from thier path and object type.
--type
- Specifies the object type such as a workflow or schedule that is indicated together with the
--path
option to identify an object.- Controller Object types include:
WORKFLOW,FILEORDERSOURCE,JOBRESOURCE,NOTICEBOARD,LOCK
- Automation Object types include:
SCHEDULE,WORKINGDAYSCALENDAR,NONWORKINGDAYSCALENDAR,JOBTEMPLATE,INCLUDESCRIPT,REPORT
- Controller Object types include:
- When used with the
export
command for folders then more than one object type can be specified separated by comma, for example--type=WORKFLOW,JOBRESOURCE
- Specifies the object type such as a workflow or schedule that is indicated together with the
--new-path
- When used with the
restore
command, the new path is specified to which the object will be restored in the inventory.
- When used with the
--prefix
- When used with the
import
command, a prefix can be specified that is prepended all objects that are imported. - If an object with the same name and prefix exists, then the object will not be imported.
- When used with the
--suffix
- When used with the
import
command, a suffix can be specified that is appended all objects that are imported. - If an object with the same name and suffix exists, then the object will not be imported.
- When used with the
--algorithm
- When used with the
import-deploy
command, the signature algorithm is specified that was used to digitally sign objects. Default:SHA512withECDSA
. - The algorithm name is made up of the hash algorithm name such as SHA256, SHA512 and the encryption type of the Private Key such as ECDSA or RSA.
- This offers to specify the following algorithm names:
SHA256withECDSA
,SHA256withRSA
,SHA512withECDSA
,SHA512withRSA
.
- When used with the
--date-from
- Specifies the date starting from which the Daily Plan will be updated:
- The
--date-from=now
option value specifies that the Daily Plan will be updated for orders starting from now. - The Daily Plan date in ISO date format can be specified, for example
--date-from=2023-10-23
. - If omitted then the Daily Plan will not be updated.
- The
- Orders in the Daily Plan can be updated for example if the underlying workflow or schedule is changed.
- Specifies the date starting from which the Daily Plan will be updated:
--directory
- When used with the
sign
command, specifies the directory in which workflow files with the extension *.workflow.json and job resources holding the extension .jobresource.json are looked up for signing. Sub-directories are looked up recursively. - All files found will be digitally signed by creating a signature file with the extension *.json.sig that holds the signature of the related object.
- When used with the
--keystore
- When used with the
sign
command, specifies the path to a keystore file in PKCS12 format. The keystore is expected to hold the Private Key and Certificate. - Only one of the options
--keystore
and--key
can be specified.
- When used with the
--key
- When used with the
sign
command anddecrypt
commands, specifies specifies the path to a key file that holds the private key Private Key used for signing/decrypting in PEM format. - Only one of the options
--keystore
and--key
can be specified.
- When used with the
--cert
- When used with the
sign
andencrypt
commands, specifies the path to a file that holds the CA signed or self-signed X.509 Certificate. Alternatively the path to a file holding the Public Key can be specified. The Certificate is expected in PEM format. - For signing the argument is required if the
--key
option is used. The argument is optional If the--keystore
option is used. The--cert
option has precedence if used with the--keystore
option. - For encryption the Certificate must match the Private Key used for later decryption specified with the
--key
option.
- When used with the
--key-password
- When used with the
sign
anddecrypt
commands, specifies the password for access to the keystore using the--keystore
option or key file using the--key
option. - Password input from the command line is considered insecure.
- Consider use of the
-k
switch or more elaborate mechanisms, for example by temporarily populating the system keystore form a security key such as a YubiKey® or similar. - Consider use of encrypted passwords as explained with the
--password
option.
- Consider use of the
- When used with the
--hash
- When used with the
sign
command, specifies the hash algorithm used to create a hash from a file that is to be signed. - Possible values include
sha256
andsha512
. Default:sha256
- When used with the
--in
- When used with the
encrypt
anddecrypt
commands, specifies the input value that should be encrypted or decrypted., - One of the options
--in
or--infile
can be specified.
- When used with the
--infile
- When used with the
encrypt
anddecrypt
commands, specifies the path to the input file that should be encrypted/decrypted. - One of the options
--in
or--infile
can be specified. This option requires use of the--outfile
option.
- When used with the
--outfile
- When used with the
encrypt
command, specifies the path to the output file that will be created holding the encrypted content of the input file. - When used with the
decrypt
command, specifies the path to the output file that will be created holding the decrypted content of the input file. - The option is required if the
--infile
option is specified
- When used with the
--java-home
- When used with the
encrypt
anddecrypt
commands or with encrypted passwords, specifies the Java home directory. By default theJAVA_HOME
environment variable is used to determine the location of Java. - The Java home directory is the top-level directory of a Java installation. The directory includes the
bin
sub-directory andjava
executable.
- When used with the
--java-lib
- When used with the
encrypt
anddecrypt
commands or with encrypted passwords, a number of Java libraries are required to perform encryption/decryption. - The Java libraries are expected in the
lib
sub-directory of the script. Default:./lib
.
- When used with the
--audit-message
- Specifies a message that is made available to the Audit Log.
- Specification of Audit Log messages can be enforced on a per user basis and for a JS7 environment.
--audit-time-spent
- Specifies the time spent to perform an operation which is added to the Audit Log.
- The option can be specified if the -
-audit-message
option is used.
--audit-link
- Specifies a link (URL) which is added to the Audit Log.
- The option can be specified if the -
-audit-message
option is used.
--log-dir
- If a log directory is specified then the script will log information about processing steps to a log file in this directory.
- File names are created according to the pattern:
deploy-workflow.<yyyy>-<MM>-<dd>T<hh>-<mm>-<ss>.log
- For example:
deploy-workflow.2022-03-19T20-50-45.log
...
Overview
Content Tools