Merge pull request #183 from nsacyber/mysql_upgrade_script

[#180] Upgrade hirs_db schema according to upgrade version
2025-01-29 15:44:14 +00:00 · 2019-09-12 08:38:09 -04:00 · 2019-09-12 08:38:09 -04:00 · cdd54c8773
commit cdd54c8773
parent 6a59033768 6cc2a7815a
6 changed files with 101 additions and 14 deletions
--- a/HIRS_Utils/src/main/java/hirs/utils/VersionHelper.java
+++ b/HIRS_Utils/src/main/java/hirs/utils/VersionHelper.java
@ -1,12 +1,13 @@
 package hirs.utils;

-import com.google.common.base.Charsets;
-import com.google.common.io.Resources;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;

+import java.io.BufferedReader;
+import java.io.FileInputStream;
+import java.io.InputStreamReader;
+import java.io.File;
 import java.io.IOException;
-import java.net.URL;

 /**
 * Utility class to get the current version from the VERSION file.
@ -32,7 +33,8 @@ public final class VersionHelper {
    /**
     * Get the current version of HIRS_Portal that is installed.
     *
-     * @param filename that contains the version
+     * @param filename
+     *            that contains the version
     * @return A string representing the current version.
     */
    public static String getVersion(final String filename) {
@ -43,14 +45,30 @@ public final class VersionHelper {
        } catch (IOException | IllegalArgumentException e) {
            LOGGER.warn("Error reading version", e);
            version = "";
+        } catch (NullPointerException e) {
+            LOGGER.warn("File not found: " + filename);
+            version = "";
        }
        return version;
    }

-    private static String getFileContents(final String filename)
-            throws IOException {
+    /**
+     * Read the symbolic link to VERSION in the top level HIRS directory.
+     * @param filename "VERSION"
+     * @return the version number from the file
+     * @throws IOException
+     */
+    private static String getFileContents(final String filename) throws IOException {

-        URL url = Resources.getResource(filename);
-        return Resources.toString(url, Charsets.UTF_8).trim();
+        File versionFileLink = new File(VersionHelper.class.getClassLoader()
+                                            .getResource(filename).getFile());
+        String versionFilePath = versionFileLink.getCanonicalPath();
+        BufferedReader reader = new BufferedReader(
+                                    new InputStreamReader(
+                                         new FileInputStream(versionFilePath), "UTF-8"));
+        String version = reader.readLine();
+        reader.close();
+
+        return version;
    }
 }
--- a/HIRS_Utils/src/main/resources/VERSION
+++ b/HIRS_Utils/src/main/resources/VERSION
@ -0,0 +1 @@
+../../../../VERSION
--- a/HIRS_Utils/src/test/java/hirs/utils/VersionHelperTest.java
+++ b/HIRS_Utils/src/test/java/hirs/utils/VersionHelperTest.java
@ -14,9 +14,8 @@ public class VersionHelperTest {
    @Test
    public void testGetVersionFail() {

-        String actual = VersionHelper.getVersion("somefile");
-        Assert.assertTrue(actual.startsWith(
-                ""));
+        String version = VersionHelper.getVersion("somefile");
+        Assert.assertEquals(version, "");
    }

    /**
--- a/package/rpm/HIRS.spec
+++ b/package/rpm/HIRS.spec
@ -160,7 +160,7 @@ mkdir -p /opt/hirs/scripts/common/
 cp -f /opt/hirs/scripts/common/aca/* /opt/hirs/scripts/common/

 # run these only on a fresh install of the package
-if [ "$1" = "1" ]; then
+if [ $1 == 1 ]; then
    # open necessary ports
    sh /opt/hirs/scripts/common/firewall_configure_tomcat.sh

@ -178,11 +178,34 @@ if [ "$1" = "1" ]; then
    sh /opt/hirs/scripts/common/db_create.sh
 fi

+# modify mysql schema accordingly on upgrade
+if [ $1 -gt 1 ]; then
+    #update version number on portal banner
+    echo %{?DISPLAY_VERSION} | tee '%{prefix}/webapps/HIRS_AttestationCAPortal/WEB-INF/classes/VERSION'
+
+    echo "Upgrading hirs_db schema!"
+    if [ %{version} == "1.0.4" ]; then
+	if (mysql -u root hirs_db < /opt/hirs/scripts/common/upgrade_schema_1.0.4.sql); then
+		echo "Upgrade to version 1.0.4"
+	else
+		echo "Error upgrading HIRS database schema to 1.0.4!"
+		exit 1;
+	fi
+    elif [ %{version} == "1.1.0" ]; then
+	if (mysql -u root hirs_db < /opt/hirs/scripts/common/upgrade_schema_1.0.4.sql && mysql -u root hirs_db < /opt/hirs/scripts/common/upgrade_schema_1.1.0.sql); then
+		echo "Upgrade to version 1.1.0"
+	else
+		echo "Error upgrading HIRS database schema to 1.1.0!"
+		exit 1;
+	fi
+    fi
+fi
+
 sh /opt/hirs/scripts/aca/certificate_generate.sh

 %preun -n HIRS_AttestationCA
 # don't run these during an upgrade
-if [ "$1" = "0" ]; then
+if [ $1 == 0 ]; then
    # if the Server isn't installed, deconfigure Tomcat and MySQL SSL and drop the database
    if [[ -z `rpm -qa HIRS_Server` ]]; then
        echo 'Restoring Tomcat and MySQL configuration'
@ -195,7 +218,7 @@ fi

 %postun -n HIRS_AttestationCA
 # don't run these during an upgrade
-if [ "$1" = "0" ]; then
+if [ $1 == 0 ]; then
    # Removes WARS from the Tomcat installation as well as ACA configuration files and certificates
    # (/etc/hirs/aca), and ACA installation (/opt/hirs/attestation-ca). Do not run during an upgrade
    rm -f %{prefix}/webapps/HIRS_AttestationCA*.war
--- a/package/scripts/common/upgrade_schema_1.0.4.sql
+++ b/package/scripts/common/upgrade_schema_1.0.4.sql
@ -0,0 +1,30 @@
+DROP PROCEDURE IF EXISTS upgrade_schema_to_1_0_4;
+DELIMITER '//'
+
+CREATE PROCEDURE upgrade_schema_to_1_0_4()
+BEGIN
+IF(NOT EXISTS(SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='hirs_db' AND TABLE_NAME='Certificate' AND COLUMN_NAME='isDeltaChain')) THEN
+ALTER TABLE Certificate ADD isDeltaChain bit(1) DEFAULT NULL;
+END IF;
+
+IF(NOT EXISTS(SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='hirs_db' AND TABLE_NAME='Certificate' AND COLUMN_NAME='platformBase')) THEN
+ALTER TABLE Certificate ADD platformBase bit(1) DEFAULT NULL;
+END IF;
+
+IF(NOT EXISTS(SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='hirs_db' AND TABLE_NAME='Certificate' AND COLUMN_NAME='platformChainType')) THEN
+ALTER TABLE Certificate ADD platformChainType varchar(255) DEFAULT NULL;
+END IF;
+
+IF(NOT EXISTS(SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='hirs_db' AND TABLE_NAME='SupplyChainValidationSummary' AND COLUMN_NAME='message')) THEN
+ALTER TABLE SupplyChainValidationSummary ADD message longtext;
+END IF;
+
+IF(NOT EXISTS(SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='hirs_db' AND TABLE_NAME='TPMReport' AND COLUMN_NAME='rawQuote')) THEN
+ALTER TABLE TPMReport ADD rawQuote blob;
+END IF;
+END//
+DELIMITER ';'
+
+CALL upgrade_schema_to_1_0_4;
+DROP PROCEDURE upgrade_schema_to_1_0_4;
+
--- a/package/scripts/common/upgrade_schema_1.1.0.sql
+++ b/package/scripts/common/upgrade_schema_1.1.0.sql
@ -0,0 +1,16 @@
+#commands here if there are schema changes in 1.1.0
+DROP PROCEDURE IF EXISTS upgrade_schema_to_1_1_0;
+DELIMITER '//'
+
+CREATE PROCEDURE upgrade_schema_to_1_1_0()
+BEGIN
+IF(NOT EXISTS(SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='hirs_db' AND TABLE_NAME='Certificate' AND COLUMN_NAME='componentFailures')) THEN
+ALTER TABLE Certificate ADD componentFailures varchar(255) DEFAULT NULL;
+END IF;
+
+END//
+DELIMITER ';'
+
+CALL upgrade_schema_to_1_1_0;
+DROP PROCEDURE upgrade_schema_to_1_1_0;
+