aem_resources
Puppet module for provisioning Adobe Experience Manager (AEM) resources
Version information
released Jul 31st 2024
This version is compatible with:
- Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x, 2018.1.x, 2017.3.x
- Puppet >= 5.0.0 < 8.0.0
- ,
Start using this module
Add this module to your Puppetfile:
mod 'shinesolutions-aem_resources', '7.11.0'Learn more about managing modules with a PuppetfileDocumentation
shinesolutions/aem_resources — version 7.11.0 Jul 31st 2024
Puppet AEM Resources
A Puppet module for provisioning Adobe Experience Manager (AEM) resources.
Learn more about Puppet AEM Resources:
Puppet AEM Resources is part of AEM OpenCloud platform but it can be used as a stand-alone.
Installation
puppet module install shinesolutions-aem_resources
Or via a Puppetfile:
mod 'shinesolutions/aem_resources'
If you want to use the main version:
mod 'shinesolutions/aem_resources', :git => 'https://github.com/shinesolutions/puppet-aem-resources'
And because PUP-3386 hasn't been implemented, you have to install ruby_aem prior to using aem_resource Puppet module.
package { 'ruby_aem':
ensure => '3.8.0',
provider => 'puppet_gem',
}
Configuration
AEM username, password, protocol, host, port, and debug can be set via environment variables or a configuration file.
Environment variables have aem_ prefix, e.g. aem_username, aem_password, aem_protocol, aem_host, aem_port, aem_timeout, and aem_debug.
Configuration file should be named aem.yaml and be placed under Puppet config directory. Example config file:
---
:username: 'admin'
:password: 'admin'
:protocol: 'http'
:host: 'localhost'
:port: 4502
:timeout: 300
:debug: False
If a configuration property is not set, then it will use the default value set in ruby_aem.
However, if the invocation specifies an aem_id attribute, then the value of that attribute will be used to identify the environment variables and configuration file. For example:
aem_bundle {
...
aem_id => 'myaem',
...
}
The invocation above will use environment variables with myaem_ prefix, e.g. myaem_username, and it will use a configuration file named myaem.yaml under Puppet config directory.
It is also possible to specify username and password at invocation level by specifying aem_username and aem_password attributes. For example:
aem_bundle {
...
aem_username => 'myusername',
aem_password => 'mypassword',
...
}
Usage
AEM
aem_aem { 'Wait until login page is ready':
ensure => login_page_is_ready,
retries_max_tries => 60,
retries_base_sleep_seconds => 5,
retries_max_sleep_seconds => 5,
}
aem_aem { 'Wait until CRX Package Manager is ready':
ensure => aem_package_manager_is_ready,
retries_max_tries => 60,
retries_base_sleep_seconds => 5,
retries_max_sleep_seconds => 5,
}
# this requires aem-healthcheck package to be installed
# https://github.com/shinesolutions/aem-healthcheck
aem_aem { 'Wait until health is ok':
ensure => aem_health_check_is_ok,
tags => 'deep',
combine_tags_or => false,
retries_max_tries => 60,
retries_base_sleep_seconds => 5,
retries_max_sleep_seconds => 5,
}
aem_aem { 'Wait until install status is finished':
ensure => install_status_is_finished,
retries_max_tries => 60,
retries_base_sleep_seconds => 5,
retries_max_sleep_seconds => 5,
}
aem_aem { 'Remove all agents':
ensure => all_agents_removed,
run_mode => 'author',
}
Authorizable Keystore
aem_authorizable_keystore { "Create new keystore for user authentication-service":
ensure => present,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
authorizable_id => 'authentication-service',
intermediate_path => '/home/users/system',
password => 'password1'
}
aem_authorizable_keystore { "Archive keystore for user authentication-service to a specific path":
ensure => archived,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
authorizable_id => 'authentication-service',
intermediate_path => '/home/users/system',
path => '/tmp'
}
aem_authorizable_keystore { "Archive keystore for user authentication-service to a specific path":
ensure => archived,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
authorizable_id => 'authentication-service',
intermediate_path => '/home/users/system',
file => '/tmp/store.p12'
}
aem_authorizable_keystore { "Remove keystore for user authentication-service":
ensure => absent,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
authorizable_id => 'authentication-service',
intermediate_path => '/home/users/system',
}
Authorizable Keystore Certificate
aem_certificate_chain { "Add certificate to user authentication-service keystore with certificate provided as file":
ensure => present,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
authorizable_id => 'authentication-service',
intermediate_path => '/home/users/system',
private_key_alias => 'alias_123'
private_key_file_path => '/tmp/private_key_pkcs8.der'
certificate_chain_file_path => '/tmp/cert_pem.crt'
}
aem_certificate_chain { "Remove a certificate from User1 keystore":
ensure => present,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
authorizable_id => 'authentication-service',
intermediate_path => '/home/users/system',
private_key_alias => 'alias_123'
}
Bundle
aem_bundle { 'Stop webdav bundle':
ensure => stopped,
name => 'org.apache.sling.jcr.webdav',
}
aem_bundle { 'Start webdav bundle':
ensure => started,
name => 'org.apache.sling.jcr.webdav',
}
Certificate
aem_certificate { "Add certificate by file name":
ensure => present,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
file => '/tmp/cert.crt'
}
aem_certificate { "Force adding certificate by file name":
ensure => present,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
file => '/tmp/cert.crt',
force => true
}
aem_certificate { "Archive certificate via serial number to a specified file path":
ensure => archived,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
truststore_password => 'admin'
serial => '1234567890'
file => '/tmp/cert.crt',
}
aem_certificate { "Remove certificate by file name":
ensure => absent,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
file => '/tmp/cert.crt'
}
aem_certificate { "Remove certificate by serial number":
ensure => absent,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
serial => '1234567890'
}
Config property
aem_config_property { 'Create https.enable property':
ensure => present,
name => 'org.apache.felix.https.enable',
type => 'Boolean',
value => true,
run_mode => 'author',
node_name => 'org.apache.felix.http',
}
Flush agent
aem_flush_agent { 'Create flush agent':
ensure => present,
name => 'some-flush-agent',
run_mode => 'author',
title => 'Some Flush Agent Title',
description => 'Some flush agent description',
dest_base_url => 'http://somehost:8080',
log_level => 'info',
retry_delay => 60000,
force => true,
}
aem_flush_agent { 'Delete flush agent':
ensure => absent,
name => 'some-flush-agent',
run_mode => 'author',
}
Group
aem_group { 'Create staff group':
ensure => present,
name => 'staff',
path => '/home/groups/s',
}
aem_group { 'Create contractor group':
ensure => present,
name => 'contractor',
path => '/home/groups/c',
}
aem_group { 'Create contractor group as a member of staff group':
ensure => present,
name => 'contractor',
path => '/home/groups/c',
parent_group_name => 'staff',
parent_group_path => '/home/groups/s',
}
aem_group { 'Create staff group and add contractor group as a member':
ensure => present,
name => 'staff',
path => '/home/groups/s',
member_group_name => 'contractor',
member_group_path => '/home/groups/c',
}
aem_group { 'Delete staff group':
ensure => absent,
name => 'staff',
path => '/home/groups/s',
}
Node
aem_node { 'Create http OSGI config node':
ensure => present,
name => 'org.apache.felix.http',
path => '/apps/system/config',
type => 'sling:OsgiConfig',
}
aem_node { 'Delete http OSGI config node':
ensure => absent,
name => 'org.apache.felix.http',
path => '/apps/system/config',
}
Package
aem_package { 'Install AEM6.2 hotfix 12785':
ensure => present,
name => 'cq-6.2.0-hotfix-12785',
group => 'adobe/cq620/hotfix',
version => '7.0',
path => '/tmp/',
replicate => false,
activate => true,
force => true,
}
aem_package { 'Archive Geometrixx apps':
ensure => archived,
name => 'somearchivedpackage',
group => 'somepackagegroup',
version => '1.2.3',
path => '/tmp/',
filter => '[{"root":"/apps/geometrixx","rules":[]},{"root":"/apps/geometrixx-common","rules":[]}]',
}
Path
aem_path { 'Activate /etc/designs/cloudservices/':
ensure => is_activated,
name => '/etc/designs/cloudservices/',
}
aem_path { 'Delete /etc/designs/somepath/':
ensure => absent,
name => '/etc/designs/somepath/',
}
Replication agent
aem_replication_agent { 'Create replication agent':
ensure => present,
name => 'some-replication-agent',
run_mode => 'author',
title => 'Some Replication Agent Title',
description => 'Some replication agent description',
dest_base_url => 'http://somehost:8080',
transport_user => 'someuser',
transport_password => 'somepass',
log_level => 'info',
retry_delay => 60000,
force => true,
}
aem_replication_agent { 'Delete replication agent':
ensure => absent,
name => 'some-replication-agent',
run_mode => 'author',
}
Outbox replication agent
aem_outbox_replication_agent { 'Create outbox replication agent':
ensure => present,
name => 'some-outbox-replication-agent',
run_mode => 'publish',
title => 'Some Outbox Replication Agent Title',
description => 'Some outbox replication agent description',
user_id => 'admin',
log_level => 'info',
force => true,
}
aem_outbox_replication_agent { 'Delete outbox replication agent':
ensure => absent,
name => 'some-outbox-replication-agent',
run_mode => 'publish',
}
Repository
aem_repository { 'Block repository writes':
ensure => writes_blocked,
}
aem_repository { 'Unblock repository writes':
ensure => writes_unblocked,
}
Saml
aem_saml { 'Create SAML configuration for AEM 6.2 with certificate provided via idp_cert_alias parameter':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
idp_cert_alias => 'certalias___1542770831396',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
}
aem_saml { 'Create SAML configuration for AEM 6.3 with certificate provided via idp_cert_alias parameter':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
idp_cert_alias => 'certalias___1542770831396',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
clock_tolerance => 60,
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
digest_method => 'http://www.w3.org/2001/04/xmlenc#sha256',
signature_method => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
}
aem_saml { 'Create SAML configuration for AEM 6.4 with certificate provided via idp_cert_alias parameter':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
idp_cert_alias => 'certalias___1542770831396',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
clock_tolerance => 60,
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
digest_method => 'http://www.w3.org/2001/04/xmlenc#sha256',
signature_method => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
user_intermediate_path => '',
assertion_consumer_service_url => ''
}
aem_saml { 'Create SAML configuration for AEM 6.2 with certificate provided via serial number':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
serial => '1234567890',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
}
aem_saml { 'Create SAML configuration for AEM 6.3 with certificate provided via serial number':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
serial => '1234567890',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
clock_tolerance => 60,
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
digest_method => 'http://www.w3.org/2001/04/xmlenc#sha256',
signature_method => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
}
aem_saml { 'Create SAML configuration for AEM 6.4 with certificate provided via serial number':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
serial => '1234567890',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
clock_tolerance => 60,
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
digest_method => 'http://www.w3.org/2001/04/xmlenc#sha256',
signature_method => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
user_intermediate_path => '',
assertion_consumer_service_url => ''
}
aem_saml { 'Create SAML configuration for AEM 6.2 with certificate provided as a file':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
file => '/tmp/cert.crt',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
}
aem_saml { 'Create SAML configuration for AEM 6.3 with certificate provided as a file':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
file => '/tmp/cert.crt',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
clock_tolerance => 60,
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
digest_method => 'http://www.w3.org/2001/04/xmlenc#sha256',
signature_method => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
}
aem_saml { 'Create SAML configuration for AEM 6.4 with certificate provided as a file':
ensure => present,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
key_store_password => 'admin',
service_ranking => 5002,
idp_http_redirect => true,
create_user => true,
default_redirect_url => '/sites.html',
user_id_attribute => 'NameID',
default_groups => ['def-groups'],
file => '/tmp/cert.crt',
add_group_memberships => true,
path => ['/'],
synchronize_attributes => [
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname\=profile/givenName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname\=profile/familyName',
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress\=profile/email'
],
clock_tolerance => 60,
group_membership_attribute => 'http://temp/variable/aem-groups',
idp_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx?RequestBinding\=HTTPPost&loginToRp\=https://prod-aemauthor.com/saml_login',
logout_url => 'https://federation.prod.com/adfs/ls/IdpInitiatedSignOn.aspx',
service_provider_entity_id => 'https://prod-aemauthor.com/saml_login',
handle_logout => true,
sp_private_key_alias => '',
use_encryption => false,
name_id_format => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
digest_method => 'http://www.w3.org/2001/04/xmlenc#sha256',
signature_method => 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
user_intermediate_path => '',
assertion_consumer_service_url => ''
}
aem_saml { 'Remove SAML configuration':
ensure => absent,
aem_username => 'admin',
aem_password => 'admin',
aem_id => 'author',
}
SSL
aem_ssl { 'Enable Granite SSL Config':
ensure => present,
https_hostname => 'localhost',
https_port => 5432,
keystore_password => 'somekeystorepassword',
truststore_password => 'sometruststorepassword',
privatekey_file_path => '/tmp/shinesolutions/puppet-aem-resources/cert_ssl.der',
certificate_file_path => '/tmp/shinesolutions/puppet-aem-resources/cert_ssl.crt',
}
aem_ssl { 'Remove Granite SSL Config':
ensure => absent
}
Truststore
aem_truststore { "Create Truststore":
ensure => present,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
password => 'admin'
}
aem_truststore { "Import Truststore from file provided via file":
ensure => present,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
password => 'admin'
file => '/root/truststore.p12'
}
aem_truststore { "Archive Truststore to /root":
ensure => archived,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
path => '/root'
}
aem_truststore { "Archive Truststore to /root/truststore.p12":
ensure => archived,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin',
file => '/root/truststore.p12'
}
aem_truststore { "Delete Truststore":
ensure => absent,
aem_id => 'author',
aem_username => 'admin',
aem_password => 'admin'
}
User
aem_user { 'Create user charlie without any group':
ensure => present,
name => 'charlie',
path => '/home/users/c',
password => 'somepassword',
permission => {
'/libs' => ['read:false', 'modify:false', 'create:false', 'delete:false', 'acl_read:false', 'acl_edit:false', 'replicate:false'],
'/var' => ['read:false', 'modify:false', 'create:false', 'delete:false', 'acl_read:false', 'acl_edit:false', 'replicate:false'],
'/tmp' => ['read:false', 'modify:false', 'create:false', 'delete:false', 'acl_read:false', 'acl_edit:false', 'replicate:false'],
},
}
aem_user { 'Create user bob and add to administrators group':
ensure => present,
name => 'bob',
path => '/home/users/b',
password => 'somepassword',
group_name => 'administrators',
group_path => '/home/groups/a',
}
aem_user { 'Add user charlie to administrators group':
ensure => added_to_group,
name => 'charlie',
path => '/home/users/c',
group_name => 'administrators',
group_path => '/home/groups/a'
}
aem_user { 'Change user bob password':
ensure => password_changed,
name => 'bob',
path => '/home/users/b',
old_password => 'somepassword',
new_password => 'somenewpassword'
}
aem_user { 'Delete user':
ensure => absent,
name => 'bob',
path => '/home/users/b',
}
aem_user { 'Update replication-service user permission':
ensure => has_permission,
name => 'replication-service',
path => '/home/users/system/',
permission => {
'/etc/replication/agents.author' => ['replicate:false'],
'/etc/replication/agents.publish' => ['replicate:false']
}
}
Other than single AEM resource, this module also provides predefined classes for common AEM provisioning tasks.
Remove default agents on AEM Author:
aem_resources::author_remove_default_agents { 'Remove default author agents':
}
Remove default agents on AEM Publish:
aem_resources::publish_remove_default_agents { 'Remove default publish agents':
}
Set AEM Author Primary configuration:
aem_resources::author_primary_set_config { 'Set author primary config':
aem_home_dir => '/opt/aem/author'
}
Set AEM Author Standby configuration:
aem_resources::author_standby_set_config { 'Set author standby config':
aem_home_dir => '/opt/aem/author',
primary_host => 'somehost',
}
Set AEM Publish configuration:
aem_resources::publish_set_config { 'Set Publish config':
aem_home_dir => '/opt/aem/publish'
}
Create system users (orchestrator, replicator, deployer, exporter, importer):
aem_resources::create_system_users { 'Create system users':
}
Create system users with predefined path and password:
aem_resources::create_system_users { 'Create system users with custom passwords':
aem_system_users => {
deployer => {
name => 'deployer',
path => '/home/users/q',
password => 'customdeployerpassword',
},
exporter => {
name => 'exporter',
path => '/home/users/e',
password => 'customexporterpassword',
},
importer => {
name => 'importer',
path => '/home/users/i',
password => 'customimporterpassword',
},
orchestrator => {
name => 'orchestrator',
path => '/home/users/o',
password => 'customorchestratorpassword',
},
replicator => {
name => 'replicator',
path => '/home/users/r',
password => 'customreplicatorpassword',
}
}
}
Change system users password:
aem_resources::change_system_users_password { 'Change system users password':
aem_system_users => {
deployer => {
name => 'deployer',
path => '/home/users/q',
old_password => 'deployer',
new_password => 'newdeployerpassword',
},
exporter => {
name => 'exporter',
path => '/home/users/e',
old_password => 'exporter',
new_password => 'newexporterpassword',
},
importer => {
name => 'importer',
path => '/home/users/i',
old_password => 'importer',
new_password => 'newimporterpassword',
},
orchestrator => {
name => 'orchestrator',
path => '/home/users/o',
old_password => 'orchestrator',
new_password => 'neworchestratorpassword',
},
replicator => {
name => 'replicator',
path => '/home/users/r',
old_password => 'replicator',
new_password => 'newreplicatorpassword',
}
}
}
Create Puppet AEM Resources' configuration file:
aem_resources::puppet_aem_resources_set_config { 'Set puppet-aem-resources config file for author':
conf_dir => '/tmp/puppet-aem-resources/',
username => 'admin',
password => 'admin',
protocol => 'http',
host => 'localhost',
port => 4502,
timeout => 300,
debug => false,
}
Enable CRXDE:
aem_resources::enable_crxde { 'Enable CRXDE':
run_mode => 'author',
}
Create OSGI Configuration:
Setting the OSGI configuration in the manifest set_osgi_config is done by using the class aem::osgi::config from the puppet-module bstopp/aem.
aem_resources::set_osgi_config {"Author-Primary set OSGI configuration":
aem_home_dir => '/opt/aem/author',
aem_user => 'aem-author',
aem_user_group => 'aem-author',
aem_id => 'author',
osgi_configs => {
'org.apache.jackrabbit.oak.plugins.segment' => {
'org.apache.sling.installer.configuration.persist' => false,
'name' => 'Oak-Tar',
'service.ranking' => 100,
'standby' => false,
'customBlobstore' => true
},
'org.apache.jackrabbit.oak.plugins.segment.standby.store.StandbyStoreService' => {
'org.apache.sling.installer.configuration.persist' => false,
'mode' => 'primary',
'port' => 8023,
'secure' => true,
'interval' => 5
}
}
}
Enable Development bundles:
aem_resources::enable_development_bundles { 'Enable Development bundles':
run_mode => 'author',
}
Disable Development bundles:
aem_resources::disable_development_bundles { 'Disable Development bundles':
run_mode => 'author',
}
Multi AEM Instances
Starting from version 2.0.0, it is possible to use Puppet AEM Resources to provision multiple AEM instances on the same machine.
Let's say you have an AEM author instance at http://localhost:4502 and an AEM publish instance at https://localhost:5433 . Set up the following configuration files:
<puppet-config-dir>/myaemauthor.yaml
---
:username: 'admin'
:password: 'admin'
:protocol: 'http'
:host: 'localhost'
:port: 4502
:timeout: 300
:debug: False
<puppet-config-dir>/myaempublish.yaml
---
:username: 'admin'
:password: 'admin'
:protocol: 'https'
:host: 'localhost'
:port: 5433
:timeout: 300
:debug: False
Then specify aem_id attribute on resource invocation in Puppet manifest:
aem_bundle { 'Stop webdav bundle':
ensure => stopped,
name => 'org.apache.sling.jcr.webdav',
aem_id => 'myaemauthor',
}
aem_bundle { 'Stop webdav bundle':
ensure => stopped,
name => 'org.apache.sling.jcr.webdav',
aem_id => 'myaempublish',
}
The above example will stop webdav bundle on both your AEM author instance and AEM publish instance.
Multi AEM Versions
Some types support multiple AEM versions due to differences how particular features are implemented between those AEM versions.
For example, AEM Author Standby configuration package was org.apache.jackrabbit.oak.plugins.segment in AEM <= 6.2, and it was changed to org.apache.jackrabbit.oak.segment in AEM >= 6.3 .
Starting version 2.1.1, aem_version attribute was added to the corresponding types:
aem_resources::author_standby_set_config { 'Set author standby config':
install_dir => '/opt/aem/crx-quickstart/install',
primary_host => 'somehost',
aem_version => '6.3',
}
Alias
Due to the need to change the state of some resources from within the same manifest, both aem_bundle and aem_user have alias resources named aem_bundle_alias and aem_user_alias .
For example, this allows you to stop and start a bundle from within the same manifest:
aem_bundle { 'Stop webdav bundle': ensure => stopped, name => 'org.apache.sling.jcr.webdav', }
Do other things here
...
aem_bundle_alias { 'Start webdav bundle': ensure => started, name => 'org.apache.sling.jcr.webdav', }
Upgrade
Upgrading to 2.x.x:
-
Replace all class calls to definitions.
From:
class { 'aem_resources::enable_crxde': run_mode => 'author', }
To:
aem_resources::enable_crxde { 'Enable CRXDE': run_mode => 'author', }
Testing
If you run AEM on a non default port 4502, then you need to specify the port number as environment variable:
aem_port=45622 author_port=45622 make test-integration
The aem_port environment variable is used by provisioning steps that use default aem_id. author_port is used by the ones that specify author aem_id.
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
7.11.0 - 2024-07-31
Changed
- Upgrade ruby_aem to 3.17.0
- Update Github Action workflows to
shinesolutions/aem-platform-buildenv:4.0.1
7.10.2 - 2023-08-16
Fixed
- Fixed enable_saml manifest
7.10.1 - 2023-06-07
Fixed
- Fix existence_check? method name
7.10.0 - 2023-06-07
Changed
- Ensure truststore deletion upon creation will only be done when truststore exists
7.9.0 - 2023-06-03
Changed
- Force truststore recreation when creating truststore while one already exists
7.8.0 - 2022-11-28
Changed
- Upgrade ruby_aem to 3.16.0
7.7.0 - 2022-09-06
Changed
- Upgrade ruby_aem to 3.14.0
- Lockdown version of
concurrent-rubyto1.1.9#RS-126
7.6.1 - 2022-08-31
Changed
- Update Github Action Publish Docker image to
shinesolutions/aem-platform-buildenv:3.1.0
7.6.0 - 2022-08-31
Changed
- Upgrade Puppet module
puppet/archiveto6.0.2 - Upgrade Puppet module
puppetlabs/java_ksto4.3.1 - Upgrade Puppet module
puppetlabs/stdlibto8.4.0 - Upgrade Puppet module
bstopp/aemto3.0.0 - Upgrade ruby dependenies in
Gemnfileto most recent versions - Update Gemfile.lock
- Update Github Action Docker image to
shinesolutions/aem-platform-buildenv:3.1.0
Fixed
- Fixed
aem_samldeletionprocess - Fixed
aem_sslintegration test
7.5.0 - 2021-11-22
Added
- Add login page and aem health checks retry parameters to aem_resources::deploy_packages
Changed
- Switch api-release-* GH Actions to use ghcr.io GitHub Registry
- Increase default aem_resources::deploy_packages max retries to 120
7.4.0 - 2021-09-30
Changed
- Upgrade ruby_aem to 3.13.1
7.3.0 - 2021-08-31
Added
- Add enable|disable_development_bundles class [shinesolutions/puppet-aem-curator#207]
- Add publish and release-* GitHub Actions
7.2.3 - 2021-03-29
Added
- Added
forceoption toaem_samlfor enabling SAML #101
7.2.2 - 2021-03-28
Added
- Added
forceoption toaem_sslfor enabling SSL via Granite #99
7.2.1 - 2020-11-27
Changed
- Upgrade puppet to 5.5.22
7.2.0 - 2020-09-27
Changed
- Upgrade ruby_aem to 3.10.0
- Upgrade puppet to 5.5.21
Fixed
- Fixed integration test
7.1.0 - 2020-08-06
Changed
- Upgrade ruby_aem to 3.8.0
- Add aem_ssl type to configure SSL via Granite [shinesolutions/puppet-aem-curator#220]
7.0.1 - 2020-05-13
Fixed
- Fix variable name in
author_primary_set_config,author_standby_set_config&publish_set_config
7.0.0 - 2020-05-12
Added
- Add new manifest to configure AEM Publish component
publish_set_config
Changed
- Refactor
author_primary_set_config&author_standby_set_configmanifests to useaem::configfor setting AEM configurations
Removed
- Removed parameter
crx_quickstart_dirfromauthor_primary_set_config&author_standby_set_configmanifests
6.0.0 - 2020-05-12
Added
- Add new puppet module
bstopp/aem - Add new manifest
set_osgi_configto configure AEM OSGI nodes with the puppet modulebstopp/aem - Add new required parameter
aem_user, aem_user_group, aem_home_dirto manifestauthor_standby_set_config - Add new required parameter
aem_user, aem_user_group, aem_home_dirto manifestauthor_primary_set_config
Changed
- Parameter
crx_quickstart_diris not a required parameter for manifestauthor_standby_set_configanymore - Parameter
crx_quickstart_diris not a required parameter for manifestauthor_primary_set_configanymore - Update manifest
author_standby_set_configto useset_osgi_configfor setting author-standby settings - Update manifest
author_primary_set_configto useset_osgi_configfor setting author-primary settings SegmentNodeStoreService.configdoes not get deleted anymore as part of manifestauthor_primary_set_configshinesolutions/puppet-aem-curator#200- Enable SSL encryption for AEM Author-Standby sync #69
Removed
- Removed template file
StandbyStoreService.config - Removed file
SegmentNodeStoreService.config - Fix author-standby to author-primary promotion error shinesolutions/aem-opencloud-manager#71 shinesolutions/aem-aws-stack-builder#280
5.6.0 - 2020-04-24
Changed
- Refactor
aem_samlmodule to useswaqger_aem_osgiAPI Client for setting SAML configuration - Upgrade ruby_aem to 3.6.0
5.5.0 - 2020-04-05
Removed
- Remove author scene7 replication agent
- Remove author screens flush agent
5.3.0 - 2019-12-14
Fixed
- Fixed test fixtures for testing authentication-service keystore upload
5.2.0 - 2019-12-02
Removed
- Package Deployment's consolidated health check post all packages deployment #75
5.1.0 - 2019-11-26
Changed
- Force the changing of AEM system users' password shinesolutions/puppet-aem-curator#164
- Change Package Deployment process to check AEM health after all packages were deployed #75
- Update default parameters for AEM Health checks to use configurable parameters #76
5.0.0 - 2019-10-16
Added
- Added feature to disable ssl verification for RubyAEM Client
- Enforced translation of boolean parameters in manifest deploy_packages shinesolutions/aem-aws-stack-builder#332
- Added boolean validation in manifest deploy_packages shinesolutions/aem-aws-stack-builder#332
Changed
- Upgrade ruby_aem to 3.4.0 (first version to use swagger_aem_osgi 1.0.0)
Fixed
- Fixed parameter passing for aem_id in
enable_samlmanifest #71
4.1.0 - 2019-07-19
Changed
- Changed default aem_id for enabling saml
- Parameterise dispatcher farm and httpd conf template names #65
Fixed
- Fixed issue with property SAML assertionConsumerServiceUrl
4.0.0 - 2019-06-05
Changed
- Update aem_saml module to support swagger-aem release 3 #63
- Upgrade ruby_aem to 3.2.0
3.10.1 - 2019-05-20
Changed
- Fix frozen literal and safe navigation Rubocop violations
3.10.0 - 2019-04-17
Changed
- Modify run mode on Author Primary and Author Standby set config to handle multiple run modes
- Make package target should run pdk without Gemfile.lock in order to avoid requiring bundler
3.9.0 - 2019-04-01
Changed
- Update RUNMODE replacement to always overwrite the RUNMODE with specified parameter
3.8.0 - 2019-02-15
Added
- Add feature to aem_package to reinstall a existing package in the CRX Package Manager via aem_package reinstalled state
3.7.0 - 2019-02-13
Added
- Add puppet_aem_resources#call_with_readiness_check for wrapping readiness check before making client call
- Add call_with_readiness_check to puppet modules before making client call
Changed
- Package-related calls are now done after Package Manager Servlet status readiness check due to AEM 6.4 noticeable longer readiness
- Pass AEM Username & Password to check if CRX Package Manager is ready while deploying packages
3.6.0 - 2019-02-02
Added
- Add new ensurable aem_package_manager_is_ready for provider aem_aem for checking if AEM Package Manager is ready shinesolutions/aem-aws-stack-builder#214
- Add feature to force the removal of the AEM Global Truststore.
Changed
- Upgrade ruby_aem to 2.5.1
3.5.0 - 2019-01-08
Added
- Add new resource manifests to archive AEM Global Truststore shinesolutions/aem-aws-stack-builder#229
Changed
- Upgrade ruby_aem to 2.4.0
3.4.0 - 2018-12-17
Added
- Add YAML syntax check to lint target
- Introducing ensure flag for installing/uninstalling packages via descriptor file shinesolutions/aem-aws-stack-builder#224
- Add temp SAML-related resource cleanup
Changed
- Upgrade ruby_aem to 2.3.0
3.3.0 - 2018-11-24
Added
- Add feature to manage AEM Truststore
- Add feature to manage AEM Authorizable Keystore
- Add feature to manage Certificates in AEM Truststore
- Add feature to manage SAML Authentication configuration
3.2.1 - 2018-10-18
Changed
- Fix authentication issue in the enable_crxde manifest #44
3.2.0 - 2018-10-04
Added
- Introduce pdk as Puppet module build
Changed
- Fix issue with wait post Deploy package in deploy_packages.pp #41
- Improve readiness check after bundle start within enable CRXDE action #42
- Drop ruby 2.1 and 2.2 support
- Drop Puppet 4 support, add Puppet 6 support
3.1.1 - 2018-08-09
Added
- Add new aem_user_alias type
3.1.0 - 2018-08-02
Added
- Add feature 'absent' for module aem_path
- Add feature to define system users name & path as parameters
Changed
- Improved credentials handling for system users
3.0.1 - 2018-06-24
Changed
- Modify SSL and security config path to work with AEM 6.4
3.0.0 - 2018-06-23
Changed
- Modify enable CRXDE config path to work with AEM 6.4
2.2.5 - 2018-04-24
Added
- Add timeout parameter to AEM config file
2.2.4 - 2018-04-19
Added
- Add packages_listed ensurable to aem_aem type
2.2.3 - 2018-04-04
Added
- Add publish-dispatcher config to deny cache invalidation #29
2.2.2 - 2018-03-27
Changed
- Fix aem_id handling for deploy packages #27
2.2.1 - 2018-03-26
Removed
- Move puppet-aem-resources-generated httpd config to virtual_hosts_dir
2.2.0 - 2018-03-21
Changed
- Rename dispatcher template variables from httpd_conf_dir to apache_conf_dir
2.1.1 - 2018-02-01
Changed
- Fix AEM 6.3 Author Standby provisioning missing config file
2.1.0 - 2018-01-29
Added
- Added Puppet manifest to disable crxde
- Add AEM >= 6.3 support for configuring Author Primary and Author Standby #22
2.0.2 - 2018-01-22
Changed
- Upgrade ruby_aem to 1.4.1 with nokogiri security vulnerability fix
- Increase minimum ruby version requirement to 2.1
Removed
- Remove port 443 listening from sample httpd.conf #21
2.0.1 - 2017-12-07
Changed
- Fix incorrect aem_id source, was definition parameter, now package aem_id field
2.0.0 - 2017-10-31
Added
- Add multi AEM instances support at manifests level by replacing classes with definitions #19
Changed
- Allow custom credential at invocation level by introducing aem_username and aem_password attributes #5
- Change puppet-aem-resources config file mode to 644
1.3.0 - 2017-10-07
Added
- Add multi AEM instances support at custom types level by introducing aem_id attribute #19
- Add aem resource install_status_is_finished ensurable
1.2.0 - 2017-09-25
Changed
- Lock Puppet to version 4.x
- Exclude test and tools config files from module package #16
- Fix undefined method error when package activate is set to true #17
- Post package installation delay is only executed for packages that haven't been installed
- Disable timeout on package installation execution
- Replace librarian-puppet with r10k for integration test dependencies resolution
1.1.1 - 2017-06-02
Changed
- Fix aem.yaml.epp template to handle non-String types
1.1.0 - 2017-06-01
Added
- Add timeout configuration parameter
- Add build status readiness wait to package archive ensurable
Changed
- Modify package archive ensurable to delete all versions of the package to be exported
1.0.0 - 2017-05-18
Added
- Add support for adding parent/member group to an aem_group resource
- Add has_permission ensurable and permission param to aem_user resource #8
0.9.5 - 2017-05-10
Added
- Add enable_crxde class
- Add all_agents_removed ensurable to aem resource #9
0.9.4 - 2017-04-19
Added
- Add aem_health_check_is_ok ensurable to aem_aem type
- Add uninstall to destroy
Changed
- Set author-dispatcher and publish-dispatcher config to always resolve hostname
0.9.3 - 2017-02-24
Added
- Add X-Frame-Options SAMEORIGIN header to dispatcher's Apache httpd config
- Add Apache Sling GET Servlet OSGI config for DoS prevention
- Add administrative URLs blacklist to publish-dispatcher config
- Add Apache Sling Referrer Filter OSGI config for CSRF attacks prevention
- Add publish-dispatcher path and header filters for CSRF attacks prevention
- Add publish-dispatcher allowed_client config for restricting access to flush/activate content
- Add added_to_group ensurable to aem_user type
- Add group_name and group_path params to aem_user type's creation
- Add system users to administrators group
- Add retries_max_tries, retries_base_sleep_seconds, and retries_max_sleep_seconds params to aem_package type, used by package upload and package install
- Add force param to aem_user type's creation, this enforces user to be recreated if it already exists
- Add aem_outbox_replication_agent type
- Add aem_bundle_alias type
- Add class for changing system users password
Changed
- Change deployer system user path to /home/users/q/
0.9.2 - 2017-02-27
Added
- Add package archived ensurable
- Add client opts to override environment variable and config file
Changed
- deploy_packages enforces state present
- Package download debugging no longer attempts to print response body
- Relax stdlib dependency to >= 4.14.0
- Fix aem_user change_password to create client using the details from the user whose password is to be changed
0.9.1 - 2017-02-13
Added
- Add classes for removing default agents on AEM Author and Publish
- Add classes for setting AEM Author Primary and Standby configuration
- Add class for creating system users
- Add classes for setting AEM AuthorDispatcher and PublishDispatcher config
- Add class for setting Puppet AEM Resources module config
- Add AEM login readiness check retries_max_tries, retries_base_sleep_seconds, and retries_max_sleep_seconds params #3
- Add class for deploying multiple packages
Changed
- Fix package not overwriting existing one when force param is set to true #2
0.9.0 - 2017-01-17
Added
- Initial version
Dependencies
- puppet/archive (6.0.2)
- puppetlabs/java_ks (4.3.1)
- puppetlabs/stdlib (8.4.0)
- bstopp/aem (3.0.0)
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2016-2021 Shine Solutions Group
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.