Merge branch 'introspector-fix-cie-securemode-3.4' into 'release/3.4'

rjeberhard · rjeberhard · commit a0fbef0eb112 · 2024-01-10T16:41:51.000Z
Fix secure mode detection in introspector 3.4

See merge request weblogic-cloud/weblogic-kubernetes-operator!4535
diff --git a/operator/src/main/resources/scripts/introspectDomain.py b/operator/src/main/resources/scripts/introspectDomain.py
@@ -2028,11 +2028,25 @@ def getRealListenPort(template):
 
 # Derive the default value for SecureMode of a domain
 def isSecureModeEnabledForDomain(domain):
-  secureModeEnabled = false
-  if domain.getSecurityConfiguration().getSecureMode() != None:
-    secureModeEnabled = domain.getSecurityConfiguration().getSecureMode().isSecureModeEnabled()
+  secureModeEnabled = False
+
+  # Do not use domain.getSecurityConfiguration().getSecureMode()
+  # it will result in cie error in MII domain created by ServerStartMode: secure
+  # switched to use lsa() to avoid cie not exposing the function
+
+  cd('/SecurityConfiguration/' + domain.getName())
+  childs = ls(returnType='c', returnMap='true')
+  if 'SecureMode' in childs:
+    cd('SecureMode')
+    child_objs = ls(returnMap='true', returnType='c')
+    if not child_objs.isEmpty():
+      cd(child_objs[0])
+      attributes = ls(returnType='a', returnMap='true')
+      if attributes['SecureModeEnabled']:
+        secureModeEnabled = True
   else:
     secureModeEnabled = domain.isProductionModeEnabled() and not LegalHelper.versionEarlierThan(domain.getDomainVersion(), "14.1.2.0")
+
   return secureModeEnabled
 
 def isAdministrationPortEnabledForDomain(domain):
