Rework validation of remote metadata for new MPS.

build.xml

@@ -75,30 +75,19 @@
     <property file="default.properties"/>
 
     <!--
-        Accessing the remote system.
-
-        Multiple remote systems are supported, each with its own ssh-accessable
-        location for "push" and its own URL for verification of pushed data.
-    -->
-    <property name="remote.host.1" value="sdssmail.edina.ac.uk"/>
-    <property name="remote.url.1" value="http://sdssmail.edina.ac.uk:82"/>
-    <property name="remote.host.2" value="sdssmail-at.edina.ac.uk"/>
-    <property name="remote.url.2" value="http://sdssmail-at.edina.ac.uk:82"/>
-
-    <!--
-        For times when only one remote host is in use, pre-select it
-        using the following property setting.  Comment this out to allow choice.
-    -->
-    <!--
-    <property name="remote.host" value="${remote.host.1}"/>
+        *********************************************
+        ***                                       ***
+        ***   S E R V E R   P R O P E R T I E S   ***
+        ***                                       ***
+        *********************************************
     -->
 
     <!--
-        Common parts of the file layout for the remote systems.
+        Metadata Distribution Service server properties.
     -->
-    <property name="remote.user" value="sdssweb"/>
-    <property name="remote.dir.sdss" value="ukfedstats"/>
-    <property name="remote.dir.uk" value="metadata"/>
+    <property name="md.dist.host1.name" value="md1.infr.ukfederation.org.uk"/>
+    <property name="md.dist.host2.name" value="md2.infr.ukfederation.org.uk"/>
+    <property name="md.dist.host3.name" value="md3.infr.ukfederation.org.uk"/>
 
     <!--
         Local specialised directories.
@@ -193,125 +182,6 @@
         *************************************************
     -->
 
-    <!--
-        Standard processing: generate, sign, then verify.
-    -->
-    <target name="process" depends="get.keystore.pass, generate, sign, verify, generate.members.cms">
-        <echo>Processing complete.</echo>
-    </target>
-
-    <!--
-        After standard processing, push: get password, push files, verify them.
-    -->
-    <target name="push" depends="select.remote.host, get.remote.pass, push.files, verify.remote.metadata">
-        <echo>Data pushed and verified.</echo>
-    </target>
-
-    <!--
-        *************************************
-        ***                               ***
-        ***   M E T A D A T A   P U S H   ***
-        ***                               ***
-        *************************************
-    -->
-
-    <!--
-        Select the remote host.
-    -->
-    <target name="select.remote.host">
-        <!--
-            User dialog to select remote host.
-        -->
-        <input addproperty="remote.host" validargs="${remote.host.1},${remote.host.2}">
-            Please select the remote host to use:
-        </input>
-
-        <!--
-            Set details for host 1 if selected.
-        -->
-        <condition property="remote.host.1.selected">
-            <equals arg1="${remote.host}" arg2="${remote.host.1}"/>
-        </condition>
-        <condition property="remote.url" value="${remote.url.1}">
-            <isset property="remote.host.1.selected"/>
-        </condition>
-
-        <!--
-            Set details for host 2 if selected.
-        -->
-        <condition property="remote.host.2.selected">
-            <equals arg1="${remote.host}" arg2="${remote.host.2}"/>
-        </condition>
-        <condition property="remote.url" value="${remote.url.2}">
-            <isset property="remote.host.2.selected"/>
-        </condition>
-
-        <!--
-            Set derived properties.
-        -->
-        <property name="remote.loc.sdss" value="${remote.user}@${remote.host}:${remote.dir.sdss}"/>
-        <property name="remote.loc.uk" value="${remote.user}@${remote.host}:${remote.dir.uk}"/>
-
-        <!--
-            Display relevant properties.
-        -->
-        <echoproperties>
-            <propertyset>
-                <propertyref name="remote.host"/>
-                <propertyref name="remote.url"/>
-                <propertyref name="remote.loc.sdss"/>
-                <propertyref name="remote.loc.uk"/>
-            </propertyset>
-        </echoproperties>
-    </target>
-
-    <!--
-        Acquire the remote password.
-    -->
-    <target name="get.remote.pass" unless="remote.pass">
-        <input addproperty="remote.pass">
-            Please enter the password for ${remote.user} on ${remote.host}:
-        </input>
-    </target>
-
-    <!--
-        Push all generated XML files, and entity fragment files, to the remote machine.
-    -->
-    <target name="push.files" depends="select.remote.host, get.remote.pass">
-        <!--
-            Push metadata files to the old SDSS federation location.
-
-            Nowadays, these are not SDSS federation metadata files but other
-            miscellaneous files such as UK federation statistics.
-        -->
-        <echo>Pushing non-metadata files.</echo>
-        <scp failonerror="true" password="${remote.pass}" remoteTodir="${remote.loc.sdss}"
-                knownhosts="${known.hosts}">
-            <fileset dir="${xml.dir}">
-                <include name="members.xml"/>
-                <include name="members-cms.xml"/>
-                <include name="ukfederation-members.xsd"/>
-                <include name="ukfederation-stats.html"/>
-                <include name="${mdaggr.cms.unsigned}"/>
-            </fileset>
-        </scp>
-        <!--
-            Push metadata files for the UK Federation.
-        -->
-        <echo>Pushing UK Federation metadata files.</echo>
-        <scp failonerror="true" password="${remote.pass}" remoteTodir="${remote.loc.uk}"
-                knownhosts="${known.hosts}">
-            <fileset dir="${xml.dir}">
-                <include name="${mdaggr.prod.signed}"/>
-                <include name="${mdaggr.wayf.signed}"/>
-                <include name="${mdaggr.cdsall.signed}"/>
-                <include name="${mdaggr.test.signed}"/>
-                <include name="${mdaggr.back.signed}"/>
-                <include name="${mdaggr.export.signed}"/>
-                <include name="${mdaggr.export.preview.signed}"/>
-            </fileset>
-        </scp>
-    </target>
 
     <!--
         ****************************************************
@@ -333,7 +203,7 @@
         <sequential>
             <echo>Verifying @{i}...</echo>
             <delete file="${xml.dir}/temp.xml" quiet="true" verbose="false"/>
-            <get src="${remote.url}/@{i}" dest="${xml.dir}/temp.xml"/>
+            <get src="@{i}" dest="${xml.dir}/temp.xml"/>
 
             <!--
                 Verify using xmlsectool.
@@ -359,7 +229,7 @@
         <sequential>
             <echo>Verifying @{i}...</echo>
             <delete file="${xml.dir}/temp.xml" quiet="true" verbose="false"/>
-            <get src="${remote.url}/@{i}" dest="${xml.dir}/temp.xml"/>
+            <get src="@{i}" dest="${xml.dir}/temp.xml"/>
 
             <!--
                 Verify using metadatatool.
@@ -381,15 +251,34 @@
     <!--
         Verify metadata files held on the master distribution site.
     -->
-    <target name="verify.remote.metadata" depends="select.remote.host">
-        <echo>Verifying metadata held at ${remote.url}</echo>
-        <VFY.remote.both i="${mdaggr.prod.signed}"/>
-        <VFY.remote.both i="${mdaggr.wayf.signed}"/>
-        <VFY.remote.both i="${mdaggr.cdsall.signed}"/>
-        <VFY.remote.both i="${mdaggr.test.signed}"/>
-        <VFY.remote.both i="${mdaggr.back.signed}"/>
-        <VFY.remote.both i="${mdaggr.export.signed}"/>
-        <VFY.remote.both i="${mdaggr.export.preview.signed}"/>
+    <target name="samlmd.aggregates.verify.remote">
+        <echo>Verifying metadata held at ${md.dist.host1.name}</echo>
+        <VFY.remote.both i="http://${md.dist.host1.name}/${mdaggr.prod.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host1.name}/${mdaggr.wayf.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host1.name}/${mdaggr.cdsall.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host1.name}/${mdaggr.test.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host1.name}/${mdaggr.back.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host1.name}/${mdaggr.export.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host1.name}/${mdaggr.export.preview.signed}"/>
+
+        <echo>Verifying metadata held at ${md.dist.host2.name}</echo>
+        <VFY.remote.both i="http://${md.dist.host2.name}/${mdaggr.prod.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host2.name}/${mdaggr.wayf.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host2.name}/${mdaggr.cdsall.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host2.name}/${mdaggr.test.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host2.name}/${mdaggr.back.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host2.name}/${mdaggr.export.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host2.name}/${mdaggr.export.preview.signed}"/>
+
+        <echo>Verifying metadata held at ${md.dist.host3.name}</echo>
+        <VFY.remote.both i="http://${md.dist.host3.name}/${mdaggr.prod.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host3.name}/${mdaggr.wayf.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host3.name}/${mdaggr.cdsall.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host3.name}/${mdaggr.test.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host3.name}/${mdaggr.back.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host3.name}/${mdaggr.export.signed}"/>
+        <VFY.remote.both i="http://${md.dist.host3.name}/${mdaggr.export.preview.signed}"/>
+
         <echo>Verification completed.</echo>
     </target>