Search in sources :

Example 1 with ToolSecurityPolicyCheck

use of com.epam.pipeline.manager.docker.scan.ToolSecurityPolicyCheck in project cloud-pipeline by epam.

the class PipelineRunManager method runCmd.

/**
 * Launches cmd command execution, uses Tool as ACL identity
 * @param runVO
 * @return
 */
@ToolSecurityPolicyCheck
public PipelineRun runCmd(PipelineStart runVO) {
    Assert.notNull(runVO.getInstanceType(), messageHelper.getMessage(MessageConstants.SETTING_IS_NOT_PROVIDED, "instance_type"));
    Assert.notNull(runVO.getHddSize(), messageHelper.getMessage(MessageConstants.SETTING_IS_NOT_PROVIDED, "instance_disk"));
    int maxRunsNumber = preferenceManager.getPreference(SystemPreferences.LAUNCH_MAX_SCHEDULED_NUMBER);
    LOGGER.debug("Allowed runs count - {}, actual - {}", maxRunsNumber, getNodeCount(runVO.getNodeCount(), 1));
    Assert.isTrue(getNodeCount(runVO.getNodeCount(), 1) < maxRunsNumber, messageHelper.getMessage(MessageConstants.ERROR_EXCEED_MAX_RUNS_COUNT, maxRunsNumber, getNodeCount(runVO.getNodeCount(), 1)));
    Tool tool = toolManager.loadByNameOrId(runVO.getDockerImage());
    PipelineConfiguration configuration = configurationManager.getPipelineConfiguration(runVO, tool);
    boolean clusterRun = configurationManager.initClusterConfiguration(configuration, true);
    PipelineRun run = launchPipeline(configuration, null, null, runVO.getInstanceType(), runVO.getParentNodeId(), runVO.getConfigurationName(), null, runVO.getParentRunId(), null, null, runVO.getRunSids());
    run.setParent(tool);
    run.setAclClass(AclClass.TOOL);
    if (clusterRun) {
        runClusterWorkers(run, runVO, null, null, configuration);
    }
    return run;
}
Also used : PipelineRun(com.epam.pipeline.entity.pipeline.PipelineRun) PipelineConfiguration(com.epam.pipeline.entity.configuration.PipelineConfiguration) Tool(com.epam.pipeline.entity.pipeline.Tool) ToolSecurityPolicyCheck(com.epam.pipeline.manager.docker.scan.ToolSecurityPolicyCheck)

Example 2 with ToolSecurityPolicyCheck

use of com.epam.pipeline.manager.docker.scan.ToolSecurityPolicyCheck in project cloud-pipeline by epam.

the class PipelineRunManager method runPipeline.

/**
 * Runs specified pipeline version, uses Pipeline as ACL identity
 *
 * @param runVO
 * @return
 */
@ToolSecurityPolicyCheck
public PipelineRun runPipeline(PipelineStart runVO) {
    Long pipelineId = runVO.getPipelineId();
    String version = runVO.getVersion();
    int maxRunsNumber = preferenceManager.getPreference(SystemPreferences.LAUNCH_MAX_SCHEDULED_NUMBER);
    LOGGER.debug("Allowed runs count - {}, actual - {}", maxRunsNumber, getNodeCount(runVO.getNodeCount(), 1));
    Assert.isTrue(getNodeCount(runVO.getNodeCount(), 1) < maxRunsNumber, messageHelper.getMessage(MessageConstants.ERROR_EXCEED_MAX_RUNS_COUNT, maxRunsNumber, getNodeCount(runVO.getNodeCount(), 1)));
    Pipeline pipeline = pipelineManager.load(pipelineId);
    PipelineConfiguration configuration = configurationManager.getPipelineConfiguration(runVO);
    boolean isClusterRun = configurationManager.initClusterConfiguration(configuration, true);
    // check that tool execution is allowed
    toolApiService.loadToolForExecution(configuration.getDockerImage());
    PipelineRun run = launchPipeline(configuration, pipeline, version, runVO.getInstanceType(), runVO.getParentNodeId(), runVO.getConfigurationName(), null, runVO.getParentRunId(), null, null, runVO.getRunSids());
    run.setParent(pipeline);
    if (isClusterRun) {
        runClusterWorkers(run, runVO, version, pipeline, configuration);
    }
    return run;
}
Also used : PipelineRun(com.epam.pipeline.entity.pipeline.PipelineRun) PipelineConfiguration(com.epam.pipeline.entity.configuration.PipelineConfiguration) Pipeline(com.epam.pipeline.entity.pipeline.Pipeline) ToolSecurityPolicyCheck(com.epam.pipeline.manager.docker.scan.ToolSecurityPolicyCheck)

Example 3 with ToolSecurityPolicyCheck

use of com.epam.pipeline.manager.docker.scan.ToolSecurityPolicyCheck in project cloud-pipeline by epam.

the class PipelineRunManager method runPod.

/**
 * Creates a new pod with a given run_id, doesn't create a new pipeline run
 * @param runVO
 * @return
 */
// TODO: refactoring
@ToolSecurityPolicyCheck
@Transactional(propagation = Propagation.REQUIRED)
public PipelineRun runPod(PipelineStart runVO) {
    Assert.notNull(runVO.getCmdTemplate(), messageHelper.getMessage(MessageConstants.SETTING_IS_NOT_PROVIDED, "cmd_template"));
    PipelineRun parentRun = loadPipelineRun(runVO.getUseRunId());
    Assert.state(parentRun.getStatus() == TaskStatus.RUNNING, messageHelper.getMessage(MessageConstants.ERROR_PIPELINE_RUN_NOT_RUNNING, runVO.getUseRunId()));
    PipelineConfiguration configuration = configurationManager.getPipelineConfiguration(runVO);
    Tool tool = getToolForRun(configuration);
    configuration.setSecretName(tool.getSecretName());
    List<String> endpoints = tool.getEndpoints();
    PipelineRun run = new PipelineRun();
    run.setInstance(parentRun.getInstance());
    run.setId(runVO.getUseRunId());
    run.setStartDate(DateUtils.now());
    run.setStatus(TaskStatus.RUNNING);
    run.setPipelineName(DEFAULT_PIPELINE_NAME);
    run.setPodId(getRootPodIDFromTool(tool.getImage(), run.getId()));
    run.setDockerImage(configuration.getDockerImage());
    run.setCmdTemplate(determinateCmdTemplateForRun(configuration));
    run.setTimeout(runVO.getTimeout());
    run.setCommitStatus(CommitStatus.NOT_COMMITTED);
    run.setLastChangeCommitTime(DateUtils.now());
    run.setRunSids(runVO.getRunSids());
    run.setOwner(parentRun.getOwner());
    String launchedCommand = pipelineLauncher.launch(run, configuration, endpoints, runVO.getUseRunId().toString(), false, parentRun.getPodId(), null);
    run.setActualCmd(launchedCommand);
    return run;
}
Also used : PipelineRun(com.epam.pipeline.entity.pipeline.PipelineRun) PipelineConfiguration(com.epam.pipeline.entity.configuration.PipelineConfiguration) Tool(com.epam.pipeline.entity.pipeline.Tool) ToolSecurityPolicyCheck(com.epam.pipeline.manager.docker.scan.ToolSecurityPolicyCheck) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

PipelineConfiguration (com.epam.pipeline.entity.configuration.PipelineConfiguration)3 PipelineRun (com.epam.pipeline.entity.pipeline.PipelineRun)3 ToolSecurityPolicyCheck (com.epam.pipeline.manager.docker.scan.ToolSecurityPolicyCheck)3 Tool (com.epam.pipeline.entity.pipeline.Tool)2 Pipeline (com.epam.pipeline.entity.pipeline.Pipeline)1 Transactional (org.springframework.transaction.annotation.Transactional)1