use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.
the class AzureDockerHostUpdateLoginPanel method doValidate.
public ValidationInfo doValidate(boolean shakeOnError) {
// User name
String vmUsername = dockerHostUsernameTextField.getText();
if (vmUsername == null || vmUsername.isEmpty() || (dockerHostSecondPwdField.isVisible() && !AzureDockerValidationUtils.validateDockerHostUserName(vmUsername))) {
ValidationInfo info = AzureDockerUIResources.validateComponent("Missing username", mainPanel, dockerHostUsernameTextField, dockerHostUsernameLabel);
if (shakeOnError) {
DialogShaker(info);
}
return info;
}
editableHost.updatedDockerHost.certVault.vmUsername = vmUsername;
// Password login
String vmPwd1 = new String(dockerHostFirstPwdField.getPassword());
String vmPwd2 = new String(dockerHostSecondPwdField.getPassword());
if (((dockerHostKeepSshRadioButton.isSelected() && editableHost.originalDockerHost.hasSSHLogIn) || dockerHostFirstPwdField.getPassword().length > 0 || dockerHostSecondPwdField.getPassword().length > 0) && (vmPwd1.isEmpty() || vmPwd2.isEmpty() || !vmPwd1.equals(vmPwd2) || (dockerHostSecondPwdField.isVisible() && !AzureDockerValidationUtils.validateDockerHostPassword(vmPwd1)))) {
ValidationInfo info = AzureDockerUIResources.validateComponent("Incorrect password", mainPanel, dockerHostFirstPwdField, dockerHostFirstPwdLabel);
if (shakeOnError) {
DialogShaker(info);
}
return info;
}
if (dockerHostFirstPwdField.getPassword().length > 0) {
editableHost.updatedDockerHost.certVault.vmPwd = new String(dockerHostFirstPwdField.getPassword());
editableHost.updatedDockerHost.hasPwdLogIn = true;
} else {
editableHost.updatedDockerHost.certVault.vmPwd = null;
editableHost.updatedDockerHost.hasPwdLogIn = false;
}
// Keep current SSH keys
if (dockerHostKeepSshRadioButton.isSelected() && editableHost.originalDockerHost.hasSSHLogIn) {
AzureDockerCertVaultOps.copyVaultSshKeys(editableHost.updatedDockerHost.certVault, editableHost.originalDockerHost.certVault);
editableHost.updatedDockerHost.hasSSHLogIn = editableHost.originalDockerHost.hasSSHLogIn;
}
// SSH key auto generated
if (dockerHostAutoSshRadioButton.isSelected()) {
AzureDockerCertVault certVault = AzureDockerCertVaultOps.generateSSHKeys(null, "SSH keys for " + editableHost.updatedDockerHost.name);
AzureDockerCertVaultOps.copyVaultSshKeys(editableHost.updatedDockerHost.certVault, certVault);
editableHost.updatedDockerHost.hasSSHLogIn = true;
}
// SSH key imported from local file directory
if (dockerHostImportSshRadioButton.isSelected()) {
if (dockerHostImportSSHBrowseTextField.getText() == null || dockerHostImportSSHBrowseTextField.getText().isEmpty() || !AzureDockerValidationUtils.validateDockerHostSshDirectory(dockerHostImportSSHBrowseTextField.getText())) {
ValidationInfo info = AzureDockerUIResources.validateComponent("SSH key files were not found in the selected directory", mainPanel, dockerHostImportSSHBrowseTextField, dockerHostImportSSHBrowseLabel);
if (shakeOnError) {
DialogShaker(info);
}
return info;
} else {
AzureDockerCertVault certVault = AzureDockerCertVaultOps.getSSHKeysFromLocalFile(dockerHostImportSSHBrowseTextField.getText());
AzureDockerCertVaultOps.copyVaultSshKeys(editableHost.updatedDockerHost.certVault, certVault);
editableHost.updatedDockerHost.hasSSHLogIn = true;
}
}
return null;
}
use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.
the class AzureNewDockerLoginPage method doValidate.
public boolean doValidate() {
if (dockerHostImportKeyvaultCredsRadioButton.getSelection()) {
// read key vault secrets and set the credentials for the new host
AzureDockerCertVault certVault = null;
if (dockerHostImportKeyvaultComboBox.getItemCount() > 0) {
certVault = (AzureDockerCertVault) dockerHostImportKeyvaultComboBox.getData(dockerHostImportKeyvaultComboBox.getText());
}
if (certVault == null) {
errDispatcher.addMessage("dockerHostImportKeyvaultComboBox", AzureDockerValidationUtils.getDockerHostKeyvaultNameTip(), null, IMessageProvider.ERROR, dockerHostImportKeyvaultComboBox);
setErrorMessage("No Key Vault found");
return false;
} else {
errDispatcher.removeMessage("dockerHostImportKeyvaultComboBox", dockerHostImportKeyvaultComboBox);
setErrorMessage(null);
newHost.certVault.name = certVault.name;
newHost.certVault.resourceGroupName = certVault.resourceGroupName;
newHost.certVault.region = certVault.region;
newHost.certVault.uri = certVault.uri;
AzureDockerCertVaultOps.copyVaultLoginCreds(newHost.certVault, certVault);
AzureDockerCertVaultOps.copyVaultSshKeys(newHost.certVault, certVault);
AzureDockerCertVaultOps.copyVaultTlsCerts(newHost.certVault, certVault);
// create a weak link (resource tag) between the virtual machine and
// the key vault
// we will not create/update the key vault unless the user checks
// the specific option
newHost.certVault.hostName = null;
newHost.hasKeyVault = true;
}
} else {
// reset key vault info
newHost.hasKeyVault = false;
newHost.certVault.name = null;
newHost.certVault.uri = null;
// User name
String vmUsername = dockerHostUsernameTextField.getText();
if (vmUsername == null || vmUsername.isEmpty() || !AzureDockerValidationUtils.validateDockerHostUserName(vmUsername)) {
errDispatcher.addMessage("dockerHostUsernameTextField", AzureDockerValidationUtils.getDockerHostUserNameTip(), null, IMessageProvider.ERROR, dockerHostUsernameTextField);
setErrorMessage("Invalid user name");
credsTabfolder.setSelection(0);
return false;
} else {
errDispatcher.removeMessage("dockerHostUsernameTextField", dockerHostUsernameTextField);
setErrorMessage(null);
newHost.certVault.vmUsername = vmUsername;
}
// Password login
String vmPwd1 = dockerHostFirstPwdField.getText();
String vmPwd2 = dockerHostSecondPwdField.getText();
if ((dockerHostNoSshRadioButton.getSelection() || (vmPwd1 != null && !vmPwd1.isEmpty()) || (vmPwd2 != null && !vmPwd2.isEmpty())) && (vmPwd1.isEmpty() || vmPwd2.isEmpty() || !vmPwd1.equals(vmPwd2) || !AzureDockerValidationUtils.validateDockerHostPassword(vmPwd1))) {
errDispatcher.addMessage("dockerHostFirstPwdField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostFirstPwdField);
setErrorMessage("Invalid password");
credsTabfolder.setSelection(0);
return false;
} else {
errDispatcher.removeMessage("dockerHostFirstPwdField", dockerHostFirstPwdField);
errDispatcher.removeMessage("dockerHostSecondPwdField", dockerHostSecondPwdField);
setErrorMessage(null);
if (vmPwd1 == null || vmPwd1.isEmpty()) {
newHost.certVault.vmPwd = null;
newHost.hasPwdLogIn = false;
} else {
newHost.certVault.vmPwd = vmPwd1;
newHost.hasPwdLogIn = true;
}
}
if (dockerHostNoSshRadioButton.getSelection()) {
newHost.hasSSHLogIn = false;
newHost.certVault.sshKey = null;
newHost.certVault.sshPubKey = null;
}
// SSH key auto generated
if (dockerHostAutoSshRadioButton.getSelection()) {
AzureDockerCertVault certVault = AzureDockerCertVaultOps.generateSSHKeys(null, "SSH keys for " + newHost.name);
AzureDockerCertVaultOps.copyVaultSshKeys(newHost.certVault, certVault);
newHost.hasSSHLogIn = true;
}
// SSH key imported from local file directory
if (dockerHostImportSshRadioButton.getSelection()) {
String sshPath = dockerHostImportSSHTextField.getText();
if (sshPath == null || sshPath.isEmpty() || !AzureDockerValidationUtils.validateDockerHostSshDirectory(sshPath)) {
errDispatcher.addMessage("dockerHostImportSSHTextField", AzureDockerValidationUtils.getDockerHostSshDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportSSHTextField);
setErrorMessage("SSH key files not found in the specified directory");
credsTabfolder.setSelection(0);
return false;
} else {
try {
AzureDockerCertVault certVault = AzureDockerCertVaultOps.getSSHKeysFromLocalFile(sshPath);
AzureDockerCertVaultOps.copyVaultSshKeys(newHost.certVault, certVault);
newHost.hasSSHLogIn = true;
} catch (Exception e) {
errDispatcher.addMessage("dockerHostImportSSHTextField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostImportSSHTextField);
setErrorMessage("Unexpected error reading SSH key files from specified directory: " + e.getMessage());
return false;
}
errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
setErrorMessage(null);
}
}
// No Docker daemon security
if (dockerHostNoTlsRadioButton.getSelection()) {
newHost.isTLSSecured = false;
}
// TLS certs auto generated
if (dockerHostAutoTlsRadioButton.getSelection()) {
errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
setErrorMessage(null);
AzureDockerCertVault certVault = AzureDockerCertVaultOps.generateTLSCerts("TLS certs for " + newHost.name);
AzureDockerCertVaultOps.copyVaultTlsCerts(newHost.certVault, certVault);
newHost.isTLSSecured = true;
}
// TLS certs imported from local file directory
if (dockerHostImportTlsRadioButton.getSelection()) {
String tlsPath = dockerHostImportTLSTextField.getText();
if (tlsPath == null || tlsPath.isEmpty() || !AzureDockerValidationUtils.validateDockerHostTlsDirectory(tlsPath)) {
errDispatcher.addMessage("dockerHostImportTLSTextField", AzureDockerValidationUtils.getDockerHostTlsDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportTLSTextField);
setErrorMessage("TLS certificate files not found in the specified directory");
credsTabfolder.setSelection(1);
return false;
} else {
errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
setErrorMessage(null);
AzureDockerCertVault certVault = AzureDockerCertVaultOps.getTLSCertsFromLocalFile(tlsPath);
AzureDockerCertVaultOps.copyVaultTlsCerts(newHost.certVault, certVault);
newHost.isTLSSecured = true;
}
}
}
// Docker daemon port settings
String port = dockerDaemonPortTextField.getText();
if (port == null || port.isEmpty() || !AzureDockerValidationUtils.validateDockerHostPort(port)) {
errDispatcher.addMessage("dockerDaemonPortTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerDaemonPortTextField);
setErrorMessage("Invalid Docker daemon port setting");
credsTabfolder.setSelection(1);
return false;
} else {
errDispatcher.removeMessage("dockerDaemonPortTextField", dockerDaemonPortTextField);
setErrorMessage(null);
newHost.port = dockerDaemonPortTextField.getText();
}
// create new key vault for storing the credentials
if (dockerHostSaveCredsCheckBox.getSelection()) {
String newKeyvault = dockerHostNewKeyvaultTextField.getText();
if (newKeyvault == null || newKeyvault.isEmpty() || !AzureDockerValidationUtils.validateDockerHostKeyvaultName(newKeyvault, dockerManager, true)) {
errDispatcher.addMessage("dockerHostNewKeyvaultTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerHostNewKeyvaultTextField);
setErrorMessage("Invalid Key Vault name");
return false;
} else {
errDispatcher.removeMessage("dockerHostNewKeyvaultTextField", dockerHostNewKeyvaultTextField);
setErrorMessage(null);
newHost.hasKeyVault = true;
newHost.certVault.name = dockerHostNewKeyvaultTextField.getText();
newHost.certVault.hostName = (newHost.name != null) ? newHost.name : null;
newHost.certVault.region = (newHost.hostVM.region != null) ? newHost.hostVM.region : null;
newHost.certVault.resourceGroupName = (newHost.hostVM.resourceGroupName != null) ? newHost.hostVM.resourceGroupName : null;
newHost.certVault.uri = (newHost.hostVM.region != null && newHost.hostVM.resourceGroupName != null) ? "https://" + newHost.certVault.name + ".vault.azure.net" : null;
}
} else {
errDispatcher.removeMessage("dockerHostNewKeyvaultTextField", dockerHostNewKeyvaultTextField);
setErrorMessage(null);
newHost.certVault.hostName = null;
}
return true;
}
use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.
the class AzureNewDockerLoginPage method initUIMainContainer.
private void initUIMainContainer(Composite mainContainer) {
dockerHostImportKeyvaultCredsRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostImportKeyvaultComboBox.setEnabled(true);
dockerHostUsernameTextField.setEnabled(false);
dockerHostFirstPwdField.setEnabled(false);
dockerHostSecondPwdField.setEnabled(false);
dockerHostNoSshRadioButton.setEnabled(false);
dockerHostAutoSshRadioButton.setEnabled(false);
dockerHostImportSshRadioButton.setEnabled(false);
dockerHostImportSSHTextField.setEnabled(false);
dockerHostImportSSHBrowseButton.setEnabled(false);
dockerHostNoTlsRadioButton.setEnabled(false);
dockerHostAutoTlsRadioButton.setEnabled(false);
dockerHostImportTlsRadioButton.setEnabled(false);
dockerHostImportTLSTextField.setEnabled(false);
dockerHostImportTLSBrowseButton.setEnabled(false);
setErrorMessage(null);
setPageComplete(doValidate());
}
});
dockerHostImportKeyvaultComboBox.setEnabled(false);
for (AzureDockerCertVault certVault : dockerManager.getDockerKeyVaults()) {
dockerHostImportKeyvaultComboBox.add(certVault.name);
dockerHostImportKeyvaultComboBox.setData(certVault.name, certVault);
}
if (dockerManager.getDockerKeyVaults().size() > 0) {
dockerHostImportKeyvaultComboBox.select(0);
}
dockerHostImportKeyvaultComboBox.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
setPageComplete(doValidate());
}
});
dockerHostNewCredsRadioButton.setSelection(true);
dockerHostNewCredsRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostImportKeyvaultComboBox.setEnabled(false);
dockerHostUsernameTextField.setEnabled(true);
dockerHostFirstPwdField.setEnabled(true);
dockerHostSecondPwdField.setEnabled(true);
dockerHostNoSshRadioButton.setEnabled(true);
dockerHostAutoSshRadioButton.setEnabled(true);
dockerHostImportSshRadioButton.setEnabled(true);
if (dockerHostImportSshRadioButton.getSelection()) {
dockerHostImportSSHTextField.setEnabled(true);
dockerHostImportSSHBrowseButton.setEnabled(true);
}
dockerDaemonPortTextField.setEnabled(true);
dockerHostNoTlsRadioButton.setEnabled(true);
dockerHostAutoTlsRadioButton.setEnabled(true);
dockerHostImportTlsRadioButton.setEnabled(true);
if (dockerHostImportTlsRadioButton.getSelection()) {
dockerHostImportTLSTextField.setEnabled(true);
dockerHostImportTLSBrowseButton.setEnabled(true);
}
setErrorMessage(null);
setPageComplete(doValidate());
}
});
dockerHostUsernameTextField.setText(newHost.certVault.vmUsername);
dockerHostUsernameTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostUserNameTip());
dockerHostUsernameTextField.addModifyListener(new ModifyListener() {
@Override
public void modifyText(ModifyEvent event) {
if (AzureDockerValidationUtils.validateDockerHostUserName(((Text) event.getSource()).getText())) {
errDispatcher.removeMessage("dockerHostUsernameTextField", dockerHostUsernameTextField);
setErrorMessage(null);
setPageComplete(doValidate());
} else {
errDispatcher.addMessage("dockerHostUsernameTextField", AzureDockerValidationUtils.getDockerHostUserNameTip(), null, IMessageProvider.ERROR, dockerHostUsernameTextField);
setErrorMessage("Invalid user name");
setPageComplete(false);
}
}
});
dockerHostFirstPwdField.setToolTipText(AzureDockerValidationUtils.getDockerHostPasswordTip());
dockerHostFirstPwdField.addModifyListener(new ModifyListener() {
@Override
public void modifyText(ModifyEvent event) {
String text = ((Text) event.getSource()).getText();
if (text == null || text.isEmpty() || AzureDockerValidationUtils.validateDockerHostPassword(text)) {
errDispatcher.removeMessage("dockerHostFirstPwdField", dockerHostFirstPwdField);
setErrorMessage(null);
setPageComplete(doValidate());
} else {
errDispatcher.addMessage("dockerHostFirstPwdField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostFirstPwdField);
setErrorMessage("Invalid password");
setPageComplete(false);
}
}
});
dockerHostSecondPwdField.setToolTipText(AzureDockerValidationUtils.getDockerHostPasswordTip());
dockerHostSecondPwdField.addModifyListener(new ModifyListener() {
@Override
public void modifyText(ModifyEvent event) {
String pwd1 = dockerHostFirstPwdField.getText();
String pwd2 = ((Text) event.getSource()).getText();
if ((pwd1 == null && pwd2 == null) || pwd2.equals(pwd1)) {
errDispatcher.removeMessage("dockerHostFirstPwdField", dockerHostFirstPwdField);
errDispatcher.removeMessage("dockerHostSecondPwdField", dockerHostSecondPwdField);
setErrorMessage(null);
setPageComplete(doValidate());
} else {
errDispatcher.addMessage("dockerHostSecondPwdField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostSecondPwdField);
setErrorMessage("Invalid confirmation password");
setPageComplete(false);
}
}
});
dockerHostNoSshRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostPwdLabel.setText("(Required)");
dockerHostImportSSHTextField.setEnabled(false);
dockerHostImportSSHBrowseButton.setEnabled(false);
errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
setErrorMessage(null);
setPageComplete(doValidate());
}
});
dockerHostAutoSshRadioButton.setSelection(true);
dockerHostAutoSshRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostPwdLabel.setText("(Optional)");
dockerHostImportSSHTextField.setEnabled(false);
dockerHostImportSSHBrowseButton.setEnabled(false);
errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
setErrorMessage(null);
setPageComplete(doValidate());
}
});
dockerHostImportSshRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostPwdLabel.setText("(Optional)");
dockerHostImportSSHTextField.setEnabled(true);
dockerHostImportSSHBrowseButton.setEnabled(true);
setPageComplete(doValidate());
}
});
dockerHostImportSSHTextField.setEnabled(false);
dockerHostImportSSHTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostSshDirectoryTip());
dockerHostImportSSHTextField.addModifyListener(new ModifyListener() {
@Override
public void modifyText(ModifyEvent event) {
if (AzureDockerValidationUtils.validateDockerHostSshDirectory(((Text) event.getSource()).getText())) {
errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
setErrorMessage(null);
setPageComplete(doValidate());
} else {
errDispatcher.addMessage("dockerHostImportSSHTextField", AzureDockerValidationUtils.getDockerHostSshDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportSSHTextField);
setErrorMessage("SSH key files not found in the specified directory");
setPageComplete(false);
}
}
});
dockerHostImportSSHBrowseButton.setEnabled(false);
dockerHostImportSSHBrowseButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
DirectoryDialog directoryDialog = new DirectoryDialog(dockerHostImportSSHBrowseButton.getShell());
directoryDialog.setText("Select SSH Keys Directory");
directoryDialog.setFilterPath(System.getProperty("user.home"));
String path = directoryDialog.open();
if (path == null) {
return;
}
dockerHostImportSSHTextField.setText(path);
setPageComplete(doValidate());
}
});
dockerDaemonPortTextField.setText(newHost.port);
dockerDaemonPortTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostPortTip());
dockerDaemonPortTextField.addModifyListener(new ModifyListener() {
@Override
public void modifyText(ModifyEvent event) {
if (AzureDockerValidationUtils.validateDockerHostPort(((Text) event.getSource()).getText())) {
errDispatcher.removeMessage("dockerDaemonPortTextField", dockerDaemonPortTextField);
setErrorMessage(null);
setPageComplete(doValidate());
} else {
errDispatcher.addMessage("dockerDaemonPortTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerDaemonPortTextField);
setErrorMessage("Invalid Docker daemon port setting");
setPageComplete(false);
}
}
});
dockerHostNoTlsRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostImportTLSTextField.setEnabled(false);
dockerHostImportTLSBrowseButton.setEnabled(false);
errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
setErrorMessage(null);
setPageComplete(doValidate());
}
});
dockerHostAutoTlsRadioButton.setSelection(true);
dockerHostAutoTlsRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostImportTLSTextField.setEnabled(false);
dockerHostImportTLSBrowseButton.setEnabled(false);
errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
setErrorMessage(null);
setPageComplete(doValidate());
}
});
dockerHostImportTlsRadioButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostImportTLSTextField.setEnabled(true);
dockerHostImportTLSBrowseButton.setEnabled(true);
setPageComplete(doValidate());
}
});
dockerHostImportTLSTextField.setEnabled(false);
dockerHostImportTLSTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostTlsDirectoryTip());
dockerHostImportTLSTextField.addModifyListener(new ModifyListener() {
@Override
public void modifyText(ModifyEvent event) {
if (AzureDockerValidationUtils.validateDockerHostTlsDirectory(((Text) event.getSource()).getText())) {
errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
setErrorMessage(null);
setPageComplete(doValidate());
} else {
errDispatcher.addMessage("dockerHostImportTLSTextField", AzureDockerValidationUtils.getDockerHostTlsDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportTLSTextField);
setErrorMessage("TLS certificate files not found in the specified directory");
setPageComplete(false);
}
}
});
dockerHostImportTLSBrowseButton.setEnabled(false);
dockerHostImportTLSBrowseButton.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
DirectoryDialog directoryDialog = new DirectoryDialog(dockerHostImportTLSBrowseButton.getShell());
directoryDialog.setText("Select TLS Certificate Directory");
directoryDialog.setFilterPath(System.getProperty("user.home"));
String path = directoryDialog.open();
if (path == null) {
return;
}
dockerHostImportTLSTextField.setText(path);
setPageComplete(doValidate());
}
});
dockerHostSaveCredsCheckBox.setSelection(true);
dockerHostSaveCredsCheckBox.addSelectionListener(new SelectionAdapter() {
@Override
public void widgetSelected(SelectionEvent e) {
dockerHostNewKeyvaultTextField.setEnabled(dockerHostSaveCredsCheckBox.getSelection());
setPageComplete(doValidate());
}
});
dockerHostNewKeyvaultTextField.setText(newHost.certVault.name);
dockerHostNewKeyvaultTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostKeyvaultNameTip());
dockerHostNewKeyvaultTextField.addModifyListener(new ModifyListener() {
@Override
public void modifyText(ModifyEvent event) {
if (AzureDockerValidationUtils.validateDockerHostKeyvaultName(((Text) event.getSource()).getText(), dockerManager, false)) {
errDispatcher.removeMessage("dockerHostNewKeyvaultTextField", dockerHostNewKeyvaultTextField);
setErrorMessage(null);
setPageComplete(doValidate());
} else {
errDispatcher.addMessage("dockerHostNewKeyvaultTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerHostNewKeyvaultTextField);
setErrorMessage("Invalid key vault name");
setPageComplete(false);
}
}
});
}
use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.
the class AzureDockerCertVaultOps method createOrUpdateVault.
public static void createOrUpdateVault(Azure azureClient, AzureDockerCertVault certVault, KeyVaultClient keyVaultClient) throws AzureDockerException {
if (azureClient == null || keyVaultClient == null || certVault == null || certVault.name == null || certVault.hostName == null || certVault.resourceGroupName == null || certVault.region == null || (certVault.servicePrincipalId == null && certVault.userId == null)) {
throw new AzureDockerException("Unexpected argument values; azureClient, vault name, hostName, resourceGroupName, region and userName/servicePrincipalId cannot be null");
}
try {
Vault vault = null;
try {
if (certVault.id != null) {
vault = azureClient.vaults().getById(certVault.id);
} else {
for (ResourceGroup group : azureClient.resourceGroups().list()) {
for (Vault vaultItem : azureClient.vaults().listByResourceGroup(group.name())) {
if (vaultItem.name().equals(certVault.name)) {
vault = vaultItem;
break;
}
}
if (vault != null)
break;
}
}
} catch (CloudException e) {
if (e.body().code().equals("ResourceNotFound") || e.body().code().equals("ResourceGroupNotFound")) {
// Vault does no exist
vault = null;
} else {
throw e;
}
}
if (vault == null) {
// Vault does not exist so this is the create op
Vault.DefinitionStages.WithGroup withGroup = azureClient.vaults().define(certVault.name).withRegion(certVault.region);
Vault.DefinitionStages.WithAccessPolicy withAccessPolicy;
if (certVault.resourceGroupName.contains("@")) {
// use existing resource group as selected by the user
withAccessPolicy = withGroup.withExistingResourceGroup(certVault.resourceGroupName.split("@")[0]);
certVault.resourceGroupName = certVault.resourceGroupName.split("@")[0];
} else {
withAccessPolicy = withGroup.withNewResourceGroup(certVault.resourceGroupName);
}
Vault.DefinitionStages.WithCreate withCreate = certVault.servicePrincipalId != null ? withAccessPolicy.defineAccessPolicy().forServicePrincipal(certVault.servicePrincipalId).allowSecretAllPermissions().attach() : withAccessPolicy.defineAccessPolicy().forUser(certVault.userId).allowSecretAllPermissions().attach();
withCreate.withTag("dockerhost", "true").create();
} else {
// If original owner is an AD user, we might fail to set vault permissions
try {
setVaultPermissionsAll(azureClient, certVault);
} catch (Exception e) {
DefaultLoader.getUIHelper().logError(String.format("WARN: Can't set permissions to %s: %s\n", vault.vaultUri(), e.getMessage()), e);
}
}
vault = azureClient.vaults().getByResourceGroup(certVault.resourceGroupName, certVault.name);
String vaultUri = vault.vaultUri();
// add a retry policy to make sure it got created and it is readable
for (int sleepMs = 5000; sleepMs <= 2000000; sleepMs += 5000) {
try {
keyVaultClient.listSecrets(vaultUri);
break;
} catch (Exception e) {
try {
if (DEBUG)
System.out.format("WARN: can't find %s (sleepMs: %d)\n", vaultUri, sleepMs);
if (DEBUG)
System.out.println(e.getMessage());
// DefaultLoader.getUIHelper().logError(String.format("WARN: Can't connect to %s: %s (sleepMs: %d)\n", vaultUri, e.getMessage(), sleepMs), e);
try {
// Windows only - flush local DNS to reflect the new Key Vault URI
if (System.getProperty("os.name").toLowerCase().contains("win")) {
Process p = Runtime.getRuntime().exec("cmd /c ipconfig /flushdns");
}
} catch (Exception ignored) {
}
Thread.sleep(5000);
} catch (Exception ignored) {
}
}
}
Map<String, String> secretsMap = getSecretsMap(certVault);
// TODO: remove this after enabling parallel secrets write from above
for (Map.Entry<String, String> entry : secretsMap.entrySet()) {
try {
if (entry.getValue() != null && !entry.getValue().isEmpty()) {
keyVaultClient.setSecret(new SetSecretRequest.Builder(vaultUri, entry.getKey(), entry.getValue()).build());
}
} catch (Exception e) {
DefaultLoader.getUIHelper().logError(String.format("WARN: Unexpected error writing to %s: %s\n", vaultUri, e.getMessage()), e);
System.out.format("ERROR: can't write %s secret %s: %s\n", vaultUri, entry.getKey(), entry.getValue());
System.out.println(e.getMessage());
}
}
if (keyVaultClient.listSecrets(vaultUri).size() > 0 && certVault.hostName != null && !certVault.hostName.isEmpty()) {
keyVaultClient.setSecret(new SetSecretRequest.Builder(vaultUri, SECRETENTRY_DOCKERHOSTNAMES, certVault.hostName).build());
} else {
// something unexpected went wrong... delete the vault
if (DEBUG)
System.out.println("ERROR: something went wrong");
throw new RuntimeException("Key vault has no secrets");
}
} catch (Exception e) {
DefaultLoader.getUIHelper().logError(String.format("WARN: Unexpected error creating Azure Key Vault %s - %s\n", certVault.name, e.getMessage()), e);
throw new AzureDockerException(e.getMessage());
}
}
use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.
the class AzureDockerCertVaultOps method getTLSCertsFromLocalFile.
public static AzureDockerCertVault getTLSCertsFromLocalFile(String localPath) throws AzureDockerException {
AzureDockerCertVault certVault = new AzureDockerCertVault();
try {
certVault.tlsCACert = new String(Files.readAllBytes(Paths.get(localPath, "ca.pem")));
certVault.tlsCAKey = new String(Files.readAllBytes(Paths.get(localPath, "ca-key.pem")));
certVault.tlsClientCert = new String(Files.readAllBytes(Paths.get(localPath, "cert.pem")));
certVault.tlsClientKey = new String(Files.readAllBytes(Paths.get(localPath, "key.pem")));
certVault.tlsServerCert = new String(Files.readAllBytes(Paths.get(localPath, "server.pem")));
certVault.tlsServerKey = new String(Files.readAllBytes(Paths.get(localPath, "server-key.pem")));
} catch (Exception e) {
throw new AzureDockerException(e.getMessage());
}
return certVault;
}
Aggregations