Search in sources :

Example 1 with AzureDockerCertVault

use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.

the class AzureDockerHostUpdateLoginPanel method doValidate.

public ValidationInfo doValidate(boolean shakeOnError) {
    // User name
    String vmUsername = dockerHostUsernameTextField.getText();
    if (vmUsername == null || vmUsername.isEmpty() || (dockerHostSecondPwdField.isVisible() && !AzureDockerValidationUtils.validateDockerHostUserName(vmUsername))) {
        ValidationInfo info = AzureDockerUIResources.validateComponent("Missing username", mainPanel, dockerHostUsernameTextField, dockerHostUsernameLabel);
        if (shakeOnError) {
            DialogShaker(info);
        }
        return info;
    }
    editableHost.updatedDockerHost.certVault.vmUsername = vmUsername;
    // Password login
    String vmPwd1 = new String(dockerHostFirstPwdField.getPassword());
    String vmPwd2 = new String(dockerHostSecondPwdField.getPassword());
    if (((dockerHostKeepSshRadioButton.isSelected() && editableHost.originalDockerHost.hasSSHLogIn) || dockerHostFirstPwdField.getPassword().length > 0 || dockerHostSecondPwdField.getPassword().length > 0) && (vmPwd1.isEmpty() || vmPwd2.isEmpty() || !vmPwd1.equals(vmPwd2) || (dockerHostSecondPwdField.isVisible() && !AzureDockerValidationUtils.validateDockerHostPassword(vmPwd1)))) {
        ValidationInfo info = AzureDockerUIResources.validateComponent("Incorrect password", mainPanel, dockerHostFirstPwdField, dockerHostFirstPwdLabel);
        if (shakeOnError) {
            DialogShaker(info);
        }
        return info;
    }
    if (dockerHostFirstPwdField.getPassword().length > 0) {
        editableHost.updatedDockerHost.certVault.vmPwd = new String(dockerHostFirstPwdField.getPassword());
        editableHost.updatedDockerHost.hasPwdLogIn = true;
    } else {
        editableHost.updatedDockerHost.certVault.vmPwd = null;
        editableHost.updatedDockerHost.hasPwdLogIn = false;
    }
    // Keep current SSH keys
    if (dockerHostKeepSshRadioButton.isSelected() && editableHost.originalDockerHost.hasSSHLogIn) {
        AzureDockerCertVaultOps.copyVaultSshKeys(editableHost.updatedDockerHost.certVault, editableHost.originalDockerHost.certVault);
        editableHost.updatedDockerHost.hasSSHLogIn = editableHost.originalDockerHost.hasSSHLogIn;
    }
    // SSH key auto generated
    if (dockerHostAutoSshRadioButton.isSelected()) {
        AzureDockerCertVault certVault = AzureDockerCertVaultOps.generateSSHKeys(null, "SSH keys for " + editableHost.updatedDockerHost.name);
        AzureDockerCertVaultOps.copyVaultSshKeys(editableHost.updatedDockerHost.certVault, certVault);
        editableHost.updatedDockerHost.hasSSHLogIn = true;
    }
    // SSH key imported from local file directory
    if (dockerHostImportSshRadioButton.isSelected()) {
        if (dockerHostImportSSHBrowseTextField.getText() == null || dockerHostImportSSHBrowseTextField.getText().isEmpty() || !AzureDockerValidationUtils.validateDockerHostSshDirectory(dockerHostImportSSHBrowseTextField.getText())) {
            ValidationInfo info = AzureDockerUIResources.validateComponent("SSH key files were not found in the selected directory", mainPanel, dockerHostImportSSHBrowseTextField, dockerHostImportSSHBrowseLabel);
            if (shakeOnError) {
                DialogShaker(info);
            }
            return info;
        } else {
            AzureDockerCertVault certVault = AzureDockerCertVaultOps.getSSHKeysFromLocalFile(dockerHostImportSSHBrowseTextField.getText());
            AzureDockerCertVaultOps.copyVaultSshKeys(editableHost.updatedDockerHost.certVault, certVault);
            editableHost.updatedDockerHost.hasSSHLogIn = true;
        }
    }
    return null;
}
Also used : ValidationInfo(com.intellij.openapi.ui.ValidationInfo) AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault)

Example 2 with AzureDockerCertVault

use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.

the class AzureNewDockerLoginPage method doValidate.

public boolean doValidate() {
    if (dockerHostImportKeyvaultCredsRadioButton.getSelection()) {
        // read key vault secrets and set the credentials for the new host
        AzureDockerCertVault certVault = null;
        if (dockerHostImportKeyvaultComboBox.getItemCount() > 0) {
            certVault = (AzureDockerCertVault) dockerHostImportKeyvaultComboBox.getData(dockerHostImportKeyvaultComboBox.getText());
        }
        if (certVault == null) {
            errDispatcher.addMessage("dockerHostImportKeyvaultComboBox", AzureDockerValidationUtils.getDockerHostKeyvaultNameTip(), null, IMessageProvider.ERROR, dockerHostImportKeyvaultComboBox);
            setErrorMessage("No Key Vault found");
            return false;
        } else {
            errDispatcher.removeMessage("dockerHostImportKeyvaultComboBox", dockerHostImportKeyvaultComboBox);
            setErrorMessage(null);
            newHost.certVault.name = certVault.name;
            newHost.certVault.resourceGroupName = certVault.resourceGroupName;
            newHost.certVault.region = certVault.region;
            newHost.certVault.uri = certVault.uri;
            AzureDockerCertVaultOps.copyVaultLoginCreds(newHost.certVault, certVault);
            AzureDockerCertVaultOps.copyVaultSshKeys(newHost.certVault, certVault);
            AzureDockerCertVaultOps.copyVaultTlsCerts(newHost.certVault, certVault);
            // create a weak link (resource tag) between the virtual machine and
            // the key vault
            // we will not create/update the key vault unless the user checks
            // the specific option
            newHost.certVault.hostName = null;
            newHost.hasKeyVault = true;
        }
    } else {
        // reset key vault info
        newHost.hasKeyVault = false;
        newHost.certVault.name = null;
        newHost.certVault.uri = null;
        // User name
        String vmUsername = dockerHostUsernameTextField.getText();
        if (vmUsername == null || vmUsername.isEmpty() || !AzureDockerValidationUtils.validateDockerHostUserName(vmUsername)) {
            errDispatcher.addMessage("dockerHostUsernameTextField", AzureDockerValidationUtils.getDockerHostUserNameTip(), null, IMessageProvider.ERROR, dockerHostUsernameTextField);
            setErrorMessage("Invalid user name");
            credsTabfolder.setSelection(0);
            return false;
        } else {
            errDispatcher.removeMessage("dockerHostUsernameTextField", dockerHostUsernameTextField);
            setErrorMessage(null);
            newHost.certVault.vmUsername = vmUsername;
        }
        // Password login
        String vmPwd1 = dockerHostFirstPwdField.getText();
        String vmPwd2 = dockerHostSecondPwdField.getText();
        if ((dockerHostNoSshRadioButton.getSelection() || (vmPwd1 != null && !vmPwd1.isEmpty()) || (vmPwd2 != null && !vmPwd2.isEmpty())) && (vmPwd1.isEmpty() || vmPwd2.isEmpty() || !vmPwd1.equals(vmPwd2) || !AzureDockerValidationUtils.validateDockerHostPassword(vmPwd1))) {
            errDispatcher.addMessage("dockerHostFirstPwdField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostFirstPwdField);
            setErrorMessage("Invalid password");
            credsTabfolder.setSelection(0);
            return false;
        } else {
            errDispatcher.removeMessage("dockerHostFirstPwdField", dockerHostFirstPwdField);
            errDispatcher.removeMessage("dockerHostSecondPwdField", dockerHostSecondPwdField);
            setErrorMessage(null);
            if (vmPwd1 == null || vmPwd1.isEmpty()) {
                newHost.certVault.vmPwd = null;
                newHost.hasPwdLogIn = false;
            } else {
                newHost.certVault.vmPwd = vmPwd1;
                newHost.hasPwdLogIn = true;
            }
        }
        if (dockerHostNoSshRadioButton.getSelection()) {
            newHost.hasSSHLogIn = false;
            newHost.certVault.sshKey = null;
            newHost.certVault.sshPubKey = null;
        }
        // SSH key auto generated
        if (dockerHostAutoSshRadioButton.getSelection()) {
            AzureDockerCertVault certVault = AzureDockerCertVaultOps.generateSSHKeys(null, "SSH keys for " + newHost.name);
            AzureDockerCertVaultOps.copyVaultSshKeys(newHost.certVault, certVault);
            newHost.hasSSHLogIn = true;
        }
        // SSH key imported from local file directory
        if (dockerHostImportSshRadioButton.getSelection()) {
            String sshPath = dockerHostImportSSHTextField.getText();
            if (sshPath == null || sshPath.isEmpty() || !AzureDockerValidationUtils.validateDockerHostSshDirectory(sshPath)) {
                errDispatcher.addMessage("dockerHostImportSSHTextField", AzureDockerValidationUtils.getDockerHostSshDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportSSHTextField);
                setErrorMessage("SSH key files not found in the specified directory");
                credsTabfolder.setSelection(0);
                return false;
            } else {
                try {
                    AzureDockerCertVault certVault = AzureDockerCertVaultOps.getSSHKeysFromLocalFile(sshPath);
                    AzureDockerCertVaultOps.copyVaultSshKeys(newHost.certVault, certVault);
                    newHost.hasSSHLogIn = true;
                } catch (Exception e) {
                    errDispatcher.addMessage("dockerHostImportSSHTextField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostImportSSHTextField);
                    setErrorMessage("Unexpected error reading SSH key files from specified directory: " + e.getMessage());
                    return false;
                }
                errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
                setErrorMessage(null);
            }
        }
        // No Docker daemon security
        if (dockerHostNoTlsRadioButton.getSelection()) {
            newHost.isTLSSecured = false;
        }
        // TLS certs auto generated
        if (dockerHostAutoTlsRadioButton.getSelection()) {
            errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
            setErrorMessage(null);
            AzureDockerCertVault certVault = AzureDockerCertVaultOps.generateTLSCerts("TLS certs for " + newHost.name);
            AzureDockerCertVaultOps.copyVaultTlsCerts(newHost.certVault, certVault);
            newHost.isTLSSecured = true;
        }
        // TLS certs imported from local file directory
        if (dockerHostImportTlsRadioButton.getSelection()) {
            String tlsPath = dockerHostImportTLSTextField.getText();
            if (tlsPath == null || tlsPath.isEmpty() || !AzureDockerValidationUtils.validateDockerHostTlsDirectory(tlsPath)) {
                errDispatcher.addMessage("dockerHostImportTLSTextField", AzureDockerValidationUtils.getDockerHostTlsDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportTLSTextField);
                setErrorMessage("TLS certificate files not found in the specified directory");
                credsTabfolder.setSelection(1);
                return false;
            } else {
                errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
                setErrorMessage(null);
                AzureDockerCertVault certVault = AzureDockerCertVaultOps.getTLSCertsFromLocalFile(tlsPath);
                AzureDockerCertVaultOps.copyVaultTlsCerts(newHost.certVault, certVault);
                newHost.isTLSSecured = true;
            }
        }
    }
    // Docker daemon port settings
    String port = dockerDaemonPortTextField.getText();
    if (port == null || port.isEmpty() || !AzureDockerValidationUtils.validateDockerHostPort(port)) {
        errDispatcher.addMessage("dockerDaemonPortTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerDaemonPortTextField);
        setErrorMessage("Invalid Docker daemon port setting");
        credsTabfolder.setSelection(1);
        return false;
    } else {
        errDispatcher.removeMessage("dockerDaemonPortTextField", dockerDaemonPortTextField);
        setErrorMessage(null);
        newHost.port = dockerDaemonPortTextField.getText();
    }
    // create new key vault for storing the credentials
    if (dockerHostSaveCredsCheckBox.getSelection()) {
        String newKeyvault = dockerHostNewKeyvaultTextField.getText();
        if (newKeyvault == null || newKeyvault.isEmpty() || !AzureDockerValidationUtils.validateDockerHostKeyvaultName(newKeyvault, dockerManager, true)) {
            errDispatcher.addMessage("dockerHostNewKeyvaultTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerHostNewKeyvaultTextField);
            setErrorMessage("Invalid Key Vault name");
            return false;
        } else {
            errDispatcher.removeMessage("dockerHostNewKeyvaultTextField", dockerHostNewKeyvaultTextField);
            setErrorMessage(null);
            newHost.hasKeyVault = true;
            newHost.certVault.name = dockerHostNewKeyvaultTextField.getText();
            newHost.certVault.hostName = (newHost.name != null) ? newHost.name : null;
            newHost.certVault.region = (newHost.hostVM.region != null) ? newHost.hostVM.region : null;
            newHost.certVault.resourceGroupName = (newHost.hostVM.resourceGroupName != null) ? newHost.hostVM.resourceGroupName : null;
            newHost.certVault.uri = (newHost.hostVM.region != null && newHost.hostVM.resourceGroupName != null) ? "https://" + newHost.certVault.name + ".vault.azure.net" : null;
        }
    } else {
        errDispatcher.removeMessage("dockerHostNewKeyvaultTextField", dockerHostNewKeyvaultTextField);
        setErrorMessage(null);
        newHost.certVault.hostName = null;
    }
    return true;
}
Also used : AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault)

Example 3 with AzureDockerCertVault

use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.

the class AzureNewDockerLoginPage method initUIMainContainer.

private void initUIMainContainer(Composite mainContainer) {
    dockerHostImportKeyvaultCredsRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostImportKeyvaultComboBox.setEnabled(true);
            dockerHostUsernameTextField.setEnabled(false);
            dockerHostFirstPwdField.setEnabled(false);
            dockerHostSecondPwdField.setEnabled(false);
            dockerHostNoSshRadioButton.setEnabled(false);
            dockerHostAutoSshRadioButton.setEnabled(false);
            dockerHostImportSshRadioButton.setEnabled(false);
            dockerHostImportSSHTextField.setEnabled(false);
            dockerHostImportSSHBrowseButton.setEnabled(false);
            dockerHostNoTlsRadioButton.setEnabled(false);
            dockerHostAutoTlsRadioButton.setEnabled(false);
            dockerHostImportTlsRadioButton.setEnabled(false);
            dockerHostImportTLSTextField.setEnabled(false);
            dockerHostImportTLSBrowseButton.setEnabled(false);
            setErrorMessage(null);
            setPageComplete(doValidate());
        }
    });
    dockerHostImportKeyvaultComboBox.setEnabled(false);
    for (AzureDockerCertVault certVault : dockerManager.getDockerKeyVaults()) {
        dockerHostImportKeyvaultComboBox.add(certVault.name);
        dockerHostImportKeyvaultComboBox.setData(certVault.name, certVault);
    }
    if (dockerManager.getDockerKeyVaults().size() > 0) {
        dockerHostImportKeyvaultComboBox.select(0);
    }
    dockerHostImportKeyvaultComboBox.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            setPageComplete(doValidate());
        }
    });
    dockerHostNewCredsRadioButton.setSelection(true);
    dockerHostNewCredsRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostImportKeyvaultComboBox.setEnabled(false);
            dockerHostUsernameTextField.setEnabled(true);
            dockerHostFirstPwdField.setEnabled(true);
            dockerHostSecondPwdField.setEnabled(true);
            dockerHostNoSshRadioButton.setEnabled(true);
            dockerHostAutoSshRadioButton.setEnabled(true);
            dockerHostImportSshRadioButton.setEnabled(true);
            if (dockerHostImportSshRadioButton.getSelection()) {
                dockerHostImportSSHTextField.setEnabled(true);
                dockerHostImportSSHBrowseButton.setEnabled(true);
            }
            dockerDaemonPortTextField.setEnabled(true);
            dockerHostNoTlsRadioButton.setEnabled(true);
            dockerHostAutoTlsRadioButton.setEnabled(true);
            dockerHostImportTlsRadioButton.setEnabled(true);
            if (dockerHostImportTlsRadioButton.getSelection()) {
                dockerHostImportTLSTextField.setEnabled(true);
                dockerHostImportTLSBrowseButton.setEnabled(true);
            }
            setErrorMessage(null);
            setPageComplete(doValidate());
        }
    });
    dockerHostUsernameTextField.setText(newHost.certVault.vmUsername);
    dockerHostUsernameTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostUserNameTip());
    dockerHostUsernameTextField.addModifyListener(new ModifyListener() {

        @Override
        public void modifyText(ModifyEvent event) {
            if (AzureDockerValidationUtils.validateDockerHostUserName(((Text) event.getSource()).getText())) {
                errDispatcher.removeMessage("dockerHostUsernameTextField", dockerHostUsernameTextField);
                setErrorMessage(null);
                setPageComplete(doValidate());
            } else {
                errDispatcher.addMessage("dockerHostUsernameTextField", AzureDockerValidationUtils.getDockerHostUserNameTip(), null, IMessageProvider.ERROR, dockerHostUsernameTextField);
                setErrorMessage("Invalid user name");
                setPageComplete(false);
            }
        }
    });
    dockerHostFirstPwdField.setToolTipText(AzureDockerValidationUtils.getDockerHostPasswordTip());
    dockerHostFirstPwdField.addModifyListener(new ModifyListener() {

        @Override
        public void modifyText(ModifyEvent event) {
            String text = ((Text) event.getSource()).getText();
            if (text == null || text.isEmpty() || AzureDockerValidationUtils.validateDockerHostPassword(text)) {
                errDispatcher.removeMessage("dockerHostFirstPwdField", dockerHostFirstPwdField);
                setErrorMessage(null);
                setPageComplete(doValidate());
            } else {
                errDispatcher.addMessage("dockerHostFirstPwdField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostFirstPwdField);
                setErrorMessage("Invalid password");
                setPageComplete(false);
            }
        }
    });
    dockerHostSecondPwdField.setToolTipText(AzureDockerValidationUtils.getDockerHostPasswordTip());
    dockerHostSecondPwdField.addModifyListener(new ModifyListener() {

        @Override
        public void modifyText(ModifyEvent event) {
            String pwd1 = dockerHostFirstPwdField.getText();
            String pwd2 = ((Text) event.getSource()).getText();
            if ((pwd1 == null && pwd2 == null) || pwd2.equals(pwd1)) {
                errDispatcher.removeMessage("dockerHostFirstPwdField", dockerHostFirstPwdField);
                errDispatcher.removeMessage("dockerHostSecondPwdField", dockerHostSecondPwdField);
                setErrorMessage(null);
                setPageComplete(doValidate());
            } else {
                errDispatcher.addMessage("dockerHostSecondPwdField", AzureDockerValidationUtils.getDockerHostPasswordTip(), null, IMessageProvider.ERROR, dockerHostSecondPwdField);
                setErrorMessage("Invalid confirmation password");
                setPageComplete(false);
            }
        }
    });
    dockerHostNoSshRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostPwdLabel.setText("(Required)");
            dockerHostImportSSHTextField.setEnabled(false);
            dockerHostImportSSHBrowseButton.setEnabled(false);
            errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
            setErrorMessage(null);
            setPageComplete(doValidate());
        }
    });
    dockerHostAutoSshRadioButton.setSelection(true);
    dockerHostAutoSshRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostPwdLabel.setText("(Optional)");
            dockerHostImportSSHTextField.setEnabled(false);
            dockerHostImportSSHBrowseButton.setEnabled(false);
            errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
            setErrorMessage(null);
            setPageComplete(doValidate());
        }
    });
    dockerHostImportSshRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostPwdLabel.setText("(Optional)");
            dockerHostImportSSHTextField.setEnabled(true);
            dockerHostImportSSHBrowseButton.setEnabled(true);
            setPageComplete(doValidate());
        }
    });
    dockerHostImportSSHTextField.setEnabled(false);
    dockerHostImportSSHTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostSshDirectoryTip());
    dockerHostImportSSHTextField.addModifyListener(new ModifyListener() {

        @Override
        public void modifyText(ModifyEvent event) {
            if (AzureDockerValidationUtils.validateDockerHostSshDirectory(((Text) event.getSource()).getText())) {
                errDispatcher.removeMessage("dockerHostImportSSHTextField", dockerHostImportSSHTextField);
                setErrorMessage(null);
                setPageComplete(doValidate());
            } else {
                errDispatcher.addMessage("dockerHostImportSSHTextField", AzureDockerValidationUtils.getDockerHostSshDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportSSHTextField);
                setErrorMessage("SSH key files not found in the specified directory");
                setPageComplete(false);
            }
        }
    });
    dockerHostImportSSHBrowseButton.setEnabled(false);
    dockerHostImportSSHBrowseButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            DirectoryDialog directoryDialog = new DirectoryDialog(dockerHostImportSSHBrowseButton.getShell());
            directoryDialog.setText("Select SSH Keys Directory");
            directoryDialog.setFilterPath(System.getProperty("user.home"));
            String path = directoryDialog.open();
            if (path == null) {
                return;
            }
            dockerHostImportSSHTextField.setText(path);
            setPageComplete(doValidate());
        }
    });
    dockerDaemonPortTextField.setText(newHost.port);
    dockerDaemonPortTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostPortTip());
    dockerDaemonPortTextField.addModifyListener(new ModifyListener() {

        @Override
        public void modifyText(ModifyEvent event) {
            if (AzureDockerValidationUtils.validateDockerHostPort(((Text) event.getSource()).getText())) {
                errDispatcher.removeMessage("dockerDaemonPortTextField", dockerDaemonPortTextField);
                setErrorMessage(null);
                setPageComplete(doValidate());
            } else {
                errDispatcher.addMessage("dockerDaemonPortTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerDaemonPortTextField);
                setErrorMessage("Invalid Docker daemon port setting");
                setPageComplete(false);
            }
        }
    });
    dockerHostNoTlsRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostImportTLSTextField.setEnabled(false);
            dockerHostImportTLSBrowseButton.setEnabled(false);
            errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
            setErrorMessage(null);
            setPageComplete(doValidate());
        }
    });
    dockerHostAutoTlsRadioButton.setSelection(true);
    dockerHostAutoTlsRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostImportTLSTextField.setEnabled(false);
            dockerHostImportTLSBrowseButton.setEnabled(false);
            errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
            setErrorMessage(null);
            setPageComplete(doValidate());
        }
    });
    dockerHostImportTlsRadioButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostImportTLSTextField.setEnabled(true);
            dockerHostImportTLSBrowseButton.setEnabled(true);
            setPageComplete(doValidate());
        }
    });
    dockerHostImportTLSTextField.setEnabled(false);
    dockerHostImportTLSTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostTlsDirectoryTip());
    dockerHostImportTLSTextField.addModifyListener(new ModifyListener() {

        @Override
        public void modifyText(ModifyEvent event) {
            if (AzureDockerValidationUtils.validateDockerHostTlsDirectory(((Text) event.getSource()).getText())) {
                errDispatcher.removeMessage("dockerHostImportTLSTextField", dockerHostImportTLSTextField);
                setErrorMessage(null);
                setPageComplete(doValidate());
            } else {
                errDispatcher.addMessage("dockerHostImportTLSTextField", AzureDockerValidationUtils.getDockerHostTlsDirectoryTip(), null, IMessageProvider.ERROR, dockerHostImportTLSTextField);
                setErrorMessage("TLS certificate files not found in the specified directory");
                setPageComplete(false);
            }
        }
    });
    dockerHostImportTLSBrowseButton.setEnabled(false);
    dockerHostImportTLSBrowseButton.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            DirectoryDialog directoryDialog = new DirectoryDialog(dockerHostImportTLSBrowseButton.getShell());
            directoryDialog.setText("Select TLS Certificate Directory");
            directoryDialog.setFilterPath(System.getProperty("user.home"));
            String path = directoryDialog.open();
            if (path == null) {
                return;
            }
            dockerHostImportTLSTextField.setText(path);
            setPageComplete(doValidate());
        }
    });
    dockerHostSaveCredsCheckBox.setSelection(true);
    dockerHostSaveCredsCheckBox.addSelectionListener(new SelectionAdapter() {

        @Override
        public void widgetSelected(SelectionEvent e) {
            dockerHostNewKeyvaultTextField.setEnabled(dockerHostSaveCredsCheckBox.getSelection());
            setPageComplete(doValidate());
        }
    });
    dockerHostNewKeyvaultTextField.setText(newHost.certVault.name);
    dockerHostNewKeyvaultTextField.setToolTipText(AzureDockerValidationUtils.getDockerHostKeyvaultNameTip());
    dockerHostNewKeyvaultTextField.addModifyListener(new ModifyListener() {

        @Override
        public void modifyText(ModifyEvent event) {
            if (AzureDockerValidationUtils.validateDockerHostKeyvaultName(((Text) event.getSource()).getText(), dockerManager, false)) {
                errDispatcher.removeMessage("dockerHostNewKeyvaultTextField", dockerHostNewKeyvaultTextField);
                setErrorMessage(null);
                setPageComplete(doValidate());
            } else {
                errDispatcher.addMessage("dockerHostNewKeyvaultTextField", AzureDockerValidationUtils.getDockerHostPortTip(), null, IMessageProvider.ERROR, dockerHostNewKeyvaultTextField);
                setErrorMessage("Invalid key vault name");
                setPageComplete(false);
            }
        }
    });
}
Also used : ModifyEvent(org.eclipse.swt.events.ModifyEvent) ModifyListener(org.eclipse.swt.events.ModifyListener) SelectionAdapter(org.eclipse.swt.events.SelectionAdapter) SelectionEvent(org.eclipse.swt.events.SelectionEvent) AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault) Text(org.eclipse.swt.widgets.Text) DirectoryDialog(org.eclipse.swt.widgets.DirectoryDialog)

Example 4 with AzureDockerCertVault

use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.

the class AzureDockerCertVaultOps method createOrUpdateVault.

public static void createOrUpdateVault(Azure azureClient, AzureDockerCertVault certVault, KeyVaultClient keyVaultClient) throws AzureDockerException {
    if (azureClient == null || keyVaultClient == null || certVault == null || certVault.name == null || certVault.hostName == null || certVault.resourceGroupName == null || certVault.region == null || (certVault.servicePrincipalId == null && certVault.userId == null)) {
        throw new AzureDockerException("Unexpected argument values; azureClient, vault name, hostName, resourceGroupName, region and userName/servicePrincipalId cannot be null");
    }
    try {
        Vault vault = null;
        try {
            if (certVault.id != null) {
                vault = azureClient.vaults().getById(certVault.id);
            } else {
                for (ResourceGroup group : azureClient.resourceGroups().list()) {
                    for (Vault vaultItem : azureClient.vaults().listByResourceGroup(group.name())) {
                        if (vaultItem.name().equals(certVault.name)) {
                            vault = vaultItem;
                            break;
                        }
                    }
                    if (vault != null)
                        break;
                }
            }
        } catch (CloudException e) {
            if (e.body().code().equals("ResourceNotFound") || e.body().code().equals("ResourceGroupNotFound")) {
                // Vault does no exist
                vault = null;
            } else {
                throw e;
            }
        }
        if (vault == null) {
            // Vault does not exist so this is the create op
            Vault.DefinitionStages.WithGroup withGroup = azureClient.vaults().define(certVault.name).withRegion(certVault.region);
            Vault.DefinitionStages.WithAccessPolicy withAccessPolicy;
            if (certVault.resourceGroupName.contains("@")) {
                // use existing resource group as selected by the user
                withAccessPolicy = withGroup.withExistingResourceGroup(certVault.resourceGroupName.split("@")[0]);
                certVault.resourceGroupName = certVault.resourceGroupName.split("@")[0];
            } else {
                withAccessPolicy = withGroup.withNewResourceGroup(certVault.resourceGroupName);
            }
            Vault.DefinitionStages.WithCreate withCreate = certVault.servicePrincipalId != null ? withAccessPolicy.defineAccessPolicy().forServicePrincipal(certVault.servicePrincipalId).allowSecretAllPermissions().attach() : withAccessPolicy.defineAccessPolicy().forUser(certVault.userId).allowSecretAllPermissions().attach();
            withCreate.withTag("dockerhost", "true").create();
        } else {
            // If original owner is an AD user, we might fail to set vault permissions
            try {
                setVaultPermissionsAll(azureClient, certVault);
            } catch (Exception e) {
                DefaultLoader.getUIHelper().logError(String.format("WARN: Can't set permissions to %s: %s\n", vault.vaultUri(), e.getMessage()), e);
            }
        }
        vault = azureClient.vaults().getByResourceGroup(certVault.resourceGroupName, certVault.name);
        String vaultUri = vault.vaultUri();
        // add a retry policy to make sure it got created and it is readable
        for (int sleepMs = 5000; sleepMs <= 2000000; sleepMs += 5000) {
            try {
                keyVaultClient.listSecrets(vaultUri);
                break;
            } catch (Exception e) {
                try {
                    if (DEBUG)
                        System.out.format("WARN: can't find %s (sleepMs: %d)\n", vaultUri, sleepMs);
                    if (DEBUG)
                        System.out.println(e.getMessage());
                    //            DefaultLoader.getUIHelper().logError(String.format("WARN: Can't connect to %s: %s (sleepMs: %d)\n", vaultUri, e.getMessage(), sleepMs), e);
                    try {
                        // Windows only - flush local DNS to reflect the new Key Vault URI
                        if (System.getProperty("os.name").toLowerCase().contains("win")) {
                            Process p = Runtime.getRuntime().exec("cmd /c ipconfig /flushdns");
                        }
                    } catch (Exception ignored) {
                    }
                    Thread.sleep(5000);
                } catch (Exception ignored) {
                }
            }
        }
        Map<String, String> secretsMap = getSecretsMap(certVault);
        // TODO: remove this after enabling parallel secrets write from above
        for (Map.Entry<String, String> entry : secretsMap.entrySet()) {
            try {
                if (entry.getValue() != null && !entry.getValue().isEmpty()) {
                    keyVaultClient.setSecret(new SetSecretRequest.Builder(vaultUri, entry.getKey(), entry.getValue()).build());
                }
            } catch (Exception e) {
                DefaultLoader.getUIHelper().logError(String.format("WARN: Unexpected error writing to %s: %s\n", vaultUri, e.getMessage()), e);
                System.out.format("ERROR: can't write %s secret %s: %s\n", vaultUri, entry.getKey(), entry.getValue());
                System.out.println(e.getMessage());
            }
        }
        if (keyVaultClient.listSecrets(vaultUri).size() > 0 && certVault.hostName != null && !certVault.hostName.isEmpty()) {
            keyVaultClient.setSecret(new SetSecretRequest.Builder(vaultUri, SECRETENTRY_DOCKERHOSTNAMES, certVault.hostName).build());
        } else {
            // something unexpected went wrong... delete the vault
            if (DEBUG)
                System.out.println("ERROR: something went wrong");
            throw new RuntimeException("Key vault has no secrets");
        }
    } catch (Exception e) {
        DefaultLoader.getUIHelper().logError(String.format("WARN: Unexpected error creating Azure Key Vault %s - %s\n", certVault.name, e.getMessage()), e);
        throw new AzureDockerException(e.getMessage());
    }
}
Also used : CloudException(com.microsoft.azure.CloudException) AzureDockerException(com.microsoft.azure.docker.model.AzureDockerException) CloudException(com.microsoft.azure.CloudException) AzureDockerException(com.microsoft.azure.docker.model.AzureDockerException) Vault(com.microsoft.azure.management.keyvault.Vault) AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault) HashMap(java.util.HashMap) Map(java.util.Map) ResourceGroup(com.microsoft.azure.management.resources.ResourceGroup)

Example 5 with AzureDockerCertVault

use of com.microsoft.azure.docker.model.AzureDockerCertVault in project azure-tools-for-java by Microsoft.

the class AzureDockerCertVaultOps method getTLSCertsFromLocalFile.

public static AzureDockerCertVault getTLSCertsFromLocalFile(String localPath) throws AzureDockerException {
    AzureDockerCertVault certVault = new AzureDockerCertVault();
    try {
        certVault.tlsCACert = new String(Files.readAllBytes(Paths.get(localPath, "ca.pem")));
        certVault.tlsCAKey = new String(Files.readAllBytes(Paths.get(localPath, "ca-key.pem")));
        certVault.tlsClientCert = new String(Files.readAllBytes(Paths.get(localPath, "cert.pem")));
        certVault.tlsClientKey = new String(Files.readAllBytes(Paths.get(localPath, "key.pem")));
        certVault.tlsServerCert = new String(Files.readAllBytes(Paths.get(localPath, "server.pem")));
        certVault.tlsServerKey = new String(Files.readAllBytes(Paths.get(localPath, "server-key.pem")));
    } catch (Exception e) {
        throw new AzureDockerException(e.getMessage());
    }
    return certVault;
}
Also used : AzureDockerException(com.microsoft.azure.docker.model.AzureDockerException) AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault) AzureDockerException(com.microsoft.azure.docker.model.AzureDockerException) CloudException(com.microsoft.azure.CloudException)

Aggregations

AzureDockerCertVault (com.microsoft.azure.docker.model.AzureDockerCertVault)18 AzureDockerException (com.microsoft.azure.docker.model.AzureDockerException)8 CloudException (com.microsoft.azure.CloudException)7 KeyVaultClient (com.microsoft.azure.keyvault.KeyVaultClient)3 Azure (com.microsoft.azure.management.Azure)3 Vault (com.microsoft.azure.management.keyvault.Vault)3 ValidationInfo (com.intellij.openapi.ui.ValidationInfo)2 JSch (com.jcraft.jsch.JSch)2 KeyPair (com.jcraft.jsch.KeyPair)2 ResourceGroup (com.microsoft.azure.management.resources.ResourceGroup)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 Date (java.util.Date)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 ModifyEvent (org.eclipse.swt.events.ModifyEvent)2 ModifyListener (org.eclipse.swt.events.ModifyListener)2 SelectionAdapter (org.eclipse.swt.events.SelectionAdapter)2 SelectionEvent (org.eclipse.swt.events.SelectionEvent)2 DirectoryDialog (org.eclipse.swt.widgets.DirectoryDialog)2 Text (org.eclipse.swt.widgets.Text)2