Examples with KeyVaultClient com.microsoft.azure.keyvault.KeyVaultClient used on opensource projects
Example 1 with KeyVaultClient
use of com.microsoft.azure.keyvault.KeyVaultClient in project azure-tools-for-java by Microsoft.
the class AzureDockerCertVaultOps method getVault.
public static AzureDockerCertVault getVault(AzureDockerCertVault certVault, KeyVaultClient keyVaultClient) throws AzureDockerException {
if (certVault == null || keyVaultClient == null || certVault.uri == null) {
throw new AzureDockerException("Unexpected argument values; azureClient, vault name and resourceGroupName cannot be null");
}
String vaultUri = certVault.uri;
try {
SecretBundle secret = keyVaultClient.getSecret(vaultUri, SECRETENTRY_DOCKERHOSTNAMES);
if (secret != null) {
certVault.hostName = secret.value();
} else {
certVault.hostName = null;
return null;
}
} catch (Exception e) {
return null;
}
//Execute Key Vault Secret read in parallel
Map<String, String> secretNamesAndValueMap = new HashMap<>();
Observable.from(DOCKERHOST_SECRETS).flatMap(secretName -> {
return Observable.create(new Observable.OnSubscribe<Pair<String, String>>() {
@Override
public void call(Subscriber<? super Pair<String, String>> subscriber) {
keyVaultClient.getSecretAsync(vaultUri, secretName, new ServiceCallback<SecretBundle>() {
@Override
public void failure(Throwable throwable) {
subscriber.onCompleted();
}
@Override
public void success(SecretBundle secretBundle) {
if (secretBundle != null) {
subscriber.onNext(new Pair<>(secretName, secretBundle.value()));
}
subscriber.onCompleted();
}
});
}
}).subscribeOn(Schedulers.io());
}, 5).subscribeOn(Schedulers.io()).toBlocking().subscribe(new Action1<Pair<String, String>>() {
@Override
public void call(Pair<String, String> secretNameAndValue) {
secretNamesAndValueMap.put(secretNameAndValue.first(), secretNameAndValue.second());
}
});
String currentSecretValue;
currentSecretValue = secretNamesAndValueMap.get("vmUsername");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.vmUsername = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("vmPwd");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.vmPwd = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("sshKey");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.sshKey = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("sshPubKey");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.sshPubKey = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("tlsCACert");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.tlsCACert = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("tlsCAKey");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.tlsCAKey = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("tlsClientCert");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.tlsClientCert = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("tlsClientKey");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.tlsClientKey = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("tlsServerCert");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.tlsServerCert = currentSecretValue;
}
currentSecretValue = secretNamesAndValueMap.get("tlsServerKey");
if (currentSecretValue != null && !currentSecretValue.isEmpty()) {
certVault.tlsServerKey = currentSecretValue;
}
return certVault;
}
Also used :
KeyPair(com.jcraft.jsch.KeyPair)
JSch(com.jcraft.jsch.JSch)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
HashMap(java.util.HashMap)
Action1(rx.functions.Action1)
DEBUG(com.microsoft.azure.docker.ops.utils.AzureDockerUtils.DEBUG)
SecretBundle(com.microsoft.azure.keyvault.models.SecretBundle)
Observable(rx.Observable)
Azure(com.microsoft.azure.management.Azure)
Map(java.util.Map)
Schedulers(rx.schedulers.Schedulers)
DefaultLoader(com.microsoft.tooling.msservices.components.DefaultLoader)
ResourceGroup(com.microsoft.azure.management.resources.ResourceGroup)
Vault(com.microsoft.azure.management.keyvault.Vault)
Subscriber(rx.Subscriber)
ServiceCallback(com.microsoft.rest.ServiceCallback)
Files(java.nio.file.Files)
AzureDockerUtils(com.microsoft.azure.docker.ops.utils.AzureDockerUtils)
FileWriter(java.io.FileWriter)
Pair(com.microsoft.azuretools.utils.Pair)
SetSecretRequest(com.microsoft.azure.keyvault.requests.SetSecretRequest)
SecretPermissions(com.microsoft.azure.management.keyvault.SecretPermissions)
List(java.util.List)
AzureDockerException(com.microsoft.azure.docker.model.AzureDockerException)
AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault)
Paths(java.nio.file.Paths)
CloudException(com.microsoft.azure.CloudException)
KeyVaultClient(com.microsoft.azure.keyvault.KeyVaultClient)
HashMap(java.util.HashMap)
AzureDockerException(com.microsoft.azure.docker.model.AzureDockerException)
CloudException(com.microsoft.azure.CloudException)
Observable(rx.Observable)
SecretBundle(com.microsoft.azure.keyvault.models.SecretBundle)
ServiceCallback(com.microsoft.rest.ServiceCallback)
AzureDockerException(com.microsoft.azure.docker.model.AzureDockerException)
KeyPair(com.jcraft.jsch.KeyPair)
Pair(com.microsoft.azuretools.utils.Pair)
Example 2 with KeyVaultClient
use of com.microsoft.azure.keyvault.KeyVaultClient in project azure-tools-for-java by Microsoft.
the class AzureDockerUIResources method createDockerKeyVault.
public static void createDockerKeyVault(Project project, DockerHost dockerHost, AzureDockerHostsManager dockerManager) {
if (dockerHost.certVault.hostName != null) {
ProgressManager.getInstance().run(new Task.Backgroundable(project, String.format("Creating Key Vault for %s...", dockerHost.name), true) {
@Override
public void run(ProgressIndicator progressIndicator) {
try {
progressIndicator.setFraction(.05);
progressIndicator.setText2(String.format("Reading subscription details for Docker host %s ...", dockerHost.apiUrl));
Azure azureClient = dockerManager.getSubscriptionsMap().get(dockerHost.sid).azureClient;
KeyVaultClient keyVaultClient = dockerManager.getSubscriptionsMap().get(dockerHost.sid).keyVaultClient;
if (progressIndicator.isCanceled()) {
if (displayWarningOnCreateKeyVaultCancelAction() == 1) {
return;
}
}
String retryMsg = "Create";
int retries = 0;
AzureDockerCertVault certVault = null;
do {
progressIndicator.setFraction(.15 + .15 * retries);
progressIndicator.setText2(String.format("%s new key vault %s ...", retryMsg, dockerHost.certVault.name));
if (AzureDockerUtils.DEBUG)
System.out.println(retryMsg + " new Docker key vault: " + new Date().toString());
AzureDockerCertVaultOps.createOrUpdateVault(azureClient, dockerHost.certVault, keyVaultClient);
if (AzureDockerUtils.DEBUG)
System.out.println("Done creating new key vault: " + new Date().toString());
if (progressIndicator.isCanceled()) {
if (displayWarningOnCreateKeyVaultCancelAction() == 1) {
return;
}
}
certVault = AzureDockerCertVaultOps.getVault(azureClient, dockerHost.certVault.name, dockerHost.certVault.resourceGroupName, keyVaultClient);
retries++;
retryMsg = "Retry creating";
} while (// Retry couple times
retries < 5 && (certVault == null || certVault.vmUsername == null));
progressIndicator.setFraction(.90);
progressIndicator.setText2("Updating key vaults ...");
if (AzureDockerUtils.DEBUG)
System.out.println("Refreshing key vaults: " + new Date().toString());
dockerManager.refreshDockerVaults();
dockerManager.refreshDockerVaultDetails();
if (AzureDockerUtils.DEBUG)
System.out.println("Done refreshing key vaults: " + new Date().toString());
if (progressIndicator.isCanceled()) {
if (displayWarningOnCreateKeyVaultCancelAction() == 1) {
return;
}
}
progressIndicator.setFraction(.90);
progressIndicator.setIndeterminate(true);
} catch (Exception e) {
String msg = "An error occurred while attempting to create Azure Key Vault for Docker host." + "\n" + e.getMessage() + "\n Try logging in using the automated path (create and use a service principal).\n";
LOGGER.error("Failed to Create Azure Key Vault", e);
PluginUtil.displayErrorDialogInAWTAndLog("Failed to Create Azure Key Vault", msg, e);
}
}
});
}
}
Also used :
Task(com.intellij.openapi.progress.Task)
Azure(com.microsoft.azure.management.Azure)
KeyVaultClient(com.microsoft.azure.keyvault.KeyVaultClient)
ProgressIndicator(com.intellij.openapi.progress.ProgressIndicator)
AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault)
Date(java.util.Date)
Example 3 with KeyVaultClient
use of com.microsoft.azure.keyvault.KeyVaultClient in project azure-tools-for-java by Microsoft.
the class AzureDockerUIResources method createDockerKeyVault.
public static void createDockerKeyVault(DockerHost dockerHost, AzureDockerHostsManager dockerManager) {
Job createDockerHostJob = new Job(String.format("Creating Azure Key Vault %s for %s", dockerHost.certVault.name, dockerHost.name)) {
@Override
protected IStatus run(IProgressMonitor progressMonitor) {
progressMonitor.beginTask("start task", 100);
try {
progressMonitor.subTask(String.format("Reading subscription details for Docker host %s ...", dockerHost.apiUrl));
progressMonitor.worked(5);
Azure azureClient = dockerManager.getSubscriptionsMap().get(dockerHost.sid).azureClient;
KeyVaultClient keyVaultClient = dockerManager.getSubscriptionsMap().get(dockerHost.sid).keyVaultClient;
if (progressMonitor.isCanceled()) {
progressMonitor.done();
return Status.CANCEL_STATUS;
}
String retryMsg = "Create";
int retries = 5;
AzureDockerCertVault certVault = null;
do {
progressMonitor.subTask(String.format("%s new key vault %s ...", retryMsg, dockerHost.certVault.name));
progressMonitor.worked(15 + 15 * retries);
if (AzureDockerUtils.DEBUG)
System.out.println(retryMsg + " new Docker key vault: " + new Date().toString());
AzureDockerCertVaultOps.createOrUpdateVault(azureClient, dockerHost.certVault, keyVaultClient);
if (AzureDockerUtils.DEBUG)
System.out.println("Done creating new key vault: " + new Date().toString());
if (progressMonitor.isCanceled()) {
progressMonitor.done();
return Status.CANCEL_STATUS;
}
certVault = AzureDockerCertVaultOps.getVault(azureClient, dockerHost.certVault.name, dockerHost.certVault.resourceGroupName, keyVaultClient);
retries++;
retryMsg = "Retry creating";
} while (// Retry couple times
retries < 5 && (certVault == null || certVault.vmUsername == null));
progressMonitor.subTask("Updating key vaults ...");
progressMonitor.worked(95);
if (AzureDockerUtils.DEBUG)
System.out.println("Refreshing key vaults: " + new Date().toString());
dockerManager.refreshDockerVaults();
dockerManager.refreshDockerVaultDetails();
if (AzureDockerUtils.DEBUG)
System.out.println("Done refreshing key vaults: " + new Date().toString());
// progressMonitor.subTask("");
// progressMonitor.worked(1);
// if (progressMonitor.isCanceled()) {
// if (displayWarningOnCreateKeyVaultCancelAction() == 0) {
// progressMonitor.done();
// return Status.CANCEL_STATUS;
// }
// }
//
progressMonitor.done();
return Status.OK_STATUS;
} catch (Exception e) {
String msg = "An error occurred while attempting to create a new Azure Key Vault." + "\n" + e.getMessage();
log.log(Level.SEVERE, "createDockerKeyVault: " + msg, e);
e.printStackTrace();
PluginUtil.displayErrorDialog(Display.getDefault().getActiveShell(), "Error Creating Azure Key Vault " + dockerHost.certVault.name, "An error occurred while attempting to create a new Azure Key Vault." + "\n" + e.getMessage());
return Status.CANCEL_STATUS;
}
}
};
createDockerHostJob.schedule();
}
Also used :
IProgressMonitor(org.eclipse.core.runtime.IProgressMonitor)
Azure(com.microsoft.azure.management.Azure)
KeyVaultClient(com.microsoft.azure.keyvault.KeyVaultClient)
AzureDockerCertVault(com.microsoft.azure.docker.model.AzureDockerCertVault)
Job(org.eclipse.core.runtime.jobs.Job)
Date(java.util.Date)
Example 4 with KeyVaultClient
use of com.microsoft.azure.keyvault.KeyVaultClient in project azure-tools-for-java by Microsoft.
the class AzureDeploymentProgressNotification method deployToDockerContainer.
public void deployToDockerContainer(AzureDockerImageInstance dockerImageInstance, String url) {
Date startDate = new Date();
Map<String, String> postEventProperties = new HashMap<String, String>();
postEventProperties.put("DockerFileOption", dockerImageInstance.predefinedDockerfile);
String descriptionTask = String.format("Publishing %s into Docker host %s at port(s) %s", new File(dockerImageInstance.artifactPath).getName(), dockerImageInstance.host.name, dockerImageInstance.dockerPortSettings);
try {
String msg = String.format("Publishing %s to Docker host %s ...", new File(dockerImageInstance.artifactPath).getName(), dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 5, msg);
AzureManager azureAuthManager = AuthMethodManager.getInstance().getAzureManager();
// not signed in
if (azureAuthManager == null) {
throw new RuntimeException("User not signed in");
}
AzureDockerHostsManager dockerManager = AzureDockerHostsManager.getAzureDockerHostsManagerEmpty(azureAuthManager);
Azure azureClient = dockerManager.getSubscriptionsMap().get(dockerImageInstance.sid).azureClient;
KeyVaultClient keyVaultClient = dockerManager.getSubscriptionsMap().get(dockerImageInstance.sid).keyVaultClient;
if (dockerImageInstance.hasNewDockerHost) {
msg = String.format("Creating new virtual machine %s ...", dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 10, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Creating new virtual machine: " + new Date().toString());
AzureDockerVMOps.createDockerHostVM(azureClient, dockerImageInstance.host);
if (AzureDockerUtils.DEBUG)
System.out.println("Done creating new virtual machine: " + new Date().toString());
msg = String.format("Get new VM details...");
notifyProgress(descriptionTask, startDate, null, 30, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Getting the new Docker host details: " + new Date().toString());
VirtualMachine vm = azureClient.virtualMachines().getByResourceGroup(dockerImageInstance.host.hostVM.resourceGroupName, dockerImageInstance.host.hostVM.name);
if (vm != null) {
DockerHost updatedHost = AzureDockerVMOps.getDockerHost(vm, dockerManager.getDockerVaultsMap());
if (updatedHost != null) {
dockerImageInstance.host.hostVM = updatedHost.hostVM;
dockerImageInstance.host.apiUrl = updatedHost.apiUrl;
}
}
if (AzureDockerUtils.DEBUG)
System.out.println("Done getting the new Docker host details: " + new Date().toString());
msg = String.format("Waiting for virtual machine to be up %s ...", dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 35, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Waiting for virtual machine to be up: " + new Date().toString());
AzureDockerVMOps.waitForVirtualMachineStartup(azureClient, dockerImageInstance.host);
if (AzureDockerUtils.DEBUG)
System.out.println("Done Waiting for virtual machine to be up: " + new Date().toString());
msg = String.format("Configuring Docker service for %s ...", dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 45, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Configuring Docker host: " + new Date().toString());
AzureDockerVMOps.installDocker(dockerImageInstance.host);
if (AzureDockerUtils.DEBUG)
System.out.println("Done configuring Docker host: " + new Date().toString());
msg = String.format("Updating Docker hosts ...");
notifyProgress(descriptionTask, startDate, null, 50, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Refreshing docker hosts: " + new Date().toString());
// dockerManager.refreshDockerHostDetails();
vm = azureClient.virtualMachines().getByResourceGroup(dockerImageInstance.host.hostVM.resourceGroupName, dockerImageInstance.host.hostVM.name);
if (vm != null) {
DockerHost updatedHost = AzureDockerVMOps.getDockerHost(vm, dockerManager.getDockerVaultsMap());
if (updatedHost != null) {
updatedHost.sid = dockerImageInstance.host.sid;
updatedHost.hostVM.sid = dockerImageInstance.host.hostVM.sid;
if (updatedHost.certVault == null) {
updatedHost.certVault = dockerImageInstance.host.certVault;
updatedHost.hasPwdLogIn = dockerImageInstance.host.hasPwdLogIn;
updatedHost.hasSSHLogIn = dockerImageInstance.host.hasSSHLogIn;
updatedHost.isTLSSecured = dockerImageInstance.host.isTLSSecured;
}
dockerManager.addDockerHostDetails(updatedHost);
if (AzureUIRefreshCore.listeners != null) {
AzureUIRefreshCore.execute(new AzureUIRefreshEvent(AzureUIRefreshEvent.EventType.ADD, updatedHost));
}
}
}
if (AzureDockerUtils.DEBUG)
System.out.println("Done refreshing Docker hosts: " + new Date().toString());
if (AzureDockerUtils.DEBUG)
System.out.println("Finished setting up Docker host");
} else {
msg = String.format("Using virtual machine %s ...", dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 50, msg);
}
if (dockerImageInstance.host.session == null) {
if (AzureDockerUtils.DEBUG)
System.out.println("Opening a remote connection to the Docker host: " + new Date().toString());
dockerImageInstance.host.session = AzureDockerSSHOps.createLoginInstance(dockerImageInstance.host);
if (AzureDockerUtils.DEBUG)
System.out.println("Done opening a remote connection to the Docker host: " + new Date().toString());
}
if (dockerImageInstance.hasNewDockerHost) {
if (dockerImageInstance.host.certVault != null && dockerImageInstance.host.certVault.hostName != null) {
AzureDockerUIResources.createDockerKeyVault(null, dockerImageInstance.host, dockerManager);
}
}
msg = String.format("Uploading Dockerfile and artifact %s on %s ...", dockerImageInstance.artifactName, dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 60, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Uploading Dockerfile and artifact: " + new Date().toString());
AzureDockerVMOps.uploadDockerfileAndArtifact(dockerImageInstance, dockerImageInstance.host.session);
if (AzureDockerUtils.DEBUG)
System.out.println("Uploading Dockerfile and artifact: " + new Date().toString());
msg = String.format("Creating Docker image %s on %s ...", dockerImageInstance.dockerImageName, dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 80, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Creating a Docker image to the Docker host: " + new Date().toString());
AzureDockerImageOps.create(dockerImageInstance, dockerImageInstance.host.session);
if (AzureDockerUtils.DEBUG)
System.out.println("Done creating a Docker image to the Docker host: " + new Date().toString());
msg = String.format("Creating Docker container %s for image %s on %s ...", dockerImageInstance.dockerContainerName, dockerImageInstance.dockerImageName, dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 90, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Creating a Docker container to the Docker host: " + new Date().toString());
AzureDockerContainerOps.create(dockerImageInstance, dockerImageInstance.host.session);
if (AzureDockerUtils.DEBUG)
System.out.println("Done creating a Docker container to the Docker host: " + new Date().toString());
msg = String.format("Starting Docker container %s for image %s on %s ...", dockerImageInstance.dockerContainerName, dockerImageInstance.dockerImageName, dockerImageInstance.host.name);
notifyProgress(descriptionTask, startDate, null, 95, msg);
if (AzureDockerUtils.DEBUG)
System.out.println("Starting a Docker container to the Docker host: " + new Date().toString());
AzureDockerContainerOps.start(dockerImageInstance, dockerImageInstance.host.session);
if (AzureDockerUtils.DEBUG)
System.out.println("Done starting a Docker container to the Docker host: " + new Date().toString());
notifyProgress(descriptionTask, startDate, url, 100, message("runStatus"), dockerImageInstance.host.name);
} catch (InterruptedException e) {
postEventProperties.put("PublishInterruptedError", e.getMessage());
notifyProgress(descriptionTask, startDate, url, 100, message("runStatus"), dockerImageInstance.host.name);
} catch (Exception ee) {
postEventProperties.put("PublishError", ee.getMessage());
notifyProgress(descriptionTask, startDate, url, 100, "Error: %s", ee.getMessage());
}
AppInsightsClient.createByType(AppInsightsClient.EventType.DockerContainer, null, "Deploy", postEventProperties);
}
Also used :
Azure(com.microsoft.azure.management.Azure)
AzureManager(com.microsoft.azuretools.sdkmanage.AzureManager)
HashMap(java.util.HashMap)
KeyVaultClient(com.microsoft.azure.keyvault.KeyVaultClient)
AzureUIRefreshEvent(com.microsoft.azuretools.utils.AzureUIRefreshEvent)
Date(java.util.Date)
MalformedURLException(java.net.MalformedURLException)
DockerHost(com.microsoft.azure.docker.model.DockerHost)
AzureDockerHostsManager(com.microsoft.azure.docker.AzureDockerHostsManager)
File(java.io.File)
VirtualMachine(com.microsoft.azure.management.compute.VirtualMachine)
Aggregations
KeyVaultClient (com.microsoft.azure.keyvault.KeyVaultClient)4
Azure (com.microsoft.azure.management.Azure)4
AzureDockerCertVault (com.microsoft.azure.docker.model.AzureDockerCertVault)3
Date (java.util.Date)3
HashMap (java.util.HashMap)2
ProgressIndicator (com.intellij.openapi.progress.ProgressIndicator)1
Task (com.intellij.openapi.progress.Task)1
JSch (com.jcraft.jsch.JSch)1
KeyPair (com.jcraft.jsch.KeyPair)1
CloudException (com.microsoft.azure.CloudException)1
AzureDockerHostsManager (com.microsoft.azure.docker.AzureDockerHostsManager)1
AzureDockerException (com.microsoft.azure.docker.model.AzureDockerException)1
DockerHost (com.microsoft.azure.docker.model.DockerHost)1
AzureDockerUtils (com.microsoft.azure.docker.ops.utils.AzureDockerUtils)1
DEBUG (com.microsoft.azure.docker.ops.utils.AzureDockerUtils.DEBUG)1
SecretBundle (com.microsoft.azure.keyvault.models.SecretBundle)1
SetSecretRequest (com.microsoft.azure.keyvault.requests.SetSecretRequest)1
VirtualMachine (com.microsoft.azure.management.compute.VirtualMachine)1
SecretPermissions (com.microsoft.azure.management.keyvault.SecretPermissions)1
Vault (com.microsoft.azure.management.keyvault.Vault)1
