Example 6 with Pipeline
use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class PipelineTemplateController method update.
@RequestMapping(value = "{id}", method = RequestMethod.PUT)
PipelineTemplate update(@PathVariable String id, @RequestBody PipelineTemplate pipelineTemplate) {
PipelineTemplate existingPipelineTemplate = getPipelineTemplateDAO().findById(id);
if (!pipelineTemplate.getId().equals(existingPipelineTemplate.getId())) {
throw new InvalidRequestException("The provided id " + id + " doesn't match the pipeline template id " + pipelineTemplate.getId());
}
pipelineTemplate.setLastModified(System.currentTimeMillis());
getPipelineTemplateDAO().update(id, pipelineTemplate);
return pipelineTemplate;
}
Also used :
InvalidRequestException(com.netflix.spinnaker.front50.exceptions.InvalidRequestException)
PipelineTemplate(com.netflix.spinnaker.front50.model.pipeline.PipelineTemplate)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 7 with Pipeline
use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class V2PipelineTemplateController method computeSHA256Digest.
@VisibleForTesting
public String computeSHA256Digest(PipelineTemplate pipelineTemplate) {
Map<String, Object> sortedMap = (Map<String, Object>) sortObjectRecursive(pipelineTemplate);
try {
String jsonPayload = objectMapper.writeValueAsString(sortedMap).replaceAll("\\s+", "");
MessageDigest digest = MessageDigest.getInstance("SHA-256");
byte[] hashBytes = digest.digest(jsonPayload.getBytes(StandardCharsets.UTF_8));
return Hex.encodeHexString(hashBytes);
} catch (NoSuchAlgorithmException | JsonProcessingException e) {
throw new InvalidRequestException(String.format("Computing digest for pipeline template %s failed. Nested exception is %s", pipelineTemplate.undecoratedId(), e));
}
}
Also used :
InvalidRequestException(com.netflix.spinnaker.front50.exceptions.InvalidRequestException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
MessageDigest(java.security.MessageDigest)
Map(java.util.Map)
TreeMap(java.util.TreeMap)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Example 8 with Pipeline
use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class SharedManagedServiceAccountsMigration method migrate.
private void migrate(Pipeline pipeline, Map<String, ServiceAccount> serviceAccounts) {
log.info("Starting migration of pipeline '{}' with id '{}' for application '{}'", value("pipelineName", pipeline.getName()), value("application", pipeline.getApplication()), value("pipelineId", pipeline.getId()));
Set<String> newRoles = new HashSet<>();
List<String> existingRoles = (List) pipeline.getRoles();
if (existingRoles != null) {
existingRoles.stream().map(String::toLowerCase).forEach(newRoles::add);
}
List<Trigger> triggers = pipeline.getTriggers();
triggers.forEach(trigger -> {
String runAsUser = (String) trigger.get(RUN_AS_USER);
if (hasManagedServiceAccountUser(runAsUser)) {
ServiceAccount managedServiceAccount = serviceAccounts.get(runAsUser);
if (managedServiceAccount != null && !managedServiceAccount.getMemberOf().isEmpty()) {
managedServiceAccount.getMemberOf().stream().map(String::toLowerCase).forEach(newRoles::add);
}
}
});
String sharedManagedServiceAccountName = generatedSharedManagedServiceAccountName(newRoles);
ServiceAccount sharedManagedServiceAccount = new ServiceAccount();
sharedManagedServiceAccount.setName(sharedManagedServiceAccountName);
triggers.forEach(trigger -> {
String runAsUser = (String) trigger.get(RUN_AS_USER);
log.info("Replacing '{}' with automatic service user '{}' (application: '{}', pipelineName: '{}', " + "pipelineId: '{}')", value("oldServiceUser", runAsUser), value("newServiceUser", sharedManagedServiceAccountName), value("application", pipeline.getApplication()), value("pipelineName", pipeline.getName()), value("pipelineId", pipeline.getId()));
trigger.put(RUN_AS_USER, sharedManagedServiceAccountName);
});
log.info("Creating service user '{}' wih roles {}", sharedManagedServiceAccountName, newRoles);
sharedManagedServiceAccount.getMemberOf().addAll(newRoles);
pipeline.setRoles(new ArrayList(newRoles));
pipeline.setTriggers(triggers);
serviceAccountDAO.create(sharedManagedServiceAccount.getId(), sharedManagedServiceAccount);
pipelineDAO.update(pipeline.getId(), pipeline);
}Example 9 with Pipeline
use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class SpelLoadBalancersMigration method run.
public void run() {
log.info("Starting spelLoadBalancers migration");
Collection<Pipeline> pipelines = pipelineDAO.all();
int migratedCount = 0;
int failureCount = 0;
for (Pipeline pipeline : pipelines) {
try {
if (migrate(pipeline)) {
migratedCount++;
}
} catch (Exception e) {
log.error("Failed to migrate pipeline {} ({}) for {} spelLoadBalancersMigration", pipeline.getName(), pipeline.getId(), pipeline.getApplication(), e);
failureCount++;
}
}
log.info("Done with spelLoadBalancers migration (migrated {} pipelines; {} failed to migrate)", migratedCount, failureCount);
}
Also used :
Pipeline(com.netflix.spinnaker.front50.api.model.pipeline.Pipeline)
Example 10 with Pipeline
use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class ReorderPipelinesController method handlePipelineReorder.
private void handlePipelineReorder(Map<String, Object> requestBody, ItemDAO<Pipeline> pipelineItemDAO) {
String application = (String) requestBody.get("application");
Map<String, Integer> idsToIndices = (Map<String, Integer>) requestBody.get("idsToIndices");
if (application == null) {
throw new InvalidRequestException("`application` is required field on request body");
}
if (idsToIndices == null) {
throw new InvalidRequestException("`idsToIndices` is required field on request body");
}
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (!fiatPermissionEvaluator.storeWholePermission() && !fiatPermissionEvaluator.hasPermission(auth, application, "APPLICATION", "WRITE")) {
throw new InvalidRequestException("Application write permission is required to reorder pipelines");
}
for (String id : idsToIndices.keySet()) {
Pipeline pipeline = pipelineItemDAO.findById(id);
if (pipeline == null) {
throw new NotFoundException(String.format("No pipeline of id %s found", id));
}
if (!pipeline.getApplication().equals(application)) {
throw new InvalidRequestException(String.format("Pipeline with id %s does not belong to application %s", id, application));
}
pipeline.setIndex(idsToIndices.get(id));
pipelineItemDAO.update(id, pipeline);
}
}
Also used :
Authentication(org.springframework.security.core.Authentication)
NotFoundException(com.netflix.spinnaker.kork.web.exceptions.NotFoundException)
InvalidRequestException(com.netflix.spinnaker.front50.exceptions.InvalidRequestException)
Map(java.util.Map)
Pipeline(com.netflix.spinnaker.front50.api.model.pipeline.Pipeline)
Aggregations
Pipeline (com.netflix.spinnaker.front50.api.model.pipeline.Pipeline)9
InvalidRequestException (com.netflix.spinnaker.front50.exceptions.InvalidRequestException)7
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5
NotFoundException (com.netflix.spinnaker.kork.web.exceptions.NotFoundException)4
ArrayList (java.util.ArrayList)4
VisibleForTesting (com.google.common.annotations.VisibleForTesting)3
BadRequestException (com.netflix.spinnaker.front50.exception.BadRequestException)3
DuplicateEntityException (com.netflix.spinnaker.front50.exceptions.DuplicateEntityException)3
InvalidEntityException (com.netflix.spinnaker.front50.exceptions.InvalidEntityException)3
PipelineTemplate (com.netflix.spinnaker.front50.model.pipeline.PipelineTemplate)3
PipelineTemplateDAO (com.netflix.spinnaker.front50.model.pipeline.PipelineTemplateDAO)3
TemplateConfiguration (com.netflix.spinnaker.front50.model.pipeline.TemplateConfiguration)3
List (java.util.List)3
Map (java.util.Map)3
Collectors (java.util.stream.Collectors)3
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)3
JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)2
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2
TYPE_TEMPLATED (com.netflix.spinnaker.front50.api.model.pipeline.Pipeline.TYPE_TEMPLATED)2
PipelineDAO (com.netflix.spinnaker.front50.model.pipeline.PipelineDAO)2
