Search in sources :

Example 6 with Pipeline

use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.

the class PipelineTemplateController method update.

@RequestMapping(value = "{id}", method = RequestMethod.PUT)
PipelineTemplate update(@PathVariable String id, @RequestBody PipelineTemplate pipelineTemplate) {
    PipelineTemplate existingPipelineTemplate = getPipelineTemplateDAO().findById(id);
    if (!pipelineTemplate.getId().equals(existingPipelineTemplate.getId())) {
        throw new InvalidRequestException("The provided id " + id + " doesn't match the pipeline template id " + pipelineTemplate.getId());
    }
    pipelineTemplate.setLastModified(System.currentTimeMillis());
    getPipelineTemplateDAO().update(id, pipelineTemplate);
    return pipelineTemplate;
}
Also used : InvalidRequestException(com.netflix.spinnaker.front50.exceptions.InvalidRequestException) PipelineTemplate(com.netflix.spinnaker.front50.model.pipeline.PipelineTemplate) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 7 with Pipeline

use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.

the class V2PipelineTemplateController method computeSHA256Digest.

@VisibleForTesting
public String computeSHA256Digest(PipelineTemplate pipelineTemplate) {
    Map<String, Object> sortedMap = (Map<String, Object>) sortObjectRecursive(pipelineTemplate);
    try {
        String jsonPayload = objectMapper.writeValueAsString(sortedMap).replaceAll("\\s+", "");
        MessageDigest digest = MessageDigest.getInstance("SHA-256");
        byte[] hashBytes = digest.digest(jsonPayload.getBytes(StandardCharsets.UTF_8));
        return Hex.encodeHexString(hashBytes);
    } catch (NoSuchAlgorithmException | JsonProcessingException e) {
        throw new InvalidRequestException(String.format("Computing digest for pipeline template %s failed. Nested exception is %s", pipelineTemplate.undecoratedId(), e));
    }
}
Also used : InvalidRequestException(com.netflix.spinnaker.front50.exceptions.InvalidRequestException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) MessageDigest(java.security.MessageDigest) Map(java.util.Map) TreeMap(java.util.TreeMap) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) VisibleForTesting(com.google.common.annotations.VisibleForTesting)

Example 8 with Pipeline

use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.

the class SharedManagedServiceAccountsMigration method migrate.

private void migrate(Pipeline pipeline, Map<String, ServiceAccount> serviceAccounts) {
    log.info("Starting migration of pipeline '{}' with id '{}' for application '{}'", value("pipelineName", pipeline.getName()), value("application", pipeline.getApplication()), value("pipelineId", pipeline.getId()));
    Set<String> newRoles = new HashSet<>();
    List<String> existingRoles = (List) pipeline.getRoles();
    if (existingRoles != null) {
        existingRoles.stream().map(String::toLowerCase).forEach(newRoles::add);
    }
    List<Trigger> triggers = pipeline.getTriggers();
    triggers.forEach(trigger -> {
        String runAsUser = (String) trigger.get(RUN_AS_USER);
        if (hasManagedServiceAccountUser(runAsUser)) {
            ServiceAccount managedServiceAccount = serviceAccounts.get(runAsUser);
            if (managedServiceAccount != null && !managedServiceAccount.getMemberOf().isEmpty()) {
                managedServiceAccount.getMemberOf().stream().map(String::toLowerCase).forEach(newRoles::add);
            }
        }
    });
    String sharedManagedServiceAccountName = generatedSharedManagedServiceAccountName(newRoles);
    ServiceAccount sharedManagedServiceAccount = new ServiceAccount();
    sharedManagedServiceAccount.setName(sharedManagedServiceAccountName);
    triggers.forEach(trigger -> {
        String runAsUser = (String) trigger.get(RUN_AS_USER);
        log.info("Replacing '{}' with automatic service user '{}' (application: '{}', pipelineName: '{}', " + "pipelineId: '{}')", value("oldServiceUser", runAsUser), value("newServiceUser", sharedManagedServiceAccountName), value("application", pipeline.getApplication()), value("pipelineName", pipeline.getName()), value("pipelineId", pipeline.getId()));
        trigger.put(RUN_AS_USER, sharedManagedServiceAccountName);
    });
    log.info("Creating service user '{}' wih roles {}", sharedManagedServiceAccountName, newRoles);
    sharedManagedServiceAccount.getMemberOf().addAll(newRoles);
    pipeline.setRoles(new ArrayList(newRoles));
    pipeline.setTriggers(triggers);
    serviceAccountDAO.create(sharedManagedServiceAccount.getId(), sharedManagedServiceAccount);
    pipelineDAO.update(pipeline.getId(), pipeline);
}
Also used : ServiceAccount(com.netflix.spinnaker.front50.model.serviceaccount.ServiceAccount) Trigger(com.netflix.spinnaker.front50.api.model.pipeline.Trigger) ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) HashSet(java.util.HashSet)

Example 9 with Pipeline

use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.

the class SpelLoadBalancersMigration method run.

public void run() {
    log.info("Starting spelLoadBalancers migration");
    Collection<Pipeline> pipelines = pipelineDAO.all();
    int migratedCount = 0;
    int failureCount = 0;
    for (Pipeline pipeline : pipelines) {
        try {
            if (migrate(pipeline)) {
                migratedCount++;
            }
        } catch (Exception e) {
            log.error("Failed to migrate pipeline {} ({}) for {} spelLoadBalancersMigration", pipeline.getName(), pipeline.getId(), pipeline.getApplication(), e);
            failureCount++;
        }
    }
    log.info("Done with spelLoadBalancers migration (migrated {} pipelines; {} failed to migrate)", migratedCount, failureCount);
}
Also used : Pipeline(com.netflix.spinnaker.front50.api.model.pipeline.Pipeline)

Example 10 with Pipeline

use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.

the class ReorderPipelinesController method handlePipelineReorder.

private void handlePipelineReorder(Map<String, Object> requestBody, ItemDAO<Pipeline> pipelineItemDAO) {
    String application = (String) requestBody.get("application");
    Map<String, Integer> idsToIndices = (Map<String, Integer>) requestBody.get("idsToIndices");
    if (application == null) {
        throw new InvalidRequestException("`application` is required field on request body");
    }
    if (idsToIndices == null) {
        throw new InvalidRequestException("`idsToIndices` is required field on request body");
    }
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (!fiatPermissionEvaluator.storeWholePermission() && !fiatPermissionEvaluator.hasPermission(auth, application, "APPLICATION", "WRITE")) {
        throw new InvalidRequestException("Application write permission is required to reorder pipelines");
    }
    for (String id : idsToIndices.keySet()) {
        Pipeline pipeline = pipelineItemDAO.findById(id);
        if (pipeline == null) {
            throw new NotFoundException(String.format("No pipeline of id %s found", id));
        }
        if (!pipeline.getApplication().equals(application)) {
            throw new InvalidRequestException(String.format("Pipeline with id %s does not belong to application %s", id, application));
        }
        pipeline.setIndex(idsToIndices.get(id));
        pipelineItemDAO.update(id, pipeline);
    }
}
Also used : Authentication(org.springframework.security.core.Authentication) NotFoundException(com.netflix.spinnaker.kork.web.exceptions.NotFoundException) InvalidRequestException(com.netflix.spinnaker.front50.exceptions.InvalidRequestException) Map(java.util.Map) Pipeline(com.netflix.spinnaker.front50.api.model.pipeline.Pipeline)

Aggregations

Pipeline (com.netflix.spinnaker.front50.api.model.pipeline.Pipeline)9 InvalidRequestException (com.netflix.spinnaker.front50.exceptions.InvalidRequestException)7 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5 NotFoundException (com.netflix.spinnaker.kork.web.exceptions.NotFoundException)4 ArrayList (java.util.ArrayList)4 VisibleForTesting (com.google.common.annotations.VisibleForTesting)3 BadRequestException (com.netflix.spinnaker.front50.exception.BadRequestException)3 DuplicateEntityException (com.netflix.spinnaker.front50.exceptions.DuplicateEntityException)3 InvalidEntityException (com.netflix.spinnaker.front50.exceptions.InvalidEntityException)3 PipelineTemplate (com.netflix.spinnaker.front50.model.pipeline.PipelineTemplate)3 PipelineTemplateDAO (com.netflix.spinnaker.front50.model.pipeline.PipelineTemplateDAO)3 TemplateConfiguration (com.netflix.spinnaker.front50.model.pipeline.TemplateConfiguration)3 List (java.util.List)3 Map (java.util.Map)3 Collectors (java.util.stream.Collectors)3 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)3 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)2 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 TYPE_TEMPLATED (com.netflix.spinnaker.front50.api.model.pipeline.Pipeline.TYPE_TEMPLATED)2 PipelineDAO (com.netflix.spinnaker.front50.model.pipeline.PipelineDAO)2