Example 21 with Account
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class DCOSAccountValidator method validate.
@Override
public void validate(final ConfigProblemSetBuilder problems, final DCOSAccount account) {
DeploymentConfiguration deploymentConfiguration;
/**
* I have copied
* the code
* that was in
* the KubernetesAccountValidator
*
* and which
* you were planning
* to refactor
* with filters
*
* Forgive me
* It did the job
* And I was lazy
* so very lazy
*/
// TODO(lwander) this is still a little messy - I should use the filters to get the necessary docker account
Node parent = account.getParent();
while (!(parent instanceof DeploymentConfiguration)) {
// Note this will crash in the above check if the halconfig representation is corrupted
// (that's ok, because it indicates a more serious error than we want to validate).
parent = parent.getParent();
}
deploymentConfiguration = (DeploymentConfiguration) parent;
validateClusters(problems, account);
if (account.getClusters().isEmpty()) {
problems.addProblem(ERROR, "Account does not have any clusters configured").setRemediation("Edit the account with either --update-user-credential or --update-service-credential");
}
final List<String> dockerRegistryNames = account.getDockerRegistries().stream().map(DockerRegistryReference::getAccountName).collect(Collectors.toList());
validateDockerRegistries(problems, deploymentConfiguration, dockerRegistryNames, Provider.ProviderType.DCOS);
}
Also used :
Node(com.netflix.spinnaker.halyard.config.model.v1.node.Node)
DeploymentConfiguration(com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)
Example 22 with Account
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class GoogleBakeryDefaultsValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder p, GoogleBakeryDefaults n) {
DaemonTaskHandler.message("Validating " + n.getNodeName() + " with " + GoogleBakeryDefaultsValidator.class.getSimpleName());
String zone = n.getZone();
String network = n.getNetwork();
String networkProjectId = n.getNetworkProjectId();
List<GoogleBaseImage> baseImages = n.getBaseImages();
if (StringUtils.isEmpty(zone) && StringUtils.isEmpty(network) && CollectionUtils.isEmpty(baseImages)) {
return;
} else if (CollectionUtils.isEmpty(credentialsList)) {
return;
}
if (StringUtils.isEmpty(zone)) {
p.addProblem(Problem.Severity.ERROR, "No zone supplied for google bakery defaults.");
} else {
int i = 0;
boolean foundZone = false;
while (!foundZone && i < credentialsList.size()) {
GoogleNamedAccountCredentials credentials = credentialsList.get(i);
try {
credentials.getCompute().zones().get(credentials.getProject(), zone).execute();
foundZone = true;
} catch (Exception e) {
}
i++;
}
if (!foundZone) {
p.addProblem(Problem.Severity.ERROR, "Zone " + zone + " not found via any configured google account.");
}
}
if (StringUtils.isEmpty(network)) {
p.addProblem(Problem.Severity.ERROR, "No network supplied for google bakery defaults.");
} else {
int j = 0;
boolean foundNetwork = false;
while (!foundNetwork && j < credentialsList.size()) {
GoogleNamedAccountCredentials credentials = credentialsList.get(j);
try {
String project = !StringUtils.isEmpty(networkProjectId) ? networkProjectId : credentials.getProject();
credentials.getCompute().networks().get(project, network).execute();
foundNetwork = true;
} catch (Exception e) {
}
j++;
}
if (!foundNetwork) {
p.addProblem(Problem.Severity.ERROR, "Network " + network + " not found via any configured google account.");
}
}
GoogleBaseImageValidator googleBaseImageValidator = new GoogleBaseImageValidator(credentialsList, halyardVersion);
baseImages.forEach(googleBaseImage -> googleBaseImageValidator.validate(p, googleBaseImage));
}
Also used :
GoogleBaseImage(com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleBaseImage)
GoogleNamedAccountCredentials(com.netflix.spinnaker.clouddriver.google.security.GoogleNamedAccountCredentials)
Example 23 with Account
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class OpenstackAccountValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder psBuilder, OpenstackAccount account) {
DaemonTaskHandler.message("Validating " + account.getNodeName() + " with " + OpenstackAccountValidator.class.getSimpleName());
String environment = account.getEnvironment();
String accountType = account.getAccountType();
String username = account.getUsername();
String password = account.getPassword();
String projectName = account.getPassword();
String domainName = account.getDomainName();
String authUrl = account.getAuthUrl();
List<String> regions = account.getRegions();
Boolean insecure = account.getInsecure();
String heatTemplateLocation = account.getHeatTemplateLocation();
OpenstackAccount.OpenstackLbaasOptions lbaas = account.getLbaas();
ConsulConfig consulConfig = new ConsulConfig();
String userDataFile = account.getUserDataFile();
if (StringUtils.isEmpty(environment)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide an environment name");
}
if (StringUtils.isEmpty(password) || StringUtils.isEmpty(username)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a both a username and a password");
}
if (StringUtils.isEmpty(projectName)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a project name");
}
if (!StringUtils.endsWith(authUrl, "/v3")) {
psBuilder.addProblem(Problem.Severity.WARNING, "You must use Keystone v3. The default auth url will be of the format IP:5000/v3.");
}
if (StringUtils.isEmpty(domainName)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a domain name");
}
if (regions.size() == 0 || StringUtils.isEmpty(regions.get(0))) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide one region");
}
if (insecure) {
psBuilder.addProblem(Problem.Severity.WARNING, "You've chosen to not validate SSL connections. This setup is not recommended in production deployments.");
}
if (heatTemplateLocation != null && heatTemplateLocation.isEmpty()) {
psBuilder.addProblem(Problem.Severity.ERROR, "Not a valid Heat template location: ''");
}
if (lbaas.getPollInterval() < 0) {
psBuilder.addProblem(Problem.Severity.ERROR, "Poll interval cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 5.");
}
if (lbaas.getPollTimeout() < 0) {
psBuilder.addProblem(Problem.Severity.ERROR, "Poll timeout cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 60.");
}
boolean userDataProvided = userDataFile != null && !userDataFile.isEmpty();
if (userDataProvided) {
String resolvedUserData = ValidatingFileReader.contents(psBuilder, userDataFile);
if (resolvedUserData == null) {
return;
} else if (resolvedUserData.isEmpty()) {
psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file is empty.").setRemediation("Please provide a non empty file, or remove the user data file.");
}
List<String> validTokens = Arrays.asList("account", "accounttype", "env", "region", "group", "autogrp", "cluster", "stack", "detail", "launchconfig");
List<String> tokens = Arrays.asList(StringUtils.substringsBetween(resolvedUserData, "%%", "%%"));
List<String> invalidTokens = tokens.stream().filter(t -> !validTokens.contains(t)).collect(Collectors.toList());
if (invalidTokens.size() != 0) {
psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file contains tokens that won't be replaced. " + "Tokens \"" + StringUtils.join(invalidTokens, ", ") + "\" are not supported.").setRemediation("Please use only the supported tokens \"" + StringUtils.join(validTokens, ", ") + "\".");
}
}
OpenstackConfigurationProperties.LbaasConfig lbaasConfig = new OpenstackConfigurationProperties.LbaasConfig();
lbaasConfig.setPollInterval(lbaas.getPollInterval());
lbaasConfig.setPollTimeout(lbaas.getPollTimeout());
try {
OpenstackNamedAccountCredentials openstackCredentials = new OpenstackNamedAccountCredentials.Builder().name(account.getName()).environment(environment).accountType(accountType).authUrl(authUrl).username(username).password(password).projectName(projectName).domainName(domainName).regions(regions).insecure(insecure).heatTemplateLocation(heatTemplateLocation).consulConfig(consulConfig).lbaasConfig(lbaasConfig).userDataFile(userDataFile).build();
credentialsList.add(openstackCredentials);
// TODO(emjburns) verify that these credentials can connect w/o error to the openstack instance
} catch (Exception e) {
psBuilder.addProblem(Problem.Severity.ERROR, "Failed to instantiate openstack credentials for account \"" + account.getName() + "\".");
}
}
Also used :
OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials)
Arrays(java.util.Arrays)
OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties)
OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)
EqualsAndHashCode(lombok.EqualsAndHashCode)
ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder)
StringUtils(org.apache.commons.lang3.StringUtils)
Collectors(java.util.stream.Collectors)
DaemonTaskHandler(com.netflix.spinnaker.halyard.core.tasks.v1.DaemonTaskHandler)
ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig)
List(java.util.List)
Validator(com.netflix.spinnaker.halyard.config.model.v1.node.Validator)
Data(lombok.Data)
Problem(com.netflix.spinnaker.halyard.core.problem.v1.Problem)
ValidatingFileReader(com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader)
ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig)
OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties)
OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials)
OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)
Example 24 with Account
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class AccountService method addAccount.
public void addAccount(String deploymentName, String providerName, Account newAccount) {
Provider provider = providerService.getProvider(deploymentName, providerName);
provider.getAccounts().add(newAccount);
}
Also used :
Provider(com.netflix.spinnaker.halyard.config.model.v1.node.Provider)
Example 25 with Account
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class AccountService method getAllAccounts.
public List<Account> getAllAccounts(String deploymentName, String providerName) {
NodeFilter filter = new NodeFilter().setDeployment(deploymentName).setProvider(providerName).withAnyAccount();
List<Account> matchingAccounts = lookupService.getMatchingNodesOfType(filter, Account.class);
if (matchingAccounts.size() == 0) {
throw new ConfigNotFoundException(new ConfigProblemBuilder(Severity.FATAL, "No accounts could be found").build());
} else {
return matchingAccounts;
}
}
Also used :
Account(com.netflix.spinnaker.halyard.config.model.v1.node.Account)
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
ConfigNotFoundException(com.netflix.spinnaker.halyard.config.error.v1.ConfigNotFoundException)
NodeFilter(com.netflix.spinnaker.halyard.config.model.v1.node.NodeFilter)
Aggregations
Account (com.netflix.spinnaker.halyard.config.model.v1.node.Account)19
List (java.util.List)13
Provider (com.netflix.spinnaker.halyard.config.model.v1.node.Provider)11
KubernetesAccount (com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesAccount)11
HalException (com.netflix.spinnaker.halyard.core.error.v1.HalException)11
Collectors (java.util.stream.Collectors)10
DeploymentConfiguration (com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)9
ConfigProblemBuilder (com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)8
ArrayList (java.util.ArrayList)8
AbstractCanaryAccount (com.netflix.spinnaker.halyard.config.model.v1.canary.AbstractCanaryAccount)7
Path (java.nio.file.Path)7
OperationHandler (com.netflix.spinnaker.halyard.cli.services.v1.OperationHandler)6
ArtifactAccount (com.netflix.spinnaker.halyard.config.model.v1.node.ArtifactAccount)6
DockerRegistryReference (com.netflix.spinnaker.halyard.config.model.v1.providers.containers.DockerRegistryReference)6
GoogleAccount (com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleAccount)6
UpdateRequestBuilder (com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder)6
ServiceSettings (com.netflix.spinnaker.halyard.deploy.spinnaker.v1.service.ServiceSettings)6
IOException (java.io.IOException)5
Collections (java.util.Collections)5
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5
