Search in sources :

Example 21 with Account

use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.

the class DCOSAccountValidator method validate.

@Override
public void validate(final ConfigProblemSetBuilder problems, final DCOSAccount account) {
    DeploymentConfiguration deploymentConfiguration;
    /**
     * I have copied
     * the code
     * that was in
     * the KubernetesAccountValidator
     *
     * and which
     * you were planning
     * to refactor
     * with filters
     *
     * Forgive me
     * It did the job
     * And I was lazy
     * so very lazy
     */
    // TODO(lwander) this is still a little messy - I should use the filters to get the necessary docker account
    Node parent = account.getParent();
    while (!(parent instanceof DeploymentConfiguration)) {
        // Note this will crash in the above check if the halconfig representation is corrupted
        // (that's ok, because it indicates a more serious error than we want to validate).
        parent = parent.getParent();
    }
    deploymentConfiguration = (DeploymentConfiguration) parent;
    validateClusters(problems, account);
    if (account.getClusters().isEmpty()) {
        problems.addProblem(ERROR, "Account does not have any clusters configured").setRemediation("Edit the account with either --update-user-credential or --update-service-credential");
    }
    final List<String> dockerRegistryNames = account.getDockerRegistries().stream().map(DockerRegistryReference::getAccountName).collect(Collectors.toList());
    validateDockerRegistries(problems, deploymentConfiguration, dockerRegistryNames, Provider.ProviderType.DCOS);
}
Also used : Node(com.netflix.spinnaker.halyard.config.model.v1.node.Node) DeploymentConfiguration(com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)

Example 22 with Account

use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.

the class GoogleBakeryDefaultsValidator method validate.

@Override
public void validate(ConfigProblemSetBuilder p, GoogleBakeryDefaults n) {
    DaemonTaskHandler.message("Validating " + n.getNodeName() + " with " + GoogleBakeryDefaultsValidator.class.getSimpleName());
    String zone = n.getZone();
    String network = n.getNetwork();
    String networkProjectId = n.getNetworkProjectId();
    List<GoogleBaseImage> baseImages = n.getBaseImages();
    if (StringUtils.isEmpty(zone) && StringUtils.isEmpty(network) && CollectionUtils.isEmpty(baseImages)) {
        return;
    } else if (CollectionUtils.isEmpty(credentialsList)) {
        return;
    }
    if (StringUtils.isEmpty(zone)) {
        p.addProblem(Problem.Severity.ERROR, "No zone supplied for google bakery defaults.");
    } else {
        int i = 0;
        boolean foundZone = false;
        while (!foundZone && i < credentialsList.size()) {
            GoogleNamedAccountCredentials credentials = credentialsList.get(i);
            try {
                credentials.getCompute().zones().get(credentials.getProject(), zone).execute();
                foundZone = true;
            } catch (Exception e) {
            }
            i++;
        }
        if (!foundZone) {
            p.addProblem(Problem.Severity.ERROR, "Zone " + zone + " not found via any configured google account.");
        }
    }
    if (StringUtils.isEmpty(network)) {
        p.addProblem(Problem.Severity.ERROR, "No network supplied for google bakery defaults.");
    } else {
        int j = 0;
        boolean foundNetwork = false;
        while (!foundNetwork && j < credentialsList.size()) {
            GoogleNamedAccountCredentials credentials = credentialsList.get(j);
            try {
                String project = !StringUtils.isEmpty(networkProjectId) ? networkProjectId : credentials.getProject();
                credentials.getCompute().networks().get(project, network).execute();
                foundNetwork = true;
            } catch (Exception e) {
            }
            j++;
        }
        if (!foundNetwork) {
            p.addProblem(Problem.Severity.ERROR, "Network " + network + " not found via any configured google account.");
        }
    }
    GoogleBaseImageValidator googleBaseImageValidator = new GoogleBaseImageValidator(credentialsList, halyardVersion);
    baseImages.forEach(googleBaseImage -> googleBaseImageValidator.validate(p, googleBaseImage));
}
Also used : GoogleBaseImage(com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleBaseImage) GoogleNamedAccountCredentials(com.netflix.spinnaker.clouddriver.google.security.GoogleNamedAccountCredentials)

Example 23 with Account

use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.

the class OpenstackAccountValidator method validate.

@Override
public void validate(ConfigProblemSetBuilder psBuilder, OpenstackAccount account) {
    DaemonTaskHandler.message("Validating " + account.getNodeName() + " with " + OpenstackAccountValidator.class.getSimpleName());
    String environment = account.getEnvironment();
    String accountType = account.getAccountType();
    String username = account.getUsername();
    String password = account.getPassword();
    String projectName = account.getPassword();
    String domainName = account.getDomainName();
    String authUrl = account.getAuthUrl();
    List<String> regions = account.getRegions();
    Boolean insecure = account.getInsecure();
    String heatTemplateLocation = account.getHeatTemplateLocation();
    OpenstackAccount.OpenstackLbaasOptions lbaas = account.getLbaas();
    ConsulConfig consulConfig = new ConsulConfig();
    String userDataFile = account.getUserDataFile();
    if (StringUtils.isEmpty(environment)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide an environment name");
    }
    if (StringUtils.isEmpty(password) || StringUtils.isEmpty(username)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a both a username and a password");
    }
    if (StringUtils.isEmpty(projectName)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a project name");
    }
    if (!StringUtils.endsWith(authUrl, "/v3")) {
        psBuilder.addProblem(Problem.Severity.WARNING, "You must use Keystone v3. The default auth url will be of the format IP:5000/v3.");
    }
    if (StringUtils.isEmpty(domainName)) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a domain name");
    }
    if (regions.size() == 0 || StringUtils.isEmpty(regions.get(0))) {
        psBuilder.addProblem(Problem.Severity.ERROR, "You must provide one region");
    }
    if (insecure) {
        psBuilder.addProblem(Problem.Severity.WARNING, "You've chosen to not validate SSL connections. This setup is not recommended in production deployments.");
    }
    if (heatTemplateLocation != null && heatTemplateLocation.isEmpty()) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Not a valid Heat template location: ''");
    }
    if (lbaas.getPollInterval() < 0) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Poll interval cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 5.");
    }
    if (lbaas.getPollTimeout() < 0) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Poll timeout cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 60.");
    }
    boolean userDataProvided = userDataFile != null && !userDataFile.isEmpty();
    if (userDataProvided) {
        String resolvedUserData = ValidatingFileReader.contents(psBuilder, userDataFile);
        if (resolvedUserData == null) {
            return;
        } else if (resolvedUserData.isEmpty()) {
            psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file is empty.").setRemediation("Please provide a non empty file, or remove the user data file.");
        }
        List<String> validTokens = Arrays.asList("account", "accounttype", "env", "region", "group", "autogrp", "cluster", "stack", "detail", "launchconfig");
        List<String> tokens = Arrays.asList(StringUtils.substringsBetween(resolvedUserData, "%%", "%%"));
        List<String> invalidTokens = tokens.stream().filter(t -> !validTokens.contains(t)).collect(Collectors.toList());
        if (invalidTokens.size() != 0) {
            psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file contains tokens that won't be replaced. " + "Tokens \"" + StringUtils.join(invalidTokens, ", ") + "\" are not supported.").setRemediation("Please use only the supported tokens \"" + StringUtils.join(validTokens, ", ") + "\".");
        }
    }
    OpenstackConfigurationProperties.LbaasConfig lbaasConfig = new OpenstackConfigurationProperties.LbaasConfig();
    lbaasConfig.setPollInterval(lbaas.getPollInterval());
    lbaasConfig.setPollTimeout(lbaas.getPollTimeout());
    try {
        OpenstackNamedAccountCredentials openstackCredentials = new OpenstackNamedAccountCredentials.Builder().name(account.getName()).environment(environment).accountType(accountType).authUrl(authUrl).username(username).password(password).projectName(projectName).domainName(domainName).regions(regions).insecure(insecure).heatTemplateLocation(heatTemplateLocation).consulConfig(consulConfig).lbaasConfig(lbaasConfig).userDataFile(userDataFile).build();
        credentialsList.add(openstackCredentials);
    // TODO(emjburns) verify that these credentials can connect w/o error to the openstack instance
    } catch (Exception e) {
        psBuilder.addProblem(Problem.Severity.ERROR, "Failed to instantiate openstack credentials for account \"" + account.getName() + "\".");
    }
}
Also used : OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials) Arrays(java.util.Arrays) OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties) OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount) EqualsAndHashCode(lombok.EqualsAndHashCode) ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder) StringUtils(org.apache.commons.lang3.StringUtils) Collectors(java.util.stream.Collectors) DaemonTaskHandler(com.netflix.spinnaker.halyard.core.tasks.v1.DaemonTaskHandler) ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig) List(java.util.List) Validator(com.netflix.spinnaker.halyard.config.model.v1.node.Validator) Data(lombok.Data) Problem(com.netflix.spinnaker.halyard.core.problem.v1.Problem) ValidatingFileReader(com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader) ConsulConfig(com.netflix.spinnaker.clouddriver.consul.config.ConsulConfig) OpenstackConfigurationProperties(com.netflix.spinnaker.clouddriver.openstack.config.OpenstackConfigurationProperties) OpenstackNamedAccountCredentials(com.netflix.spinnaker.clouddriver.openstack.security.OpenstackNamedAccountCredentials) OpenstackAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackAccount)

Example 24 with Account

use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.

the class AccountService method addAccount.

public void addAccount(String deploymentName, String providerName, Account newAccount) {
    Provider provider = providerService.getProvider(deploymentName, providerName);
    provider.getAccounts().add(newAccount);
}
Also used : Provider(com.netflix.spinnaker.halyard.config.model.v1.node.Provider)

Example 25 with Account

use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.

the class AccountService method getAllAccounts.

public List<Account> getAllAccounts(String deploymentName, String providerName) {
    NodeFilter filter = new NodeFilter().setDeployment(deploymentName).setProvider(providerName).withAnyAccount();
    List<Account> matchingAccounts = lookupService.getMatchingNodesOfType(filter, Account.class);
    if (matchingAccounts.size() == 0) {
        throw new ConfigNotFoundException(new ConfigProblemBuilder(Severity.FATAL, "No accounts could be found").build());
    } else {
        return matchingAccounts;
    }
}
Also used : Account(com.netflix.spinnaker.halyard.config.model.v1.node.Account) ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder) ConfigNotFoundException(com.netflix.spinnaker.halyard.config.error.v1.ConfigNotFoundException) NodeFilter(com.netflix.spinnaker.halyard.config.model.v1.node.NodeFilter)

Aggregations

Account (com.netflix.spinnaker.halyard.config.model.v1.node.Account)19 List (java.util.List)13 Provider (com.netflix.spinnaker.halyard.config.model.v1.node.Provider)11 KubernetesAccount (com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesAccount)11 HalException (com.netflix.spinnaker.halyard.core.error.v1.HalException)11 Collectors (java.util.stream.Collectors)10 DeploymentConfiguration (com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)9 ConfigProblemBuilder (com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)8 ArrayList (java.util.ArrayList)8 AbstractCanaryAccount (com.netflix.spinnaker.halyard.config.model.v1.canary.AbstractCanaryAccount)7 Path (java.nio.file.Path)7 OperationHandler (com.netflix.spinnaker.halyard.cli.services.v1.OperationHandler)6 ArtifactAccount (com.netflix.spinnaker.halyard.config.model.v1.node.ArtifactAccount)6 DockerRegistryReference (com.netflix.spinnaker.halyard.config.model.v1.providers.containers.DockerRegistryReference)6 GoogleAccount (com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleAccount)6 UpdateRequestBuilder (com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder)6 ServiceSettings (com.netflix.spinnaker.halyard.deploy.spinnaker.v1.service.ServiceSettings)6 IOException (java.io.IOException)5 Collections (java.util.Collections)5 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5