use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class DCOSAccountValidator method validate.
@Override
public void validate(final ConfigProblemSetBuilder problems, final DCOSAccount account) {
DeploymentConfiguration deploymentConfiguration;
/**
* I have copied
* the code
* that was in
* the KubernetesAccountValidator
*
* and which
* you were planning
* to refactor
* with filters
*
* Forgive me
* It did the job
* And I was lazy
* so very lazy
*/
// TODO(lwander) this is still a little messy - I should use the filters to get the necessary docker account
Node parent = account.getParent();
while (!(parent instanceof DeploymentConfiguration)) {
// Note this will crash in the above check if the halconfig representation is corrupted
// (that's ok, because it indicates a more serious error than we want to validate).
parent = parent.getParent();
}
deploymentConfiguration = (DeploymentConfiguration) parent;
validateClusters(problems, account);
if (account.getClusters().isEmpty()) {
problems.addProblem(ERROR, "Account does not have any clusters configured").setRemediation("Edit the account with either --update-user-credential or --update-service-credential");
}
final List<String> dockerRegistryNames = account.getDockerRegistries().stream().map(DockerRegistryReference::getAccountName).collect(Collectors.toList());
validateDockerRegistries(problems, deploymentConfiguration, dockerRegistryNames, Provider.ProviderType.DCOS);
}
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class GoogleBakeryDefaultsValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder p, GoogleBakeryDefaults n) {
DaemonTaskHandler.message("Validating " + n.getNodeName() + " with " + GoogleBakeryDefaultsValidator.class.getSimpleName());
String zone = n.getZone();
String network = n.getNetwork();
String networkProjectId = n.getNetworkProjectId();
List<GoogleBaseImage> baseImages = n.getBaseImages();
if (StringUtils.isEmpty(zone) && StringUtils.isEmpty(network) && CollectionUtils.isEmpty(baseImages)) {
return;
} else if (CollectionUtils.isEmpty(credentialsList)) {
return;
}
if (StringUtils.isEmpty(zone)) {
p.addProblem(Problem.Severity.ERROR, "No zone supplied for google bakery defaults.");
} else {
int i = 0;
boolean foundZone = false;
while (!foundZone && i < credentialsList.size()) {
GoogleNamedAccountCredentials credentials = credentialsList.get(i);
try {
credentials.getCompute().zones().get(credentials.getProject(), zone).execute();
foundZone = true;
} catch (Exception e) {
}
i++;
}
if (!foundZone) {
p.addProblem(Problem.Severity.ERROR, "Zone " + zone + " not found via any configured google account.");
}
}
if (StringUtils.isEmpty(network)) {
p.addProblem(Problem.Severity.ERROR, "No network supplied for google bakery defaults.");
} else {
int j = 0;
boolean foundNetwork = false;
while (!foundNetwork && j < credentialsList.size()) {
GoogleNamedAccountCredentials credentials = credentialsList.get(j);
try {
String project = !StringUtils.isEmpty(networkProjectId) ? networkProjectId : credentials.getProject();
credentials.getCompute().networks().get(project, network).execute();
foundNetwork = true;
} catch (Exception e) {
}
j++;
}
if (!foundNetwork) {
p.addProblem(Problem.Severity.ERROR, "Network " + network + " not found via any configured google account.");
}
}
GoogleBaseImageValidator googleBaseImageValidator = new GoogleBaseImageValidator(credentialsList, halyardVersion);
baseImages.forEach(googleBaseImage -> googleBaseImageValidator.validate(p, googleBaseImage));
}
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class OpenstackAccountValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder psBuilder, OpenstackAccount account) {
DaemonTaskHandler.message("Validating " + account.getNodeName() + " with " + OpenstackAccountValidator.class.getSimpleName());
String environment = account.getEnvironment();
String accountType = account.getAccountType();
String username = account.getUsername();
String password = account.getPassword();
String projectName = account.getPassword();
String domainName = account.getDomainName();
String authUrl = account.getAuthUrl();
List<String> regions = account.getRegions();
Boolean insecure = account.getInsecure();
String heatTemplateLocation = account.getHeatTemplateLocation();
OpenstackAccount.OpenstackLbaasOptions lbaas = account.getLbaas();
ConsulConfig consulConfig = new ConsulConfig();
String userDataFile = account.getUserDataFile();
if (StringUtils.isEmpty(environment)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide an environment name");
}
if (StringUtils.isEmpty(password) || StringUtils.isEmpty(username)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a both a username and a password");
}
if (StringUtils.isEmpty(projectName)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a project name");
}
if (!StringUtils.endsWith(authUrl, "/v3")) {
psBuilder.addProblem(Problem.Severity.WARNING, "You must use Keystone v3. The default auth url will be of the format IP:5000/v3.");
}
if (StringUtils.isEmpty(domainName)) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide a domain name");
}
if (regions.size() == 0 || StringUtils.isEmpty(regions.get(0))) {
psBuilder.addProblem(Problem.Severity.ERROR, "You must provide one region");
}
if (insecure) {
psBuilder.addProblem(Problem.Severity.WARNING, "You've chosen to not validate SSL connections. This setup is not recommended in production deployments.");
}
if (heatTemplateLocation != null && heatTemplateLocation.isEmpty()) {
psBuilder.addProblem(Problem.Severity.ERROR, "Not a valid Heat template location: ''");
}
if (lbaas.getPollInterval() < 0) {
psBuilder.addProblem(Problem.Severity.ERROR, "Poll interval cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 5.");
}
if (lbaas.getPollTimeout() < 0) {
psBuilder.addProblem(Problem.Severity.ERROR, "Poll timeout cannot be less than 0.").setRemediation("Update this value to be reasonable. Default is 60.");
}
boolean userDataProvided = userDataFile != null && !userDataFile.isEmpty();
if (userDataProvided) {
String resolvedUserData = ValidatingFileReader.contents(psBuilder, userDataFile);
if (resolvedUserData == null) {
return;
} else if (resolvedUserData.isEmpty()) {
psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file is empty.").setRemediation("Please provide a non empty file, or remove the user data file.");
}
List<String> validTokens = Arrays.asList("account", "accounttype", "env", "region", "group", "autogrp", "cluster", "stack", "detail", "launchconfig");
List<String> tokens = Arrays.asList(StringUtils.substringsBetween(resolvedUserData, "%%", "%%"));
List<String> invalidTokens = tokens.stream().filter(t -> !validTokens.contains(t)).collect(Collectors.toList());
if (invalidTokens.size() != 0) {
psBuilder.addProblem(Problem.Severity.WARNING, "The supplied user data file contains tokens that won't be replaced. " + "Tokens \"" + StringUtils.join(invalidTokens, ", ") + "\" are not supported.").setRemediation("Please use only the supported tokens \"" + StringUtils.join(validTokens, ", ") + "\".");
}
}
OpenstackConfigurationProperties.LbaasConfig lbaasConfig = new OpenstackConfigurationProperties.LbaasConfig();
lbaasConfig.setPollInterval(lbaas.getPollInterval());
lbaasConfig.setPollTimeout(lbaas.getPollTimeout());
try {
OpenstackNamedAccountCredentials openstackCredentials = new OpenstackNamedAccountCredentials.Builder().name(account.getName()).environment(environment).accountType(accountType).authUrl(authUrl).username(username).password(password).projectName(projectName).domainName(domainName).regions(regions).insecure(insecure).heatTemplateLocation(heatTemplateLocation).consulConfig(consulConfig).lbaasConfig(lbaasConfig).userDataFile(userDataFile).build();
credentialsList.add(openstackCredentials);
// TODO(emjburns) verify that these credentials can connect w/o error to the openstack instance
} catch (Exception e) {
psBuilder.addProblem(Problem.Severity.ERROR, "Failed to instantiate openstack credentials for account \"" + account.getName() + "\".");
}
}
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class AccountService method addAccount.
public void addAccount(String deploymentName, String providerName, Account newAccount) {
Provider provider = providerService.getProvider(deploymentName, providerName);
provider.getAccounts().add(newAccount);
}
use of com.netflix.spinnaker.halyard.config.model.v1.node.Account in project halyard by spinnaker.
the class AccountService method getAllAccounts.
public List<Account> getAllAccounts(String deploymentName, String providerName) {
NodeFilter filter = new NodeFilter().setDeployment(deploymentName).setProvider(providerName).withAnyAccount();
List<Account> matchingAccounts = lookupService.getMatchingNodesOfType(filter, Account.class);
if (matchingAccounts.size() == 0) {
throw new ConfigNotFoundException(new ConfigProblemBuilder(Severity.FATAL, "No accounts could be found").build());
} else {
return matchingAccounts;
}
}
Aggregations