Example 26 with Provider
use of com.netflix.spinnaker.halyard.config.model.v1.node.Provider in project halyard by spinnaker.
the class AbstractListArtifactAccountsCommand method executeThis.
@Override
protected void executeThis() {
ArtifactProvider provider = getArtifactProvider();
List<ArtifactAccount> accounts = provider.getAccounts();
if (accounts.isEmpty()) {
AnsiUi.success("No configured artifact accounts for " + getArtifactProviderName() + ".");
} else {
AnsiUi.success("Artifact accounts for " + getArtifactProviderName() + ":");
accounts.forEach(account -> AnsiUi.listItem(account.getName()));
}
}
Also used :
ArtifactProvider(com.netflix.spinnaker.halyard.config.model.v1.node.ArtifactProvider)
ArtifactAccount(com.netflix.spinnaker.halyard.config.model.v1.node.ArtifactAccount)
Example 27 with Provider
use of com.netflix.spinnaker.halyard.config.model.v1.node.Provider in project halyard by spinnaker.
the class KubernetesAccountValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder psBuilder, KubernetesAccount account) {
DeploymentConfiguration deploymentConfiguration;
// TODO(lwander) this is still a little messy - I should use the filters to get the necessary docker account
Node parent = account.getParent();
while (!(parent instanceof DeploymentConfiguration)) {
// Note this will crash in the above check if the halconfig representation is corrupted
// (that's ok, because it indicates a more serious error than we want to validate).
parent = parent.getParent();
}
deploymentConfiguration = (DeploymentConfiguration) parent;
validateKindConfig(psBuilder, account);
// TODO(lwander) validate all config with clouddriver's v2 creds
switch(account.getProviderVersion()) {
case V1:
final List<String> dockerRegistryNames = account.getDockerRegistries().stream().map(DockerRegistryReference::getAccountName).collect(Collectors.toList());
validateDockerRegistries(psBuilder, deploymentConfiguration, dockerRegistryNames, Provider.ProviderType.KUBERNETES);
validateKubeconfig(psBuilder, account);
case V2:
break;
default:
throw new IllegalStateException("Unknown provider version " + account.getProviderVersion());
}
}
Also used :
Node(com.netflix.spinnaker.halyard.config.model.v1.node.Node)
DeploymentConfiguration(com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)
Example 28 with Provider
use of com.netflix.spinnaker.halyard.config.model.v1.node.Provider in project halyard by spinnaker.
the class DCOSAccountValidator method validateClusters.
private void validateClusters(final ConfigProblemSetBuilder problems, final DCOSAccount account) {
final NodeIterator children = account.getParent().getChildren();
Node n = children.getNext();
Set<String> definedClusters = new HashSet<>();
while (n != null) {
if (n instanceof DCOSCluster) {
definedClusters.add(((DCOSCluster) n).getName());
}
n = children.getNext();
}
final Set<String> accountClusters = account.getClusters().stream().map(c -> c.getName()).collect(Collectors.toSet());
accountClusters.removeAll(definedClusters);
accountClusters.forEach(c -> problems.addProblem(ERROR, "Cluster \"" + c.toString() + "\" not defined for provider").setRemediation("Add cluster to the provider or remove from the account").setOptions(Lists.newArrayList(definedClusters)));
Set<List<String>> credentials = new HashSet<>();
account.getClusters().forEach(c -> {
final List<String> key = Lists.newArrayList(c.getName(), c.getUid());
if (credentials.contains(key)) {
problems.addProblem(ERROR, "Account contains duplicate credentials for cluster \"" + c.getName() + "\" and user id \"" + c.getUid() + "\".").setRemediation("Remove the duplicate credentials");
} else {
credentials.add(key);
}
// we can connect without a password
if (Strings.isStringEmpty(c.getPassword()) && Strings.isStringEmpty(c.getServiceKeyFile())) {
problems.addProblem(WARNING, "Account has no password or service key. Unless the cluster has security disabled this may be an error").setRemediation("Add a password or service key.");
}
if (!Strings.isStringEmpty(c.getPassword()) && !Strings.isStringEmpty(c.getServiceKeyFile())) {
problems.addProblem(ERROR, "Account has both a password and service key").setRemediation("Remove either the password or service key.");
}
if (!Strings.isStringEmpty(c.getServiceKeyFile())) {
String resolvedServiceKey = ValidatingFileReader.contents(problems, c.getServiceKeyFile());
if (Strings.isStringEmpty(resolvedServiceKey)) {
problems.addProblem(ERROR, "The supplied service key file does not exist or is empty.").setRemediation("Supply a valid service key file.");
}
}
});
}
Also used :
NodeIterator(com.netflix.spinnaker.halyard.config.model.v1.node.NodeIterator)
DockerRegistryReference(com.netflix.spinnaker.halyard.config.model.v1.providers.containers.DockerRegistryReference)
NodeIterator(com.netflix.spinnaker.halyard.config.model.v1.node.NodeIterator)
Set(java.util.Set)
ERROR(com.netflix.spinnaker.halyard.core.problem.v1.Problem.Severity.ERROR)
Lists(com.beust.jcommander.internal.Lists)
DeploymentConfiguration(com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)
ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder)
Collectors(java.util.stream.Collectors)
HashSet(java.util.HashSet)
DCOSAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSAccount)
Component(org.springframework.stereotype.Component)
List(java.util.List)
WARNING(com.netflix.spinnaker.halyard.core.problem.v1.Problem.Severity.WARNING)
Strings(com.beust.jcommander.Strings)
Validator(com.netflix.spinnaker.halyard.config.model.v1.node.Validator)
DockerRegistryReferenceValidation.validateDockerRegistries(com.netflix.spinnaker.halyard.config.validate.v1.providers.dockerRegistry.DockerRegistryReferenceValidation.validateDockerRegistries)
DCOSCluster(com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSCluster)
ValidatingFileReader(com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader)
Provider(com.netflix.spinnaker.halyard.config.model.v1.node.Provider)
Node(com.netflix.spinnaker.halyard.config.model.v1.node.Node)
Node(com.netflix.spinnaker.halyard.config.model.v1.node.Node)
List(java.util.List)
DCOSCluster(com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSCluster)
HashSet(java.util.HashSet)
Example 29 with Provider
use of com.netflix.spinnaker.halyard.config.model.v1.node.Provider in project halyard by spinnaker.
the class SecurityValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder p, Security n) {
DeploymentConfiguration deploymentConfiguration = n.parentOfType(DeploymentConfiguration.class);
boolean localhostAccess = StringUtils.isEmpty(n.getApiSecurity().getOverrideBaseUrl()) || StringUtils.isEmpty(n.getUiSecurity().getOverrideBaseUrl());
switch(deploymentConfiguration.getDeploymentEnvironment().getType()) {
case Distributed:
if (localhostAccess) {
p.addProblem(Problem.Severity.WARNING, "Your UI or API domain does not have override base URLs set " + "even though your Spinnaker deployment is a Distributed deployment on a remote cloud provider. " + "As a result, you will need to open SSH tunnels against that deployment to access Spinnaker.").setRemediation("We recommend that you instead configure an authentication mechanism (OAuth2, SAML2, or x509) " + "to make it easier to access Spinnaker securely, and then register the intended Domain and IP addresses " + // TODO(lwander) point to a guide here
"that your publicly facing services will be using.");
}
break;
case LocalDebian:
break;
}
}
Also used :
DeploymentConfiguration(com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)
Example 30 with Provider
use of com.netflix.spinnaker.halyard.config.model.v1.node.Provider in project halyard by spinnaker.
the class ProviderService method getHasImageProvider.
public HasImageProvider getHasImageProvider(String deploymentName, String providerName) {
NodeFilter filter = new NodeFilter().setDeployment(deploymentName).setProvider(providerName);
Provider provider = getProvider(deploymentName, providerName);
if (provider instanceof HasImageProvider) {
return (HasImageProvider) provider;
} else {
throw new IllegalConfigException(new ConfigProblemBuilder(Severity.FATAL, "Provider \"" + providerName + "\" does not support configuring images via Halyard.").build());
}
}
Also used :
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
IllegalConfigException(com.netflix.spinnaker.halyard.config.error.v1.IllegalConfigException)
GoogleProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleProvider)
AzureProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.azure.AzureProvider)
AwsProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.aws.AwsProvider)
AppengineProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.appengine.AppengineProvider)
DockerRegistryProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.dockerRegistry.DockerRegistryProvider)
OracleBMCSProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.oraclebmcs.OracleBMCSProvider)
OpenstackProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.openstack.OpenstackProvider)
DCOSProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSProvider)
KubernetesProvider(com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesProvider)
Aggregations
Provider (com.netflix.spinnaker.halyard.config.model.v1.node.Provider)13
Account (com.netflix.spinnaker.halyard.config.model.v1.node.Account)9
OperationHandler (com.netflix.spinnaker.halyard.cli.services.v1.OperationHandler)8
ConfigProblemBuilder (com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)8
DockerRegistryProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.dockerRegistry.DockerRegistryProvider)7
ArtifactProvider (com.netflix.spinnaker.halyard.config.model.v1.node.ArtifactProvider)6
DeploymentConfiguration (com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)6
ConfigNotFoundException (com.netflix.spinnaker.halyard.config.error.v1.ConfigNotFoundException)4
IllegalConfigException (com.netflix.spinnaker.halyard.config.error.v1.IllegalConfigException)4
ArtifactAccount (com.netflix.spinnaker.halyard.config.model.v1.node.ArtifactAccount)4
NodeIterator (com.netflix.spinnaker.halyard.config.model.v1.node.NodeIterator)4
AppengineProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.appengine.AppengineProvider)4
AwsProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.aws.AwsProvider)4
AzureProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.azure.AzureProvider)4
DCOSCluster (com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSCluster)4
DCOSProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSProvider)4
DeploymentEnvironment (com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentEnvironment)3
HasImageProvider (com.netflix.spinnaker.halyard.config.model.v1.node.HasImageProvider)3
NodeFilter (com.netflix.spinnaker.halyard.config.model.v1.node.NodeFilter)3
GoogleProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleProvider)3
