use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.
the class DeckDockerProfileFactory method setProfile.
@Override
protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) {
super.setProfile(profile, deploymentConfiguration, endpoints);
ServiceSettings deckSettings = endpoints.getServices().getDeck();
ServiceSettings gateSettings = endpoints.getServices().getGate();
ApacheSsl apacheSsl = deploymentConfiguration.getSecurity().getUiSecurity().getSsl();
if (apacheSsl.isEnabled()) {
Map<String, String> env = profile.getEnv();
env.put("DECK_HOST", deckSettings.getHost());
env.put("DECK_PORT", deckSettings.getPort() + "");
env.put("API_HOST", gateSettings.getBaseUrl());
env.put("AUTH_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthn().isEnabled()));
env.put("DECK_CERT", apacheSsl.getSslCertificateFile());
env.put("DECK_KEY", apacheSsl.getSslCertificateKeyFile());
env.put("PASSPHRASE", apacheSsl.getSslCertificatePassphrase());
}
}
use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.
the class SecurityController method setSpringSSl.
@RequestMapping(value = "/api/ssl/", method = RequestMethod.PUT)
DaemonTask<Halconfig, Void> setSpringSSl(@PathVariable String deploymentName, @RequestParam(required = false, defaultValue = DefaultControllerValues.validate) boolean validate, @RequestParam(required = false, defaultValue = DefaultControllerValues.severity) Severity severity, @RequestBody Object rawSpringSsl) {
SpringSsl apacheSsl = objectMapper.convertValue(rawSpringSsl, SpringSsl.class);
UpdateRequestBuilder builder = new UpdateRequestBuilder();
Path configPath = halconfigDirectoryStructure.getConfigPath(deploymentName);
builder.setStage(() -> apacheSsl.stageLocalFiles(configPath));
builder.setSeverity(severity);
builder.setUpdate(() -> securityService.setSpringSsl(deploymentName, apacheSsl));
builder.setValidate(ProblemSet::new);
if (validate) {
builder.setValidate(() -> securityService.validateSpringSsl(deploymentName));
}
builder.setRevert(() -> halconfigParser.undoChanges());
builder.setSave(() -> halconfigParser.saveConfig());
builder.setClean(() -> halconfigParser.cleanLocalFiles(configPath));
return DaemonTaskHandler.submitTask(builder::build, "Edit API SSL settings");
}
use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.
the class SecurityController method setApacheSSl.
@RequestMapping(value = "/ui/ssl/", method = RequestMethod.PUT)
DaemonTask<Halconfig, Void> setApacheSSl(@PathVariable String deploymentName, @RequestParam(required = false, defaultValue = DefaultControllerValues.validate) boolean validate, @RequestParam(required = false, defaultValue = DefaultControllerValues.severity) Severity severity, @RequestBody Object rawApacheSsl) {
ApacheSsl apacheSsl = objectMapper.convertValue(rawApacheSsl, ApacheSsl.class);
UpdateRequestBuilder builder = new UpdateRequestBuilder();
Path configPath = halconfigDirectoryStructure.getConfigPath(deploymentName);
builder.setStage(() -> apacheSsl.stageLocalFiles(configPath));
builder.setSeverity(severity);
builder.setUpdate(() -> securityService.setApacheSsl(deploymentName, apacheSsl));
builder.setValidate(ProblemSet::new);
if (validate) {
builder.setValidate(() -> securityService.validateApacheSsl(deploymentName));
}
builder.setRevert(() -> halconfigParser.undoChanges());
builder.setSave(() -> halconfigParser.saveConfig());
builder.setClean(() -> halconfigParser.cleanLocalFiles(configPath));
return DaemonTaskHandler.submitTask(builder::build, "Edit UI SSL settings");
}
use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.
the class ApacheSslEditCommand method executeThis.
@Override
protected void executeThis() {
String currentDeployment = getCurrentDeployment();
ApacheSsl apacheSsl = new OperationHandler<ApacheSsl>().setOperation(Daemon.getApacheSsl(currentDeployment, false)).setFailureMesssage("Failed to load SSL settings.").get();
int originalHash = apacheSsl.hashCode();
apacheSsl.setSslCertificateFile(isSet(sslCertificateFile) ? sslCertificateFile : apacheSsl.getSslCertificateFile());
apacheSsl.setSslCertificateKeyFile(isSet(sslCertificateKeyFile) ? sslCertificateKeyFile : apacheSsl.getSslCertificateKeyFile());
apacheSsl.setSslCertificatePassphrase(isSet(sslCertificatePassphrase) ? sslCertificatePassphrase : apacheSsl.getSslCertificatePassphrase());
if (originalHash == apacheSsl.hashCode()) {
AnsiUi.failure("No changes supplied.");
return;
}
new OperationHandler<Void>().setOperation(Daemon.setApacheSsl(currentDeployment, !noValidate, apacheSsl)).setFailureMesssage("Failed to edit SSL settings.").setSuccessMessage("Successfully updated SSL settings.").get();
}
use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.
the class ApacheSpinnakerProfileFactory method getBindings.
@Override
protected Map<String, Object> getBindings(DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) {
TemplatedResource resource = new StringResource(SSL_TEMPLATE);
Map<String, Object> bindings = new HashMap<>();
UiSecurity uiSecurity = deploymentConfiguration.getSecurity().getUiSecurity();
ApacheSsl apacheSsl = uiSecurity.getSsl();
bindings.put("cert-file", apacheSsl.getSslCertificateFile());
bindings.put("key-file", apacheSsl.getSslCertificateKeyFile());
String ssl = resource.setBindings(bindings).toString();
bindings.clear();
bindings.put("ssl", ssl);
bindings.put("deck-host", endpoints.getServices().getDeck().getHost());
bindings.put("deck-port", endpoints.getServices().getDeck().getPort() + "");
return bindings;
}
Aggregations