Search in sources :

Example 1 with ApacheSsl

use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.

the class DeckDockerProfileFactory method setProfile.

@Override
protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) {
    super.setProfile(profile, deploymentConfiguration, endpoints);
    ServiceSettings deckSettings = endpoints.getServices().getDeck();
    ServiceSettings gateSettings = endpoints.getServices().getGate();
    ApacheSsl apacheSsl = deploymentConfiguration.getSecurity().getUiSecurity().getSsl();
    if (apacheSsl.isEnabled()) {
        Map<String, String> env = profile.getEnv();
        env.put("DECK_HOST", deckSettings.getHost());
        env.put("DECK_PORT", deckSettings.getPort() + "");
        env.put("API_HOST", gateSettings.getBaseUrl());
        env.put("AUTH_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthn().isEnabled()));
        env.put("DECK_CERT", apacheSsl.getSslCertificateFile());
        env.put("DECK_KEY", apacheSsl.getSslCertificateKeyFile());
        env.put("PASSPHRASE", apacheSsl.getSslCertificatePassphrase());
    }
}
Also used : ApacheSsl(com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl) ServiceSettings(com.netflix.spinnaker.halyard.deploy.spinnaker.v1.service.ServiceSettings)

Example 2 with ApacheSsl

use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.

the class SecurityController method setSpringSSl.

@RequestMapping(value = "/api/ssl/", method = RequestMethod.PUT)
DaemonTask<Halconfig, Void> setSpringSSl(@PathVariable String deploymentName, @RequestParam(required = false, defaultValue = DefaultControllerValues.validate) boolean validate, @RequestParam(required = false, defaultValue = DefaultControllerValues.severity) Severity severity, @RequestBody Object rawSpringSsl) {
    SpringSsl apacheSsl = objectMapper.convertValue(rawSpringSsl, SpringSsl.class);
    UpdateRequestBuilder builder = new UpdateRequestBuilder();
    Path configPath = halconfigDirectoryStructure.getConfigPath(deploymentName);
    builder.setStage(() -> apacheSsl.stageLocalFiles(configPath));
    builder.setSeverity(severity);
    builder.setUpdate(() -> securityService.setSpringSsl(deploymentName, apacheSsl));
    builder.setValidate(ProblemSet::new);
    if (validate) {
        builder.setValidate(() -> securityService.validateSpringSsl(deploymentName));
    }
    builder.setRevert(() -> halconfigParser.undoChanges());
    builder.setSave(() -> halconfigParser.saveConfig());
    builder.setClean(() -> halconfigParser.cleanLocalFiles(configPath));
    return DaemonTaskHandler.submitTask(builder::build, "Edit API SSL settings");
}
Also used : Path(java.nio.file.Path) UpdateRequestBuilder(com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder) SpringSsl(com.netflix.spinnaker.halyard.config.model.v1.security.SpringSsl) ProblemSet(com.netflix.spinnaker.halyard.core.problem.v1.ProblemSet) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with ApacheSsl

use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.

the class SecurityController method setApacheSSl.

@RequestMapping(value = "/ui/ssl/", method = RequestMethod.PUT)
DaemonTask<Halconfig, Void> setApacheSSl(@PathVariable String deploymentName, @RequestParam(required = false, defaultValue = DefaultControllerValues.validate) boolean validate, @RequestParam(required = false, defaultValue = DefaultControllerValues.severity) Severity severity, @RequestBody Object rawApacheSsl) {
    ApacheSsl apacheSsl = objectMapper.convertValue(rawApacheSsl, ApacheSsl.class);
    UpdateRequestBuilder builder = new UpdateRequestBuilder();
    Path configPath = halconfigDirectoryStructure.getConfigPath(deploymentName);
    builder.setStage(() -> apacheSsl.stageLocalFiles(configPath));
    builder.setSeverity(severity);
    builder.setUpdate(() -> securityService.setApacheSsl(deploymentName, apacheSsl));
    builder.setValidate(ProblemSet::new);
    if (validate) {
        builder.setValidate(() -> securityService.validateApacheSsl(deploymentName));
    }
    builder.setRevert(() -> halconfigParser.undoChanges());
    builder.setSave(() -> halconfigParser.saveConfig());
    builder.setClean(() -> halconfigParser.cleanLocalFiles(configPath));
    return DaemonTaskHandler.submitTask(builder::build, "Edit UI SSL settings");
}
Also used : Path(java.nio.file.Path) ApacheSsl(com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl) UpdateRequestBuilder(com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder) ProblemSet(com.netflix.spinnaker.halyard.core.problem.v1.ProblemSet) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with ApacheSsl

use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.

the class ApacheSslEditCommand method executeThis.

@Override
protected void executeThis() {
    String currentDeployment = getCurrentDeployment();
    ApacheSsl apacheSsl = new OperationHandler<ApacheSsl>().setOperation(Daemon.getApacheSsl(currentDeployment, false)).setFailureMesssage("Failed to load SSL settings.").get();
    int originalHash = apacheSsl.hashCode();
    apacheSsl.setSslCertificateFile(isSet(sslCertificateFile) ? sslCertificateFile : apacheSsl.getSslCertificateFile());
    apacheSsl.setSslCertificateKeyFile(isSet(sslCertificateKeyFile) ? sslCertificateKeyFile : apacheSsl.getSslCertificateKeyFile());
    apacheSsl.setSslCertificatePassphrase(isSet(sslCertificatePassphrase) ? sslCertificatePassphrase : apacheSsl.getSslCertificatePassphrase());
    if (originalHash == apacheSsl.hashCode()) {
        AnsiUi.failure("No changes supplied.");
        return;
    }
    new OperationHandler<Void>().setOperation(Daemon.setApacheSsl(currentDeployment, !noValidate, apacheSsl)).setFailureMesssage("Failed to edit SSL settings.").setSuccessMessage("Successfully updated SSL settings.").get();
}
Also used : ApacheSsl(com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl) OperationHandler(com.netflix.spinnaker.halyard.cli.services.v1.OperationHandler)

Example 5 with ApacheSsl

use of com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl in project halyard by spinnaker.

the class ApacheSpinnakerProfileFactory method getBindings.

@Override
protected Map<String, Object> getBindings(DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) {
    TemplatedResource resource = new StringResource(SSL_TEMPLATE);
    Map<String, Object> bindings = new HashMap<>();
    UiSecurity uiSecurity = deploymentConfiguration.getSecurity().getUiSecurity();
    ApacheSsl apacheSsl = uiSecurity.getSsl();
    bindings.put("cert-file", apacheSsl.getSslCertificateFile());
    bindings.put("key-file", apacheSsl.getSslCertificateKeyFile());
    String ssl = resource.setBindings(bindings).toString();
    bindings.clear();
    bindings.put("ssl", ssl);
    bindings.put("deck-host", endpoints.getServices().getDeck().getHost());
    bindings.put("deck-port", endpoints.getServices().getDeck().getPort() + "");
    return bindings;
}
Also used : StringResource(com.netflix.spinnaker.halyard.core.resource.v1.StringResource) UiSecurity(com.netflix.spinnaker.halyard.config.model.v1.security.UiSecurity) HashMap(java.util.HashMap) ApacheSsl(com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl) TemplatedResource(com.netflix.spinnaker.halyard.core.resource.v1.TemplatedResource)

Aggregations

ApacheSsl (com.netflix.spinnaker.halyard.config.model.v1.security.ApacheSsl)5 UpdateRequestBuilder (com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder)2 ProblemSet (com.netflix.spinnaker.halyard.core.problem.v1.ProblemSet)2 Path (java.nio.file.Path)2 HashMap (java.util.HashMap)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 OperationHandler (com.netflix.spinnaker.halyard.cli.services.v1.OperationHandler)1 SpringSsl (com.netflix.spinnaker.halyard.config.model.v1.security.SpringSsl)1 UiSecurity (com.netflix.spinnaker.halyard.config.model.v1.security.UiSecurity)1 StringResource (com.netflix.spinnaker.halyard.core.resource.v1.StringResource)1 TemplatedResource (com.netflix.spinnaker.halyard.core.resource.v1.TemplatedResource)1 ServiceSettings (com.netflix.spinnaker.halyard.deploy.spinnaker.v1.service.ServiceSettings)1