Example 26 with ConfigProblemBuilder
use of com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder in project halyard by spinnaker.
the class ArtifactService method writeArtifactConfig.
public void writeArtifactConfig(String bomPath, String artifactName, String profilePath) {
if (googleWriteableProfileRegistry == null) {
throw new HalException(new ConfigProblemBuilder(FATAL, "You need to set the \"spinnaker.config.input.writerEnabled\" property to \"true\" to modify base-profiles.").build());
}
BillOfMaterials bom;
File profileFile = Paths.get(profilePath).toFile();
String profileContents;
try {
bom = relaxedObjectMapper.convertValue(yamlParser.load(IOUtils.toString(new FileInputStream(bomPath))), BillOfMaterials.class);
} catch (IOException e) {
throw new HalException(new ConfigProblemBuilder(FATAL, "Unable to load Bill of Materials: " + e.getMessage()).build());
}
try {
profileContents = IOUtils.toString(new FileInputStream(profileFile));
} catch (IOException e) {
throw new HalException(new ConfigProblemBuilder(FATAL, "Unable to load profile : " + e.getMessage()).build());
}
googleWriteableProfileRegistry.writeArtifactConfig(bom, artifactName, profileFile.getName(), profileContents);
}
Also used :
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
HalException(com.netflix.spinnaker.halyard.core.error.v1.HalException)
IOException(java.io.IOException)
BillOfMaterials(com.netflix.spinnaker.halyard.core.registry.v1.BillOfMaterials)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Example 27 with ConfigProblemBuilder
use of com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder in project halyard by spinnaker.
the class ArtifactService method publishVersion.
public void publishVersion(Version version) {
if (googleWriteableProfileRegistry == null) {
throw new HalException(new ConfigProblemBuilder(FATAL, "You need to set the \"spinnaker.config.input.writerEnabled\" property to \"true\" to modify your halconfig bucket contents.").build());
}
Versions versionsCollection = versionsService.getVersions();
deleteVersion(versionsCollection, version.getVersion());
versionsCollection.getVersions().add(version);
googleWriteableProfileRegistry.writeVersions(yamlParser.dump(relaxedObjectMapper.convertValue(versionsCollection, Map.class)));
}
Also used :
Versions(com.netflix.spinnaker.halyard.core.registry.v1.Versions)
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
HalException(com.netflix.spinnaker.halyard.core.error.v1.HalException)
Example 28 with ConfigProblemBuilder
use of com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder in project halyard by spinnaker.
the class DockerRegistryAccountValidator method validate.
@Override
public void validate(ConfigProblemSetBuilder p, DockerRegistryAccount n) {
String resolvedPassword = null;
String password = n.getPassword();
String passwordFile = n.getPasswordFile();
String username = n.getUsername();
boolean passwordProvided = password != null && !password.isEmpty();
boolean passwordFileProvided = passwordFile != null && !passwordFile.isEmpty();
if (passwordProvided && passwordFileProvided) {
p.addProblem(Severity.ERROR, "You have provided both a password and a password file for your docker registry. You can specify at most one.");
return;
}
if (passwordProvided) {
resolvedPassword = password;
} else if (passwordFileProvided) {
resolvedPassword = ValidatingFileReader.contents(p, passwordFile);
if (resolvedPassword == null) {
return;
}
if (resolvedPassword.isEmpty()) {
p.addProblem(Severity.WARNING, "The supplied password file is empty.");
}
} else {
resolvedPassword = "";
}
if (!resolvedPassword.isEmpty()) {
if (username == null || username.isEmpty()) {
p.addProblem(Severity.WARNING, "You have supplied a password but no username.");
}
} else {
if (username != null && !username.isEmpty()) {
p.addProblem(Severity.WARNING, "You have a supplied a username but no password.");
}
}
DockerRegistryNamedAccountCredentials credentials;
try {
credentials = (new DockerRegistryNamedAccountCredentials.Builder()).accountName(n.getName()).address(n.getAddress()).email(n.getEmail()).password(n.getPassword()).passwordFile(n.getPasswordFile()).dockerconfigFile(n.getDockerconfigFile()).username(n.getUsername()).clientTimeoutMillis(n.getClientTimeoutMillis()).cacheThreads(n.getCacheThreads()).paginateSize(n.getPaginateSize()).sortTagsByDate(n.getSortTagsByDate()).trackDigests(n.getTrackDigests()).insecureRegistry(n.getInsecureRegistry()).build();
} catch (Exception e) {
p.addProblem(Severity.ERROR, "Failed to instantiate docker credentials for account \"" + n.getName() + "\".");
return;
}
ConfigProblemBuilder authFailureProblem = null;
if (n.getRepositories() == null || n.getRepositories().size() == 0) {
try {
DockerRegistryCatalog catalog = credentials.getCredentials().getClient().getCatalog();
if (catalog.getRepositories() == null || catalog.getRepositories().size() == 0) {
p.addProblem(Severity.WARNING, "Your docker registry has no repositories specified, and the registry's catalog is empty. Spinnaker will not be able to deploy any images until some are pushed to this registry.").setRemediation("Manually specify some repositories for this docker registry to index.");
}
} catch (Exception e) {
if (n.getAddress().endsWith("gcr.io")) {
p.addProblem(Severity.ERROR, "The GCR service requires the Resource Manager API to be enabled for the catalog endpoint to work.").setRemediation("Visit https://console.developers.google.com/apis/api/cloudresourcemanager.googleapis.com/overview to enable the API.");
}
authFailureProblem = p.addProblem(Severity.ERROR, "Unable to connect the registries catalog endpoint: " + e.getMessage() + ".");
}
} else {
try {
// effectively final
int[] tagCount = new int[1];
tagCount[0] = 0;
n.getRepositories().forEach(r -> tagCount[0] += credentials.getCredentials().getClient().getTags(r).getTags().size());
if (tagCount[0] == 0) {
p.addProblem(Severity.WARNING, "None of your supplied repositories contain any tags. Spinnaker will not be able to deploy anything.").setRemediation("Push some images to your registry.");
}
} catch (Exception e) {
authFailureProblem = p.addProblem(Severity.ERROR, "Unable to reach repository: " + e.getMessage() + ".");
}
}
if (authFailureProblem != null && !StringUtils.isEmpty(resolvedPassword)) {
String message = "Your registry password has %s whitespace; if this is unintentional, this may be the cause of failed authentication.";
if (Character.isWhitespace(resolvedPassword.charAt(0))) {
authFailureProblem.setRemediation(String.format(message, "leading"));
}
char c = resolvedPassword.charAt(resolvedPassword.length() - 1);
if (Character.isWhitespace(c)) {
authFailureProblem.setRemediation(String.format(message, "trailing"));
if (passwordFileProvided && c == '\n')
authFailureProblem.setRemediation("Your password file has a trailing newline; many text editors append a newline to files they open." + " If you think this is causing authentication issues, you can strip the newline with the command:\n\n" + " tr -d '\\n' < PASSWORD_FILE | tee PASSWORD_FILE");
}
}
}
Also used :
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder)
DockerRegistryCatalog(com.netflix.spinnaker.clouddriver.docker.registry.api.v2.client.DockerRegistryCatalog)
DockerRegistryNamedAccountCredentials(com.netflix.spinnaker.clouddriver.docker.registry.security.DockerRegistryNamedAccountCredentials)
Example 29 with ConfigProblemBuilder
use of com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder in project halyard by spinnaker.
the class KubernetesAccountValidator method validateKubeconfig.
private void validateKubeconfig(ConfigProblemSetBuilder psBuilder, KubernetesAccount account) {
io.fabric8.kubernetes.api.model.Config kubeconfig;
String context = account.getContext();
String kubeconfigFile = account.getKubeconfigFile();
String cluster = account.getCluster();
String user = account.getUser();
List<String> namespaces = account.getNamespaces();
List<String> omitNamespaces = account.getOmitNamespaces();
// This indicates if a first pass at the config looks OK. If we don't see any serious problems, we'll do one last check
// against the requested kubernetes cluster to ensure that we can run spinnaker.
boolean smoketest = true;
boolean namespacesProvided = namespaces != null && !namespaces.isEmpty();
boolean omitNamespacesProvided = omitNamespaces != null && !omitNamespaces.isEmpty();
if (namespacesProvided && omitNamespacesProvided) {
psBuilder.addProblem(ERROR, "At most one of \"namespaces\" and \"omitNamespaces\" can be supplied.");
smoketest = false;
}
// TODO(lwander) find a good resource / list of resources for generating kubeconfig files to link to here.
try {
if (ValidatingFileReader.contents(psBuilder, kubeconfigFile) == null) {
return;
}
File kubeconfigFileOpen = new File(kubeconfigFile);
kubeconfig = KubeConfigUtils.parseConfig(kubeconfigFileOpen);
} catch (IOException e) {
psBuilder.addProblem(ERROR, e.getMessage());
return;
}
System.out.println(context);
if (context != null && !context.isEmpty()) {
Optional<NamedContext> namedContext = kubeconfig.getContexts().stream().filter(c -> c.getName().equals(context)).findFirst();
if (!namedContext.isPresent()) {
psBuilder.addProblem(ERROR, "Context \"" + context + "\" not found in kubeconfig \"" + kubeconfigFile + "\".", "context").setRemediation("Either add this context to your kubeconfig, rely on the default context, or pick another kubeconfig file.");
smoketest = false;
}
} else {
String currentContext = kubeconfig.getCurrentContext();
if (StringUtils.isEmpty(currentContext)) {
psBuilder.addProblem(ERROR, "You have not specified a Kubernetes context, and your kubeconfig \"" + kubeconfigFile + "\" has no current-context.", "context").setRemediation("Either specify a context in your halconfig, or set a current-context in your kubeconfig.");
smoketest = false;
} else {
psBuilder.addProblem(WARNING, "You have not specified a Kubernetes context in your halconfig, Spinnaker will use \"" + currentContext + "\" instead.", "context").setRemediation("We recommend explicitly setting a context in your halconfig, to ensure changes to your kubeconfig won't break your deployment.");
}
}
if (smoketest) {
Config config = KubernetesConfigParser.parse(kubeconfigFile, context, cluster, user, namespaces, false);
try {
KubernetesClient client = new DefaultKubernetesClient(config);
client.namespaces().list();
} catch (Exception e) {
ConfigProblemBuilder pb = psBuilder.addProblem(ERROR, "Unable to communicate with your Kubernetes cluster: " + e.getMessage() + ".");
if (e.getMessage().contains("Token may have expired")) {
pb.setRemediation("If you downloaded these keys with gcloud, it's possible they are in the wrong format. To fix this, run \n\n" + "gcloud config set container/use_client_certificate true\n\ngcloud container clusters get-credentials $CLUSTERNAME");
} else {
pb.setRemediation("Unable to authenticate with your Kubernetes cluster. Try using kubectl to verify your credentials.");
}
}
}
}
Also used :
KubernetesAccount(com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesAccount)
ConfigProblemSetBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemSetBuilder)
StringUtils(org.apache.commons.lang3.StringUtils)
DaemonTaskHandler(com.netflix.spinnaker.halyard.core.tasks.v1.DaemonTaskHandler)
WARNING(com.netflix.spinnaker.halyard.core.problem.v1.Problem.Severity.WARNING)
CollectionUtils(org.apache.commons.collections.CollectionUtils)
JobExecutor(com.netflix.spinnaker.halyard.core.job.v1.JobExecutor)
KubernetesConfigParser(com.netflix.spinnaker.clouddriver.kubernetes.v1.security.KubernetesConfigParser)
Validator(com.netflix.spinnaker.halyard.config.model.v1.node.Validator)
KubeConfigUtils(io.fabric8.kubernetes.client.internal.KubeConfigUtils)
NamedContext(io.fabric8.kubernetes.api.model.NamedContext)
Provider(com.netflix.spinnaker.halyard.config.model.v1.node.Provider)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
DockerRegistryReference(com.netflix.spinnaker.halyard.config.model.v1.providers.containers.DockerRegistryReference)
JobRequest(com.netflix.spinnaker.halyard.core.job.v1.JobRequest)
ERROR(com.netflix.spinnaker.halyard.core.problem.v1.Problem.Severity.ERROR)
IOException(java.io.IOException)
DeploymentConfiguration(com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)
Collectors(java.util.stream.Collectors)
File(java.io.File)
TimeUnit(java.util.concurrent.TimeUnit)
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
Config(io.fabric8.kubernetes.client.Config)
Component(org.springframework.stereotype.Component)
List(java.util.List)
FATAL(com.netflix.spinnaker.halyard.core.problem.v1.Problem.Severity.FATAL)
DockerRegistryReferenceValidation.validateDockerRegistries(com.netflix.spinnaker.halyard.config.validate.v1.providers.dockerRegistry.DockerRegistryReferenceValidation.validateDockerRegistries)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
Optional(java.util.Optional)
ValidatingFileReader(com.netflix.spinnaker.halyard.config.validate.v1.util.ValidatingFileReader)
DaemonTaskInterrupted(com.netflix.spinnaker.halyard.core.tasks.v1.DaemonTaskInterrupted)
Node(com.netflix.spinnaker.halyard.config.model.v1.node.Node)
JobStatus(com.netflix.spinnaker.halyard.core.job.v1.JobStatus)
Collections(java.util.Collections)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
NamedContext(io.fabric8.kubernetes.api.model.NamedContext)
Config(io.fabric8.kubernetes.client.Config)
IOException(java.io.IOException)
IOException(java.io.IOException)
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
File(java.io.File)
Example 30 with ConfigProblemBuilder
use of com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder in project halyard by spinnaker.
the class DeploymentService method getAllDeploymentConfigurations.
public List<DeploymentConfiguration> getAllDeploymentConfigurations() {
NodeFilter filter = new NodeFilter().withAnyDeployment();
List<DeploymentConfiguration> matching = lookupService.getMatchingNodesOfType(filter, DeploymentConfiguration.class);
if (matching.size() == 0) {
throw new ConfigNotFoundException(new ConfigProblemBuilder(Severity.FATAL, "No deployments could be found in your currently loaded halconfig").build());
} else {
return matching;
}
}
Also used :
ConfigProblemBuilder(com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)
ConfigNotFoundException(com.netflix.spinnaker.halyard.config.error.v1.ConfigNotFoundException)
DeploymentConfiguration(com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)
NodeFilter(com.netflix.spinnaker.halyard.config.model.v1.node.NodeFilter)
Aggregations
ConfigProblemBuilder (com.netflix.spinnaker.halyard.config.problem.v1.ConfigProblemBuilder)39
ConfigNotFoundException (com.netflix.spinnaker.halyard.config.error.v1.ConfigNotFoundException)18
NodeFilter (com.netflix.spinnaker.halyard.config.model.v1.node.NodeFilter)17
HalException (com.netflix.spinnaker.halyard.core.error.v1.HalException)16
IllegalConfigException (com.netflix.spinnaker.halyard.config.error.v1.IllegalConfigException)10
DeploymentConfiguration (com.netflix.spinnaker.halyard.config.model.v1.node.DeploymentConfiguration)4
Versions (com.netflix.spinnaker.halyard.core.registry.v1.Versions)4
IOException (java.io.IOException)4
Account (com.netflix.spinnaker.halyard.config.model.v1.node.Account)3
ArtifactProvider (com.netflix.spinnaker.halyard.config.model.v1.node.ArtifactProvider)3
Ci (com.netflix.spinnaker.halyard.config.model.v1.node.Ci)3
Provider (com.netflix.spinnaker.halyard.config.model.v1.node.Provider)3
Pubsub (com.netflix.spinnaker.halyard.config.model.v1.node.Pubsub)3
AppengineProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.appengine.AppengineProvider)3
AwsProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.aws.AwsProvider)3
AzureProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.azure.AzureProvider)3
DCOSProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.dcos.DCOSProvider)3
DockerRegistryProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.dockerRegistry.DockerRegistryProvider)3
GoogleProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.google.GoogleProvider)3
KubernetesProvider (com.netflix.spinnaker.halyard.config.model.v1.providers.kubernetes.KubernetesProvider)3
