Examples with HalException com.netflix.spinnaker.halyard.core.error.v1.HalException used on opensource projects

Example 56 with HalException

use of com.netflix.spinnaker.halyard.core.error.v1.HalException in project halyard by spinnaker.

the class GoogleDistributedService method stageProfiles.

@Override
default List<ConfigSource> stageProfiles(AccountDeploymentDetails<GoogleAccount> details, ResolvedConfiguration resolvedConfiguration) {
    String deploymentName = details.getDeploymentName();
    SpinnakerRuntimeSettings runtimeSettings = resolvedConfiguration.getRuntimeSettings();
    SpinnakerService thisService = getService();
    ServiceSettings thisServiceSettings = resolvedConfiguration.getServiceSettings(thisService);
    Map<String, String> env = new HashMap<>();
    Integer version = getRunningServiceDetails(details, runtimeSettings).getLatestEnabledVersion();
    if (version == null) {
        version = 0;
    } else {
        version++;
    }
    List<ConfigSource> configSources = new ArrayList<>();
    String stagingPath = getSpinnakerStagingPath(deploymentName);
    GoogleVaultServerService vaultService = getVaultServerService();
    VaultServerService.Vault vault = vaultService.connectToPrimaryService(details, runtimeSettings);
    for (SidecarService sidecarService : getSidecars(runtimeSettings)) {
        for (Profile profile : sidecarService.getSidecarProfiles(resolvedConfiguration, thisService)) {
            if (profile == null) {
                throw new HalException(Problem.Severity.FATAL, "Service " + sidecarService.getService().getCanonicalName() + " is required but was not supplied for deployment.");
            }
            String secretName = secretName(profile.getName(), version);
            String mountPoint = Paths.get(profile.getOutputFile()).toString();
            Path stagedFile = Paths.get(profile.getStagedFile(stagingPath));
            VaultConfigMount vaultConfigMount = VaultConfigMount.fromLocalFile(stagedFile.toFile(), mountPoint);
            secretName = vaultService.writeVaultConfig(deploymentName, vault, secretName, vaultConfigMount);
            configSources.add(new ConfigSource().setId(secretName).setMountPath(mountPoint));
        }
    }
    Map<String, Profile> serviceProfiles = resolvedConfiguration.getProfilesForService(thisService.getType());
    Set<String> requiredFiles = new HashSet<>();
    for (Map.Entry<String, Profile> entry : serviceProfiles.entrySet()) {
        Profile profile = entry.getValue();
        requiredFiles.addAll(profile.getRequiredFiles());
        env.putAll(profile.getEnv());
        String mountPoint = profile.getOutputFile();
        String secretName = secretName("profile-" + profile.getName(), version);
        Path stagedFile = Paths.get(profile.getStagedFile(stagingPath));
        VaultConfigMount vaultConfigMount = VaultConfigMount.fromLocalFile(stagedFile.toFile(), mountPoint);
        secretName = vaultService.writeVaultConfig(deploymentName, vault, secretName, vaultConfigMount);
        configSources.add(new ConfigSource().setId(secretName).setMountPath(mountPoint));
    }
    for (String file : requiredFiles) {
        String mountPoint = Paths.get(file).toString();
        String secretName = secretName("dependencies-" + file, version);
        VaultConfigMount vaultConfigMount = VaultConfigMount.fromLocalFile(Paths.get(file).toFile(), mountPoint);
        secretName = vaultService.writeVaultConfig(deploymentName, vault, secretName, vaultConfigMount);
        configSources.add(new ConfigSource().setId(secretName).setMountPath(mountPoint));
    }
    env.putAll(thisServiceSettings.getEnv());
    String envSourceFile = env.entrySet().stream().reduce("", (s, e) -> String.format("%s\n%s=%s", s, e.getKey(), e.getValue()), (s1, s2) -> String.join("\n", s1, s2));
    String mountPoint = getEnvFile();
    String secretName = secretName("env", version);
    VaultConfigMount vaultConfigMount = VaultConfigMount.fromString(envSourceFile, mountPoint);
    secretName = vaultService.writeVaultConfig(deploymentName, vault, secretName, vaultConfigMount);
    configSources.add(new ConfigSource().setId(secretName).setMountPath(mountPoint));
    return configSources;
}

Example 57 with HalException

use of com.netflix.spinnaker.halyard.core.error.v1.HalException in project halyard by spinnaker.

the class GoogleProviderUtils method openSshTunnel.

static URI openSshTunnel(AccountDeploymentDetails<GoogleAccount> details, String instanceName, ServiceSettings service) throws InterruptedException {
    int port = service.getPort();
    String key = Proxy.buildKey(details.getDeploymentName(), instanceName, port);
    Proxy proxy = proxyMap.getOrDefault(key, new Proxy());
    JobExecutor jobExecutor = DaemonTaskHandler.getJobExecutor();
    if (proxy.getJobId() == null || !jobExecutor.jobExists(proxy.getJobId())) {
        String ip = getInstanceIp(details, instanceName);
        String keyFile = getSshKeyFile();
        log.info("Opening port " + port + " against instance " + instanceName);
        boolean connected = false;
        int tries = 0;
        while (!connected && tries < openSshRetries) {
            tries++;
            proxy = openSshTunnel(ip, port, keyFile);
            connected = checkIfProxyIsOpen(proxy);
            if (!connected) {
                if (!jobExecutor.jobExists(proxy.jobId) || jobExecutor.updateJob(proxy.jobId).getState() == JobStatus.State.COMPLETED) {
                    log.warn("SSH tunnel closed prematurely");
                }
                log.info("SSH tunnel never opened, retrying in case the instance hasn't started yet... (" + tries + "/" + openSshRetries + ")");
                closeSshTunnel(proxy);
                DaemonTaskHandler.safeSleep(TimeUnit.SECONDS.toMillis(10));
            }
        }
        if (!connected) {
            JobStatus status = jobExecutor.updateJob(proxy.getJobId());
            throw new HalException(FATAL, "Unable to connect to instance " + instanceName + ": " + status.getStdErr());
        }
        proxyMap.put(key, proxy);
    }
    try {
        return new URIBuilder().setScheme("http").setHost("localhost").setPort(proxy.getPort()).build();
    } catch (URISyntaxException e) {
        throw new RuntimeException("Failed to build URI for SSH connection", e);
    }
}

Example 58 with HalException

use of com.netflix.spinnaker.halyard.core.error.v1.HalException in project halyard by spinnaker.

the class GoogleProviderUtils method ensureSpinnakerNetworkExists.

static String ensureSpinnakerNetworkExists(AccountDeploymentDetails<GoogleAccount> details) {
    String networkName = getNetworkName();
    String project = details.getAccount().getProject();
    Compute compute = getCompute(details);
    boolean exists = true;
    try {
        compute.networks().get(project, networkName).execute();
    } catch (GoogleJsonResponseException e) {
        if (e.getStatusCode() == 404) {
            exists = false;
        } else {
            throw new HalException(FATAL, "Google error encountered retrieving network: " + e.getMessage(), e);
        }
    } catch (IOException e) {
        throw new HalException(FATAL, "Failed to check if spinnaker network exists: " + e.getMessage(), e);
    }
    if (!exists) {
        String networkUrl;
        Network network = new Network().setAutoCreateSubnetworks(true).setName(networkName).setDescription("Spinnaker network auto-created by Halyard");
        try {
            DaemonTaskHandler.message("Creating a spinnaker network...");
            Operation operation = compute.networks().insert(project, network).execute();
            networkUrl = operation.getTargetLink();
            GoogleProviderUtils.waitOnGlobalOperation(compute, project, operation);
        } catch (IOException e) {
            throw new HalException(FATAL, "Failed to create Spinnaker network: " + e.getMessage(), e);
        }
        Firewall.Allowed allowSsh = new Firewall.Allowed().setPorts(Collections.singletonList("22")).setIPProtocol("tcp");
        Firewall firewallSsh = new Firewall().setNetwork(networkUrl).setAllowed(Collections.singletonList(allowSsh)).setName(networkName + "-allow-ssh").setSourceRanges(Collections.singletonList("0.0.0.0/0"));
        Firewall.Allowed allowInternalTcp = new Firewall.Allowed().setPorts(Collections.singletonList("1-65535")).setIPProtocol("tcp");
        Firewall.Allowed allowInternalUdp = new Firewall.Allowed().setPorts(Collections.singletonList("1-65535")).setIPProtocol("udp");
        Firewall.Allowed allowInternalIcmp = new Firewall.Allowed().setIPProtocol("icmp");
        List<Firewall.Allowed> allowInteral = new ArrayList<>();
        allowInteral.add(allowInternalTcp);
        allowInteral.add(allowInternalUdp);
        allowInteral.add(allowInternalIcmp);
        Firewall firewallInternal = new Firewall().setNetwork(networkUrl).setAllowed(allowInteral).setName(networkName + "-allow-internal").setSourceRanges(Collections.singletonList("10.0.0.0/8"));
        try {
            DaemonTaskHandler.message("Adding firewall rules...");
            compute.firewalls().insert(project, firewallSsh).execute();
            compute.firewalls().insert(project, firewallInternal).execute();
        } catch (IOException e) {
            throw new HalException(FATAL, "Failed to create Firewall rule network: " + e.getMessage(), e);
        }
    }
    return String.format("projects/%s/global/networks/%s", project, networkName);
}

Example 59 with HalException

use of com.netflix.spinnaker.halyard.core.error.v1.HalException in project halyard by spinnaker.

the class BakeServiceProvider method getBakeService.

public <S> BakeService<S> getBakeService(SpinnakerService.Type type, Class<S> clazz) {
    Field serviceField = getField(type.getCanonicalName() + "service");
    if (serviceField == null) {
        return null;
    }
    serviceField.setAccessible(true);
    try {
        return (BakeService<S>) serviceField.get(this);
    } catch (IllegalAccessException e) {
        throw new HalException(Problem.Severity.FATAL, "Can't access service field for " + type + ": " + e.getMessage());
    } finally {
        serviceField.setAccessible(false);
    }
}

Example 60 with HalException

use of com.netflix.spinnaker.halyard.core.error.v1.HalException in project halyard by spinnaker.

the class DistributedServiceProvider method getDeployableService.

public <S> DistributedService<S, T> getDeployableService(SpinnakerService.Type type, Class<S> clazz) {
    Field serviceField = getField(type.getCanonicalName() + "service");
    if (serviceField == null) {
        return null;
    }
    serviceField.setAccessible(true);
    try {
        return (DistributedService<S, T>) serviceField.get(this);
    } catch (IllegalAccessException e) {
        throw new HalException(Problem.Severity.FATAL, "Can't access service field for " + type + ": " + e.getMessage());
    } finally {
        serviceField.setAccessible(false);
    }
}