Search in sources :

Example 1 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class ClusterHostServiceRunner method createSaltConfig.

private SaltConfig createSaltConfig(Stack stack, Cluster cluster, List<GrainProperties> grainsProperties) throws IOException, CloudbreakOrchestratorException {
    GatewayConfig primaryGatewayConfig = gatewayConfigService.getPrimaryGatewayConfig(stack);
    ClouderaManagerRepo clouderaManagerRepo = clusterComponentConfigProvider.getClouderaManagerRepoDetails(cluster.getId());
    Map<String, SaltPillarProperties> servicePillar = new HashMap<>();
    KerberosConfig kerberosConfig = kerberosConfigService.get(stack.getEnvironmentCrn(), stack.getName()).orElse(null);
    saveCustomNameservers(stack, kerberosConfig, servicePillar);
    servicePillar.putAll(createUnboundEliminationPillar(stack.getDomainDnsResolver()));
    addKerberosConfig(servicePillar, kerberosConfig);
    servicePillar.putAll(hostAttributeDecorator.createHostAttributePillars(stack));
    servicePillar.put("discovery", new SaltPillarProperties("/discovery/init.sls", singletonMap("platform", stack.cloudPlatform())));
    String virtualGroupsEnvironmentCrn = environmentConfigProvider.getParentEnvironmentCrn(stack.getEnvironmentCrn());
    boolean deployedInChildEnvironment = !virtualGroupsEnvironmentCrn.equals(stack.getEnvironmentCrn());
    Map<String, ? extends Serializable> clusterProperties = Map.of("name", stack.getCluster().getName(), "deployedInChildEnvironment", deployedInChildEnvironment);
    servicePillar.put("metadata", new SaltPillarProperties("/metadata/init.sls", singletonMap("cluster", clusterProperties)));
    ClusterPreCreationApi connector = clusterApiConnectors.getConnector(cluster);
    Map<String, List<String>> serviceLocations = getServiceLocations(cluster);
    Optional<LdapView> ldapView = ldapConfigService.get(stack.getEnvironmentCrn(), stack.getName());
    VirtualGroupRequest virtualGroupRequest = getVirtualGroupRequest(virtualGroupsEnvironmentCrn, ldapView);
    servicePillar.putAll(createGatewayPillar(primaryGatewayConfig, cluster, stack, virtualGroupRequest, connector, kerberosConfig, serviceLocations, clouderaManagerRepo));
    saveIdBrokerPillar(cluster, servicePillar);
    postgresConfigService.decorateServicePillarWithPostgresIfNeeded(servicePillar, stack, cluster);
    addClouderaManagerConfig(stack, cluster, servicePillar, clouderaManagerRepo, primaryGatewayConfig);
    ldapView.ifPresent(ldap -> saveLdapPillar(ldap, servicePillar));
    saveSssdAdPillar(servicePillar, kerberosConfig);
    servicePillar.putAll(saveSssdIpaPillar(kerberosConfig, serviceLocations, stack.getEnvironmentCrn()));
    Map<String, Map<String, String>> mountPathMap = stack.getInstanceGroups().stream().flatMap(group -> group.getInstanceMetaDataSet().stream().filter(instanceMetaData -> instanceMetaData.getDiscoveryFQDN() != null).collect(Collectors.toMap(InstanceMetaData::getDiscoveryFQDN, node -> Map.of("mount_path", getMountPath(group), "cloud_platform", stack.getCloudPlatform(), "temporary_storage", group.getTemplate().getTemporaryStorage().name()), (l, r) -> Map.of("mount_path", getMountPath(group), "cloud_platform", stack.getCloudPlatform(), "temporary_storage", group.getTemplate().getTemporaryStorage().name()))).entrySet().stream()).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
    servicePillar.put("startup", new SaltPillarProperties("/mount/startup.sls", singletonMap("mount", mountPathMap)));
    proxyConfigProvider.decoratePillarWithProxyDataIfNeeded(servicePillar, cluster);
    decoratePillarWithJdbcConnectors(cluster, servicePillar);
    return new SaltConfig(servicePillar, grainsProperties);
}
Also used : CloudbreakException(com.sequenceiq.cloudbreak.service.CloudbreakException) DatalakeService(com.sequenceiq.cloudbreak.service.sharedservice.DatalakeService) ComponentConfigProviderService(com.sequenceiq.cloudbreak.service.ComponentConfigProviderService) StringUtils(org.apache.commons.lang3.StringUtils) ThreadBasedUserCrnProvider(com.sequenceiq.cloudbreak.auth.ThreadBasedUserCrnProvider) Map(java.util.Map) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) StringUtils.isEmpty(org.apache.commons.lang3.StringUtils.isEmpty) HostAttributeDecorator(com.sequenceiq.cloudbreak.core.bootstrap.service.host.decorator.HostAttributeDecorator) RecipeEngine(com.sequenceiq.cloudbreak.service.cluster.flow.recipe.RecipeEngine) CLOUDERAMANAGER_VERSION_7_2_1(com.sequenceiq.cloudbreak.cmtemplate.CMRepositoryVersionUtil.CLOUDERAMANAGER_VERSION_7_2_1) CLOUDERAMANAGER_VERSION_7_2_0(com.sequenceiq.cloudbreak.cmtemplate.CMRepositoryVersionUtil.CLOUDERAMANAGER_VERSION_7_2_0) Set(java.util.Set) Crn(com.sequenceiq.cloudbreak.auth.crn.Crn) CloudbreakOrchestratorException(com.sequenceiq.cloudbreak.orchestrator.exception.CloudbreakOrchestratorException) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) Serializable(java.io.Serializable) TargetedUpscaleSupportService(com.sequenceiq.cloudbreak.service.stack.TargetedUpscaleSupportService) StringUtils.isNotBlank(org.apache.commons.lang3.StringUtils.isNotBlank) RdsConfigWithoutClusterService(com.sequenceiq.cloudbreak.service.rdsconfig.RdsConfigWithoutClusterService) StackUtil(com.sequenceiq.cloudbreak.util.StackUtil) MDCUtils(com.sequenceiq.cloudbreak.logger.MDCUtils) CloudbreakOrchestratorFailedException(com.sequenceiq.cloudbreak.orchestrator.exception.CloudbreakOrchestratorFailedException) CollectionUtils(org.springframework.util.CollectionUtils) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig) ExposedServices(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.ExposedServices) CancellationException(com.sequenceiq.cloudbreak.cloud.scheduler.CancellationException) InstanceGroup(com.sequenceiq.cloudbreak.domain.stack.instance.InstanceGroup) StackService(com.sequenceiq.cloudbreak.service.stack.StackService) Joiner(com.google.common.base.Joiner) Stack(com.sequenceiq.cloudbreak.domain.stack.Stack) CMLicenseParser(com.sequenceiq.cloudbreak.auth.CMLicenseParser) OrchestratorGrainRunnerParams(com.sequenceiq.cloudbreak.orchestrator.host.OrchestratorGrainRunnerParams) HostGroupService(com.sequenceiq.cloudbreak.service.hostgroup.HostGroupService) StringUtils.isNotEmpty(org.apache.commons.lang3.StringUtils.isNotEmpty) ArrayList(java.util.ArrayList) Value(org.springframework.beans.factory.annotation.Value) CsdParcelDecorator(com.sequenceiq.cloudbreak.core.bootstrap.service.host.decorator.CsdParcelDecorator) KerberosDetailService(com.sequenceiq.cloudbreak.template.kerberos.KerberosDetailService) Lists(com.google.common.collect.Lists) KerberosType(com.sequenceiq.cloudbreak.type.KerberosType) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) CMRepositoryVersionUtil.isVersionNewerOrEqualThanLimited(com.sequenceiq.cloudbreak.cmtemplate.CMRepositoryVersionUtil.isVersionNewerOrEqualThanLimited) ClusterComponentConfigProvider(com.sequenceiq.cloudbreak.cluster.service.ClusterComponentConfigProvider) NullUtil.throwIfNull(com.sequenceiq.cloudbreak.util.NullUtil.throwIfNull) DatabaseType(com.sequenceiq.cloudbreak.api.endpoint.v4.database.base.DatabaseType) DnsResolverType(com.sequenceiq.cloudbreak.domain.stack.DnsResolverType) ExitCriteriaModel(com.sequenceiq.cloudbreak.orchestrator.state.ExitCriteriaModel) IOException(java.io.IOException) PostgresConfigService(com.sequenceiq.cloudbreak.core.bootstrap.service.container.postgres.PostgresConfigService) ServiceLocationMap(com.sequenceiq.cloudbreak.cluster.model.ServiceLocationMap) ClusterDeletionBasedExitCriteriaModel(com.sequenceiq.cloudbreak.core.bootstrap.service.ClusterDeletionBasedExitCriteriaModel) GrpcUmsClient(com.sequenceiq.cloudbreak.auth.altus.GrpcUmsClient) HostGroup(com.sequenceiq.cloudbreak.domain.stack.cluster.host.HostGroup) GrainProperties(com.sequenceiq.cloudbreak.orchestrator.model.GrainProperties) InstanceMetaData(com.sequenceiq.cloudbreak.domain.stack.instance.InstanceMetaData) GatewayTopology(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.GatewayTopology) ComponentLocatorService(com.sequenceiq.cloudbreak.service.blueprint.ComponentLocatorService) InetAddresses(com.google.common.net.InetAddresses) NodesUnreachableException(com.sequenceiq.cloudbreak.util.NodesUnreachableException) SaltConfig(com.sequenceiq.cloudbreak.orchestrator.model.SaltConfig) GrainOperation(com.sequenceiq.cloudbreak.orchestrator.host.GrainOperation) EntitlementService(com.sequenceiq.cloudbreak.auth.altus.EntitlementService) CloudbreakOrchestratorCancelledException(com.sequenceiq.cloudbreak.orchestrator.exception.CloudbreakOrchestratorCancelledException) LoggerFactory(org.slf4j.LoggerFactory) LoadBalancerSANProvider(com.sequenceiq.cloudbreak.san.LoadBalancerSANProvider) InstanceGroupService(com.sequenceiq.cloudbreak.service.stack.InstanceGroupService) ClusterPreCreationApi(com.sequenceiq.cloudbreak.cluster.api.ClusterPreCreationApi) KerberosConfigService(com.sequenceiq.cloudbreak.kerberos.KerberosConfigService) ExposedServiceCollector(com.sequenceiq.cloudbreak.api.service.ExposedServiceCollector) Telemetry(com.sequenceiq.common.api.telemetry.model.Telemetry) NotFoundException(com.sequenceiq.cloudbreak.common.exception.NotFoundException) HostOrchestrator(com.sequenceiq.cloudbreak.orchestrator.host.HostOrchestrator) CLOUDERAMANAGER_VERSION_7_0_2(com.sequenceiq.cloudbreak.cmtemplate.CMRepositoryVersionUtil.CLOUDERAMANAGER_VERSION_7_0_2) SaltPillarProperties(com.sequenceiq.cloudbreak.orchestrator.model.SaltPillarProperties) DataBusCredential(com.sequenceiq.common.api.telemetry.model.DataBusCredential) StackTags(com.sequenceiq.cloudbreak.cloud.model.StackTags) ExposedService(com.sequenceiq.cloudbreak.api.service.ExposedService) Collectors(java.util.stream.Collectors) TemporaryStorage(com.sequenceiq.cloudbreak.common.type.TemporaryStorage) RegionAwareInternalCrnGeneratorFactory(com.sequenceiq.cloudbreak.auth.crn.RegionAwareInternalCrnGeneratorFactory) Json(com.sequenceiq.cloudbreak.common.json.Json) IdBrokerService(com.sequenceiq.cloudbreak.service.idbroker.IdBrokerService) GatewayConfigService(com.sequenceiq.cloudbreak.service.GatewayConfigService) ProxyConfigProvider(com.sequenceiq.cloudbreak.service.proxy.ProxyConfigProvider) List(java.util.List) VirtualGroupService(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupService) RdsView(com.sequenceiq.cloudbreak.template.views.RdsView) Optional(java.util.Optional) SSOType(com.sequenceiq.cloudbreak.api.endpoint.v4.stacks.base.SSOType) Pattern(java.util.regex.Pattern) KerberosConfig(com.sequenceiq.cloudbreak.dto.KerberosConfig) Account(com.cloudera.thunderhead.service.usermanagement.UserManagementProto.Account) Cluster(com.sequenceiq.cloudbreak.domain.stack.cluster.Cluster) LoadBalancerConfigService(com.sequenceiq.cloudbreak.service.LoadBalancerConfigService) CMRepositoryVersionUtil(com.sequenceiq.cloudbreak.cmtemplate.CMRepositoryVersionUtil) IdBroker(com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker) LdapConfigService(com.sequenceiq.cloudbreak.ldap.LdapConfigService) HashMap(java.util.HashMap) FreeIpaConfigProvider(com.sequenceiq.cloudbreak.service.freeipa.FreeIpaConfigProvider) HashSet(java.util.HashSet) Inject(javax.inject.Inject) InstanceMetaDataService(com.sequenceiq.cloudbreak.service.stack.InstanceMetaDataService) Collections.singletonMap(java.util.Collections.singletonMap) RdsConfigWithoutCluster(com.sequenceiq.cloudbreak.domain.view.RdsConfigWithoutCluster) Nonnull(javax.annotation.Nonnull) TelemetryDecorator(com.sequenceiq.cloudbreak.core.bootstrap.service.host.decorator.TelemetryDecorator) ClusterDeletionBasedExitCriteriaModel.clusterDeletionBasedModel(com.sequenceiq.cloudbreak.core.bootstrap.service.ClusterDeletionBasedExitCriteriaModel.clusterDeletionBasedModel) Logger(org.slf4j.Logger) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) NodeReachabilityResult(com.sequenceiq.cloudbreak.orchestrator.model.NodeReachabilityResult) EnvironmentConfigProvider(com.sequenceiq.cloudbreak.service.environment.EnvironmentConfigProvider) Node(com.sequenceiq.cloudbreak.common.orchestration.Node) MountDisks(com.sequenceiq.cloudbreak.service.stack.flow.MountDisks) Component(org.springframework.stereotype.Component) UmsVirtualGroupRight(com.sequenceiq.cloudbreak.auth.altus.UmsVirtualGroupRight) ClusterApiConnectors(com.sequenceiq.cloudbreak.service.cluster.ClusterApiConnectors) CloudbreakServiceException(com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException) Comparator(java.util.Comparator) Collections(java.util.Collections) HashMap(java.util.HashMap) KerberosConfig(com.sequenceiq.cloudbreak.dto.KerberosConfig) SaltConfig(com.sequenceiq.cloudbreak.orchestrator.model.SaltConfig) ClusterPreCreationApi(com.sequenceiq.cloudbreak.cluster.api.ClusterPreCreationApi) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) SaltPillarProperties(com.sequenceiq.cloudbreak.orchestrator.model.SaltPillarProperties) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ArrayList(java.util.ArrayList) List(java.util.List) Map(java.util.Map) ServiceLocationMap(com.sequenceiq.cloudbreak.cluster.model.ServiceLocationMap) HashMap(java.util.HashMap) Collections.singletonMap(java.util.Collections.singletonMap) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)

Example 2 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class ClusterHostServiceRunner method createSaltConfigWithGatewayPillarOnly.

private SaltConfig createSaltConfigWithGatewayPillarOnly(Stack stack, Cluster cluster, List<GrainProperties> grainsProperties) throws IOException, CloudbreakOrchestratorException {
    GatewayConfig primaryGatewayConfig = gatewayConfigService.getPrimaryGatewayConfig(stack);
    String virtualGroupsEnvironmentCrn = environmentConfigProvider.getParentEnvironmentCrn(stack.getEnvironmentCrn());
    ClusterPreCreationApi connector = clusterApiConnectors.getConnector(cluster);
    Map<String, List<String>> serviceLocations = getServiceLocations(cluster);
    LOGGER.debug("Getting LDAP config for Gateway pillar");
    Optional<LdapView> ldapView = ldapConfigService.get(stack.getEnvironmentCrn(), stack.getName());
    VirtualGroupRequest virtualGroupRequest = getVirtualGroupRequest(virtualGroupsEnvironmentCrn, ldapView);
    LOGGER.debug("Getting kerberos config for Gateway pillar");
    KerberosConfig kerberosConfig = kerberosConfigService.get(stack.getEnvironmentCrn(), stack.getName()).orElse(null);
    ClouderaManagerRepo clouderaManagerRepo = clusterComponentConfigProvider.getClouderaManagerRepoDetails(cluster.getId());
    LOGGER.debug("Creating gateway pillar");
    Map<String, SaltPillarProperties> servicePillar = new HashMap<>(createGatewayPillar(primaryGatewayConfig, cluster, stack, virtualGroupRequest, connector, kerberosConfig, serviceLocations, clouderaManagerRepo));
    return new SaltConfig(servicePillar, grainsProperties);
}
Also used : HashMap(java.util.HashMap) KerberosConfig(com.sequenceiq.cloudbreak.dto.KerberosConfig) SaltConfig(com.sequenceiq.cloudbreak.orchestrator.model.SaltConfig) ClusterPreCreationApi(com.sequenceiq.cloudbreak.cluster.api.ClusterPreCreationApi) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) SaltPillarProperties(com.sequenceiq.cloudbreak.orchestrator.model.SaltPillarProperties) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ArrayList(java.util.ArrayList) List(java.util.List) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)

Example 3 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class LdapSSOConfigurationHandler method accept.

@Override
public void accept(Event<LdapSSOConfigurationRequest> ldapConfigurationRequestEvent) {
    Long stackId = ldapConfigurationRequestEvent.getData().getResourceId();
    Selectable response;
    try {
        Stack stack = stackService.getByIdWithListsInTransaction(stackId);
        GatewayConfig primaryGatewayConfig = gatewayConfigService.getPrimaryGatewayConfig(stack);
        LdapView ldapView = ldapConfigService.get(stack.getEnvironmentCrn(), stack.getName()).orElse(null);
        String environmentCrnForVirtualGroups = environmentConfigProvider.getParentEnvironmentCrn(stack.getEnvironmentCrn());
        VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(environmentCrnForVirtualGroups, ldapView != null ? ldapView.getAdminGroup() : "");
        clusterApiConnectors.getConnector(stack).clusterSecurityService().setupLdapAndSSO(primaryGatewayConfig.getPublicAddress(), ldapView, virtualGroupRequest);
        response = new LdapSSOConfigurationSuccess(stackId);
    } catch (Exception e) {
        LOGGER.info("Error during LDAP configuration, stackId: " + stackId, e);
        response = new LdapSSOConfigurationFailed(stackId, e);
    }
    eventBus.notify(response.selector(), new Event<>(ldapConfigurationRequestEvent.getHeaders(), response));
}
Also used : LdapSSOConfigurationFailed(com.sequenceiq.cloudbreak.reactor.api.event.ldap.LdapSSOConfigurationFailed) Selectable(com.sequenceiq.cloudbreak.common.event.Selectable) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) LdapSSOConfigurationSuccess(com.sequenceiq.cloudbreak.reactor.api.event.ldap.LdapSSOConfigurationSuccess) Stack(com.sequenceiq.cloudbreak.domain.stack.Stack) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)

Example 4 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class RangerRoleConfigProviderTest method testGetRangerAdminDefaultPolicyGroups.

@ParameterizedTest(name = "{0}")
@MethodSource("defaultPolicyGroupsDataProvider")
public void testGetRangerAdminDefaultPolicyGroups(String testCaseName, String cdhVersion, int expectedRoleConfigCount, int expectedSvcConfigCount) {
    HostgroupView master = new HostgroupView("master", 1, InstanceGroupType.GATEWAY, 1);
    HostgroupView worker = new HostgroupView("worker", 2, InstanceGroupType.CORE, 2);
    String inputJson = getBlueprintText("input/clouderamanager-db-config.bp");
    CmTemplateProcessor cmTemplateProcessor = new CmTemplateProcessor(inputJson);
    cmTemplateProcessor.setCdhVersion(cdhVersion);
    TemplatePreparationObject preparationObject = Builder.builder().withHostgroupViews(Set.of(master, worker)).withBlueprintView(new BlueprintView(inputJson, "", "", cmTemplateProcessor)).withRdsConfigs(Set.of(rdsConfig(DatabaseType.RANGER))).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withProductDetails(generateCmRepo(() -> cdhVersion), null).build();
    if (expectedRoleConfigCount == 6) {
        when(virtualGroupService.createOrGetVirtualGroup(preparationObject.getVirtualGroupRequest(), RANGER_ADMIN)).thenReturn(ADMIN_GROUP);
    }
    if ("7.6.0".equals(cdhVersion)) {
        when(virtualGroupService.createOrGetVirtualGroup(preparationObject.getVirtualGroupRequest(), RANGER_ADMIN)).thenReturn(ADMIN_GROUP);
        when(virtualGroupService.createOrGetVirtualGroup(preparationObject.getVirtualGroupRequest(), HBASE_ADMIN)).thenReturn(HBASE_ADMIN_GROUP);
    }
    Map<String, List<ApiClusterTemplateConfig>> roleConfigs = underTest.getRoleConfigs(cmTemplateProcessor, preparationObject);
    List<ApiClusterTemplateConfig> masterRangerAdmin = roleConfigs.get("ranger-RANGER_ADMIN-BASE");
    assertThat(masterRangerAdmin.size()).isEqualTo(expectedRoleConfigCount);
    List<ApiClusterTemplateConfig> serviceConfigs = underTest.getServiceConfigs(cmTemplateProcessor, preparationObject);
    assertThat(serviceConfigs.size()).isEqualTo(expectedSvcConfigCount);
    if (expectedRoleConfigCount == 6) {
        assertThat(masterRangerAdmin.get(5).getName()).isEqualTo(RANGER_DEFAULT_POLICY_GROUPS);
        assertThat(masterRangerAdmin.get(5).getValue()).isEqualTo(ADMIN_GROUP);
    }
    if ("7.6.0".equals(cdhVersion)) {
        assertThat(masterRangerAdmin.get(1).getName()).isEqualTo(RANGER_HBASE_ADMIN_VIRTUAL_GROUPS);
        assertThat(masterRangerAdmin.get(1).getValue()).isEqualTo(HBASE_ADMIN_GROUP);
    }
}
Also used : TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) List(java.util.List) CmTemplateProcessor(com.sequenceiq.cloudbreak.cmtemplate.CmTemplateProcessor) ApiClusterTemplateConfig(com.cloudera.api.swagger.model.ApiClusterTemplateConfig) HostgroupView(com.sequenceiq.cloudbreak.template.views.HostgroupView) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) MethodSource(org.junit.jupiter.params.provider.MethodSource)

Example 5 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method roleConfigsWithGatewayWithLdapConfig.

@Test
public void roleConfigsWithGatewayWithLdapConfig() {
    Gateway gateway = new Gateway();
    gateway.setKnoxMasterSecret("admin");
    gateway.setPath("/a/b/c");
    IdBroker idBroker = new IdBroker();
    idBroker.setMasterSecret("supersecret");
    BlueprintTextProcessor blueprintTextProcessor = mock(BlueprintTextProcessor.class);
    LdapView ldapConfig = LdapViewBuilder.aLdapView().build();
    BlueprintView blueprintView = new BlueprintView("text", "7.2.11", "CDH", blueprintTextProcessor);
    GeneralClusterConfigs generalClusterConfigs = new GeneralClusterConfigs();
    generalClusterConfigs.setAccountId(Optional.of("1234"));
    TemplatePreparationObject source = Builder.builder().withGateway(gateway, "key", new HashSet<>()).withLdapConfig(ldapConfig).withGeneralClusterConfigs(generalClusterConfigs).withBlueprintView(blueprintView).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withProductDetails(new ClouderaManagerRepo().withVersion("7.4.2"), List.of(new ClouderaManagerProduct().withVersion("7.2.10").withName("CDH"))).withIdBroker(idBroker).build();
    when(virtualGroupService.createOrGetVirtualGroup(source.getVirtualGroupRequest(), UmsVirtualGroupRight.KNOX_ADMIN)).thenReturn("knox_admins");
    when(entitlementService.isOjdbcTokenDhOneHour(anyString())).thenReturn(true);
    assertEquals(List.of(config("idbroker_master_secret", "supersecret"), config("idbroker_gateway_knox_admin_groups", "knox_admins"), config("idbroker_gateway_signing_keystore_name", "signing.jks"), config("idbroker_gateway_signing_keystore_type", "JKS"), config("idbroker_gateway_signing_key_alias", "signing-identity")), underTest.getRoleConfigs(KnoxRoles.IDBROKER, source));
    assertEquals(List.of(config("gateway_master_secret", gateway.getKnoxMasterSecret()), config("gateway_default_topology_name", "cdp-proxy"), config("gateway_knox_admin_groups", "knox_admins"), config("gateway_auto_discovery_enabled", "false"), config("gateway_path", gateway.getPath()), config("gateway_signing_keystore_name", "signing.jks"), config("gateway_signing_keystore_type", "JKS"), config("gateway_signing_key_alias", "signing-identity"), config("gateway_dispatch_whitelist", "^*.*$"), config("gateway_service_tokenstate_impl", "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService")), ThreadBasedUserCrnProvider.doAs(TEST_USER_CRN, () -> underTest.getRoleConfigs(KnoxRoles.KNOX_GATEWAY, source)));
    assertEquals(List.of(), underTest.getRoleConfigs("NAMENODE", source));
}
Also used : TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) BlueprintTextProcessor(com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) ClouderaManagerProduct(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct) IdBroker(com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

VirtualGroupRequest (com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest)19 LdapView (com.sequenceiq.cloudbreak.dto.LdapView)10 ClouderaManagerRepo (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo)8 BlueprintView (com.sequenceiq.cloudbreak.template.views.BlueprintView)8 IdBroker (com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker)7 Gateway (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway)7 TemplatePreparationObject (com.sequenceiq.cloudbreak.template.TemplatePreparationObject)7 GeneralClusterConfigs (com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs)7 ArrayList (java.util.ArrayList)7 Test (org.junit.Test)7 ApiClusterTemplateConfig (com.cloudera.api.swagger.model.ApiClusterTemplateConfig)6 ClouderaManagerProduct (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct)6 BlueprintTextProcessor (com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor)5 CloudbreakServiceException (com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException)3 ExposedServices (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.ExposedServices)3 GatewayTopology (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.GatewayTopology)3 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)3 List (java.util.List)3 ApiAuthRoleMetadata (com.cloudera.api.swagger.model.ApiAuthRoleMetadata)2 ApiAuthRoleMetadataList (com.cloudera.api.swagger.model.ApiAuthRoleMetadataList)2