Search in sources :

Example 1 with ObjectStorageValidateResponse

use of com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse in project cloudbreak by hortonworks.

the class AzureObjectStorageConnector method validateObjectStorage.

@Override
public ObjectStorageValidateResponse validateObjectStorage(ObjectStorageValidateRequest request) {
    String accountId = Crn.safeFromString(request.getCredential().getId()).getAccountId();
    if (!entitlementService.azureCloudStorageValidationEnabled(accountId)) {
        LOGGER.info("Azure Cloud storage validation entitlement is missing, not validating cloudStorageRequest: {}", JsonUtil.writeValueAsStringSilent(request));
        return ObjectStorageValidateResponse.builder().withStatus(ResponseStatus.OK).build();
    }
    AzureClient client = azureClientService.getClient(request.getCredential());
    SpiFileSystem spiFileSystem = request.getSpiFileSystem();
    ValidationResult.ValidationResultBuilder resultBuilder = new ValidationResult.ValidationResultBuilder();
    resultBuilder.prefix("Cloud Storage validation failed");
    try {
        ValidationResult validationResult = azureIDBrokerObjectStorageValidator.validateObjectStorage(client, spiFileSystem, request.getLogsLocationBase(), request.getBackupLocationBase(), getSingleResourceGroupName(request), resultBuilder);
        ObjectStorageValidateResponse response;
        if (validationResult.hasError()) {
            response = ObjectStorageValidateResponse.builder().withStatus(ResponseStatus.ERROR).withError(validationResult.getFormattedErrors()).build();
        } else {
            response = ObjectStorageValidateResponse.builder().withStatus(ResponseStatus.OK).build();
        }
        return response;
    } catch (CloudException e) {
        if (e.body() != null && StringUtils.equals("AuthorizationFailed", e.body().code())) {
            LOGGER.error("Object storage validation failed on Azure due to authorization failure: ", e.getMessage());
            throw new AccessDeniedException("Object storage validation failed on Azure due to authorization failure: ", e);
        }
        throw azureUtils.convertToCloudConnectorException(e, "Object storage validation");
    }
}
Also used : AzureClient(com.sequenceiq.cloudbreak.cloud.azure.client.AzureClient) AccessDeniedException(org.springframework.security.access.AccessDeniedException) ObjectStorageValidateResponse(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse) SpiFileSystem(com.sequenceiq.cloudbreak.cloud.model.SpiFileSystem) CloudException(com.microsoft.azure.CloudException) ValidationResult(com.sequenceiq.cloudbreak.validation.ValidationResult)

Example 2 with ObjectStorageValidateResponse

use of com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse in project cloudbreak by hortonworks.

the class CloudStorageValidatorTest method validateEnvironmentRequestCloudStorageValidation.

@Test
public void validateEnvironmentRequestCloudStorageValidation() {
    when(environment.getCloudStorageValidation()).thenReturn(CloudStorageValidation.ENABLED);
    when(environment.getCredential()).thenReturn(new CredentialResponse());
    when(secretService.getByResponse(any())).thenReturn("secret");
    when(regionAwareInternalCrnGenerator.getInternalCrnForServiceAsString()).thenReturn("crn");
    when(regionAwareInternalCrnGeneratorFactory.iam()).thenReturn(regionAwareInternalCrnGenerator);
    when(credentialToCloudCredentialConverter.convert(any())).thenReturn(new CloudCredential("id", "name", Map.of("secretKey", "thisshouldnotappearinlog"), "acc", false));
    when(entitlementService.cloudStorageValidationEnabled(any())).thenReturn(true);
    when(cloudProviderServicesV4Endopint.validateObjectStorage(any())).thenReturn(new ObjectStorageValidateResponse());
    ValidationResultBuilder validationResultBuilder = new ValidationResultBuilder();
    ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.validate(new CloudStorageRequest(), environment, validationResultBuilder));
    assertFalse(validationResultBuilder.build().hasError());
}
Also used : CloudStorageRequest(com.sequenceiq.common.api.cloudstorage.CloudStorageRequest) CloudCredential(com.sequenceiq.cloudbreak.cloud.model.CloudCredential) ObjectStorageValidateResponse(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse) ValidationResultBuilder(com.sequenceiq.cloudbreak.validation.ValidationResult.ValidationResultBuilder) CredentialResponse(com.sequenceiq.environment.api.v1.credential.model.response.CredentialResponse) Test(org.junit.jupiter.api.Test)

Example 3 with ObjectStorageValidateResponse

use of com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse in project cloudbreak by hortonworks.

the class CloudStorageValidatorTest method validateCloudStorageSetLocationBaseWhenLoggingIsConfigured.

@Test
public void validateCloudStorageSetLocationBaseWhenLoggingIsConfigured() {
    when(credentialService.getByCrnForAccountId(anyString(), anyString(), any(), anyBoolean())).thenReturn(new Credential());
    when(regionAwareInternalCrnGenerator.getInternalCrnForServiceAsString()).thenReturn("crn");
    when(regionAwareInternalCrnGeneratorFactory.iam()).thenReturn(regionAwareInternalCrnGenerator);
    EnvironmentCloudStorageValidationRequest request = new EnvironmentCloudStorageValidationRequest();
    TelemetryRequest telemetryRequest = new TelemetryRequest();
    LoggingRequest loggingRequest = new LoggingRequest();
    loggingRequest.setStorageLocation("s3://mybucket/location");
    S3CloudStorageV1Parameters s3CloudStorageV1Parameters = new S3CloudStorageV1Parameters();
    s3CloudStorageV1Parameters.setInstanceProfile("instanceProfile");
    loggingRequest.setS3(s3CloudStorageV1Parameters);
    telemetryRequest.setLogging(loggingRequest);
    request.setTelemetry(telemetryRequest);
    request.setCredentialCrn("credential");
    ArgumentCaptor<ObjectStorageValidateRequest> requestCaptor = ArgumentCaptor.forClass(ObjectStorageValidateRequest.class);
    when(cloudProviderServicesV4Endpoint.validateObjectStorage(requestCaptor.capture())).thenReturn(ObjectStorageValidateResponse.builder().withStatus(ResponseStatus.OK).build());
    ObjectStorageValidateResponse response = underTest.validateCloudStorage("1234", request);
    assertEquals(ResponseStatus.OK, response.getStatus());
    assertNull(response.getError());
    ObjectStorageValidateRequest objectStorageValidateRequest = requestCaptor.getValue();
    assertEquals("s3://mybucket/location", objectStorageValidateRequest.getLogsLocationBase());
    List<StorageIdentityBase> storageIdentities = objectStorageValidateRequest.getCloudStorageRequest().getIdentities();
    assertEquals(1, storageIdentities.size());
    StorageIdentityBase storageIdentity = storageIdentities.get(0);
    assertEquals(CloudIdentityType.LOG, storageIdentity.getType());
    assertEquals("instanceProfile", storageIdentity.getS3().getInstanceProfile());
}
Also used : Credential(com.sequenceiq.environment.credential.domain.Credential) TelemetryRequest(com.sequenceiq.common.api.telemetry.request.TelemetryRequest) S3CloudStorageV1Parameters(com.sequenceiq.common.api.cloudstorage.old.S3CloudStorageV1Parameters) EnvironmentCloudStorageValidationRequest(com.sequenceiq.environment.api.v1.environment.model.request.EnvironmentCloudStorageValidationRequest) ObjectStorageValidateResponse(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse) ObjectStorageValidateRequest(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateRequest) LoggingRequest(com.sequenceiq.common.api.telemetry.request.LoggingRequest) StorageIdentityBase(com.sequenceiq.common.api.cloudstorage.StorageIdentityBase) Test(org.junit.jupiter.api.Test)

Example 4 with ObjectStorageValidateResponse

use of com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse in project cloudbreak by hortonworks.

the class CloudStorageValidatorTest method validateCloudStorageSkipLocationBaseWhenLoggingIsNotConfigured.

@Test
public void validateCloudStorageSkipLocationBaseWhenLoggingIsNotConfigured() {
    when(credentialService.getByCrnForAccountId(anyString(), anyString(), any(), anyBoolean())).thenReturn(new Credential());
    when(regionAwareInternalCrnGenerator.getInternalCrnForServiceAsString()).thenReturn("crn");
    when(regionAwareInternalCrnGeneratorFactory.iam()).thenReturn(regionAwareInternalCrnGenerator);
    EnvironmentCloudStorageValidationRequest request = new EnvironmentCloudStorageValidationRequest();
    request.setCredentialCrn("credential");
    ArgumentCaptor<ObjectStorageValidateRequest> requestCaptor = ArgumentCaptor.forClass(ObjectStorageValidateRequest.class);
    when(cloudProviderServicesV4Endpoint.validateObjectStorage(requestCaptor.capture())).thenReturn(ObjectStorageValidateResponse.builder().withStatus(ResponseStatus.OK).build());
    ObjectStorageValidateResponse response = underTest.validateCloudStorage("1234", request);
    assertEquals(ResponseStatus.OK, response.getStatus());
    assertNull(response.getError());
    assertNull(requestCaptor.getValue().getLogsLocationBase());
}
Also used : Credential(com.sequenceiq.environment.credential.domain.Credential) EnvironmentCloudStorageValidationRequest(com.sequenceiq.environment.api.v1.environment.model.request.EnvironmentCloudStorageValidationRequest) ObjectStorageValidateResponse(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse) ObjectStorageValidateRequest(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateRequest) Test(org.junit.jupiter.api.Test)

Example 5 with ObjectStorageValidateResponse

use of com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse in project cloudbreak by hortonworks.

the class CloudStorageValidator method validate.

public void validate(CloudStorageRequest cloudStorageRequest, DetailedEnvironmentResponse environment, ValidationResult.ValidationResultBuilder validationResultBuilder) {
    if (CloudStorageValidation.DISABLED.equals(environment.getCloudStorageValidation())) {
        LOGGER.info("Due to cloud storage validation not being enabled, not validating cloudStorageRequest: {}", JsonUtil.writeValueAsStringSilent(cloudStorageRequest));
        return;
    }
    String accountId = ThreadBasedUserCrnProvider.getAccountId();
    if (!entitlementService.cloudStorageValidationEnabled(accountId)) {
        LOGGER.info("Cloud storage validation entitlement is missing, not validating cloudStorageRequest: {}", JsonUtil.writeValueAsStringSilent(cloudStorageRequest));
        return;
    }
    LOGGER.info("Validating cloudStorageRequest: {}", JsonUtil.writeValueAsStringSilent(cloudStorageRequest));
    if (cloudStorageRequest != null) {
        Credential credential = getCredential(environment);
        CloudCredential cloudCredential = credentialToCloudCredentialConverter.convert(credential);
        ObjectStorageValidateRequest request = createObjectStorageValidateRequest(cloudCredential, cloudStorageRequest, environment);
        ObjectStorageValidateResponse response = ThreadBasedUserCrnProvider.doAsInternalActor(regionAwareInternalCrnGeneratorFactory.iam().getInternalCrnForServiceAsString(), () -> cloudProviderServicesV4Endpoint.validateObjectStorage(request));
        LOGGER.info("ValidateObjectStorage: request: {}, response: {}", AnonymizerUtil.anonymize(JsonUtil.writeValueAsStringSilent(request)), JsonUtil.writeValueAsStringSilent(response));
        if (ResponseStatus.ERROR.equals(response.getStatus())) {
            validationResultBuilder.error(response.getError());
        } else if (StringUtils.isNotBlank(response.getError())) {
            validationResultBuilder.warning(response.getError());
        }
    }
}
Also used : CloudCredential(com.sequenceiq.cloudbreak.cloud.model.CloudCredential) Credential(com.sequenceiq.datalake.entity.Credential) CloudCredential(com.sequenceiq.cloudbreak.cloud.model.CloudCredential) ObjectStorageValidateResponse(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse) ObjectStorageValidateRequest(com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateRequest)

Aggregations

ObjectStorageValidateResponse (com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateResponse)7 ObjectStorageValidateRequest (com.sequenceiq.cloudbreak.cloud.model.objectstorage.ObjectStorageValidateRequest)3 EnvironmentCloudStorageValidationRequest (com.sequenceiq.environment.api.v1.environment.model.request.EnvironmentCloudStorageValidationRequest)3 Test (org.junit.jupiter.api.Test)3 CloudCredential (com.sequenceiq.cloudbreak.cloud.model.CloudCredential)2 SpiFileSystem (com.sequenceiq.cloudbreak.cloud.model.SpiFileSystem)2 ValidationResult (com.sequenceiq.cloudbreak.validation.ValidationResult)2 ValidationResultBuilder (com.sequenceiq.cloudbreak.validation.ValidationResult.ValidationResultBuilder)2 TelemetryRequest (com.sequenceiq.common.api.telemetry.request.TelemetryRequest)2 Credential (com.sequenceiq.environment.credential.domain.Credential)2 CloudException (com.microsoft.azure.CloudException)1 AmazonIdentityManagementClient (com.sequenceiq.cloudbreak.cloud.aws.common.client.AmazonIdentityManagementClient)1 AwsCredentialView (com.sequenceiq.cloudbreak.cloud.aws.common.view.AwsCredentialView)1 AzureClient (com.sequenceiq.cloudbreak.cloud.azure.client.AzureClient)1 BadRequestException (com.sequenceiq.cloudbreak.common.exception.BadRequestException)1 BackupRequest (com.sequenceiq.common.api.backup.request.BackupRequest)1 CloudStorageRequest (com.sequenceiq.common.api.cloudstorage.CloudStorageRequest)1 StorageIdentityBase (com.sequenceiq.common.api.cloudstorage.StorageIdentityBase)1 S3CloudStorageV1Parameters (com.sequenceiq.common.api.cloudstorage.old.S3CloudStorageV1Parameters)1 LoggingRequest (com.sequenceiq.common.api.telemetry.request.LoggingRequest)1