Search in sources :

Example 1 with GCP

use of com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.GCP in project cloudbreak by hortonworks.

the class EnvironmentValidatorService method validateEncryptionKey.

public ValidationResult validateEncryptionKey(EnvironmentCreationDto creationDto) {
    ValidationResultBuilder resultBuilder = ValidationResult.builder();
    if (GCP.name().equalsIgnoreCase(creationDto.getCloudPlatform())) {
        String encryptionKey = Optional.ofNullable(creationDto.getParameters()).map(parametersDto -> parametersDto.getGcpParametersDto()).map(gcpParametersDto -> gcpParametersDto.getGcpResourceEncryptionParametersDto()).map(gcpREParamsDto -> gcpREParamsDto.getEncryptionKey()).orElse(null);
        if (StringUtils.isNotEmpty(encryptionKey)) {
            if (!entitlementService.isGcpDiskEncryptionWithCMEKEnabled(creationDto.getAccountId())) {
                resultBuilder.error(String.format("You have specified encryption-key to enable encryption for GCP resources with CMEK " + "but that feature is currently not enabled for this account." + " Please get 'CDP_CB_GCP_DISK_ENCRYPTION_WITH_CMEK' enabled for this account."));
            } else {
                ValidationResult validationResult = encryptionKeyValidator.validateEncryptionKey(encryptionKey);
                resultBuilder.merge(validationResult);
            }
        }
    }
    return resultBuilder.build();
}
Also used : Environment(com.sequenceiq.environment.environment.domain.Environment) EntitlementService(com.sequenceiq.cloudbreak.auth.altus.EntitlementService) CredentialService(com.sequenceiq.environment.credential.service.CredentialService) EnvironmentResourceService(com.sequenceiq.environment.environment.service.EnvironmentResourceService) TagValidator(com.sequenceiq.environment.environment.validation.validators.TagValidator) PublicKeyValidator(com.sequenceiq.environment.environment.validation.validators.PublicKeyValidator) LoggerFactory(org.slf4j.LoggerFactory) FreeIpaCreationDto(com.sequenceiq.environment.environment.dto.FreeIpaCreationDto) AuthenticationDto(com.sequenceiq.environment.environment.dto.AuthenticationDto) PublicKeyConnector(com.sequenceiq.cloudbreak.cloud.PublicKeyConnector) StringUtils(org.apache.commons.lang3.StringUtils) AwsEnvironmentParameters(com.sequenceiq.environment.api.v1.environment.model.request.aws.AwsEnvironmentParameters) StringUtils.isNotEmpty(org.apache.commons.lang3.StringUtils.isNotEmpty) EnvironmentRequest(com.sequenceiq.environment.api.v1.environment.model.request.EnvironmentRequest) HashSet(java.util.HashSet) Value(org.springframework.beans.factory.annotation.Value) EncryptionKeyArnValidator(com.sequenceiq.environment.environment.validation.validators.EncryptionKeyArnValidator) EncryptionKeyUrlValidator(com.sequenceiq.environment.environment.validation.validators.EncryptionKeyUrlValidator) AWS(com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.AWS) ThreadBasedUserCrnProvider(com.sequenceiq.cloudbreak.auth.ThreadBasedUserCrnProvider) NetworkCreationValidator(com.sequenceiq.environment.environment.validation.validators.NetworkCreationValidator) Matcher(java.util.regex.Matcher) ValidationResult(com.sequenceiq.cloudbreak.validation.ValidationResult) ValidationResultBuilder(com.sequenceiq.cloudbreak.validation.ValidationResult.ValidationResultBuilder) Map(java.util.Map) FreeIpaCreationAwsSpotParametersDto(com.sequenceiq.environment.environment.dto.FreeIpaCreationAwsSpotParametersDto) PlatformResourceRequest(com.sequenceiq.environment.platformresource.PlatformResourceRequest) ENVIRONMENT(com.sequenceiq.common.model.CredentialType.ENVIRONMENT) BadRequestException(javax.ws.rs.BadRequestException) EnvironmentStatus(com.sequenceiq.environment.environment.EnvironmentStatus) EncryptionKeyValidator(com.sequenceiq.environment.environment.validation.validators.EncryptionKeyValidator) Logger(org.slf4j.Logger) EnvironmentCreationDto(com.sequenceiq.environment.environment.dto.EnvironmentCreationDto) EnvironmentEditDto(com.sequenceiq.environment.environment.dto.EnvironmentEditDto) SecurityGroupSeparator.getSecurityGroupIds(com.sequenceiq.cloudbreak.util.SecurityGroupSeparator.getSecurityGroupIds) PlatformParameterService(com.sequenceiq.environment.platformresource.PlatformParameterService) Set(java.util.Set) SecurityAccessDto(com.sequenceiq.environment.environment.dto.SecurityAccessDto) Objects(java.util.Objects) Component(org.springframework.stereotype.Component) GetCloudParameterException(com.sequenceiq.cloudbreak.cloud.service.GetCloudParameterException) S3GuardRequestParameters(com.sequenceiq.environment.api.v1.environment.model.request.aws.S3GuardRequestParameters) NetworkDto(com.sequenceiq.environment.network.dto.NetworkDto) FreeIpaCreationAwsParametersDto(com.sequenceiq.environment.environment.dto.FreeIpaCreationAwsParametersDto) Optional(java.util.Optional) GCP(com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.GCP) Pattern(java.util.regex.Pattern) ValidationResultBuilder(com.sequenceiq.cloudbreak.validation.ValidationResult.ValidationResultBuilder) ValidationResult(com.sequenceiq.cloudbreak.validation.ValidationResult)

Example 2 with GCP

use of com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.GCP in project cloudbreak by hortonworks.

the class EnvironmentCreationService method validateEncryptionKey.

private ValidationResult validateEncryptionKey(EnvironmentCreationDto creationDto) {
    ValidationResultBuilder resultBuilder = ValidationResult.builder();
    String cloudPlatform = creationDto.getCloudPlatform().toLowerCase(Locale.ROOT);
    switch(cloudPlatform) {
        case "azure":
            String encryptionKeyUrl = Optional.ofNullable(creationDto.getParameters()).map(paramsDto -> paramsDto.getAzureParametersDto()).map(azureParamsDto -> azureParamsDto.getAzureResourceEncryptionParametersDto()).map(azureREParamsDto -> azureREParamsDto.getEncryptionKeyUrl()).orElse(null);
            if (encryptionKeyUrl != null) {
                resultBuilder.merge(validatorService.validateEncryptionKeyUrl(encryptionKeyUrl, creationDto.getAccountId()));
            }
            break;
        case "gcp":
            String encryptionKey = Optional.ofNullable(creationDto.getParameters()).map(parametersDto -> parametersDto.getGcpParametersDto()).map(gcpParametersDto -> gcpParametersDto.getGcpResourceEncryptionParametersDto()).map(gcpREParamsDto -> gcpREParamsDto.getEncryptionKey()).orElse(null);
            if (encryptionKey != null) {
                resultBuilder.merge(validatorService.validateEncryptionKey(encryptionKey, creationDto.getAccountId()));
            }
            break;
        case "aws":
            String encryptionKeyArn = Optional.ofNullable(creationDto.getParameters()).map(paramsDto -> paramsDto.getAwsParametersDto()).map(awsParamsDto -> awsParamsDto.getAwsDiskEncryptionParametersDto()).map(awsREparamsDto -> awsREparamsDto.getEncryptionKeyArn()).orElse(null);
            if (encryptionKeyArn != null) {
                resultBuilder.merge(validatorService.validateEncryptionKeyArn(encryptionKeyArn, creationDto.getAccountId()));
            }
            break;
        default:
            break;
    }
    return resultBuilder.build();
}
Also used : EnvironmentDtoConverter(com.sequenceiq.environment.environment.dto.EnvironmentDtoConverter) Environment(com.sequenceiq.environment.environment.domain.Environment) NullUtil.getIfNotNull(com.sequenceiq.cloudbreak.util.NullUtil.getIfNotNull) EntitlementService(com.sequenceiq.cloudbreak.auth.altus.EntitlementService) AuthenticationDtoConverter(com.sequenceiq.environment.environment.dto.AuthenticationDtoConverter) Credential(com.sequenceiq.environment.credential.domain.Credential) LoggerFactory(org.slf4j.LoggerFactory) EnvironmentDto(com.sequenceiq.environment.environment.dto.EnvironmentDto) EnvironmentTelemetry(com.sequenceiq.environment.environment.dto.telemetry.EnvironmentTelemetry) LoadBalancerEntitlementService(com.sequenceiq.environment.network.service.LoadBalancerEntitlementService) StringUtils(org.apache.commons.lang3.StringUtils) Value(org.springframework.beans.factory.annotation.Value) ValidationResult(com.sequenceiq.cloudbreak.validation.ValidationResult) ValidationResultBuilder(com.sequenceiq.cloudbreak.validation.ValidationResult.ValidationResultBuilder) Locale(java.util.Locale) Service(org.springframework.stereotype.Service) PublicEndpointAccessGateway(com.sequenceiq.common.api.type.PublicEndpointAccessGateway) BadRequestException(javax.ws.rs.BadRequestException) ParametersService(com.sequenceiq.environment.parameters.service.ParametersService) ExperimentalFeatures(com.sequenceiq.environment.environment.domain.ExperimentalFeatures) EnvironmentStatus(com.sequenceiq.environment.environment.EnvironmentStatus) Tunnel(com.sequenceiq.common.api.type.Tunnel) Logger(org.slf4j.Logger) EnvironmentCreationDto(com.sequenceiq.environment.environment.dto.EnvironmentCreationDto) ParametersDto(com.sequenceiq.environment.parameter.dto.ParametersDto) Crn(com.sequenceiq.cloudbreak.auth.crn.Crn) EnvironmentValidatorService(com.sequenceiq.environment.environment.validation.EnvironmentValidatorService) NetworkDto(com.sequenceiq.environment.network.dto.NetworkDto) Optional(java.util.Optional) GCP(com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.GCP) AZURE(com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.AZURE) ProxyConfig(com.sequenceiq.environment.proxy.domain.ProxyConfig) EnvironmentReactorFlowManager(com.sequenceiq.environment.environment.flow.EnvironmentReactorFlowManager) ValidationResultBuilder(com.sequenceiq.cloudbreak.validation.ValidationResult.ValidationResultBuilder)

Aggregations

EntitlementService (com.sequenceiq.cloudbreak.auth.altus.EntitlementService)2 GCP (com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.GCP)2 ValidationResult (com.sequenceiq.cloudbreak.validation.ValidationResult)2 ValidationResultBuilder (com.sequenceiq.cloudbreak.validation.ValidationResult.ValidationResultBuilder)2 EnvironmentStatus (com.sequenceiq.environment.environment.EnvironmentStatus)2 Environment (com.sequenceiq.environment.environment.domain.Environment)2 EnvironmentCreationDto (com.sequenceiq.environment.environment.dto.EnvironmentCreationDto)2 NetworkDto (com.sequenceiq.environment.network.dto.NetworkDto)2 Optional (java.util.Optional)2 ThreadBasedUserCrnProvider (com.sequenceiq.cloudbreak.auth.ThreadBasedUserCrnProvider)1 Crn (com.sequenceiq.cloudbreak.auth.crn.Crn)1 PublicKeyConnector (com.sequenceiq.cloudbreak.cloud.PublicKeyConnector)1 GetCloudParameterException (com.sequenceiq.cloudbreak.cloud.service.GetCloudParameterException)1 AWS (com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.AWS)1 AZURE (com.sequenceiq.cloudbreak.common.mappable.CloudPlatform.AZURE)1 NullUtil.getIfNotNull (com.sequenceiq.cloudbreak.util.NullUtil.getIfNotNull)1 SecurityGroupSeparator.getSecurityGroupIds (com.sequenceiq.cloudbreak.util.SecurityGroupSeparator.getSecurityGroupIds)1 PublicEndpointAccessGateway (com.sequenceiq.common.api.type.PublicEndpointAccessGateway)1 Tunnel (com.sequenceiq.common.api.type.Tunnel)1 ENVIRONMENT (com.sequenceiq.common.model.CredentialType.ENVIRONMENT)1