Example 21 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class Cluster method setCloudbreakPassword.
public void setCloudbreakPassword(String cloudbreakAmbariPassword) {
this.cloudbreakAmbariPassword = new Secret(cloudbreakAmbariPassword);
this.cloudbreakClusterManagerPassword = new Secret(cloudbreakAmbariPassword);
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
Example 22 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class Cluster method setSecurityMasterKey.
public void setSecurityMasterKey(String ambariSecurityMasterKey) {
this.ambariSecurityMasterKey = new Secret(ambariSecurityMasterKey);
this.clusterManagerSecurityMasterKey = new Secret(ambariSecurityMasterKey);
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
Example 23 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class Cluster method setCloudbreakUser.
public void setCloudbreakUser(String cloudbreakAmbariUser) {
this.cloudbreakAmbariUser = new Secret(cloudbreakAmbariUser);
this.cloudbreakClusterManagerUser = new Secret(cloudbreakAmbariUser);
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
Example 24 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class ClusterProxyServiceTest method testStack.
private Stack testStack() throws JsonProcessingException {
Stack stack = new Stack();
stack.setResourceCrn(STACK_CRN);
stack.setId(STACK_ID);
stack.setCluster(testCluster());
stack.setGatewayPort(9443);
stack.setClusterProxyRegistered(true);
Cluster cluster = new Cluster();
Gateway gateway = new Gateway();
gateway.setPath("test-cluster");
cluster.setGateway(gateway);
InstanceGroup instanceGroup = new InstanceGroup();
instanceGroup.setInstanceGroupType(InstanceGroupType.GATEWAY);
InstanceMetaData primaryInstanceMetaData = new InstanceMetaData();
primaryInstanceMetaData.setPrivateIp(PRIMARY_PRIVATE_IP);
primaryInstanceMetaData.setPublicIp(PRIMARY_PUBLIC_IP);
primaryInstanceMetaData.setInstanceId(PRIMARY_INSTANCE_ID);
primaryInstanceMetaData.setInstanceMetadataType(InstanceMetadataType.GATEWAY_PRIMARY);
InstanceMetaData instanceMetaData = new InstanceMetaData();
instanceMetaData.setPrivateIp(OTHER_PRIVATE_IP);
instanceMetaData.setPublicIp(OTHER_PUBLIC_IP);
instanceMetaData.setInstanceId(OTHER_INSTANCE_ID);
instanceGroup.setInstanceMetaData(Set.of(instanceMetaData, primaryInstanceMetaData));
stack.setInstanceGroups(Set.of(instanceGroup));
ReflectionTestUtils.setField(cluster, "cloudbreakClusterManagerPassword", new Secret("cloudbreak", vaultSecretString("cbpassword")));
ReflectionTestUtils.setField(cluster, "cloudbreakClusterManagerUser", new Secret("cloudbreak", vaultSecretString("cbuser")));
ReflectionTestUtils.setField(cluster, "cloudbreakAmbariPassword", new Secret("cloudbreak", vaultSecretString("cbpassword")));
ReflectionTestUtils.setField(cluster, "cloudbreakAmbariUser", new Secret("cloudbreak", vaultSecretString("cbuser")));
ReflectionTestUtils.setField(cluster, "dpClusterManagerUser", new Secret("cmmgmt", vaultSecretString("dpuser")));
ReflectionTestUtils.setField(cluster, "dpClusterManagerPassword", new Secret("cmmgmt", vaultSecretString("dppassword")));
ReflectionTestUtils.setField(cluster, "cloudbreakAmbariPassword", new Secret("cmmgmt", vaultSecretString("cbpassword")));
ReflectionTestUtils.setField(cluster, "cloudbreakAmbariUser", new Secret("cmmgmt", vaultSecretString("cbuser")));
stack.setCluster(cluster);
stack.getCluster().setId(1L);
return stack;
}
Also used :
InstanceMetaData(com.sequenceiq.cloudbreak.domain.stack.instance.InstanceMetaData)
VaultSecret(com.sequenceiq.cloudbreak.service.secret.vault.VaultSecret)
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway)
Cluster(com.sequenceiq.cloudbreak.domain.stack.cluster.Cluster)
Stack(com.sequenceiq.cloudbreak.domain.stack.Stack)
InstanceGroup(com.sequenceiq.cloudbreak.domain.stack.instance.InstanceGroup)
Example 25 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class SecretAspects method proceedSave.
private Object proceedSave(ProceedingJoinPoint proceedingJoinPoint) {
Collection<Object> entities = convertFirstArgToCollection(proceedingJoinPoint);
for (Object entity : entities) {
String tenant = null;
try {
for (Field field : entity.getClass().getDeclaredFields()) {
if (field.isAnnotationPresent(SecretValue.class)) {
LOGGER.debug("Found SecretValue annotation on {}", field);
field.setAccessible(true);
Secret value = (Secret) field.get(entity);
if (value != null && value.getRaw() != null && value.getSecret() == null) {
tenant = Optional.ofNullable(tenant).orElseGet(() -> findTenant(entity));
String path = String.format("%s/%s/%s/%s-%s", tenant, entity.getClass().getSimpleName().toLowerCase(), field.getName().toLowerCase(), UUID.randomUUID().toString(), Long.toHexString(clock.getCurrentTimeMillis()));
String secret = secretService.put(path, value.getRaw());
LOGGER.debug("Field: '{}' is saved at path: {}", field.getName(), path);
field.set(entity, new SecretProxy(secretService, secret));
}
}
}
} catch (IllegalArgumentException e) {
LOGGER.error("Given entity isn't instance of TenantAwareResource or AccountIdAwareResource. Secret is not saved!", e);
throw new CloudbreakServiceException(e);
} catch (Exception e) {
LOGGER.warn("Looks like something went wrong with Secret store. Secret is not saved!", e);
throw new CloudbreakServiceException(e);
}
}
Object proceed;
try {
proceed = proceedingJoinPoint.proceed();
} catch (RuntimeException re) {
LOGGER.warn("Failed to invoke repository save", re);
throw re;
} catch (Throwable throwable) {
LOGGER.error("Failed to invoke repository save", throwable);
throw new CloudbreakServiceException(throwable);
}
return proceed;
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
Field(java.lang.reflect.Field)
CloudbreakServiceException(com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException)
SecretProxy(com.sequenceiq.cloudbreak.service.secret.domain.SecretProxy)
CloudbreakServiceException(com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException)
Aggregations
Secret (com.sequenceiq.cloudbreak.service.secret.domain.Secret)37
Test (org.junit.Test)11
Field (java.lang.reflect.Field)8
Test (org.junit.jupiter.api.Test)8
Stack (com.sequenceiq.freeipa.entity.Stack)7
SecretProxy (com.sequenceiq.cloudbreak.service.secret.domain.SecretProxy)5
SecretOperationException (com.sequenceiq.cloudbreak.service.secret.SecretOperationException)4
SecretResponse (com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)4
VaultSecret (com.sequenceiq.cloudbreak.service.secret.vault.VaultSecret)4
HostKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)4
HostKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)4
FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)4
Host (com.sequenceiq.freeipa.client.model.Host)4
KeytabCache (com.sequenceiq.freeipa.entity.KeytabCache)4
HttpClientConfig (com.sequenceiq.cloudbreak.client.HttpClientConfig)3
DetailedStackStatus (com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.DetailedStackStatus)3
Status (com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.Status)3
InstanceStatus (com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.instance.InstanceStatus)3
RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)3
FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)3
