Example 1 with GitlabUserProvider
use of com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider in project OpenUnison by TremoloSecurity.
the class AddGroupToProject method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
if (request.get("newProjectJSON") == null) {
logger.warn("Project not created, skipping");
return true;
}
String localGroupName = task.renderTemplate(this.groupName, request);
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
GitlabUserProvider gitlab = (GitlabUserProvider) GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(this.targetName).getProvider();
GitLabApi api = gitlab.getApi();
ObjectMapper mapper = new ObjectMapper();
Project newProject = null;
if (this.projectName == null) {
try {
newProject = (Project) mapper.readValue((String) request.get("newProjectJSON"), Project.class);
} catch (JsonProcessingException e) {
throw new ProvisioningException("Could not parse", e);
}
} else {
String localProjectName = task.renderTemplate(this.projectName, request);
String localNamespace = task.renderTemplate(this.namespace, request);
try {
newProject = api.getProjectApi().getProject(localNamespace, localProjectName);
} catch (GitLabApiException e) {
throw new ProvisioningException("Could not find " + localNamespace + "/" + localProjectName, e);
}
}
Group groupToAdd;
try {
groupToAdd = gitlab.findGroupByName(localGroupName);
if (groupToAdd == null) {
throw new ProvisioningException("Group " + localGroupName + " does not exist");
}
api.getProjectApi().shareProject(newProject, groupToAdd.getId(), AccessLevel.valueOf(accessLevel), null);
} catch (GitLabApiException e) {
throw new ProvisioningException("Could not add group " + localGroupName + " to project " + newProject.getNameWithNamespace(), e);
}
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().logAction(gitlab.getName(), false, ActionType.Add, approvalID, workflow, "gitlab-project-" + newProject.getNameWithNamespace() + "-group", localGroupName);
return true;
}
Also used :
GitlabUserProvider(com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider)
Project(org.gitlab4j.api.models.Project)
Group(org.gitlab4j.api.models.Group)
GitLabApi(org.gitlab4j.api.GitLabApi)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Example 2 with GitlabUserProvider
use of com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider in project OpenUnison by TremoloSecurity.
the class CreateDeploymentKey method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
GitlabUserProvider gitlab = (GitlabUserProvider) GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(this.targetName).getProvider();
GitLabApi api = gitlab.getApi();
String localNamespace = task.renderTemplate(this.namespace, request);
String localProjectName = task.renderTemplate(this.project, request);
String localLabel = task.renderTemplate(this.keyLabel, request);
try {
Project project = api.getProjectApi().getProject(localNamespace, localProjectName);
// generate deployment key
KeyPairGenerator generator;
generator = KeyPairGenerator.getInstance("RSA");
// or: generator = KeyPairGenerator.getInstance("DSA");
generator.initialize(2048);
KeyPair keyPair = generator.genKeyPair();
String sshPubKey = "ssh-rsa " + Base64.encodeBase64String(encodePublicKey((RSAPublicKey) keyPair.getPublic())) + " " + localLabel;
ByteArrayOutputStream baos = new ByteArrayOutputStream();
org.bouncycastle.openssl.PEMWriter genPrivKey = new org.bouncycastle.openssl.PEMWriter(new OutputStreamWriter(baos));
genPrivKey.writeObject(keyPair.getPrivate());
genPrivKey.close();
String pem = new String(baos.toByteArray());
api.getDeployKeysApi().addDeployKey(project, localLabel, sshPubKey, this.makeWriteable);
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().logAction(gitlab.getName(), false, ActionType.Add, approvalID, workflow, "gitlab-project-" + project.getNameWithNamespace() + "-deploykey", localLabel);
try {
String base64PrivKey = java.util.Base64.getEncoder().encodeToString(pem.getBytes("UTF-8"));
request.put(privateKeyRequestName, base64PrivKey);
request.put(this.privateKeyRequestNamePT, pem);
} catch (UnsupportedEncodingException e) {
throw new ProvisioningException("Could get key", e);
}
} catch (GitLabApiException | NoSuchAlgorithmException | IOException e) {
throw new ProvisioningException("Error creating key for " + localNamespace + "/" + localProjectName, e);
}
return true;
}
Also used :
GitLabApi(org.gitlab4j.api.GitLabApi)
KeyPair(java.security.KeyPair)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
KeyPairGenerator(java.security.KeyPairGenerator)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
IOException(java.io.IOException)
GitlabUserProvider(com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider)
Project(org.gitlab4j.api.models.Project)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
OutputStreamWriter(java.io.OutputStreamWriter)
Example 3 with GitlabUserProvider
use of com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider in project OpenUnison by TremoloSecurity.
the class CreateGitFile method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
GitlabUserProvider gitlab = (GitlabUserProvider) GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(this.targetName).getProvider();
GitLabApi api = gitlab.getApi();
String localNamespace = task.renderTemplate(this.namespace, request);
String localProjectName = task.renderTemplate(this.project, request);
String localPath = task.renderTemplate(this.path, request);
String localBranch = task.renderTemplate(this.branch, request);
String localContent = task.renderTemplate(this.content, request);
String localCommit = task.renderTemplate(this.commitMessage, request);
try {
Project existingProject = api.getProjectApi().getProject(localNamespace, localProjectName);
RepositoryFile rf = new RepositoryFile();
rf.setFilePath(localPath);
rf.setContent(localContent);
RepositoryFile result = api.getRepositoryFileApi().createFile(existingProject, rf, localBranch, localCommit);
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().logAction(gitlab.getName(), false, ActionType.Add, approvalID, workflow, "gitlab-file-" + existingProject.getNameWithNamespace() + "-file", localPath + " / " + result.getCommitId());
} catch (GitLabApiException e) {
throw new ProvisioningException("Error looking up project " + localNamespace + "/" + localProjectName, e);
}
return true;
}
Also used :
GitlabUserProvider(com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider)
Project(org.gitlab4j.api.models.Project)
GitLabApi(org.gitlab4j.api.GitLabApi)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
RepositoryFile(org.gitlab4j.api.models.RepositoryFile)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
Example 4 with GitlabUserProvider
use of com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider in project OpenUnison by TremoloSecurity.
the class CreateProject method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
GitlabUserProvider gitlab = (GitlabUserProvider) GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(this.targetName).getProvider();
GitLabApi api = gitlab.getApi();
String localNamespace = task.renderTemplate(this.namespace, request);
String localName = task.renderTemplate(this.name, request);
String localDescription = task.renderTemplate(this.description, request);
try {
try {
Project existingProject = api.getProjectApi().getProject(localNamespace, localName);
if (existingProject != null) {
logger.warn("Project " + localNamespace + "/" + localName + " already exists, skipping");
return true;
}
} catch (GitLabApiException e) {
if (e.getHttpStatus() != 404) {
throw new ProvisioningException("Error looking up project " + localNamespace + "/" + localName, e);
}
}
Project projectSpec = new Project().withNamespace(api.getNamespaceApi().findNamespaces(localNamespace).get(0)).withName(localName).withDescription(localDescription).withIssuesEnabled(this.issuesEnabled).withMergeRequestsEnabled(this.mergeRequestsEnabled).withWikiEnabled(this.wikiEnabled).withSnippetsEnabled(this.snipitsEnabled).withVisibilityLevel(this.visibility);
Project newProject = api.getProjectApi().createProject(projectSpec);
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().logAction(gitlab.getName(), false, ActionType.Add, approvalID, workflow, "gitlab-project-" + newProject.getNameWithNamespace() + "-name", newProject.getNameWithNamespace());
// generate deployment key
KeyPairGenerator generator;
generator = KeyPairGenerator.getInstance("RSA");
// or: generator = KeyPairGenerator.getInstance("DSA");
generator.initialize(2048);
KeyPair keyPair = generator.genKeyPair();
String sshPubKey = "ssh-rsa " + Base64.encodeBase64String(encodePublicKey((RSAPublicKey) keyPair.getPublic())) + " openunison-deploy-key";
ByteArrayOutputStream baos = new ByteArrayOutputStream();
org.bouncycastle.openssl.PEMWriter genPrivKey = new org.bouncycastle.openssl.PEMWriter(new OutputStreamWriter(baos));
genPrivKey.writeObject(keyPair.getPrivate());
genPrivKey.close();
String pem = new String(baos.toByteArray());
api.getDeployKeysApi().addDeployKey(newProject, "openunison-deploy-key", sshPubKey, false);
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().logAction(gitlab.getName(), false, ActionType.Add, approvalID, workflow, "gitlab-project-" + newProject.getNameWithNamespace() + "-deploykey", "openunison-deploy-key");
try {
String base64PrivKey = java.util.Base64.getEncoder().encodeToString(pem.getBytes("UTF-8"));
request.put("base64SshPrivateKey", base64PrivKey);
} catch (UnsupportedEncodingException e) {
throw new ProvisioningException("Could get key", e);
}
String gitUrl = newProject.getSshUrlToRepo();
String prefix = gitUrl.substring(0, gitUrl.indexOf("@") + 1);
String suffix = gitUrl.substring(gitUrl.indexOf(":"));
String newGitUrl = new StringBuilder().append(prefix).append(this.gitSshHost).append(suffix).toString();
request.put("gitSshInternalURL", newGitUrl);
request.put("gitSshUrl", newProject.getSshUrlToRepo());
request.put("gitPrivateKey", pem);
request.put("newProjectJSON", newProject.toString());
if (createWebHook) {
String webhookToken = new GenPasswd(50).getPassword();
String b64WebhookToken = java.util.Base64.getEncoder().encodeToString(webhookToken.getBytes("UTF-8"));
request.put(webhookSecretRequestName, webhookToken);
request.put("b64" + webhookSecretRequestName, b64WebhookToken);
String webhookUrl = new StringBuilder().append("https://").append(localName).append(".").append(this.webhookDomainSuffix).toString();
ProjectHook hook = new ProjectHook().withPushEvents(true).withPushEventsBranchFilter(this.webhookBranchFilter);
api.getProjectApi().addHook(newProject, webhookUrl, hook, false, webhookToken);
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().logAction(gitlab.getName(), false, ActionType.Add, approvalID, workflow, "gitlab-project-" + newProject.getNameWithNamespace() + "-webhook", this.webhookBranchFilter);
}
} catch (Exception e) {
throw new ProvisioningException("Could not create project", e);
}
return true;
}
Also used :
GenPasswd(com.tremolosecurity.provisioning.util.GenPasswd)
GitLabApi(org.gitlab4j.api.GitLabApi)
KeyPair(java.security.KeyPair)
ProjectHook(org.gitlab4j.api.models.ProjectHook)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
KeyPairGenerator(java.security.KeyPairGenerator)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
GitlabUserProvider(com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider)
Project(org.gitlab4j.api.models.Project)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
OutputStreamWriter(java.io.OutputStreamWriter)
Example 5 with GitlabUserProvider
use of com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider in project OpenUnison by TremoloSecurity.
the class ForkProject method doTask.
@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
GitlabUserProvider gitlab = (GitlabUserProvider) GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(this.targetName).getProvider();
GitLabApi api = gitlab.getApi();
String localSourceProjectNamespace = task.renderTemplate(this.sourceProjectNamespace, request);
String localSourceProjectName = task.renderTemplate(this.sourceProjectName, request);
String localDestinationNamespace = task.renderTemplate(this.destintionNamespace, request);
try {
Project existingProject = api.getProjectApi().getProject(localSourceProjectNamespace, localSourceProjectName);
Project newProject = api.getProjectApi().forkProject(existingProject, localDestinationNamespace);
GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().logAction(gitlab.getName(), false, ActionType.Add, approvalID, workflow, "gitlab-fork-" + existingProject.getNameWithNamespace() + "-fork", localDestinationNamespace);
String gitUrl = newProject.getSshUrlToRepo();
String prefix = gitUrl.substring(0, gitUrl.indexOf("@") + 1);
String suffix = gitUrl.substring(gitUrl.indexOf(":"));
String newGitUrl = new StringBuilder().append(prefix).append(this.gitSshHost).append(suffix).toString();
request.put("gitSshInternalURL", newGitUrl);
request.put("gitSshUrl", newProject.getSshUrlToRepo());
} catch (GitLabApiException e) {
throw new ProvisioningException("Error looking up project " + localSourceProjectNamespace + "/" + localSourceProjectName, e);
}
return true;
}
Also used :
GitlabUserProvider(com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider)
Project(org.gitlab4j.api.models.Project)
GitLabApi(org.gitlab4j.api.GitLabApi)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
Workflow(com.tremolosecurity.provisioning.core.Workflow)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
Aggregations
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)5
Workflow (com.tremolosecurity.provisioning.core.Workflow)5
GitlabUserProvider (com.tremolosecurity.unison.gitlab.provisioning.targets.GitlabUserProvider)5
GitLabApi (org.gitlab4j.api.GitLabApi)5
GitLabApiException (org.gitlab4j.api.GitLabApiException)5
Project (org.gitlab4j.api.models.Project)5
ByteArrayOutputStream (java.io.ByteArrayOutputStream)2
IOException (java.io.IOException)2
OutputStreamWriter (java.io.OutputStreamWriter)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
KeyPair (java.security.KeyPair)2
KeyPairGenerator (java.security.KeyPairGenerator)2
JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1
GenPasswd (com.tremolosecurity.provisioning.util.GenPasswd)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
RSAPublicKey (java.security.interfaces.RSAPublicKey)1
Group (org.gitlab4j.api.models.Group)1
ProjectHook (org.gitlab4j.api.models.ProjectHook)1
RepositoryFile (org.gitlab4j.api.models.RepositoryFile)1
