Examples with OpenShiftTarget com.tremolosecurity.unison.openshiftv3.OpenShiftTarget used on opensource projects

Example 31 with OpenShiftTarget

use of com.tremolosecurity.unison.openshiftv3.OpenShiftTarget in project OpenUnison by TremoloSecurity.

the class K8sUtils method loadConfigMap.

public static Map<String, String> loadConfigMap(String targetName, String namespace, String configMapName) throws Exception {
    HashMap<String, String> map = new HashMap<String, String>();
    OpenShiftTarget k8s = (OpenShiftTarget) GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(targetName).getProvider();
    HttpCon con = k8s.createClient();
    try {
        StringBuilder sb = new StringBuilder();
        sb.append("/api/v1/namespaces/").append(namespace).append("/configmaps/").append(configMapName);
        String uri = sb.toString();
        String jsonData = k8s.callWS(k8s.getAuthToken(), con, uri);
        JSONObject root = (JSONObject) new JSONParser().parse(jsonData);
        for (Object key : ((JSONObject) root.get("data")).keySet()) {
            map.put((String) key, (String) ((JSONObject) root.get("data")).get(key));
        }
    } finally {
        if (con != null) {
            con.getHttp().close();
            con.getBcm().close();
        }
    }
    return map;
}

Example 32 with OpenShiftTarget

use of com.tremolosecurity.unison.openshiftv3.OpenShiftTarget in project OpenUnison by TremoloSecurity.

the class K8sWatcher method run.

@Override
public void run() {
    logger.info("Starting watch");
    while (this.keepRunning) {
        OpenShiftTarget k8s;
        try {
            k8s = (OpenShiftTarget) this.provisioningEngine.getTarget(k8sTarget).getProvider();
        } catch (ProvisioningException e2) {
            logger.error("Could not load target, stopping watch", e2);
            return;
        }
        runWatch(k8s);
    }
}

Example 33 with OpenShiftTarget

use of com.tremolosecurity.unison.openshiftv3.OpenShiftTarget in project OpenUnison by TremoloSecurity.

the class OpenShiftInsert method search.

@Override
public void search(SearchInterceptorChain chain, DistinguishedName base, Int scope, Filter filter, ArrayList<Attribute> attributes, Bool typesOnly, Results results, LDAPSearchConstraints constraints) throws LDAPException {
    OpenShiftTarget os = null;
    try {
        os = (OpenShiftTarget) GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().getTarget(this.osTarget).getProvider();
    } catch (ProvisioningException e1) {
        logger.error("Could not retrieve kubernetes target", e1);
        throw new LDAPException("Could not connect to kubernetes", LDAPException.OPERATIONS_ERROR, LDAPException.resultCodeToString(LDAPException.OPERATIONS_ERROR));
    }
    // base search
    if (scope.getValue() == 0) {
        // dir root
        if (base.getDN().equals(this.baseDN)) {
            ArrayList<Entry> ret = new ArrayList<Entry>();
            ret.add(new Entry(EntryUtil.createBaseEntry(this.baseDN)));
            chain.addResult(results, new IteratorEntrySet(ret.iterator()), base, scope, filter, attributes, typesOnly, constraints);
            return;
        } else {
            String name = ((RDN) base.getDN().getRDNs().get(0)).getValue();
            loadUserFromOpenShift(chain, base, scope, filter, attributes, typesOnly, results, constraints, os, name, base.getDN().toString(), true);
            return;
        }
    } else if (scope.getValue() == 1) {
        if (base.getDN().equals(this.baseDN)) {
            String name = userFromFilter(filter.getRoot());
            loadUserFromOpenShift(chain, base, scope, filter, attributes, typesOnly, results, constraints, os, name, new StringBuilder().append("uid=").append(name).append(",").append(base.getDN().toString()).toString(), false);
            return;
        }
    } else {
        // only subtree left
        String name = userFromFilter(filter.getRoot());
        loadUserFromOpenShift(chain, base, scope, filter, attributes, typesOnly, results, constraints, os, name, new StringBuilder().append("uid=").append(name).append(",").append(this.baseDN.toString()).toString(), false);
        return;
    }
}

Example 34 with OpenShiftTarget

use of com.tremolosecurity.unison.openshiftv3.OpenShiftTarget in project OpenUnison by TremoloSecurity.

the class AddGroupToRole method doTask.

@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    String localProjectName = task.renderTemplate(projectName, request);
    String localGroupName = task.renderTemplate(groupName, request);
    String localPolicyName = task.renderTemplate(roleName, request);
    HttpCon con = null;
    OpenShiftTarget os = (OpenShiftTarget) task.getConfigManager().getProvisioningEngine().getTarget("openshift").getProvider();
    try {
        String token = os.getAuthToken();
        con = os.createClient();
        if (this.openShiftVersion == 3.6) {
            addTo36Role(os, token, con, localProjectName, localPolicyName, localGroupName, approvalID);
        } else {
            addToRBACRole(os, token, con, localProjectName, localPolicyName, localGroupName, approvalID);
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could not add group to role", e);
    } finally {
        if (con != null) {
            con.getBcm().close();
        }
    }
    return true;
}

Example 35 with OpenShiftTarget

use of com.tremolosecurity.unison.openshiftv3.OpenShiftTarget in project OpenUnison by TremoloSecurity.

the class CreateProject method doTask.

@Override
public boolean doTask(User user, Map<String, Object> request) throws ProvisioningException {
    String localTemplate = task.renderTemplate(template, request);
    if (logger.isDebugEnabled()) {
        logger.debug("localTemplate : '" + localTemplate + "'");
    }
    int approvalID = 0;
    if (request.containsKey("APPROVAL_ID")) {
        approvalID = (Integer) request.get("APPROVAL_ID");
    }
    Workflow workflow = (Workflow) request.get("WORKFLOW");
    HttpCon con = null;
    OpenShiftTarget os = (OpenShiftTarget) task.getConfigManager().getProvisioningEngine().getTarget("openshift").getProvider();
    try {
        String token = os.getAuthToken();
        con = os.createClient();
        if (!os.isObjectExists(token, con, "/apis/project.openshift.io/v1/projects", localTemplate)) {
            String respJSON = os.callWSPost(token, con, "/apis/project.openshift.io/v1/projectrequests", localTemplate);
            if (logger.isDebugEnabled()) {
                logger.debug("Response for creating project : '" + respJSON + "'");
            }
            JSONParser parser = new JSONParser();
            JSONObject resp = (JSONObject) parser.parse(respJSON);
            String kind = (String) resp.get("kind");
            String projectName = (String) ((JSONObject) resp.get("metadata")).get("name");
            if (!kind.equalsIgnoreCase("Project")) {
                throw new ProvisioningException("Could not create project with json '" + localTemplate + "' - '" + respJSON + "'");
            } else {
                this.task.getConfigManager().getProvisioningEngine().logAction(this.targetName, true, ActionType.Add, approvalID, this.task.getWorkflow(), "openshift-project", projectName);
            }
        }
    } catch (Exception e) {
        throw new ProvisioningException("Could not create project", e);
    } finally {
        if (con != null) {
            con.getBcm().close();
        }
    }
    return true;
}