Examples with AuthCredentialsServiceState com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState used on opensource projects

Example 86 with AuthCredentialsServiceState

use of com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState in project photon-model by vmware.

the class TestAWSSetupUtils method createAWSVMResource.

/**
 * Create a compute resource for an AWS instance.
 */
public static ComputeService.ComputeState createAWSVMResource(VerificationHost host, ComputeState computeHost, EndpointState endpointState, @SuppressWarnings("rawtypes") Class clazz, String vmName, String zoneId, String regionId, Set<String> tagLinks, AwsNicSpecs nicSpecs, boolean addNewSecurityGroup, Map<String, Object> awsTestContext, boolean persistDiskOnVmDelete, boolean withAdditionalDisks) throws Throwable {
    // Step 1: Create an auth credential to login to the VM
    AuthCredentialsServiceState auth = new AuthCredentialsServiceState();
    auth.type = DEFAULT_AUTH_TYPE;
    auth.userEmail = DEFAULT_COREOS_USER;
    auth.privateKey = TestUtils.loadTestResource(clazz, DEFAULT_COREOS_PRIVATE_KEY_FILE);
    auth = TestUtils.doPost(host, auth, AuthCredentialsServiceState.class, UriUtils.buildUri(host, AuthCredentialsService.FACTORY_LINK));
    // Step 2: Create a VM desc
    ComputeDescription awsVMDesc = new ComputeDescription();
    awsVMDesc.id = instanceType;
    awsVMDesc.name = vmName;
    awsVMDesc.environmentName = ComputeDescription.ENVIRONMENT_NAME_AWS;
    awsVMDesc.instanceType = instanceType;
    awsVMDesc.supportedChildren = new ArrayList<>();
    awsVMDesc.supportedChildren.add(ComputeType.DOCKER_CONTAINER.name());
    awsVMDesc.customProperties = new HashMap<>();
    awsVMDesc.customProperties.put(AWSConstants.AWS_SECURITY_GROUP, securityGroup);
    // set zone to east
    awsVMDesc.zoneId = zoneId;
    awsVMDesc.regionId = regionId;
    awsVMDesc.authCredentialsLink = auth.documentSelfLink;
    awsVMDesc.tenantLinks = endpointState.tenantLinks;
    awsVMDesc.endpointLink = endpointState.documentSelfLink;
    awsVMDesc.endpointLinks = new HashSet<String>();
    awsVMDesc.endpointLinks.add(endpointState.documentSelfLink);
    // set the create service to the aws instance service
    awsVMDesc.instanceAdapterReference = UriUtils.buildUri(host, AWSUriPaths.AWS_INSTANCE_ADAPTER);
    awsVMDesc.statsAdapterReference = UriUtils.buildUri(host, AWSUriPaths.AWS_STATS_ADAPTER);
    awsVMDesc = TestUtils.doPost(host, awsVMDesc, ComputeDescription.class, UriUtils.buildUri(host, ComputeDescriptionService.FACTORY_LINK));
    // Step 3: create boot disk
    List<String> vmDisks = new ArrayList<>();
    ImageState bootImage;
    {
        // Create PUBLIC image state
        bootImage = new ImageState();
        bootImage.id = imageId;
        bootImage.endpointType = endpointState.endpointType;
        bootImage.regionId = regionId;
        bootImage = TestUtils.doPost(host, bootImage, ImageState.class, UriUtils.buildUri(host, ImageService.FACTORY_LINK));
    }
    DiskState rootDisk = new DiskState();
    rootDisk.id = UUID.randomUUID().toString();
    rootDisk.documentSelfLink = rootDisk.id;
    rootDisk.name = DEFAULT_ROOT_DISK_NAME;
    rootDisk.bootOrder = 1;
    rootDisk.sourceImageReference = URI.create(imageId);
    rootDisk.imageLink = bootImage.documentSelfLink;
    rootDisk.bootConfig = new DiskState.BootConfig();
    rootDisk.bootConfig.label = DEFAULT_CONFIG_LABEL;
    DiskState.BootConfig.FileEntry file = new DiskState.BootConfig.FileEntry();
    file.path = DEFAULT_CONFIG_PATH;
    file.contents = TestUtils.loadTestResource(clazz, DEFAULT_USER_DATA_FILE);
    rootDisk.bootConfig.files = new DiskState.BootConfig.FileEntry[] { file };
    rootDisk.capacityMBytes = BOOT_DISK_SIZE_IN_MEBI_BYTES;
    // add custom properties to root disk from profile
    rootDisk.customProperties = new HashMap<>();
    rootDisk.customProperties.put(DEVICE_TYPE, "ebs");
    rootDisk.customProperties.put(VOLUME_TYPE, "io1");
    rootDisk.customProperties.put(IOPS, "500");
    rootDisk.regionId = regionId;
    rootDisk.endpointLink = endpointState.documentSelfLink;
    rootDisk.endpointLinks = new HashSet<String>();
    rootDisk.endpointLinks.add(endpointState.documentSelfLink);
    rootDisk.computeHostLink = endpointState.computeHostLink;
    rootDisk.tenantLinks = endpointState.tenantLinks;
    rootDisk = TestUtils.doPost(host, rootDisk, DiskService.DiskState.class, UriUtils.buildUri(host, DiskService.FACTORY_LINK));
    vmDisks.add(rootDisk.documentSelfLink);
    if (withAdditionalDisks) {
        List<DiskState> additionalDisks = getAdditionalDiskConfiguration(host, endpointState, computeHost, persistDiskOnVmDelete);
        for (DiskState additionalDisk : additionalDisks) {
            vmDisks.add(additionalDisk.documentSelfLink);
        }
    }
    // Create NIC States
    List<String> nicLinks = null;
    if (nicSpecs != null) {
        nicLinks = createAWSNicStates(host, computeHost, endpointState, awsVMDesc.name, nicSpecs, addNewSecurityGroup, awsTestContext).stream().map(nic -> nic.documentSelfLink).collect(Collectors.toList());
    }
    // Create compute state
    ComputeState resource;
    {
        resource = new ComputeState();
        resource.id = UUID.randomUUID().toString();
        resource.name = awsVMDesc.name;
        resource.type = ComputeType.VM_GUEST;
        resource.environmentName = ComputeDescription.ENVIRONMENT_NAME_AWS;
        resource.descriptionLink = awsVMDesc.documentSelfLink;
        resource.parentLink = computeHost.documentSelfLink;
        resource.resourcePoolLink = computeHost.resourcePoolLink;
        resource.networkInterfaceLinks = nicLinks;
        resource.diskLinks = vmDisks;
        resource.tagLinks = tagLinks;
        resource.regionId = awsVMDesc.regionId;
        resource.endpointLink = endpointState.documentSelfLink;
        resource.endpointLinks = new HashSet<String>();
        resource.endpointLinks.add(endpointState.documentSelfLink);
        resource.tenantLinks = endpointState.tenantLinks;
    }
    return TestUtils.doPost(host, resource, ComputeService.ComputeState.class, UriUtils.buildUri(host, ComputeService.FACTORY_LINK));
}

Example 87 with AuthCredentialsServiceState

use of com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState in project photon-model by vmware.

the class AzureEndpointAdapterService method validate.

private BiConsumer<AuthCredentialsServiceState, BiConsumer<ServiceErrorResponse, Throwable>> validate(EndpointConfigRequest body) {
    return (credentials, callback) -> {
        try {
            Boolean shouldProvision = Boolean.parseBoolean(body.endpointProperties.get(AZURE_PROVISIONING_PERMISSION));
            validateEndpointUniqueness(credentials, body.checkForEndpointUniqueness, body.tenantLinks).thenCompose(aVoid -> validateCredentials(credentials)).thenCompose(subscription -> getPermissions(credentials)).thenCompose(permList -> verifyPermissions(permList, shouldProvision)).whenComplete((aVoid, e) -> {
                if (e == null) {
                    callback.accept(null, null);
                    return;
                }
                if (e instanceof CompletionException) {
                    e = e.getCause();
                }
                final LocalizableValidationException localizableExc;
                if (e instanceof LocalizableValidationException) {
                    localizableExc = (LocalizableValidationException) e;
                } else {
                    // Azure doesn't send us any meaningful status code to work with
                    localizableExc = new LocalizableValidationException(e, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE, PHOTON_MODEL_ADAPTER_UNAUTHORIZED_MESSAGE_CODE);
                }
                ServiceErrorResponse rsp = Utils.toServiceErrorResponse(localizableExc);
                rsp.statusCode = STATUS_CODE_UNAUTHORIZED;
                callback.accept(rsp, localizableExc);
            });
        } catch (Throwable e) {
            logSevere(e);
            ServiceErrorResponse rsp = new ServiceErrorResponse();
            rsp.message = "Invalid Azure credentials";
            rsp.statusCode = STATUS_CODE_UNAUTHORIZED;
            callback.accept(rsp, e);
        }
    };
}

Example 88 with AuthCredentialsServiceState

use of com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState in project photon-model by vmware.

the class AzureComputeEnumerationAdapterService method createComputeDescriptions.

/**
 * Creates relevant resources for given VMs.
 */
private void createComputeDescriptions(EnumerationContext ctx, ComputeEnumerationSubStages next) {
    if (ctx.virtualMachines.size() == 0 && ctx.regions.isEmpty()) {
        // nothing to create
        if (ctx.enumNextPageLink != null) {
            ctx.subStage = ComputeEnumerationSubStages.LISTVMS;
            handleSubStage(ctx);
            return;
        }
        logFine(() -> "No virtual machine found for creation.");
        ctx.subStage = ComputeEnumerationSubStages.PATCH_ADDITIONAL_FIELDS;
        handleSubStage(ctx);
        return;
    }
    logFine(() -> String.format("%d compute description with states to be created", ctx.virtualMachines.size()));
    Iterator<Entry<String, VirtualMachineInner>> iterator = ctx.virtualMachines.entrySet().iterator();
    Collection<Operation> opCollection = new ArrayList<>();
    while (iterator.hasNext()) {
        Entry<String, VirtualMachineInner> vmEntry = iterator.next();
        VirtualMachineInner virtualMachine = vmEntry.getValue();
        AuthCredentialsServiceState auth = new AuthCredentialsServiceState();
        if (virtualMachine.osProfile() != null) {
            auth.userEmail = virtualMachine.osProfile().adminUsername();
            auth.privateKey = virtualMachine.osProfile().adminPassword();
        }
        auth.documentSelfLink = UUID.randomUUID().toString();
        auth.tenantLinks = ctx.parentCompute.tenantLinks;
        auth.customProperties = new HashMap<>();
        if (ctx.request.endpointLink != null) {
            auth.customProperties.put(CUSTOM_PROP_ENDPOINT_LINK, ctx.request.endpointLink);
        }
        String authLink = UriUtils.buildUriPath(AuthCredentialsService.FACTORY_LINK, auth.documentSelfLink);
        Operation authOp = Operation.createPost(createInventoryUri(getHost(), AuthCredentialsService.FACTORY_LINK)).setBody(auth);
        opCollection.add(authOp);
        // TODO VSYM-631: Match existing descriptions for new VMs discovered on Azure
        ComputeDescription computeDescription = new ComputeDescription();
        computeDescription.id = UUID.randomUUID().toString();
        computeDescription.name = virtualMachine.name();
        computeDescription.regionId = virtualMachine.location();
        computeDescription.authCredentialsLink = authLink;
        computeDescription.endpointLink = ctx.request.endpointLink;
        AdapterUtils.addToEndpointLinks(computeDescription, ctx.request.endpointLink);
        computeDescription.documentSelfLink = computeDescription.id;
        computeDescription.environmentName = ENVIRONMENT_NAME_AZURE;
        if (virtualMachine.hardwareProfile() != null && virtualMachine.hardwareProfile().vmSize() != null) {
            computeDescription.instanceType = virtualMachine.hardwareProfile().vmSize().toString();
        }
        computeDescription.instanceAdapterReference = ctx.parentCompute.description.instanceAdapterReference;
        computeDescription.statsAdapterReference = ctx.parentCompute.description.statsAdapterReference;
        computeDescription.diskAdapterReference = ctx.parentCompute.description.diskAdapterReference;
        computeDescription.computeHostLink = ctx.parentCompute.documentSelfLink;
        computeDescription.customProperties = new HashMap<>();
        computeDescription.customProperties.put(SOURCE_TASK_LINK, ResourceEnumerationTaskService.FACTORY_LINK);
        // TODO: https://jira-hzn.eng.vmware.com/browse/VSYM-1268
        String resourceGroupName = getResourceGroupName(virtualMachine.id());
        computeDescription.customProperties.put(AZURE_RESOURCE_GROUP_NAME, resourceGroupName);
        computeDescription.tenantLinks = ctx.parentCompute.tenantLinks;
        Operation compDescOp = Operation.createPost(getHost(), ComputeDescriptionService.FACTORY_LINK).setBody(computeDescription);
        ctx.computeDescriptionIds.put(virtualMachine.name(), computeDescription.id);
        opCollection.add(compDescOp);
    }
    for (RegionInfo region : ctx.regions.values()) {
        ComputeDescription computeDescriptionForRegion = createComputeDescriptionForRegion(ctx, region);
        Operation compDescOp = Operation.createPost(getHost(), ComputeDescriptionService.FACTORY_LINK).setBody(computeDescriptionForRegion);
        ctx.computeDescriptionIds.put(region.regionId, computeDescriptionForRegion.id);
        opCollection.add(compDescOp);
    }
    OperationJoin.create(opCollection).setCompletion((ops, exs) -> {
        if (exs != null) {
            exs.values().forEach(ex -> logWarning(() -> String.format("Error: %s", ex.getMessage())));
        }
        logFine(() -> "Continue on to updating disks.");
        ctx.subStage = next;
        handleSubStage(ctx);
    }).sendWith(this);
}

Example 89 with AuthCredentialsServiceState

use of com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState in project photon-model by vmware.

the class TestProvisionAWSSecurityGroup method testDeleteAWSSecurityGroupWithDependency.

@Test
public void testDeleteAWSSecurityGroupWithDependency() throws Throwable {
    // create credentials
    Operation authResponse = new Operation();
    TestUtils.postCredentials(this.host, authResponse, this.privateKey, this.privateKeyId);
    AuthCredentialsServiceState creds = authResponse.getBody(AuthCredentialsServiceState.class);
    // create resource pool
    Operation poolResponse = new Operation();
    TestUtils.postResourcePool(this.host, poolResponse);
    ResourcePoolState pool = poolResponse.getBody(ResourcePoolState.class);
    // create sg service
    Operation securityGroupResponse = new Operation();
    SecurityGroupState initialSecurityGroupState = buildSecurityGroupState(creds, pool);
    TestUtils.postSecurityGroup(this.host, initialSecurityGroupState, securityGroupResponse);
    SecurityGroupState securityGroupState = securityGroupResponse.getBody(SecurityGroupState.class);
    // set up security group task state
    ProvisionSecurityGroupTaskState task = new ProvisionSecurityGroupTaskState();
    task.requestType = SecurityGroupInstanceRequest.InstanceRequestType.CREATE;
    task.securityGroupDescriptionLinks = Stream.of(securityGroupState.documentSelfLink).collect(Collectors.toSet());
    task.customProperties = new HashMap<>();
    task.customProperties.put(NETWORK_STATE_ID_PROP_NAME, this.vpcId);
    Operation provision = new Operation();
    provisionSecurityGroup(task, provision);
    ProvisionSecurityGroupTaskState ps = provision.getBody(ProvisionSecurityGroupTaskState.class);
    waitForTaskCompletion(this.host, UriUtils.buildUri(this.host, ps.documentSelfLink));
    securityGroupState = getServiceSynchronously(securityGroupState.documentSelfLink, SecurityGroupState.class);
    // provision machine on the newly created SG
    String vm = provisionAWSVMWithEC2Client(this.host, this.ec2client, EC2_LINUX_AMI, this.subnetId, securityGroupState.id);
    // reuse previous task, but switch to a delete
    task.requestType = SecurityGroupInstanceRequest.InstanceRequestType.DELETE;
    Operation remove = new Operation();
    provisionSecurityGroup(task, remove);
    // delete the newly provisioned machine after a small delay
    Runnable deleteMachine = () -> {
        try {
            Thread.sleep(2000);
            deleteVMsUsingEC2Client(this.ec2client, this.host, Collections.singletonList(vm));
        } catch (Throwable t) {
            assertNotNull(t);
        }
    };
    deleteMachine.run();
    ProvisionSecurityGroupTaskState removeTask = remove.getBody(ProvisionSecurityGroupTaskState.class);
    waitForTaskCompletion(this.host, UriUtils.buildUri(this.host, removeTask.documentSelfLink));
    // verify security group state is gone
    try {
        getSecurityGroupState(securityGroupState.documentSelfLink);
    } catch (Exception ex) {
        assertTrue(ex instanceof ServiceNotFoundException);
    }
}

Example 90 with AuthCredentialsServiceState

use of com.vmware.xenon.services.common.AuthCredentialsService.AuthCredentialsServiceState in project photon-model by vmware.

the class TestProvisionAWSSecurityGroup method setUp.

@Before
public void setUp() throws Exception {
    CommandLineArgumentParser.parseFromProperties(this);
    // ignore if any of the required properties are missing
    org.junit.Assume.assumeTrue(TestUtils.isNull(this.privateKey, this.privateKeyId, this.region, this.vpcId, this.subnetId));
    try {
        PhotonModelServices.startServices(this.host);
        PhotonModelMetricServices.startServices(this.host);
        PhotonModelTaskServices.startServices(this.host);
        PhotonModelAdaptersRegistryAdapters.startServices(this.host);
        AWSAdaptersTestUtils.startServicesSynchronously(this.host);
        // start the aws sg service
        this.host.startService(Operation.createPost(UriUtils.buildUri(this.host, AWSSecurityGroupService.class)), new AWSSecurityGroupService());
        this.provisionSecurityGroupFactory = UriUtils.buildUri(this.host, ProvisionSecurityGroupTaskService.FACTORY_LINK);
        this.netClient = new AWSNetworkClient(TestUtils.getClient(this.privateKeyId, this.privateKey, this.region, false));
        this.vpc = this.netClient.getVPC(this.vpcId);
        assertNotNull(this.vpc);
        AuthCredentialsServiceState creds = new AuthCredentialsServiceState();
        creds.privateKey = this.privateKey;
        creds.privateKeyId = this.privateKeyId;
        TestContext ec2WaitContext = new TestContext(1, Duration.ofSeconds(30L));
        AWSUtils.getEc2AsyncClient(creds, this.region, getExecutor()).exceptionally(t -> {
            ec2WaitContext.fail(t);
            throw new CompletionException(t);
        }).thenAccept(ec2Client -> {
            this.ec2client = ec2Client;
            ec2WaitContext.complete();
        });
        ec2WaitContext.await();
    } catch (Throwable e) {
        throw new Exception(e);
    }
}