Example 1 with ImmutableGcloudExtension
use of org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension in project curiostack by curioswitch.
the class DeployPodTask method exec.
@TaskAction
public void exec() {
ImmutableDeploymentExtension config = getProject().getExtensions().getByType(DeploymentExtension.class);
final ImmutableDeploymentConfiguration deploymentConfig = config.getTypes().getByName(type);
ImmutableGcloudExtension gcloud = getProject().getRootProject().getExtensions().getByType(GcloudExtension.class);
ImmutableList.Builder<EnvVar> envVars = ImmutableList.<EnvVar>builder().addAll(deploymentConfig.envVars().entrySet().stream().map((entry) -> new EnvVar(entry.getKey(), entry.getValue(), null))::iterator).addAll(deploymentConfig.secretEnvVars().entrySet().stream().map((entry) -> new EnvVar(entry.getKey(), null, new EnvVarSourceBuilder().withSecretKeyRef(new SecretKeySelectorBuilder().withName(entry.getValue().get(0)).withKey(entry.getValue().get(1)).build()).build()))::iterator);
if (!deploymentConfig.envVars().containsKey("JAVA_OPTS")) {
int heapSize = deploymentConfig.jvmHeapMb();
StringBuilder javaOpts = new StringBuilder();
javaOpts.append("--add-opens java.base/jdk.internal.misc=ALL-UNNAMED ").append("--add-opens jdk.unsupported/sun.misc=ALL-UNNAMED ").append("-Xms").append(heapSize).append("m ").append("-Xmx").append(heapSize).append("m ").append("-Dconfig.resource=application-").append(type).append(".conf ").append("-Dmonitoring.stackdriverProjectId=").append(gcloud.clusterProject()).append(" ").append("-Dmonitoring.serverName=").append(deploymentConfig.deploymentName()).append(" ");
if (!deploymentConfig.request()) {
int numCpus = (int) Math.ceil(Double.parseDouble(deploymentConfig.cpu()));
int numWorkers = numCpus * 2;
javaOpts.append("-XX:ParallelGCThreads=").append(numCpus).append(" ").append("-Dcom.linecorp.armeria.numCommonWorkers=").append(numWorkers).append(" ").append("-Dio.netty.availableProcessors=").append(numCpus).append(" ");
}
if (!type.equals("prod")) {
javaOpts.append("-Dcom.linecorp.armeria.verboseExceptions=true ");
}
envVars.add(new EnvVar("JAVA_OPTS", javaOpts.toString(), null));
}
Map<String, Quantity> resources = ImmutableMap.of("cpu", new Quantity(deploymentConfig.cpu()), "memory", new Quantity(deploymentConfig.memoryMb() + "Mi"));
Deployment deployment = new DeploymentBuilder().withMetadata(new ObjectMetaBuilder().withNamespace(deploymentConfig.namespace()).withName(deploymentConfig.deploymentName()).build()).withSpec(new DeploymentSpecBuilder().withReplicas(deploymentConfig.replicas()).withStrategy(new DeploymentStrategyBuilder().withType("RollingUpdate").withRollingUpdate(new RollingUpdateDeploymentBuilder().withNewMaxUnavailable(0).build()).build()).withSelector(new LabelSelectorBuilder().withMatchLabels(ImmutableMap.of("name", deploymentConfig.deploymentName())).build()).withTemplate(new PodTemplateSpecBuilder().withMetadata(new ObjectMetaBuilder().withLabels(ImmutableMap.of("name", deploymentConfig.deploymentName(), "revision", System.getenv().getOrDefault("REVISION_ID", "none"))).withAnnotations(ImmutableMap.<String, String>builder().put("prometheus.io/scrape", "true").put("prometheus.io/scheme", "https").put("prometheus.io/path", "/internal/metrics").put("prometheus.io/port", String.valueOf(deploymentConfig.containerPort())).build()).build()).withSpec(new PodSpecBuilder().withContainers(new ContainerBuilder().withResources(new ResourceRequirementsBuilder().withLimits(!deploymentConfig.request() ? resources : ImmutableMap.of()).withRequests(deploymentConfig.request() ? resources : ImmutableMap.of()).build()).withImage(deploymentConfig.image()).withName(deploymentConfig.deploymentName()).withEnv(envVars.build()).withImagePullPolicy("Always").withReadinessProbe(createProbe(deploymentConfig, Duration.ofSeconds(5))).withLivenessProbe(createProbe(deploymentConfig, Duration.ofSeconds(15))).withPorts(ImmutableList.of(new ContainerPortBuilder().withContainerPort(deploymentConfig.containerPort()).withName("http").build())).withVolumeMounts(new VolumeMountBuilder().withName("tls").withMountPath("/etc/tls").withReadOnly(true).build(), new VolumeMountBuilder().withName("rpcacls").withMountPath("/etc/rpcacls").withReadOnly(true).build()).build()).withVolumes(new VolumeBuilder().withName("tls").withSecret(new SecretVolumeSourceBuilder().withSecretName("server-tls").build()).build(), new VolumeBuilder().withName("rpcacls").withConfigMap(new ConfigMapVolumeSourceBuilder().withName("rpcacls").build()).build()).build()).build()).build()).build();
KubernetesClient client = new DefaultKubernetesClient();
Service service = new ServiceBuilder().withMetadata(new ObjectMetaBuilder().withName(deploymentConfig.deploymentName()).withNamespace(deploymentConfig.namespace()).withAnnotations(ImmutableMap.<String, String>builder().put("service.alpha.kubernetes.io/app-protocols", "{\"https\":\"HTTPS\"}").put("prometheus.io/scrape", "true").put("prometheus.io/scheme", "https").put("prometheus.io/path", "/internal/metrics").put("prometheus.io/port", String.valueOf(deploymentConfig.containerPort())).put("prometheus.io/probe", "true").build()).build()).withSpec(createServiceSpec(deploymentConfig)).build();
Map<String, Service> additionalServices = new HashMap<>();
for (String path : deploymentConfig.additionalServicePaths()) {
String sanitizedPath = path;
if (sanitizedPath.endsWith("/*")) {
sanitizedPath = sanitizedPath.substring(0, path.length() - 2);
}
String serviceName = deploymentConfig.deploymentName() + sanitizedPath.replace('/', '-');
additionalServices.put(path, new ServiceBuilder().withMetadata(new ObjectMetaBuilder().withName(serviceName).withNamespace(deploymentConfig.namespace()).withAnnotations(ImmutableMap.of("service.alpha.kubernetes.io/app-protocols", "{\"https\":\"HTTPS\"}")).build()).withSpec(createServiceSpec(deploymentConfig)).build());
}
client.resource(deployment).createOrReplace();
deployService(service, client);
additionalServices.values().forEach(s -> deployService(s, client));
if (deploymentConfig.externalHost() != null) {
List<HTTPIngressPath> ingressPaths = new ArrayList<>();
additionalServices.forEach((path, s) -> ingressPaths.add(createIngressPath(path, s.getMetadata().getName(), deploymentConfig)));
ingressPaths.add(createIngressPath("/*", deploymentConfig.deploymentName(), deploymentConfig));
Ingress ingress = new IngressBuilder().withMetadata(new ObjectMetaBuilder().withNamespace(deploymentConfig.namespace()).withName(deploymentConfig.deploymentName()).withAnnotations(ImmutableMap.of("kubernetes.io/tls-acme", "true", "kubernetes.io/ingress.class", "gce")).build()).withSpec(new IngressSpecBuilder().withTls(new IngressTLSBuilder().withSecretName(deploymentConfig.deploymentName() + "-tls").withHosts(deploymentConfig.externalHost()).build()).withRules(new IngressRuleBuilder().withHost(deploymentConfig.externalHost()).withHttp(new HTTPIngressRuleValueBuilder().withPaths(ingressPaths).build()).build()).build()).build();
client.resource(ingress).createOrReplace();
}
}
Also used :
Quantity(io.fabric8.kubernetes.api.model.Quantity)
ConfigMapVolumeSourceBuilder(io.fabric8.kubernetes.api.model.ConfigMapVolumeSourceBuilder)
IntOrString(io.fabric8.kubernetes.api.model.IntOrString)
IngressRuleBuilder(io.fabric8.kubernetes.api.model.extensions.IngressRuleBuilder)
Deployment(io.fabric8.kubernetes.api.model.extensions.Deployment)
ImmutableDeploymentExtension(org.curioswitch.gradle.plugins.curioserver.ImmutableDeploymentExtension)
ImmutableDeploymentConfiguration(org.curioswitch.gradle.plugins.curioserver.ImmutableDeploymentExtension.ImmutableDeploymentConfiguration)
TaskAction(org.gradle.api.tasks.TaskAction)
VolumeMountBuilder(io.fabric8.kubernetes.api.model.VolumeMountBuilder)
Duration(java.time.Duration)
Map(java.util.Map)
ContainerBuilder(io.fabric8.kubernetes.api.model.ContainerBuilder)
DefaultTask(org.gradle.api.DefaultTask)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
ServiceBuilder(io.fabric8.kubernetes.api.model.ServiceBuilder)
SecretVolumeSourceBuilder(io.fabric8.kubernetes.api.model.SecretVolumeSourceBuilder)
IngressBackendBuilder(io.fabric8.kubernetes.api.model.extensions.IngressBackendBuilder)
LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder)
ImmutableMap(com.google.common.collect.ImmutableMap)
HTTPIngressRuleValueBuilder(io.fabric8.kubernetes.api.model.extensions.HTTPIngressRuleValueBuilder)
Ingress(io.fabric8.kubernetes.api.model.extensions.Ingress)
VolumeBuilder(io.fabric8.kubernetes.api.model.VolumeBuilder)
List(java.util.List)
RollingUpdateDeploymentBuilder(io.fabric8.kubernetes.api.model.extensions.RollingUpdateDeploymentBuilder)
DeploymentBuilder(io.fabric8.kubernetes.api.model.extensions.DeploymentBuilder)
GcloudExtension(org.curioswitch.gradle.plugins.gcloud.GcloudExtension)
HTTPGetActionBuilder(io.fabric8.kubernetes.api.model.HTTPGetActionBuilder)
ProbeBuilder(io.fabric8.kubernetes.api.model.ProbeBuilder)
ServiceSpec(io.fabric8.kubernetes.api.model.ServiceSpec)
EnvVar(io.fabric8.kubernetes.api.model.EnvVar)
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
ResourceRequirementsBuilder(io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder)
IngressTLSBuilder(io.fabric8.kubernetes.api.model.extensions.IngressTLSBuilder)
ServicePortBuilder(io.fabric8.kubernetes.api.model.ServicePortBuilder)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
ImmutableList(com.google.common.collect.ImmutableList)
PodSpecBuilder(io.fabric8.kubernetes.api.model.PodSpecBuilder)
EnvVarSourceBuilder(io.fabric8.kubernetes.api.model.EnvVarSourceBuilder)
ServiceSpecBuilder(io.fabric8.kubernetes.api.model.ServiceSpecBuilder)
Service(io.fabric8.kubernetes.api.model.Service)
HTTPIngressPathBuilder(io.fabric8.kubernetes.api.model.extensions.HTTPIngressPathBuilder)
HTTPIngressPath(io.fabric8.kubernetes.api.model.extensions.HTTPIngressPath)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
DeploymentExtension(org.curioswitch.gradle.plugins.curioserver.DeploymentExtension)
PodTemplateSpecBuilder(io.fabric8.kubernetes.api.model.PodTemplateSpecBuilder)
Probe(io.fabric8.kubernetes.api.model.Probe)
IngressBuilder(io.fabric8.kubernetes.api.model.extensions.IngressBuilder)
SecretKeySelectorBuilder(io.fabric8.kubernetes.api.model.SecretKeySelectorBuilder)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
DeploymentSpecBuilder(io.fabric8.kubernetes.api.model.extensions.DeploymentSpecBuilder)
ContainerPortBuilder(io.fabric8.kubernetes.api.model.ContainerPortBuilder)
DeploymentStrategyBuilder(io.fabric8.kubernetes.api.model.extensions.DeploymentStrategyBuilder)
IngressSpecBuilder(io.fabric8.kubernetes.api.model.extensions.IngressSpecBuilder)
IngressRuleBuilder(io.fabric8.kubernetes.api.model.extensions.IngressRuleBuilder)
DeploymentSpecBuilder(io.fabric8.kubernetes.api.model.extensions.DeploymentSpecBuilder)
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
HashMap(java.util.HashMap)
ImmutableList(com.google.common.collect.ImmutableList)
ResourceRequirementsBuilder(io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder)
ArrayList(java.util.ArrayList)
Deployment(io.fabric8.kubernetes.api.model.extensions.Deployment)
IntOrString(io.fabric8.kubernetes.api.model.IntOrString)
VolumeBuilder(io.fabric8.kubernetes.api.model.VolumeBuilder)
HTTPIngressPath(io.fabric8.kubernetes.api.model.extensions.HTTPIngressPath)
ServiceBuilder(io.fabric8.kubernetes.api.model.ServiceBuilder)
EnvVarSourceBuilder(io.fabric8.kubernetes.api.model.EnvVarSourceBuilder)
ContainerBuilder(io.fabric8.kubernetes.api.model.ContainerBuilder)
HTTPIngressRuleValueBuilder(io.fabric8.kubernetes.api.model.extensions.HTTPIngressRuleValueBuilder)
RollingUpdateDeploymentBuilder(io.fabric8.kubernetes.api.model.extensions.RollingUpdateDeploymentBuilder)
ConfigMapVolumeSourceBuilder(io.fabric8.kubernetes.api.model.ConfigMapVolumeSourceBuilder)
EnvVar(io.fabric8.kubernetes.api.model.EnvVar)
IngressTLSBuilder(io.fabric8.kubernetes.api.model.extensions.IngressTLSBuilder)
ImmutableDeploymentConfiguration(org.curioswitch.gradle.plugins.curioserver.ImmutableDeploymentExtension.ImmutableDeploymentConfiguration)
SecretKeySelectorBuilder(io.fabric8.kubernetes.api.model.SecretKeySelectorBuilder)
PodSpecBuilder(io.fabric8.kubernetes.api.model.PodSpecBuilder)
LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder)
SecretVolumeSourceBuilder(io.fabric8.kubernetes.api.model.SecretVolumeSourceBuilder)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
Quantity(io.fabric8.kubernetes.api.model.Quantity)
Service(io.fabric8.kubernetes.api.model.Service)
Ingress(io.fabric8.kubernetes.api.model.extensions.Ingress)
DeploymentStrategyBuilder(io.fabric8.kubernetes.api.model.extensions.DeploymentStrategyBuilder)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
VolumeMountBuilder(io.fabric8.kubernetes.api.model.VolumeMountBuilder)
IngressBuilder(io.fabric8.kubernetes.api.model.extensions.IngressBuilder)
ImmutableDeploymentExtension(org.curioswitch.gradle.plugins.curioserver.ImmutableDeploymentExtension)
IngressSpecBuilder(io.fabric8.kubernetes.api.model.extensions.IngressSpecBuilder)
PodTemplateSpecBuilder(io.fabric8.kubernetes.api.model.PodTemplateSpecBuilder)
ContainerPortBuilder(io.fabric8.kubernetes.api.model.ContainerPortBuilder)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
RollingUpdateDeploymentBuilder(io.fabric8.kubernetes.api.model.extensions.RollingUpdateDeploymentBuilder)
DeploymentBuilder(io.fabric8.kubernetes.api.model.extensions.DeploymentBuilder)
TaskAction(org.gradle.api.tasks.TaskAction)
Example 2 with ImmutableGcloudExtension
use of org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension in project curiostack by curioswitch.
the class GcloudTask method exec.
@TaskAction
public void exec() {
ImmutableGcloudExtension config = getProject().getRootProject().getExtensions().getByType(GcloudExtension.class);
String command = Os.isFamily(Os.FAMILY_WINDOWS) ? COMMAND + ".cmd" : COMMAND;
String executable = CommandUtil.getGcloudSdkBinDir(getProject()).resolve(command).toString();
List<Object> fullArgs = ImmutableList.builder().add("--project=" + config.clusterProject()).add("--quiet").addAll(args).build();
getProject().exec(exec -> {
exec.executable(executable);
exec.args(fullArgs);
if (config.download()) {
exec.environment("PATH", CommandUtil.getGcloudSdkBinDir(getProject()) + File.pathSeparator + exec.getEnvironment().get("PATH"));
exec.environment("CLOUDSDK_PYTHON", CommandUtil.getPythonExecutable(getProject(), "build"));
exec.environment("CLOUDSDK_PYTHON_SITEPACKAGES", "1");
}
exec.setStandardInput(System.in);
});
}
Also used :
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
TaskAction(org.gradle.api.tasks.TaskAction)
Example 3 with ImmutableGcloudExtension
use of org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension in project curiostack by curioswitch.
the class RequestNamespaceCertTask method exec.
@TaskAction
public void exec() {
ImmutableClusterExtension cluster = getProject().getExtensions().getByType(ClusterExtension.class);
final KeyPairGenerator keygen;
try {
keygen = KeyPairGenerator.getInstance("ECDSA", BouncyCastleProvider.PROVIDER_NAME);
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
throw new IllegalStateException("Could not find RSA, can't happen.", e);
}
keygen.initialize(256, new SecureRandom());
KeyPair keyPair = keygen.generateKeyPair();
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(new X500Principal("CN=" + cluster.namespace() + ".ns.cluster.stellarstation.com"), keyPair.getPublic());
Stream<GeneralName> generalNames = Streams.concat(Stream.of(new GeneralName(GeneralName.dNSName, "*." + cluster.namespace()), new GeneralName(GeneralName.dNSName, "*." + cluster.namespace() + ".svc"), new GeneralName(GeneralName.dNSName, "*." + cluster.namespace() + ".svc.cluster.local")), cluster.extraNamespaceTlsHosts().stream().map(name -> new GeneralName(GeneralName.dNSName, name)));
GeneralNames subjectAltNames = new GeneralNames(generalNames.toArray(GeneralName[]::new));
ExtensionsGenerator extensions = new ExtensionsGenerator();
try {
extensions.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
p10Builder.setAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensions.generate());
} catch (IOException e) {
throw new IllegalStateException("Could not encode cert name, can't happen.", e);
}
final ContentSigner signer;
try {
signer = new JcaContentSignerBuilder("SHA256withECDSA").build(keyPair.getPrivate());
} catch (OperatorCreationException e) {
throw new IllegalStateException("Could not find signer, can't happen.", e);
}
PKCS10CertificationRequest csr = p10Builder.build(signer);
StringWriter csrWriter = new StringWriter();
try (JcaPEMWriter pemWriter = new JcaPEMWriter(csrWriter)) {
pemWriter.writeObject(csr);
} catch (IOException e) {
throw new IllegalStateException("Could not encode csr, can't happen.", e);
}
String encodedCsr = Base64.getEncoder().encodeToString(csrWriter.toString().getBytes(StandardCharsets.UTF_8));
Map<Object, Object> csrApiRequest = ImmutableMap.of("apiVersion", "certificates.k8s.io/v1beta1", "kind", "CertificateSigningRequest", "metadata", ImmutableMap.of("name", cluster.namespace() + ".server.crt"), "spec", ImmutableMap.of("request", encodedCsr, "usages", ImmutableList.of("digital signature", "key encipherment", "server auth", "client auth")));
final byte[] encodedApiRequest;
try {
encodedApiRequest = OBJECT_MAPPER.writeValueAsBytes(csrApiRequest);
} catch (JsonProcessingException e) {
throw new IllegalStateException("Could not encode yaml", e);
}
ImmutableGcloudExtension config = getProject().getRootProject().getExtensions().getByType(GcloudExtension.class);
String command = config.download() ? CommandUtil.getGcloudSdkBinDir(getProject()).resolve("kubectl").toAbsolutePath().toString() : "kubectl";
getProject().exec(exec -> {
exec.executable(command);
exec.args("create", "-f", "-");
exec.setStandardInput(new ByteArrayInputStream(encodedApiRequest));
});
getProject().exec(exec -> {
exec.executable(command);
exec.args("certificate", "approve", cluster.namespace() + ".server.crt");
});
// Need to wait a bit for certificate to propagate before fetching.
try {
TimeUnit.SECONDS.sleep(5);
} catch (InterruptedException e) {
throw new RuntimeException(e);
}
// Gradle Exec seems to be flaky when reading from stdout, so use normal ProcessBuilder.
final byte[] certificateBytes;
try {
Process getCertProcess = new ProcessBuilder(command, "get", "csr", cluster.namespace() + ".server.crt", "-o", "jsonpath={.status.certificate}").start();
certificateBytes = ByteStreams.toByteArray(getCertProcess.getInputStream());
} catch (IOException e) {
throw new UncheckedIOException("Could not fetch certificate.", e);
}
String certificate = new String(Base64.getDecoder().decode(certificateBytes), StandardCharsets.UTF_8);
final JcaPKCS8Generator keyGenerator;
final PemObject keyObject;
try {
keyGenerator = new JcaPKCS8Generator(keyPair.getPrivate(), null);
keyObject = keyGenerator.generate();
} catch (PemGenerationException e) {
throw new IllegalStateException("Could not encode to pkcs8.", e);
}
StringWriter keyWriter = new StringWriter();
try (JcaPEMWriter pemWriter = new JcaPEMWriter(keyWriter)) {
pemWriter.writeObject(keyObject);
} catch (IOException e) {
throw new IllegalStateException("Could not encode csr, can't happen.", e);
}
String key = keyWriter.toString();
KubernetesClient client = new DefaultKubernetesClient();
Secret certificateSecret = new SecretBuilder().withMetadata(new ObjectMetaBuilder().withName("server-tls").withNamespace(cluster.namespace()).build()).withType("Opaque").withData(ImmutableMap.of("server.crt", Base64.getEncoder().encodeToString(certificate.getBytes(StandardCharsets.UTF_8)), "server-key.pem", Base64.getEncoder().encodeToString(key.getBytes(StandardCharsets.UTF_8)))).build();
client.resource(certificateSecret).createOrReplace();
}
Also used :
KeyPair(java.security.KeyPair)
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
Extension(org.bouncycastle.asn1.x509.Extension)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
Security(java.security.Security)
SecureRandom(java.security.SecureRandom)
TaskAction(org.gradle.api.tasks.TaskAction)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Map(java.util.Map)
PemGenerationException(org.bouncycastle.util.io.pem.PemGenerationException)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
DefaultTask(org.gradle.api.DefaultTask)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
KeyPairGenerator(java.security.KeyPairGenerator)
PemObject(org.bouncycastle.util.io.pem.PemObject)
ImmutableMap(com.google.common.collect.ImmutableMap)
Streams(com.google.common.collect.Streams)
StandardCharsets(java.nio.charset.StandardCharsets)
UncheckedIOException(java.io.UncheckedIOException)
Base64(java.util.Base64)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Stream(java.util.stream.Stream)
GcloudExtension(org.curioswitch.gradle.plugins.gcloud.GcloudExtension)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ByteStreams(com.google.common.io.ByteStreams)
Secret(io.fabric8.kubernetes.api.model.Secret)
JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter)
X500Principal(javax.security.auth.x500.X500Principal)
PKCSObjectIdentifiers(org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers)
ContentSigner(org.bouncycastle.operator.ContentSigner)
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
ImmutableClusterExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableClusterExtension)
ImmutableList(com.google.common.collect.ImmutableList)
ClusterExtension(org.curioswitch.gradle.plugins.gcloud.ClusterExtension)
YAMLFactory(com.fasterxml.jackson.dataformat.yaml.YAMLFactory)
ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
StringWriter(java.io.StringWriter)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
IOException(java.io.IOException)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
TimeUnit(java.util.concurrent.TimeUnit)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
CommandUtil(org.curioswitch.gradle.plugins.shared.CommandUtil)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
JcaPKCS8Generator(org.bouncycastle.openssl.jcajce.JcaPKCS8Generator)
NoSuchProviderException(java.security.NoSuchProviderException)
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
UncheckedIOException(java.io.UncheckedIOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
ImmutableClusterExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableClusterExtension)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
StringWriter(java.io.StringWriter)
JcaPKCS8Generator(org.bouncycastle.openssl.jcajce.JcaPKCS8Generator)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
KeyPair(java.security.KeyPair)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
PemGenerationException(org.bouncycastle.util.io.pem.PemGenerationException)
ContentSigner(org.bouncycastle.operator.ContentSigner)
SecureRandom(java.security.SecureRandom)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
KeyPairGenerator(java.security.KeyPairGenerator)
UncheckedIOException(java.io.UncheckedIOException)
IOException(java.io.IOException)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator)
Secret(io.fabric8.kubernetes.api.model.Secret)
PemObject(org.bouncycastle.util.io.pem.PemObject)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
ByteArrayInputStream(java.io.ByteArrayInputStream)
X500Principal(javax.security.auth.x500.X500Principal)
PemObject(org.bouncycastle.util.io.pem.PemObject)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
DefaultKubernetesClient(io.fabric8.kubernetes.client.DefaultKubernetesClient)
NoSuchProviderException(java.security.NoSuchProviderException)
JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter)
TaskAction(org.gradle.api.tasks.TaskAction)
Example 4 with ImmutableGcloudExtension
use of org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension in project curiostack by curioswitch.
the class CloudbuildGithubPlugin method apply.
@Override
public void apply(Project project) {
String path = project.getPath().replace(':', '_');
YarnTask initTask = project.getRootProject().getTasks().create("init_" + path, YarnTask.class);
initTask.setWorkingDir(project.getProjectDir());
initTask.setArgs(ImmutableList.of("init", "--yes", "--private"));
initTask.finalizedBy(project.getTasks().create("initAddDependency", YarnTask.class, task -> {
task.setArgs(ImmutableList.of("add", "@curiostack/cloudbuild-github"));
task.onlyIf(t -> !project.file("package.json").exists());
}), "yarn");
initTask.onlyIf(t -> !project.file("package.json").exists());
ImmutableGcloudExtension gcloudConfig = project.getRootProject().getExtensions().getByType(GcloudExtension.class);
Map<String, String> defaultEnvironment = ImmutableMap.of("GCLOUD_PROJECT", gcloudConfig.clusterProject());
YarnTask setupTask = project.getRootProject().getTasks().create("setup_" + path, YarnTask.class);
setupTask.setWorkingDir(project.getProjectDir());
setupTask.setArgs(ImmutableList.of("run", "cloudbuild-cli", "setup", "--defaults"));
setupTask.dependsOn(initTask);
setupTask.onlyIf(t -> !project.file("config.yml").exists());
setupTask.setExecOverrides(LambdaClosure.of(((ExecSpec exec) -> exec.setStandardInput(System.in).setStandardOutput(System.out))));
setupTask.setEnvironment(defaultEnvironment);
Map<String, String> environment = gcloudConfig.download() ? ImmutableMap.<String, String>builder().put("PATH", gcloudConfig.platformConfig().gcloudBinDir() + File.pathSeparator + System.getenv("PATH")).putAll(defaultEnvironment).build() : defaultEnvironment;
YarnTask deployTask = project.getTasks().create("deploy_" + path, YarnTask.class);
deployTask.setWorkingDir(project.getProjectDir());
deployTask.setArgs(ImmutableList.of("run", "cloudbuild-cli", "deploy", "--delete"));
deployTask.dependsOn(setupTask);
deployTask.setEnvironment(environment);
deployTask.dependsOn(":gcloudSetup");
}
Also used :
ImmutableList(com.google.common.collect.ImmutableList)
ImmutableMap(com.google.common.collect.ImmutableMap)
Project(org.gradle.api.Project)
YarnTask(com.moowork.gradle.node.yarn.YarnTask)
GcloudExtension(org.curioswitch.gradle.plugins.gcloud.GcloudExtension)
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
Map(java.util.Map)
ExecSpec(org.gradle.process.ExecSpec)
LambdaClosure(org.curioswitch.gradle.common.LambdaClosure)
File(java.io.File)
Plugin(org.gradle.api.Plugin)
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
YarnTask(com.moowork.gradle.node.yarn.YarnTask)
ExecSpec(org.gradle.process.ExecSpec)
Example 5 with ImmutableGcloudExtension
use of org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension in project curiostack by curioswitch.
the class CreateBuildCacheBucket method exec.
@TaskAction
public void exec() {
ImmutableGcloudExtension config = getProject().getExtensions().getByType(GcloudExtension.class);
Storage cloudStorage = StorageOptions.newBuilder().setProjectId(config.clusterProject()).build().getService();
cloudStorage.create(BucketInfo.of(config.buildCacheStorageBucket())).createAcl(Acl.of(new Domain("istellar.jp"), Role.READER));
}
Also used :
ImmutableGcloudExtension(org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)
Storage(com.google.cloud.storage.Storage)
Domain(com.google.cloud.storage.Acl.Domain)
TaskAction(org.gradle.api.tasks.TaskAction)
Aggregations
ImmutableGcloudExtension (org.curioswitch.gradle.plugins.gcloud.ImmutableGcloudExtension)6
TaskAction (org.gradle.api.tasks.TaskAction)5
ImmutableList (com.google.common.collect.ImmutableList)3
ImmutableMap (com.google.common.collect.ImmutableMap)3
ObjectMetaBuilder (io.fabric8.kubernetes.api.model.ObjectMetaBuilder)3
DefaultKubernetesClient (io.fabric8.kubernetes.client.DefaultKubernetesClient)3
KubernetesClient (io.fabric8.kubernetes.client.KubernetesClient)3
Map (java.util.Map)3
GcloudExtension (org.curioswitch.gradle.plugins.gcloud.GcloudExtension)3
JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)2
Secret (io.fabric8.kubernetes.api.model.Secret)2
SecretBuilder (io.fabric8.kubernetes.api.model.SecretBuilder)2
File (java.io.File)2
DefaultTask (org.gradle.api.DefaultTask)2
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1
YAMLFactory (com.fasterxml.jackson.dataformat.yaml.YAMLFactory)1
Domain (com.google.cloud.storage.Acl.Domain)1
Storage (com.google.cloud.storage.Storage)1
Streams (com.google.common.collect.Streams)1
ByteStreams (com.google.common.io.ByteStreams)1
