Examples with InfrastructureException org.eclipse.che.api.workspace.server.spi.InfrastructureException used on opensource projects

Example 71 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class KubernetesServerExposer method exposeSecureServers.

private void exposeSecureServers(Map<String, ServerConfig> securedServers, Map<String, ServicePort> securedPorts) throws InfrastructureException {
    if (securedPorts.isEmpty()) {
        return;
    }
    Optional<Service> secureService = secureServerExposer.createService(securedPorts.values(), pod, machineName, securedServers);
    String secureServiceName = secureService.map(s -> {
        String n = s.getMetadata().getName();
        k8sEnv.getServices().put(n, s);
        return n;
    }).orElse(null);
    for (ServicePort servicePort : securedPorts.values()) {
        // expose service port related secure servers if exist
        Map<String, ServerConfig> matchedSecureServers = match(securedServers, servicePort);
        if (!matchedSecureServers.isEmpty()) {
            onEachExposableServerSet(matchedSecureServers, (serverId, srvrs) -> {
                secureServerExposer.expose(k8sEnv, pod, machineName, secureServiceName, serverId, servicePort, srvrs);
            });
        }
    }
}

Example 72 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class AbstractJwtProxyProvisioner method expose.

/**
 * Modifies Kubernetes environment to expose the specified service port via JWTProxy.
 *
 * @param k8sEnv Kubernetes environment to modify
 * @param pod the pod that runs the server being exposed
 * @param backendServiceName service name that will be exposed
 * @param backendServicePort service port that will be exposed
 * @param protocol protocol that will be used for exposed port
 * @param secureServers secure servers to expose
 * @return JWTProxy service port that expose the specified one
 * @throws InfrastructureException if any exception occurs during port exposing
 */
@Override
public ServicePort expose(KubernetesEnvironment k8sEnv, PodData pod, String machineName, String backendServiceName, ServicePort backendServicePort, String protocol, boolean requireSubdomain, Map<String, ServerConfig> secureServers) throws InfrastructureException {
    Preconditions.checkArgument(secureServers != null && !secureServers.isEmpty(), "Secure servers are missing");
    ensureJwtProxyInjected(k8sEnv, machineName, pod);
    Set<String> excludes = new HashSet<>();
    Boolean cookiesAuthEnabled = null;
    for (ServerConfig serverConfig : secureServers.values()) {
        ExposureConfiguration config = getExposureConfiguration(serverConfig);
        // accumulate unsecured paths
        if (config.excludedPaths != null) {
            excludes.addAll(config.excludedPaths);
        }
        // calculate `cookiesAuthEnabled` attributes
        if (detectCookieAuth) {
            if (cookiesAuthEnabled == null) {
                cookiesAuthEnabled = config.cookiesAuthEnabled;
            } else {
                if (!cookiesAuthEnabled.equals(config.cookiesAuthEnabled)) {
                    throw new InfrastructureException("Secure servers which expose the same port should have the same `cookiesAuthEnabled` value.");
                }
            }
        }
    }
    int listenPort = availablePort++;
    ServicePort exposedPort = new ServicePortBuilder().withName("server-" + listenPort).withPort(listenPort).withProtocol(protocol).withNewTargetPort(listenPort).build();
    k8sEnv.getServices().get(serviceName).getSpec().getPorts().add(exposedPort);
    CookiePathStrategy actualCookiePathStrategy = requireSubdomain ? multihostCookiePathStrategy : cookiePathStrategy;
    ExternalServiceExposureStrategy actualExposureStrategy = requireSubdomain ? multiHostExternalServiceExposureStrategy : externalServiceExposureStrategy;
    // JwtProxySecureServerExposer creates no service for the exposed secure servers and
    // assumes everything will be proxied from localhost, because JWT proxy is collocated
    // with the workspace pod (because it is added to the environment as an injectable pod).
    // This method historically supported proxying secure servers exposed through a service
    // (which is not secure in absence of a appropriate network policy). The support for
    // accessing the backend server through a service was kept here because it doesn't add
    // any additional complexity to this method and keeps the door open for the
    // JwtProxySecureServerExposer to be enhanced in the future with support for service-handled
    // secure servers.
    backendServiceName = backendServiceName == null ? "127.0.0.1" : backendServiceName;
    proxyConfigBuilder.addVerifierProxy(listenPort, "http://" + backendServiceName + ":" + backendServicePort.getTargetPort().getIntVal(), excludes, cookiesAuthEnabled == null ? false : cookiesAuthEnabled, actualCookiePathStrategy.get(serviceName, exposedPort), actualExposureStrategy.getExternalPath(serviceName, exposedPort.getName()));
    k8sEnv.getConfigMaps().get(getConfigMapName()).getData().put(JWT_PROXY_CONFIG_FILE, proxyConfigBuilder.build());
    return exposedPort;
}

Example 73 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class TraefikGatewayRouteConfigGenerator method generate.

/**
 * Generates Traefik specific configuration for single service.
 *
 * @param name name of the service
 * @param serviceUrl url of service we want to route to
 * @param path path to route and strip
 * @return traefik service route config
 */
private String generate(String name, String serviceUrl, String path) throws InfrastructureException {
    StringWriter sw = new StringWriter();
    try {
        YAMLGenerator generator = YAMLFactory.builder().disable(WRITE_DOC_START_MARKER).build().createGenerator(sw);
        generator.writeStartObject();
        generator.writeFieldName("http");
        generator.writeStartObject();
        generator.writeFieldName("routers");
        generateRouters(generator, name, path);
        generator.writeFieldName("services");
        generateServices(generator, name, serviceUrl);
        generator.writeFieldName("middlewares");
        generateMiddlewares(generator, name, path);
        generator.writeEndObject();
        generator.writeEndObject();
        generator.flush();
        return sw.toString();
    } catch (IOException e) {
        throw new InfrastructureException(e);
    }
}

Example 74 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class PVCSubPathHelperTest method testLogErrorWhenKubernetesProjectCreationFailed.

@Test
public void testLogErrorWhenKubernetesProjectCreationFailed() throws Exception {
    when(osDeployments.create(any())).thenThrow(new InfrastructureException("Kubernetes namespace creation failed"));
    pvcSubPathHelper.execute(WORKSPACE_ID, NAMESPACE, PVC_NAME, MKDIR_COMMAND_BASE, WORKSPACE_ID + PROJECTS_PATH);
    verify(k8sNamespaceFactory).access(WORKSPACE_ID, NAMESPACE);
    verify(osDeployments).create(any());
    verify(osDeployments, never()).waitAsync(anyString(), any());
}

Example 75 with InfrastructureException

use of org.eclipse.che.api.workspace.server.spi.InfrastructureException in project devspaces-images by redhat-developer.

the class KeycloakProviderConfigFactoryTest method testRethrowOnInvalidTokenBadRequestException.

@Test
public void testRethrowOnInvalidTokenBadRequestException() throws Exception {
    doThrow(new BadRequestException(DtoFactory.newDto(ServiceError.class).withMessage("Invalid token."))).when(keycloakServiceClient).getIdentityProviderToken(anyString());
    try {
        configBuilder.buildConfig(defaultConfig, A_WORKSPACE_ID);
    } catch (InfrastructureException e) {
        assertEquals(e.getMessage(), SESSION_EXPIRED_MESSAGE, "The exception message is wrong");
        return;
    }
    fail("Should have thrown an exception with the following message: " + SESSION_EXPIRED_MESSAGE);
}