private boolean hasAccount(String name) { return accounts.stream().anyMatch(a -> a.getName().equals(name)); }
@Override public void validate(ConfigProblemSetBuilder p, Account n) { if (n.getName() == null) { p.addProblem(Severity.FATAL, "Account name must be specified"); } else if (!Pattern.matches(namePattern, n.getName())) { p.addProblem(Severity.ERROR, "Account name must match pattern " + namePattern) .setRemediation("It must start and end with a lower-case character or number, and only contain lower-case characters, numbers, or dashes"); } if (n.getRequiredGroupMembership() != null && !n.getRequiredGroupMembership().isEmpty()) { p.addProblem(Problem.Severity.WARNING, "requiredGroupMembership has been " + "deprecated. Please consider moving to using permissions with the flags --read-permissions " + "and --write-permissions instead. Read more at https://www.spinnaker.io/setup/security/authorization." ); } } }
@Override protected void executeThis() { String accountName = getAccountName(); Account account = buildAccount(accountName); account.setRequiredGroupMembership(requiredGroupMembership); account.getPermissions().add(Authorization.READ, readPermissions); account.getPermissions().add(Authorization.WRITE, writePermissions); account.setProviderVersion(providerVersion); account.setEnvironment(isSet(environment) ? environment : account.getEnvironment()); String providerName = getProviderName(); String currentDeployment = getCurrentDeployment(); new OperationHandler<Void>() .setFailureMesssage("Failed to add account " + accountName + " for provider " + providerName + ".") .setSuccessMessage("Successfully added account " + accountName + " for provider " + providerName + ".") .setOperation(Daemon.addAccount(currentDeployment, providerName, !noValidate, account)) .get(); } }
.get(); int originaHash = account.hashCode(); account.setRequiredGroupMembership( updateStringList(account.getRequiredGroupMembership(), requiredGroupMembership, addRequiredGroupMembership, removeRequiredGroupMembership)); Permissions.Builder permissions = account.getPermissions(); permissions.add(Authorization.WRITE, resolvedWritePermissions); account.setProviderVersion(isSet(providerVersion) ? providerVersion : account.getProviderVersion()); account.setEnvironment(isSet(environment) ? environment : account.getEnvironment()); if (originaHash == account.hashCode()) { AnsiUi.failure("No changes supplied."); return;
bootstrapAccount.makeBootstrappingAccount(artifactSourcesConfig); Provider bootstrapProvider = (Provider) bootstrapAccount.getParent(); disableAllProviders(modifiedProviders); log.warn("Attempting to perform a distributed deployment to account \"" + bootstrapAccount.getName() + "\" without a discovery mechanism");
private Deployer getDeployer(DeploymentConfiguration deploymentConfiguration) { DeploymentEnvironment deploymentEnvironment = deploymentConfiguration.getDeploymentEnvironment(); DeploymentEnvironment.DeploymentType type = deploymentEnvironment.getType(); String accountName = deploymentEnvironment.getAccountName(); switch (type) { case BakeDebian: return bakeDeployer; case LocalGit: return localGitDeployer; case LocalDebian: return localDeployer; case Distributed: if (StringUtils.isEmpty(accountName)) { throw new HalException(Problem.Severity.FATAL, "An account name must be " + "specified as the desired place to run your distributed deployment."); } Account account = accountService.getAnyProviderAccount(deploymentConfiguration.getName(), accountName); Provider.ProviderType providerType = ((Provider) account.getParent()).providerType(); if (providerType == Provider.ProviderType.KUBERNETES && account.getProviderVersion() == V2) { return kubectlDeployer; } else { return distributedDeployer; } default: throw new IllegalArgumentException("Unrecognized deployment type " + type); } }
public static String format(Account account) { AnsiStoryBuilder resultBuilder = new AnsiStoryBuilder(); AnsiParagraphBuilder paragraph = resultBuilder.addParagraph(); paragraph.addSnippet(account.getNodeName().toUpperCase()).addStyle(AnsiStyle.BOLD); resultBuilder.addNewline(); paragraph = resultBuilder.addParagraph(); paragraph.addSnippet(account.toString()); return resultBuilder.toString(); }
public void setAccount(String deploymentName, String providerName, String accountName, Account newAccount) { Provider provider = providerService.getProvider(deploymentName, providerName); for (int i = 0; i < provider.getAccounts().size(); i++) { Account account = (Account) provider.getAccounts().get(i); if (account.getNodeName().equals(accountName)) { provider.getAccounts().set(i, newAccount); return; } } throw new HalException(new ConfigProblemBuilder(Severity.FATAL, "Account \"" + accountName + "\" wasn't found").build()); }
@SuppressWarnings("unchecked") private void removeBootstrapOnlyAccount(Providers providers, String deploymentName, String bootstrapAccountName) { Account bootstrapAccount = accountService.getAnyProviderAccount(deploymentName, bootstrapAccountName); Provider bootstrapProvider = ((Provider) bootstrapAccount.getParent()); bootstrapProvider.getAccounts().remove(bootstrapAccount); if (bootstrapProvider.getAccounts().isEmpty()) { bootstrapProvider.setEnabled(false); if (bootstrapAccount instanceof ContainerAccount) { ContainerAccount containerAccount = (ContainerAccount) bootstrapAccount; DockerRegistryAccountReverseIndex revIndex = new DockerRegistryAccountReverseIndex(providers); containerAccount.getDockerRegistries().forEach(reg -> { Set<Account> dependentAccounts = revIndex.get(reg.getAccountName()); if (dependentAccounts == null || dependentAccounts.isEmpty()) { DockerRegistryAccount regAcct = (DockerRegistryAccount) accountService.getAnyProviderAccount(deploymentName, reg.getAccountName()); ((DockerRegistryProvider) regAcct.getParent()).getAccounts().remove(regAcct); } }); if (providers.getDockerRegistry().getAccounts().isEmpty()) { providers.getDockerRegistry().setEnabled(false); } } } }
.get(); int originaHash = account.hashCode(); account.setRequiredGroupMembership( updateStringList(account.getRequiredGroupMembership(), requiredGroupMembership, addRequiredGroupMembership, removeRequiredGroupMembership)); Permissions.Builder permissions = account.getPermissions(); permissions.add(Authorization.WRITE, resolvedWritePermissions); account.setProviderVersion(isSet(providerVersion) ? providerVersion : account.getProviderVersion()); account.setEnvironment(isSet(environment) ? environment : account.getEnvironment()); if (originaHash == account.hashCode()) { AnsiUi.failure("No changes supplied."); return;
bootstrapAccount.makeBootstrappingAccount(artifactSourcesConfig); Provider bootstrapProvider = (Provider) bootstrapAccount.getParent(); disableAllProviders(modifiedProviders); log.warn("Attempting to perform a distributed deployment to account \"" + bootstrapAccount.getName() + "\" without a discovery mechanism");
private Deployer getDeployer(DeploymentConfiguration deploymentConfiguration) { DeploymentEnvironment deploymentEnvironment = deploymentConfiguration.getDeploymentEnvironment(); DeploymentEnvironment.DeploymentType type = deploymentEnvironment.getType(); String accountName = deploymentEnvironment.getAccountName(); switch (type) { case BakeDebian: return bakeDeployer; case LocalGit: return localGitDeployer; case LocalDebian: return localDeployer; case Distributed: if (StringUtils.isEmpty(accountName)) { throw new HalException(Problem.Severity.FATAL, "An account name must be " + "specified as the desired place to run your distributed deployment."); } Account account = accountService.getAnyProviderAccount(deploymentConfiguration.getName(), accountName); Provider.ProviderType providerType = ((Provider) account.getParent()).providerType(); if (providerType == Provider.ProviderType.KUBERNETES && account.getProviderVersion() == V2) { return kubectlDeployer; } else { return distributedDeployer; } default: throw new IllegalArgumentException("Unrecognized deployment type " + type); } }
public void setAccount(String deploymentName, String providerName, String accountName, Account newAccount) { Provider provider = providerService.getProvider(deploymentName, providerName); for (int i = 0; i < provider.getAccounts().size(); i++) { Account account = (Account) provider.getAccounts().get(i); if (account.getNodeName().equals(accountName)) { provider.getAccounts().set(i, newAccount); return; } } throw new HalException(new ConfigProblemBuilder(Severity.FATAL, "Account \"" + accountName + "\" wasn't found").build()); }
@SuppressWarnings("unchecked") private void removeBootstrapOnlyAccount(Providers providers, String deploymentName, String bootstrapAccountName) { Account bootstrapAccount = accountService.getAnyProviderAccount(deploymentName, bootstrapAccountName); Provider bootstrapProvider = ((Provider) bootstrapAccount.getParent()); bootstrapProvider.getAccounts().remove(bootstrapAccount); if (bootstrapProvider.getAccounts().isEmpty()) { bootstrapProvider.setEnabled(false); if (bootstrapAccount instanceof ContainerAccount) { ContainerAccount containerAccount = (ContainerAccount) bootstrapAccount; DockerRegistryAccountReverseIndex revIndex = new DockerRegistryAccountReverseIndex(providers); containerAccount.getDockerRegistries().forEach(reg -> { Set<Account> dependentAccounts = revIndex.get(reg.getAccountName()); if (dependentAccounts == null || dependentAccounts.isEmpty()) { DockerRegistryAccount regAcct = (DockerRegistryAccount) accountService.getAnyProviderAccount(deploymentName, reg.getAccountName()); ((DockerRegistryProvider) regAcct.getParent()).getAccounts().remove(regAcct); } }); if (providers.getDockerRegistry().getAccounts().isEmpty()) { providers.getDockerRegistry().setEnabled(false); } } } }
private boolean hasAccount(String name) { return accounts.stream().anyMatch(a -> a.getName().equals(name)); }
@Override public void validate(ConfigProblemSetBuilder p, Account n) { if (n.getName() == null) { p.addProblem(Severity.FATAL, "Account name must be specified"); } else if (!Pattern.matches(namePattern, n.getName())) { p.addProblem(Severity.ERROR, "Account name must match pattern " + namePattern) .setRemediation("It must start and end with a lower-case character or number, and only contain lower-case characters, numbers, or dashes"); } if (n.getRequiredGroupMembership() != null && !n.getRequiredGroupMembership().isEmpty()) { p.addProblem(Problem.Severity.WARNING, "requiredGroupMembership has been " + "deprecated. Please consider moving to using permissions with the flags --read-permissions " + "and --write-permissions instead. Read more at https://www.spinnaker.io/setup/security/authorization." ); } } }
@Override protected void executeThis() { String accountName = getAccountName(); Account account = buildAccount(accountName); account.setRequiredGroupMembership(requiredGroupMembership); account.getPermissions().add(Authorization.READ, readPermissions); account.getPermissions().add(Authorization.WRITE, writePermissions); account.setProviderVersion(providerVersion); account.setEnvironment(isSet(environment) ? environment : account.getEnvironment()); String providerName = getProviderName(); String currentDeployment = getCurrentDeployment(); new OperationHandler<Void>() .setFailureMesssage("Failed to add account " + accountName + " for provider " + providerName + ".") .setSuccessMessage("Successfully added account " + accountName + " for provider " + providerName + ".") .setOperation(Daemon.addAccount(currentDeployment, providerName, !noValidate, account)) .get(); } }
private SpinnakerServiceProvider createDeployableServiceProvider(DeploymentConfiguration deploymentConfiguration) { DeploymentEnvironment deploymentEnvironment = deploymentConfiguration.getDeploymentEnvironment(); String accountName = deploymentEnvironment.getAccountName(); if (accountName == null || accountName.isEmpty()) { throw new HalException(new ConfigProblemBuilder(Problem.Severity.FATAL, "An account name must be " + "specified as the desired place to run your simple clustered deployment.").build()); } Account account = accountService.getAnyProviderAccount(deploymentConfiguration.getName(), accountName); Provider.ProviderType providerType = ((Provider) account.getParent()).providerType(); switch (providerType) { case KUBERNETES: switch (account.getProviderVersion()) { case V1: return kubernetesV1DistributedServiceProvider; case V2: return kubectlServiceProvider; default: return kubernetesV1DistributedServiceProvider; } case GOOGLE: return googleDistributedServiceProvider; default: throw new IllegalArgumentException("No Clustered Simple Deployment for " + providerType.getName()); } } }
public String getPrimaryAccount() { if (accounts.size() == 0) { primaryAccount = null; } else if (primaryAccount == null || !hasAccount(primaryAccount)) { primaryAccount = accounts.get(0).getName(); } return primaryAccount; }
private SpinnakerServiceProvider createDeployableServiceProvider(DeploymentConfiguration deploymentConfiguration) { DeploymentEnvironment deploymentEnvironment = deploymentConfiguration.getDeploymentEnvironment(); String accountName = deploymentEnvironment.getAccountName(); if (accountName == null || accountName.isEmpty()) { throw new HalException(new ConfigProblemBuilder(Problem.Severity.FATAL, "An account name must be " + "specified as the desired place to run your simple clustered deployment.").build()); } Account account = accountService.getAnyProviderAccount(deploymentConfiguration.getName(), accountName); Provider.ProviderType providerType = ((Provider) account.getParent()).providerType(); switch (providerType) { case KUBERNETES: switch (account.getProviderVersion()) { case V1: return kubernetesV1DistributedServiceProvider; case V2: return kubectlServiceProvider; default: return kubernetesV1DistributedServiceProvider; } case GOOGLE: return googleDistributedServiceProvider; default: throw new IllegalArgumentException("No Clustered Simple Deployment for " + providerType.getName()); } } }