@Override public boolean isEnabled(DeploymentConfiguration deploymentConfiguration) { return deploymentConfiguration.getSecurity().getAuthz().isEnabled(); }
public Authz getAuthz(String deploymentName) { Security security = getSecurity(deploymentName); Authz result = security.getAuthz(); if (result == null) { result = new Authz(); security.setAuthz(result); } return result; }
@Override public void validate(ConfigProblemSetBuilder p, Authz z) { if (!z.isEnabled()) { return; } switch (z.getGroupMembership().getService()) { case GITHUB: githubValidator.validate(p, z.getGroupMembership().getGithub()); break; case GOOGLE: googleValidator.validate(p, z.getGroupMembership().getGoogle()); break; case FILE: fileValidator.validate(p, z.getGroupMembership().getFile()); break; case LDAP: ldapValidator.validate(p, z.getGroupMembership().getLdap()); break; case EXTERNAL: // fallthrough default: break; } } }
public GroupMembership getGroupMembership(String deploymentName) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } return authz.getGroupMembership(); }
public void setAuthzEnabled(String deploymentName, boolean enabled) { Authz authz = getAuthz(deploymentName); authz.setEnabled(enabled); setAuthz(deploymentName, authz); }
public void setGroupMembership(String deploymentName, GroupMembership membership) { getAuthz(deploymentName).setGroupMembership(membership); }
public GroupMembership getGroupMembership(String deploymentName) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } return authz.getGroupMembership(); }
public void setAuthzEnabled(String deploymentName, boolean enabled) { Authz authz = getAuthz(deploymentName); authz.setEnabled(enabled); setAuthz(deploymentName, authz); }
public void setGroupMembership(String deploymentName, GroupMembership membership) { getAuthz(deploymentName).setGroupMembership(membership); }
@Override public boolean isEnabled(DeploymentConfiguration deploymentConfiguration) { return deploymentConfiguration.getSecurity().getAuthz().isEnabled(); }
@Override public void validate(ConfigProblemSetBuilder p, Authz z) { if (!z.isEnabled()) { return; } switch (z.getGroupMembership().getService()) { case GITHUB: githubValidator.validate(p, z.getGroupMembership().getGithub()); break; case GOOGLE: googleValidator.validate(p, z.getGroupMembership().getGoogle()); break; case FILE: fileValidator.validate(p, z.getGroupMembership().getFile()); break; case LDAP: ldapValidator.validate(p, z.getGroupMembership().getLdap()); break; case EXTERNAL: // fallthrough default: break; } } }
public void setRoleProvider(String deploymentName, RoleProvider roleProvider) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } GroupMembership groupMembership = authz.getGroupMembership(); switch (roleProvider.getRoleProviderType()) { case GOOGLE: groupMembership.setGoogle((GoogleRoleProvider) roleProvider); break; case GITHUB: groupMembership.setGithub((GithubRoleProvider) roleProvider); break; case FILE: groupMembership.setFile((FileRoleProvider) roleProvider); break; case LDAP: groupMembership.setLdap((LdapRoleProvider) roleProvider); break; default: throw new RuntimeException("Unknown Role Provider " + roleProvider.getRoleProviderType()); } }
public Authz getAuthz(String deploymentName) { Security security = getSecurity(deploymentName); Authz result = security.getAuthz(); if (result == null) { result = new Authz(); security.setAuthz(result); } return result; }
@Override protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) { super.setProfile(profile, deploymentConfiguration, endpoints); ServiceSettings deckSettings = endpoints.getServiceSettings(Type.DECK); ServiceSettings gateSettings = endpoints.getServiceSettings(Type.GATE); ApacheSsl apacheSsl= deploymentConfiguration.getSecurity().getUiSecurity().getSsl(); Map<String, String> env = profile.getEnv(); if (apacheSsl.isEnabled()) { env.put("DECK_HOST", deckSettings.getHost()); env.put("DECK_PORT", deckSettings.getPort() + ""); env.put("API_HOST", gateSettings.getBaseUrl()); env.put("DECK_CERT", apacheSsl.getSslCertificateFile()); env.put("DECK_KEY", apacheSsl.getSslCertificateKeyFile()); env.put("PASSPHRASE", apacheSsl.getSslCertificatePassphrase()); } env.put("AUTH_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthn().isEnabled())); env.put("FIAT_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthz().isEnabled())); } }
public void setRoleProvider(String deploymentName, RoleProvider roleProvider) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } GroupMembership groupMembership = authz.getGroupMembership(); switch (roleProvider.getRoleProviderType()) { case GOOGLE: groupMembership.setGoogle((GoogleRoleProvider) roleProvider); break; case GITHUB: groupMembership.setGithub((GithubRoleProvider) roleProvider); break; case FILE: groupMembership.setFile((FileRoleProvider) roleProvider); break; case LDAP: groupMembership.setLdap((LdapRoleProvider) roleProvider); break; default: throw new RuntimeException("Unknown Role Provider " + roleProvider.getRoleProviderType()); } }
@Override protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) { super.setProfile(profile, deploymentConfiguration, endpoints); ServiceSettings deckSettings = endpoints.getServiceSettings(Type.DECK); ServiceSettings gateSettings = endpoints.getServiceSettings(Type.GATE); ApacheSsl apacheSsl= deploymentConfiguration.getSecurity().getUiSecurity().getSsl(); Map<String, String> env = profile.getEnv(); if (apacheSsl.isEnabled()) { env.put("DECK_HOST", deckSettings.getHost()); env.put("DECK_PORT", deckSettings.getPort() + ""); env.put("API_HOST", gateSettings.getBaseUrl()); env.put("DECK_CERT", apacheSsl.getSslCertificateFile()); env.put("DECK_KEY", apacheSsl.getSslCertificateKeyFile()); env.put("PASSPHRASE", apacheSsl.getSslCertificatePassphrase()); } env.put("AUTH_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthn().isEnabled())); env.put("FIAT_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthz().isEnabled())); } }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
bindings.put("features.chaos", Boolean.toString(features.isChaos())); bindings.put("features.jobs", Boolean.toString(features.isJobs())); bindings.put("features.fiat", Boolean.toString(deploymentConfiguration.getSecurity().getAuthz().isEnabled())); bindings.put("features.pipelineTemplates", Boolean.toString(features.getPipelineTemplates() != null ? features.getPipelineTemplates() : false)); bindings.put("features.artifacts", Boolean.toString(features.getArtifacts() != null ? features.getArtifacts() : false));
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setHost(getDefaultHost()) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }