@Override public Service createServiceInstance() throws Throwable { return new RegistryService(); }
@Override public void handleDelete(Operation delete) { sendWithDeferredResult(Operation .createGet(UriUtils.buildUri(getHost(), getState(delete).documentSelfLink)) .setReferer(getHost().getUri()), RegistryState.class) .thenCompose(this::removeTrustCerts) .whenComplete((result, f) -> { if (f != null) { logWarning("Failed to remove unused trust " + "certificate.", f); } delete.complete(); }); }
@Override public void handlePut(Operation put) { RegistryState currentState = getState(put); RegistryState putBody = put.getBody(RegistryState.class); updateState(putBody, currentState); // PUT replaces entire state, so update the linked state setState(put, currentState); put.setBody(currentState).complete(); }
@Override public void handlePatch(Operation patch) { RegistryState currentState = getState(patch); RegistryState patchBody = patch.getBody(RegistryState.class); updateState(patchBody, currentState); patch.setBody(currentState).complete(); }
private DeferredResult<QueryTask> removeTrustCerts(RegistryState rs) { QueryTask queryTask = new QueryTask(); queryTask.querySpec = new QueryTask.QuerySpecification(); queryTask.taskInfo.isDirect = true; Query q = Query.Builder.create() .addFieldClause(QuerySpecification .buildCompositeFieldName(ComputeState.FIELD_NAME_CUSTOM_PROPERTIES, REGISTRY_TRUST_CERTS_PROP_NAME), UriUtils.URI_WILDCARD_CHAR, MatchType.WILDCARD, Occurance.MUST_NOT_OCCUR).build(); q.addBooleanClause(createKindClause(RegistryState.class)); queryTask.querySpec.query.addBooleanClause(q); return sendWithDeferredResult(Operation .createPost(UriUtils.buildUri(getHost(), ServiceUriPaths.CORE_QUERY_TASKS)) .setBody(queryTask) .setReferer(getHost().getUri()), QueryTask.class) .thenCompose(qrt -> { if (qrt.results.documentCount == 0 || (qrt.results.documentCount == 1 && DEFAULT_INSTANCE_LINK .equals(qrt.results.documentLinks.get(0)))) { return doRemoveTrustCerts(rs); } return DeferredResult.completed(null); }); }
@Override public void handlePost(Operation post) { // Configuration states documents initInstances(Operation.createGet(null), false, false, ConfigurationService.getConfigurationProperties()); // Other documents List<ServiceDocument> resources = new ArrayList<>(); resources.add(ResourceNamePrefixService.buildDefaultStateInstance()); resources.add(buildUniqueProjectNamesInstance()); resources.add(buildUniqueProjectIndexesInstance()); ServiceDocument defaultRegistryState = RegistryService.buildDefaultStateInstance(getHost()); if (defaultRegistryState != null) { resources.add(defaultRegistryState); } initInstances(post, resources.toArray(new ServiceDocument[resources.size()])); }
@Override public void handleGet(Operation get) { RegistryState currentState = getState(get); boolean doExpand = get.getUri().getQuery() != null && get.getUri().getQuery().contains(UriUtils.URI_PARAM_ODATA_EXPAND); if (!doExpand || currentState.authCredentialsLink == null) { get.setBody(currentState).complete(); return; } // retrieve the authnCredentials and include in an augmented version of the current state Operation getDesc = Operation .createGet(this, currentState.authCredentialsLink) .setCompletion( (o, e) -> { if (e != null) { get.fail(e); return; } AuthCredentialsServiceState authCredentials = o .getBody(AuthCredentialsServiceState.class); RegistryAuthState regWithAuth = RegistryAuthState .create(authCredentials, currentState); get.setBody(regWithAuth).complete(); }); sendRequest(getDesc); }
return sendWithDeferredResult(Operation .createPost(UriUtils.buildUri(getHost(), ServiceUriPaths.CORE_QUERY_TASKS)) .setBody(queryTask) .setReferer(getHost().getUri()), QueryTask.class) .thenCompose(qrt -> { if (qrt.results.documentCount == 1) { return sendWithDeferredResult(Operation .createDelete(UriUtils.buildUri(getHost(), registryTrustCertLink)) .setReferer(getHost().getUri()), QueryTask.class);
private void distributeCertificate(RegistryState registry, Operation parentOp) { parentOp.complete(); logInfo("Distributing certificate for %s. Fetching registry certificate", registry.address); RegistryService.fetchRegistryCertificate(registry, (certificate) -> { RegistryConfigCertificateDistributionState distributionState = new RegistryConfigCertificateDistributionState(); distributionState.registryAddress = registry.address; distributionState.tenantLinks = registry.tenantLinks; distributionState.certState = new SslTrustCertificateState(); distributionState.certState.certificate = certificate; logInfo("Distributing certificate for %s. Fetched registry certificate.", registry.address); sendRequest(Operation.createPost(this, RegistryConfigCertificateDistributionService.SELF_LINK) .setContextId(parentOp.getContextId()) .setBody(distributionState)); }, getHost()); }
static ServiceDocument buildDefaultStateInstance(ServiceHost host) { RegistryState state = new RegistryState(); state.documentSelfLink = DEFAULT_INSTANCE_LINK; state.address = DEFAULT_REGISTRY_ADDRESS; state.name = DEFAULT_REGISTRY_NAME; state.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; state.disabled = Boolean.FALSE; state.customProperties = new HashMap<>(); state.customProperties.put(API_VERSION_PROP_NAME, ApiVersion.V1.toString()); boolean disableDefaultRegistry = Boolean.valueOf( ConfigurationUtil.getProperty(RegistryService.DISABLE_DEFAULT_REGISTRY_PROP_NAME)); // create or delete default registry if (disableDefaultRegistry) { // ensure default registry does not exist host.registerForServiceAvailability((o, e) -> { host.log(Level.INFO, "registerForServiceAvailability: %s", RegistryFactoryService.SELF_LINK); deleteDefaultRegistry(host); }, true, RegistryFactoryService.SELF_LINK); return null; } return state; }
@Test public void testDeleteDefaultRegistryOnStartup() throws Throwable { RegistryState registryState = new RegistryState(); registryState.documentSelfLink = RegistryService.DEFAULT_INSTANCE_LINK; registryState.endpointType = RegistryState.DOCKER_REGISTRY_ENDPOINT_TYPE; registryState.address = RegistryService.DEFAULT_REGISTRY_ADDRESS; registryState = doPost(registryState, RegistryFactoryService.SELF_LINK); assertNotNull("Failed to create default registry", registryState); ConfigurationState config = new ConfigurationState(); config.key = RegistryService.DISABLE_DEFAULT_REGISTRY_PROP_NAME; config.value = Boolean.toString(true); ConfigurationUtil.initialize(config); RegistryService.buildDefaultStateInstance(host); waitFor("Ensure default registry is deleted.", () -> { List<String> resourceLinks = findResourceLinks(RegistryState.class, Collections.singletonList(RegistryService.DEFAULT_INSTANCE_LINK)); return resourceLinks.size() == 0; }); } }
private void handleAddDockerHostOperation(String hostLink, List<String> tenantLinks) { handleVicCertificate(hostLink); sendRequest(Operation.createGet(this, RegistryFactoryService.SELF_LINK) .setCompletion((o, e) -> { if (e != null) { logSevere("Failed to retrieve registry links. %s", Utils.toString(e)); return; } ServiceDocumentQueryResult body = o.getBody(ServiceDocumentQueryResult.class); logFine("Distributing certificates for [%s]", body.documentLinks); for (String registryLink : body.documentLinks) { fetchRegistryState(registryLink, (registry) -> { RegistryService.fetchRegistryCertificate(registry, (cert) -> { if (!isSelfSignedCertificate(cert)) { logInfo("Skip certificate distribution for registry [%s]: " + "certificate not self-signed.", registryLink); return; } uploadCertificate(hostLink, registry.address, cert, tenantLinks); }, getHost()); }); } })); }