@Override public boolean isEnabled(DeploymentConfiguration deploymentConfiguration) { return deploymentConfiguration.getSecurity().getAuthz().isEnabled(); }
@Override public boolean isEnabled(DeploymentConfiguration deploymentConfiguration) { return deploymentConfiguration.getSecurity().getAuthz().isEnabled(); }
public Authz getAuthz(String deploymentName) { Security security = getSecurity(deploymentName); Authz result = security.getAuthz(); if (result == null) { result = new Authz(); security.setAuthz(result); } return result; }
public Authz getAuthz(String deploymentName) { Security security = getSecurity(deploymentName); Authz result = security.getAuthz(); if (result == null) { result = new Authz(); security.setAuthz(result); } return result; }
@Override protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) { super.setProfile(profile, deploymentConfiguration, endpoints); ServiceSettings deckSettings = endpoints.getServiceSettings(Type.DECK); ServiceSettings gateSettings = endpoints.getServiceSettings(Type.GATE); ApacheSsl apacheSsl= deploymentConfiguration.getSecurity().getUiSecurity().getSsl(); Map<String, String> env = profile.getEnv(); if (apacheSsl.isEnabled()) { env.put("DECK_HOST", deckSettings.getHost()); env.put("DECK_PORT", deckSettings.getPort() + ""); env.put("API_HOST", gateSettings.getBaseUrl()); env.put("DECK_CERT", apacheSsl.getSslCertificateFile()); env.put("DECK_KEY", apacheSsl.getSslCertificateKeyFile()); env.put("PASSPHRASE", apacheSsl.getSslCertificatePassphrase()); } env.put("AUTH_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthn().isEnabled())); env.put("FIAT_ENABLED", Boolean.toString(deploymentConfiguration.getSecurity().getAuthz().isEnabled())); } }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setHost(getDefaultHost()) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setHost(getDefaultHost()) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setHost(getDefaultHost()) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { return new Settings().setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setHost(getDefaultHost()) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); }
@Override public Settings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { Settings settings = new Settings(); settings.setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setAddress(buildAddress()) .setLocation("us-central1-f") .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); return settings; } }
@Override public Settings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { Settings settings = new Settings(); settings.setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setAddress(buildAddress()) .setLocation("us-central1-f") .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); return settings; } }
@Override protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) { super.setProfile(profile, deploymentConfiguration, endpoints); Authz authz = deploymentConfiguration.getSecurity().getAuthz(); List<String> files = backupRequiredFiles(authz, deploymentConfiguration.getName()); AuthConfig authConfig = new AuthConfig().setAuth(authz); profile.appendContents(yamlToString(authConfig)) .appendContents(profile.getBaseContents()) .setRequiredFiles(files); }
@Override protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) { super.setProfile(profile, deploymentConfiguration, endpoints); Authz authz = deploymentConfiguration.getSecurity().getAuthz(); List<String> files = backupRequiredFiles(authz, deploymentConfiguration.getName()); AuthConfig authConfig = new AuthConfig().setAuth(authz); profile.appendContents(yamlToString(authConfig)) .appendContents(profile.getBaseContents()) .setRequiredFiles(files); }
@Override public void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) { super.setProfile(profile, deploymentConfiguration, endpoints); Security security = deploymentConfiguration.getSecurity(); List<String> requiredFiles = backupRequiredFiles(security.getApiSecurity(), deploymentConfiguration.getName()); requiredFiles.addAll(backupRequiredFiles(security.getAuthn(), deploymentConfiguration.getName())); requiredFiles.addAll(backupRequiredFiles(security.getAuthz(), deploymentConfiguration.getName())); GateConfig gateConfig = getGateConfig(endpoints.getServiceSettings(Type.GATE), security); gateConfig.getCors().setAllowedOriginsPattern(security.getApiSecurity()); profile.appendContents(yamlToString(gateConfig)) .appendContents(profile.getBaseContents()) .setRequiredFiles(requiredFiles); }
@Override public void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) { super.setProfile(profile, deploymentConfiguration, endpoints); Security security = deploymentConfiguration.getSecurity(); List<String> requiredFiles = backupRequiredFiles(security.getApiSecurity(), deploymentConfiguration.getName()); requiredFiles.addAll(backupRequiredFiles(security.getAuthn(), deploymentConfiguration.getName())); requiredFiles.addAll(backupRequiredFiles(security.getAuthz(), deploymentConfiguration.getName())); GateConfig gateConfig = getGateConfig(endpoints.getServiceSettings(Type.GATE), security); gateConfig.getCors().setAllowedOriginsPattern(security.getApiSecurity()); profile.appendContents(yamlToString(gateConfig)) .appendContents(profile.getBaseContents()) .setRequiredFiles(requiredFiles); }
@Override public Settings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { KubernetesSharedServiceSettings kubernetesSharedServiceSettings = new KubernetesSharedServiceSettings(deploymentConfiguration); Settings settings = new Settings(); String location = kubernetesSharedServiceSettings.getDeployLocation(); settings.setAddress(buildAddress(location)) .setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setLocation(location) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); return settings; }
@Override public Settings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { KubernetesSharedServiceSettings kubernetesSharedServiceSettings = new KubernetesSharedServiceSettings(deploymentConfiguration); Settings settings = new Settings(); String location = kubernetesSharedServiceSettings.getDeployLocation(); settings.setAddress(buildAddress(location)) .setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setLocation(location) .setEnabled(deploymentConfiguration.getSecurity().getAuthz().isEnabled()); return settings; }
@Override public ServiceSettings buildServiceSettings(DeploymentConfiguration deploymentConfiguration) { Security security = deploymentConfiguration.getSecurity(); if (security.getUiSecurity().getSsl().isEnabled()) { setEnvTrue("DECK_HTTPS"); setEnv("DECK_CERT", security.getUiSecurity().getSsl().getSslCertificateFile()); setEnv("DECK_KEY", security.getUiSecurity().getSsl().getSslCertificateKeyFile()); setEnv("DECK_CA_CERT", security.getUiSecurity().getSsl().getSslCACertificateFile()); } if (security.getAuthn().isEnabled()) { setEnvTrue("AUTH_ENABLED"); setEnv("DECK_HOST", "0.0.0.0"); } if (security.getAuthz().isEnabled()) { setEnvTrue("FIAT_ENABLED"); } return new Settings(security.getUiSecurity()) .setArtifactId(getArtifactId(deploymentConfiguration.getName())) .setHost(security.getAuthn().isEnabled() ? "0.0.0.0" : getDefaultHost()) .setEnabled(true); }