Permalink
Browse files

[CONTINUUM-2044] added a pre-shared encrypted key between the master …

…and all its agents

git-svn-id: https://svn.apache.org/repos/asf/continuum/trunk@1134319 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information...
1 parent 5be534a commit a1258067636058af94ef7c0c236fe8a4ea391ff6 Maria Catherine R. Tan committed Jun 10, 2011
Showing with 263 additions and 26 deletions.
  1. +12 −0 continuum-api/src/main/java/org/apache/continuum/configuration/GeneralConfiguration.java
  2. +4 −0 continuum-api/src/main/java/org/apache/maven/continuum/configuration/ConfigurationService.java
  3. +2 −0 ...configuration/src/main/java/org/apache/continuum/configuration/DefaultContinuumConfiguration.java
  4. +5 −0 continuum-base/continuum-configuration/src/main/mdo/continuum-configuration.xml
  5. +1 −1 continuum-buildagent/continuum-buildagent-api/pom.xml
  6. 0 ...src/main/java/org/apache/continuum/buildagent/configuration/BuildAgentConfigurationException.java
  7. +2 −0 ...}/src/main/java/org/apache/continuum/buildagent/configuration/BuildAgentConfigurationService.java
  8. +5 −0 continuum-buildagent/continuum-buildagent-api/src/main/mdo/continuum-buildagent.xml
  9. +2 −0 ...e/src/main/java/org/apache/continuum/buildagent/configuration/DefaultBuildAgentConfiguration.java
  10. +6 −1 ...ain/java/org/apache/continuum/buildagent/configuration/DefaultBuildAgentConfigurationService.java
  11. +12 −0 ...e/src/main/java/org/apache/continuum/buildagent/configuration/GeneralBuildAgentConfiguration.java
  12. +6 −3 continuum-buildagent/continuum-buildagent-webapp/src/main/resources/applicationContext.xml
  13. +4 −0 continuum-buildagent/continuum-buildagent-webapp/src/main/webapp/WEB-INF/web.xml
  14. +8 −1 ...n/java/org/apache/continuum/builder/distributed/executor/DistributedBuildProjectTaskExecutor.java
  15. +6 −2 continuum-commons/pom.xml
  16. +27 −0 ...m-commons/src/main/java/org/apache/maven/continuum/configuration/DefaultConfigurationService.java
  17. +7 −0 ...nuum-commons/src/test/java/org/apache/maven/continuum/configuration/ConfigurationServiceTest.java
  18. +1 −1 ...rc/main/java/org/apache/continuum/builder/distributed/manager/DefaultDistributedBuildManager.java
  19. +19 −14 .../main/java/org/apache/continuum/release/distributed/manager/DefaultDistributedReleaseManager.java
  20. +12 −0 ...est/java/org/apache/continuum/builder/distributed/manager/DefaultDistributedBuildManagerTest.java
  21. +10 −0 continuum-distributed/continuum-distributed-slave/continuum-distributed-slave-server/pom.xml
  22. +59 −0 .../java/org/apache/continuum/distributed/transport/slave/SlaveBuildAgentTransportAuthenticator.java
  23. +9 −0 continuum-test/src/main/java/org/apache/maven/continuum/configuration/ConfigurationServiceMock.java
  24. +16 −0 continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/admin/ConfigurationAction.java
  25. +2 −0 continuum-webapp/src/main/resources/localization/Continuum.properties
  26. +25 −2 continuum-webapp/src/main/webapp/WEB-INF/jsp/admin/configurationEdit.jsp
  27. +1 −1 pom.xml
@@ -51,6 +51,8 @@
private boolean distributedBuildEnabled;
+ private String sharedSecretPassword;
+
public GeneralConfiguration()
{
// nothing here
@@ -161,4 +163,14 @@ public void setDistributedBuildEnabled( boolean distributedBuildEnabled )
{
this.distributedBuildEnabled = distributedBuildEnabled;
}
+
+ public void setSharedSecretPassword( String sharedSecretPassword )
+ {
+ this.sharedSecretPassword = sharedSecretPassword;
+ }
+
+ public String getSharedSecretPassword()
+ {
+ return sharedSecretPassword;
+ }
}
@@ -134,6 +134,10 @@ void removeBuildAgent( BuildAgentGroupConfiguration buildAgentGroup, BuildAgentC
boolean containsBuildAgentUrl(String buildAgentUrl, BuildAgentGroupConfiguration buildAgentGroup );
+ void setSharedSecretPassword( String sharedSecretPassword );
+
+ String getSharedSecretPassword();
+
// ----------------------------------------------------------------------
//
// ----------------------------------------------------------------------
@@ -126,6 +126,7 @@ public void reload( File file )
this.generalConfiguration.setNumberOfBuildsInParallel( configuration.getNumberOfBuildsInParallel() );
this.generalConfiguration.setBaseUrl( configuration.getBaseUrl() );
+ this.generalConfiguration.setSharedSecretPassword( configuration.getSharedSecretPassword() );
if ( StringUtils.isNotEmpty( configuration.getBuildOutputDirectory() ) )
{
@@ -232,6 +233,7 @@ public void save( File file )
ContinuumConfigurationModel configurationModel = new ContinuumConfigurationModel();
configurationModel.setBaseUrl( this.generalConfiguration.getBaseUrl() );
configurationModel.setNumberOfBuildsInParallel( this.generalConfiguration.getNumberOfBuildsInParallel() );
+ configurationModel.setSharedSecretPassword( this.generalConfiguration.getSharedSecretPassword() );
// normally not null but NPE free is better !
if ( this.generalConfiguration.getBuildOutputDirectory() != null )
@@ -77,6 +77,11 @@
<type>boolean</type>
</field>
<field>
+ <name>sharedSecretPassword</name>
+ <version>1.4.1+</version>
+ <type>String</type>
+ </field>
+ <field>
<name>buildAgents</name>
<version>1.1.0+</version>
<association>
@@ -38,7 +38,7 @@ under the License.
<model>src/main/mdo/continuum-buildagent.xml</model>
</models>
<useJava5>true</useJava5>
- <version>1.1.0</version>
+ <version>1.4.1</version>
</configuration>
<executions>
<execution>
@@ -48,4 +48,6 @@ File getBuildOutputFile( int projectId )
List<Installation> getAvailableInstallations();
List<LocalRepository> getLocalRepositories();
+
+ String getSharedSecretPassword();
}
@@ -63,6 +63,11 @@
<multiplicity>*</multiplicity>
</association>
</field>
+ <field>
+ <name>sharedSecretPassword</name>
+ <version>1.4.1+</version>
+ <type>String</type>
+ </field>
</fields>
</class>
<class xml.tagName="buildagent-installation">
@@ -106,6 +106,7 @@ public void reload( File file )
this.generalBuildAgentConfiguration.setContinuumServerUrl( configuration.getContinuumServerUrl() );
this.generalBuildAgentConfiguration.setInstallations( configuration.getInstallations() );
this.generalBuildAgentConfiguration.setLocalRepositories( configuration.getLocalRepositories() );
+ this.generalBuildAgentConfiguration.setSharedSecretPassword( configuration.getSharedSecretPassword() );
}
catch ( IOException e )
{
@@ -155,6 +156,7 @@ public void save( File file )
configurationModel.setContinuumServerUrl( this.generalBuildAgentConfiguration.getContinuumServerUrl() );
configurationModel.setInstallations( this.generalBuildAgentConfiguration.getInstallations() );
configurationModel.setLocalRepositories( this.generalBuildAgentConfiguration.getLocalRepositories() );
+ configurationModel.setSharedSecretPassword( this.generalBuildAgentConfiguration.getSharedSecretPassword() );
ContinuumBuildAgentConfigurationModelXpp3Writer writer =
new ContinuumBuildAgentConfigurationModelXpp3Writer();
@@ -149,7 +149,12 @@ public String getContinuumServerUrl()
{
return generalBuildAgentConfiguration.getLocalRepositories();
}
-
+
+ public String getSharedSecretPassword()
+ {
+ return generalBuildAgentConfiguration.getSharedSecretPassword();
+ }
+
private void loadData()
throws BuildAgentConfigurationException
{
@@ -37,6 +37,8 @@
private List<LocalRepository> localRepositories;
+ private String sharedSecretPassword;
+
public File getWorkingDirectory()
{
return workingDirectory;
@@ -86,4 +88,14 @@ public void setLocalRepositories( List<LocalRepository> localRepositories )
{
this.localRepositories = localRepositories;
}
+
+ public void setSharedSecretPassword( String sharedSecretPassword )
+ {
+ this.sharedSecretPassword = sharedSecretPassword;
+ }
+
+ public String getSharedSecretPassword()
+ {
+ return sharedSecretPassword;
+ }
}
@@ -4,16 +4,19 @@
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
- <bean id="slaveBuildAgentTransportServer" class="org.apache.continuum.distributed.transport.slave.SlaveBuildAgentTransportServer">
+ <bean id="slaveBuildAgentTransportServer" lazy-init="true" scope="singleton" class="org.apache.continuum.distributed.transport.slave.SlaveBuildAgentTransportServer">
<constructor-arg ref="continuumBuildAgentService"/>
</bean>
- <bean name="xmlrpcServicesList" class="java.util.ArrayList">
+ <bean name="xmlrpcServicesList" lazy-init="true" scope="singleton" class="java.util.ArrayList">
<constructor-arg>
<list>
<ref bean="slaveBuildAgentTransportServer"/>
</list>
</constructor-arg>
</bean>
-
+
+ <bean name="xmlRpcAuthenticator" class="org.apache.continuum.distributed.transport.slave.SlaveBuildAgentTransportAuthenticator">
+ <constructor-arg ref="buildAgentConfigurationService"/>
+ </bean>
</beans>
@@ -58,6 +58,10 @@
<param-value>xmlrpcServicesList</param-value>
</init-param>
<init-param>
+ <param-name>authHandlerBeanName</param-name>
+ <param-value>xmlRpcAuthenticator</param-value>
+ </init-param>
+ <init-param>
<param-name>enabledForExtensions</param-name>
<param-value>true</param-value>
</init-param>
@@ -40,6 +40,7 @@
import org.apache.continuum.utils.ProjectSorter;
import org.apache.continuum.utils.build.BuildTrigger;
import org.apache.maven.continuum.ContinuumException;
+import org.apache.maven.continuum.configuration.ConfigurationService;
import org.apache.maven.continuum.model.project.BuildDefinition;
import org.apache.maven.continuum.model.project.BuildResult;
import org.apache.maven.continuum.model.project.Project;
@@ -85,6 +86,11 @@
*/
private BuildResultDao buildResultDao;
+ /**
+ * @plexus.requirement
+ */
+ private ConfigurationService configurationService;
+
public void setBuildAgentUrl( String buildAgentUrl )
{
this.buildAgentUrl = buildAgentUrl;
@@ -102,7 +108,8 @@ public void executeTask( Task task )
try
{
- SlaveBuildAgentTransportClient client = new SlaveBuildAgentTransportClient( new URL( buildAgentUrl ) );
+ SlaveBuildAgentTransportClient client = new SlaveBuildAgentTransportClient( new URL( buildAgentUrl ), "",
+ configurationService.getSharedSecretPassword() );
log.info( "initializing buildContext for projectGroupId=" + prepareBuildTask.getProjectGroupId() );
List<Map<String, Object>> buildContext =
@@ -54,7 +54,7 @@ under the License.
<dependency>
<groupId>javax.annotation</groupId>
<artifactId>jsr250-api</artifactId>
- </dependency>
+ </dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
@@ -112,7 +112,11 @@ under the License.
<dependency>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-utils</artifactId>
- </dependency>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-policy</artifactId>
+ </dependency>
<dependency>
<groupId>org.codehaus.redback</groupId>
<artifactId>plexus-spring</artifactId>
@@ -39,6 +39,7 @@
import org.apache.maven.continuum.model.project.Schedule;
import org.apache.maven.continuum.model.system.SystemConfiguration;
import org.apache.maven.continuum.store.ContinuumStoreException;
+import org.codehaus.plexus.redback.policy.PasswordEncoder;
import org.codehaus.plexus.util.FileUtils;
import org.codehaus.plexus.util.StringUtils;
import org.slf4j.Logger;
@@ -74,6 +75,9 @@
private GeneralConfiguration generalConfiguration;
+ @Resource( name="passwordEncoder#sha256" )
+ private PasswordEncoder encoder;
+
// ----------------------------------------------------------------------
//
// ----------------------------------------------------------------------
@@ -651,6 +655,29 @@ public void setNumberOfBuildsInParallel( int num )
generalConfiguration.setNumberOfBuildsInParallel( num );
}
+ public String getSharedSecretPassword()
+ {
+ return generalConfiguration.getSharedSecretPassword();
+ }
+
+ public void setSharedSecretPassword( String sharedSecretPassword )
+ {
+ String encryptedPassword = encoder.encodePassword( sharedSecretPassword );
+
+ if ( StringUtils.isNotBlank( generalConfiguration.getSharedSecretPassword() ) )
+ {
+ String previousEncodedPassword = generalConfiguration.getSharedSecretPassword();
+ // check if nothing changed
+ if ( previousEncodedPassword.equals( sharedSecretPassword ) ||
+ previousEncodedPassword.equals( encryptedPassword ) )
+ {
+ return;
+ }
+ }
+
+ generalConfiguration.setSharedSecretPassword( encryptedPassword );
+ }
+
// ----------------------------------------------------------------------
//
// ----------------------------------------------------------------------
@@ -155,5 +155,12 @@ public void testConfigurationService()
assertEquals( "check # build agent groups", 1, service.getBuildAgentGroups().size() );
assertEquals( "group-1", service.getBuildAgentGroups().get( 0 ).getName() );
assertEquals( "windows", service.getBuildAgentGroups().get( 0 ).getBuildAgents().get( 0 ).getDescription() );
+ assertNull( service.getSharedSecretPassword() );
+
+ service.setSharedSecretPassword( "password" );
+ service.store();
+ service.reload();
+
+ assertNotNull( service.getSharedSecretPassword() );
}
}
@@ -1534,7 +1534,7 @@ private boolean hasBuildagentInGroup( Map<Integer, Integer> projectsAndBuildDefi
public SlaveBuildAgentTransportService createSlaveBuildAgentTransportClientConnection( String buildAgentUrl )
throws MalformedURLException, Exception
{
- return new SlaveBuildAgentTransportClient( new URL( buildAgentUrl ) );
+ return new SlaveBuildAgentTransportClient( new URL( buildAgentUrl ), "", configurationService.getSharedSecretPassword() );
}
// for unit testing
Oops, something went wrong.

0 comments on commit a125806

Please sign in to comment.