Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SafeLogic modules' paths are configured by properties to not expose their URLs. These modules had to be installed with a custom script because salt's file.present could not follow the redirects. Related issue: saltstack/salt#63212
- Loading branch information
1 parent
2c0a5bd
commit be4d7cd
Showing
8 changed files
with
292 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
71 changes: 71 additions & 0 deletions
71
.../com/sequenceiq/cloudbreak/core/bootstrap/service/host/decorator/JavaPillarDecorator.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,71 @@ | ||
package com.sequenceiq.cloudbreak.core.bootstrap.service.host.decorator; | ||
|
||
import static java.util.Collections.singletonMap; | ||
|
||
import java.util.HashMap; | ||
import java.util.Map; | ||
|
||
import org.apache.commons.lang3.StringUtils; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Value; | ||
import org.springframework.stereotype.Component; | ||
|
||
import com.sequenceiq.cloudbreak.dto.StackDto; | ||
import com.sequenceiq.cloudbreak.orchestrator.model.SaltPillarProperties; | ||
|
||
@Component | ||
public class JavaPillarDecorator { | ||
|
||
private static final Logger LOGGER = LoggerFactory.getLogger(JavaPillarDecorator.class); | ||
|
||
@Value("${cb.safelogic.cryptocomply.path:}") | ||
private String cryptoComplyPath; | ||
|
||
@Value("${cb.safelogic.cryptocomply.hash:}") | ||
private String cryptoComplyHash; | ||
|
||
@Value("${cb.safelogic.bouncycastletls.path:}") | ||
private String bouncyCastleTlsPath; | ||
|
||
@Value("${cb.safelogic.bouncycastletls.hash:}") | ||
private String bouncyCastleTlsHash; | ||
|
||
public void decorateWithJavaProperties(StackDto stackDto, Map<String, SaltPillarProperties> servicePillar) { | ||
Map<String, Object> config = new HashMap<>(); | ||
addVersion(stackDto, config); | ||
addSafeLogicProperties(stackDto, config); | ||
servicePillar.put("java", new SaltPillarProperties("/java/init.sls", singletonMap("java", config))); | ||
} | ||
|
||
private void addVersion(StackDto stackDto, Map<String, Object> config) { | ||
Integer javaVersion = stackDto.getStack().getJavaVersion(); | ||
if (javaVersion != null) { | ||
LOGGER.debug("Creating java pillar with version {}", javaVersion); | ||
config.put("version", javaVersion); | ||
} else { | ||
LOGGER.debug("Skip java version pillar as the version is not specified"); | ||
} | ||
} | ||
|
||
private void addSafeLogicProperties(StackDto stackDto, Map<String, Object> config) { | ||
if (stackDto.isOnGovPlatformVariant()) { | ||
LOGGER.debug("Adding SafeLogic properties"); | ||
Map<String, Object> safeLogicProperties = new HashMap<>(); | ||
addSafeLogicProperty(safeLogicProperties, "cryptoComplyPath", cryptoComplyPath); | ||
addSafeLogicProperty(safeLogicProperties, "cryptoComplyHash", cryptoComplyHash); | ||
addSafeLogicProperty(safeLogicProperties, "bouncyCastleTlsPath", bouncyCastleTlsPath); | ||
addSafeLogicProperty(safeLogicProperties, "bouncyCastleTlsHash", bouncyCastleTlsHash); | ||
config.put("safelogic", safeLogicProperties); | ||
} | ||
} | ||
|
||
private void addSafeLogicProperty(Map<String, Object> config, String name, String value) { | ||
if (StringUtils.isBlank(value)) { | ||
String message = "Required SafeLogic property is blank for application: " + name; | ||
LOGGER.error(message); | ||
throw new IllegalStateException(message); | ||
} | ||
config.put(name, value); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
118 changes: 118 additions & 0 deletions
118
.../sequenceiq/cloudbreak/core/bootstrap/service/host/decorator/JavaPillarDecoratorTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,118 @@ | ||
package com.sequenceiq.cloudbreak.core.bootstrap.service.host.decorator; | ||
|
||
import static org.assertj.core.api.Assertions.assertThat; | ||
import static org.assertj.core.api.Assertions.assertThatCode; | ||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | ||
import static org.mockito.Mockito.when; | ||
|
||
import java.util.HashMap; | ||
import java.util.Map; | ||
|
||
import org.assertj.core.api.MapAssert; | ||
import org.junit.jupiter.api.BeforeEach; | ||
import org.junit.jupiter.api.Test; | ||
import org.junit.jupiter.api.extension.ExtendWith; | ||
import org.junit.jupiter.params.ParameterizedTest; | ||
import org.junit.jupiter.params.provider.ValueSource; | ||
import org.mockito.Mock; | ||
import org.mockito.junit.jupiter.MockitoExtension; | ||
import org.springframework.test.util.ReflectionTestUtils; | ||
|
||
import com.sequenceiq.cloudbreak.domain.stack.Stack; | ||
import com.sequenceiq.cloudbreak.dto.StackDto; | ||
import com.sequenceiq.cloudbreak.orchestrator.model.SaltPillarProperties; | ||
|
||
@ExtendWith(MockitoExtension.class) | ||
class JavaPillarDecoratorTest { | ||
|
||
private static final int JAVA_VERSION = 11; | ||
|
||
private JavaPillarDecorator underTest; | ||
|
||
@Mock | ||
private StackDto stackDto; | ||
|
||
@Mock | ||
private Stack stack; | ||
|
||
private Map<String, SaltPillarProperties> servicePillar; | ||
|
||
@BeforeEach | ||
void setUp() { | ||
underTest = new JavaPillarDecorator(); | ||
ReflectionTestUtils.setField(underTest, "cryptoComplyPath", "ccj-path"); | ||
ReflectionTestUtils.setField(underTest, "cryptoComplyHash", "ccj-hash"); | ||
ReflectionTestUtils.setField(underTest, "bouncyCastleTlsPath", "bctls-path"); | ||
ReflectionTestUtils.setField(underTest, "bouncyCastleTlsHash", "bctls-hash"); | ||
|
||
when(stackDto.isOnGovPlatformVariant()).thenReturn(true); | ||
when(stackDto.getStack()).thenReturn(stack); | ||
when(stack.getJavaVersion()).thenReturn(JAVA_VERSION); | ||
servicePillar = new HashMap<>(); | ||
} | ||
|
||
@Test | ||
void noJavaVersion() { | ||
when(stack.getJavaVersion()).thenReturn(null); | ||
|
||
underTest.decorateWithJavaProperties(stackDto, servicePillar); | ||
|
||
assertThatJavaProperties().doesNotContainKey("version"); | ||
} | ||
|
||
@Test | ||
void javaVersion() { | ||
underTest.decorateWithJavaProperties(stackDto, servicePillar); | ||
|
||
assertThatJavaProperties().containsEntry("version", JAVA_VERSION); | ||
} | ||
|
||
@ParameterizedTest | ||
@ValueSource(strings = {"cryptoComplyPath", "cryptoComplyHash", "bouncyCastleTlsPath", "bouncyCastleTlsHash"}) | ||
void missingSafeLogicPropertyForNonGovStack(String property) { | ||
when(stackDto.isOnGovPlatformVariant()).thenReturn(false); | ||
ReflectionTestUtils.setField(underTest, property, null); | ||
|
||
assertThatCode(() -> underTest.decorateWithJavaProperties(stackDto, servicePillar)).doesNotThrowAnyException(); | ||
} | ||
|
||
@ParameterizedTest | ||
@ValueSource(strings = {"cryptoComplyPath", "cryptoComplyHash", "bouncyCastleTlsPath", "bouncyCastleTlsHash"}) | ||
void missingSafeLogicPropertyForGovStack(String property) { | ||
ReflectionTestUtils.setField(underTest, property, null); | ||
|
||
assertThatThrownBy(() -> underTest.decorateWithJavaProperties(stackDto, servicePillar)) | ||
.isInstanceOf(IllegalStateException.class) | ||
.hasMessage("Required SafeLogic property is blank for application: " + property); | ||
} | ||
|
||
@Test | ||
void noSafeLogicPropertiesForNonGovStack() { | ||
when(stackDto.isOnGovPlatformVariant()).thenReturn(false); | ||
|
||
underTest.decorateWithJavaProperties(stackDto, servicePillar); | ||
|
||
assertThatJavaProperties().doesNotContainKey("safelogic"); | ||
} | ||
|
||
@Test | ||
void safeLogicPropertiesForGovStack() { | ||
underTest.decorateWithJavaProperties(stackDto, servicePillar); | ||
|
||
assertThatSafeLogicProperties() | ||
.containsEntry("cryptoComplyPath", "ccj-path") | ||
.containsEntry("cryptoComplyHash", "ccj-hash") | ||
.containsEntry("bouncyCastleTlsPath", "bctls-path") | ||
.containsEntry("bouncyCastleTlsHash", "bctls-hash"); | ||
} | ||
|
||
private MapAssert<String, Object> assertThatJavaProperties() { | ||
return assertThat((Map<String, Object>) servicePillar.get("java").getProperties().get("java")); | ||
} | ||
|
||
private MapAssert<String, Object> assertThatSafeLogicProperties() { | ||
Map<String, Object> javaProperties = (Map<String, Object>) servicePillar.get("java").getProperties().get("java"); | ||
return assertThat((Map<String, Object>) javaProperties.get("safelogic")); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.