/** * {@inheritDoc} */ @Override public void from(io.cattle.platform.core.model.Secret from) { setId(from.getId()); setName(from.getName()); setAccountId(from.getAccountId()); setKind(from.getKind()); setUuid(from.getUuid()); setDescription(from.getDescription()); setState(from.getState()); setCreated(from.getCreated()); setRemoved(from.getRemoved()); setRemoveTime(from.getRemoveTime()); setData(from.getData()); setValue(from.getValue()); setStackId(from.getStackId()); }
/** * {@inheritDoc} */ @Override public <E extends io.cattle.platform.core.model.Secret> E into(E into) { into.from(this); return into; }
@Override public HandlerResult handle(ProcessState state, ProcessInstance process) { Secret secret = (Secret)state.getResource(); try { secretsService.delete(secret.getAccountId(), secret.getValue()); } catch (IOException e) { log.error("Failed to delete secret from storage [{}]", secret.getId(), e); throw new IllegalStateException(e); } return null; }
protected List<Object> toData(List<Secret> secrets) throws IOException { List<Object> result = new ArrayList<>(secrets.size()); for (Secret s : secrets) { result.add(jsonMapper.readValue(s.getValue())); } return result; }
@Override public List<SecretValue> getValues(List<SecretReference> refs, Host host) throws IOException { Map<Long, Secret> secrets = secretDao.getSecrets(refs); Map<Long, String> values = getValues(secrets.values(), host); List<SecretValue> result = new ArrayList<>(); for (SecretReference ref : refs) { Secret secret = secrets.get(ref.getSecretId()); if (secret == null) { continue; } SecretValue value = new SecretValue(ref, secret, values.get(secret.getId())); result.add(value); } return result; }
public SecretValue(SecretReference ref, Secret secret, String value) { this.name = ref.getName(); if (StringUtils.isBlank(this.name)) { this.name = secret.getName(); } this.uid = ref.getUid(); this.gid = ref.getGid(); this.mode = ref.getMode(); this.rewrapText = value; }
@Override public Object create(String type, ApiRequest request, ResourceManager next) { Secret s = request.proxyRequestObject(Secret.class); if (!Base64.isBase64(s.getValue())) { throw new ValidationErrorException("InvalidBase64", "value", "Invalid base64 content"); }; Base64.decodeBase64(s.getValue()); return super.create(type, request, next); }
protected Map<Long, String> getValues(Collection<Secret> secrets, Host host) throws IOException { List<Secret> secretsList = new ArrayList<>(secrets); Map<Long, String> result = new HashMap<>(); Map<String, Object> hostInfo = DataAccessor.fieldMap(host, HostConstants.FIELD_INFO); Object rewrapKey = CollectionUtils.getNestedValue(hostInfo, "hostKey", "data"); Map<String, Object> input = new HashMap<>(); input.put("data", toData(secretsList)); input.put("rewrapKey", rewrapKey); Map<String, Object> response = Request.Post(SECRETS_URL.get() + BULK_PATH). bodyString(jsonMapper.writeValueAsString(input), ContentType.APPLICATION_JSON) .execute().handleResponse(new ResponseHandler<Map<String, Object>>() { @Override public Map<String, Object> handleResponse(HttpResponse response) throws ClientProtocolException, IOException { int statusCode = response.getStatusLine().getStatusCode(); if (statusCode >= 300) { throw new IOException("Failed to rewrap secret :" + response.getStatusLine().getReasonPhrase()); } return jsonMapper.readValue(response.getEntity().getContent()); } }); List<?> wrapped = CollectionUtils.toList(response.get("data")); for (int i = 0; i < secretsList.size(); i++) { Secret secret = secretsList.get(i); result.put(secret.getId(), CollectionUtils.toMap(wrapped.get(i)).get("rewrapText").toString()); } return result; }
continue; String secretName = secretObj.getName(); if (isShortSyntax(secretOpts)) { secretEntries.add(secretName);
@Override protected void generate(final ApiRequest request) throws IOException { if (!"secret".equals(request.getType()) || !"POST".equals(request.getMethod())) { return; } if (!CONTENT_TYPE.equalsIgnoreCase(request.getServletContext().getRequest().getContentType())) { return; } String token = request.proxyRequestObject(Secret.class).getValue(); Map<String, Object> value = null; try { value = tokenService.getJsonPayload(token, false); } catch (TokenException e) { throw new ClientVisibleException(ResponseCodes.FORBIDDEN); } String uuid = DataAccessor.fromMap(value).withKey("uuid").as(String.class); if (StringUtils.isBlank(uuid)) { throw new ClientVisibleException(ResponseCodes.NOT_FOUND); } InstanceAndHost ih = secretDao.getHostForInstanceUUIDAndAuthAccount(ApiUtils.getPolicy().getAccountId(), uuid); if (ih == null) { throw new ClientVisibleException(ResponseCodes.NOT_FOUND); } List<SecretReference> secrets = DataAccessor.fieldObjectList(ih.instance, InstanceConstants.FIELD_SECRETS, SecretReference.class, jsonMapper); List<SecretValue> values = secretsService.getValues(secrets, ih.host); jsonMapper.writeValue(request.getOutputStream(), values); request.setResponseObject(new Object()); }
@Override public Map<Long, Secret> getSecrets(List<SecretReference> refs) { Set<Long> ids = new HashSet<>(); for (SecretReference ref : refs) { ids.add(ref.getSecretId()); } Map<Long, Secret> result = new HashMap<Long, Secret>(); for (Secret secret : create().select(SECRET.fields()) .from(SECRET) .where(SECRET.ID.in(ids)) .fetchInto(SecretRecord.class)) { result.put(secret.getId(), secret); } return result; }