public static String constructDashboardLink(ComputeState host, Service dashboard) { String scheme = Optional.ofNullable(UriUtilsExtended.extractScheme(host.address)) .orElse(UriUtils.HTTPS_SCHEME); String hostname = UriUtilsExtended.extractHost(host.address); String port = Optional.ofNullable(UriUtilsExtended.extractPort(host.address)).orElse("-1"); return UriUtils.buildUri(scheme, hostname, Integer.parseInt(port), KUBERNETES_DASHBOARD_ACCESS_LINK, null) .toString(); }
private void getHostPortBinding(ServiceHost host, ContainerState containerState, Integer port, String hostAddress, BiConsumer<String, Integer> callback) { if (hostAddress == null || hostAddress.isEmpty()) { getContainerHost(host, containerState.parentLink, (h) -> { if (h == null) { callback.accept(null, port); return; } ContainerHostUtil.getHostPublicAddress(host, h, (publicAddress) -> { getHostPortBinding(host, containerState, port, publicAddress, callback); }); }); return; } callback.accept(UriUtilsExtended.extractHost(hostAddress), port); }
public static URI getShellUri(ComputeState host, ContainerState shellContainer) { PortBinding portBinding = getShellPortBinding(shellContainer); if (portBinding == null) { throw new LocalizableValidationException("Could not locate shell port", "compute.shell.port"); } String uriHost = UriUtilsExtended.extractHost(host.address); return UriUtils.buildUri(UriUtils.HTTPS_SCHEME, uriHost, Integer.parseInt(portBinding.hostPort), null, null); }
/** * Validates that certificate CN equals the hostname specified by user. Docker daemon will be * later instructed to find and trust this certificate only if these two matches. See: * https://docs.docker.com/docker-trusted-registry/userguide/ */ private void validateHostAddress(RegistryState state, SslTrustCertificateState sslTrust) { String hostname = UriUtilsExtended.extractHost(state.address); X509Certificate certificate = null; try { certificate = KeyUtil.decodeCertificate(sslTrust.certificate); } catch (CertificateException e1) { throw new LocalizableValidationException( String.format("Invalid certificate provided from host: %s", hostname), "compute.registry.host.address.invalid.certificate", hostname); } try { new DefaultHostnameVerifier().verify(hostname, certificate); } catch (SSLException e) { String errorMessage = String.format( "Registry hostname (%s) does not match certificates CN (%s).", hostname, sslTrust.commonName); throw new LocalizableValidationException(errorMessage, "compute.registry.host.name.mismatch", hostname, sslTrust.commonName); } }