public void WriteSetupSettings(SetupServiceSettings setupServiceSettings)
{
_logger.LogInformation($"Writing k8s config map with setup settings");
_k8sClient.RecreateConfigMap("setup-settings", new Dictionary <string, string> {
{ "setupsettings.json", JsonConvert.SerializeObject(setupServiceSettings.Memento, Formatting.Indented) }
});
}
public void TestThrowsExceptionWheFileDoesntExist()
{
// Arrange
var jsonFileName = "Unexistent.json";
// Act, Assert
Assert.Throws(typeof(FileNotFoundException), () => SetupServiceSettings.FromConfigDir(jsonFileName));
}
public int Run(UserInput userInput)
{
try {
var certificatesCommonName = userInput.ServiceHostname;
_logger.LogDebug($"User Input VC: {userInput.Psc}");
_logger.LogDebug($"User Input VC User: {userInput.User}");
_logger.LogDebug($"User Input VC Thumbprint: {userInput.VcThumbprint}");
_logger.LogDebug($"User Input Force Specified: {userInput.ForceSpecified}");
userInput.EnsureIsValid(SetupFlowType.RegisterWithVC);
// --- InMemory Certificates ---
X509Certificate2 signCertificate = null;
X509Certificate2 tlsCertificate = null;
// --- InMemory Certificates ---
K8sSettings k8sSettings = null;
if (userInput.K8sSettings != null && File.Exists(userInput.K8sSettings))
{
k8sSettings = JsonConvert.DeserializeObject <K8sSettings>(File.ReadAllText(userInput.K8sSettings));
}
var configWriter = new K8sConfigWriter(_loggerFactory, k8sSettings);
// --- Signing Certificate ---
if (!string.IsNullOrEmpty(userInput.SigningCertificatePath) &&
File.Exists(userInput.SigningCertificatePath))
{
_logger.LogInformation($"Load signing certificate from path {userInput.SigningCertificatePath}");
signCertificate = new X509Certificate2(userInput.SigningCertificatePath);
}
else
{
_logger.LogInformation("Generate signing self-signed certificate");
var signingCertGen = new SigningCertificateGenerator(
_loggerFactory,
certificatesCommonName,
configWriter);
signCertificate = signingCertGen.Generate(Constants.SignCertificateSecretName);
if (signCertificate == null)
{
_logger.LogError("Generate signing self-signed certificate failed.");
return(3);
}
}
// --- Signing Certificate ---
// --- TLS Certificate ---
if (!string.IsNullOrEmpty(userInput.TlsCertificatePath) &&
File.Exists(userInput.TlsCertificatePath))
{
_logger.LogInformation($"Load tls certificate from path {userInput.TlsCertificatePath}");
tlsCertificate = new X509Certificate2(userInput.TlsCertificatePath);
}
else
{
_logger.LogInformation("Generate tls self-signed certificate");
var tlsCertGen = new TlsCertificateGenerator(
_loggerFactory,
certificatesCommonName,
configWriter);
tlsCertificate = tlsCertGen.Generate(Constants.TlsCertificateSecretName);
if (tlsCertificate == null)
{
_logger.LogError("Generate tls self-signed certificate failed.");
return(4);
}
}
// --- TLS Certificate ---
// === VC Registration Actions ===
X509CertificateValidator certificateValidator = null;
if (userInput.ForceSpecified)
{
certificateValidator = new AcceptAllX509CertificateValidator();
}
else if (!string.IsNullOrEmpty(userInput.VcThumbprint))
{
certificateValidator = new SpecifiedCertificateThumbprintValidator(userInput.VcThumbprint);
}
var lookupServiceClient = new LookupServiceClient(
userInput.Psc,
certificateValidator);
var serviceSettings = SetupServiceSettings.NewService(
tlsCertificate,
signCertificate,
userInput.ServiceHostname,
443);
_logger.LogDebug($"Service NodeId: {serviceSettings.NodeId}");
_logger.LogDebug($"Service OwnerId: {serviceSettings.OwnerId}");
_logger.LogDebug($"Service ServiceId: {serviceSettings.ServiceId}");
_logger.LogDebug($"Service Endpoint Url: {serviceSettings.EndpointUrl}");
var ssoSdkUri = lookupServiceClient.GetSsoAdminEndpointUri();
var stsUri = lookupServiceClient.GetStsEndpointUri();
_logger.LogDebug($"Resolved SSO SDK Endpoint: {ssoSdkUri}");
_logger.LogDebug($"Resolved Sts Endpoint: {stsUri}");
var ssoAdminClient = new SsoAdminClient(ssoSdkUri, stsUri, certificateValidator);
// --- SSO Solution User Registration ---
var ssoSolutionRegitration = new SsoSolutionUserRegistration(
_loggerFactory,
serviceSettings,
ssoAdminClient);
ssoSolutionRegitration.CreateSolutionUser(userInput.User, userInput.Password);
// --- SSO Solution User Registration ---
// --- Lookup Service Registration ---
var lsRegistration = new LookupServiceRegistration(
_loggerFactory,
serviceSettings,
lookupServiceClient);
lsRegistration.Register(userInput.User, userInput.Password);
// --- Lookup Service Registration ---
// --- Store VC CA certificates ---
var trustedCertificatesStore = new TrustedCertificatesStore(
_loggerFactory,
ssoAdminClient,
configWriter);
trustedCertificatesStore.SaveVcenterCACertficates();
// --- Store VC CA certificates ---
// === VC Registration Actions ===
// --- Save SRS API Gateway service settings ---
var stsSettings = new StsSettings();
stsSettings.Realm = ssoSolutionRegitration.GetTrustedCertificate(
userInput.User,
userInput.Password)?.Thumbprint;
stsSettings.SolutionUserSigningCertificatePath = Constants.StsSettings_SolutionUserSigningCertificatePath;
stsSettings.StsServiceEndpoint = stsUri.ToString();
stsSettings.SolutionOwnerId = serviceSettings.OwnerId;
stsSettings.SolutionServiceId = serviceSettings.ServiceId;
configWriter.WriteServiceStsSettings(stsSettings);
// --- Save SRS API Gateway service settings ---
} catch (InvalidUserInputException exc) {
_logger.LogError(exc, exc.Message);
return(1);
} catch (Exception exc) {
_logger.LogError(exc, exc.Message);
return(2);
}
_logger.LogInformation("Success");
return(0);
}
public int Run(UserInput userInput)
{
try {
var certificatesCommonName = userInput.ServiceHostname;
_logger.LogDebug($"User Input VC: {userInput.Psc}");
_logger.LogDebug($"User Input VC User: {userInput.User}");
_logger.LogDebug($"User Input VC Thumbprint: {userInput.VcThumbprint}");
_logger.LogDebug($"User Input Force Specified: {userInput.ForceSpecified}");
_logger.LogDebug($"User Input Sts Settings Path Specified: {userInput.StsSettingsPath}");
_logger.LogDebug($"User Input Tls Certificate Path Specified: {userInput.TlsCertificatePath}");
userInput.EnsureIsValid(SetupFlowType.UpdateTlsCertificate);
var stsSettings = new SettingsEditor(File.ReadAllText(userInput.StsSettingsPath)).
GetStsSettings();
_logger.LogDebug($"Sts Settings SolutionServiceId: {stsSettings.SolutionServiceId}");
_logger.LogDebug($"Sts Settings SolutionOwnerId: {stsSettings.SolutionOwnerId}");
var setupServiceSettings = SetupServiceSettings.FromStsSettings(stsSettings);
setupServiceSettings.TlsCertificatePath = userInput.TlsCertificatePath;
setupServiceSettings.TlsCertificate = new X509Certificate2(setupServiceSettings.TlsCertificatePath);
_logger.LogDebug($"SetupServiceSettings ServiceId: {setupServiceSettings.ServiceId}");
_logger.LogDebug($"SetupServiceSettings OwnerId: {setupServiceSettings.OwnerId}");
_logger.LogDebug($"SetupServiceSettings TlsCertificatePath: {setupServiceSettings.TlsCertificatePath}");
_logger.LogDebug($"SetupServiceSettings TlsCertificate Thumbprint: {setupServiceSettings.TlsCertificate?.Thumbprint}");
K8sSettings k8sSettings = null;
if (userInput.K8sSettings != null && File.Exists(userInput.K8sSettings))
{
k8sSettings = JsonConvert.DeserializeObject <K8sSettings>(File.ReadAllText(userInput.K8sSettings));
}
// === VC Update Service Registration Actions ===
X509CertificateValidator certificateValidator = null;
if (userInput.ForceSpecified)
{
certificateValidator = new AcceptAllX509CertificateValidator();
}
else if (!string.IsNullOrEmpty(userInput.VcThumbprint))
{
certificateValidator = new SpecifiedCertificateThumbprintValidator(userInput.VcThumbprint);
}
var lookupServiceClient = new LookupServiceClient(
userInput.Psc,
certificateValidator);
// --- Lookup Service Registration ---
var lsRegistration = new LookupServiceRegistration(
_loggerFactory,
setupServiceSettings,
lookupServiceClient);
lsRegistration.UpdateServiceRegistrationTlsCertificate(userInput.User, userInput.Password);
// --- Lookup Service Registration ---
// === VC Update Service Registration Actions ===
} catch (InvalidUserInputException exc) {
_logger.LogError(exc, exc.Message);
return(1);
} catch (Exception exc) {
_logger.LogError(exc, exc.Message);
return(2);
}
_logger.LogInformation("Success");
return(0);
}
public int Run(UserInput userInput)
{
try {
var certificatesCommonName = userInput.ServiceHostname;
_logger.LogDebug($"User Input VC: {userInput.Psc}");
_logger.LogDebug($"User Input VC User: {userInput.User}");
_logger.LogDebug($"User Input VC Thumbprint: {userInput.VcThumbprint}");
_logger.LogDebug($"User Input Force Specified: {userInput.ForceSpecified}");
userInput.EnsureIsValid(SetupFlowType.CleanupVCRegistration);
K8sSettings k8sSettings = null;
if (userInput.K8sSettings != null && File.Exists(userInput.K8sSettings))
{
k8sSettings = JsonConvert.DeserializeObject <K8sSettings>(File.ReadAllText(userInput.K8sSettings));
}
// === VC Unregister Actions ===
X509CertificateValidator certificateValidator = null;
if (userInput.ForceSpecified)
{
certificateValidator = new AcceptAllX509CertificateValidator();
}
else if (!string.IsNullOrEmpty(userInput.VcThumbprint))
{
certificateValidator = new SpecifiedCertificateThumbprintValidator(userInput.VcThumbprint);
}
var lookupServiceClient = new LookupServiceClient(
userInput.Psc,
certificateValidator);
var registeredServices = lookupServiceClient.ListRegisteredServices();
string srsServiceId = null;
string srsOwnerId = null;
foreach (var service in registeredServices)
{
if (service.ownerId?.StartsWith("srs-SolutionOwner-") ?? false)
{
// SRS Service registration found
srsServiceId = service.serviceId;
srsOwnerId = service.ownerId;
break;
}
}
if (!string.IsNullOrEmpty(srsServiceId) && !string.IsNullOrEmpty(srsOwnerId))
{
_logger.LogInformation($"SRS Service registration found on VC {userInput.Psc}, service Id: {srsServiceId}, service owner Id: {srsOwnerId}");
_logger.LogInformation("Performing SRS Service regitration cleanup");
var setupServiceSettings = SetupServiceSettings.FromStsSettings(new StsSettings {
SolutionServiceId = srsServiceId,
SolutionOwnerId = srsOwnerId
});
_logger.LogDebug($"SetupServiceSettings ServiceId: {setupServiceSettings.ServiceId}");
_logger.LogDebug($"SetupServiceSettings OwnerId: {setupServiceSettings.OwnerId}");
var ssoSdkUri = lookupServiceClient.GetSsoAdminEndpointUri();
var stsUri = lookupServiceClient.GetStsEndpointUri();
_logger.LogDebug($"Resolved SSO SDK Endpoint: {ssoSdkUri}");
_logger.LogDebug($"Resolved Sts Endpoint: {stsUri}");
var ssoAdminClient = new SsoAdminClient(ssoSdkUri, stsUri, certificateValidator);
// --- SSO Solution User Registration ---
var ssoSolutionRegitration = new SsoSolutionUserRegistration(
_loggerFactory,
setupServiceSettings,
ssoAdminClient);
ssoSolutionRegitration.DeleteSolutionUser(userInput.User, userInput.Password);
// --- SSO Solution User Registration ---
// --- Lookup Service Registration ---
var lsRegistration = new LookupServiceRegistration(
_loggerFactory,
setupServiceSettings,
lookupServiceClient);
lsRegistration.Deregister(userInput.User, userInput.Password);
}
else
{
_logger.LogInformation($"SRS Service registration not found on VC {userInput.Psc}");
}
// === VC Unregister Actions ===
} catch (InvalidUserInputException exc) {
_logger.LogError(exc, exc.Message);
return(1);
} catch (Exception exc) {
_logger.LogError(exc, exc.Message);
return(2);
}
_logger.LogInformation("Success");
return(0);
}
