public int Run(UserInput userInput) { try { var certificatesCommonName = userInput.ServiceHostname; _logger.LogDebug($"User Input VC: {userInput.Psc}"); _logger.LogDebug($"User Input VC User: {userInput.User}"); _logger.LogDebug($"User Input VC Thumbprint: {userInput.VcThumbprint}"); _logger.LogDebug($"User Input Force Specified: {userInput.ForceSpecified}"); userInput.EnsureIsValid(SetupFlowType.RegisterWithVC); // --- InMemory Certificates --- X509Certificate2 signCertificate = null; X509Certificate2 tlsCertificate = null; // --- InMemory Certificates --- K8sSettings k8sSettings = null; if (userInput.K8sSettings != null && File.Exists(userInput.K8sSettings)) { k8sSettings = JsonConvert.DeserializeObject <K8sSettings>(File.ReadAllText(userInput.K8sSettings)); } var configWriter = new K8sConfigWriter(_loggerFactory, k8sSettings); // --- Signing Certificate --- if (!string.IsNullOrEmpty(userInput.SigningCertificatePath) && File.Exists(userInput.SigningCertificatePath)) { _logger.LogInformation($"Load signing certificate from path {userInput.SigningCertificatePath}"); signCertificate = new X509Certificate2(userInput.SigningCertificatePath); } else { _logger.LogInformation("Generate signing self-signed certificate"); var signingCertGen = new SigningCertificateGenerator( _loggerFactory, certificatesCommonName, configWriter); signCertificate = signingCertGen.Generate(Constants.SignCertificateSecretName); if (signCertificate == null) { _logger.LogError("Generate signing self-signed certificate failed."); return(3); } } // --- Signing Certificate --- // --- TLS Certificate --- if (!string.IsNullOrEmpty(userInput.TlsCertificatePath) && File.Exists(userInput.TlsCertificatePath)) { _logger.LogInformation($"Load tls certificate from path {userInput.TlsCertificatePath}"); tlsCertificate = new X509Certificate2(userInput.TlsCertificatePath); } else { _logger.LogInformation("Generate tls self-signed certificate"); var tlsCertGen = new TlsCertificateGenerator( _loggerFactory, certificatesCommonName, configWriter); tlsCertificate = tlsCertGen.Generate(Constants.TlsCertificateSecretName); if (tlsCertificate == null) { _logger.LogError("Generate tls self-signed certificate failed."); return(4); } } // --- TLS Certificate --- // === VC Registration Actions === X509CertificateValidator certificateValidator = null; if (userInput.ForceSpecified) { certificateValidator = new AcceptAllX509CertificateValidator(); } else if (!string.IsNullOrEmpty(userInput.VcThumbprint)) { certificateValidator = new SpecifiedCertificateThumbprintValidator(userInput.VcThumbprint); } var lookupServiceClient = new LookupServiceClient( userInput.Psc, certificateValidator); var serviceSettings = SetupServiceSettings.NewService( tlsCertificate, signCertificate, userInput.ServiceHostname, 443); _logger.LogDebug($"Service NodeId: {serviceSettings.NodeId}"); _logger.LogDebug($"Service OwnerId: {serviceSettings.OwnerId}"); _logger.LogDebug($"Service ServiceId: {serviceSettings.ServiceId}"); _logger.LogDebug($"Service Endpoint Url: {serviceSettings.EndpointUrl}"); var ssoSdkUri = lookupServiceClient.GetSsoAdminEndpointUri(); var stsUri = lookupServiceClient.GetStsEndpointUri(); _logger.LogDebug($"Resolved SSO SDK Endpoint: {ssoSdkUri}"); _logger.LogDebug($"Resolved Sts Endpoint: {stsUri}"); var ssoAdminClient = new SsoAdminClient(ssoSdkUri, stsUri, certificateValidator); // --- SSO Solution User Registration --- var ssoSolutionRegitration = new SsoSolutionUserRegistration( _loggerFactory, serviceSettings, ssoAdminClient); ssoSolutionRegitration.CreateSolutionUser(userInput.User, userInput.Password); // --- SSO Solution User Registration --- // --- Lookup Service Registration --- var lsRegistration = new LookupServiceRegistration( _loggerFactory, serviceSettings, lookupServiceClient); lsRegistration.Register(userInput.User, userInput.Password); // --- Lookup Service Registration --- // --- Store VC CA certificates --- var trustedCertificatesStore = new TrustedCertificatesStore( _loggerFactory, ssoAdminClient, configWriter); trustedCertificatesStore.SaveVcenterCACertficates(); // --- Store VC CA certificates --- // === VC Registration Actions === // --- Save SRS API Gateway service settings --- var stsSettings = new StsSettings(); stsSettings.Realm = ssoSolutionRegitration.GetTrustedCertificate( userInput.User, userInput.Password)?.Thumbprint; stsSettings.SolutionUserSigningCertificatePath = Constants.StsSettings_SolutionUserSigningCertificatePath; stsSettings.StsServiceEndpoint = stsUri.ToString(); stsSettings.SolutionOwnerId = serviceSettings.OwnerId; stsSettings.SolutionServiceId = serviceSettings.ServiceId; configWriter.WriteServiceStsSettings(stsSettings); // --- Save SRS API Gateway service settings --- } catch (InvalidUserInputException exc) { _logger.LogError(exc, exc.Message); return(1); } catch (Exception exc) { _logger.LogError(exc, exc.Message); return(2); } _logger.LogInformation("Success"); return(0); }
public int Run(UserInput userInput) { try { var certificatesCommonName = userInput.ServiceHostname; _logger.LogDebug($"User Input VC: {userInput.Psc}"); _logger.LogDebug($"User Input VC User: {userInput.User}"); _logger.LogDebug($"User Input VC Thumbprint: {userInput.VcThumbprint}"); _logger.LogDebug($"User Input Force Specified: {userInput.ForceSpecified}"); userInput.EnsureIsValid(SetupFlowType.UpdateTrustedCACertificates); // Create Config File Writer K8sSettings k8sSettings = null; if (userInput.K8sSettings != null && File.Exists(userInput.K8sSettings)) { k8sSettings = JsonConvert.DeserializeObject <K8sSettings>(File.ReadAllText(userInput.K8sSettings)); } var configWriter = new K8sConfigWriter(_loggerFactory, k8sSettings); // Create Lookup Service Client X509CertificateValidator certificateValidator = null; if (userInput.ForceSpecified) { certificateValidator = new AcceptAllX509CertificateValidator(); } else if (!string.IsNullOrEmpty(userInput.VcThumbprint)) { certificateValidator = new SpecifiedCertificateThumbprintValidator(userInput.VcThumbprint); } var lookupServiceClient = new LookupServiceClient( userInput.Psc, certificateValidator); // Get SSO Admin And STS URIs from Lookup Service var ssoSdkUri = lookupServiceClient.GetSsoAdminEndpointUri(); var stsUri = lookupServiceClient.GetStsEndpointUri(); _logger.LogDebug($"Resolved SSO SDK Endpoint: {ssoSdkUri}"); _logger.LogDebug($"Resolved Sts Endpoint: {stsUri}"); // var ssoAdminClient = new SsoAdminClient(ssoSdkUri, stsUri, certificateValidator); // --- Store VC CA certificates --- var trustedCertificatesStore = new TrustedCertificatesStore( _loggerFactory, ssoAdminClient, configWriter); trustedCertificatesStore.SaveVcenterCACertficates(); // --- Store VC CA certificates --- } catch (InvalidUserInputException exc) { _logger.LogError(exc, exc.Message); return(1); } catch (Exception exc) { _logger.LogError(exc, exc.Message); return(2); } _logger.LogInformation("Success"); return(0); }