You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by is...@apache.org on 2021/04/08 19:39:39 UTC
[airavata-custos] branch staging updated (2d34184 -> e6207e1)
This is an automated email from the ASF dual-hosted git repository.
isjarana pushed a change to branch staging
in repository https://gitbox.apache.org/repos/asf/airavata-custos.git.
from 2d34184 custos-python-sdk-demo
new 910718e Add keycloak client trustore
new 183d8f7 enable server trust and ssl vault comm
new f7e9191 Merge pull request #119 from isururanawaka/vault_ssl
new aedfab1 Adding shamir secret sharing
new a10ce8a Merge pull request #121 from isururanawaka/vault_ssl
new aed90a6 Implement KV support for resource secrets
new c8ea606 complete integration service
new a7cf6c6 enable rest support and input validation
new a299375 Merge pull request #122 from isururanawaka/vault_ssl
new beb8455 Support ssh,password external token string
new 994f7b2 Merge pull request #124 from isururanawaka/vault_ssl
new 7d53ba2 Add direct custos groups creation
new 8804484 Add direct custos groups methods in client
new 0d574c3 Merge pull request #125 from isururanawaka/group_management
new 1d03d19 update db dns, add python sdk KV methods
new f562752 Merge pull request #127 from isururanawaka/pythonSDK
new 0639900 resolve performance issue: Sharing service userHasAccess method
new cf1f3ea Merge pull request #128 from isururanawaka/pythonSDK
new c1a5b20 Add python samples for KV secret management
new 0e2d9ca Merge pull request #129 from isururanawaka/pythonSDK
new 7c63ce0 Upgrade to helm3
new 8c79162 Improve tenant management APIs
new eb55583 Improve tenant management APIs
new 80f0c36 Add validate method
new 680634d bug fix in validate tenant
new f28bee4 restric tenant APIs to usertoken
new f17bd0b Bug fixing
new 483c0cb Add delete role method
new aa933de Merge pull request #132 from isururanawaka/develop
new 024dddb Support agent authorization
new c3ab1ed Adding resource secret management agent client
new 5e0c8ef mft changes
new e93af76 Merge pull request #133 from isururanawaka/mft-related-changes
new f0d0ea8 Add credential MAP
new 605823d fixing
new 4866627 Merge pull request #134 from isururanawaka/mft-related-changes
new b5ab237 Improve Credential Map
new 3bddde7 Merge pull request #135 from isururanawaka/mft-related-changes
new 216a9cb Search groups by name, createAt, modifiedAt, externalId, description
new dda7e01 Add flexible membership types
new 3521b16 update profile
new cf6d76f Merge pull request #140 from isururanawaka/mft-related-changes
new ddb5487 Improve get user by token api
new 9b6434e Merge pull request #144 from isururanawaka/mft-related-changes
new 87d071d Add tenant profile searching
new 2c7db6f Merge pull request #146 from isururanawaka/mft-related-changes
new 71acccd moving keycloak to quay.io.9.0.2
new 9b13052 Merge pull request #147 from isururanawaka/mft-related-changes
new 8e40b85 converted to helm3
new 53c23a6 staging changes
new e6207e1 Merge pull request #148 from isururanawaka/staging
The 394 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../apache/custos/clients/core/ClientUtils.java | 7 +
.../management/client/GroupManagementClient.java | 166 ++++++-
.../client/IdentityManagementClient.java | 28 +-
.../ResourceSecretManagementAgentClient.java | 168 +++++++
.../client/ResourceSecretManagementClient.java | 519 ++++++++++++++++++++-
.../manamgement/client/TenantManagementClient.java | 4 +-
.../custos/clients/CustosClientProvider.java | 6 +
.../clients/resource_secret_management_client.py | 57 ++-
.../custos/samples/resource_secert_management.py | 80 ++++
.../server/core/ResourceSecretService_pb2.py | 432 ++++++++++++-----
.../server/core/ResourceSecretService_pb2_grpc.py | 125 ++++-
.../ResourceSecretManagementService_pb2.py | 68 ++-
.../ResourceSecretManagementService_pb2_grpc.py | 132 ++++++
.../store/client/CredentialStoreServiceClient.java | 7 +
.../iam/admin/client/IamAdminServiceClient.java | 4 +
.../custos/identity/client/IdentityClient.java | 6 +-
.../secret/client/ResourceSecretClient.java | 39 +-
.../user/profile/client/UserProfileClient.java | 8 +
.../agent-profile-core-service/pom.xml | 7 +
.../src/main/helm/templates/deployment.yaml | 6 +-
.../src/main/proto/AgentProfileService.proto | 2 +-
.../src/main/resources/application.properties | 2 +-
.../cluster-management-core-service/pom.xml | 7 +
.../src/main/helm/templates/deployment.yaml | 6 +-
.../src/main/resources/application.properties | 2 +-
.../credential-store-core-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../store/credential/CredentialManager.java | 23 +
.../exceptions/CredentialGenerationException.java | 1 +
.../CredentialsAuthenticationException.java} | 10 +-
.../custos/credential/store/model/Credential.java | 10 +
.../store/service/CredentialStoreService.java | 142 +++++-
.../credential/store/validator/InputValidator.java | 1 +
.../src/main/proto/CredentialStoreService.proto | 33 +-
.../src/main/resources/application.properties | 2 +-
.../src/main/resources/bootstrap.properties | 13 +-
.../main/resources/vault-client-truststore.pkcs12 | Bin 0 -> 1626 bytes
.../core/services/commons/util/Constants.java | 3 +
custos-core-services/custos-logging/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/resources/application.properties | 2 +-
.../federated-authentication-core-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../proto/FederatedAuthenticationService.proto | 54 +--
.../src/main/resources/application.properties | 2 +-
.../iam-admin-core-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../apache/custos/iam/service/IamAdminService.java | 20 +
.../src/main/proto/IamAdminService.proto | 105 +++--
.../src/main/resources/application.properties | 2 +-
.../resources/keycloak-client-truststore.pkcs12 | Bin 1674 -> 1626 bytes
custos-core-services/identity-core-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../custos/identity/service/IdentityService.java | 13 +-
.../custos/identity/validator/InputValidator.java | 2 +-
.../src/main/proto/IdentityService.proto | 28 +-
.../src/main/resources/application.properties | 2 +-
.../resources/keycloak-client-truststore.pkcs12 | Bin 1674 -> 1626 bytes
.../resource-secret-core-service/pom.xml | 12 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../exceptions/CredentialStoreException.java | 1 +
.../secret/manager/CredentialGeneratorFactory.java | 12 +-
.../manager/adaptor/inbound/CredentialReader.java | 308 +++++++++---
.../adaptor/outbound/CertificateCredential.java | 1 +
.../manager/adaptor/outbound/CredentialMap.java | 76 +++
.../manager/adaptor/outbound/CredentialWriter.java | 324 ++++++++++++-
.../{PasswordCredential.java => KVCredential.java} | 31 +-
.../adaptor/outbound/PasswordCredential.java | 12 +
.../adaptor/outbound/ResourceCredential.java | 55 ++-
.../manager/adaptor/outbound/SSHCredential.java | 37 +-
.../secret/persistance/local/model/Secret.java | 12 +
.../local/repository/SecretRepository.java | 14 +
.../vault/{PasswordSecret.java => KVSecret.java} | 29 +-
.../secret/persistance/vault/PasswordSecret.java | 16 +
.../secret/service/ResourceSecretService.java | 276 +++++++++--
.../custos/resource/secret/utils/Constants.java | 2 +
.../custos/resource/secret/utils/Operations.java | 8 +-
.../src/main/proto/ResourceSecretService.proto | 72 ++-
.../src/main/resources/application.properties | 2 +-
.../src/main/resources/bootstrap.properties | 10 +-
.../main/resources/vault-client-truststore.pkcs12 | Bin 0 -> 1626 bytes
custos-core-services/sharing-core-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../custos/sharing/persistance/model/Sharing.java | 1 +
.../src/main/resources/application.properties | 2 +-
.../tenant-profile-core-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../respository/SearchTenantRepository.java} | 11 +-
.../respository/SearchTenantRepositoryImpl.java | 88 ++++
.../persistance/respository/TenantRepository.java | 4 +-
.../profile/service/TenantProfileService.java | 48 +-
.../tenant/profile/validator/InputValidator.java | 4 -
.../src/main/proto/TenantProfileService.proto | 36 +-
.../src/main/resources/application.properties | 2 +-
.../user-profile-core-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../persistance/repository/GroupRepository.java | 4 +-
...Repository.java => SearchGroupsRepository.java} | 7 +-
.../repository/SearchGroupsRepositoryImpl.java | 113 +++++
.../user/profile/service/UserProfileService.java | 14 +-
.../src/main/proto/UserProfileService.proto | 37 +-
.../src/main/resources/application.properties | 2 +-
.../custos-configuration-service/pom.xml | 24 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../federatedAuthenticationCoreService.properties | 4 +-
.../main/resources/iamAdminCoreService.properties | 8 +-
.../main/resources/identityCoreService.properties | 8 +-
.../custos-keycloak/Dockerfile | 2 +-
.../services/clients/keycloak/KeycloakClient.java | 40 +-
.../clients/keycloak/auth/KeycloakAuthClient.java | 10 +-
custos-integration-core/pom.xml | 4 +
.../core/exceptions/InValidParameterException.java | 9 +-
...edException.java => UnAuthorizedException.java} | 6 +-
.../core/interceptor/ServiceInterceptor.java | 8 +-
.../custos/integration/core/utils/Constants.java | 2 +
.../core/utils/ShamirSecretHandler.java | 72 +++
.../agent-management-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
...rTenantRestrictedOperationsInterceptorImpl.java | 7 +-
.../interceptors/UserAuthInterceptorImpl.java | 13 +-
.../management/service/AgentManagementService.java | 37 +-
.../commons/interceptors/AuthInterceptor.java | 159 ++++++-
.../interceptors/MultiTenantAuthInterceptor.java | 40 +-
.../src/main/resources/group-management-service.pb | Bin 117987 -> 122043 bytes
.../group-management-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
.../interceptors/ClientAuthInterceptorImpl.java | 83 ++--
.../management/interceptors/InputValidator.java | 4 +-
.../management/service/GroupManagementService.java | 363 +++++++++++---
.../src/main/proto/GroupManagementService.proto | 91 +++-
.../identity-management-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
.../interceptors/AgentAuthInterceptor.java | 6 +-
.../interceptors/AuthInterceptorImpl.java | 63 +--
.../service/IdentityManagementService.java | 4 +-
.../src/main/proto/IdentityManagementService.proto | 9 +-
.../log-management-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
.../interceptors/ClientAuthInterceptorImpl.java | 6 +-
.../interceptors/UserAuthInterceptorImpl.java | 6 +-
.../resource-secret-management-service.pb | Bin 94266 -> 101371 bytes
.../resource-secret-management-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
.../interceptors/ClientAuthInterceptorImpl.java | 42 +-
.../management/interceptors/InputValidator.java | 18 +
.../service/ResourceSecretManagementService.java | 228 ++++++++-
.../proto/ResourceSecretManagementService.proto | 42 ++
custos-integration-services/scim-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 6 +-
.../sharing-management-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
.../interceptors/AuthInterceptorImpl.java | 6 +-
.../service/SharingManagementService.java | 10 +-
.../main/resources/tenant-management-service.pb | Bin 149250 -> 151021 bytes
.../tenant-management-service/pom.xml | 8 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
.../interceptors/AuthInterceptorImpl.java | 146 ++++--
.../interceptors/DynamicRegistrationValidator.java | 75 +--
.../management/interceptors/InputValidator.java | 20 +
...rTenantRestrictedOperationsInterceptorImpl.java | 30 +-
.../service/TenantManagementService.java | 246 +++++-----
.../src/main/proto/TenantManagementService.proto | 33 +-
.../user-management-service/pom.xml | 7 +
.../src/main/helm/templates/deployment.yaml | 13 +-
.../src/main/helm/templates/ingress-grpc.yaml | 2 +-
.../interceptors/ClientAuthInterceptorImpl.java | 24 +-
...rTenantRestrictedOperationsInterceptorImpl.java | 7 +-
.../interceptors/UserAuthInterceptorImpl.java | 23 +-
.../src/main/proto/UserManagementService.proto | 40 +-
.../integration/tests/TenantManagementTests.java | 5 +-
pom.xml | 82 +++-
178 files changed, 5379 insertions(+), 1216 deletions(-)
create mode 100644 custos-client-sdks/custos-java-clients/resource-secret-management-client/src/main/java/org/apache/custos/resource/secret/management/client/ResourceSecretManagementAgentClient.java
create mode 100644 custos-client-sdks/custos-python-sdk/custos/samples/resource_secert_management.py
copy custos-core-services/{resource-secret-core-service/src/main/java/org/apache/custos/resource/secret/manager/Credential.java => credential-store-core-service/src/main/java/org/apache/custos/credential/store/exceptions/CredentialsAuthenticationException.java} (79%)
create mode 100644 custos-core-services/credential-store-core-service/src/main/resources/vault-client-truststore.pkcs12
create mode 100644 custos-core-services/resource-secret-core-service/src/main/java/org/apache/custos/resource/secret/manager/adaptor/outbound/CredentialMap.java
copy custos-core-services/resource-secret-core-service/src/main/java/org/apache/custos/resource/secret/manager/adaptor/outbound/{PasswordCredential.java => KVCredential.java} (62%)
copy custos-core-services/resource-secret-core-service/src/main/java/org/apache/custos/resource/secret/persistance/vault/{PasswordSecret.java => KVSecret.java} (66%)
create mode 100644 custos-core-services/resource-secret-core-service/src/main/resources/vault-client-truststore.pkcs12
copy custos-core-services/{custos-logging/src/main/java/org/apache/custos/logging/persistance/repository/LogEventRepo.java => tenant-profile-core-service/src/main/java/org/apache/custos/tenant/profile/persistance/respository/SearchTenantRepository.java} (74%)
create mode 100644 custos-core-services/tenant-profile-core-service/src/main/java/org/apache/custos/tenant/profile/persistance/respository/SearchTenantRepositoryImpl.java
copy custos-core-services/user-profile-core-service/src/main/java/org/apache/custos/user/profile/persistance/repository/{GroupMembershipTypeRepository.java => SearchGroupsRepository.java} (78%)
create mode 100644 custos-core-services/user-profile-core-service/src/main/java/org/apache/custos/user/profile/persistance/repository/SearchGroupsRepositoryImpl.java
copy custos-integration-services/sharing-management-service-parent/sharing-management-service/src/main/java/org/apache/custos/sharing/management/exceptions/SharingException.java => custos-integration-core/src/main/java/org/apache/custos/integration/core/exceptions/InValidParameterException.java (78%)
rename custos-integration-core/src/main/java/org/apache/custos/integration/core/exceptions/{NotAuthorizedException.java => UnAuthorizedException.java} (85%)
create mode 100644 custos-integration-core/src/main/java/org/apache/custos/integration/core/utils/ShamirSecretHandler.java