com.nike.cerberus.operation.core.UploadCertFilesOperation.java Source code

Java tutorial

Introduction

Here is the source code for com.nike.cerberus.operation.core.UploadCertFilesOperation.java

Source

/*
 * Copyright (c) 2016 Nike, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.nike.cerberus.operation.core;

import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
import com.nike.cerberus.command.core.UploadCertFilesCommand;
import com.nike.cerberus.domain.EnvironmentMetadata;
import com.nike.cerberus.domain.environment.StackName;
import com.nike.cerberus.operation.Operation;
import com.nike.cerberus.service.IdentityManagementService;
import com.nike.cerberus.store.ConfigStore;
import com.nike.cerberus.util.UuidSupplier;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.inject.Inject;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.Set;

/**
 * Handles uploading of certificate files to IAM and the config store.
 */
public class UploadCertFilesOperation implements Operation<UploadCertFilesCommand> {

    private static final String CA_FILE_NAME = "ca.pem";
    private static final String CERT_FILE_NAME = "cert.pem";
    private static final String KEY_FILE_NAME = "key.pem";
    private static final String PUB_KEY_FILE_NAME = "pubkey.pem";
    public static final Set<String> EXPECTED_FILE_NAMES = ImmutableSet.of(CA_FILE_NAME, CERT_FILE_NAME,
            KEY_FILE_NAME, PUB_KEY_FILE_NAME);

    private final Logger logger = LoggerFactory.getLogger(getClass());

    private final EnvironmentMetadata environmentMetadata;

    private final UuidSupplier uuidSupplier;

    private final ConfigStore configStore;

    private final IdentityManagementService identityManagementService;

    @Inject
    public UploadCertFilesOperation(final EnvironmentMetadata environmentMetadata, final UuidSupplier uuidSupplier,
            final ConfigStore configStore, final IdentityManagementService identityManagementService) {
        this.environmentMetadata = environmentMetadata;
        this.uuidSupplier = uuidSupplier;
        this.configStore = configStore;
        this.identityManagementService = identityManagementService;
    }

    @Override
    public void run(final UploadCertFilesCommand command) {
        final StackName stackName = command.getStackName();
        final Path certPath = command.getCertPath();
        final String caContents = getFileContents(certPath, CA_FILE_NAME);
        final String certContents = getFileContents(certPath, CERT_FILE_NAME);
        final String keyContents = getFileContents(certPath, KEY_FILE_NAME);
        final String pubKeyContents = getFileContents(certPath, PUB_KEY_FILE_NAME);
        final String certificateName = stackName.getName() + "_" + uuidSupplier.get();

        logger.info("Uploading certificate to IAM for {}, with name of {}.", stackName.getName(), certificateName);
        String id = identityManagementService.uploadServerCertificate(certificateName, getPath(), certContents,
                caContents, keyContents);

        logger.info("Cert ID: {}", id);

        logger.info("Uploading certificate parts to the configuration bucket.");
        configStore.storeCert(stackName, certificateName, caContents, certContents, keyContents, pubKeyContents);

        logger.info("Uploading certificate completed.");
    }

    @Override
    public boolean isRunnable(final UploadCertFilesCommand command) {
        if (StringUtils.isBlank(environmentMetadata.getBucketName())) {
            logger.error("Environment isn't initialized, unable to upload certificate.");
            return false;
        }

        final String serverCertificateName = configStore.getServerCertificateName(command.getStackName());
        if (StringUtils.isNotBlank(serverCertificateName) && !command.isOverwrite()) {
            logger.error(
                    "Certificate already uploaded for this stack and environment.  Use --overwrite flag to force upload.");
            return false;
        }

        return true;
    }

    private String getFileContents(final Path path, final String filename) {
        Preconditions.checkNotNull(path);
        Preconditions.checkNotNull(filename);

        File file = new File(path.toString(), filename);
        if (file.exists() && file.canRead()) {
            try {
                return new String(Files.readAllBytes(file.toPath()), Charset.forName("UTF-8"));
            } catch (IOException e) {
                throw new IllegalStateException("Failed to read the following file: " + file.getAbsolutePath());
            }
        } else {
            throw new IllegalArgumentException("The file is not readable: " + file.getAbsolutePath());
        }
    }

    private String getPath() {
        return "/cloudfront/cerberus/" + environmentMetadata.getName() + "/";
    }
}