aboutsummaryrefslogtreecommitdiffstats
path: root/participant/participant-impl/participant-impl-kubernetes/src/main/java
diff options
context:
space:
mode:
authorrameshiyer27 <ramesh.murugan.iyer@est.tech>2022-05-17 12:04:03 +0100
committerrameshiyer27 <ramesh.murugan.iyer@est.tech>2022-05-17 12:49:12 +0100
commitb77b61847ddd169da9a71b05742ed51bc826f5f6 (patch)
tree9f8ef7d8cae38dbaf11d0838a9ce70b4887eb004 /participant/participant-impl/participant-impl-kubernetes/src/main/java
parent9fa11a0b5ef61399598cc84950209bd8b38eed82 (diff)
Add user configurable parameter for permitted helm repo protocols
User can configure the permitted helm repository protocols http/https based on the requirement. Issue-ID: POLICY-4113 Signed-off-by: zrrmmua <ramesh.murugan.iyer@est.tech> Change-Id: Ib7c91413babd15d0bd22ceffe10cdc1c3a6a0fd0
Diffstat (limited to 'participant/participant-impl/participant-impl-kubernetes/src/main/java')
-rw-r--r--participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/configurations/HelmRepositoryConfig.java2
-rw-r--r--participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/service/ChartService.java13
2 files changed, 9 insertions, 6 deletions
diff --git a/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/configurations/HelmRepositoryConfig.java b/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/configurations/HelmRepositoryConfig.java
index 4d00e38ec..61a813e8a 100644
--- a/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/configurations/HelmRepositoryConfig.java
+++ b/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/configurations/HelmRepositoryConfig.java
@@ -38,4 +38,6 @@ public class HelmRepositoryConfig {
private final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
private List<HelmRepository> repos = new ArrayList<>();
+
+ private List<String> protocols = new ArrayList<>();
}
diff --git a/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/service/ChartService.java b/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/service/ChartService.java
index e9cd8a2c3..888600fde 100644
--- a/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/service/ChartService.java
+++ b/participant/participant-impl/participant-impl-kubernetes/src/main/java/org/onap/policy/clamp/acm/participant/kubernetes/service/ChartService.java
@@ -93,7 +93,7 @@ public class ChartService {
* @throws IOException in case of IO errors
*/
public boolean installChart(ChartInfo chart) throws ServiceException, IOException {
- boolean whiteListed = false;
+ boolean permittedRepo = false;
if (chart.getRepository() == null) {
String repoName = findChartRepo(chart);
if (repoName == null) {
@@ -106,17 +106,18 @@ public class ChartService {
}
} else {
// Add remote repository if passed via TOSCA
- // check whether the repo is whitelisted
+ // check whether the repo is permitted
for (HelmRepository repo : helmRepositoryConfig.getRepos()) {
if (repo.getAddress().equals(chart.getRepository().getAddress())
- && chart.getRepository().getAddress().contains("https")) {
+ && helmRepositoryConfig.getProtocols()
+ .contains(chart.getRepository().getAddress().split(":")[0])) {
configureRepository(chart.getRepository());
- whiteListed = true;
+ permittedRepo = true;
break;
}
}
- if (!whiteListed) {
- logger.error("Repository is not Whitelisted / plain http in not allowed");
+ if (!permittedRepo) {
+ logger.error("Helm Repository/Protocol is not permitted for {}", chart.getRepository().getAddress());
return false;
}
}