Skip to content

Commit

Permalink
feat: support encryption strict mode config (#63884, #96406)
Browse files Browse the repository at this point in the history
  • Loading branch information
skiesewetter-intershop committed May 13, 2024
1 parent 32d85dc commit 23f4469
Show file tree
Hide file tree
Showing 7 changed files with 42 additions and 2 deletions.
1 change: 1 addition & 0 deletions README.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -521,6 +521,7 @@ The following properties are part of the <<PropertiesFile>>.
| `intershop.jdbc.password` | JDBC database password | String | Mandatory | <none> +
| `intershop.environment.intershop.dbinit.breakOnError` | if `true` dbPrepare/startAS fails if any init-preparation step fails | Boolean | Optional | `false` +
| `intershop.environment.intershop.dbmigrate.breakOnError` | if `true` dbPrepare/startAS fails if any migrate-preparation step fails | Boolean | Optional | `false` +
| `intershop.encryption.strictMode.enabled` | If not specified or set to `false` the ICM configuration property `intershop.encryption.strictMode.enabled` is set to `false` allowing the icm-as to work without any encryption configuration. To enforce the icm-as to work with `intershop.encryption.strictMode.enabled=true` explicitly set `intershop.encryption.strictMode.enabled=true` in `icm.properties`. | Boolean | Optional | `false` +
|===

--
Expand Down
2 changes: 1 addition & 1 deletion build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -304,7 +304,7 @@ dependencies {

implementation("org.apache.solr:solr-solrj:9.4.0")
implementation("com.bmuschko.docker-remote-api:com.bmuschko.docker-remote-api.gradle.plugin:9.3.6")
implementation("com.intershop.gradle.icm:icm-gradle-plugin:6.0.0")
implementation("com.intershop.gradle.icm:icm-gradle-plugin:6.1.0")
implementation("com.intershop.gradle.jobrunner:icmjobrunner:2.0.1")
}

Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import com.intershop.gradle.icm.docker.tasks.utils.AdditionalICMParameters
import com.intershop.gradle.icm.docker.tasks.utils.ContainerEnvironment
import com.intershop.gradle.icm.docker.tasks.utils.ICMContainerEnvironmentBuilder
import com.intershop.gradle.icm.docker.tasks.utils.ClasspathLayout
import com.intershop.gradle.icm.docker.tasks.utils.ICMEncryptionStrictMode
import com.intershop.gradle.icm.docker.utils.Configuration
import com.intershop.gradle.icm.utils.JavaDebugSupport
import com.intershop.gradle.icm.utils.JavaDebugSupport.Companion.TASK_OPTION_VALUE_FALSE
Expand Down Expand Up @@ -242,6 +243,7 @@ abstract class AbstractICMASContainerTask<RC : ResultCallback<Frame>, RCT : Resu
.withAdditionalParameters(createAdditionalParameters())
.withDebugOptions(debugProperty.get())
.withClasspathLayout(classpathLayoutProperty.get())
.withICMEncryptionStrictMode(project.provider { ICMEncryptionStrictMode.fromDevelopmentConfiguration(devConfig) })
.build()
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ package com.intershop.gradle.icm.docker.tasks
import com.intershop.gradle.icm.docker.extension.IntershopDockerExtension
import com.intershop.gradle.icm.docker.tasks.utils.ClasspathLayout
import com.intershop.gradle.icm.docker.tasks.utils.ICMContainerEnvironmentBuilder
import com.intershop.gradle.icm.docker.tasks.utils.ICMEncryptionStrictMode
import com.intershop.gradle.icm.docker.utils.Configuration
import com.intershop.gradle.icm.docker.utils.HostAndPort
import com.intershop.gradle.icm.tasks.CopyLibraries
Expand Down Expand Up @@ -188,6 +189,9 @@ abstract class CreateASContainer @Inject constructor(objectFactory: ObjectFactor
.withPortConfig(devConfig.asPortConfiguration)
.withCartridgeList(devConfig.cartridgeList.get())
.withClasspathLayout(classpathLayoutProperty.get())
.withICMEncryptionStrictMode(project.provider {
ICMEncryptionStrictMode.fromDevelopmentConfiguration(devConfig)
})
.build()
}
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ import com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration.Enviro
import com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration.WebserverConfiguration
import com.intershop.gradle.icm.docker.utils.Configuration
import com.intershop.gradle.icm.docker.utils.HostAndPort
import com.intershop.gradle.icm.utils.ICMEncryptionStrictMode
import com.intershop.gradle.icm.utils.JavaDebugSupport
import org.gradle.api.provider.Provider
import java.util.Properties
Expand Down Expand Up @@ -78,6 +79,7 @@ class ICMContainerEnvironmentBuilder {
private var developmentProperties: DevelopmentProperties? = null
private var intershopEnvironmentProperties: EnvironmentProperties? = null
private var addEnvironmentProperties = Properties()
private var icmEncryptionStrictMode : Provider<ICMEncryptionStrictMode>? = null

fun withClasspathLayout(classpathLayout: Set<ClasspathLayout>) : ICMContainerEnvironmentBuilder {
this.classpathLayout = classpathLayout
Expand Down Expand Up @@ -174,6 +176,11 @@ class ICMContainerEnvironmentBuilder {
return this
}

fun withICMEncryptionStrictMode(icmEncryptionStrictMode: Provider<ICMEncryptionStrictMode>) : ICMContainerEnvironmentBuilder {
this.icmEncryptionStrictMode = icmEncryptionStrictMode
return this
}

fun build() : ContainerEnvironment {
val env = ContainerEnvironment()
additionalParameters?.run {
Expand Down Expand Up @@ -269,6 +276,14 @@ class ICMContainerEnvironmentBuilder {
env.add(key.toString(), value.toString())
}

icmEncryptionStrictMode?.run {
if (isPresent) {
icmEncryptionStrictMode!!.get().applyICMParameterIfNecessary { key, value ->
env.add(ContainerEnvironment.propertyNameToEnvName(key), value)
}
}
}

return env
}

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
package com.intershop.gradle.icm.docker.tasks.utils

import com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration
import com.intershop.gradle.icm.utils.ICMEncryptionStrictMode
import com.intershop.gradle.icm.utils.ICMEncryptionStrictMode as GradleICMEncryptionStrictMode

/**
* Extension of [com.intershop.gradle.icm.utils.ICMEncryptionStrictMode] for the docker plugin providing an
* additional factory methods using [com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration]
*/
class ICMEncryptionStrictMode(isStrictModeEnabled: (Unit) -> Boolean) :
GradleICMEncryptionStrictMode(isStrictModeEnabled) {

companion object {
fun fromDevelopmentConfiguration(developmentConfiguration: DevelopmentConfiguration) : ICMEncryptionStrictMode {
return ICMEncryptionStrictMode { developmentConfiguration.getConfigProperty(PROP_STRICT_MODE_ENABLED, false.toString()).toBoolean() }
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,6 @@ abstract class AbstractASTaskPreparer(
* Registers the task that creates application server the container
* @param findTask a [TaskProvider] pointing to the [FindContainer]-task
* @param volumes a [Provider] for the volumes to be bound. Local directories are created on demand.
* @param forCustomization if `true` the created container will take customizations into account
* @return a [TaskProvider] pointing to the registered task
* @see registerCreateContainerTask
*/
Expand Down

0 comments on commit 23f4469

Please sign in to comment.