Merge pull request #2801 from subutai-io/dev

#2797 Dev -> Master

Jenkinsfile

@@ -207,7 +207,7 @@ def notifyBuild(String buildStatus = 'STARTED', String details = '') {
     }
     // Get token
     def slackToken = getSlackToken('ss-bots')
-    def mattermost_rest = "https://mm.subutai.io/hooks/dhdtqg4eci8hxd1358icgujq9w"
+    def mattermost_rest = "https://mm.optdyn.com/hooks/dhdtqg4eci8hxd1358icgujq9w"
     // Send notifications
     //slackSend(color: colorCode, message: summary, teamDomain: 'optdyn', token: "${slackToken}")
     mattermostSend(color: colorCode, icon: "https://jenkins.io/images/logos/jenkins/jenkins.png", message: summary, channel: "#ss-bots", endpoint: "${mattermost_rest}" )

management/server/core/local-peer/local-peer-cli/src/main/java/io/subutai/core/localpeer/cli/AddSshKeyToUserCommand.java

@@ -0,0 +1,40 @@
+package io.subutai.core.localpeer.cli;
+
+
+import org.apache.karaf.shell.commands.Argument;
+import org.apache.karaf.shell.commands.Command;
+
+import io.subutai.common.peer.LocalPeer;
+import io.subutai.core.identity.rbac.cli.SubutaiShellCommandSupport;
+
+
+@Command( scope = "localpeer", name = "add-ssh-key" )
+public class AddSshKeyToUserCommand extends SubutaiShellCommandSupport
+{
+    private final LocalPeer localPeer;
+
+    @Argument( index = 0, name = "container id", required = true, description = "target container id" )
+    String containerId;
+
+    @Argument( index = 1, name = "user", required = true, description = "username of target user" )
+    String username;
+
+    @Argument( index = 2, name = "ssh public key", required = true, description = "public ssh key to add" )
+    String pubSshKey;
+
+
+    public AddSshKeyToUserCommand( final LocalPeer localPeer )
+    {
+        this.localPeer = localPeer;
+    }
+
+
+    @Override
+    protected Object doExecute() throws Exception
+    {
+
+        localPeer.addAuthorizedSshKeyToUser( containerId, username, pubSshKey );
+
+        return null;
+    }
+}

management/server/core/local-peer/local-peer-cli/src/main/java/io/subutai/core/localpeer/cli/RemoveSshKeyToUserCommand.java

@@ -0,0 +1,40 @@
+package io.subutai.core.localpeer.cli;
+
+
+import org.apache.karaf.shell.commands.Argument;
+import org.apache.karaf.shell.commands.Command;
+
+import io.subutai.common.peer.LocalPeer;
+import io.subutai.core.identity.rbac.cli.SubutaiShellCommandSupport;
+
+
+@Command( scope = "localpeer", name = "remove-ssh-key" )
+public class RemoveSshKeyToUserCommand extends SubutaiShellCommandSupport
+{
+    private final LocalPeer localPeer;
+
+    @Argument( index = 0, name = "container id", required = true, description = "target container id" )
+    String containerId;
+
+    @Argument( index = 1, name = "user", required = true, description = "username of target user" )
+    String username;
+
+    @Argument( index = 2, name = "ssh public key", required = true, description = "public ssh key to add" )
+    String pubSshKey;
+
+
+    public RemoveSshKeyToUserCommand( final LocalPeer localPeer )
+    {
+        this.localPeer = localPeer;
+    }
+
+
+    @Override
+    protected Object doExecute() throws Exception
+    {
+
+        localPeer.removeAuthorizedSshKeyFromUser( containerId, username, pubSshKey );
+
+        return null;
+    }
+}

management/server/core/local-peer/local-peer-cli/src/main/resources/OSGI-INF/blueprint/context.xml

@@ -76,6 +76,20 @@
       </action>
     </command>
   </command-bundle>
+  <command-bundle xmlns="http://karaf.apache.org/xmlns/shell/v1.0.0">
+    <command name="localpeer/add-ssh-key">
+      <action class="io.subutai.core.localpeer.cli.AddSshKeyToUserCommand">
+        <argument ref="localPeer" />
+      </action>
+    </command>
+  </command-bundle>
+  <command-bundle xmlns="http://karaf.apache.org/xmlns/shell/v1.0.0">
+    <command name="localpeer/remove-ssh-key">
+      <action class="io.subutai.core.localpeer.cli.RemoveSshKeyToUserCommand">
+        <argument ref="localPeer" />
+      </action>
+    </command>
+  </command-bundle>
 
   <reference id="localPeer" availability="mandatory" interface="io.subutai.common.peer.LocalPeer" />
   <reference id="peerManager" availability="mandatory" interface="io.subutai.core.peer.api.PeerManager" />

management/server/core/local-peer/local-peer-impl/src/main/java/io/subutai/core/localpeer/impl/LocalPeerCommands.java

@@ -113,6 +113,35 @@ protected RequestBuilder getAppendSshKeysCommand( String keys )
     }
 
 
+    protected RequestBuilder getCreateUserIfNotExistsCommand( String username )
+    {
+        return new RequestBuilder( String.format( "id -u %1$s &> /dev/null || useradd -m %1$s", username ) );
+    }
+
+
+    public RequestBuilder getRemoveUserIfExistsCommand( final String username )
+    {
+        return new RequestBuilder( String.format( "id -u %1$s &> /dev/null && userdel -r %1$s", username ) );
+    }
+
+
+    protected RequestBuilder getAppendSshKeyToUserCommand( String username, String key )
+    {
+        return new RequestBuilder( String.format( "mkdir -p /home/%1$s/.ssh && " + "chmod 700 /home/%1$s/.ssh && "
+                + "echo '%2$s' >> /home/%1$s/.ssh/authorized_keys && sort -u '/home/%1$s/.ssh/authorized_keys' -o "
+                + "'/home/%1$s/.ssh/authorized_keys' && chmod 644 /home/%1$s/.ssh/authorized_keys", username, key ) );
+    }
+
+
+    protected RequestBuilder getRemoveSshKeyFromUserCommand( String username, String key )
+    {
+        return new RequestBuilder( String.format(
+                "test -e /home/%1$s/.ssh/authorized_keys && chmod 700 /home/%1$s/.ssh/authorized_keys && "
+                        + "sed -i \"\\,%2$s,d\" /home/%1$s/.ssh/authorized_keys && "
+                        + "chmod 644 /home/%1$s/.ssh/authorized_keys", username, key ) );
+    }
+
+
     protected RequestBuilder getConfigSSHCommand()
     {
         return new RequestBuilder( String.format(

management/server/core/local-peer/local-peer-impl/src/main/java/io/subutai/core/localpeer/impl/LocalPeerImpl.java

@@ -797,6 +797,87 @@ public void removeFromAuthorizedKeys( final EnvironmentId environmentId, final S
     }
 
 
+    @Override
+    public void addAuthorizedSshKeyToUser( final String containerId, final String username, final String sshPublicKey )
+            throws PeerException
+    {
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( containerId ), "Invalid container id" );
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( username ), "Invalid username" );
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( sshPublicKey ), "Invalid ssh key" );
+
+        ContainerHost container = getContainerHostById( containerId );
+
+        try
+        {
+            execute( localPeerCommands.getCreateUserIfNotExistsCommand( username ), container );
+            execute( localPeerCommands.getAppendSshKeyToUserCommand( username, sshPublicKey ), container );
+        }
+        catch ( CommandException e )
+        {
+            throw new PeerException( "Error adding authorized ssh key to user", e );
+        }
+    }
+
+
+    @Override
+    public void removeAuthorizedSshKeyFromUser( final String containerId, final String username,
+                                                final String sshPublicKey ) throws PeerException
+    {
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( containerId ), "Invalid container id" );
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( username ), "Invalid username" );
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( sshPublicKey ), "Invalid ssh key" );
+
+        ContainerHost container = getContainerHostById( containerId );
+
+        try
+        {
+            execute( localPeerCommands.getRemoveSshKeyFromUserCommand( username, sshPublicKey ), container );
+        }
+        catch ( CommandException e )
+        {
+            throw new PeerException( "Error removing authorized ssh key from user", e );
+        }
+    }
+
+
+    @Override
+    public void createUserIfNotExists( final String containerId, final String username ) throws PeerException
+    {
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( containerId ), "Invalid container id" );
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( username ), "Invalid username" );
+
+        ContainerHost container = getContainerHostById( containerId );
+
+        try
+        {
+            execute( localPeerCommands.getCreateUserIfNotExistsCommand( username ), container );
+        }
+        catch ( CommandException e )
+        {
+            throw new PeerException( "Error creating user in container", e );
+        }
+    }
+
+
+    @Override
+    public void removeUserIfExists( final String containerId, final String username ) throws PeerException
+    {
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( containerId ), "Invalid container id" );
+        Preconditions.checkArgument( !Strings.isNullOrEmpty( username ), "Invalid username" );
+
+        ContainerHost container = getContainerHostById( containerId );
+
+        try
+        {
+            execute( localPeerCommands.getRemoveUserIfExistsCommand( username ), container );
+        }
+        catch ( CommandException e )
+        {
+            throw new PeerException( "Error removing user from container", e );
+        }
+    }
+
+
     @RolesAllowed( "Environment-Management|Write" )
     @Override
     public PrepareTemplatesResponse prepareTemplates( final PrepareTemplatesRequest request ) throws PeerException

management/server/subutai-common/src/main/java/io/subutai/common/peer/LocalPeer.java

@@ -135,6 +135,14 @@ public interface LocalPeer extends Peer
 
     List<ContainerHost> getPeerContainers( String peerId );
 
+    void createUserIfNotExists( String containerId, String username ) throws PeerException;
+
+    void removeUserIfExists( String containerId, String username ) throws PeerException;
+
+    void addAuthorizedSshKeyToUser( String containerId, String username, String sshPublicKey ) throws PeerException;
+
+    void removeAuthorizedSshKeyFromUser( String containerId, String username, String sshPublicKey )
+            throws PeerException;
 
     Set<HostUtil.Task> getTasks();