JCLOUDS-1362: Proper password generation with custom constraints for each cloud

This commit is contained in:
Ignasi Barrera 2018-01-04 01:44:14 +01:00
parent a2dee2f84c
commit eebcc0017f
3 changed files with 24 additions and 4 deletions

View File

@ -53,6 +53,7 @@ import org.jclouds.compute.functions.NodeAndTemplateOptionsToStatementWithoutPub
import org.jclouds.compute.options.TemplateOptions;
import org.jclouds.compute.strategy.CreateNodesInGroupThenAddToSet;
import org.jclouds.net.domain.IpPermission;
import org.jclouds.util.PasswordGenerator;
import com.google.common.base.Function;
import com.google.common.cache.CacheBuilder;
@ -103,6 +104,21 @@ public class AzureComputeServiceContextModule extends
}).to(AzureComputeSecurityGroupExtension.class);
}
@Provides
@Singleton
protected PasswordGenerator.Config providePasswordGenerator() {
// Guest passwords must be between 6-72 characters long.
// Must contain an upper case character.
// Must contain a lower case character.
// Must contain a numeric digit.
// Must contain a special character. Control characters are not allowed.
return new PasswordGenerator()
.lower().min(2).max(10)
.upper().min(2).max(10)
.numbers().min(2).max(10)
.symbols().min(2).max(10);
}
@Provides
@Singleton
protected final LoadingCache<ResourceGroupAndNameAndIngressRules, String> securityGroupMap(

View File

@ -52,7 +52,7 @@ import org.jclouds.compute.strategy.ListNodesStrategy;
import org.jclouds.compute.strategy.impl.CreateNodesWithGroupEncodedIntoNameThenAddToSet;
import org.jclouds.domain.Location;
import org.jclouds.logging.Logger;
import org.jclouds.util.Passwords;
import org.jclouds.util.PasswordGenerator;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Optional;
@ -84,6 +84,7 @@ public class CreateResourcesThenCreateNodes extends CreateNodesWithGroupEncodedI
private final String defaultVnetAddressPrefix;
private final String defaultSubnetAddressPrefix;
private final TemplateToAvailabilitySet templateToAvailabilitySet;
private final PasswordGenerator.Config passwordGenerator;
@Inject
protected CreateResourcesThenCreateNodes(
@ -95,7 +96,8 @@ public class CreateResourcesThenCreateNodes extends CreateNodesWithGroupEncodedI
AzureComputeApi api, @Named(DEFAULT_VNET_ADDRESS_SPACE_PREFIX) String defaultVnetAddressPrefix,
@Named(DEFAULT_SUBNET_ADDRESS_PREFIX) String defaultSubnetAddressPrefix,
LoadingCache<ResourceGroupAndNameAndIngressRules, String> securityGroupMap,
TemplateToAvailabilitySet templateToAvailabilitySet) {
TemplateToAvailabilitySet templateToAvailabilitySet,
PasswordGenerator.Config passwordGenerator) {
super(addNodeWithGroupStrategy, listNodesStrategy, namingConvention, userExecutor,
customizeNodeAndAddToGoodMapOrPutExceptionIntoBadMapFactory);
this.api = api;
@ -103,6 +105,7 @@ public class CreateResourcesThenCreateNodes extends CreateNodesWithGroupEncodedI
this.defaultVnetAddressPrefix = defaultVnetAddressPrefix;
this.defaultSubnetAddressPrefix = defaultSubnetAddressPrefix;
this.templateToAvailabilitySet = templateToAvailabilitySet;
this.passwordGenerator = passwordGenerator;
}
@Override
@ -141,7 +144,7 @@ public class CreateResourcesThenCreateNodes extends CreateNodesWithGroupEncodedI
TemplateOptions options = template.getOptions();
if (options.getLoginPassword() == null) {
Optional<String> passwordOptional = template.getImage().getDefaultCredentials().getOptionalPassword();
options.overrideLoginPassword(passwordOptional.or(Passwords.generate()));
options.overrideLoginPassword(passwordOptional.or(passwordGenerator.generate()));
}
}

View File

@ -24,6 +24,7 @@ import org.jclouds.azurecompute.arm.domain.PublicIPAddressProperties;
import org.jclouds.azurecompute.arm.domain.Subnet;
import org.jclouds.azurecompute.arm.features.PublicIPAddressApi;
import org.jclouds.azurecompute.arm.features.SubnetApi;
import org.jclouds.util.PasswordGenerator;
import org.testng.annotations.Test;
import com.google.common.collect.ImmutableList;
@ -101,7 +102,7 @@ public class CreateResourcesThenCreateNodesTest {
}
private static CreateResourcesThenCreateNodes strategy(AzureComputeApi api) {
return new CreateResourcesThenCreateNodes(null, null, null, null, null, api, null, null, null, null);
return new CreateResourcesThenCreateNodes(null, null, null, null, null, api, null, null, null, null, new PasswordGenerator().lower());
}
private static String netResource(String resource) {