From 77c585551d8abd480b5eee589b3f020dcba936d1 Mon Sep 17 00:00:00 2001 From: skiesewetter-intershop <82586807+skiesewetter-intershop@users.noreply.github.com> Date: Mon, 13 May 2024 14:40:54 +0200 Subject: [PATCH] feat: support encryption strict mode config (#63884, #96406) --- README.asciidoc | 1 + build.gradle.kts | 2 +- .../tasks/AbstractICMASContainerTask.kt | 2 ++ .../icm/docker/tasks/CreateASContainer.kt | 4 ++++ .../utils/ICMContainerEnvironmentBuilder.kt | 15 +++++++++++++++ .../tasks/utils/ICMEncryptionStrictMode.kt | 19 +++++++++++++++++++ .../utils/appsrv/AbstractASTaskPreparer.kt | 1 - 7 files changed, 42 insertions(+), 2 deletions(-) create mode 100644 src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMEncryptionStrictMode.kt diff --git a/README.asciidoc b/README.asciidoc index ea3a8b5..f644350 100644 --- a/README.asciidoc +++ b/README.asciidoc @@ -521,6 +521,7 @@ The following properties are part of the <>. | `intershop.jdbc.password` | JDBC database password | String | Mandatory | + | `intershop.environment.intershop.dbinit.breakOnError` | if `true` dbPrepare/startAS fails if any init-preparation step fails | Boolean | Optional | `false` + | `intershop.environment.intershop.dbmigrate.breakOnError` | if `true` dbPrepare/startAS fails if any migrate-preparation step fails | Boolean | Optional | `false` + +| `intershop.encryption.strictMode.enabled` | If not specified or set to `false` the ICM configuration property `intershop.encryption.strictMode.enabled` is set to `false` allowing the icm-as to work without any encryption configuration. To enforce the icm-as to work with `intershop.encryption.strictMode.enabled=true` explicitly set `intershop.encryption.strictMode.enabled=true` in `icm.properties`. | Boolean | Optional | `false` + |=== -- diff --git a/build.gradle.kts b/build.gradle.kts index f514883..5e89268 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -304,7 +304,7 @@ dependencies { implementation("org.apache.solr:solr-solrj:9.4.0") implementation("com.bmuschko.docker-remote-api:com.bmuschko.docker-remote-api.gradle.plugin:9.3.6") - implementation("com.intershop.gradle.icm:icm-gradle-plugin:6.0.0") + implementation("com.intershop.gradle.icm:icm-gradle-plugin:6.1.0") implementation("com.intershop.gradle.jobrunner:icmjobrunner:2.0.1") } diff --git a/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/AbstractICMASContainerTask.kt b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/AbstractICMASContainerTask.kt index a0cf288..33a7a40 100644 --- a/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/AbstractICMASContainerTask.kt +++ b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/AbstractICMASContainerTask.kt @@ -28,6 +28,7 @@ import com.intershop.gradle.icm.docker.tasks.utils.AdditionalICMParameters import com.intershop.gradle.icm.docker.tasks.utils.ContainerEnvironment import com.intershop.gradle.icm.docker.tasks.utils.ICMContainerEnvironmentBuilder import com.intershop.gradle.icm.docker.tasks.utils.ClasspathLayout +import com.intershop.gradle.icm.docker.tasks.utils.ICMEncryptionStrictMode import com.intershop.gradle.icm.docker.utils.Configuration import com.intershop.gradle.icm.utils.JavaDebugSupport import com.intershop.gradle.icm.utils.JavaDebugSupport.Companion.TASK_OPTION_VALUE_FALSE @@ -242,6 +243,7 @@ abstract class AbstractICMASContainerTask, RCT : Resu .withAdditionalParameters(createAdditionalParameters()) .withDebugOptions(debugProperty.get()) .withClasspathLayout(classpathLayoutProperty.get()) + .withICMEncryptionStrictMode(project.provider { ICMEncryptionStrictMode.fromDevelopmentConfiguration(devConfig) }) .build() } diff --git a/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/CreateASContainer.kt b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/CreateASContainer.kt index d3cef76..6cad899 100644 --- a/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/CreateASContainer.kt +++ b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/CreateASContainer.kt @@ -19,6 +19,7 @@ package com.intershop.gradle.icm.docker.tasks import com.intershop.gradle.icm.docker.extension.IntershopDockerExtension import com.intershop.gradle.icm.docker.tasks.utils.ClasspathLayout import com.intershop.gradle.icm.docker.tasks.utils.ICMContainerEnvironmentBuilder +import com.intershop.gradle.icm.docker.tasks.utils.ICMEncryptionStrictMode import com.intershop.gradle.icm.docker.utils.Configuration import com.intershop.gradle.icm.docker.utils.HostAndPort import com.intershop.gradle.icm.tasks.CopyLibraries @@ -188,6 +189,9 @@ abstract class CreateASContainer @Inject constructor(objectFactory: ObjectFactor .withPortConfig(devConfig.asPortConfiguration) .withCartridgeList(devConfig.cartridgeList.get()) .withClasspathLayout(classpathLayoutProperty.get()) + .withICMEncryptionStrictMode(project.provider { + ICMEncryptionStrictMode.fromDevelopmentConfiguration(devConfig) + }) .build() } ) diff --git a/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMContainerEnvironmentBuilder.kt b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMContainerEnvironmentBuilder.kt index 1e86f55..aa43650 100644 --- a/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMContainerEnvironmentBuilder.kt +++ b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMContainerEnvironmentBuilder.kt @@ -24,6 +24,7 @@ import com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration.Enviro import com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration.WebserverConfiguration import com.intershop.gradle.icm.docker.utils.Configuration import com.intershop.gradle.icm.docker.utils.HostAndPort +import com.intershop.gradle.icm.utils.ICMEncryptionStrictMode import com.intershop.gradle.icm.utils.JavaDebugSupport import org.gradle.api.provider.Provider import java.util.Properties @@ -78,6 +79,7 @@ class ICMContainerEnvironmentBuilder { private var developmentProperties: DevelopmentProperties? = null private var intershopEnvironmentProperties: EnvironmentProperties? = null private var addEnvironmentProperties = Properties() + private var icmEncryptionStrictMode : Provider? = null fun withClasspathLayout(classpathLayout: Set) : ICMContainerEnvironmentBuilder { this.classpathLayout = classpathLayout @@ -174,6 +176,11 @@ class ICMContainerEnvironmentBuilder { return this } + fun withICMEncryptionStrictMode(icmEncryptionStrictMode: Provider) : ICMContainerEnvironmentBuilder { + this.icmEncryptionStrictMode = icmEncryptionStrictMode + return this + } + fun build() : ContainerEnvironment { val env = ContainerEnvironment() additionalParameters?.run { @@ -269,6 +276,14 @@ class ICMContainerEnvironmentBuilder { env.add(key.toString(), value.toString()) } + icmEncryptionStrictMode?.run { + if (isPresent) { + icmEncryptionStrictMode!!.get().applyICMParameterIfNecessary { key, value -> + env.add(ContainerEnvironment.propertyNameToEnvName(key), value) + } + } + } + return env } diff --git a/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMEncryptionStrictMode.kt b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMEncryptionStrictMode.kt new file mode 100644 index 0000000..a8bd09f --- /dev/null +++ b/src/main/kotlin/com/intershop/gradle/icm/docker/tasks/utils/ICMEncryptionStrictMode.kt @@ -0,0 +1,19 @@ +package com.intershop.gradle.icm.docker.tasks.utils + +import com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration +import com.intershop.gradle.icm.utils.ICMEncryptionStrictMode +import com.intershop.gradle.icm.utils.ICMEncryptionStrictMode as GradleICMEncryptionStrictMode + +/** + * Extension of [com.intershop.gradle.icm.utils.ICMEncryptionStrictMode] for the docker plugin providing an + * additional factory methods using [com.intershop.gradle.icm.docker.extension.DevelopmentConfiguration] + */ +class ICMEncryptionStrictMode(isStrictModeEnabled: (Unit) -> Boolean) : + GradleICMEncryptionStrictMode(isStrictModeEnabled) { + + companion object { + fun fromDevelopmentConfiguration(developmentConfiguration: DevelopmentConfiguration) : ICMEncryptionStrictMode { + return ICMEncryptionStrictMode { developmentConfiguration.getConfigProperty(PROP_STRICT_MODE_ENABLED, false.toString()).toBoolean() } + } + } +} \ No newline at end of file diff --git a/src/main/kotlin/com/intershop/gradle/icm/docker/utils/appsrv/AbstractASTaskPreparer.kt b/src/main/kotlin/com/intershop/gradle/icm/docker/utils/appsrv/AbstractASTaskPreparer.kt index 217ba57..4a36264 100644 --- a/src/main/kotlin/com/intershop/gradle/icm/docker/utils/appsrv/AbstractASTaskPreparer.kt +++ b/src/main/kotlin/com/intershop/gradle/icm/docker/utils/appsrv/AbstractASTaskPreparer.kt @@ -79,7 +79,6 @@ abstract class AbstractASTaskPreparer( * Registers the task that creates application server the container * @param findTask a [TaskProvider] pointing to the [FindContainer]-task * @param volumes a [Provider] for the volumes to be bound. Local directories are created on demand. - * @param forCustomization if `true` the created container will take customizations into account * @return a [TaskProvider] pointing to the registered task * @see registerCreateContainerTask */