in server/src/main/kotlin/org/jetbrains/teamcity/vault/server/VaultProjectConnectionProvider.kt [55:139]
override fun process(properties: MutableMap<String, String>): Collection<InvalidProperty> {
val errors = ArrayList<InvalidProperty>()
if (properties[VaultConstants.FeatureSettings.URL].isNullOrBlank()) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.URL, "Should not be empty"))
}
// TW-90895 Ensure the empty value is kept - even if it isn't a default value anymore
if (properties[VaultConstants.FeatureSettings.ID] == VaultConstants.FeatureSettings.EMPTY_NAMESPACE){
properties[VaultConstants.FeatureSettings.ID] = ""
}
val namespace = properties[VaultConstants.FeatureSettings.ID]
if(!namespace.isNullOrBlank()) {
val namespaceRegex = "[a-zA-Z0-9_-]+"
if (namespace != "" && !namespace.matches(namespaceRegex.toRegex())) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.ID, "Non-default ID should match regex '$namespaceRegex'"))
}
// Project ID was not being added before so it might not be present
val projectExternalId = properties[VaultConstants.PROJECT_ID]
val connectionId = properties[VaultConstants.CONNECTION_ID]
val project = projectManager.findProjectByExternalId(projectExternalId)
if (project != null) {
verifyCollisions(project, errors, namespace, connectionId)
}
}
val id = properties[VaultConstants.FeatureSettings.USER_DEFINED_ID_PARAM]
if (!id.isNullOrBlank()) {
try {
IdentifiersUtil.validateExternalId(id, "Vault ID")
}catch (e: InvalidIdentifierException){
errors.add(InvalidProperty(VaultConstants.FeatureSettings.USER_DEFINED_ID_PARAM, e.localizedMessage))
}
}
// IDs are only there for verification and shouldn't be committed to storage
properties.remove(VaultConstants.PROJECT_ID)
properties.remove(VaultConstants.CONNECTION_ID)
when (properties[VaultConstants.FeatureSettings.AUTH_METHOD]) {
VaultConstants.FeatureSettings.AUTH_METHOD_APPROLE -> {
properties.remove(VaultConstants.FeatureSettings.USERNAME)
properties.remove(VaultConstants.FeatureSettings.PASSWORD)
removeGcpProperties(properties)
if (properties[VaultConstants.FeatureSettings.ENDPOINT].isNullOrBlank()) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.ENDPOINT, "Should not be empty"))
}
if (properties[VaultConstants.FeatureSettings.ROLE_ID].isNullOrBlank()) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.ROLE_ID, "Should not be empty"))
}
if (properties[VaultConstants.FeatureSettings.SECRET_ID].isNullOrBlank()) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.SECRET_ID, "Should not be empty"))
}
}
VaultConstants.FeatureSettings.AUTH_METHOD_LDAP -> {
properties.remove(VaultConstants.FeatureSettings.ENDPOINT)
properties.remove(VaultConstants.FeatureSettings.ROLE_ID)
properties.remove(VaultConstants.FeatureSettings.SECRET_ID)
removeGcpProperties(properties)
if (properties[VaultConstants.FeatureSettings.USERNAME].isNullOrBlank()) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.USERNAME, "Should not be empty"))
}
if (properties[VaultConstants.FeatureSettings.PASSWORD].isNullOrBlank()) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.PASSWORD, "Should not be empty"))
}
}
VaultConstants.FeatureSettings.AUTH_METHOD_GCP_IAM -> {
removeNonGcpProperties(properties)
if (properties[VaultConstants.FeatureSettings.GCP_ROLE].isNullOrBlank()) {
errors.add(InvalidProperty(VaultConstants.FeatureSettings.GCP_ROLE, "Should not be empty"))
}
}
}
// Convert slashes if needed of add new fields
VaultFeatureSettings(properties).toFeatureProperties(properties)
return errors
}