.build()
);
} catch (final Exception e) {
+ LOGGER.error("Failed to retrieve uploaded artifact with bucket '{}' and name '{}' while persisting", minioObjectTemp.getBucket(),
+ minioObjectTemp.getObjectName(), e);
throw new ArtifactStorageException(
String.format("Failed to retrieve uploaded artifact with bucket '%s' and name '%s' while persisting",
minioObjectTemp.getBucket(), minioObjectTemp.getObjectName()), e);
moveFile(minioObjectTemp, vspId, versionId);
} catch (final Exception e) {
rollback(minioObjectTemp, vspId, versionId);
+ LOGGER.error("Could not persist artifact for bucket '{}', object '{}'", vspId, versionId, e);
final var errorMsg = String.format("Could not persist artifact for VSP '%s', version '%s'", vspId, versionId);
throw new ArtifactStorageException(errorMsg, e);
}
put(vspId, name, fileToUpload);
} catch (final Exception e) {
+ LOGGER.error("Failed to upload artifact - bucket: '{}', object: '{}'", vspId, name, e);
throw new ArtifactStorageException("Failed to upload artifact", e);
}
.build()
);
} catch (final Exception e) {
+ LOGGER.error("Failed to put - bucket: '{}', object: '{}'", vspId, name, e);
throw new ArtifactStorageException("Failed to upload artifact", e);
}
}
try {
return get(minioObject.getBucket(), minioObject.getObjectName());
} catch (final Exception e) {
+ LOGGER.error("Failed to get - bucket: '{}', object: '{}'", minioObject.getBucket(), minioObject.getObjectName(), e);
throw new ArtifactStorageException("Failed to get Object", e);
}
}
.object(objectID)
.build());
} catch (final Exception e) {
+ LOGGER.error("Failed to get - bucket: '{}', object: '{}'", bucketID, objectID, e);
throw new ArtifactStorageException("Failed to get Object", e);
}
}
.bypassGovernanceMode(true)
.build());
} catch (final Exception e) {
+ LOGGER.error("Failed to delete - bucket: '{}', object: '{}'", minioObject.getBucket(), minioObject.getObjectName(), e);
throw new ArtifactStorageException(String.format("Failed to delete '%s'", minioObject.getObjectName()), e);
}
try {
copy(vspId, tempName, versionId);
} catch (final Exception e) {
+ LOGGER.error("Failed to copy - bucket: '{}', object: '{}'", vspId, versionId, e);
return Optional.empty();
}
try {
copy(vspId, versionId, minioObject.getObjectName());
} catch (final Exception e) {
+ LOGGER.error("Failed to copy - bucket: '{}', object: '{}'", vspId, versionId, e);
throw new ArtifactStorageException("Failed to move", e);
}
delete(minioObject);
final Map<String, Object> endpoint = commonConfigurationManager.getConfigValue(EXTERNAL_CSAR_STORE, "endpoint", null);
final Map<String, Object> credentials = commonConfigurationManager.getConfigValue(EXTERNAL_CSAR_STORE, "credentials", null);
final String tempPath = commonConfigurationManager.getConfigValue(EXTERNAL_CSAR_STORE, "tempPath", null);
- LOGGER.info("ArtifactConfig.endpoint: '{}'", endpoint);
- LOGGER.info("ArtifactConfig.credentials: '{}'", credentials);
- LOGGER.info("ArtifactConfig.tempPath: '{}'", tempPath);
if (endpoint == null) {
- throw new RuntimeException(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("endpoint"));
+ LOGGER.error(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("endpoint"));
+ throw new ArtifactStorageException(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("endpoint"));
}
if (credentials == null) {
- throw new RuntimeException(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("credentials"));
+ LOGGER.error(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("credentials"));
+ throw new ArtifactStorageException(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("credentials"));
}
if (tempPath == null) {
- throw new RuntimeException(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("tempPath"));
+ LOGGER.error(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("tempPath"));
+ throw new ArtifactStorageException(EXTERNAL_CSAR_STORE_CONFIGURATION_FAILURE_MISSING.formatMessage("tempPath"));
}
+ LOGGER.info("ArtifactConfig.endpoint: '{}'", endpoint);
+ LOGGER.info("ArtifactConfig.credentials: '{}'", credentials);
+ LOGGER.info("ArtifactConfig.tempPath: '{}'", tempPath);
+
final String host = (String) endpoint.getOrDefault("host", null);
final int port = (int) endpoint.getOrDefault("port", 0);
final boolean secure = (boolean) endpoint.getOrDefault("secure", false);
zf.entries().asIterator().forEachRemaining(zipProcessingFunction.getProcessZipConsumer(csarPackagePath, zf, zos));
} catch (final IOException ex1) {
rollback(reducedCsarPath);
+ LOGGER.error("Could not read ZIP stream '{}'", csarPackagePath.toString(), ex1);
final var errorMsg = String.format(UNEXPECTED_PROBLEM_HAPPENED_WHILE_READING_THE_CSAR, csarPackagePath);
throw new CsarSizeReducerException(errorMsg, ex1);
}
reducedCsarBytes = Files.readAllBytes(csarPackagePath);
}
} catch (final IOException e) {
+ LOGGER.error("Could not read bytes of file '{}'", csarPackagePath, e);
final var errorMsg = String.format("Could not read bytes of file '%s'", csarPackagePath);
throw new CsarSizeReducerException(errorMsg, e);
}
try {
Files.delete(reducedCsarPath);
} catch (final IOException e) {
+ LOGGER.error("Could not delete temporary file '{}'", reducedCsarPath, e);
final var errorMsg = String.format("Could not delete temporary file '%s'", reducedCsarPath);
throw new CsarSizeReducerException(errorMsg, e);
}
final var entryName = zipEntry.getName();
try {
if (totalEntryArchive.getAndIncrement() > thresholdEntries) {
- // too much entries in this archive, can lead to inodes exhaustion of the system
+ LOGGER.warn("too many entries in this archive, can lead to inodes exhaustion of the system");
+ // too many entries in this archive, can lead to inodes exhaustion of the system
final var errorMsg = String.format("Failed to extract '%s' from zip '%s'", entryName, csarPackagePath);
throw new CsarSizeReducerException(errorMsg);
}
}
zos.closeEntry();
} catch (final IOException ei) {
+ LOGGER.error("Failed to extract '{}' from zip '{}'", entryName, csarPackagePath, ei);
final var errorMsg = String.format("Failed to extract '%s' from zip '%s'", entryName, csarPackagePath);
throw new CsarSizeReducerException(errorMsg, ei);
}
return zipEntry -> {
final var entryName = zipEntry.getName();
if (totalEntryArchive.getAndIncrement() > thresholdEntries) {
- // too much entries in this archive, can lead to inodes exhaustion of the system
+ LOGGER.warn("too many entries in this archive, can lead to inodes exhaustion of the system");
+ // too many entries in this archive, can lead to inodes exhaustion of the system
final var errorMsg = String.format("Failed to extract '%s' from zip '%s'", entryName, csarPackagePath);
throw new CsarSizeReducerException(errorMsg);
}
}
zos.closeEntry();
} catch (final IOException ei) {
+ LOGGER.error("Failed to extract '{}' from zip '{}'", entryName, csarPackagePath, ei);
final var errorMsg = String.format("Failed to extract '%s' from zip '%s'", entryName, csarPackagePath);
throw new CsarSizeReducerException(errorMsg, ei);
}
if (Files.exists(reducedCsarPath)) {
try {
Files.delete(reducedCsarPath);
- } catch (final Exception ex2) {
- LOGGER.warn("Could not delete temporary file '{}'", reducedCsarPath, ex2);
+ } catch (final Exception e) {
+ LOGGER.warn("Could not delete temporary file '{}'", reducedCsarPath, e);
}
}
}
.map(ZipEntry::getName).map(Path::of)
.collect(Collectors.toList());
} catch (final IOException e) {
+ LOGGER.error("Failed to read ZipFile '{}'", csarPackagePath.toString(), e);
final var errorMsg = String.format(UNEXPECTED_PROBLEM_HAPPENED_WHILE_READING_THE_CSAR, csarPackagePath);
throw new CsarSizeReducerException(errorMsg, e);
}
Files.createDirectories(folder);
} catch (final IOException e) {
fail = true;
+ LOGGER.error("Failed to create directory '{}'", folder, e);
throw new SecurityManagerException(String.format("Failed to create directory '%s'", folder), e);
}
final var parsedObject = pemParser.readObject();
if (!(parsedObject instanceof ContentInfo)) {
fail = true;
+ LOGGER.error("Signature is not recognized");
throw new SecurityManagerException("Signature is not recognized");
}
throw new SecurityManagerException(UNEXPECTED_ERROR_OCCURRED_DURING_SIGNATURE_VALIDATION, e);
} catch (final CMSException e) {
fail = true;
+ LOGGER.error(e.getMessage(), e);
throw new SecurityManagerException(COULD_NOT_VERIFY_SIGNATURE, e);
} catch (final SecurityManagerException e) {
fail = true;
+ LOGGER.error(e.getMessage(), e);
throw e;
} finally {
deleteFile(target);
try {
certs = parseCertsFromPem(packageCert);
} catch (final IOException e) {
+ LOGGER.error("Failed to parse certificate from PEM", e);
throw new SecurityManagerException("Failed to parse certificate from PEM", e);
}
cert = readSignCert(certs, firstSigner)
try {
return firstSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert));
} catch (CMSException | OperatorCreationException e) {
+ LOGGER.error("Failed to verify package signed data", e);
throw new SecurityManagerException("Failed to verify package signed data", e);
}
}
try (FileInputStream fi = new FileInputStream(certFile)) {
return loadCertificateFactory(fi);
} catch (IOException e) {
+ LOGGER.error("Error during loading Certificate from file!", e);
throw new SecurityManagerException("Error during loading Certificate from file!", e);
}
}
try {
return loadCertificateFactory(new ByteArrayInputStream(cert.getEncoded()));
} catch (IOException | SecurityManagerException e) {
+ LOGGER.error("Error during loading Certificate from bytes!", e);
throw new RuntimeException("Error during loading Certificate from bytes!", e);
}
}
CertificateFactory factory = CertificateFactory.getInstance("X.509");
return (X509Certificate) factory.generateCertificate(in);
} catch (CertificateException e) {
+ LOGGER.error("Error during loading Certificate from bytes!", e);
throw new SecurityManagerException("Error during loading Certificate from bytes!", e);
}
}
private PKIXCertPathBuilderResult verifyCertificate(final X509Certificate cert,
final Set<X509Certificate> additionalCerts) throws SecurityManagerException {
if (null == cert) {
+ LOGGER.error("The certificate is empty!");
throw new SecurityManagerException("The certificate is empty!");
}
if (isExpired(cert)) {
+ LOGGER.error("The certificate expired on: {}", cert.getNotAfter());
throw new SecurityManagerException("The certificate expired on: " + cert.getNotAfter());
}
if (isSelfSigned(cert)) {
+ LOGGER.error("The certificate is self-signed.");
throw new SecurityManagerException("The certificate is self-signed.");
}
Set<X509Certificate> trustedRootCerts = new HashSet<>();
try {
return verifyCertificate(cert, trustedRootCerts, intermediateCerts);
} catch (final GeneralSecurityException e) {
+ LOGGER.error("Failed to verify certificate", e);
throw new SecurityManagerException("Failed to verify certificate", e);
}
}
try {
pkixParams = new PKIXBuilderParameters(trustAnchors, selector);
} catch (InvalidAlgorithmParameterException ex) {
+ LOGGER.error("No root CA has been found for this certificate", ex);
throw new InvalidAlgorithmParameterException("No root CA has been found for this certificate", ex);
}
// Not supporting CRL checks for now