added skipTLSVerification option

ankaCloud-agent/pom.xml

@@ -4,15 +4,15 @@
   <parent>
     <artifactId>anka-build-tc</artifactId>
     <groupId>com.veertu</groupId>
-    <version>1.0-SNAPSHOT</version>
+    <version>1.1</version>
   </parent>
   <artifactId>anka-build-tc-agent</artifactId>
   <packaging>jar</packaging>
   <dependencies>
 
     <dependency>
       <groupId>com.veertu</groupId>
-      <version>1.0-SNAPSHOT</version>
+      <version>1.1</version>
       <artifactId>anka-build-tc-common</artifactId>
       <scope>compile</scope>
     </dependency>

ankaCloud-agent/pom.xml.versionsBackup

@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <artifactId>anka-build-tc</artifactId>
+    <groupId>com.veertu</groupId>
+    <version>1.0-SNAPSHOT</version>
+  </parent>
+  <artifactId>anka-build-tc-agent</artifactId>
+  <packaging>jar</packaging>
+  <dependencies>
+
+    <dependency>
+      <groupId>com.veertu</groupId>
+      <version>1.0-SNAPSHOT</version>
+      <artifactId>anka-build-tc-common</artifactId>
+      <scope>compile</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jetbrains.teamcity</groupId>
+      <artifactId>agent-api</artifactId>
+      <version>${teamcity-version}</version>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jetbrains.teamcity</groupId>
+      <artifactId>tests-support</artifactId>
+      <version>${teamcity-version}</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jetbrains.teamcity</groupId>
+      <artifactId>cloud-interface</artifactId>
+      <version>2017.2</version>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jetbrains.teamcity</groupId>
+      <artifactId>cloud-shared</artifactId>
+      <version>2017.2</version>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.jetbrains.teamcity.internal</groupId>
+      <artifactId>agent</artifactId>
+      <version>2017.2</version>
+      <scope>provided</scope>
+    </dependency>
+
+  </dependencies>
+</project>

ankaCloud-common/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <artifactId>anka-build-tc</artifactId>
         <groupId>com.veertu</groupId>
-        <version>1.0-SNAPSHOT</version>
+        <version>1.1</version>
     </parent>
     <artifactId>anka-build-tc-common</artifactId>
     <packaging>jar</packaging>

ankaCloud-common/pom.xml.versionsBackup

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <artifactId>anka-build-tc</artifactId>
+        <groupId>com.veertu</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <artifactId>anka-build-tc-common</artifactId>
+    <packaging>jar</packaging>
+</project>

ankaCloud-common/src/main/java/com/veertu/common/AnkaConstants.java

@@ -17,6 +17,7 @@ public interface AnkaConstants {
     String SSH_PASSWORD = "ssh_password";
     String AGENT_PATH = "agent_path";
     String OPTIONAL_SERVER_URL = "profileServerUrl";
+    String SKIP_TLS_VERIFICATION = "skipTLSVerification";
     String AGENT_POOL_ID = "agentPoolId";
     String PRIORITY = "priority";
     String MAX_INSTANCES = "clouds.anka.maxInstances";

ankaCloud-server/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>anka-build-tc</artifactId>
         <groupId>com.veertu</groupId>
-        <version>1.0-SNAPSHOT</version>
+        <version>1.1</version>
     </parent>
     <artifactId>anka-build-tc-server</artifactId>
     <packaging>jar</packaging>
@@ -24,7 +24,7 @@
         </dependency>
         <dependency>
             <groupId>com.veertu</groupId>
-            <version>1.0-SNAPSHOT</version>
+            <version>1.1</version>
             <artifactId>anka-build-tc-common</artifactId>
             <scope>compile</scope>
         </dependency>

ankaCloud-server/pom.xml.versionsBackup

@@ -0,0 +1,115 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <artifactId>anka-build-tc</artifactId>
+        <groupId>com.veertu</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <artifactId>anka-build-tc-server</artifactId>
+    <packaging>jar</packaging>
+
+    <dependencies>
+        <dependency>
+           <groupId>org.apache.httpcomponents</groupId>
+           <artifactId>httpclient</artifactId>
+           <version>4.5</version>
+       </dependency>
+        <dependency>
+            <groupId>org.jetbrains.teamcity.internal</groupId>
+            <artifactId>server</artifactId>
+            <version>${teamcity-version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.veertu</groupId>
+            <version>1.0-SNAPSHOT</version>
+            <artifactId>anka-build-tc-common</artifactId>
+            <scope>compile</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.jetbrains.teamcity</groupId>
+            <artifactId>server-api</artifactId>
+            <version>${teamcity-version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.jetbrains.teamcity</groupId>
+            <artifactId>server-web-api</artifactId>
+            <version>${teamcity-version}</version>
+            <type>war</type>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.jetbrains.teamcity</groupId>
+            <artifactId>tests-support</artifactId>
+            <version>${teamcity-version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.jetbrains.teamcity</groupId>
+            <artifactId>cloud-interface</artifactId>
+            <version>${teamcity-version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.jetbrains.teamcity</groupId>
+            <artifactId>cloud-shared</artifactId>
+            <version>${teamcity-version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.json</groupId>
+            <artifactId>json</artifactId>
+            <version>20160212</version>
+        </dependency>
+        <dependency>
+            <groupId>com.jcraft</groupId>
+            <artifactId>jsch</artifactId>
+            <version>0.1.54</version>
+        </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk15on</artifactId>
+            <version>1.61</version>
+        </dependency>
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcpkix-jdk15on</artifactId>
+            <version>1.61</version>
+        </dependency>
+
+
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                </configuration>
+                <executions>
+                    <execution>
+                        <id>compile</id>
+                        <phase>compile</phase>
+                        <goals>
+                            <goal>compile</goal>
+                        </goals>
+                    </execution>
+                    <execution>
+                        <id>testCompile</id>
+                        <phase>test-compile</phase>
+                        <goals>
+                            <goal>testCompile</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+
+</project>

ankaCloud-server/src/main/java/com/veertu/AnkaCloudClientFactory.java

@@ -62,6 +62,9 @@ public CloudClientEx createNewClient(@NotNull CloudState cloudState, @NotNull Cl
         String agentPath = cloudClientParameters.getParameter(AnkaConstants.AGENT_PATH);
         String serverUrl = cloudClientParameters.getParameter(AnkaConstants.OPTIONAL_SERVER_URL);
         String groupId = cloudClientParameters.getParameter(AnkaConstants.GROUP_ID);
+        if (groupId != null && groupId.isEmpty()) {
+            groupId = null;
+        }
         Integer agentPoolId = null;
         String agentPoolIdVal = cloudClientParameters.getParameter(AnkaConstants.AGENT_POOL_ID);
         String priorityVal = cloudClientParameters.getParameter(AnkaConstants.PRIORITY);
@@ -87,7 +90,11 @@ public CloudClientEx createNewClient(@NotNull CloudState cloudState, @NotNull Cl
         } catch (NullPointerException | NumberFormatException e) {
             // do nothing - maxInstances will just be MAX (unlimited)...
         }
-
+        String skipTLSVerificationString = cloudClientParameters.getParameter(AnkaConstants.SKIP_TLS_VERIFICATION);
+        boolean skipTLSVerification = false;
+        if (skipTLSVerificationString != null && skipTLSVerificationString.equals("true")) {
+            skipTLSVerification = true;
+        }
         String profileId = cloudClientParameters.getParameter("system.cloud.profile_id");
 
         AnkaCloudConnector connector;
@@ -96,13 +103,13 @@ public CloudClientEx createNewClient(@NotNull CloudState cloudState, @NotNull Cl
         if (authMethod != null && authMethod.equals(AnkaConstants.AUTH_METHOD_CERT)) {
             String cert = cloudClientParameters.getParameter(AnkaConstants.CERT_STRING);
             String key = cloudClientParameters.getParameter(AnkaConstants.CERT_KEY_STRING);
-            connector = new AnkaCloudConnector(mgmtURL, sshUser,
+            connector = new AnkaCloudConnector(mgmtURL, skipTLSVerification, sshUser,
                     sshPassword, agentPath, serverUrl, agentPoolId, profileId, priority,
                     cert, key, AuthType.CERTIFICATE);
         } else if (authMethod != null && authMethod.equals(AnkaConstants.AUTH_METHID_OIDC)) {
             String client = cloudClientParameters.getParameter(AnkaConstants.OIDC_CLIENT_ID);
             String secret = cloudClientParameters.getParameter(AnkaConstants.OIDC_CLIENT_SECRET);
-            connector = new AnkaCloudConnector(mgmtURL, sshUser,
+            connector = new AnkaCloudConnector(mgmtURL, skipTLSVerification, sshUser,
                     sshPassword, agentPath, serverUrl, agentPoolId, profileId, priority,
                     client, secret, AuthType.OPENID_CONNECT);
         } else {

ankaCloud-server/src/main/java/com/veertu/AnkaCloudConnector.java

@@ -50,7 +50,7 @@ public AnkaCloudConnector(String mgmtURL, String sshUser,
         this.ankaAPI = new AnkaAPI(mgmtURL);
     }
 
-    public AnkaCloudConnector(String mgmtURL, String sshUser, String sshPassword, String agentPath,
+    public AnkaCloudConnector(String mgmtURL, boolean skipTLSVerification, String sshUser, String sshPassword, String agentPath,
                               String serverUrl, Integer agentPoolId, String profileId, int priority,
                               String cert, String key, AuthType authType) {
         this.mgmtURL = mgmtURL;
@@ -61,9 +61,10 @@ public AnkaCloudConnector(String mgmtURL, String sshUser, String sshPassword, St
         this.agentPoolId = agentPoolId;
         this.profileId = profileId;
         this.priority = priority;
-        this.ankaAPI = new AnkaAPI(mgmtURL, cert, key, authType);
+        this.ankaAPI = new AnkaAPI(mgmtURL, skipTLSVerification, cert, key, authType);
     }
 
+
     public AnkaCloudInstance startNewInstance(AnkaCloudImage cloudImage, InstanceUpdater updater) throws AnkaMgmtException {
         AnkaMgmtVm vm = this.ankaAPI.makeAnkaVm(cloudImage.getId(), cloudImage.getTag(), null, 22, priority, cloudImage.getGroupId());
         updater.executeTaskInBackground(() -> this.waitForBootAndSetVmProperties(vm, cloudImage));

ankaCloud-server/src/main/java/com/veertu/AnkaEditProfileController.java

@@ -82,12 +82,17 @@ protected void doPost(@NotNull HttpServletRequest request, @NotNull HttpServletR
             String clientCertKey = request.getParameter(PROP_PREFIX + AnkaConstants.CERT_KEY_STRING);
             String clientId = request.getParameter(PROP_PREFIX + AnkaConstants.OIDC_CLIENT_ID);
             String clientSecret = request.getParameter(PROP_PREFIX + AnkaConstants.OIDC_CLIENT_SECRET);
+            String skipTLSVerificationString = request.getParameter(PROP_PREFIX + AnkaConstants.SKIP_TLS_VERIFICATION);
+            boolean skipTLSVerification = false;
+            if (skipTLSVerificationString != null && skipTLSVerificationString.equals("true")) {
+                skipTLSVerification = true;
+            }
             if (authMethod.equals("cert") && clientCert != null && !clientCert.isEmpty()) {
-                ankaApi = new AnkaAPI(mgmtURL, clientCert, clientCertKey, AuthType.CERTIFICATE);
+                ankaApi = new AnkaAPI(mgmtURL, skipTLSVerification, clientCert, clientCertKey, AuthType.CERTIFICATE);
             } else if(authMethod.equals("oidc") && clientId != null && !clientId.isEmpty()) {
-                ankaApi = new AnkaAPI(mgmtURL, clientId, clientSecret, AuthType.OPENID_CONNECT);
+                ankaApi = new AnkaAPI(mgmtURL, skipTLSVerification, clientId, clientSecret, AuthType.OPENID_CONNECT);
             } else {
-                ankaApi = new AnkaAPI(mgmtURL);
+                ankaApi = new AnkaAPI(mgmtURL,  skipTLSVerification);
             }
 
             String imageId = request.getParameter("imageId");

ankaCloud-server/src/main/java/com/veertu/ankaMgmtSdk/AnkaAPI.java

@@ -24,19 +24,24 @@ public AnkaAPI(String mgmtUrl) {
         this.communicator = new AnkaMgmtCommunicator(mgmtUrl);
     }
 
-    public AnkaAPI(String mgmtUrl, String client, String key, AuthType authType) {
+    public AnkaAPI(String mgmtUrl, boolean skipTLSVerification, String client, String key, AuthType authType) {
         this.mgmtURL = mgmtUrl;
 
         switch (authType) {
             case CERTIFICATE:
-                this.communicator = new AnkaMgmtClientCertAuthCommunicator(mgmtUrl, client, key);
+                this.communicator = new AnkaMgmtClientCertAuthCommunicator(mgmtUrl, skipTLSVerification, client, key);
                 break;
             case OPENID_CONNECT:
-                this.communicator = new AnkaMgmtOpenIdCommunicator(mgmtUrl, client, key);
+                this.communicator = new AnkaMgmtOpenIdCommunicator(mgmtUrl, skipTLSVerification, client, key);
                 break;
         }
     }
 
+    public AnkaAPI(String mgmtURL, boolean skipTLSVerification) {
+        this.mgmtURL = mgmtURL;
+        this.communicator = new AnkaMgmtCommunicator(mgmtURL, skipTLSVerification);
+    }
+
 
     public AnkaMgmtVm makeAnkaVm(String templateId,
                                  String tag, String nameTemplate, int sshPort, int priority, String groupId) throws AnkaMgmtException {

ankaCloud-server/src/main/java/com/veertu/ankaMgmtSdk/AnkaMgmtClientCertAuthCommunicator.java

@@ -1,10 +1,9 @@
 package com.veertu.ankaMgmtSdk;
 
 import org.apache.http.client.config.RequestConfig;
-import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.apache.http.conn.ssl.SSLContextBuilder;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.ssl.SSLContextBuilder;
 
 import javax.net.ssl.SSLContext;
 import java.io.IOException;
@@ -20,6 +19,10 @@ public AnkaMgmtClientCertAuthCommunicator(String mgmtUrl, String clientCert, Str
         this.authenticator = new ClientCertAuthenticator(clientCert, clientCertKey);
     }
 
+    public AnkaMgmtClientCertAuthCommunicator(String mgmtUrl, boolean skipTLSVerification, String client, String key) {
+        super(mgmtUrl, skipTLSVerification);
+        this.authenticator = new ClientCertAuthenticator(client, key);
+    }
 
 
     protected CloseableHttpClient makeHttpClient() throws CertificateException, NoSuchAlgorithmException,
@@ -30,15 +33,13 @@ protected CloseableHttpClient makeHttpClient() throws CertificateException, NoSu
         HttpClientBuilder builder = HttpClientBuilder.create();
 
         KeyStore keyStore = this.authenticator.getKeyStore();
-        // allow self-signed certs
+
         SSLContext sslContext = new SSLContextBuilder()
                 .loadKeyMaterial(keyStore, authenticator.getPemPassword().toCharArray())
                 .loadTrustMaterial(keyStore, (certificate, authType) -> true).build();
-        builder.setSslcontext(sslContext);
-        //builder.setSSLHostnameVerifier(new NoopHostnameVerifier());
+        builder.setSSLContext(sslContext);
 
-        builder.setSSLSocketFactory(new SSLConnectionSocketFactory(sslContext,
-                SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER));
+        setTLSVerificationIfDefined(sslContext, builder);
         CloseableHttpClient httpClient = builder.setDefaultRequestConfig(requestBuilder.build()).build();
         return httpClient;
     }