Search in sources :

Example 1 with RegistryAuthException

use of com.aws.greengrass.componentmanager.plugins.docker.exceptions.RegistryAuthException in project aws-greengrass-nucleus by aws-greengrass.

the class EcrAccessor method getCredentials.

/**
 * Get credentials(auth token) for a private docker registry in ECR.
 *
 * @param registryId Registry id
 * @return Registry.Credentials - Registry's authorization information
 * @throws RegistryAuthException When authentication fails
 */
@SuppressWarnings("PMD.AvoidRethrowingException")
public Registry.Credentials getCredentials(String registryId) throws RegistryAuthException {
    try (EcrClient client = getClient()) {
        AuthorizationData authorizationData = client.getAuthorizationToken(GetAuthorizationTokenRequest.builder().registryIds(Collections.singletonList(registryId)).build()).authorizationData().get(0);
        // Decoded auth token is of the format <username>:<password>
        String[] authTokenParts = new String(Base64.getDecoder().decode(authorizationData.authorizationToken()), StandardCharsets.UTF_8).split(":");
        return new Registry.Credentials(authTokenParts[0], authTokenParts[1], authorizationData.expiresAt());
    } catch (ServerException | SdkClientException e) {
        // Errors we can retry on
        throw e;
    } catch (EcrException e) {
        throw new RegistryAuthException(String.format("Failed to get credentials for ECR registry - %s", registryId), e);
    }
}
Also used : RegistryAuthException(com.aws.greengrass.componentmanager.plugins.docker.exceptions.RegistryAuthException) EcrException(software.amazon.awssdk.services.ecr.model.EcrException) ServerException(software.amazon.awssdk.services.ecr.model.ServerException) AuthorizationData(software.amazon.awssdk.services.ecr.model.AuthorizationData) SdkClientException(software.amazon.awssdk.core.exception.SdkClientException) EcrClient(software.amazon.awssdk.services.ecr.EcrClient)

Example 2 with RegistryAuthException

use of com.aws.greengrass.componentmanager.plugins.docker.exceptions.RegistryAuthException in project aws-greengrass-nucleus by aws-greengrass.

the class DockerImageDownloaderTest method GIVEN_a_container_component_with_image_in_ecr_WHEN_when_failed_to_get_credentials_THEN_fail_deployment.

@Test
void GIVEN_a_container_component_with_image_in_ecr_WHEN_when_failed_to_get_credentials_THEN_fail_deployment() throws Exception {
    URI artifactUri = new URI("docker:012345678910.dkr.ecr.us-east-1.amazonaws.com/testimage:sometag");
    Image image = Image.fromArtifactUri(ComponentArtifact.builder().artifactUri(artifactUri).build());
    when(ecrAccessor.getCredentials("012345678910")).thenThrow(new RegistryAuthException("Failed to get " + "credentials for ECR registry"));
    when(dockerClient.dockerInstalled()).thenReturn(true);
    DockerImageDownloader downloader = getDownloader(artifactUri);
    Throwable err = assertThrows(PackageDownloadException.class, () -> downloader.download());
    assertThat(err.getMessage(), containsString("Failed to get auth token for docker login"));
    assertTrue(err.getCause() instanceof RegistryAuthException);
    assertEquals("testimage", image.getName());
    assertEquals("sometag", image.getTag());
    assertNull(image.getDigest());
    assertTrue(image.getRegistry().isEcrRegistry());
    assertTrue(image.getRegistry().isPrivateRegistry());
    assertEquals("012345678910.dkr.ecr.us-east-1.amazonaws.com", image.getRegistry().getEndpoint());
    assertEquals("012345678910", image.getRegistry().getRegistryId());
    verify(ecrAccessor).getCredentials("012345678910");
    verify(dockerClient, never()).login(any());
    verify(dockerClient, never()).pullImage(any());
}
Also used : RegistryAuthException(com.aws.greengrass.componentmanager.plugins.docker.exceptions.RegistryAuthException) URI(java.net.URI) Test(org.junit.jupiter.api.Test)

Aggregations

RegistryAuthException (com.aws.greengrass.componentmanager.plugins.docker.exceptions.RegistryAuthException)2 URI (java.net.URI)1 Test (org.junit.jupiter.api.Test)1 SdkClientException (software.amazon.awssdk.core.exception.SdkClientException)1 EcrClient (software.amazon.awssdk.services.ecr.EcrClient)1 AuthorizationData (software.amazon.awssdk.services.ecr.model.AuthorizationData)1 EcrException (software.amazon.awssdk.services.ecr.model.EcrException)1 ServerException (software.amazon.awssdk.services.ecr.model.ServerException)1