Search in sources :

Example 6 with Authorization

use of com.google.cloud.tools.jib.http.Authorization in project jib by google.

the class RetrieveRegistryCredentialsStep method retrieveFromCredentialHelper.

/**
 * Attempts to retrieve authorization for the registry using {@code
 * docker-credential-[credentialHelperSuffix]}.
 */
@VisibleForTesting
@Nullable
Authorization retrieveFromCredentialHelper(String credentialHelperSuffix) throws NonexistentDockerCredentialHelperException, IOException {
    buildConfiguration.getBuildLogger().info("Checking credentials from docker-credential-" + credentialHelperSuffix);
    try {
        Authorization authorization = dockerCredentialHelperFactory.withCredentialHelperSuffix(credentialHelperSuffix).retrieve();
        logGotCredentialsFrom("docker-credential-" + credentialHelperSuffix);
        return authorization;
    } catch (NonexistentServerUrlDockerCredentialHelperException ex) {
        buildConfiguration.getBuildLogger().info("No credentials for " + registry + " in docker-credential-" + credentialHelperSuffix);
        return null;
    }
}
Also used : Authorization(com.google.cloud.tools.jib.http.Authorization) NonexistentServerUrlDockerCredentialHelperException(com.google.cloud.tools.jib.registry.credentials.NonexistentServerUrlDockerCredentialHelperException) VisibleForTesting(com.google.common.annotations.VisibleForTesting) Nullable(javax.annotation.Nullable)

Example 7 with Authorization

use of com.google.cloud.tools.jib.http.Authorization in project jib by google.

the class AuthenticatePushStep method call.

/**
 * Depends on {@link RetrieveRegistryCredentialsStep}.
 */
@Override
@Nullable
public Authorization call() throws ExecutionException, InterruptedException, RegistryAuthenticationFailedException, IOException, RegistryException {
    try (Timer ignored = new Timer(buildConfiguration.getBuildLogger(), String.format(DESCRIPTION, buildConfiguration.getTargetRegistry()))) {
        Authorization registryCredentials = NonBlockingFutures.get(registryCredentialsFuture);
        RegistryAuthenticator registryAuthenticator = RegistryAuthenticators.forOther(buildConfiguration.getTargetRegistry(), buildConfiguration.getTargetRepository());
        if (registryAuthenticator == null) {
            return registryCredentials;
        }
        return registryAuthenticator.setAuthorization(NonBlockingFutures.get(registryCredentialsFuture)).authenticatePush();
    }
}
Also used : Authorization(com.google.cloud.tools.jib.http.Authorization) Timer(com.google.cloud.tools.jib.Timer) RegistryAuthenticator(com.google.cloud.tools.jib.registry.RegistryAuthenticator) Nullable(javax.annotation.Nullable)

Example 8 with Authorization

use of com.google.cloud.tools.jib.http.Authorization in project jib by google.

the class AuthenticationMethodRetrieverIntegrationTest method testGetRegistryAuthenticator.

@Test
public void testGetRegistryAuthenticator() throws RegistryAuthenticationFailedException, IOException, RegistryException {
    RegistryClient registryClient = new RegistryClient(null, "registry.hub.docker.com", "library/busybox");
    RegistryAuthenticator registryAuthenticator = registryClient.getRegistryAuthenticator();
    Authorization authorization = registryAuthenticator.authenticatePull();
    RegistryClient authorizedRegistryClient = new RegistryClient(authorization, "registry.hub.docker.com", "library/busybox");
    authorizedRegistryClient.pullManifest("latest");
}
Also used : Authorization(com.google.cloud.tools.jib.http.Authorization) Test(org.junit.Test)

Example 9 with Authorization

use of com.google.cloud.tools.jib.http.Authorization in project jib by google.

the class DockerConfigCredentialRetrieverTest method testRetrieve_useCredsStore.

@Test
public void testRetrieve_useCredsStore() throws IOException {
    Mockito.when(mockDockerCredentialHelperFactory.withCredentialHelperSuffix("some credential store")).thenReturn(mockDockerCredentialHelper);
    DockerConfigCredentialRetriever dockerConfigCredentialRetriever = new DockerConfigCredentialRetriever("just registry", dockerConfigFile, mockDockerCredentialHelperFactory);
    Authorization authorization = dockerConfigCredentialRetriever.retrieve();
    Assert.assertEquals(mockAuthorization, authorization);
}
Also used : Authorization(com.google.cloud.tools.jib.http.Authorization) Test(org.junit.Test)

Example 10 with Authorization

use of com.google.cloud.tools.jib.http.Authorization in project jib by google.

the class BuildImageSteps method run.

public void run() throws InterruptedException, ExecutionException, CacheMetadataCorruptedException, IOException, CacheDirectoryNotOwnedException {
    List<String> entrypoint = EntrypointBuilder.makeEntrypoint(sourceFilesConfiguration, buildConfiguration.getJvmFlags(), buildConfiguration.getMainClass());
    try (Timer timer = new Timer(buildConfiguration.getBuildLogger(), DESCRIPTION)) {
        try (Timer timer2 = timer.subTimer("Initializing cache")) {
            ListeningExecutorService listeningExecutorService = MoreExecutors.listeningDecorator(Executors.newCachedThreadPool());
            try (Caches caches = cachesInitializer.init()) {
                Cache baseLayersCache = caches.getBaseCache();
                Cache applicationLayersCache = caches.getApplicationCache();
                timer2.lap("Setting up credential retrieval");
                ListenableFuture<Authorization> retrieveTargetRegistryCredentialsFuture = listeningExecutorService.submit(new RetrieveRegistryCredentialsStep(buildConfiguration, buildConfiguration.getTargetRegistry()));
                ListenableFuture<Authorization> retrieveBaseImageRegistryCredentialsFuture = listeningExecutorService.submit(new RetrieveRegistryCredentialsStep(buildConfiguration, buildConfiguration.getBaseImageRegistry()));
                timer2.lap("Setting up image push authentication");
                // Authenticates push.
                ListenableFuture<Authorization> authenticatePushFuture = Futures.whenAllSucceed(retrieveTargetRegistryCredentialsFuture).call(new AuthenticatePushStep(buildConfiguration, retrieveTargetRegistryCredentialsFuture), listeningExecutorService);
                timer2.lap("Setting up image pull authentication");
                // Authenticates base image pull.
                ListenableFuture<Authorization> authenticatePullFuture = Futures.whenAllSucceed(retrieveBaseImageRegistryCredentialsFuture).call(new AuthenticatePullStep(buildConfiguration, retrieveBaseImageRegistryCredentialsFuture), listeningExecutorService);
                timer2.lap("Setting up base image pull");
                // Pulls the base image.
                ListenableFuture<Image> pullBaseImageFuture = Futures.whenAllSucceed(authenticatePullFuture).call(new PullBaseImageStep(buildConfiguration, authenticatePullFuture), listeningExecutorService);
                timer2.lap("Setting up base image layer pull");
                // Pulls and caches the base image layers.
                ListenableFuture<List<ListenableFuture<CachedLayer>>> pullBaseImageLayerFuturesFuture = Futures.whenAllSucceed(pullBaseImageFuture).call(new PullAndCacheBaseImageLayersStep(buildConfiguration, baseLayersCache, listeningExecutorService, authenticatePullFuture, pullBaseImageFuture), listeningExecutorService);
                timer2.lap("Setting up base image layer push");
                // Pushes the base image layers.
                ListenableFuture<List<ListenableFuture<Void>>> pushBaseImageLayerFuturesFuture = Futures.whenAllSucceed(pullBaseImageLayerFuturesFuture).call(new PushLayersStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, pullBaseImageLayerFuturesFuture), listeningExecutorService);
                timer2.lap("Setting up build application layers");
                // Builds the application layers.
                List<ListenableFuture<CachedLayer>> buildAndCacheApplicationLayerFutures = new BuildAndCacheApplicationLayersStep(buildConfiguration, sourceFilesConfiguration, applicationLayersCache, listeningExecutorService).call();
                timer2.lap("Setting up container configuration push");
                // Builds and pushes the container configuration.
                ListenableFuture<ListenableFuture<BlobDescriptor>> buildAndPushContainerConfigurationFutureFuture = Futures.whenAllSucceed(pullBaseImageLayerFuturesFuture).call(new BuildAndPushContainerConfigurationStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, pullBaseImageLayerFuturesFuture, buildAndCacheApplicationLayerFutures, entrypoint), listeningExecutorService);
                timer2.lap("Setting up application layer push");
                // Pushes the application layers.
                List<ListenableFuture<Void>> pushApplicationLayersFuture = new PushLayersStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, Futures.immediateFuture(buildAndCacheApplicationLayerFutures)).call();
                timer2.lap("Setting up image manifest push");
                // Pushes the new image manifest.
                ListenableFuture<Void> pushImageFuture = Futures.whenAllSucceed(pushBaseImageLayerFuturesFuture, buildAndPushContainerConfigurationFutureFuture).call(new PushImageStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, pullBaseImageLayerFuturesFuture, buildAndCacheApplicationLayerFutures, pushBaseImageLayerFuturesFuture, pushApplicationLayersFuture, buildAndPushContainerConfigurationFutureFuture), listeningExecutorService);
                timer2.lap("Running push new image");
                pushImageFuture.get();
            }
        }
    }
    buildConfiguration.getBuildLogger().lifecycle("");
    buildConfiguration.getBuildLogger().lifecycle("Container entrypoint set to " + entrypoint);
}
Also used : Caches(com.google.cloud.tools.jib.cache.Caches) Image(com.google.cloud.tools.jib.image.Image) Authorization(com.google.cloud.tools.jib.http.Authorization) CachedLayer(com.google.cloud.tools.jib.cache.CachedLayer) List(java.util.List) Timer(com.google.cloud.tools.jib.Timer) ListenableFuture(com.google.common.util.concurrent.ListenableFuture) ListeningExecutorService(com.google.common.util.concurrent.ListeningExecutorService) Cache(com.google.cloud.tools.jib.cache.Cache)

Aggregations

Authorization (com.google.cloud.tools.jib.http.Authorization)13 Test (org.junit.Test)7 Timer (com.google.cloud.tools.jib.Timer)4 Nullable (javax.annotation.Nullable)3 Caches (com.google.cloud.tools.jib.cache.Caches)2 RegistryAuthenticator (com.google.cloud.tools.jib.registry.RegistryAuthenticator)2 IOException (java.io.IOException)2 Command (com.google.cloud.tools.jib.Command)1 BuildConfiguration (com.google.cloud.tools.jib.builder.BuildConfiguration)1 BuildImageSteps (com.google.cloud.tools.jib.builder.BuildImageSteps)1 SourceFilesConfiguration (com.google.cloud.tools.jib.builder.SourceFilesConfiguration)1 Cache (com.google.cloud.tools.jib.cache.Cache)1 CachedLayer (com.google.cloud.tools.jib.cache.CachedLayer)1 Image (com.google.cloud.tools.jib.image.Image)1 ImageReference (com.google.cloud.tools.jib.image.ImageReference)1 NonexistentDockerCredentialHelperException (com.google.cloud.tools.jib.registry.credentials.NonexistentDockerCredentialHelperException)1 NonexistentServerUrlDockerCredentialHelperException (com.google.cloud.tools.jib.registry.credentials.NonexistentServerUrlDockerCredentialHelperException)1 RegistryCredentials (com.google.cloud.tools.jib.registry.credentials.RegistryCredentials)1 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 ListenableFuture (com.google.common.util.concurrent.ListenableFuture)1