use of com.google.cloud.tools.jib.http.Authorization in project jib by google.
the class RetrieveRegistryCredentialsStep method retrieveFromCredentialHelper.
/**
* Attempts to retrieve authorization for the registry using {@code
* docker-credential-[credentialHelperSuffix]}.
*/
@VisibleForTesting
@Nullable
Authorization retrieveFromCredentialHelper(String credentialHelperSuffix) throws NonexistentDockerCredentialHelperException, IOException {
buildConfiguration.getBuildLogger().info("Checking credentials from docker-credential-" + credentialHelperSuffix);
try {
Authorization authorization = dockerCredentialHelperFactory.withCredentialHelperSuffix(credentialHelperSuffix).retrieve();
logGotCredentialsFrom("docker-credential-" + credentialHelperSuffix);
return authorization;
} catch (NonexistentServerUrlDockerCredentialHelperException ex) {
buildConfiguration.getBuildLogger().info("No credentials for " + registry + " in docker-credential-" + credentialHelperSuffix);
return null;
}
}
use of com.google.cloud.tools.jib.http.Authorization in project jib by google.
the class AuthenticatePushStep method call.
/**
* Depends on {@link RetrieveRegistryCredentialsStep}.
*/
@Override
@Nullable
public Authorization call() throws ExecutionException, InterruptedException, RegistryAuthenticationFailedException, IOException, RegistryException {
try (Timer ignored = new Timer(buildConfiguration.getBuildLogger(), String.format(DESCRIPTION, buildConfiguration.getTargetRegistry()))) {
Authorization registryCredentials = NonBlockingFutures.get(registryCredentialsFuture);
RegistryAuthenticator registryAuthenticator = RegistryAuthenticators.forOther(buildConfiguration.getTargetRegistry(), buildConfiguration.getTargetRepository());
if (registryAuthenticator == null) {
return registryCredentials;
}
return registryAuthenticator.setAuthorization(NonBlockingFutures.get(registryCredentialsFuture)).authenticatePush();
}
}
use of com.google.cloud.tools.jib.http.Authorization in project jib by google.
the class AuthenticationMethodRetrieverIntegrationTest method testGetRegistryAuthenticator.
@Test
public void testGetRegistryAuthenticator() throws RegistryAuthenticationFailedException, IOException, RegistryException {
RegistryClient registryClient = new RegistryClient(null, "registry.hub.docker.com", "library/busybox");
RegistryAuthenticator registryAuthenticator = registryClient.getRegistryAuthenticator();
Authorization authorization = registryAuthenticator.authenticatePull();
RegistryClient authorizedRegistryClient = new RegistryClient(authorization, "registry.hub.docker.com", "library/busybox");
authorizedRegistryClient.pullManifest("latest");
}
use of com.google.cloud.tools.jib.http.Authorization in project jib by google.
the class DockerConfigCredentialRetrieverTest method testRetrieve_useCredsStore.
@Test
public void testRetrieve_useCredsStore() throws IOException {
Mockito.when(mockDockerCredentialHelperFactory.withCredentialHelperSuffix("some credential store")).thenReturn(mockDockerCredentialHelper);
DockerConfigCredentialRetriever dockerConfigCredentialRetriever = new DockerConfigCredentialRetriever("just registry", dockerConfigFile, mockDockerCredentialHelperFactory);
Authorization authorization = dockerConfigCredentialRetriever.retrieve();
Assert.assertEquals(mockAuthorization, authorization);
}
use of com.google.cloud.tools.jib.http.Authorization in project jib by google.
the class BuildImageSteps method run.
public void run() throws InterruptedException, ExecutionException, CacheMetadataCorruptedException, IOException, CacheDirectoryNotOwnedException {
List<String> entrypoint = EntrypointBuilder.makeEntrypoint(sourceFilesConfiguration, buildConfiguration.getJvmFlags(), buildConfiguration.getMainClass());
try (Timer timer = new Timer(buildConfiguration.getBuildLogger(), DESCRIPTION)) {
try (Timer timer2 = timer.subTimer("Initializing cache")) {
ListeningExecutorService listeningExecutorService = MoreExecutors.listeningDecorator(Executors.newCachedThreadPool());
try (Caches caches = cachesInitializer.init()) {
Cache baseLayersCache = caches.getBaseCache();
Cache applicationLayersCache = caches.getApplicationCache();
timer2.lap("Setting up credential retrieval");
ListenableFuture<Authorization> retrieveTargetRegistryCredentialsFuture = listeningExecutorService.submit(new RetrieveRegistryCredentialsStep(buildConfiguration, buildConfiguration.getTargetRegistry()));
ListenableFuture<Authorization> retrieveBaseImageRegistryCredentialsFuture = listeningExecutorService.submit(new RetrieveRegistryCredentialsStep(buildConfiguration, buildConfiguration.getBaseImageRegistry()));
timer2.lap("Setting up image push authentication");
// Authenticates push.
ListenableFuture<Authorization> authenticatePushFuture = Futures.whenAllSucceed(retrieveTargetRegistryCredentialsFuture).call(new AuthenticatePushStep(buildConfiguration, retrieveTargetRegistryCredentialsFuture), listeningExecutorService);
timer2.lap("Setting up image pull authentication");
// Authenticates base image pull.
ListenableFuture<Authorization> authenticatePullFuture = Futures.whenAllSucceed(retrieveBaseImageRegistryCredentialsFuture).call(new AuthenticatePullStep(buildConfiguration, retrieveBaseImageRegistryCredentialsFuture), listeningExecutorService);
timer2.lap("Setting up base image pull");
// Pulls the base image.
ListenableFuture<Image> pullBaseImageFuture = Futures.whenAllSucceed(authenticatePullFuture).call(new PullBaseImageStep(buildConfiguration, authenticatePullFuture), listeningExecutorService);
timer2.lap("Setting up base image layer pull");
// Pulls and caches the base image layers.
ListenableFuture<List<ListenableFuture<CachedLayer>>> pullBaseImageLayerFuturesFuture = Futures.whenAllSucceed(pullBaseImageFuture).call(new PullAndCacheBaseImageLayersStep(buildConfiguration, baseLayersCache, listeningExecutorService, authenticatePullFuture, pullBaseImageFuture), listeningExecutorService);
timer2.lap("Setting up base image layer push");
// Pushes the base image layers.
ListenableFuture<List<ListenableFuture<Void>>> pushBaseImageLayerFuturesFuture = Futures.whenAllSucceed(pullBaseImageLayerFuturesFuture).call(new PushLayersStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, pullBaseImageLayerFuturesFuture), listeningExecutorService);
timer2.lap("Setting up build application layers");
// Builds the application layers.
List<ListenableFuture<CachedLayer>> buildAndCacheApplicationLayerFutures = new BuildAndCacheApplicationLayersStep(buildConfiguration, sourceFilesConfiguration, applicationLayersCache, listeningExecutorService).call();
timer2.lap("Setting up container configuration push");
// Builds and pushes the container configuration.
ListenableFuture<ListenableFuture<BlobDescriptor>> buildAndPushContainerConfigurationFutureFuture = Futures.whenAllSucceed(pullBaseImageLayerFuturesFuture).call(new BuildAndPushContainerConfigurationStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, pullBaseImageLayerFuturesFuture, buildAndCacheApplicationLayerFutures, entrypoint), listeningExecutorService);
timer2.lap("Setting up application layer push");
// Pushes the application layers.
List<ListenableFuture<Void>> pushApplicationLayersFuture = new PushLayersStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, Futures.immediateFuture(buildAndCacheApplicationLayerFutures)).call();
timer2.lap("Setting up image manifest push");
// Pushes the new image manifest.
ListenableFuture<Void> pushImageFuture = Futures.whenAllSucceed(pushBaseImageLayerFuturesFuture, buildAndPushContainerConfigurationFutureFuture).call(new PushImageStep(buildConfiguration, listeningExecutorService, authenticatePushFuture, pullBaseImageLayerFuturesFuture, buildAndCacheApplicationLayerFutures, pushBaseImageLayerFuturesFuture, pushApplicationLayersFuture, buildAndPushContainerConfigurationFutureFuture), listeningExecutorService);
timer2.lap("Running push new image");
pushImageFuture.get();
}
}
}
buildConfiguration.getBuildLogger().lifecycle("");
buildConfiguration.getBuildLogger().lifecycle("Container entrypoint set to " + entrypoint);
}
Aggregations