Search in sources :

Example 1 with AuthConfig

use of io.fabric8.maven.docker.access.AuthConfig in project docker-maven-plugin by fabric8io.

the class RegistryService method pushImages.

/**
 * Push a set of images to a registry
 *
 * @param imageConfigs images to push (but only if they have a build configuration)
 * @param retries how often to retry
 * @param registryConfig a global registry configuration
 * @throws DockerAccessException
 * @throws MojoExecutionException
 */
public void pushImages(Collection<ImageConfiguration> imageConfigs, int retries, RegistryConfig registryConfig) throws DockerAccessException, MojoExecutionException {
    for (ImageConfiguration imageConfig : imageConfigs) {
        BuildImageConfiguration buildConfig = imageConfig.getBuildConfiguration();
        String name = imageConfig.getName();
        if (buildConfig != null) {
            String configuredRegistry = EnvUtil.fistRegistryOf(new ImageName(imageConfig.getName()).getRegistry(), imageConfig.getRegistry(), registryConfig.getRegistry());
            AuthConfig authConfig = createAuthConfig(true, new ImageName(name).getUser(), configuredRegistry, registryConfig);
            long start = System.currentTimeMillis();
            docker.pushImage(name, authConfig, configuredRegistry, retries);
            log.info("Pushed %s in %s", name, EnvUtil.formatDurationTill(start));
            for (String tag : imageConfig.getBuildConfiguration().getTags()) {
                if (tag != null) {
                    docker.pushImage(new ImageName(name, tag).getFullName(), authConfig, configuredRegistry, retries);
                }
            }
        }
    }
}
Also used : ImageName(io.fabric8.maven.docker.util.ImageName) BuildImageConfiguration(io.fabric8.maven.docker.config.BuildImageConfiguration) ImageConfiguration(io.fabric8.maven.docker.config.ImageConfiguration) AuthConfig(io.fabric8.maven.docker.access.AuthConfig) BuildImageConfiguration(io.fabric8.maven.docker.config.BuildImageConfiguration)

Example 2 with AuthConfig

use of io.fabric8.maven.docker.access.AuthConfig in project kubernetes by ballerinax.

the class DockerHandler method pushImage.

/**
 * Push docker image.
 *
 * @param dockerModel DockerModel
 * @throws InterruptedException When error with docker build process
 * @throws IOException          When error with docker build process
 */
public void pushImage(DockerModel dockerModel) throws InterruptedException, IOException, KubernetesPluginException {
    AuthConfig authConfig = new AuthConfigBuilder().withUsername(dockerModel.getUsername()).withPassword(dockerModel.getPassword()).build();
    Config config = new ConfigBuilder().withDockerUrl(dockerModel.getDockerHost()).addToAuthConfigs(RegistryUtils.extractRegistry(dockerModel.getName()), authConfig).build();
    DockerClient client = new DefaultDockerClient(config);
    final DockerError dockerError = new DockerError();
    OutputHandle handle = client.image().withName(dockerModel.getName()).push().usingListener(new EventListener() {

        @Override
        public void onSuccess(String message) {
            pushDone.countDown();
        }

        @Override
        public void onError(String message) {
            pushDone.countDown();
            dockerError.setErrorMsg("error pushing docker image: " + message);
        }

        @Override
        public void onError(Throwable t) {
            pushDone.countDown();
            dockerError.setErrorMsg("error pushing docker image: " + t.getMessage());
        }

        @Override
        public void onEvent(String event) {
            printDebug(event);
        }
    }).toRegistry();
    pushDone.await();
    handle.close();
    client.close();
    handleError(dockerError);
}
Also used : AuthConfigBuilder(io.fabric8.docker.api.model.AuthConfigBuilder) DefaultDockerClient(io.fabric8.docker.client.DefaultDockerClient) DockerClient(io.fabric8.docker.client.DockerClient) Config(io.fabric8.docker.client.Config) AuthConfig(io.fabric8.docker.api.model.AuthConfig) DefaultDockerClient(io.fabric8.docker.client.DefaultDockerClient) AuthConfigBuilder(io.fabric8.docker.api.model.AuthConfigBuilder) ConfigBuilder(io.fabric8.docker.client.ConfigBuilder) OutputHandle(io.fabric8.docker.dsl.OutputHandle) AuthConfig(io.fabric8.docker.api.model.AuthConfig) EventListener(io.fabric8.docker.dsl.EventListener)

Example 3 with AuthConfig

use of io.fabric8.maven.docker.access.AuthConfig in project docker-maven-plugin by fabric8io.

the class AuthConfigFactory method readAwsCredentials.

private AuthConfig readAwsCredentials(CloseableHttpClient client, HttpGet request) throws IOException {
    try (CloseableHttpResponse response = client.execute(request)) {
        if (response.getStatusLine().getStatusCode() != HttpStatus.SC_OK) {
            log.debug("No security credential found, return code was %d", response.getStatusLine().getStatusCode());
            // no instance role found
            return null;
        }
        // read instance role
        try (Reader r = new InputStreamReader(response.getEntity().getContent(), StandardCharsets.UTF_8)) {
            JsonObject securityCredentials = new Gson().fromJson(r, JsonObject.class);
            String user = securityCredentials.getAsJsonPrimitive("AccessKeyId").getAsString();
            String password = securityCredentials.getAsJsonPrimitive("SecretAccessKey").getAsString();
            String token = securityCredentials.getAsJsonPrimitive("Token").getAsString();
            log.debug("Received temporary access key %s...", user.substring(0, 8));
            return new AuthConfig(user, password, "none", token);
        }
    }
}
Also used : InputStreamReader(java.io.InputStreamReader) CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) JsonObject(com.google.gson.JsonObject) Gson(com.google.gson.Gson) AuthConfig(io.fabric8.maven.docker.access.AuthConfig)

Example 4 with AuthConfig

use of io.fabric8.maven.docker.access.AuthConfig in project docker-maven-plugin by fabric8io.

the class AuthConfigFactory method createAuthConfig.

/**
 * Create an authentication config object which can be used for communication with a Docker registry
 *
 * The authentication information is looked up at various places (in this order):
 *
 * <ul>
 *    <li>From system properties</li>
 *    <li>From the provided map which can contain key-value pairs</li>
 *    <li>From the openshift settings in ~/.config/kube</li>
 *    <li>From the Maven settings stored typically in ~/.m2/settings.xml</li>
 *    <li>From the Docker settings stored in ~/.docker/config.json</li>
 * </ul>
 *
 * The following properties (prefix with 'docker.') and config key are evaluated:
 *
 * <ul>
 *     <li>username: User to authenticate</li>
 *     <li>password: Password to authenticate. Can be encrypted</li>
 *     <li>email: Optional EMail address which is send to the registry, too</li>
 * </ul>
 *
 *  If the repository is in an aws ecr registry and skipExtendedAuth is not true, if found
 *  credentials are not from docker settings, they will be interpreted as iam credentials
 *  and exchanged for ecr credentials.
 *
 * @param isPush if true this AuthConfig is created for a push, if false it's for a pull
 * @param skipExtendedAuth if true, do not execute extended authentication methods
 * @param authConfig String-String Map holding configuration info from the plugin's configuration. Can be <code>null</code> in
 *                   which case the settings are consulted.
 * @param settings the global Maven settings object
 * @param user user to check for
 * @param registry registry to use, might be null in which case a default registry is checked,
 * @return the authentication configuration or <code>null</code> if none could be found
 *
 * @throws MojoFailureException
 */
public AuthConfig createAuthConfig(boolean isPush, boolean skipExtendedAuth, Map authConfig, Settings settings, String user, String registry) throws MojoExecutionException {
    AuthConfig ret = createStandardAuthConfig(isPush, authConfig, settings, user, registry);
    if (ret != null) {
        if (registry == null || skipExtendedAuth) {
            return ret;
        }
        try {
            return extendedAuthentication(ret, registry);
        } catch (IOException e) {
            throw new MojoExecutionException(e.getMessage(), e);
        }
    }
    // Finally check ~/.docker/config.json
    ret = getAuthConfigFromDockerConfig(registry);
    if (ret != null) {
        log.debug("AuthConfig: credentials from ~/.docker/config.json");
        return ret;
    }
    log.debug("AuthConfig: no credentials found");
    return null;
}
Also used : MojoExecutionException(org.apache.maven.plugin.MojoExecutionException) AuthConfig(io.fabric8.maven.docker.access.AuthConfig) IOException(java.io.IOException)

Example 5 with AuthConfig

use of io.fabric8.maven.docker.access.AuthConfig in project docker-maven-plugin by fabric8io.

the class AuthConfigFactory method extractAuthConfigFromDockerConfigAuths.

private AuthConfig extractAuthConfigFromDockerConfigAuths(String registryToLookup, JsonObject auths) {
    JsonObject credentials = getCredentialsNode(auths, registryToLookup);
    if (credentials == null || !credentials.has("auth")) {
        return null;
    }
    String auth = credentials.get("auth").getAsString();
    String identityToken = credentials.has("identitytoken") ? credentials.get("identitytoken").getAsString() : null;
    String email = credentials.has(AuthConfig.AUTH_EMAIL) && !credentials.get(AuthConfig.AUTH_EMAIL).isJsonNull() ? credentials.get(AuthConfig.AUTH_EMAIL).getAsString() : null;
    return new AuthConfig(auth, email, identityToken);
}
Also used : JsonObject(com.google.gson.JsonObject) AuthConfig(io.fabric8.maven.docker.access.AuthConfig)

Aggregations

AuthConfig (io.fabric8.maven.docker.access.AuthConfig)38 Test (org.junit.Test)26 BuildImageConfiguration (io.fabric8.maven.docker.config.BuildImageConfiguration)5 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)5 ImageConfiguration (io.fabric8.maven.docker.config.ImageConfiguration)4 ImageName (io.fabric8.maven.docker.util.ImageName)4 HashMap (java.util.HashMap)4 Credential (com.google.cloud.tools.jib.api.Credential)3 JsonObject (com.google.gson.JsonObject)3 IOException (java.io.IOException)3 Date (java.util.Date)3 Map (java.util.Map)3 MojoExecutionException (org.apache.maven.plugin.MojoExecutionException)3 ImmutableMap (com.google.common.collect.ImmutableMap)2 Collections.singletonMap (java.util.Collections.singletonMap)2 Expectations (mockit.Expectations)2 Verifications (mockit.Verifications)2 HttpPost (org.apache.http.client.methods.HttpPost)2 StringEntity (org.apache.http.entity.StringEntity)2 Gson (com.google.gson.Gson)1