Example 1 with UnsatisfiedScmPreconditionException
use of org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException in project che-server by eclipse-che.
the class KubernetesGitCredentialManager method createOrReplace.
@Override
public void createOrReplace(PersonalAccessToken personalAccessToken) throws UnsatisfiedScmPreconditionException, ScmConfigurationPersistenceException {
try {
final String namespace = getFirstNamespace();
final KubernetesClient client = clientFactory.create();
// to avoid duplicating secrets we try to reuse existing one by matching
// hostname/username if possible, and update it. Otherwise, create new one.
Optional<Secret> existing = client.secrets().inNamespace(namespace).withLabels(SEARCH_LABELS).list().getItems().stream().filter(s -> s.getMetadata().getAnnotations() != null).filter(s -> Boolean.parseBoolean(s.getMetadata().getAnnotations().get(ANNOTATION_GIT_CREDENTIALS)) && personalAccessToken.getScmProviderUrl().equals(StringUtils.trimEnd(s.getMetadata().getAnnotations().get(ANNOTATION_SCM_URL), '/')) && personalAccessToken.getCheUserId().equals(s.getMetadata().getAnnotations().get(ANNOTATION_CHE_USERID)) && personalAccessToken.getScmUserName().equals(s.getMetadata().getAnnotations().get(ANNOTATION_SCM_USERNAME))).findFirst();
Secret secret = existing.orElseGet(() -> {
Map<String, String> annotations = new HashMap<>(DEFAULT_SECRET_ANNOTATIONS);
annotations.put(ANNOTATION_SCM_URL, personalAccessToken.getScmProviderUrl());
annotations.put(ANNOTATION_SCM_USERNAME, personalAccessToken.getScmUserName());
annotations.put(ANNOTATION_CHE_USERID, personalAccessToken.getCheUserId());
ObjectMeta meta = new ObjectMetaBuilder().withName(NameGenerator.generate(NAME_PATTERN, 5)).withAnnotations(annotations).withLabels(NEW_SECRET_LABELS).build();
return new SecretBuilder().withMetadata(meta).build();
});
URL scmUrl = new URL(personalAccessToken.getScmProviderUrl());
secret.setData(Map.of("credentials", Base64.getEncoder().encodeToString(format("%s://%s:%s@%s%s", scmUrl.getProtocol(), personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX) ? "oauth2" : personalAccessToken.getScmUserName(), URLEncoder.encode(personalAccessToken.getToken(), UTF_8), scmUrl.getHost(), scmUrl.getPort() != 80 && scmUrl.getPort() != -1 ? ":" + scmUrl.getPort() : "").getBytes())));
client.secrets().inNamespace(namespace).createOrReplace(secret);
} catch (InfrastructureException | MalformedURLException e) {
throw new ScmConfigurationPersistenceException(e.getMessage(), e);
}
}
Also used :
ANNOTATION_MOUNT_PATH(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_MOUNT_PATH)
KubernetesClientFactory(org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesClientFactory)
ANNOTATION_DEV_WORKSPACE_MOUNT_PATH(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_DEV_WORKSPACE_MOUNT_PATH)
URL(java.net.URL)
ANNOTATION_AUTOMOUNT(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_AUTOMOUNT)
HashMap(java.util.HashMap)
OAUTH_2_PREFIX(org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_PREFIX)
Singleton(javax.inject.Singleton)
Inject(javax.inject.Inject)
PersonalAccessToken(org.eclipse.che.api.factory.server.scm.PersonalAccessToken)
DEV_WORKSPACE_PREFIX(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.DEV_WORKSPACE_PREFIX)
Map(java.util.Map)
ScmConfigurationPersistenceException(org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException)
ANNOTATION_MOUNT_AS(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_MOUNT_AS)
NameGenerator(org.eclipse.che.commons.lang.NameGenerator)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
ImmutableMap(com.google.common.collect.ImmutableMap)
MalformedURLException(java.net.MalformedURLException)
GitCredentialManager(org.eclipse.che.api.factory.server.scm.GitCredentialManager)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
UTF_8(java.nio.charset.StandardCharsets.UTF_8)
String.format(java.lang.String.format)
KubernetesNamespaceFactory(org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory)
InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)
URLEncoder(java.net.URLEncoder)
Base64(java.util.Base64)
UnsatisfiedScmPreconditionException(org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException)
ANNOTATION_GIT_CREDENTIALS(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_GIT_CREDENTIALS)
ObjectMeta(io.fabric8.kubernetes.api.model.ObjectMeta)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
Secret(io.fabric8.kubernetes.api.model.Secret)
Optional(java.util.Optional)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
StringUtils(org.eclipse.che.commons.lang.StringUtils)
ObjectMeta(io.fabric8.kubernetes.api.model.ObjectMeta)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
MalformedURLException(java.net.MalformedURLException)
HashMap(java.util.HashMap)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
URL(java.net.URL)
Secret(io.fabric8.kubernetes.api.model.Secret)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)
ScmConfigurationPersistenceException(org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException)
Example 2 with UnsatisfiedScmPreconditionException
use of org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException in project che-server by eclipse-che.
the class AuthorizingFileContentProvider method fetchContent.
@Override
public String fetchContent(String fileURL) throws IOException, DevfileException {
final String requestURL = formatUrl(fileURL);
try {
Optional<PersonalAccessToken> token = personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), remoteFactoryUrl.getHostName());
if (token.isPresent()) {
PersonalAccessToken personalAccessToken = token.get();
String content = urlFetcher.fetch(requestURL, formatAuthorization(personalAccessToken.getToken()));
gitCredentialManager.createOrReplace(personalAccessToken);
return content;
} else {
try {
return urlFetcher.fetch(requestURL);
} catch (IOException exception) {
if (exception instanceof SSLException) {
ScmCommunicationException cause = new ScmCommunicationException(String.format("Failed to fetch a content from URL %s due to TLS key misconfiguration. Please refer to the docs about how to correctly import it. ", requestURL));
throw new DevfileException(exception.getMessage(), cause);
} else if (exception instanceof FileNotFoundException) {
if (isPublicRepository(remoteFactoryUrl)) {
// for public repo-s return 404 as-is
throw exception;
}
}
// unable to determine exact cause, so let's just try to authorize...
try {
PersonalAccessToken personalAccessToken = personalAccessTokenManager.fetchAndSave(EnvironmentContext.getCurrent().getSubject(), remoteFactoryUrl.getHostName());
String content = urlFetcher.fetch(requestURL, formatAuthorization(personalAccessToken.getToken()));
gitCredentialManager.createOrReplace(personalAccessToken);
return content;
} catch (ScmUnauthorizedException | UnknownScmProviderException e) {
throw new DevfileException(e.getMessage(), e);
} catch (ScmCommunicationException e) {
throw new IOException(String.format("Failed to fetch a content from URL %s. Make sure the URL" + " is correct. For private repository, make sure authentication is configured." + " Additionally, if you're using " + " relative form, make sure the referenced file are actually stored" + " relative to the devfile on the same host," + " or try to specify URL in absolute form. The current attempt to authenticate" + " request, failed with the following error message: %s", fileURL, e.getMessage()), e);
}
}
}
} catch (ScmConfigurationPersistenceException | UnsatisfiedScmPreconditionException | ScmUnauthorizedException | ScmCommunicationException e) {
throw new DevfileException(e.getMessage(), e);
}
}
Also used :
ScmCommunicationException(org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException)
FileNotFoundException(java.io.FileNotFoundException)
IOException(java.io.IOException)
SSLException(javax.net.ssl.SSLException)
DevfileException(org.eclipse.che.api.workspace.server.devfile.exception.DevfileException)
ScmUnauthorizedException(org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException)
UnsatisfiedScmPreconditionException(org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException)
ScmConfigurationPersistenceException(org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException)
Example 3 with UnsatisfiedScmPreconditionException
use of org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException in project devspaces-images by redhat-developer.
the class KubernetesGitCredentialManager method createOrReplace.
@Override
public void createOrReplace(PersonalAccessToken personalAccessToken) throws UnsatisfiedScmPreconditionException, ScmConfigurationPersistenceException {
try {
final String namespace = getFirstNamespace();
final KubernetesClient client = clientFactory.create();
// to avoid duplicating secrets we try to reuse existing one by matching
// hostname/username if possible, and update it. Otherwise, create new one.
Optional<Secret> existing = client.secrets().inNamespace(namespace).withLabels(SEARCH_LABELS).list().getItems().stream().filter(s -> s.getMetadata().getAnnotations() != null).filter(s -> Boolean.parseBoolean(s.getMetadata().getAnnotations().get(ANNOTATION_GIT_CREDENTIALS)) && personalAccessToken.getScmProviderUrl().equals(StringUtils.trimEnd(s.getMetadata().getAnnotations().get(ANNOTATION_SCM_URL), '/')) && personalAccessToken.getCheUserId().equals(s.getMetadata().getAnnotations().get(ANNOTATION_CHE_USERID)) && personalAccessToken.getScmUserName().equals(s.getMetadata().getAnnotations().get(ANNOTATION_SCM_USERNAME))).findFirst();
Secret secret = existing.orElseGet(() -> {
Map<String, String> annotations = new HashMap<>(DEFAULT_SECRET_ANNOTATIONS);
annotations.put(ANNOTATION_SCM_URL, personalAccessToken.getScmProviderUrl());
annotations.put(ANNOTATION_SCM_USERNAME, personalAccessToken.getScmUserName());
annotations.put(ANNOTATION_CHE_USERID, personalAccessToken.getCheUserId());
ObjectMeta meta = new ObjectMetaBuilder().withName(NameGenerator.generate(NAME_PATTERN, 5)).withAnnotations(annotations).withLabels(NEW_SECRET_LABELS).build();
return new SecretBuilder().withMetadata(meta).build();
});
URL scmUrl = new URL(personalAccessToken.getScmProviderUrl());
secret.setData(Map.of("credentials", Base64.getEncoder().encodeToString(format("%s://%s:%s@%s%s", scmUrl.getProtocol(), personalAccessToken.getScmTokenName().startsWith(OAUTH_2_PREFIX) ? "oauth2" : personalAccessToken.getScmUserName(), URLEncoder.encode(personalAccessToken.getToken(), UTF_8), scmUrl.getHost(), scmUrl.getPort() != 80 && scmUrl.getPort() != -1 ? ":" + scmUrl.getPort() : "").getBytes())));
client.secrets().inNamespace(namespace).createOrReplace(secret);
} catch (InfrastructureException | MalformedURLException e) {
throw new ScmConfigurationPersistenceException(e.getMessage(), e);
}
}
Also used :
ANNOTATION_MOUNT_PATH(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_MOUNT_PATH)
KubernetesClientFactory(org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesClientFactory)
ANNOTATION_DEV_WORKSPACE_MOUNT_PATH(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_DEV_WORKSPACE_MOUNT_PATH)
URL(java.net.URL)
ANNOTATION_AUTOMOUNT(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_AUTOMOUNT)
HashMap(java.util.HashMap)
OAUTH_2_PREFIX(org.eclipse.che.api.factory.server.scm.PersonalAccessTokenFetcher.OAUTH_2_PREFIX)
Singleton(javax.inject.Singleton)
Inject(javax.inject.Inject)
PersonalAccessToken(org.eclipse.che.api.factory.server.scm.PersonalAccessToken)
DEV_WORKSPACE_PREFIX(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.DEV_WORKSPACE_PREFIX)
Map(java.util.Map)
ScmConfigurationPersistenceException(org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException)
ANNOTATION_MOUNT_AS(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_MOUNT_AS)
NameGenerator(org.eclipse.che.commons.lang.NameGenerator)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
ImmutableMap(com.google.common.collect.ImmutableMap)
MalformedURLException(java.net.MalformedURLException)
GitCredentialManager(org.eclipse.che.api.factory.server.scm.GitCredentialManager)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
UTF_8(java.nio.charset.StandardCharsets.UTF_8)
String.format(java.lang.String.format)
KubernetesNamespaceFactory(org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory)
InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)
URLEncoder(java.net.URLEncoder)
Base64(java.util.Base64)
UnsatisfiedScmPreconditionException(org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException)
ANNOTATION_GIT_CREDENTIALS(org.eclipse.che.workspace.infrastructure.kubernetes.provision.secret.KubernetesSecretAnnotationNames.ANNOTATION_GIT_CREDENTIALS)
ObjectMeta(io.fabric8.kubernetes.api.model.ObjectMeta)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
Secret(io.fabric8.kubernetes.api.model.Secret)
Optional(java.util.Optional)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
StringUtils(org.eclipse.che.commons.lang.StringUtils)
ObjectMeta(io.fabric8.kubernetes.api.model.ObjectMeta)
KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient)
MalformedURLException(java.net.MalformedURLException)
HashMap(java.util.HashMap)
ObjectMetaBuilder(io.fabric8.kubernetes.api.model.ObjectMetaBuilder)
URL(java.net.URL)
Secret(io.fabric8.kubernetes.api.model.Secret)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)
ScmConfigurationPersistenceException(org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException)
Example 4 with UnsatisfiedScmPreconditionException
use of org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException in project devspaces-images by redhat-developer.
the class AuthorizingFileContentProvider method fetchContent.
@Override
public String fetchContent(String fileURL) throws IOException, DevfileException {
final String requestURL = formatUrl(fileURL);
try {
Optional<PersonalAccessToken> token = personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), remoteFactoryUrl.getHostName());
if (token.isPresent()) {
PersonalAccessToken personalAccessToken = token.get();
String content = urlFetcher.fetch(requestURL, formatAuthorization(personalAccessToken.getToken()));
gitCredentialManager.createOrReplace(personalAccessToken);
return content;
} else {
try {
return urlFetcher.fetch(requestURL);
} catch (IOException exception) {
if (exception instanceof SSLException) {
ScmCommunicationException cause = new ScmCommunicationException(String.format("Failed to fetch a content from URL %s due to TLS key misconfiguration. Please refer to the docs about how to correctly import it. ", requestURL));
throw new DevfileException(exception.getMessage(), cause);
} else if (exception instanceof FileNotFoundException) {
if (isPublicRepository(remoteFactoryUrl)) {
// for public repo-s return 404 as-is
throw exception;
}
}
// unable to determine exact cause, so let's just try to authorize...
try {
PersonalAccessToken personalAccessToken = personalAccessTokenManager.fetchAndSave(EnvironmentContext.getCurrent().getSubject(), remoteFactoryUrl.getHostName());
String content = urlFetcher.fetch(requestURL, formatAuthorization(personalAccessToken.getToken()));
gitCredentialManager.createOrReplace(personalAccessToken);
return content;
} catch (ScmUnauthorizedException | UnknownScmProviderException e) {
throw new DevfileException(e.getMessage(), e);
} catch (ScmCommunicationException e) {
throw new IOException(String.format("Failed to fetch a content from URL %s. Make sure the URL" + " is correct. For private repository, make sure authentication is configured." + " Additionally, if you're using " + " relative form, make sure the referenced file are actually stored" + " relative to the devfile on the same host," + " or try to specify URL in absolute form. The current attempt to authenticate" + " request, failed with the following error message: %s", fileURL, e.getMessage()), e);
}
}
}
} catch (ScmConfigurationPersistenceException | UnsatisfiedScmPreconditionException | ScmUnauthorizedException | ScmCommunicationException e) {
throw new DevfileException(e.getMessage(), e);
}
}
Also used :
ScmCommunicationException(org.eclipse.che.api.factory.server.scm.exception.ScmCommunicationException)
FileNotFoundException(java.io.FileNotFoundException)
IOException(java.io.IOException)
SSLException(javax.net.ssl.SSLException)
DevfileException(org.eclipse.che.api.workspace.server.devfile.exception.DevfileException)
ScmUnauthorizedException(org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException)
UnsatisfiedScmPreconditionException(org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException)
ScmConfigurationPersistenceException(org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException)
Aggregations
ScmConfigurationPersistenceException (org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException)4
UnsatisfiedScmPreconditionException (org.eclipse.che.api.factory.server.scm.exception.UnsatisfiedScmPreconditionException)4
ImmutableMap (com.google.common.collect.ImmutableMap)2
ObjectMeta (io.fabric8.kubernetes.api.model.ObjectMeta)2
ObjectMetaBuilder (io.fabric8.kubernetes.api.model.ObjectMetaBuilder)2
Secret (io.fabric8.kubernetes.api.model.Secret)2
SecretBuilder (io.fabric8.kubernetes.api.model.SecretBuilder)2
KubernetesClient (io.fabric8.kubernetes.client.KubernetesClient)2
FileNotFoundException (java.io.FileNotFoundException)2
IOException (java.io.IOException)2
String.format (java.lang.String.format)2
MalformedURLException (java.net.MalformedURLException)2
URL (java.net.URL)2
URLEncoder (java.net.URLEncoder)2
UTF_8 (java.nio.charset.StandardCharsets.UTF_8)2
Base64 (java.util.Base64)2
HashMap (java.util.HashMap)2
Map (java.util.Map)2
Optional (java.util.Optional)2
Inject (javax.inject.Inject)2
