Search in sources :

Example 6 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class KubernetesConfigAuthUtilTest method readKubeConfigAuth_withNoKubeConfig.

@Test
public void readKubeConfigAuth_withNoKubeConfig() {
    executeWithTempSystemUserHome(() -> {
        final AuthConfig result = readKubeConfigAuth();
        assertThat(result).isNull();
    });
}
Also used : AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) Test(org.junit.Test)

Example 7 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class KubernetesConfigAuthUtilTest method readKubeConfigAuth_withValidKubeConfig.

@Test
public void readKubeConfigAuth_withValidKubeConfig() throws IOException {
    withKubeConfig("kube-config.yaml");
    executeWithTempSystemUserHome(() -> {
        final AuthConfig result = readKubeConfigAuth();
        assertThat(result).hasFieldOrPropertyWithValue("username", "user").hasFieldOrPropertyWithValue("password", "the-token");
    });
}
Also used : AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) Test(org.junit.Test)

Example 8 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class JibBuildService method getRegistryCredentials.

static Credential getRegistryCredentials(RegistryConfig registryConfig, boolean isPush, ImageConfiguration imageConfiguration, KitLogger log) throws IOException {
    String registry;
    if (isPush) {
        registry = EnvUtil.firstRegistryOf(new ImageName(imageConfiguration.getName()).getRegistry(), imageConfiguration.getRegistry(), registryConfig.getRegistry());
    } else {
        registry = EnvUtil.firstRegistryOf(new ImageName(getBaseImage(imageConfiguration)).getRegistry(), registryConfig.getRegistry());
    }
    if (registry == null || DEFAULT_DOCKER_REGISTRIES.contains(registry)) {
        // Let's assume docker is default registry.
        registry = DOCKER_LOGIN_DEFAULT_REGISTRY;
    }
    AuthConfigFactory authConfigFactory = new AuthConfigFactory(log);
    AuthConfig standardAuthConfig = authConfigFactory.createAuthConfig(isPush, registryConfig.isSkipExtendedAuth(), registryConfig.getAuthConfig(), registryConfig.getSettings(), null, registry, registryConfig.getPasswordDecryptionMethod());
    Credential credentials = null;
    if (standardAuthConfig != null) {
        credentials = Credential.from(standardAuthConfig.getUsername(), standardAuthConfig.getPassword());
    }
    return credentials;
}
Also used : ImageName(org.eclipse.jkube.kit.config.image.ImageName) Credential(com.google.cloud.tools.jib.api.Credential) AuthConfigFactory(org.eclipse.jkube.kit.build.service.docker.auth.AuthConfigFactory) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig)

Example 9 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class OpenshiftBuildService method checkOrCreatePullSecret.

private boolean checkOrCreatePullSecret(OpenShiftClient client, KubernetesListBuilder builder, String pullSecretName, ImageConfiguration imageConfig) throws Exception {
    BuildConfiguration buildConfig = imageConfig.getBuildConfiguration();
    String fromImage;
    if (buildConfig.isDockerFileMode()) {
        fromImage = extractBaseFromDockerfile(jKubeConfiguration, buildConfig);
    } else {
        fromImage = extractBaseFromConfiguration(buildConfig);
    }
    String pullRegistry = EnvUtil.firstRegistryOf(new ImageName(fromImage).getRegistry(), jKubeConfiguration.getRegistryConfig().getRegistry(), jKubeConfiguration.getRegistryConfig().getRegistry());
    if (pullRegistry != null) {
        RegistryConfig registryConfig = jKubeConfiguration.getRegistryConfig();
        final AuthConfig authConfig = new AuthConfigFactory(log).createAuthConfig(false, registryConfig.isSkipExtendedAuth(), registryConfig.getAuthConfig(), registryConfig.getSettings(), null, pullRegistry, registryConfig.getPasswordDecryptionMethod());
        final Secret secret = Optional.ofNullable(pullSecretName).map(psn -> client.secrets().inNamespace(applicableOpenShiftNamespace).withName(psn).get()).orElse(null);
        if (secret != null) {
            log.info("Adding to Secret %s", pullSecretName);
            return updateSecret(client, pullSecretName, secret.getData());
        }
        if (authConfig != null) {
            JsonObject auths = new JsonObject();
            JsonObject auth = new JsonObject();
            JsonObject item = new JsonObject();
            String authString = authConfig.getUsername() + ":" + authConfig.getPassword();
            item.add("auth", new JsonPrimitive(Base64.encodeBase64String(authString.getBytes(StandardCharsets.UTF_8))));
            auth.add(pullRegistry, item);
            auths.add("auths", auth);
            String credentials = Base64.encodeBase64String(auths.toString().getBytes(StandardCharsets.UTF_8));
            Map<String, String> data = new HashMap<>();
            data.put(".dockerconfigjson", credentials);
            log.info("Creating Secret");
            builder.addNewSecretItem().withNewMetadata().withName(pullSecretName).endMetadata().withData(data).withType("kubernetes.io/dockerconfigjson").endSecretItem();
            return true;
        }
    }
    return false;
}
Also used : BuildConfiguration(org.eclipse.jkube.kit.config.image.build.BuildConfiguration) RegistryConfig(org.eclipse.jkube.kit.common.RegistryConfig) Secret(io.fabric8.kubernetes.api.model.Secret) BuildServiceConfig(org.eclipse.jkube.kit.config.service.BuildServiceConfig) Quantity(io.fabric8.kubernetes.api.model.Quantity) JsonObject(com.google.gson.JsonObject) ImageConfiguration(org.eclipse.jkube.kit.config.image.ImageConfiguration) OpenShiftBuildServiceUtils.createBuildArchive(org.eclipse.jkube.kit.config.service.openshift.OpenShiftBuildServiceUtils.createBuildArchive) Watcher(io.fabric8.kubernetes.client.Watcher) BuildConfigSpec(io.fabric8.openshift.api.model.BuildConfigSpec) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) LogWatch(io.fabric8.kubernetes.client.dsl.LogWatch) Base64(org.apache.commons.codec.binary.Base64) ImageName(org.eclipse.jkube.kit.config.image.ImageName) EnvUtil(org.eclipse.jkube.kit.common.util.EnvUtil) Map(java.util.Map) Status(io.fabric8.kubernetes.api.model.Status) Build(io.fabric8.openshift.api.model.Build) KubernetesClientException(io.fabric8.kubernetes.client.KubernetesClientException) AbstractImageBuildService(org.eclipse.jkube.kit.config.service.AbstractImageBuildService) RegistryConfig(org.eclipse.jkube.kit.common.RegistryConfig) RuntimeMode(org.eclipse.jkube.kit.config.resource.RuntimeMode) ResourceFileType(org.eclipse.jkube.kit.common.ResourceFileType) BuildUtil.extractBaseFromConfiguration(org.eclipse.jkube.kit.build.api.helper.BuildUtil.extractBaseFromConfiguration) BuildStrategy(io.fabric8.openshift.api.model.BuildStrategy) StandardCharsets(java.nio.charset.StandardCharsets) BuildConfigSpecBuilder(io.fabric8.openshift.api.model.BuildConfigSpecBuilder) Objects(java.util.Objects) CountDownLatch(java.util.concurrent.CountDownLatch) List(java.util.List) JKubeServiceHub(org.eclipse.jkube.kit.config.service.JKubeServiceHub) Optional(java.util.Optional) Secret(io.fabric8.kubernetes.api.model.Secret) ClusterConfiguration(org.eclipse.jkube.kit.config.access.ClusterConfiguration) JKubeServiceException(org.eclipse.jkube.kit.config.service.JKubeServiceException) OpenShiftBuildServiceUtils.createBuildOutput(org.eclipse.jkube.kit.config.service.openshift.OpenShiftBuildServiceUtils.createBuildOutput) BuildUtil.extractBaseFromDockerfile(org.eclipse.jkube.kit.build.api.helper.BuildUtil.extractBaseFromDockerfile) OpenShiftBuildServiceUtils.computeS2IBuildName(org.eclipse.jkube.kit.config.service.openshift.OpenShiftBuildServiceUtils.computeS2IBuildName) OpenshiftHelper(org.eclipse.jkube.kit.common.util.OpenshiftHelper) ClusterAccess(org.eclipse.jkube.kit.config.access.ClusterAccess) BuildConfiguration(org.eclipse.jkube.kit.config.image.build.BuildConfiguration) BuildSource(io.fabric8.openshift.api.model.BuildSource) HashMap(java.util.HashMap) Watch(io.fabric8.kubernetes.client.Watch) AtomicReference(java.util.concurrent.atomic.AtomicReference) OpenshiftHelper.isOpenShift(org.eclipse.jkube.kit.common.util.OpenshiftHelper.isOpenShift) WatcherException(io.fabric8.kubernetes.client.WatcherException) JKubeConfiguration(org.eclipse.jkube.kit.common.JKubeConfiguration) AuthConfigFactory(org.eclipse.jkube.kit.build.service.docker.auth.AuthConfigFactory) JsonPrimitive(com.google.gson.JsonPrimitive) KubernetesList(io.fabric8.kubernetes.api.model.KubernetesList) BuildOutput(io.fabric8.openshift.api.model.BuildOutput) KubernetesListBuilder(io.fabric8.kubernetes.api.model.KubernetesListBuilder) ObjectReference(io.fabric8.kubernetes.api.model.ObjectReference) Pod(io.fabric8.kubernetes.api.model.Pod) IOException(java.io.IOException) KubernetesHelper(org.eclipse.jkube.kit.common.util.KubernetesHelper) OpenShiftClient(io.fabric8.openshift.client.OpenShiftClient) File(java.io.File) ImageStreamService.resolveImageStreamName(org.eclipse.jkube.kit.config.service.openshift.ImageStreamService.resolveImageStreamName) TimeUnit(java.util.concurrent.TimeUnit) BuildConfig(io.fabric8.openshift.api.model.BuildConfig) KitLogger(org.eclipse.jkube.kit.common.KitLogger) KubernetesClient(io.fabric8.kubernetes.client.KubernetesClient) ImageStreamBuilder(io.fabric8.openshift.api.model.ImageStreamBuilder) SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder) BuildConfigBuilder(io.fabric8.openshift.api.model.BuildConfigBuilder) OpenShiftBuildServiceUtils.createBuildStrategy(org.eclipse.jkube.kit.config.service.openshift.OpenShiftBuildServiceUtils.createBuildStrategy) ImageName(org.eclipse.jkube.kit.config.image.ImageName) JsonPrimitive(com.google.gson.JsonPrimitive) HashMap(java.util.HashMap) AuthConfigFactory(org.eclipse.jkube.kit.build.service.docker.auth.AuthConfigFactory) JsonObject(com.google.gson.JsonObject) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig)

Example 10 with AuthConfig

use of org.eclipse.jkube.kit.build.api.auth.AuthConfig in project jkube by eclipse.

the class AwsSdkAuthConfigFactoryTest method reflectionWorksForSessionCredentials.

@Test
public void reflectionWorksForSessionCredentials() throws Exception {
    String accessKey = randomUUID().toString();
    String secretKey = randomUUID().toString();
    String sessionToken = randomUUID().toString();
    Object credentials = new Object();
    new Expectations() {

        {
            awsSdkHelper.getCredentialsFromDefaultAWSCredentialsProviderChain();
            result = credentials;
            awsSdkHelper.getAWSAccessKeyIdFromCredentials(any);
            result = accessKey;
            awsSdkHelper.getAwsSecretKeyFromCredentials(any);
            result = secretKey;
            awsSdkHelper.getSessionTokenFromCrendentials(any);
            result = sessionToken;
        }
    };
    AuthConfig authConfig = objectUnderTest.createAuthConfig();
    assertNotNull(authConfig);
    assertEquals(accessKey, authConfig.getUsername());
    assertEquals(secretKey, authConfig.getPassword());
    assertEquals(sessionToken, authConfig.getAuth());
    assertNull(authConfig.getIdentityToken());
}
Also used : Expectations(mockit.Expectations) AuthConfig(org.eclipse.jkube.kit.build.api.auth.AuthConfig) Test(org.junit.Test)

Aggregations

AuthConfig (org.eclipse.jkube.kit.build.api.auth.AuthConfig)42 Test (org.junit.Test)34 RegistryAuthConfig (org.eclipse.jkube.kit.build.api.auth.RegistryAuthConfig)10 JsonObject (com.google.gson.JsonObject)6 Expectations (mockit.Expectations)6 IOException (java.io.IOException)4 HashMap (java.util.HashMap)4 Date (java.util.Date)3 MockUp (mockit.MockUp)3 ImageName (org.eclipse.jkube.kit.config.image.ImageName)3 ArrayList (java.util.ArrayList)2 HttpPost (org.apache.http.client.methods.HttpPost)2 StringEntity (org.apache.http.entity.StringEntity)2 AuthConfigFactory (org.eclipse.jkube.kit.build.service.docker.auth.AuthConfigFactory)2 RegistryServerConfiguration (org.eclipse.jkube.kit.common.RegistryServerConfiguration)2 SystemMock (org.eclipse.jkube.kit.common.SystemMock)2 Credential (com.google.cloud.tools.jib.api.Credential)1 Gson (com.google.gson.Gson)1 JsonPrimitive (com.google.gson.JsonPrimitive)1 KubernetesList (io.fabric8.kubernetes.api.model.KubernetesList)1