Examples with KubernetesAuthConfig org.jenkinsci.plugins.kubernetes.auth.KubernetesAuthConfig used on opensource projects

Example 1 with KubernetesAuthConfig

use of org.jenkinsci.plugins.kubernetes.auth.KubernetesAuthConfig in project kubernetes-plugin by jenkinsci.

the class KubectlBuildWrapper method setUp.

@Override
public void setUp(Context context, Run<?, ?> build, FilePath workspace, Launcher launcher, TaskListener listener, EnvVars initialEnvironment) throws IOException, InterruptedException {
    if (credentialsId == null) {
        throw new AbortException("No credentials defined to setup Kubernetes CLI");
    }
    workspace.mkdirs();
    FilePath configFile = workspace.createTempFile(".kube", "config");
    Set<String> tempFiles = new HashSet<>(Arrays.asList(configFile.getRemote()));
    context.env("KUBECONFIG", configFile.getRemote());
    context.setDisposer(new CleanupDisposer(tempFiles));
    StandardCredentials credentials = CredentialsProvider.findCredentialById(credentialsId, StandardCredentials.class, build, Collections.emptyList());
    if (credentials == null) {
        throw new AbortException("No credentials found for id \"" + credentialsId + "\"");
    }
    KubernetesAuth auth = AuthenticationTokens.convert(KubernetesAuth.class, credentials);
    if (auth == null) {
        throw new AbortException("Unsupported Credentials type " + credentials.getClass().getName());
    }
    try (Writer w = new OutputStreamWriter(configFile.write(), StandardCharsets.UTF_8)) {
        w.write(auth.buildKubeConfig(new KubernetesAuthConfig(getServerUrl(), getCaCertificate(), getCaCertificate() == null)));
    } catch (KubernetesAuthException e) {
        throw new AbortException(e.getMessage());
    }
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    ByteArrayOutputStream err = new ByteArrayOutputStream();
    String cmd = "kubectl version";
    int status = launcher.launch().cmdAsSingleString(cmd).stdout(out).stderr(err).quiet(true).envs("KUBECONFIG=" + configFile.getRemote()).join();
    if (status != 0) {
        StringBuilder msgBuilder = new StringBuilder("Failed to run \"").append(cmd).append("\". Returned status code ").append(status).append(".\n");
        msgBuilder.append("stdout:\n").append(out).append("\n");
        msgBuilder.append("stderr:\n").append(err);
        throw new AbortException(msgBuilder.toString());
    }
}

Example 2 with KubernetesAuthConfig

use of org.jenkinsci.plugins.kubernetes.auth.KubernetesAuthConfig in project kubernetes-plugin by jenkinsci.

the class KubernetesFactoryAdapter method createClient.

public KubernetesClient createClient() throws KubernetesAuthException {
    ConfigBuilder builder;
    if (StringUtils.isBlank(serviceAddress)) {
        LOGGER.log(FINE, "Autoconfiguring Kubernetes client");
        builder = new ConfigBuilder(Config.autoConfigure(null));
    } else {
        // although this will still autoconfigure based on Config constructor notes
        // In future releases (2.4.x) the public constructor will be empty.
        // The current functionality will be provided by autoConfigure().
        // This is a necessary change to allow us distinguish between auto configured values and builder values.
        builder = new ConfigBuilder().withMasterUrl(serviceAddress);
    }
    if (auth != null) {
        builder = auth.decorate(builder, new KubernetesAuthConfig(builder.getMasterUrl(), caCertData, skipTlsVerify));
    }
    if (skipTlsVerify) {
        builder.withTrustCerts(true);
    }
    if (caCertData != null) {
        // JENKINS-38829 CaCertData expects a Base64 encoded certificate
        builder.withCaCertData(Base64.getEncoder().encodeToString(caCertData.getBytes(UTF_8)));
    }
    builder = builder.withRequestTimeout(readTimeout * 1000).withConnectionTimeout(connectTimeout * 1000);
    builder.withMaxConcurrentRequestsPerHost(maxRequestsPerHost);
    builder.withMaxConcurrentRequests(maxRequestsPerHost);
    if (!StringUtils.isBlank(namespace)) {
        builder.withNamespace(namespace);
    } else if (StringUtils.isBlank(builder.getNamespace())) {
        builder.withNamespace("default");
    }
    LOGGER.log(FINE, "Creating Kubernetes client: {0}", this.toString());
    // JENKINS-63584 If Jenkins has an configured Proxy and cloud has enabled proxy usage pass the arguments to K8S
    LOGGER.log(FINE, "Proxy Settings for Cloud: " + useJenkinsProxy);
    if (useJenkinsProxy) {
        Jenkins jenkins = Jenkins.getInstanceOrNull();
        LOGGER.log(FINE, "Jenkins Instance: " + jenkins);
        if (jenkins != null) {
            ProxyConfiguration p = jenkins.proxy;
            LOGGER.log(FINE, "Proxy Instance: " + p);
            if (p != null) {
                builder.withHttpsProxy("http://" + p.name + ":" + p.port);
                builder.withHttpProxy("http://" + p.name + ":" + p.port);
                if (p.name != null) {
                    String password = getProxyPasswordDecrypted(p);
                    builder.withProxyUsername(p.name);
                    builder.withProxyPassword(password);
                }
                builder.withNoProxy(p.getNoProxyHost().split("\n"));
            }
        }
    }
    return new DefaultKubernetesClient(builder.build());
}