Merge pull request #22972 from wmz7year
* gh-22972: Polish "Support authentication to private Docker registry" Support authentication to private docker registry Closes gh-22972pull/23391/head
Scott Frederick
4 years ago
commit
d1338a66f7
@ -0,0 +1,56 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
/**
|
||||
* Docker configuration options.
|
||||
*
|
||||
* @author Wei Jiang
|
||||
* @author Scott Frederick
|
||||
* @since 2.4.0
|
||||
*/
|
||||
public final class DockerConfiguration {
|
||||
|
||||
private final DockerRegistryAuthentication authentication;
|
||||
|
||||
private DockerConfiguration(DockerRegistryAuthentication authentication) {
|
||||
this.authentication = authentication;
|
||||
}
|
||||
|
||||
public DockerRegistryAuthentication getRegistryAuthentication() {
|
||||
return this.authentication;
|
||||
}
|
||||
|
||||
public static DockerConfiguration withDefaults() {
|
||||
return new DockerConfiguration(null);
|
||||
}
|
||||
|
||||
public static DockerConfiguration withRegistryTokenAuthentication(String token) {
|
||||
Assert.notNull(token, "Token must not be null");
|
||||
return new DockerConfiguration(new DockerRegistryTokenAuthentication(token));
|
||||
}
|
||||
|
||||
public static DockerConfiguration withRegistryUserAuthentication(String username, String password, String url,
|
||||
String email) {
|
||||
Assert.notNull(username, "Username must not be null");
|
||||
Assert.notNull(password, "Password must not be null");
|
||||
return new DockerConfiguration(new DockerRegistryUserAuthentication(username, password, url, email));
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,41 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
|
||||
import org.springframework.boot.buildpack.platform.json.SharedObjectMapper;
|
||||
import org.springframework.util.Base64Utils;
|
||||
|
||||
/**
|
||||
* Docker registry authentication configuration.
|
||||
*
|
||||
* @author Scott Frederick
|
||||
* @since 2.4.0
|
||||
*/
|
||||
public abstract class DockerRegistryAuthentication {
|
||||
|
||||
public String createAuthHeader() {
|
||||
try {
|
||||
return Base64Utils.encodeToUrlSafeString(SharedObjectMapper.get().writeValueAsBytes(this));
|
||||
}
|
||||
catch (JsonProcessingException ex) {
|
||||
throw new IllegalStateException("Error creating Docker registry authentication header", ex);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,39 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
|
||||
/**
|
||||
* Docker registry authentication configuration using a token.
|
||||
*
|
||||
* @author Scott Frederick
|
||||
*/
|
||||
class DockerRegistryTokenAuthentication extends DockerRegistryAuthentication {
|
||||
|
||||
@JsonProperty("identitytoken")
|
||||
private final String token;
|
||||
|
||||
DockerRegistryTokenAuthentication(String token) {
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
String getToken() {
|
||||
return this.token;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,63 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
|
||||
/**
|
||||
* Docker registry authentication configuration using user credentials.
|
||||
*
|
||||
* @author Scott Frederick
|
||||
*/
|
||||
class DockerRegistryUserAuthentication extends DockerRegistryAuthentication {
|
||||
|
||||
@JsonProperty
|
||||
private final String username;
|
||||
|
||||
@JsonProperty
|
||||
private final String password;
|
||||
|
||||
@JsonProperty("serveraddress")
|
||||
private final String url;
|
||||
|
||||
@JsonProperty
|
||||
private final String email;
|
||||
|
||||
DockerRegistryUserAuthentication(String username, String password, String url, String email) {
|
||||
this.username = username;
|
||||
this.password = password;
|
||||
this.url = url;
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
String getUsername() {
|
||||
return this.username;
|
||||
}
|
||||
|
||||
String getPassword() {
|
||||
return this.password;
|
||||
}
|
||||
|
||||
String getUrl() {
|
||||
return this.url;
|
||||
}
|
||||
|
||||
String getEmail() {
|
||||
return this.email;
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,20 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
/**
|
||||
* Docker configuration options.
|
||||
*/
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
@ -0,0 +1,61 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
/**
|
||||
* Tests for {@link DockerConfiguration}.
|
||||
*
|
||||
* @author Wei Jiang
|
||||
* @author Scott Frederick
|
||||
*/
|
||||
public class DockerConfigurationTests {
|
||||
|
||||
@Test
|
||||
void createDockerConfigurationWithDefaults() {
|
||||
DockerConfiguration configuration = DockerConfiguration.withDefaults();
|
||||
assertThat(configuration.getRegistryAuthentication()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void createDockerConfigurationWithUserAuth() {
|
||||
DockerConfiguration configuration = DockerConfiguration.withRegistryUserAuthentication("user", "secret",
|
||||
"https://docker.example.com", "docker@example.com");
|
||||
DockerRegistryAuthentication auth = configuration.getRegistryAuthentication();
|
||||
assertThat(auth).isNotNull();
|
||||
assertThat(auth).isInstanceOf(DockerRegistryUserAuthentication.class);
|
||||
DockerRegistryUserAuthentication userAuth = (DockerRegistryUserAuthentication) auth;
|
||||
assertThat(userAuth.getUrl()).isEqualTo("https://docker.example.com");
|
||||
assertThat(userAuth.getUsername()).isEqualTo("user");
|
||||
assertThat(userAuth.getPassword()).isEqualTo("secret");
|
||||
assertThat(userAuth.getEmail()).isEqualTo("docker@example.com");
|
||||
}
|
||||
|
||||
@Test
|
||||
void createDockerConfigurationWithTokenAuth() {
|
||||
DockerConfiguration configuration = DockerConfiguration.withRegistryTokenAuthentication("token");
|
||||
DockerRegistryAuthentication auth = configuration.getRegistryAuthentication();
|
||||
assertThat(auth).isNotNull();
|
||||
assertThat(auth).isInstanceOf(DockerRegistryTokenAuthentication.class);
|
||||
DockerRegistryTokenAuthentication tokenAuth = (DockerRegistryTokenAuthentication) auth;
|
||||
assertThat(tokenAuth.getToken()).isEqualTo("token");
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,43 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
||||
import org.json.JSONException;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.skyscreamer.jsonassert.JSONAssert;
|
||||
|
||||
import org.springframework.boot.buildpack.platform.json.AbstractJsonTests;
|
||||
import org.springframework.util.Base64Utils;
|
||||
import org.springframework.util.StreamUtils;
|
||||
|
||||
/**
|
||||
* Tests for {@link DockerRegistryTokenAuthentication}.
|
||||
*/
|
||||
class DockerRegistryTokenAuthenticationTests extends AbstractJsonTests {
|
||||
|
||||
@Test
|
||||
void createAuthHeaderReturnsEncodedHeader() throws IOException, JSONException {
|
||||
DockerRegistryTokenAuthentication auth = new DockerRegistryTokenAuthentication("tokenvalue");
|
||||
String header = auth.createAuthHeader();
|
||||
String expectedJson = StreamUtils.copyToString(getContent("auth-token.json"), StandardCharsets.UTF_8);
|
||||
JSONAssert.assertEquals(expectedJson, new String(Base64Utils.decodeFromUrlSafeString(header)), false);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,56 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.buildpack.platform.docker.configuration;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
||||
import org.json.JSONException;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.skyscreamer.jsonassert.JSONAssert;
|
||||
|
||||
import org.springframework.boot.buildpack.platform.json.AbstractJsonTests;
|
||||
import org.springframework.util.Base64Utils;
|
||||
import org.springframework.util.StreamUtils;
|
||||
|
||||
/**
|
||||
* Tests for {@link DockerRegistryUserAuthentication}.
|
||||
*/
|
||||
class DockerRegistryUserAuthenticationTests extends AbstractJsonTests {
|
||||
|
||||
@Test
|
||||
void createMinimalAuthHeaderReturnsEncodedHeader() throws IOException, JSONException {
|
||||
DockerRegistryUserAuthentication auth = new DockerRegistryUserAuthentication("user", "secret",
|
||||
"https://docker.example.com", "docker@example.com");
|
||||
JSONAssert.assertEquals(jsonContent("auth-user-full.json"), decoded(auth.createAuthHeader()), false);
|
||||
}
|
||||
|
||||
@Test
|
||||
void createFullAuthHeaderReturnsEncodedHeader() throws IOException, JSONException {
|
||||
DockerRegistryUserAuthentication auth = new DockerRegistryUserAuthentication("user", "secret", null, null);
|
||||
JSONAssert.assertEquals(jsonContent("auth-user-minimal.json"), decoded(auth.createAuthHeader()), false);
|
||||
}
|
||||
|
||||
private String jsonContent(String s) throws IOException {
|
||||
return StreamUtils.copyToString(getContent(s), StandardCharsets.UTF_8);
|
||||
}
|
||||
|
||||
private String decoded(String header) {
|
||||
return new String(Base64Utils.decodeFromUrlSafeString(header));
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,3 @@
|
||||
{
|
||||
"identitytoken": "tokenvalue"
|
||||
}
|
||||
@ -0,0 +1,6 @@
|
||||
{
|
||||
"username": "user",
|
||||
"password": "secret",
|
||||
"email": "docker@example.com",
|
||||
"serveraddress": "https://docker.example.com"
|
||||
}
|
||||
@ -0,0 +1,4 @@
|
||||
{
|
||||
"username": "user",
|
||||
"password": "secret"
|
||||
}
|
||||
@ -0,0 +1,18 @@
|
||||
plugins {
|
||||
id 'java'
|
||||
id 'org.springframework.boot' version '{gradle-project-version}'
|
||||
}
|
||||
|
||||
bootJar {
|
||||
mainClassName 'com.example.ExampleApplication'
|
||||
}
|
||||
|
||||
// tag::docker-auth-token[]
|
||||
bootBuildImage {
|
||||
docker {
|
||||
registry {
|
||||
token = "9cbaf023786cd7..."
|
||||
}
|
||||
}
|
||||
}
|
||||
// end::docker-auth-token[]
|
||||
@ -0,0 +1,21 @@
|
||||
import org.springframework.boot.gradle.tasks.bundling.BootJar
|
||||
import org.springframework.boot.gradle.tasks.bundling.BootBuildImage
|
||||
|
||||
plugins {
|
||||
java
|
||||
id("org.springframework.boot") version "{gradle-project-version}"
|
||||
}
|
||||
|
||||
tasks.getByName<BootJar>("bootJar") {
|
||||
mainClassName = "com.example.ExampleApplication"
|
||||
}
|
||||
|
||||
// tag::docker-auth-token[]
|
||||
tasks.getByName<BootBuildImage>("bootBuildImage") {
|
||||
docker {
|
||||
registry {
|
||||
token = "9cbaf023786cd7..."
|
||||
}
|
||||
}
|
||||
}
|
||||
// end::docker-auth-token[]
|
||||
@ -0,0 +1,21 @@
|
||||
plugins {
|
||||
id 'java'
|
||||
id 'org.springframework.boot' version '{gradle-project-version}'
|
||||
}
|
||||
|
||||
bootJar {
|
||||
mainClassName 'com.example.ExampleApplication'
|
||||
}
|
||||
|
||||
// tag::docker-auth-user[]
|
||||
bootBuildImage {
|
||||
docker {
|
||||
registry {
|
||||
username = "user"
|
||||
password = "secret"
|
||||
url = "https://docker.example.com/v1/"
|
||||
email = "user@example.com"
|
||||
}
|
||||
}
|
||||
}
|
||||
// end::docker-auth-user[]
|
||||
@ -0,0 +1,24 @@
|
||||
import org.springframework.boot.gradle.tasks.bundling.BootJar
|
||||
import org.springframework.boot.gradle.tasks.bundling.BootBuildImage
|
||||
|
||||
plugins {
|
||||
java
|
||||
id("org.springframework.boot") version "{gradle-project-version}"
|
||||
}
|
||||
|
||||
tasks.getByName<BootJar>("bootJar") {
|
||||
mainClassName = "com.example.ExampleApplication"
|
||||
}
|
||||
|
||||
// tag::docker-auth-user[]
|
||||
tasks.getByName<BootBuildImage>("bootBuildImage") {
|
||||
docker {
|
||||
registry {
|
||||
username = "user"
|
||||
password = "secret"
|
||||
url = "https://docker.example.com/v1/"
|
||||
email = "user@example.com"
|
||||
}
|
||||
}
|
||||
}
|
||||
// end::docker-auth-user[]
|
||||
@ -0,0 +1,214 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.gradle.tasks.bundling;
|
||||
|
||||
import groovy.lang.Closure;
|
||||
import org.gradle.api.Action;
|
||||
import org.gradle.api.GradleException;
|
||||
import org.gradle.api.tasks.Input;
|
||||
import org.gradle.api.tasks.Nested;
|
||||
import org.gradle.api.tasks.Optional;
|
||||
import org.gradle.util.ConfigureUtil;
|
||||
|
||||
import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
|
||||
|
||||
/**
|
||||
* Encapsulates Docker configuration options.
|
||||
*
|
||||
* @author Wei Jiang
|
||||
* @author Scott Frederick
|
||||
* @since 2.4.0
|
||||
*/
|
||||
public class DockerSpec {
|
||||
|
||||
private final DockerRegistrySpec registry;
|
||||
|
||||
public DockerSpec() {
|
||||
this.registry = new DockerRegistrySpec();
|
||||
}
|
||||
|
||||
DockerSpec(DockerRegistrySpec registry) {
|
||||
this.registry = registry;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the {@link DockerRegistrySpec} that configures registry authentication.
|
||||
* @return the registry spec
|
||||
*/
|
||||
@Nested
|
||||
public DockerRegistrySpec getRegistry() {
|
||||
return this.registry;
|
||||
}
|
||||
|
||||
/**
|
||||
* Customizes the {@link DockerRegistrySpec} that configures registry authentication.
|
||||
* @param action the action to apply
|
||||
*/
|
||||
public void registry(Action<DockerRegistrySpec> action) {
|
||||
action.execute(this.registry);
|
||||
}
|
||||
|
||||
/**
|
||||
* Customizes the {@link DockerRegistrySpec} that configures registry authentication.
|
||||
* @param closure the closure to apply
|
||||
*/
|
||||
public void registry(Closure<?> closure) {
|
||||
registry(ConfigureUtil.configureUsing(closure));
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns this configuration as a {@link DockerConfiguration} instance. This method
|
||||
* should only be called when the configuration is complete and will no longer be
|
||||
* changed.
|
||||
* @return the Docker configuration
|
||||
*/
|
||||
DockerConfiguration asDockerConfiguration() {
|
||||
if (this.registry == null || this.registry.hasEmptyAuth()) {
|
||||
return null;
|
||||
}
|
||||
if (this.registry.hasTokenAuth() && !this.registry.hasUserAuth()) {
|
||||
return DockerConfiguration.withRegistryTokenAuthentication(this.registry.getToken());
|
||||
}
|
||||
if (this.registry.hasUserAuth() && !this.registry.hasTokenAuth()) {
|
||||
return DockerConfiguration.withRegistryUserAuthentication(this.registry.getUsername(),
|
||||
this.registry.getPassword(), this.registry.getUrl(), this.registry.getEmail());
|
||||
}
|
||||
throw new GradleException(
|
||||
"Invalid Docker registry configuration, either token or username/password must be provided");
|
||||
}
|
||||
|
||||
/**
|
||||
* Encapsulates Docker registry authentication configuration options.
|
||||
*/
|
||||
public static class DockerRegistrySpec {
|
||||
|
||||
private String username;
|
||||
|
||||
private String password;
|
||||
|
||||
private String url;
|
||||
|
||||
private String email;
|
||||
|
||||
private String token;
|
||||
|
||||
/**
|
||||
* Returns the username to use when authenticating to the Docker registry.
|
||||
* @return the registry username
|
||||
*/
|
||||
@Input
|
||||
@Optional
|
||||
public String getUsername() {
|
||||
return this.username;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the username to use when authenticating to the Docker registry.
|
||||
* @param username the registry username
|
||||
*/
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the password to use when authenticating to the Docker registry.
|
||||
* @return the registry password
|
||||
*/
|
||||
@Input
|
||||
@Optional
|
||||
public String getPassword() {
|
||||
return this.password;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the password to use when authenticating to the Docker registry.
|
||||
* @param password the registry username
|
||||
*/
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the Docker registry URL.
|
||||
* @return the registry URL
|
||||
*/
|
||||
@Input
|
||||
@Optional
|
||||
public String getUrl() {
|
||||
return this.url;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the Docker registry URL.
|
||||
* @param url the registry URL
|
||||
*/
|
||||
public void setUrl(String url) {
|
||||
this.url = url;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the email address associated with the Docker registry username.
|
||||
* @return the registry email address
|
||||
*/
|
||||
@Input
|
||||
@Optional
|
||||
public String getEmail() {
|
||||
return this.email;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the email address associated with the Docker registry username.
|
||||
* @param email the registry email address
|
||||
*/
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the identity token to use when authenticating to the Docker registry.
|
||||
* @return the registry identity token
|
||||
*/
|
||||
@Input
|
||||
@Optional
|
||||
public String getToken() {
|
||||
return this.token;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the identity token to use when authenticating to the Docker registry.
|
||||
* @param token the registry identity token
|
||||
*/
|
||||
public void setToken(String token) {
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
boolean hasEmptyAuth() {
|
||||
return this.username == null && this.password == null && this.url == null && this.email == null
|
||||
&& this.token == null;
|
||||
}
|
||||
|
||||
boolean hasUserAuth() {
|
||||
return this.getUsername() != null && this.getPassword() != null;
|
||||
}
|
||||
|
||||
boolean hasTokenAuth() {
|
||||
return this.getToken() != null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,100 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.gradle.tasks.bundling;
|
||||
|
||||
import org.gradle.api.GradleException;
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
|
||||
import org.springframework.boot.buildpack.platform.docker.configuration.DockerRegistryAuthentication;
|
||||
import org.springframework.util.Base64Utils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
|
||||
|
||||
/**
|
||||
* Tests for {@link DockerSpec}.
|
||||
*
|
||||
* @author Wei Jiang
|
||||
* @author Scott Frederick
|
||||
*/
|
||||
public class DockerSpecTests {
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithoutRegistry() {
|
||||
DockerSpec dockerSpec = new DockerSpec();
|
||||
assertThat(dockerSpec.asDockerConfiguration()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithEmptyRegistry() {
|
||||
DockerSpec dockerSpec = new DockerSpec(new DockerSpec.DockerRegistrySpec());
|
||||
assertThat(dockerSpec.asDockerConfiguration()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithUserAuth() {
|
||||
DockerSpec.DockerRegistrySpec dockerRegistry = new DockerSpec.DockerRegistrySpec();
|
||||
dockerRegistry.setUsername("user");
|
||||
dockerRegistry.setPassword("secret");
|
||||
dockerRegistry.setUrl("https://docker.example.com");
|
||||
dockerRegistry.setEmail("docker@example.com");
|
||||
DockerSpec dockerSpec = new DockerSpec(dockerRegistry);
|
||||
DockerConfiguration dockerConfiguration = dockerSpec.asDockerConfiguration();
|
||||
DockerRegistryAuthentication registryAuthentication = dockerConfiguration.getRegistryAuthentication();
|
||||
assertThat(registryAuthentication).isNotNull();
|
||||
assertThat(new String(Base64Utils.decodeFromString(registryAuthentication.createAuthHeader())))
|
||||
.contains("\"username\" : \"user\"").contains("\"password\" : \"secret\"")
|
||||
.contains("\"email\" : \"docker@example.com\"")
|
||||
.contains("\"serveraddress\" : \"https://docker.example.com\"");
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithIncompleteUserAuthFails() {
|
||||
DockerSpec.DockerRegistrySpec dockerRegistry = new DockerSpec.DockerRegistrySpec();
|
||||
dockerRegistry.setUsername("user");
|
||||
dockerRegistry.setUrl("https://docker.example.com");
|
||||
dockerRegistry.setEmail("docker@example.com");
|
||||
DockerSpec dockerSpec = new DockerSpec(dockerRegistry);
|
||||
assertThatExceptionOfType(GradleException.class).isThrownBy(dockerSpec::asDockerConfiguration)
|
||||
.withMessageContaining("Invalid Docker registry configuration");
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithTokenAuth() {
|
||||
DockerSpec.DockerRegistrySpec dockerRegistry = new DockerSpec.DockerRegistrySpec();
|
||||
dockerRegistry.setToken("token");
|
||||
DockerSpec dockerSpec = new DockerSpec(dockerRegistry);
|
||||
DockerConfiguration dockerConfiguration = dockerSpec.asDockerConfiguration();
|
||||
DockerRegistryAuthentication registryAuthentication = dockerConfiguration.getRegistryAuthentication();
|
||||
assertThat(registryAuthentication).isNotNull();
|
||||
assertThat(new String(Base64Utils.decodeFromString(registryAuthentication.createAuthHeader())))
|
||||
.contains("\"identitytoken\" : \"token\"");
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithUserAndTokenAuthFails() {
|
||||
DockerSpec.DockerRegistrySpec dockerRegistry = new DockerSpec.DockerRegistrySpec();
|
||||
dockerRegistry.setUsername("user");
|
||||
dockerRegistry.setPassword("secret");
|
||||
dockerRegistry.setToken("token");
|
||||
DockerSpec dockerSpec = new DockerSpec(dockerRegistry);
|
||||
assertThatExceptionOfType(GradleException.class).isThrownBy(dockerSpec::asDockerConfiguration)
|
||||
.withMessageContaining("Invalid Docker registry configuration");
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,132 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.maven;
|
||||
|
||||
import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
|
||||
|
||||
/**
|
||||
* Docker configuration options.
|
||||
*
|
||||
* @author Wei Jiang
|
||||
* @author Scott Frederick
|
||||
* @since 2.4.0
|
||||
*/
|
||||
public class Docker {
|
||||
|
||||
private DockerRegistry registry;
|
||||
|
||||
/**
|
||||
* Sets the {@link DockerRegistry} that configures registry authentication.
|
||||
* @param registry the registry configuration
|
||||
*/
|
||||
public void setRegistry(DockerRegistry registry) {
|
||||
this.registry = registry;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns this configuration as a {@link DockerConfiguration} instance. This method
|
||||
* should only be called when the configuration is complete and will no longer be
|
||||
* changed.
|
||||
* @return the Docker configuration
|
||||
*/
|
||||
DockerConfiguration asDockerConfiguration() {
|
||||
if (this.registry == null || this.registry.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
if (this.registry.hasTokenAuth() && !this.registry.hasUserAuth()) {
|
||||
return DockerConfiguration.withRegistryTokenAuthentication(this.registry.getToken());
|
||||
}
|
||||
if (this.registry.hasUserAuth() && !this.registry.hasTokenAuth()) {
|
||||
return DockerConfiguration.withRegistryUserAuthentication(this.registry.getUsername(),
|
||||
this.registry.getPassword(), this.registry.getUrl(), this.registry.getEmail());
|
||||
}
|
||||
|
||||
throw new IllegalArgumentException(
|
||||
"Invalid Docker registry configuration, either token or username/password must be provided");
|
||||
}
|
||||
|
||||
/**
|
||||
* Encapsulates Docker registry authentication configuration options.
|
||||
*/
|
||||
public static class DockerRegistry {
|
||||
|
||||
private String username;
|
||||
|
||||
private String password;
|
||||
|
||||
private String url;
|
||||
|
||||
private String email;
|
||||
|
||||
private String token;
|
||||
|
||||
String getUsername() {
|
||||
return this.username;
|
||||
}
|
||||
|
||||
public void setUsername(String username) {
|
||||
this.username = username;
|
||||
}
|
||||
|
||||
String getPassword() {
|
||||
return this.password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
String getEmail() {
|
||||
return this.email;
|
||||
}
|
||||
|
||||
public void setEmail(String email) {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
String getUrl() {
|
||||
return this.url;
|
||||
}
|
||||
|
||||
public void setUrl(String url) {
|
||||
this.url = url;
|
||||
}
|
||||
|
||||
String getToken() {
|
||||
return this.token;
|
||||
}
|
||||
|
||||
public void setToken(String token) {
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
boolean isEmpty() {
|
||||
return this.username == null && this.password == null && this.url == null && this.email == null
|
||||
&& this.token == null;
|
||||
}
|
||||
|
||||
boolean hasTokenAuth() {
|
||||
return this.token != null;
|
||||
}
|
||||
|
||||
boolean hasUserAuth() {
|
||||
return this.username != null && this.password != null;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,105 @@
|
||||
/*
|
||||
* Copyright 2012-2020 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* https://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.maven;
|
||||
|
||||
import org.junit.jupiter.api.Test;
|
||||
|
||||
import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
|
||||
import org.springframework.boot.buildpack.platform.docker.configuration.DockerRegistryAuthentication;
|
||||
import org.springframework.util.Base64Utils;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
|
||||
/**
|
||||
* Tests for {@link Docker}.
|
||||
*
|
||||
* @author Wei Jiang
|
||||
* @author Scott Frederick
|
||||
*/
|
||||
public class DockerTests {
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithoutRegistry() {
|
||||
Docker docker = new Docker();
|
||||
assertThat(docker.asDockerConfiguration()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithEmptyRegistry() {
|
||||
Docker.DockerRegistry dockerRegistry = new Docker.DockerRegistry();
|
||||
Docker docker = new Docker();
|
||||
docker.setRegistry(dockerRegistry);
|
||||
assertThat(docker.asDockerConfiguration()).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithUserAuth() {
|
||||
Docker.DockerRegistry dockerRegistry = new Docker.DockerRegistry();
|
||||
dockerRegistry.setUsername("user");
|
||||
dockerRegistry.setPassword("secret");
|
||||
dockerRegistry.setUrl("https://docker.example.com");
|
||||
dockerRegistry.setEmail("docker@example.com");
|
||||
Docker docker = new Docker();
|
||||
docker.setRegistry(dockerRegistry);
|
||||
DockerConfiguration dockerConfiguration = docker.asDockerConfiguration();
|
||||
DockerRegistryAuthentication registryAuthentication = dockerConfiguration.getRegistryAuthentication();
|
||||
assertThat(registryAuthentication).isNotNull();
|
||||
assertThat(new String(Base64Utils.decodeFromString(registryAuthentication.createAuthHeader())))
|
||||
.contains("\"username\" : \"user\"").contains("\"password\" : \"secret\"")
|
||||
.contains("\"email\" : \"docker@example.com\"")
|
||||
.contains("\"serveraddress\" : \"https://docker.example.com\"");
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithIncompleteUserAuthFails() {
|
||||
Docker.DockerRegistry dockerRegistry = new Docker.DockerRegistry();
|
||||
dockerRegistry.setUsername("user");
|
||||
dockerRegistry.setUrl("https://docker.example.com");
|
||||
dockerRegistry.setEmail("docker@example.com");
|
||||
Docker docker = new Docker();
|
||||
docker.setRegistry(dockerRegistry);
|
||||
assertThatIllegalArgumentException().isThrownBy(docker::asDockerConfiguration)
|
||||
.withMessageContaining("Invalid Docker registry configuration");
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithTokenAuth() {
|
||||
Docker.DockerRegistry dockerRegistry = new Docker.DockerRegistry();
|
||||
dockerRegistry.setToken("token");
|
||||
Docker docker = new Docker();
|
||||
docker.setRegistry(dockerRegistry);
|
||||
DockerConfiguration dockerConfiguration = docker.asDockerConfiguration();
|
||||
DockerRegistryAuthentication registryAuthentication = dockerConfiguration.getRegistryAuthentication();
|
||||
assertThat(registryAuthentication).isNotNull();
|
||||
assertThat(new String(Base64Utils.decodeFromString(registryAuthentication.createAuthHeader())))
|
||||
.contains("\"identitytoken\" : \"token\"");
|
||||
}
|
||||
|
||||
@Test
|
||||
void asDockerConfigurationWithUserAndTokenAuthFails() {
|
||||
Docker.DockerRegistry dockerRegistry = new Docker.DockerRegistry();
|
||||
dockerRegistry.setUsername("user");
|
||||
dockerRegistry.setPassword("secret");
|
||||
dockerRegistry.setToken("token");
|
||||
Docker docker = new Docker();
|
||||
docker.setRegistry(dockerRegistry);
|
||||
assertThatIllegalArgumentException().isThrownBy(docker::asDockerConfiguration)
|
||||
.withMessageContaining("Invalid Docker registry configuration");
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue