com.github.dockerjava.api.model.AuthConfig Java Examples
Example #1
@CheckForNull public AuthConfig resolveAuthConfig(@CheckForNull String hostname) { if (StringUtils.isEmpty(hostname) || AuthConfig.DEFAULT_SERVER_ADDRESS.equals(hostname)) { return auths.get(AuthConfig.DEFAULT_SERVER_ADDRESS); } AuthConfig c = auths.get(hostname); if (c != null) { return c; } // Maybe they have a legacy config file, we will iterate the keys converting // them to the new format and testing String normalizedHostname = convertToHostname(hostname); for (Map.Entry<String, AuthConfig> entry : auths.entrySet()) { String registry = entry.getKey(); AuthConfig config = entry.getValue(); if (convertToHostname(registry).equals(normalizedHostname)) { return config; } } return null; }
Example #2
@Override public void execute() throws DockerException { AuthConfig authConfig = new AuthConfig() .withUsername("docker") .withPassword("docker") .withEmail("") .withRegistryAddress(""); String imageFullName = ""; logger.debug("Full Image Name: " + imageFullName); final DockerClient client = getClient(); logger.debug("Auth Config started: " + authConfig.toString()); client.authCmd().withAuthConfig(authConfig).exec(); // WORKS logger.debug("Pull Command started"); client.pullImageCmd(imageFullName) // FAILS .withTag("1.0") .withAuthConfig(authConfig) .exec(new PullImageResultCallback()).awaitSuccess(); logger.debug("Pull Command end"); }
Example #3
private AuthConfig findExistingAuthConfig(final JsonNode config, final String reposName) throws Exception { final Map.Entry<String, JsonNode> entry = findAuthNode(config, reposName); if (entry != null && entry.getValue() != null && entry.getValue().size() > 0) { final AuthConfig deserializedAuth = OBJECT_MAPPER .treeToValue(entry.getValue(), AuthConfig.class) .withRegistryAddress(entry.getKey()); if (isBlank(deserializedAuth.getUsername()) && isBlank(deserializedAuth.getPassword()) && !isBlank(deserializedAuth.getAuth())) { final String rawAuth = new String(Base64.getDecoder().decode(deserializedAuth.getAuth())); final String[] splitRawAuth = rawAuth.split(":", 2); if (splitRawAuth.length == 2) { deserializedAuth.withUsername(splitRawAuth[0]); deserializedAuth.withPassword(splitRawAuth[1]); } } return deserializedAuth; } return null; }
Example #4
/** * Instantiates a new Docker opt. * * @param log 日志对象 * @param host DOCKER_HOST, e.g. tcp:// * @param registryUrl registry地址, e.g. https://harbor.dew.env/v2 * @param registryUsername registry用户名 * @param registryPassword registry密码 * @see <a href="">The Docker Daemon Listens For Connections</a> */ protected DockerOpt(Logger log, String host, String registryUrl, String registryUsername, String registryPassword) { this.log = log; this.registryUsername = registryUsername; this.registryPassword = registryPassword; DefaultDockerClientConfig.Builder builder = DefaultDockerClientConfig.createDefaultConfigBuilder(); if (host != null && !host.isEmpty()) { builder.withDockerHost(host); } if (registryUrl != null) { registryUrl = registryUrl.endsWith("/") ? registryUrl.substring(0, registryUrl.length() - 1) : registryUrl; registryApiUrl = registryUrl.substring(0, registryUrl.lastIndexOf("/") + 1) + "api/v2.0"; defaultAuthConfig = new AuthConfig() .withRegistryAddress(registryUrl) .withUsername(registryUsername) .withPassword(registryPassword); } docker = DockerClientBuilder.getInstance(; }
Example #5
@Test public void lookupAuthConfigWithCredentialsNotFound() throws URISyntaxException { Map<String, String> notFoundMessagesReference = new HashMap<>(); final RegistryAuthLocator authLocator = createTestAuthLocator("config-with-store.json", notFoundMessagesReference); DockerImageName dockerImageName = new DockerImageName(""); final AuthConfig authConfig = authLocator.lookupAuthConfig(dockerImageName, new AuthConfig()); assertNull("No username should have been obtained from a credential store", authConfig.getUsername()); assertNull("No secret should have been obtained from a credential store", authConfig.getPassword()); assertEquals("Should have one 'credentials not found' message discovered", 1, notFoundMessagesReference.size()); String discoveredMessage = notFoundMessagesReference.values().iterator().next(); assertEquals( "Not correct message discovered", "Fake credentials not found on credentials store 'https://not.a.real.registry/url'", discoveredMessage); }
Example #6
@BeforeClass public static void setUp() throws InterruptedException { originalAuthLocatorSingleton = RegistryAuthLocator.instance(); client = DockerClientFactory.instance().client(); String testRegistryAddress = authenticatedRegistry.getHost() + ":" + authenticatedRegistry.getFirstMappedPort(); testImageName = testRegistryAddress + "/alpine"; testImageNameWithTag = testImageName + ":latest"; final DockerImageName expectedName = new DockerImageName(testImageNameWithTag); final AuthConfig authConfig = new AuthConfig() .withUsername("testuser") .withPassword("notasecret") .withRegistryAddress("http://" + testRegistryAddress); // Replace the RegistryAuthLocator singleton with our mock, for the duration of this test final RegistryAuthLocator mockAuthLocator = Mockito.mock(RegistryAuthLocator.class); RegistryAuthLocator.setInstance(mockAuthLocator); when(mockAuthLocator.lookupAuthConfig(eq(expectedName), any())) .thenReturn(authConfig); // a push will use the auth locator for authentication, although that isn't the goal of this test putImageInRegistry(); }
Example #7
@Test @Ignore // TODO rework test (does not throw as expected atm) public void testCreateServiceWithInvalidAuth() throws DockerException { AuthConfig invalidAuthConfig = new AuthConfig() .withUsername("testuser") .withPassword("testwrongpassword") .withEmail("") .withRegistryAddress(authConfig.getRegistryAddress()); exception.expect(ConflictException.class); dockerClient.createServiceCmd(new ServiceSpec() .withName(SERVICE_NAME) .withTaskTemplate(new TaskSpec() .withContainerSpec(new ContainerSpec() .withImage(DEFAULT_IMAGE)))) .withAuthConfig(invalidAuthConfig) .exec(); }
Example #8
@Test public void testPullImageWithNoAuth() throws Exception { AuthConfig authConfig = REGISTRY.getAuthConfig(); String imgName = REGISTRY.createPrivateImage("pull-image-with-no-auth"); if (isNotSwarm(dockerRule.getClient()) && getVersion(dockerRule.getClient()) .isGreaterOrEqual(RemoteApiVersion.VERSION_1_30)) { exception.expect(DockerException.class); } else { exception.expect(DockerClientException.class); } // stream needs to be fully read in order to close the underlying connection dockerRule.getClient().pullImageCmd(imgName) .start() .awaitCompletion(30, TimeUnit.SECONDS); }
Example #9
@Test public void testPullImageWithInvalidAuth() throws Exception { AuthConfig authConfig = REGISTRY.getAuthConfig(); AuthConfig invalidAuthConfig = new AuthConfig() .withUsername("testuser") .withPassword("testwrongpassword") .withEmail("") .withRegistryAddress(authConfig.getRegistryAddress()); String imgName = REGISTRY.createPrivateImage("pull-image-with-invalid-auth"); if (isNotSwarm(dockerRule.getClient()) && getVersion(dockerRule.getClient()) .isGreaterOrEqual(RemoteApiVersion.VERSION_1_30)) { exception.expect(DockerException.class); } else { exception.expect(DockerClientException.class); } // stream needs to be fully read in order to close the underlying connection dockerRule.getClient().pullImageCmd(imgName) .withAuthConfig(invalidAuthConfig) .start() .awaitCompletion(30, TimeUnit.SECONDS); }
Example #10
@Test public void testPortBinding() throws IOException, InterruptedException { DockerComputerSSHConnector connector = new DockerComputerSSHConnector(Mockito.mock(DockerComputerSSHConnector.SSHKeyStrategy.class)); CreateContainerCmdImpl cmd = new CreateContainerCmdImpl(Mockito.mock(CreateContainerCmd.Exec.class), Mockito.mock(AuthConfig.class), ""); cmd.withPortBindings(PortBinding.parse("42:42")); connector.setPort(22); connector.beforeContainerCreated(Mockito.mock(DockerAPI.class), "/workdir", cmd); final Ports portBindings = cmd.getPortBindings(); Assert.assertNotNull(portBindings); final Map<ExposedPort, Ports.Binding[]> bindingMap = portBindings.getBindings(); Assert.assertNotNull(bindingMap); Assert.assertEquals(2, bindingMap.size()); final Ports.Binding[] configuredBindings = bindingMap.get(new ExposedPort(42)); Assert.assertNotNull(configuredBindings); Assert.assertEquals(1, configuredBindings.length); Assert.assertEquals("42", configuredBindings[0].getHostPortSpec()); final Ports.Binding[] sshBindings = bindingMap.get(new ExposedPort(22)); Assert.assertNotNull(sshBindings); Assert.assertEquals(1, sshBindings.length); Assert.assertNull(sshBindings[0].getHostPortSpec()); System.out.println(); }
Example #11
@Test public void defaults() throws Exception { // given default cert path Properties systemProperties = new Properties(); systemProperties.setProperty("", "someUserName"); systemProperties.setProperty("user.home", homeDir()); // when you build config DefaultDockerClientConfig config = buildConfig(Collections.<String, String> emptyMap(), systemProperties); // then the cert path is as expected assertEquals(config.getDockerHost(), URI.create("unix:///var/run/docker.sock")); assertEquals(config.getRegistryUsername(), "someUserName"); assertEquals(config.getRegistryUrl(), AuthConfig.DEFAULT_SERVER_ADDRESS); assertEquals(config.getApiVersion(), RemoteApiVersion.unknown()); assertEquals(config.getDockerConfigPath(), homeDir() + "/.docker"); assertNull(config.getSSLConfig()); }
Example #12
@Test public void validLegacyJson() throws IOException { AuthConfig authConfig1 = new AuthConfig() .withEmail("") .withUsername("foo") .withPassword("bar") .withRegistryAddress(""); AuthConfig authConfig2 = new AuthConfig() .withEmail("") .withUsername("foo1") .withPassword("bar1") .withRegistryAddress(AuthConfig.DEFAULT_SERVER_ADDRESS); DockerConfigFile expected = new DockerConfigFile(); expected.addAuthConfig(authConfig1); expected.addAuthConfig(authConfig2); assertThat(runTest("validLegacyJson"), is(expected)); }
Example #13
@Test public void validJsonWithUnknown() throws IOException { AuthConfig authConfig1 = new AuthConfig() .withRegistryAddress(""); AuthConfig authConfig2 = new AuthConfig() .withEmail("") .withUsername("foo") .withPassword("bar") .withRegistryAddress(""); DockerConfigFile expected = new DockerConfigFile(); expected.addAuthConfig(authConfig1); expected.addAuthConfig(authConfig2); DockerConfigFile actual = runTest("validJsonWithUnknown"); assertThat(actual, is(expected)); }
Example #14
@Test public void validDockerConfig() throws IOException { AuthConfig authConfig1 = new AuthConfig() .withEmail("") .withUsername("foo") .withPassword("bar") .withRegistryAddress(""); AuthConfig authConfig2 = new AuthConfig() .withEmail("") .withUsername("foo1") .withPassword("bar1") .withRegistryAddress(AuthConfig.DEFAULT_SERVER_ADDRESS); DockerConfigFile expected = new DockerConfigFile(); expected.addAuthConfig(authConfig1); expected.addAuthConfig(authConfig2); assertThat(runTest("validDockerConfig"), is(expected)); }
Example #15
public static HostnameReposName resolveRepositoryName(String reposName) { if (reposName.contains("://")) { throw new InvalidRepositoryNameException("RepositoryName shouldn't contain a scheme"); } String[] nameParts = reposName.split("/", 2); if (nameParts.length == 1 || (!nameParts[0].contains(".") && !nameParts[0].contains(":") && !nameParts[0].equals("localhost"))) { return new HostnameReposName(AuthConfig.DEFAULT_SERVER_ADDRESS, reposName); } String hostname = nameParts[0]; reposName = nameParts[1]; if (hostname.contains("")) { throw new InvalidRepositoryNameException(String.format("Invalid repository name, try \"%s\" instead", reposName)); } if (StringUtils.containsIgnoreCase(reposName, SHA256_SEPARATOR)) { reposName = StringUtils.substringBeforeLast(reposName, SHA256_SEPARATOR); } validateRepoName(reposName); return new HostnameReposName(hostname, reposName); }
Example #16
@Nonnull public static DockerConfigFile loadConfig(ObjectMapper objectMapper, @CheckForNull String dockerConfigPath) throws IOException { // no any configs, but for empty auths return non null object if (dockerConfigPath == null) { return new DockerConfigFile(); } //parse new docker config file format DockerConfigFile dockerConfig = loadCurrentConfig(objectMapper, dockerConfigPath); //parse old auth config file format if (dockerConfig == null) { dockerConfig = loadLegacyConfig(objectMapper, dockerConfigPath); } //otherwise create default config if (dockerConfig == null) { dockerConfig = new DockerConfigFile(); } for (Map.Entry<String, AuthConfig> entry : dockerConfig.getAuths().entrySet()) { AuthConfig authConfig = entry.getValue(); decodeAuth(authConfig); authConfig.withAuth(null); authConfig.withRegistryAddress(entry.getKey()); } return dockerConfig; }
Example #17
@Test public void testGetAuthConfigurationsFromConfigJson() throws URISyntaxException { File cfgFile = new File(Resources.getResource("com.github.dockerjava.core/registry.v2").toURI()); DefaultDockerClientConfig clientConfig = new DefaultDockerClientConfig(URI.create( "unix://foo"), cfgFile.getAbsolutePath(), "apiVersion", "registryUrl", "registryUsername", "registryPassword", "registryEmail", null); AuthConfigurations authConfigurations = clientConfig.getAuthConfigurations(); assertThat(authConfigurations, notNullValue()); assertThat(authConfigurations.getConfigs().get(""), notNullValue()); AuthConfig authConfig = authConfigurations.getConfigs().get(""); assertThat(authConfig.getUsername(), equalTo("user")); assertThat(authConfig.getPassword(), equalTo("password")); }
Example #18
private AuthConfig getAuthConfig() { AuthConfig authConfig = null; if (getRegistryUsername() != null && getRegistryPassword() != null && getRegistryUrl() != null) { authConfig = new AuthConfig() .withUsername(getRegistryUsername()) .withPassword(getRegistryPassword()) .withEmail(getRegistryEmail()) .withRegistryAddress(getRegistryUrl()); } return authConfig; }
Example #19
@Override public AuthConfig authConfig() { checkNotNull(dockerClientConfig.getRegistryUsername(), "Configured username is null."); checkNotNull(dockerClientConfig.getRegistryUrl(), "Configured serverAddress is null."); return new AuthConfig() .withUsername(dockerClientConfig.getRegistryUsername()) .withPassword(dockerClientConfig.getRegistryPassword()) .withEmail(dockerClientConfig.getRegistryEmail()) .withRegistryAddress(dockerClientConfig.getRegistryUrl()); }
Example #20
@Override public PushImageCmd pushImageCmd(Identifier identifier) { PushImageCmd cmd = pushImageCmd(; if (identifier.tag.isPresent()) { cmd.withTag(identifier.tag.get()); } AuthConfig cfg = dockerClientConfig.effectiveAuthConfig(; if (cfg != null) { cmd.withAuthConfig(cfg); } return cmd; }
Example #21
@Override public AuthConfig effectiveAuthConfig(String imageName) { AuthConfig authConfig = getAuthConfig(); if (authConfig != null) { return authConfig; } DockerConfigFile dockerCfg = getDockerConfig(); ReposTag reposTag = NameParser.parseRepositoryTag(imageName); HostnameReposName hostnameReposName = NameParser.resolveRepositoryName(reposTag.repos); return dockerCfg.resolveAuthConfig(hostnameReposName.hostname); }
Example #22
protected String registryAuth(@Nonnull AuthConfig authConfig) { try { return BaseEncoding.base64Url().encode(dockerClientConfig.getObjectMapper().writeValueAsString(authConfig).getBytes()); } catch (IOException e) { throw new RuntimeException(e); } }
Example #23
@Nonnull protected InvocationBuilder resourceWithOptionalAuthConfig(@CheckForNull AuthConfig authConfig, @Nonnull InvocationBuilder request) { if (authConfig != null) { request = resourceWithAuthConfig(authConfig, request); } return request; }
Example #24
@CheckForNull private static DockerConfigFile loadLegacyConfig(ObjectMapper objectMapper, String dockerConfigPath) throws IOException { File dockerLegacyCfgFile = new File(dockerConfigPath, DOCKER_LEGACY_CFG); if (!dockerLegacyCfgFile.exists() || !dockerLegacyCfgFile.isFile()) { return null; } //parse legacy auth config file format try { return new DockerConfigFile(objectMapper.<Map<String, AuthConfig>>readValue(dockerLegacyCfgFile, CONFIG_MAP_TYPE)); } catch (IOException e) { // pass } List<String> authFileContent = FileUtils.readLines(dockerLegacyCfgFile, StandardCharsets.UTF_8); if (authFileContent.size() < 2) { throw new IOException("The Auth Config file is empty"); } AuthConfig config = new AuthConfig(); String[] origAuth = authFileContent.get(0).split(" = "); if (origAuth.length != 2) { throw new IOException("Invalid Auth config file"); } config.withAuth(origAuth[1]); String[] origEmail = authFileContent.get(1).split(" = "); if (origEmail.length != 2) { throw new IOException("Invalid Auth config file"); } config.withEmail(origEmail[1]); return new DockerConfigFile(new HashMap<>(Collections.singletonMap(config.getRegistryAddress(), config))); }
Example #25
private static void decodeAuth(AuthConfig config) throws IOException { if (config.getAuth() == null) { return; } String str = new String(Base64.getDecoder().decode(config.getAuth()), StandardCharsets.UTF_8); String[] parts = str.split(":", 2); if (parts.length != 2) { throw new IOException("Invalid auth configuration file"); } config.withUsername(parts[0]); config.withPassword(parts[1]); }
Example #26
@Restricted(NoExternalUse.class) public static void setRegistryAuthentication(PullImageCmd cmd, DockerRegistryEndpoint registry, ItemGroup context) { if (registry != null && registry.getCredentialsId() != null) { AuthConfig auth = getAuthConfig(registry, context); cmd.withAuthConfig(auth); } }
Example #27
@Test public void validLegacy() throws IOException { AuthConfig authConfig = new AuthConfig() .withEmail("") .withUsername("foo") .withPassword("bar") .withRegistryAddress(AuthConfig.DEFAULT_SERVER_ADDRESS); DockerConfigFile expected = new DockerConfigFile(); expected.addAuthConfig(authConfig); assertThat(runTest("validLegacy"), is(expected)); }
Example #28
private AuthConfig authConfigUsingHelper(final JsonNode config, final String reposName) throws Exception { final JsonNode credHelpers = config.get("credHelpers"); if (credHelpers != null && credHelpers.size() > 0) { final JsonNode helperNode = credHelpers.get(reposName); if (helperNode != null && helperNode.isTextual()) { final String helper = helperNode.asText(); return runCredentialProvider(reposName, helper); } } return null; }
Example #29
private AuthConfig authConfigUsingStore(final JsonNode config, final String reposName) throws Exception { final JsonNode credsStoreNode = config.get("credsStore"); if (credsStoreNode != null && !credsStoreNode.isMissingNode() && credsStoreNode.isTextual()) { final String credsStore = credsStoreNode.asText(); if (isBlank(credsStore)) { log.warn("Docker auth config credsStore field will be ignored, because value is blank"); return null; } return runCredentialProvider(reposName, credsStore); } return null; }
Example #30
@Nonnull public AuthConfigurations getAuthConfigurations() { final AuthConfigurations authConfigurations = new AuthConfigurations(); for (Map.Entry<String, AuthConfig> authConfigEntry : auths.entrySet()) { authConfigurations.addConfig(authConfigEntry.getValue()); } return authConfigurations; }