public StepsRunner RetrieveTargetRegistryCredentials()
{
return(EnqueueStep(
() =>
steps.retrieveTargetRegistryCredentialsStep =
RetrieveRegistryCredentialsStep.ForTargetImage(
buildConfiguration,
Preconditions.CheckNotNull(rootProgressEventDispatcher).NewChildProducer())));
}
public AuthenticatePushStep(
BuildConfiguration buildConfiguration,
ProgressEventDispatcher.Factory progressEventDispatcherFactory,
RetrieveRegistryCredentialsStep retrieveTargetRegistryCredentialsStep)
{
this.buildConfiguration = buildConfiguration;
this.progressEventDispatcherFactory = progressEventDispatcherFactory;
this.retrieveTargetRegistryCredentialsStep = retrieveTargetRegistryCredentialsStep;
listenableFuture = CallAsync();
}
private async Task <BaseImageWithAuthorization> GetOauthBaseImage(IEventHandlers eventHandlers, ProgressEventDispatcher progressEventDispatcher)
{
try
{
RetrieveRegistryCredentialsStep retrieveBaseRegistryCredentialsStep =
RetrieveRegistryCredentialsStep.ForBaseImage(
buildConfiguration,
progressEventDispatcher.NewChildProducer(), this.Index);
Credential registryCredential =
await retrieveBaseRegistryCredentialsStep.GetFuture().ConfigureAwait(false);
Authorization registryAuthorization =
registryCredential?.IsOAuth2RefreshToken() != false
? null
: Authorization.FromBasicCredentials(
registryCredential.GetUsername(), registryCredential.GetPassword());
RegistryAuthenticator registryAuthenticator =
await buildConfiguration
.NewBaseImageRegistryClientFactory()
.NewRegistryClient()
.GetRegistryAuthenticatorAsync().ConfigureAwait(false);
if (registryAuthenticator != null)
{
Authorization pullAuthorization =
await registryAuthenticator.AuthenticatePullAsync(registryCredential, eventHandlers)
.ConfigureAwait(false);
return(new BaseImageWithAuthorization(
await PullBaseImageAsync(pullAuthorization, progressEventDispatcher)
.ConfigureAwait(false), pullAuthorization));
}
}
catch (Exception e)
{
// Cannot skip certificate validation or use HTTP; fall through.
eventHandlers.Dispatch(LogEvent.Error(Resources.PullBaseImageStepAuthenticationErrorMessage + ",err:" + e.Message));
throw;
}
eventHandlers.Dispatch(LogEvent.Error(Resources.PullBaseImageStepAuthenticationErrorMessage + ",err:BaseImageCredential not config "));
throw new Exception("BaseImageCredential not config");
}
public async Task <BaseImageWithAuthorization> CallAsync()
{
IEventHandlers eventHandlers = buildConfiguration.GetEventHandlers();
// Skip this step if this is a scratch image
ImageConfiguration baseImageConfiguration = buildConfiguration.GetBaseImageConfiguration();
string description = string.Format(
CultureInfo.CurrentCulture,
Resources.PullBaseImageStepDescriptionFormat,
buildConfiguration.GetBaseImageConfiguration().GetImage());
eventHandlers.Dispatch(LogEvent.Progress(description));
if (baseImageConfiguration.GetImage().IsScratch())
{
return(new BaseImageWithAuthorization(
Image.CreateBuilder(buildConfiguration.GetTargetFormat()).Build(), null));
}
if (buildConfiguration.IsOffline())
{
return(new BaseImageWithAuthorization(PullBaseImageOffline(), null));
}
using (ProgressEventDispatcher progressEventDispatcher = progressEventDispatcherFactory.Create(description, 2))
using (new TimerEventDispatcher(buildConfiguration.GetEventHandlers(), description))
{
// First, try with no credentials.
try
{
return(new BaseImageWithAuthorization(await PullBaseImageAsync(null, progressEventDispatcher).ConfigureAwait(false), null));
}
catch (RegistryUnauthorizedException)
{
eventHandlers.Dispatch(
LogEvent.Lifecycle(
"The base image requires auth. Trying again for "
+ buildConfiguration.GetBaseImageConfiguration().GetImage()
+ "..."));
// If failed, then, retrieve base registry credentials and try with retrieved credentials.
// TODO: Refactor the logic in RetrieveRegistryCredentialsStep out to
// registry.credentials.RegistryCredentialsRetriever to avoid this direct executor hack.
RetrieveRegistryCredentialsStep retrieveBaseRegistryCredentialsStep =
RetrieveRegistryCredentialsStep.ForBaseImage(
buildConfiguration,
progressEventDispatcher.NewChildProducer());
Credential registryCredential = await retrieveBaseRegistryCredentialsStep.GetFuture().ConfigureAwait(false);
Authorization registryAuthorization =
registryCredential?.IsOAuth2RefreshToken() != false
? null
: Authorization.FromBasicCredentials(
registryCredential.GetUsername(), registryCredential.GetPassword());
try
{
return(new BaseImageWithAuthorization(
await PullBaseImageAsync(registryAuthorization, progressEventDispatcher).ConfigureAwait(false), registryAuthorization));
}
catch (RegistryUnauthorizedException)
{
// The registry requires us to authenticate using the Docker Token Authentication.
// See https://docs.docker.com/registry/spec/auth/token
try
{
RegistryAuthenticator registryAuthenticator =
await buildConfiguration
.NewBaseImageRegistryClientFactory()
.NewRegistryClient()
.GetRegistryAuthenticatorAsync().ConfigureAwait(false);
if (registryAuthenticator != null)
{
Authorization pullAuthorization =
await registryAuthenticator.AuthenticatePullAsync(registryCredential).ConfigureAwait(false);
return(new BaseImageWithAuthorization(
await PullBaseImageAsync(pullAuthorization, progressEventDispatcher).ConfigureAwait(false), pullAuthorization));
}
}
catch (InsecureRegistryException)
{
// Cannot skip certificate validation or use HTTP; fall through.
}
eventHandlers.Dispatch(LogEvent.Error(Resources.PullBaseImageStepAuthenticationErrorMessage));
throw;
}
}
}
}
