seg_yinzy
/
che-server
mirror of https://github.com/eclipse-che/che-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add debug logs to KubernetesPersonalAccessTokenManager class

pull/655/head
ivinokur 2024-02-20 16:10:46 +02:00
parent 4f8a84cb1d
commit 700d5839f7
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
infrastructures/infrastructure-factory/pom.xml
View File

@ -75,6 +75,10 @@
<groupId>org.eclipse.che.infrastructure</groupId> <groupId>org.eclipse.che.infrastructure</groupId>
<artifactId>infrastructure-kubernetes</artifactId> <artifactId>infrastructure-kubernetes</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency> <dependency>
<groupId>ch.qos.logback</groupId> <groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId> <artifactId>logback-classic</artifactId>

18
infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java
View File

@ -47,6 +47,8 @@ import org.eclipse.che.commons.subject.Subject;
import org.eclipse.che.workspace.infrastructure.kubernetes.CheServerKubernetesClientFactory; import org.eclipse.che.workspace.infrastructure.kubernetes.CheServerKubernetesClientFactory;
import org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta; import org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta;
import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory; import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** Manages personal access token secrets used for private repositories authentication. */ /** Manages personal access token secrets used for private repositories authentication. */
@Singleton @Singleton
@ -74,6 +76,9 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
private final ScmPersonalAccessTokenFetcher scmPersonalAccessTokenFetcher; private final ScmPersonalAccessTokenFetcher scmPersonalAccessTokenFetcher;
private final GitCredentialManager gitCredentialManager; private final GitCredentialManager gitCredentialManager;
private static final Logger LOG =
LoggerFactory.getLogger(KubernetesPersonalAccessTokenManager.class);
@Inject @Inject
public KubernetesPersonalAccessTokenManager( public KubernetesPersonalAccessTokenManager(
KubernetesNamespaceFactory namespaceFactory, KubernetesNamespaceFactory namespaceFactory,
@ -171,6 +176,10 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
Subject cheUser, @Nullable String oAuthProviderName, @Nullable String scmServerUrl) Subject cheUser, @Nullable String oAuthProviderName, @Nullable String scmServerUrl)
throws ScmConfigurationPersistenceException { throws ScmConfigurationPersistenceException {
try { try {
LOG.debug(
"Fetching personal access token for user {} and OAuth provider {}",
cheUser.getUserId(),
oAuthProviderName);
for (KubernetesNamespaceMeta namespaceMeta : namespaceFactory.list()) { for (KubernetesNamespaceMeta namespaceMeta : namespaceFactory.list()) {
List<Secret> secrets = List<Secret> secrets =
namespaceFactory namespaceFactory
@ -178,17 +187,24 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
.secrets() .secrets()
.get(KUBERNETES_PERSONAL_ACCESS_TOKEN_LABEL_SELECTOR); .get(KUBERNETES_PERSONAL_ACCESS_TOKEN_LABEL_SELECTOR);
for (Secret secret : secrets) { for (Secret secret : secrets) {
LOG.debug("Checking secret {}", secret.getMetadata().getName());
if (deleteSecretIfMisconfigured(secret)) { if (deleteSecretIfMisconfigured(secret)) {
LOG.debug("Secret {} is misconfigured and was deleted", secret.getMetadata().getName());
continue; continue;
} }
if (isSecretMatchesSearchCriteria(cheUser, oAuthProviderName, scmServerUrl, secret)) { if (isSecretMatchesSearchCriteria(cheUser, oAuthProviderName, scmServerUrl, secret)) {
LOG.debug("Iterating over secret {}", secret.getMetadata().getName());
PersonalAccessTokenParams personalAccessTokenParams = PersonalAccessTokenParams personalAccessTokenParams =
this.secret2PersonalAccessTokenParams(secret); this.secret2PersonalAccessTokenParams(secret);
Optional<String> scmUsername = Optional<String> scmUsername =
scmPersonalAccessTokenFetcher.getScmUsername(personalAccessTokenParams); scmPersonalAccessTokenFetcher.getScmUsername(personalAccessTokenParams);
if (scmUsername.isPresent()) { if (scmUsername.isPresent()) {
LOG.debug(
"Creating personal access token for user {} and OAuth provider {}",
cheUser.getUserId(),
oAuthProviderName);
Map<String, String> secretAnnotations = secret.getMetadata().getAnnotations(); Map<String, String> secretAnnotations = secret.getMetadata().getAnnotations();
PersonalAccessToken personalAccessToken = PersonalAccessToken personalAccessToken =
@ -212,10 +228,12 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
.secrets() .secrets()
.inNamespace(namespaceMeta.getName()) .inNamespace(namespaceMeta.getName())
.delete(secret); .delete(secret);
LOG.debug("Secret {} is misconfigured and was deleted", secret.getMetadata().getName());
} }
} }
} }
} catch (InfrastructureException | UnknownScmProviderException e) { } catch (InfrastructureException | UnknownScmProviderException e) {
LOG.debug("Failed to get personal access token", e);
throw new ScmConfigurationPersistenceException(e.getMessage(), e); throw new ScmConfigurationPersistenceException(e.getMessage(), e);
} }
return Optional.empty(); return Optional.empty();