seg_yinzy
/
che-server
mirror of https://github.com/eclipse-che/che-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add debug logs to KubernetesPersonalAccessTokenManager class (#655)

pull/656/head
Igor Vinokur 2024-02-20 18:07:04 +02:00 committed by GitHub
parent f9f4c8e5d5
commit a691074548
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
infrastructures/infrastructure-factory/pom.xml
View File

@ -75,6 +75,10 @@
<groupId>org.eclipse.che.infrastructure</groupId>
<artifactId>infrastructure-kubernetes</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>

18
infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java
View File

@ -47,6 +47,8 @@ import org.eclipse.che.commons.subject.Subject;
import org.eclipse.che.workspace.infrastructure.kubernetes.CheServerKubernetesClientFactory;
import org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta;
import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** Manages personal access token secrets used for private repositories authentication. */
@Singleton
@ -74,6 +76,9 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
private final ScmPersonalAccessTokenFetcher scmPersonalAccessTokenFetcher;
private final GitCredentialManager gitCredentialManager;
private static final Logger LOG =
LoggerFactory.getLogger(KubernetesPersonalAccessTokenManager.class);
@Inject
public KubernetesPersonalAccessTokenManager(
KubernetesNamespaceFactory namespaceFactory,
@ -171,6 +176,10 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
Subject cheUser, @Nullable String oAuthProviderName, @Nullable String scmServerUrl)
throws ScmConfigurationPersistenceException {
try {
LOG.debug(
"Fetching personal access token for user {} and OAuth provider {}",
cheUser.getUserId(),
oAuthProviderName);
for (KubernetesNamespaceMeta namespaceMeta : namespaceFactory.list()) {
List<Secret> secrets =
namespaceFactory
@ -178,17 +187,24 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
.secrets()
.get(KUBERNETES_PERSONAL_ACCESS_TOKEN_LABEL_SELECTOR);
for (Secret secret : secrets) {
LOG.debug("Checking secret {}", secret.getMetadata().getName());
if (deleteSecretIfMisconfigured(secret)) {
LOG.debug("Secret {} is misconfigured and was deleted", secret.getMetadata().getName());
continue;
}
if (isSecretMatchesSearchCriteria(cheUser, oAuthProviderName, scmServerUrl, secret)) {
LOG.debug("Iterating over secret {}", secret.getMetadata().getName());
PersonalAccessTokenParams personalAccessTokenParams =
this.secret2PersonalAccessTokenParams(secret);
Optional<String> scmUsername =
scmPersonalAccessTokenFetcher.getScmUsername(personalAccessTokenParams);
if (scmUsername.isPresent()) {
LOG.debug(
"Creating personal access token for user {} and OAuth provider {}",
cheUser.getUserId(),
oAuthProviderName);
Map<String, String> secretAnnotations = secret.getMetadata().getAnnotations();
PersonalAccessToken personalAccessToken =
@ -212,10 +228,12 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
.secrets()
.inNamespace(namespaceMeta.getName())
.delete(secret);
LOG.debug("Secret {} is misconfigured and was deleted", secret.getMetadata().getName());
}
}
}
} catch (InfrastructureException | UnknownScmProviderException e) {
LOG.debug("Failed to get personal access token", e);
throw new ScmConfigurationPersistenceException(e.getMessage(), e);
}
return Optional.empty();