seg_yinzy
/
che-server
mirror of https://github.com/eclipse-che/che-server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Duplicate creating a git-credentials secret on token fetch (#551) 

Duplicate the git-credentials secret creation step on create personal access token secret. Currently this step is performed on workspace provision step but in this case the PAT secret might be initialised when the provision is finished. In order to synchronise the personal access token secret and git credentials secret creation step duplicate the git credentials secret creation step after the PAT secret creation step.
Refactor the get(scmServerUrl) function in the KubernetesPersonalAccessTokenManager class
pull/553/head
Igor Vinokur 2023-09-05 12:49:09 +03:00 committed by GitHub
parent afd7cad8b8
commit da5174bf17
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 24 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java
View File

@ -232,15 +232,7 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
throws ScmCommunicationException, ScmConfigurationPersistenceException,
UnknownScmProviderException, UnsatisfiedScmPreconditionException,
ScmUnauthorizedException {
Subject subject = EnvironmentContext.getCurrent().getSubject();
Optional<PersonalAccessToken> tokenOptional = get(subject, scmServerUrl);
PersonalAccessToken personalAccessToken;
if (tokenOptional.isPresent()) {
personalAccessToken = tokenOptional.get();
} else {
// try to authenticate for the given URL
personalAccessToken = fetchAndSave(subject, scmServerUrl);
}
PersonalAccessToken personalAccessToken = get(scmServerUrl);
gitCredentialManager.createOrReplace(personalAccessToken);
return personalAccessToken;
}

9
wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerAuthorizingFileContentProviderTest.java
View File

@ -44,7 +44,7 @@ public class BitbucketServerAuthorizingFileContentProviderTest {
PersonalAccessToken token =
new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token");
when(personalAccessTokenManager.get(anyString())).thenReturn(token);
when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(token);
String fileURL = "https://foo.bar/scm/repo/.devfile";
@ -65,7 +65,8 @@ public class BitbucketServerAuthorizingFileContentProviderTest {
PersonalAccessToken token =
new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token");
when(personalAccessTokenManager.get(eq(TEST_SCHEME + "://" + TEST_HOSTNAME))).thenReturn(token);
when(personalAccessTokenManager.getAndStore(eq(TEST_SCHEME + "://" + TEST_HOSTNAME)))
.thenReturn(token);
String fileURL = "https://foo.bar/scm/repo/.devfile";
@ -73,7 +74,7 @@ public class BitbucketServerAuthorizingFileContentProviderTest {
fileContentProvider.fetchContent(fileURL);
// then
verify(personalAccessTokenManager).get(eq(TEST_SCHEME + "://" + TEST_HOSTNAME));
verify(personalAccessTokenManager).getAndStore(eq(TEST_SCHEME + "://" + TEST_HOSTNAME));
verify(urlFetcher).fetch(eq(fileURL), eq("Bearer token"));
}
@ -95,7 +96,7 @@ public class BitbucketServerAuthorizingFileContentProviderTest {
url, urlFetcher, personalAccessTokenManager);
PersonalAccessToken token =
new PersonalAccessToken(TEST_SCHEME + "://" + TEST_HOSTNAME, "user1", "token");
when(personalAccessTokenManager.get(anyString())).thenReturn(token);
when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(token);
// when
fileContentProvider.fetchContent(relative);

4
wsmaster/che-core-api-factory-bitbucket-server/src/test/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerScmFileResolverTest.java
View File

@ -73,7 +73,7 @@ public class BitbucketServerScmFileResolverTest {
public void shouldReturnContentFromUrlFetcher() throws Exception {
final String rawContent = "raw_content";
final String filename = "devfile.yaml";
when(personalAccessTokenManager.get(anyString()))
when(personalAccessTokenManager.getAndStore(anyString()))
.thenReturn(new PersonalAccessToken(SCM_URL, "root", "token123"));
when(urlFetcher.fetch(anyString(), eq("Bearer token123"))).thenReturn(rawContent);
@ -87,7 +87,7 @@ public class BitbucketServerScmFileResolverTest {
@Test
public void shouldFetchContentWithoutAuthentication() throws Exception {
// given
when(personalAccessTokenManager.get(anyString()))
when(personalAccessTokenManager.getAndStore(anyString()))
.thenThrow(new ScmUnauthorizedException("message", "bitbucket-server", "v1", "url"));
// when

12
wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubAuthorizingFileContentProviderTest.java
View File

@ -54,7 +54,7 @@ public class GithubAuthorizingFileContentProviderTest {
FileContentProvider fileContentProvider =
new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
when(personalAccessTokenManager.get(anyString()))
when(personalAccessTokenManager.getAndStore(anyString()))
.thenReturn(new PersonalAccessToken("foo", "che", "my-token"));
fileContentProvider.fetchContent("devfile.yaml");
@ -81,7 +81,7 @@ public class GithubAuthorizingFileContentProviderTest {
FileContentProvider fileContentProvider =
new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
when(personalAccessTokenManager.get(anyString()))
when(personalAccessTokenManager.getAndStore(anyString()))
.thenReturn(new PersonalAccessToken(raw_url, "che", "my-token"));
fileContentProvider.fetchContent(raw_url);
@ -98,7 +98,8 @@ public class GithubAuthorizingFileContentProviderTest {
FileContentProvider fileContentProvider =
new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
when(personalAccessTokenManager.get(anyString())).thenThrow(UnknownScmProviderException.class);
when(personalAccessTokenManager.getAndStore(anyString()))
.thenThrow(UnknownScmProviderException.class);
when(urlFetcher.fetch(eq(url))).thenThrow(FileNotFoundException.class);
@ -114,7 +115,8 @@ public class GithubAuthorizingFileContentProviderTest {
FileContentProvider fileContentProvider =
new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
when(personalAccessTokenManager.get(anyString())).thenThrow(UnknownScmProviderException.class);
when(personalAccessTokenManager.getAndStore(anyString()))
.thenThrow(UnknownScmProviderException.class);
when(urlFetcher.fetch(eq(url))).thenThrow(FileNotFoundException.class);
when(urlFetcher.fetch(eq("https://github.com/eclipse/che"))).thenThrow(IOException.class);
@ -130,7 +132,7 @@ public class GithubAuthorizingFileContentProviderTest {
FileContentProvider fileContentProvider =
new GithubAuthorizingFileContentProvider(githubUrl, urlFetcher, personalAccessTokenManager);
var personalAccessToken = new PersonalAccessToken(raw_url, "che", "my-token");
when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
fileContentProvider.fetchContent(raw_url);

4
wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubScmFileResolverTest.java
View File

@ -87,7 +87,7 @@ public class GithubScmFileResolverTest {
.thenReturn(rawContent);
lenient()
.when(personalAccessTokenManager.get(anyString()))
.when(personalAccessTokenManager.getAndStore(anyString()))
.thenReturn(new PersonalAccessToken("foo", "che", "my-token"));
when(githubApiClient.getLatestCommit(anyString(), anyString(), anyString(), any()))
@ -106,7 +106,7 @@ public class GithubScmFileResolverTest {
public void shouldReturnContentWithoutAuthentication() throws Exception {
// given
lenient()
.when(personalAccessTokenManager.get(anyString()))
.when(personalAccessTokenManager.getAndStore(anyString()))
.thenThrow(new ScmUnauthorizedException("message", "github", "v1", "url"));
// when

4
wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabAuthorizingFileContentProviderTest.java
View File

@ -36,7 +36,7 @@ public class GitlabAuthorizingFileContentProviderTest {
FileContentProvider fileContentProvider =
new GitlabAuthorizingFileContentProvider(gitlabUrl, urlFetcher, personalAccessTokenManager);
var personalAccessToken = new PersonalAccessToken("foo", "che", "my-token");
when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
fileContentProvider.fetchContent("devfile.yaml");
verify(urlFetcher)
.fetch(
@ -54,7 +54,7 @@ public class GitlabAuthorizingFileContentProviderTest {
String url =
"https://gitlab.net/api/v4/projects/eclipse%2Fche/repository/files/devfile.yaml/raw";
var personalAccessToken = new PersonalAccessToken(url, "che", "my-token");
when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
fileContentProvider.fetchContent(url);
verify(urlFetcher).fetch(eq(url), eq("Bearer my-token"));

4
wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabScmFileResolverTest.java
View File

@ -72,7 +72,7 @@ public class GitlabScmFileResolverTest {
public void shouldReturnContentFromUrlFetcher() throws Exception {
final String rawContent = "raw_content";
final String filename = "devfile.yaml";
when(personalAccessTokenManager.get(any(String.class)))
when(personalAccessTokenManager.getAndStore(any(String.class)))
.thenReturn(new PersonalAccessToken(SCM_URL, "root", "token123"));
when(urlFetcher.fetch(anyString(), eq("Bearer token123"))).thenReturn(rawContent);
@ -86,7 +86,7 @@ public class GitlabScmFileResolverTest {
@Test
public void shouldFetchContentWithoutAuthentication() throws Exception {
// given
when(personalAccessTokenManager.get(anyString()))
when(personalAccessTokenManager.getAndStore(anyString()))
.thenThrow(new ScmUnauthorizedException("message", "gitlab", "v1", "url"));
// when

2
wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AuthorizingFileContentProvider.java
View File

@ -80,7 +80,7 @@ public class AuthorizingFileContentProvider<T extends RemoteFactoryUrl>
String authorization;
if (isNullOrEmpty(credentials)) {
PersonalAccessToken token =
personalAccessTokenManager.get(remoteFactoryUrl.getProviderUrl());
personalAccessTokenManager.getAndStore(remoteFactoryUrl.getProviderUrl());
authorization =
formatAuthorization(
token.getToken(),

4
wsmaster/che-core-api-factory/src/test/java/org/eclipse/che/api/factory/server/scm/AuthorizingFactoryParameterResolverTest.java
View File

@ -48,13 +48,13 @@ public class AuthorizingFactoryParameterResolverTest {
// given
when(remoteFactoryUrl.getProviderUrl()).thenReturn("https://provider.url");
when(urlFetcher.fetch(anyString(), anyString())).thenReturn("content");
when(personalAccessTokenManager.get(anyString())).thenReturn(personalAccessToken);
when(personalAccessTokenManager.getAndStore(anyString())).thenReturn(personalAccessToken);
// when
provider.fetchContent("url");
// then
verify(personalAccessTokenManager).get(anyString());
verify(personalAccessTokenManager).getAndStore(anyString());
}
@Test