diff --git a/build.gradle b/build.gradle index 0b7000b..efd5897 100644 --- a/build.gradle +++ b/build.gradle @@ -7,6 +7,8 @@ plugins { group project.artifact_group version project.artifact_version +project.projectDir + java { withSourcesJar() sourceCompatibility = targetCompatibility = project.java_min_version diff --git a/src/main/groovy/util/DockerLogin.groovy b/src/main/groovy/util/DockerLogin.groovy index d4eb696..a6f1827 100644 --- a/src/main/groovy/util/DockerLogin.groovy +++ b/src/main/groovy/util/DockerLogin.groovy @@ -3,6 +3,8 @@ package util import groovy.transform.CompileStatic import groovy.transform.Memoized +import java.util.function.Supplier + @CompileStatic class DockerLogin { @@ -20,21 +22,60 @@ class DockerLogin { ScriptLog.printf "Performing login to registry..." def registryName = CIProperties.getProperty("docker.registry") - def registryUser = CIProperties.getProperty("docker.registry.username") - def registryPassword = CIProperties.getProperty("docker.registry.password") if (registryName.isNullOrBlank()) { throw new IllegalStateException("Docker registry name not set") } - if (registryUser.isNullOrBlank()) { - throw new IllegalStateException("Docker registry user not set") - } - if (registryPassword.isNullOrBlank()) { - throw new IllegalStateException("Docker registry password not set") - } - sh "docker login $registryName -u $registryUser -p $registryPassword" + def credentials = getDockerCredentials() + validateCredentials(credentials) + invokeLogin(registryName, credentials) ScriptLog.printf "Login into docker registry '${registryName}' successful!" } + + private static void invokeLogin(String registryName, DockerRegistryCredentials credentials) { + sh "docker login $registryName -u $credentials.username -p $credentials.password" + } + + private static void validateCredentials(DockerRegistryCredentials credentials) { + if (credentials?.username?.isNullOrBlank()) { + throw new IllegalStateException("Docker registry user not set") + } + if (credentials?.password?.isNullOrBlank()) { + throw new IllegalStateException("Docker registry password not set") + } + } + + private static DockerRegistryCredentials getDockerCredentials() { + def useFiles = CIProperties.findProperty("docker.registry.use-files") + .orNull()?.toBoolean() ?: false + + if (useFiles) { + ScriptLog.printf "Reading docker registry credentials from files" + return readCredentialsFromFiles() + } else { + ScriptLog.printf "Reading docker registry credentials from envs" + return readCredentialsFromEnvs() + } + } + + private static DockerRegistryCredentials readCredentialsFromEnvs() { + return new DockerRegistryCredentials( + username: CIProperties.getProperty("docker.registry.username"), + password: CIProperties.getProperty("docker.registry.password") + ) + } + + private static DockerRegistryCredentials readCredentialsFromFiles() { + return new DockerRegistryCredentials( + username: DockerSecret.read("registry.username"), + password: DockerSecret.read("registry.password") + ) + } +} + +class DockerRegistryCredentials { + String username + String password } \ No newline at end of file diff --git a/src/main/groovy/util/DockerSecret.groovy b/src/main/groovy/util/DockerSecret.groovy new file mode 100644 index 0000000..c44f84f --- /dev/null +++ b/src/main/groovy/util/DockerSecret.groovy @@ -0,0 +1,14 @@ +package util + +import groovy.transform.CompileStatic + +@CompileStatic +class DockerSecret { + + public static final String SECRET_NAME_PROPERTY_PREFIX = "docker.registry.secret" + + static String read(String secretName) { + def location = CIProperties.getProperty("${SECRET_NAME_PROPERTY_PREFIX}.${secretName}") + return new File(location).in().readAllAsString() + } +}