diff --git a/capten/agent/internal/api/container_registry.go b/capten/agent/internal/api/container_registry.go index cf8bd7d9..5c80ed95 100644 --- a/capten/agent/internal/api/container_registry.go +++ b/capten/agent/internal/api/container_registry.go @@ -2,6 +2,8 @@ package api import ( "context" + "encoding/base64" + "encoding/json" "fmt" "github.com/google/uuid" @@ -11,6 +13,21 @@ import ( const containerRegEntityName = "container-registry" +type DockerConfigEntry struct { + Username string `json:"username,omitempty"` + Password string `json:"password,omitempty" datapolicy:"password"` + Email string `json:"email,omitempty"` + Auth string `json:"auth,omitempty" datapolicy:"token"` +} + +type DockerConfig map[string]DockerConfigEntry + +type DockerConfigJSON struct { + Auths DockerConfig `json:"auths" datapolicy:"token"` + // +optional + HttpHeaders map[string]string `json:"HttpHeaders,omitempty" datapolicy:"token"` +} + func (a *Agent) AddContainerRegistry(ctx context.Context, request *captenpluginspb.AddContainerRegistryRequest) ( *captenpluginspb.AddContainerRegistryResponse, error) { if err := validateArgs(request.RegistryUrl, request.RegistryType); err != nil { @@ -24,6 +41,14 @@ func (a *Agent) AddContainerRegistry(ctx context.Context, request *captenplugins a.log.Infof("Add Container registry %s request received", request.RegistryUrl) id := uuid.New() + configData, err := parseAndPrepareDockerConfigJSONContent(request.RegistryAttributes, request.RegistryUrl) + if err != nil { + return &captenpluginspb.AddContainerRegistryResponse{ + Status: captenpluginspb.StatusCode_INTERNAL_ERROR, + StatusMessage: "failed to add ContainerRegistry credential in vault", + }, err + } + request.RegistryAttributes["config.json"] = string(configData) if err := a.storeContainerRegCredential(ctx, id.String(), request.RegistryAttributes); err != nil { return &captenpluginspb.AddContainerRegistryResponse{ @@ -74,6 +99,15 @@ func (a *Agent) UpdateContainerRegistry(ctx context.Context, request *captenplug }, err } + configData, err := parseAndPrepareDockerConfigJSONContent(request.RegistryAttributes, request.RegistryUrl) + if err != nil { + return &captenpluginspb.UpdateContainerRegistryResponse{ + Status: captenpluginspb.StatusCode_INTERNAL_ERROR, + StatusMessage: "failed to add ContainerRegistry credential in vault", + }, err + } + request.RegistryAttributes["config.json"] = string(configData) + if err := a.storeContainerRegCredential(ctx, request.Id, request.RegistryAttributes); err != nil { return &captenpluginspb.UpdateContainerRegistryResponse{ Status: captenpluginspb.StatusCode_INTERNAL_ERROR, @@ -234,3 +268,27 @@ func (a *Agent) deleteContainerRegCredential(ctx context.Context, id string) err a.log.Infof("deleted credential for entity %s", credPath) return nil } + +func parseAndPrepareDockerConfigJSONContent(credMap map[string]string, server string) ([]byte, error) { + userName := credMap["username"] + password := credMap["password"] + return prepareDockerConfigJSONContent(userName, password, server) +} + +func prepareDockerConfigJSONContent(username, password, server string) ([]byte, error) { + dockerConfigAuth := DockerConfigEntry{ + Username: username, + Password: password, + Auth: encodeDockerConfigFieldAuth(username, password), + } + dockerConfigJSON := DockerConfigJSON{ + Auths: map[string]DockerConfigEntry{server: dockerConfigAuth}, + } + + return json.Marshal(dockerConfigJSON) +} + +func encodeDockerConfigFieldAuth(username, password string) string { + fieldValue := username + ":" + password + return base64.StdEncoding.EncodeToString([]byte(fieldValue)) +} diff --git a/capten/config-worker/internal/tekton/types.go b/capten/config-worker/internal/tekton/types.go index fd526683..b211f447 100644 --- a/capten/config-worker/internal/tekton/types.go +++ b/capten/config-worker/internal/tekton/types.go @@ -19,18 +19,3 @@ type tektonPluginConfig struct { ArgoCDApps []appConfig `json:"argoCDApps"` PipelineSyncUpdate pipelineSyncUpdate `json:"pipelineSyncUpdate"` } - -type DockerConfigEntry struct { - Username string `json:"username,omitempty"` - Password string `json:"password,omitempty" datapolicy:"password"` - Email string `json:"email,omitempty"` - Auth string `json:"auth,omitempty" datapolicy:"token"` -} - -type DockerConfig map[string]DockerConfigEntry - -type DockerConfigJSON struct { - Auths DockerConfig `json:"auths" datapolicy:"token"` - // +optional - HttpHeaders map[string]string `json:"HttpHeaders,omitempty" datapolicy:"token"` -}