@Override protected KeyMaterialFactory newKeyMaterialFactory() throws IOException, InterruptedException { return step.server.newKeyMaterialFactory(job, workspace.getChannel()); }
public DefaultDockerHostSource() { this(new DockerServerEndpoint(null, null)); }
/** * As {@link #getClient()}, but overriding the default * <code>readTimeout</code>. This is typically used when running * long-duration activities that can "go quiet" for a long period of time, * e.g. pulling a docker image from a registry or building a docker image. * Most users should just call {@link #getClient()} instead. * * @param activityTimeoutInSeconds * The activity timeout, in seconds. A value less than one means * no timeout. * @return A raw {@link DockerClient} pointing at our docker service * endpoint. */ public DockerClient getClient(int activityTimeoutInSeconds) { return getOrMakeClient(dockerHost.getUri(), dockerHost.getCredentialsId(), activityTimeoutInSeconds, connectTimeout); }
/** * Makes the key materials available locally and returns {@link KeyMaterialFactory} that gives you the parameters * needed to access it. */ public KeyMaterialFactory newKeyMaterialFactory(@Nonnull Item context, @Nonnull VirtualChannel target) throws IOException, InterruptedException { // as a build step, your access to credentials are constrained by what the build // can access, hence Jenkins.getAuthentication() DockerServerCredentials creds=null; if (credentialsId!=null) { List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(getUri()).build(); domainRequirements.add(new DockerServerDomainRequirement()); creds = CredentialsMatchers.firstOrNull( CredentialsProvider.lookupCredentials( DockerServerCredentials.class, context, Jenkins.getAuthentication(), domainRequirements), CredentialsMatchers.withId(credentialsId) ); } // the directory needs to be outside workspace to avoid prying eyes FilePath dotDocker = dotDocker(target); dotDocker.mkdirs(); // ServerKeyMaterialFactory.materialize creates a random subdir if one is needed: return newKeyMaterialFactory(dotDocker, creds); }
@Override public boolean equals(Object o) { if (this == o) return true; if (o == null || getClass() != o.getClass()) return false; DockerAPI dockerAPI = (DockerAPI) o; if (connectTimeout != dockerAPI.connectTimeout) return false; if (readTimeout != dockerAPI.readTimeout) return false; if (dockerHost != null ? !dockerHost.equals(dockerAPI.dockerHost) : dockerAPI.dockerHost != null) return false; if (apiVersion != null ? !apiVersion.equals(dockerAPI.apiVersion) : dockerAPI.apiVersion != null) return false; if (hostname != null ? !hostname.equals(dockerAPI.hostname) : dockerAPI.hostname != null) return false; return true; }
/** * Makes the key materials available locally and returns {@link KeyMaterialFactory} that gives you the parameters * needed to access it. */ public KeyMaterialFactory newKeyMaterialFactory(@Nonnull Item context, @Nonnull VirtualChannel target) throws IOException, InterruptedException { // as a build step, your access to credentials are constrained by what the build // can access, hence Jenkins.getAuthentication() DockerServerCredentials creds=null; if (credentialsId!=null) { List<DomainRequirement> domainRequirements = URIRequirementBuilder.fromUri(getUri()).build(); domainRequirements.add(new DockerServerDomainRequirement()); creds = CredentialsMatchers.firstOrNull( CredentialsProvider.lookupCredentials( DockerServerCredentials.class, context, Jenkins.getAuthentication(), domainRequirements), CredentialsMatchers.withId(credentialsId) ); } // the directory needs to be outside workspace to avoid prying eyes FilePath dotDocker = dotDocker(target); dotDocker.mkdirs(); // ServerKeyMaterialFactory.materialize creates a random subdir if one is needed: return newKeyMaterialFactory(dotDocker, creds); }
/** * Create a plain {@link Socket} to docker API endpoint */ public Socket getSocket() throws IOException { try { final URI uri = new URI(dockerHost.getUri()); if ("unix".equals(uri.getScheme())) { final AFUNIXSocketAddress unix = new AFUNIXSocketAddress(new File("/var/run/docker.sock")); final Socket socket = AFUNIXSocket.newInstance(); socket.connect(unix); return socket; } final SSLConfig sslConfig = toSSlConfig(dockerHost.getCredentialsId()); if (sslConfig != null) { return sslConfig.getSSLContext().getSocketFactory().createSocket(uri.getHost(), uri.getPort()); } else { return new Socket(uri.getHost(), uri.getPort()); } } catch (Exception e) { throw new IOException("Failed to create a Socker for docker URI " + dockerHost.getUri(), e); } }
@Deprecated public String getServerUrl() { return getDockerHost().getUri(); }
public DockerHostConfig(DockerServerEndpoint endpoint, Item context) throws IOException, InterruptedException { this.endpoint = endpoint; try (ACLContext oldContext = ACL.as(ACL.SYSTEM)) { keys = endpoint.newKeyMaterialFactory(context, FilePath.localChannel).materialize(); } }
public DefaultDockerHostSource() { this(new DockerServerEndpoint(null, null)); }
/** * Makes the key materials available locally for the on-going build * and returns {@link KeyMaterialFactory} that gives you the parameters needed to access it. */ public KeyMaterialFactory newKeyMaterialFactory(@Nonnull AbstractBuild build) throws IOException, InterruptedException { final FilePath workspace = build.getWorkspace(); if (workspace == null) { throw new IllegalStateException("Build has no workspace"); } return newKeyMaterialFactory(build.getParent(), workspace.getChannel()); }
@Deprecated public DockerCloud(String name, List<DockerTemplate> templates, String serverUrl, int containerCap, int connectTimeout, int readTimeout, String credentialsId, String version, String dockerHostname) { this(name, templates, new DockerServerEndpoint(serverUrl, credentialsId), containerCap, connectTimeout, readTimeout, version, dockerHostname); }
/** * Makes the key materials available locally for the on-going build * and returns {@link KeyMaterialFactory} that gives you the parameters needed to access it. */ public KeyMaterialFactory newKeyMaterialFactory(@Nonnull AbstractBuild build) throws IOException, InterruptedException { final FilePath workspace = build.getWorkspace(); if (workspace == null) { throw new IllegalStateException("Build has no workspace"); } return newKeyMaterialFactory(build.getParent(), workspace.getChannel()); }
@DataBoundConstructor public DockerBuilder(String repoName) { this.server = new DockerServerEndpoint(null, null); this.registry = new DockerRegistryEndpoint(null, null); this.repoName = repoName; }
final URI uri = URI.create(api.getDockerHost().getUri()); if(uri.getScheme().equals("unix")) {
public DockerHostConfig(DockerServerEndpoint endpoint, Item context) throws IOException, InterruptedException { this.endpoint = endpoint; final SecurityContext impersonate = ACL.impersonate(ACL.SYSTEM); try { keys = endpoint.newKeyMaterialFactory(context, FilePath.localChannel).materialize(); } finally { SecurityContextHolder.setContext(impersonate); } }
public FormValidation doTestConnection( @QueryParameter String uri, @QueryParameter String credentialsId, @QueryParameter String apiVersion, @QueryParameter int connectTimeout, @QueryParameter int readTimeout ) { try { final DockerServerEndpoint dsep = new DockerServerEndpoint(uri, credentialsId); final DockerAPI dapi = new DockerAPI(dsep, connectTimeout, readTimeout, apiVersion, null); try(final DockerClient dc = dapi.getClient()) { final VersionCmd vc = dc.versionCmd(); final Version v = vc.exec(); final String actualVersion = v.getVersion(); final String actualApiVersion = v.getApiVersion(); return FormValidation.ok("Version = " + actualVersion + ", API Version = " + actualApiVersion); } } catch (Exception e) { return FormValidation.error(e, e.getMessage()); } } }