Supports only service account based authentication. removed other authentication strategy.

Author: bdpiprava

src/main/java/cd/go/contrib/elasticagent/KubernetesClientFactory.java

@@ -20,11 +20,7 @@
 import io.fabric8.kubernetes.client.DefaultKubernetesClient;
 import io.fabric8.kubernetes.client.KubernetesClient;
 
-import java.util.Base64;
-
 import static cd.go.contrib.elasticagent.KubernetesPlugin.LOG;
-import static cd.go.contrib.elasticagent.model.AuthenticationStrategy.CLUSTER_CERTS;
-import static cd.go.contrib.elasticagent.model.AuthenticationStrategy.OAUTH_TOKEN;
 import static java.text.MessageFormat.format;
 
 public class KubernetesClientFactory {
@@ -45,29 +41,16 @@ public synchronized KubernetesClient client(PluginSettings pluginSettings) {
         LOG.debug(format("Creating a new client because {0}.", (client == null) ? "client is null" : "plugin setting is changed"));
         this.pluginSettings = pluginSettings;
         this.client = createClientFor(pluginSettings);
-        LOG.debug(format("New client is created using authentication strategy {0}.", pluginSettings.getAuthenticationStrategy()));
+        LOG.debug("New client is created.");
         return this.client;
     }
 
     private KubernetesClient createClientFor(PluginSettings pluginSettings) {
-        LOG.debug(format("Creating config using authentication strategy {0}.", pluginSettings.getAuthenticationStrategy().name()));
-        final ConfigBuilder configBuilder = new ConfigBuilder();
-
-        if (pluginSettings.getAuthenticationStrategy() == OAUTH_TOKEN) {
-            configBuilder.withOauthToken(pluginSettings.getOauthToken());
-
-        } else if (pluginSettings.getAuthenticationStrategy() == CLUSTER_CERTS) {
-            configBuilder
-                    .withMasterUrl(pluginSettings.getClusterUrl())
-                    .withCaCertData(pluginSettings.getCaCertData())
-                    .withClientKeyData(encodeToBase64(pluginSettings.getClientKeyData()))
-                    .withClientCertData(pluginSettings.getClientCertData());
-        }
+        final ConfigBuilder configBuilder = new ConfigBuilder()
+                .withOauthToken(pluginSettings.getOauthToken())
+                .withMasterUrl(pluginSettings.getClusterUrl())
+                .withCaCertData(pluginSettings.getCaCertData());
 
         return new DefaultKubernetesClient(configBuilder.build());
     }
-
-    private String encodeToBase64(String stringToEncode) {
-        return Base64.getEncoder().encodeToString(stringToEncode.getBytes());
-    }
 }

src/main/java/cd/go/contrib/elasticagent/PluginSettings.java

@@ -16,7 +16,6 @@
 
 package cd.go.contrib.elasticagent;
 
-import cd.go.contrib.elasticagent.model.AuthenticationStrategy;
 import com.google.gson.annotations.Expose;
 import com.google.gson.annotations.SerializedName;
 import org.joda.time.Period;
@@ -37,29 +36,17 @@ public class PluginSettings {
     private Integer maxPendingPods = 10;
 
     @Expose
-    @SerializedName("authentication_strategy")
-    private String authenticationStrategy = AuthenticationStrategy.OAUTH_TOKEN.name();
+    @SerializedName("kubernetes_cluster_url")
+    private String clusterUrl;
 
     @Expose
     @SerializedName("oauth_token")
     private String oauthToken;
 
-    @Expose
-    @SerializedName("kubernetes_cluster_url")
-    private String clusterUrl;
-
     @Expose
     @SerializedName("kubernetes_cluster_ca_cert")
     private String clusterCACertData;
 
-    @Expose
-    @SerializedName("client_key_data")
-    private String clientKeyData;
-
-    @Expose
-    @SerializedName("client_cert_data")
-    private String clientCertData;
-
     private Period autoRegisterPeriod;
 
     public PluginSettings() {
@@ -94,10 +81,6 @@ public String getGoServerUrl() {
         return goServerUrl;
     }
 
-    public AuthenticationStrategy getAuthenticationStrategy() {
-        return AuthenticationStrategy.from(authenticationStrategy);
-    }
-
     public String getOauthToken() {
         return oauthToken;
     }
@@ -110,14 +93,6 @@ public String getCaCertData() {
         return clusterCACertData;
     }
 
-    public String getClientKeyData() {
-        return clientKeyData;
-    }
-
-    public String getClientCertData() {
-        return clientCertData;
-    }
-
     @Override
     public boolean equals(Object o) {
         if (this == o) return true;
@@ -130,28 +105,19 @@ public boolean equals(Object o) {
             return false;
         if (maxPendingPods != null ? !maxPendingPods.equals(that.maxPendingPods) : that.maxPendingPods != null)
             return false;
-        if (authenticationStrategy != null ? !authenticationStrategy.equals(that.authenticationStrategy) : that.authenticationStrategy != null)
-            return false;
         if (clusterUrl != null ? !clusterUrl.equals(that.clusterUrl) : that.clusterUrl != null) return false;
-        if (clusterCACertData != null ? !clusterCACertData.equals(that.clusterCACertData) : that.clusterCACertData != null)
-            return false;
         if (oauthToken != null ? !oauthToken.equals(that.oauthToken) : that.oauthToken != null) return false;
-        if (clientKeyData != null ? !clientKeyData.equals(that.clientKeyData) : that.clientKeyData != null)
-            return false;
-        return clientCertData != null ? clientCertData.equals(that.clientCertData) : that.clientCertData == null;
+        return clusterCACertData != null ? clusterCACertData.equals(that.clusterCACertData) : that.clusterCACertData == null;
     }
 
     @Override
     public int hashCode() {
         int result = goServerUrl != null ? goServerUrl.hashCode() : 0;
         result = 31 * result + (autoRegisterTimeout != null ? autoRegisterTimeout.hashCode() : 0);
         result = 31 * result + (maxPendingPods != null ? maxPendingPods.hashCode() : 0);
-        result = 31 * result + (authenticationStrategy != null ? authenticationStrategy.hashCode() : 0);
         result = 31 * result + (clusterUrl != null ? clusterUrl.hashCode() : 0);
-        result = 31 * result + (clusterCACertData != null ? clusterCACertData.hashCode() : 0);
         result = 31 * result + (oauthToken != null ? oauthToken.hashCode() : 0);
-        result = 31 * result + (clientKeyData != null ? clientKeyData.hashCode() : 0);
-        result = 31 * result + (clientCertData != null ? clientCertData.hashCode() : 0);
+        result = 31 * result + (clusterCACertData != null ? clusterCACertData.hashCode() : 0);
         return result;
     }
 }

src/main/java/cd/go/contrib/elasticagent/executors/GetPluginConfigurationExecutor.java

@@ -31,23 +31,17 @@ public class GetPluginConfigurationExecutor implements RequestExecutor {
     public static final Field GO_SERVER_URL = new GoServerUrlField("go_server_url", "GoCD server URL", false, "0");
     public static final Field AUTO_REGISTER_TIMEOUT = new PositiveNumberField("auto_register_timeout", "Agent auto-register timeout (in minutes)", "10", false, false, "1");
     public static final Field MAX_PENDING_PODS = new PositiveNumberField("pending_pods_count", "Maximum pending pods", "10", false, false, "2");
-    public static final Field AUTHENTICATION_STRATEGY = new NonBlankField("authentication_strategy", "Authentication strategy", false, "3");
-    public static final Field OAUTH_TOKEN = new Field("oauth_token", "Oauth token", null, false, true, "4");
-    public static final Field CLUSTER_URL = new SecureURLField("kubernetes_cluster_url", "Cluster URL", false, "5");
-    public static final Field CLUSTER_CA_CERT = new Field("kubernetes_cluster_ca_cert", "Cluster ca certificate", null, false, true, "6");
-    public static final Field CLIENT_KEY_DATA = new Field("client_key_data", "Client key data", null, false, true, "7");
-    public static final Field CLIENT_CERT_DATA = new Field("client_cert_data", "client cert data", null, false, true, "8");
+    public static final Field OAUTH_TOKEN = new NonBlankField("oauth_token", "Oauth token", true, "3");
+    public static final Field CLUSTER_URL = new SecureURLField("kubernetes_cluster_url", "Cluster URL", true, "4");
+    public static final Field CLUSTER_CA_CERT = new Field("kubernetes_cluster_ca_cert", "Cluster ca certificate", null, false, true, "5");
 
     static {
         FIELDS.put(GO_SERVER_URL.key(), GO_SERVER_URL);
         FIELDS.put(AUTO_REGISTER_TIMEOUT.key(), AUTO_REGISTER_TIMEOUT);
         FIELDS.put(MAX_PENDING_PODS.key(), MAX_PENDING_PODS);
         FIELDS.put(CLUSTER_URL.key(), CLUSTER_URL);
         FIELDS.put(CLUSTER_CA_CERT.key(), CLUSTER_CA_CERT);
-        FIELDS.put(AUTHENTICATION_STRATEGY.key(), AUTHENTICATION_STRATEGY);
         FIELDS.put(OAUTH_TOKEN.key(), OAUTH_TOKEN);
-        FIELDS.put(CLIENT_KEY_DATA.key(), CLIENT_KEY_DATA);
-        FIELDS.put(CLIENT_CERT_DATA.key(), CLIENT_CERT_DATA);
     }
 
     public GoPluginApiResponse execute() {

src/main/java/cd/go/contrib/elasticagent/executors/ValidateConfigurationExecutor.java

@@ -19,23 +19,21 @@
 import cd.go.contrib.elasticagent.PluginRequest;
 import cd.go.contrib.elasticagent.RequestExecutor;
 import cd.go.contrib.elasticagent.ServerRequestFailedException;
-import cd.go.contrib.elasticagent.model.AuthenticationStrategy;
 import cd.go.contrib.elasticagent.model.Field;
 import cd.go.contrib.elasticagent.model.ServerInfo;
 import cd.go.contrib.elasticagent.requests.ValidatePluginSettings;
 import com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse;
 import com.thoughtworks.go.plugin.api.response.GoPluginApiResponse;
-import org.apache.commons.lang3.StringUtils;
 
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
 import static cd.go.contrib.elasticagent.KubernetesPlugin.LOG;
-import static cd.go.contrib.elasticagent.executors.GetPluginConfigurationExecutor.*;
+import static cd.go.contrib.elasticagent.executors.GetPluginConfigurationExecutor.FIELDS;
+import static cd.go.contrib.elasticagent.executors.GetPluginConfigurationExecutor.GO_SERVER_URL;
 import static cd.go.contrib.elasticagent.utils.Util.GSON;
-import static java.text.MessageFormat.format;
 import static org.apache.commons.lang3.StringUtils.isBlank;
 
 public class ValidateConfigurationExecutor implements RequestExecutor {
@@ -61,8 +59,6 @@ public GoPluginApiResponse execute() throws ServerRequestFailedException {
         }
 
         validateGoServerUrl();
-        validateAuthenticationDataBasedOnAuthenticationStrategy();
-        System.out.println(GSON.toJson(result));
 
         return DefaultGoPluginApiResponse.success(GSON.toJson(result));
     }
@@ -77,44 +73,6 @@ private void validateGoServerUrl() {
         }
     }
 
-    private void validateAuthenticationDataBasedOnAuthenticationStrategy() {
-        try {
-            final String authenticationStrategyStr = settings.get(AUTHENTICATION_STRATEGY.key());
-            if (StringUtils.isBlank(authenticationStrategyStr)) {
-                return;
-            }
-
-            final AuthenticationStrategy authenticationStrategy = AuthenticationStrategy.from(authenticationStrategyStr);
-            if (authenticationStrategy == AuthenticationStrategy.OAUTH_TOKEN && StringUtils.isBlank(settings.get(OAUTH_TOKEN.key()))) {
-                result.add(error(OAUTH_TOKEN.key(), errorMessageWithAuthenticationStrategy(authenticationStrategy, OAUTH_TOKEN.displayName())));
-            }
-
-            if (authenticationStrategy == AuthenticationStrategy.CLUSTER_CERTS) {
-                if (StringUtils.isBlank(settings.get(CLUSTER_CA_CERT.key()))) {
-                    result.add(error(CLUSTER_CA_CERT.key(), errorMessageWithAuthenticationStrategy(authenticationStrategy, CLUSTER_CA_CERT.displayName())));
-                }
-
-                if (StringUtils.isBlank(settings.get(CLIENT_KEY_DATA.key()))) {
-                    result.add(error(CLIENT_KEY_DATA.key(), errorMessageWithAuthenticationStrategy(authenticationStrategy, CLIENT_KEY_DATA.displayName())));
-                }
-
-                if (StringUtils.isBlank(settings.get(CLIENT_CERT_DATA.key()))) {
-                    result.add(error(CLIENT_CERT_DATA.key(), errorMessageWithAuthenticationStrategy(authenticationStrategy, CLIENT_CERT_DATA.displayName())));
-                }
-
-                if (StringUtils.isBlank(settings.get(CLUSTER_URL.key()))) {
-                    result.add(error(CLUSTER_URL.key(), errorMessageWithAuthenticationStrategy(authenticationStrategy, CLUSTER_URL.displayName())));
-                }
-            }
-        } catch (Exception e) {
-            result.add(error(AUTHENTICATION_STRATEGY.key(), e.getMessage()));
-        }
-    }
-
-    private String errorMessageWithAuthenticationStrategy(AuthenticationStrategy authenticationStrategy, String fieldName) {
-        return format("{0} is required when authentication strategy is set to {1}.", fieldName, authenticationStrategy.name());
-    }
-
     private Map<String, String> error(String key, String errorMessage) {
         Map<String, String> error = new HashMap<>();
         error.put("key", key);

src/main/java/cd/go/contrib/elasticagent/model/AuthenticationStrategy.java

@@ -78,14 +78,14 @@
 	</div>
 
 	<div class="row">
-		<label>Agent auto-register timeout (in minutes)<span class='asterix'>*</span></label>
+		<label>Agent auto-register timeout (in minutes)</label>
 		<input type="text" ng-model="auto_register_timeout" ng-required="true"/>
 		<span class="form_error" ng-show="GOINPUTNAME[auto_register_timeout].$error.server">{{GOINPUTNAME[auto_register_timeout].$error.server}}</span>
 		<label class="form-help-content">Defaults to <code>10 minutes</code>.</label>
 	</div>
 
 	<div class="row">
-		<label>Maximum pending pods<span class='asterix'>*</span></label>
+		<label>Maximum pending pods</label>
 		<input type="text" ng-model="pending_pods_count" ng-required="true"/>
 		<span class="form_error" ng-show="GOINPUTNAME[pending_pods_count].$error.server">{{GOINPUTNAME[pending_pods_count].$error.server}}</span>
 		<label class="form-help-content">Defaults to <code>10 pods</code>.</label>
@@ -94,68 +94,34 @@
 	<fieldset>
 		<legend>Cluster credentials</legend>
 		<div class="row">
-			<div class="columns small-3 medium-2 larger-2 no-padding">
-				<label>Authentication Strategy</label>
-			</div>
-			<div class="columns small-9 medium-10 larger-10 no-padding"
-				 ng-init="authentication_strategy = (authentication_strategy || 'OAUTH_TOKEN')">
-				<input type="radio" ng-model="authentication_strategy" value="OAUTH_TOKEN" id="oauth-token"
-					   ng-checked="(authentication_strategy == 'OAUTH_TOKEN')"/>
-				<label for="oauth-token">OAuth token</label>
-
-				<input type="radio" ng-model="authentication_strategy" value="CLUSTER_CERTS"
-					   id="cluster-certs"/>
-				<label for="cluster-certs">Cluster credentials</label>
-				<span class="form_error form-error" ng-show="GOINPUTNAME[authentication_strategy].$error.server">
-					{{GOINPUTNAME[authentication_strategy].$error.server}}
-				</span>
-			</div>
+			<label>Cluster URL<span class='asterix'>*</span></label>
+			<input type="text" ng-model="kubernetes_cluster_url" ng-required="true"/>
+			<span class="form_error" ng-show="GOINPUTNAME[kubernetes_cluster_url].$error.server">{{GOINPUTNAME[kubernetes_cluster_url].$error.server}}</span>
+			<label class="form-help-content">
+				Kubernetes Cluster URL. Can be obtained by running <code>kubectl cluster-info</code>
+			</label>
 		</div>
 
-		<div ng-show="authentication_strategy == 'OAUTH_TOKEN'" class="row">
+		<div class="row">
 			<label>OAuth token
 				<span class='asterix'>*</span>
 			</label>
 			<textarea rows="5" ng-model="oauth_token"></textarea>
 			<span class="form_error form-error" ng-show="GOINPUTNAME[oauth_token].$error.server">{{GOINPUTNAME[oauth_token].$error.server}}</span>
+			<label class="form-help-content">
+				Get the service account token by running following command <code>kubectl describe secret
+				TOKEN_NAME</code> and copy the value of token here.
+			</label>
 		</div>
 
-		<div ng-show="authentication_strategy == 'CLUSTER_CERTS'">
-			<div class="row">
-				<label>Cluster URL<span class='asterix'>*</span></label>
-				<input type="text" ng-model="kubernetes_cluster_url" ng-required="true"/>
-				<span class="form_error" ng-show="GOINPUTNAME[kubernetes_cluster_url].$error.server">{{GOINPUTNAME[kubernetes_cluster_url].$error.server}}</span>
-				<label class="form-help-content">
-					Kubernetes Cluster URL. Can be obtained by running <code>kubectl cluster-info</code>
-				</label>
-			</div>
 
-			<div class="row">
-				<label>Cluster ca certificate data<span class='asterix'>*</span></label>
-				<textarea ng-model="kubernetes_cluster_ca_cert" rows="7"></textarea>
-				<span class="form_error" ng-show="GOINPUTNAME[kubernetes_cluster_ca_cert].$error.server">{{GOINPUTNAME[kubernetes_cluster_ca_cert].$error.server}}</span>
-				<label class="form-help-content">
-					Kubernetes cluster ca certificate data.
-				</label>
-			</div>
-
-			<div class="row">
-				<label>Cluster client key data<span class='asterix'>*</span></label>
-				<textarea ng-model="client_key_data" rows="7"></textarea>
-				<span class="form_error" ng-show="GOINPUTNAME[client_key_data].$error.server">{{GOINPUTNAME[client_key_data].$error.server}}</span>
-				<label class="form-help-content">
-					Kubernetes cluster client key data.
-				</label>
-			</div>
-
-			<div class="row">
-				<label>Cluster client key<span class='asterix'>*</span></label>
-				<textarea ng-model="client_cert_data" rows="7"></textarea>
-				<span class="form_error" ng-show="GOINPUTNAME[client_cert_data].$error.server">{{GOINPUTNAME[client_cert_data].$error.server}}</span>
-				<label class="form-help-content">
-					Kubernetes cluster client certificate data.
-				</label>
-			</div>
+		<div class="row">
+			<label>Cluster ca certificate data<span class='asterix'>*</span></label>
+			<textarea ng-model="kubernetes_cluster_ca_cert" rows="7"></textarea>
+			<span class="form_error" ng-show="GOINPUTNAME[kubernetes_cluster_ca_cert].$error.server">{{GOINPUTNAME[kubernetes_cluster_ca_cert].$error.server}}</span>
+			<label class="form-help-content">
+				Kubernetes cluster ca certificate data.
+			</label>
 		</div>
 	</fieldset>
 </div>