Added authentication strategy

Author: bdpiprava

src/main/java/cd/go/contrib/elasticagent/KubernetesAgentInstances.java

@@ -58,7 +58,7 @@ public KubernetesAgentInstances(KubernetesClientFactory factory, KubernetesInsta
 
     @Override
     public KubernetesInstance create(CreateAgentRequest request, PluginSettings settings, PluginRequest pluginRequest) throws Exception {
-        final Integer maxAllowedContainers = settings.getMaximumPendingAgentsCount();
+        final Integer maxAllowedContainers = settings.getMaxPendingPods();
         synchronized (instances) {
             doWithLockOnSemaphore(new SetupSemaphore(maxAllowedContainers, instances, semaphore));
 
@@ -84,7 +84,7 @@ private KubernetesInstance createKubernetesInstance(CreateAgentRequest request,
             return null;
         }
 
-        KubernetesClient client = factory.kubernetes(settings);
+        KubernetesClient client = factory.client(settings);
         KubernetesInstance instance = kubernetesInstanceFactory.create(request, settings, client, pluginRequest, isUsingPodYaml(request));
         register(instance);
 
@@ -109,7 +109,7 @@ private boolean isUsingPodYaml(CreateAgentRequest request) {
     public void terminate(String agentId, PluginSettings settings) throws Exception {
         KubernetesInstance instance = instances.get(agentId);
         if (instance != null) {
-            KubernetesClient client = factory.kubernetes(settings);
+            KubernetesClient client = factory.client(settings);
             instance.terminate(client);
         } else {
             LOG.warn("Requested to terminate an instance that does not exist " + agentId);
@@ -149,7 +149,7 @@ public Agents instancesCreatedAfterTimeout(PluginSettings settings, Agents agent
     @Override
     public void refreshAll(PluginRequest pluginRequest) throws Exception {
         LOG.debug("[Refresh Instances]. Syncing k8s elastic agent pod information");
-        KubernetesClient client = factory.kubernetes(pluginRequest.getPluginSettings());
+        KubernetesClient client = factory.client(pluginRequest.getPluginSettings());
         PodList list = client.pods().inNamespace(Constants.KUBERNETES_NAMESPACE).list();
 
         for (Pod pod : list.getItems()) {
@@ -174,7 +174,7 @@ private void register(KubernetesInstance instance) {
     private KubernetesAgentInstances unregisteredAfterTimeout(PluginSettings settings, Agents knownAgents) throws Exception {
         Period period = settings.getAutoRegisterPeriod();
         KubernetesAgentInstances unregisteredInstances = new KubernetesAgentInstances();
-        KubernetesClient client = factory.kubernetes(settings);
+        KubernetesClient client = factory.client(settings);
 
         for (String instanceName : instances.keySet()) {
             if (knownAgents.containsAgentWithId(instanceName)) {

src/main/java/cd/go/contrib/elasticagent/KubernetesClientFactory.java

@@ -16,12 +16,14 @@
 
 package cd.go.contrib.elasticagent;
 
-import io.fabric8.kubernetes.client.Config;
 import io.fabric8.kubernetes.client.ConfigBuilder;
 import io.fabric8.kubernetes.client.DefaultKubernetesClient;
 import io.fabric8.kubernetes.client.KubernetesClient;
 
 import static cd.go.contrib.elasticagent.KubernetesPlugin.LOG;
+import static cd.go.contrib.elasticagent.model.AuthenticationStrategy.CLUSTER_CERTS;
+import static cd.go.contrib.elasticagent.model.AuthenticationStrategy.OAUTH_TOKEN;
+import static java.text.MessageFormat.format;
 
 public class KubernetesClientFactory {
     private static final KubernetesClientFactory KUBERNETES_CLIENT_FACTORY = new KubernetesClientFactory();
@@ -32,24 +34,34 @@ public static KubernetesClientFactory instance() {
         return KUBERNETES_CLIENT_FACTORY;
     }
 
-    private static KubernetesClient createClient(PluginSettings pluginSettings) {
-        Config config = new ConfigBuilder()
-                .withMasterUrl(pluginSettings.getKubernetesClusterUrl())
-                .withCaCertData(pluginSettings.getKubernetesClusterCACert())
-                .build();
-
-        return new DefaultKubernetesClient(config);
-    }
-
-    public synchronized KubernetesClient kubernetes(PluginSettings pluginSettings) {
+    public synchronized KubernetesClient client(PluginSettings pluginSettings) {
         if (pluginSettings.equals(this.pluginSettings) && this.client != null) {
             LOG.debug("Using previously created client.");
             return this.client;
         }
 
-        LOG.debug("Client is null or plugin setting has been changed. Creating new client...");
+        LOG.debug(format("Creating a new client because {0}.", (client == null) ? "client is null" : "plugin setting is changed"));
         this.pluginSettings = pluginSettings;
-        this.client = createClient(pluginSettings);
+        this.client = createClientFor(pluginSettings);
+        LOG.debug(format("New client is created using authentication strategy {0}.", pluginSettings.getAuthenticationStrategy()));
         return this.client;
     }
+
+    private KubernetesClient createClientFor(PluginSettings pluginSettings) {
+        LOG.debug(format("Creating config using authentication strategy {0}.", pluginSettings.getAuthenticationStrategy().name()));
+        final ConfigBuilder configBuilder = new ConfigBuilder();
+
+        if (pluginSettings.getAuthenticationStrategy() == OAUTH_TOKEN) {
+            configBuilder.withOauthToken(pluginSettings.getOauthToken());
+
+        } else if (pluginSettings.getAuthenticationStrategy() == CLUSTER_CERTS) {
+            configBuilder
+                    .withMasterUrl(pluginSettings.getClusterUrl())
+                    .withCaCertData(pluginSettings.getCaCertData())
+                    .withClientKeyData(pluginSettings.getClientKeyData())
+                    .withClientCertData(pluginSettings.getClientCertData());
+        }
+
+        return new DefaultKubernetesClient(configBuilder.build());
+    }
 }

src/main/java/cd/go/contrib/elasticagent/PluginRequest.java

@@ -53,11 +53,6 @@ public PluginSettings getPluginSettings() throws ServerRequestFailedException {
         }
 
         PluginSettings pluginSettings = PluginSettings.fromJSON(response.responseBody());
-
-        if (pluginSettings == null) {
-            pluginSettings = PluginSettings.fromEnv();
-        }
-
         if (pluginSettings == null) {
             throw new PluginSettingsNotConfiguredException();
         }

src/main/java/cd/go/contrib/elasticagent/PluginSettings.java

@@ -16,12 +16,11 @@
 
 package cd.go.contrib.elasticagent;
 
+import cd.go.contrib.elasticagent.model.AuthenticationStrategy;
 import com.google.gson.annotations.Expose;
 import com.google.gson.annotations.SerializedName;
-import org.apache.commons.lang3.StringUtils;
 import org.joda.time.Period;
 
-import static cd.go.contrib.elasticagent.executors.GetPluginConfigurationExecutor.*;
 import static cd.go.contrib.elasticagent.utils.Util.GSON;
 
 public class PluginSettings {
@@ -31,29 +30,45 @@ public class PluginSettings {
 
     @Expose
     @SerializedName("auto_register_timeout")
-    private String autoRegisterTimeout;
+    private Integer autoRegisterTimeout = 10;
 
     @Expose
     @SerializedName("pending_pods_count")
-    private String pendingPodsCount;
+    private Integer maxPendingPods = 10;
+
+    @Expose
+    @SerializedName("authentication_strategy")
+    private String authenticationStrategy = AuthenticationStrategy.OAUTH_TOKEN.name();
+
+    @Expose
+    @SerializedName("oauth_token")
+    private String oauthToken;
 
     @Expose
     @SerializedName("kubernetes_cluster_url")
-    private String kubernetesClusterUrl;
+    private String clusterUrl;
 
     @Expose
     @SerializedName("kubernetes_cluster_ca_cert")
-    private String kubernetesClusterCACert;
+    private String clusterCACertData;
+
+    @Expose
+    @SerializedName("client_key_data")
+    private String clientKeyData;
+
+    @Expose
+    @SerializedName("client_cert_data")
+    private String clientCertData;
 
     private Period autoRegisterPeriod;
 
     public PluginSettings() {
     }
 
-    public PluginSettings(String goServerUrl, String clusterUrl, String clusterCACert) {
+    public PluginSettings(String goServerUrl, String clusterUrl, String clusterCACertData) {
         this.goServerUrl = goServerUrl;
-        this.kubernetesClusterUrl = clusterUrl;
-        this.kubernetesClusterCACert = clusterCACert;
+        this.clusterUrl = clusterUrl;
+        this.clusterCACertData = clusterCACertData;
     }
 
     public static PluginSettings fromJSON(String json) {
@@ -62,52 +77,45 @@ public static PluginSettings fromJSON(String json) {
 
     public Period getAutoRegisterPeriod() {
         if (this.autoRegisterPeriod == null) {
-            this.autoRegisterPeriod = new Period().withMinutes(Integer.parseInt(getAutoRegisterTimeout()));
+            this.autoRegisterPeriod = new Period().withMinutes(getAutoRegisterTimeout());
         }
         return this.autoRegisterPeriod;
     }
 
-    String getAutoRegisterTimeout() {
-        if (autoRegisterTimeout == null) {
-            autoRegisterTimeout = "10";
-        }
+    Integer getAutoRegisterTimeout() {
         return autoRegisterTimeout;
     }
 
-    public Integer getMaximumPendingAgentsCount() {
-        if (pendingPodsCount == null) {
-            pendingPodsCount = "10";
-        }
-
-        return Integer.valueOf(pendingPodsCount);
+    public Integer getMaxPendingPods() {
+        return Integer.valueOf(maxPendingPods);
     }
 
     public String getGoServerUrl() {
         return goServerUrl;
     }
 
-    public String getKubernetesClusterUrl() {
-        return kubernetesClusterUrl;
+    public AuthenticationStrategy getAuthenticationStrategy() {
+        return AuthenticationStrategy.from(authenticationStrategy);
     }
 
-    public String getKubernetesClusterCACert() {
-        return kubernetesClusterCACert;
+    public String getOauthToken() {
+        return oauthToken;
     }
 
-    public void setGoServerUrl(String goServerUrl) {
-        this.goServerUrl = goServerUrl;
+    public String getClusterUrl() {
+        return clusterUrl;
     }
 
-    public static PluginSettings fromEnv() {
-        final String goServerUrl = System.getenv(GO_SERVER_URL.key());
-        final String clusterUrl = System.getenv(CLUSTER_URL.key());
-        final String clusterCACert = System.getenv(CLUSTER_CA_CERT.key());
+    public String getCaCertData() {
+        return clusterCACertData;
+    }
 
-        if (StringUtils.isAnyBlank(goServerUrl, clusterUrl, clusterCACert)) {
-            return null;
-        }
+    public String getClientKeyData() {
+        return clientKeyData;
+    }
 
-        return new PluginSettings(goServerUrl, clusterUrl, clusterCACert);
+    public String getClientCertData() {
+        return clientCertData;
     }
 
     @Override
@@ -120,23 +128,30 @@ public boolean equals(Object o) {
         if (goServerUrl != null ? !goServerUrl.equals(that.goServerUrl) : that.goServerUrl != null) return false;
         if (autoRegisterTimeout != null ? !autoRegisterTimeout.equals(that.autoRegisterTimeout) : that.autoRegisterTimeout != null)
             return false;
-        if (pendingPodsCount != null ? !pendingPodsCount.equals(that.pendingPodsCount) : that.pendingPodsCount != null)
+        if (maxPendingPods != null ? !maxPendingPods.equals(that.maxPendingPods) : that.maxPendingPods != null)
+            return false;
+        if (authenticationStrategy != null ? !authenticationStrategy.equals(that.authenticationStrategy) : that.authenticationStrategy != null)
             return false;
-        if (kubernetesClusterUrl != null ? !kubernetesClusterUrl.equals(that.kubernetesClusterUrl) : that.kubernetesClusterUrl != null)
+        if (clusterUrl != null ? !clusterUrl.equals(that.clusterUrl) : that.clusterUrl != null) return false;
+        if (clusterCACertData != null ? !clusterCACertData.equals(that.clusterCACertData) : that.clusterCACertData != null)
             return false;
-        if (kubernetesClusterCACert != null ? !kubernetesClusterCACert.equals(that.kubernetesClusterCACert) : that.kubernetesClusterCACert != null)
+        if (oauthToken != null ? !oauthToken.equals(that.oauthToken) : that.oauthToken != null) return false;
+        if (clientKeyData != null ? !clientKeyData.equals(that.clientKeyData) : that.clientKeyData != null)
             return false;
-        return autoRegisterPeriod != null ? autoRegisterPeriod.equals(that.autoRegisterPeriod) : that.autoRegisterPeriod == null;
+        return clientCertData != null ? clientCertData.equals(that.clientCertData) : that.clientCertData == null;
     }
 
     @Override
     public int hashCode() {
         int result = goServerUrl != null ? goServerUrl.hashCode() : 0;
         result = 31 * result + (autoRegisterTimeout != null ? autoRegisterTimeout.hashCode() : 0);
-        result = 31 * result + (pendingPodsCount != null ? pendingPodsCount.hashCode() : 0);
-        result = 31 * result + (kubernetesClusterUrl != null ? kubernetesClusterUrl.hashCode() : 0);
-        result = 31 * result + (kubernetesClusterCACert != null ? kubernetesClusterCACert.hashCode() : 0);
-        result = 31 * result + (autoRegisterPeriod != null ? autoRegisterPeriod.hashCode() : 0);
+        result = 31 * result + (maxPendingPods != null ? maxPendingPods.hashCode() : 0);
+        result = 31 * result + (authenticationStrategy != null ? authenticationStrategy.hashCode() : 0);
+        result = 31 * result + (clusterUrl != null ? clusterUrl.hashCode() : 0);
+        result = 31 * result + (clusterCACertData != null ? clusterCACertData.hashCode() : 0);
+        result = 31 * result + (oauthToken != null ? oauthToken.hashCode() : 0);
+        result = 31 * result + (clientKeyData != null ? clientKeyData.hashCode() : 0);
+        result = 31 * result + (clientCertData != null ? clientCertData.hashCode() : 0);
         return result;
     }
 }

src/main/java/cd/go/contrib/elasticagent/executors/AgentStatusReportExecutor.java

@@ -39,7 +39,7 @@ public GoPluginApiResponse execute() throws Exception {
         String elasticAgentId = request.getElasticAgentId();
         JobIdentifier jobIdentifier = request.getJobIdentifier();
         LOG.info(String.format("[status-report] Generating status report for agent: %s with job: %s", elasticAgentId, jobIdentifier));
-        KubernetesClient client = factory.kubernetes(pluginRequest.getPluginSettings());
+        KubernetesClient client = factory.client(pluginRequest.getPluginSettings());
 
         try {
             Pod pod;

src/main/java/cd/go/contrib/elasticagent/executors/GetPluginConfigurationExecutor.java

@@ -17,10 +17,7 @@
 package cd.go.contrib.elasticagent.executors;
 
 import cd.go.contrib.elasticagent.RequestExecutor;
-import cd.go.contrib.elasticagent.model.Field;
-import cd.go.contrib.elasticagent.model.GoServerUrlField;
-import cd.go.contrib.elasticagent.model.PositiveNumberField;
-import cd.go.contrib.elasticagent.model.SecureURLField;
+import cd.go.contrib.elasticagent.model.*;
 import com.thoughtworks.go.plugin.api.response.DefaultGoPluginApiResponse;
 import com.thoughtworks.go.plugin.api.response.GoPluginApiResponse;
 
@@ -30,19 +27,27 @@
 import static cd.go.contrib.elasticagent.utils.Util.GSON;
 
 public class GetPluginConfigurationExecutor implements RequestExecutor {
-    public static final Field GO_SERVER_URL = new GoServerUrlField("go_server_url", "GoCD server URL", false, "0");
-    public static final Field AUTOREGISTER_TIMEOUT = new PositiveNumberField("auto_register_timeout", "Agent auto-register timeout (in minutes)", "10", true, false, "1");
-    public static final Field MAXIMUM_PENDING_PODS_COUNT = new PositiveNumberField("pending_pods_count", "Maximum pending pods", "10", true, false, "2");
-    public static final Field CLUSTER_URL = new SecureURLField("kubernetes_cluster_url", "Cluster URL", true, "3");
-    public static final Field CLUSTER_CA_CERT = new Field("kubernetes_cluster_ca_cert", "Cluster ca-certificate", null, true, true, "4");
     public static final Map<String, Field> FIELDS = new LinkedHashMap<>();
+    public static final Field GO_SERVER_URL = new GoServerUrlField("go_server_url", "GoCD server URL", false, "0");
+    public static final Field AUTO_REGISTER_TIMEOUT = new PositiveNumberField("auto_register_timeout", "Agent auto-register timeout (in minutes)", "10", false, false, "1");
+    public static final Field MAX_PENDING_PODS = new PositiveNumberField("pending_pods_count", "Maximum pending pods", "10", false, false, "2");
+    public static final Field AUTHENTICATION_STRATEGY = new NonBlankField("authentication_strategy", "Authentication strategy", false, "3");
+    public static final Field OAUTH_TOKEN = new Field("oauth_token", "Oauth token", null, false, true, "4");
+    public static final Field CLUSTER_URL = new SecureURLField("kubernetes_cluster_url", "Cluster URL", false, "5");
+    public static final Field CLUSTER_CA_CERT = new Field("kubernetes_cluster_ca_cert", "Cluster ca certificate", null, false, true, "6");
+    public static final Field CLIENT_KEY_DATA = new Field("client_key_data", "Client key data", null, false, true, "7");
+    public static final Field CLIENT_CERT_DATA = new Field("client_cert_data", "client cert data", null, false, true, "8");
 
     static {
         FIELDS.put(GO_SERVER_URL.key(), GO_SERVER_URL);
-        FIELDS.put(AUTOREGISTER_TIMEOUT.key(), AUTOREGISTER_TIMEOUT);
-        FIELDS.put(MAXIMUM_PENDING_PODS_COUNT.key(), MAXIMUM_PENDING_PODS_COUNT);
+        FIELDS.put(AUTO_REGISTER_TIMEOUT.key(), AUTO_REGISTER_TIMEOUT);
+        FIELDS.put(MAX_PENDING_PODS.key(), MAX_PENDING_PODS);
         FIELDS.put(CLUSTER_URL.key(), CLUSTER_URL);
         FIELDS.put(CLUSTER_CA_CERT.key(), CLUSTER_CA_CERT);
+        FIELDS.put(AUTHENTICATION_STRATEGY.key(), AUTHENTICATION_STRATEGY);
+        FIELDS.put(OAUTH_TOKEN.key(), OAUTH_TOKEN);
+        FIELDS.put(CLIENT_KEY_DATA.key(), CLIENT_KEY_DATA);
+        FIELDS.put(CLIENT_CERT_DATA.key(), CLIENT_CERT_DATA);
     }
 
     public GoPluginApiResponse execute() {

src/main/java/cd/go/contrib/elasticagent/executors/StatusReportExecutor.java

@@ -48,7 +48,7 @@ public StatusReportExecutor(PluginRequest pluginRequest, KubernetesClientFactory
 
     public GoPluginApiResponse execute() throws Exception {
         LOG.info("[status-report] Generating status report");
-        KubernetesClient client = factory.kubernetes(pluginRequest.getPluginSettings());
+        KubernetesClient client = factory.client(pluginRequest.getPluginSettings());
         final KubernetesCluster kubernetesCluster = new KubernetesCluster(client);
         final Template template = statusReportViewBuilder.getTemplate("status-report.template.ftlh");
         final String statusReportView = statusReportViewBuilder.build(template, kubernetesCluster);