Merge pull request #1301 from Vlatombe/serverCertificateKey

Vlatombe · web-flow · commit 43e9e4931ccb · 2023-01-26T15:12:12.000+01:00
diff --git a/src/main/java/org/csanchez/jenkins/plugins/kubernetes/KubernetesFactoryAdapter.java b/src/main/java/org/csanchez/jenkins/plugins/kubernetes/KubernetesFactoryAdapter.java
@@ -1,6 +1,7 @@
 package org.csanchez.jenkins.plugins.kubernetes;
 
 
+import hudson.Util;
 import io.fabric8.kubernetes.client.KubernetesClientBuilder;
 import java.util.Base64;
 import java.util.Collections;
@@ -76,7 +77,7 @@ public KubernetesFactoryAdapter(String serviceAddress, String namespace, @CheckF
                                     @CheckForNull String credentialsId, boolean skipTlsVerify, int connectTimeout, int readTimeout, int maxRequestsPerHost, boolean useJenkinsProxy) throws KubernetesAuthException {
         this.serviceAddress = serviceAddress;
         this.namespace = namespace;
-        this.caCertData = caCertData;
+        this.caCertData = decodeBase64IfNeeded(caCertData);
         this.auth = AuthenticationTokens.convert(KubernetesAuth.class, resolveCredentials(credentialsId));
         this.skipTlsVerify = skipTlsVerify;
         this.connectTimeout = connectTimeout;
@@ -85,6 +86,19 @@ public KubernetesFactoryAdapter(String serviceAddress, String namespace, @CheckF
         this.useJenkinsProxy = useJenkinsProxy;
     }
 
+    private static String decodeBase64IfNeeded(String caCertData) {
+        if (Util.fixEmpty(caCertData) != null) {
+            try {
+                // Decode Base64 if needed
+                byte[] decode = Base64.getDecoder().decode(caCertData.getBytes(UTF_8));
+                return new String(decode, UTF_8);
+            } catch (IllegalArgumentException e) {
+                return caCertData;
+            }
+        }
+        return caCertData;
+    }
+
     public KubernetesClient createClient() throws KubernetesAuthException {
 
         ConfigBuilder builder;
diff --git a/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-serverCertificate.html b/src/main/resources/org/csanchez/jenkins/plugins/kubernetes/KubernetesCloud/help-serverCertificate.html
@@ -1,3 +1,3 @@
 <div>
-    X509 PEM encoded certificate
-</div>
+    X509 PEM encoded certificate. Can be additionally base64 encoded (as provided by Amazon EKS).
+</div>

-Original file line number
+Diff line change
@@ @@ -1,3 +1,3 @@ @@
 <div>
 -    X509 PEM encoded certificate
 -</div>
 +    X509 PEM encoded certificate. Can be additionally base64 encoded (as provided by Amazon EKS).
 +</div>