Merge pull request #22972 from wmz7year

* gh-22972:
  Polish "Support authentication to private Docker registry"
  Support authentication to private docker registry

Closes gh-22972

Author: scottfrederick

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/build/Builder.java

@@ -24,6 +24,7 @@
 import org.springframework.boot.buildpack.platform.docker.TotalProgressEvent;
 import org.springframework.boot.buildpack.platform.docker.TotalProgressPullListener;
 import org.springframework.boot.buildpack.platform.docker.UpdateListener;
+import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
 import org.springframework.boot.buildpack.platform.docker.transport.DockerEngineException;
 import org.springframework.boot.buildpack.platform.docker.type.Image;
 import org.springframework.boot.buildpack.platform.docker.type.ImageReference;
@@ -48,10 +49,18 @@ public Builder() {
 		this(BuildLog.toSystemOut());
 	}
 
+	public Builder(DockerConfiguration dockerConfiguration) {
+		this(BuildLog.toSystemOut(), dockerConfiguration);
+	}
+
 	public Builder(BuildLog log) {
 		this(log, new DockerApi());
 	}
 
+	public Builder(BuildLog log, DockerConfiguration dockerConfiguration) {
+		this(log, new DockerApi(dockerConfiguration));
+	}
+
 	Builder(BuildLog log, DockerApi docker) {
 		Assert.notNull(log, "Log must not be null");
 		this.log = log;

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/DockerApi.java

@@ -26,6 +26,7 @@
 
 import org.apache.http.client.utils.URIBuilder;
 
+import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
 import org.springframework.boot.buildpack.platform.docker.transport.HttpTransport;
 import org.springframework.boot.buildpack.platform.docker.transport.HttpTransport.Response;
 import org.springframework.boot.buildpack.platform.docker.type.ContainerConfig;
@@ -68,7 +69,15 @@ public class DockerApi {
 	 * Create a new {@link DockerApi} instance.
 	 */
 	public DockerApi() {
-		this(HttpTransport.create());
+		this(DockerConfiguration.withDefaults());
+	}
+
+	/**
+	 * Create a new {@link DockerApi} instance.
+	 * @param dockerConfiguration the Docker configuration options
+	 */
+	public DockerApi(DockerConfiguration dockerConfiguration) {
+		this(HttpTransport.create(dockerConfiguration));
 	}
 
 	/**

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerConfiguration.java

@@ -0,0 +1,56 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.buildpack.platform.docker.configuration;
+
+import org.springframework.util.Assert;
+
+/**
+ * Docker configuration options.
+ *
+ * @author Wei Jiang
+ * @author Scott Frederick
+ * @since 2.4.0
+ */
+public final class DockerConfiguration {
+
+	private final DockerRegistryAuthentication authentication;
+
+	private DockerConfiguration(DockerRegistryAuthentication authentication) {
+		this.authentication = authentication;
+	}
+
+	public DockerRegistryAuthentication getRegistryAuthentication() {
+		return this.authentication;
+	}
+
+	public static DockerConfiguration withDefaults() {
+		return new DockerConfiguration(null);
+	}
+
+	public static DockerConfiguration withRegistryTokenAuthentication(String token) {
+		Assert.notNull(token, "Token must not be null");
+		return new DockerConfiguration(new DockerRegistryTokenAuthentication(token));
+	}
+
+	public static DockerConfiguration withRegistryUserAuthentication(String username, String password, String url,
+			String email) {
+		Assert.notNull(username, "Username must not be null");
+		Assert.notNull(password, "Password must not be null");
+		return new DockerConfiguration(new DockerRegistryUserAuthentication(username, password, url, email));
+	}
+
+}

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerRegistryAuthentication.java

@@ -0,0 +1,41 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.buildpack.platform.docker.configuration;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+
+import org.springframework.boot.buildpack.platform.json.SharedObjectMapper;
+import org.springframework.util.Base64Utils;
+
+/**
+ * Docker registry authentication configuration.
+ *
+ * @author Scott Frederick
+ * @since 2.4.0
+ */
+public abstract class DockerRegistryAuthentication {
+
+	public String createAuthHeader() {
+		try {
+			return Base64Utils.encodeToUrlSafeString(SharedObjectMapper.get().writeValueAsBytes(this));
+		}
+		catch (JsonProcessingException ex) {
+			throw new IllegalStateException("Error creating Docker registry authentication header", ex);
+		}
+	}
+
+}

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerRegistryTokenAuthentication.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.buildpack.platform.docker.configuration;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+/**
+ * Docker registry authentication configuration using a token.
+ *
+ * @author Scott Frederick
+ */
+class DockerRegistryTokenAuthentication extends DockerRegistryAuthentication {
+
+	@JsonProperty("identitytoken")
+	private final String token;
+
+	DockerRegistryTokenAuthentication(String token) {
+		this.token = token;
+	}
+
+	String getToken() {
+		return this.token;
+	}
+
+}

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerRegistryUserAuthentication.java

@@ -0,0 +1,63 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.buildpack.platform.docker.configuration;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+/**
+ * Docker registry authentication configuration using user credentials.
+ *
+ * @author Scott Frederick
+ */
+class DockerRegistryUserAuthentication extends DockerRegistryAuthentication {
+
+	@JsonProperty
+	private final String username;
+
+	@JsonProperty
+	private final String password;
+
+	@JsonProperty("serveraddress")
+	private final String url;
+
+	@JsonProperty
+	private final String email;
+
+	DockerRegistryUserAuthentication(String username, String password, String url, String email) {
+		this.username = username;
+		this.password = password;
+		this.url = url;
+		this.email = email;
+	}
+
+	String getUsername() {
+		return this.username;
+	}
+
+	String getPassword() {
+		return this.password;
+	}
+
+	String getUrl() {
+		return this.url;
+	}
+
+	String getEmail() {
+		return this.email;
+	}
+
+}

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/package-info.java

@@ -0,0 +1,20 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Docker configuration options.
+ */
+package org.springframework.boot.buildpack.platform.docker.configuration;

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/transport/HttpClientTransport.java

@@ -36,10 +36,12 @@
 import org.apache.http.entity.AbstractHttpEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
 
+import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
 import org.springframework.boot.buildpack.platform.io.Content;
 import org.springframework.boot.buildpack.platform.io.IOConsumer;
 import org.springframework.boot.buildpack.platform.json.SharedObjectMapper;
 import org.springframework.util.Assert;
+import org.springframework.util.StringUtils;
 
 /**
  * Abstract base class for {@link HttpTransport} implementations backed by a
@@ -55,11 +57,14 @@ abstract class HttpClientTransport implements HttpTransport {
 
 	private final HttpHost host;
 
-	protected HttpClientTransport(CloseableHttpClient client, HttpHost host) {
+	private final String registryAuthHeader;
+
+	protected HttpClientTransport(CloseableHttpClient client, HttpHost host, DockerConfiguration dockerConfiguration) {
 		Assert.notNull(client, "Client must not be null");
 		Assert.notNull(host, "Host must not be null");
 		this.client = client;
 		this.host = host;
+		this.registryAuthHeader = buildRegistryAuthHeader(dockerConfiguration);
 	}
 
 	/**
@@ -116,6 +121,15 @@ public Response delete(URI uri) {
 		return execute(new HttpDelete(uri));
 	}
 
+	private String buildRegistryAuthHeader(DockerConfiguration dockerConfiguration) {
+		if (dockerConfiguration == null || dockerConfiguration.getRegistryAuthentication() == null) {
+			return null;
+		}
+
+		String authHeader = dockerConfiguration.getRegistryAuthentication().createAuthHeader();
+		return (StringUtils.hasText(authHeader)) ? authHeader : null;
+	}
+
 	private Response execute(HttpEntityEnclosingRequestBase request, String contentType,
 			IOConsumer<OutputStream> writer) {
 		request.setHeader(HttpHeaders.CONTENT_TYPE, contentType);
@@ -125,6 +139,9 @@ private Response execute(HttpEntityEnclosingRequestBase request, String contentT
 
 	private Response execute(HttpUriRequest request) {
 		try {
+			if (this.registryAuthHeader != null) {
+				request.addHeader("X-Registry-Auth", this.registryAuthHeader);
+			}
 			CloseableHttpResponse response = this.client.execute(this.host, request);
 			StatusLine statusLine = response.getStatusLine();
 			int statusCode = statusLine.getStatusCode();

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/transport/HttpTransport.java

@@ -22,6 +22,7 @@
 import java.io.OutputStream;
 import java.net.URI;
 
+import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
 import org.springframework.boot.buildpack.platform.io.IOConsumer;
 import org.springframework.boot.buildpack.platform.system.Environment;
 
@@ -84,7 +85,17 @@ public interface HttpTransport {
 	 * @return a {@link HttpTransport} instance
 	 */
 	static HttpTransport create() {
-		return create(Environment.SYSTEM);
+		return create(DockerConfiguration.withDefaults());
+	}
+
+	/**
+	 * Create the most suitable {@link HttpTransport} based on the
+	 * {@link Environment#SYSTEM system environment}.
+	 * @param dockerConfiguration the Docker engine configuration
+	 * @return a {@link HttpTransport} instance
+	 */
+	static HttpTransport create(DockerConfiguration dockerConfiguration) {
+		return create(Environment.SYSTEM, dockerConfiguration);
 	}
 
 	/**
@@ -94,8 +105,19 @@ static HttpTransport create() {
 	 * @return a {@link HttpTransport} instance
 	 */
 	static HttpTransport create(Environment environment) {
-		HttpTransport remote = RemoteHttpClientTransport.createIfPossible(environment);
-		return (remote != null) ? remote : LocalHttpClientTransport.create(environment);
+		return create(environment, DockerConfiguration.withDefaults());
+	}
+
+	/**
+	 * Create the most suitable {@link HttpTransport} based on the given
+	 * {@link Environment} and {@link DockerConfiguration}.
+	 * @param environment the source environment
+	 * @param dockerConfiguration the Docker engine configuration
+	 * @return a {@link HttpTransport} instance
+	 */
+	static HttpTransport create(Environment environment, DockerConfiguration dockerConfiguration) {
+		HttpTransport remote = RemoteHttpClientTransport.createIfPossible(environment, dockerConfiguration);
+		return (remote != null) ? remote : LocalHttpClientTransport.create(environment, dockerConfiguration);
 	}
 
 	/**