Support authentication to private docker registry

This commit adds the ability to configure Docker image registry
authentication credentials in the Maven and Gradle plugins. The
authentication credentials are passed to the Docker daemon with
all daemon API calls, and the daemon forwards the credentials to the
image registry when necessary. This makes it possible to use
builder and run images stored in a private Docker registry.

See gh-22972

Author: maxjiang153

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/build/Builder.java

@@ -24,6 +24,7 @@
 import org.springframework.boot.buildpack.platform.docker.TotalProgressEvent;
 import org.springframework.boot.buildpack.platform.docker.TotalProgressPullListener;
 import org.springframework.boot.buildpack.platform.docker.UpdateListener;
+import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
 import org.springframework.boot.buildpack.platform.docker.transport.DockerEngineException;
 import org.springframework.boot.buildpack.platform.docker.type.Image;
 import org.springframework.boot.buildpack.platform.docker.type.ImageReference;
@@ -48,8 +49,16 @@ public Builder() {
 		this(BuildLog.toSystemOut());
 	}
 
+	public Builder(DockerConfiguration dockerConfiguration) {
+		this(BuildLog.toSystemOut(), dockerConfiguration);
+	}
+
 	public Builder(BuildLog log) {
-		this(log, new DockerApi());
+		this(log, new DockerApi(new DockerConfiguration()));
+	}
+
+	public Builder(BuildLog log, DockerConfiguration dockerConfiguration) {
+		this(log, new DockerApi(dockerConfiguration));
 	}
 
 	Builder(BuildLog log, DockerApi docker) {

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/DockerApi.java

@@ -24,8 +24,12 @@
 import java.util.Collections;
 import java.util.List;
 
+import org.apache.http.Header;
 import org.apache.http.client.utils.URIBuilder;
+import org.apache.http.message.BasicHeader;
 
+import org.springframework.boot.buildpack.platform.docker.configuration.DockerConfiguration;
+import org.springframework.boot.buildpack.platform.docker.configuration.DockerRegistryConfiguration;
 import org.springframework.boot.buildpack.platform.docker.transport.HttpTransport;
 import org.springframework.boot.buildpack.platform.docker.transport.HttpTransport.Response;
 import org.springframework.boot.buildpack.platform.docker.type.ContainerConfig;
@@ -68,7 +72,15 @@ public class DockerApi {
 	 * Create a new {@link DockerApi} instance.
 	 */
 	public DockerApi() {
-		this(HttpTransport.create());
+		this(new DockerConfiguration());
+	}
+
+	/**
+	 * Create a new {@link DockerApi} instance.
+	 * @param dockerConfiguration the Docker configuration options.
+	 */
+	public DockerApi(DockerConfiguration dockerConfiguration) {
+		this(HttpTransport.create(createDockerEngineAuthenticationHeaders(dockerConfiguration)));
 	}
 
 	/**
@@ -84,6 +96,22 @@ public DockerApi() {
 		this.volume = new VolumeApi();
 	}
 
+	static Collection<Header> createDockerEngineAuthenticationHeaders(DockerConfiguration dockerConfiguration) {
+		Assert.notNull(dockerConfiguration, "Docker configuration must not be null");
+
+		DockerRegistryConfiguration dockerRegistryConfiguration = dockerConfiguration.getDockerRegistryConfiguration();
+		if (dockerRegistryConfiguration == null) {
+			return Collections.emptyList();
+		}
+
+		String dockerRegistryAuthToken = dockerRegistryConfiguration.createDockerRegistryAuthToken();
+		if (StringUtils.isEmpty(dockerRegistryAuthToken)) {
+			return Collections.emptyList();
+		}
+
+		return Arrays.asList(new BasicHeader("X-Registry-Auth", dockerRegistryAuthToken));
+	}
+
 	private HttpTransport http() {
 		return this.http;
 	}

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerConfiguration.java

@@ -0,0 +1,49 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.buildpack.platform.docker.configuration;
+
+/**
+ * Docker configuration options.
+ *
+ * @author Wei Jiang
+ * @since 2.4.0
+ */
+public class DockerConfiguration {
+
+	/**
+	 * The docker registry configuration.
+	 */
+	private DockerRegistryConfiguration dockerRegistryConfiguration;
+
+	public DockerConfiguration() {
+		super();
+	}
+
+	public DockerConfiguration(DockerRegistryConfiguration dockerRegistryConfiguration) {
+		super();
+		this.dockerRegistryConfiguration = dockerRegistryConfiguration;
+	}
+
+	public DockerRegistryConfiguration getDockerRegistryConfiguration() {
+		return this.dockerRegistryConfiguration;
+	}
+
+	public void setDockerRegistryConfiguration(DockerRegistryConfiguration dockerRegistryConfiguration) {
+		this.dockerRegistryConfiguration = dockerRegistryConfiguration;
+	}
+
+}

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerRegistryConfiguration.java

@@ -0,0 +1,129 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.buildpack.platform.docker.configuration;
+
+import java.io.IOException;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import org.springframework.boot.buildpack.platform.json.SharedObjectMapper;
+import org.springframework.util.Base64Utils;
+import org.springframework.util.StringUtils;
+
+/**
+ * Docker registry configuration options.
+ *
+ * @author Wei Jiang
+ * @since 2.4.0
+ */
+public class DockerRegistryConfiguration {
+
+	/**
+	 * Docker registry server address.
+	 */
+	@JsonProperty("serveraddress")
+	private String url;
+
+	/**
+	 * Docker registry authentication username.
+	 */
+	private String username;
+
+	/**
+	 * Docker registry authentication password.
+	 */
+	private String password;
+
+	/**
+	 * Docker registry authentication email.
+	 */
+	private String email;
+
+	/**
+	 * Docker registry authentication identity token.
+	 */
+	@JsonIgnore
+	private String token;
+
+	public DockerRegistryConfiguration() {
+		super();
+	}
+
+	public DockerRegistryConfiguration(String url, String username, String password, String email, String token) {
+		super();
+		this.url = url;
+		this.username = username;
+		this.password = password;
+		this.email = email;
+		this.token = token;
+	}
+
+	public String createDockerRegistryAuthToken() {
+		if (!StringUtils.isEmpty(this.getToken())) {
+			return this.getToken();
+		}
+
+		try {
+			return Base64Utils.encodeToString(SharedObjectMapper.get().writeValueAsBytes(this));
+		}
+		catch (IOException ex) {
+			throw new IllegalStateException("create docker registry authentication token failed.", ex);
+		}
+	}
+
+	public String getUrl() {
+		return this.url;
+	}
+
+	public void setUrl(String url) {
+		this.url = url;
+	}
+
+	public String getUsername() {
+		return this.username;
+	}
+
+	public void setUsername(String username) {
+		this.username = username;
+	}
+
+	public String getPassword() {
+		return this.password;
+	}
+
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	public String getEmail() {
+		return this.email;
+	}
+
+	public void setEmail(String email) {
+		this.email = email;
+	}
+
+	public String getToken() {
+		return this.token;
+	}
+
+	public void setToken(String token) {
+		this.token = token;
+	}
+
+}

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/package-info.java

@@ -0,0 +1,20 @@
+/*
+ * Copyright 2012-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Docker configuration options.
+ */
+package org.springframework.boot.buildpack.platform.docker.configuration;

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/transport/HttpTransport.java

@@ -21,6 +21,10 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.URI;
+import java.util.Collection;
+import java.util.Collections;
+
+import org.apache.http.Header;
 
 import org.springframework.boot.buildpack.platform.io.IOConsumer;
 import org.springframework.boot.buildpack.platform.system.Environment;
@@ -84,7 +88,17 @@ public interface HttpTransport {
 	 * @return a {@link HttpTransport} instance
 	 */
 	static HttpTransport create() {
-		return create(Environment.SYSTEM);
+		return create(Collections.emptyList());
+	}
+
+	/**
+	 * Create the most suitable {@link HttpTransport} based on the
+	 * {@link Environment#SYSTEM system environment}.
+	 * @param dockerEngineAuthenticationHeaders authentication headerS for Docker engine.
+	 * @return a {@link HttpTransport} instance
+	 */
+	static HttpTransport create(Collection<Header> dockerEngineAuthenticationHeaders) {
+		return create(Environment.SYSTEM, dockerEngineAuthenticationHeaders);
 	}
 
 	/**
@@ -94,8 +108,21 @@ static HttpTransport create() {
 	 * @return a {@link HttpTransport} instance
 	 */
 	static HttpTransport create(Environment environment) {
-		HttpTransport remote = RemoteHttpClientTransport.createIfPossible(environment);
-		return (remote != null) ? remote : LocalHttpClientTransport.create(environment);
+		return create(environment, Collections.emptyList());
+	}
+
+	/**
+	 * Create the most suitable {@link HttpTransport} based on the given
+	 * {@link Environment}.
+	 * @param environment the source environment
+	 * @param dockerEngineAuthenticationHeaders authentication headerS for Docker engine.
+	 * @return a {@link HttpTransport} instance
+	 */
+	static HttpTransport create(Environment environment, Collection<Header> dockerEngineAuthenticationHeaders) {
+		HttpTransport remote = RemoteHttpClientTransport.createIfPossible(environment,
+				dockerEngineAuthenticationHeaders);
+		return (remote != null) ? remote
+				: LocalHttpClientTransport.create(environment, dockerEngineAuthenticationHeaders);
 	}
 
 	/**

spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/transport/LocalHttpClientTransport.java

@@ -21,8 +21,10 @@
 import java.net.InetSocketAddress;
 import java.net.Socket;
 import java.net.UnknownHostException;
+import java.util.Collection;
 
 import com.sun.jna.Platform;
+import org.apache.http.Header;
 import org.apache.http.HttpHost;
 import org.apache.http.config.Registry;
 import org.apache.http.config.RegistryBuilder;
@@ -41,6 +43,7 @@
 import org.springframework.boot.buildpack.platform.socket.DomainSocket;
 import org.springframework.boot.buildpack.platform.socket.NamedPipeSocket;
 import org.springframework.boot.buildpack.platform.system.Environment;
+import org.springframework.util.CollectionUtils;
 
 /**
  * {@link HttpClientTransport} that talks to local Docker.
@@ -60,10 +63,14 @@ private LocalHttpClientTransport(CloseableHttpClient client) {
 		super(client, LOCAL_DOCKER_HOST);
 	}
 
-	static LocalHttpClientTransport create(Environment environment) {
+	static LocalHttpClientTransport create(Environment environment,
+			Collection<Header> dockerEngineAuthenticationHeaders) {
 		HttpClientBuilder builder = HttpClients.custom();
 		builder.setConnectionManager(new LocalConnectionManager(socketFilePath(environment)));
 		builder.setSchemePortResolver(new LocalSchemePortResolver());
+		if (!CollectionUtils.isEmpty(dockerEngineAuthenticationHeaders)) {
+			builder.setDefaultHeaders(dockerEngineAuthenticationHeaders);
+		}
 		return new LocalHttpClientTransport(builder.build());
 	}