github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(stacks): pass the registry credentials to Compose stacks BE-11388 (#147) 

Co-authored-by: andres-portainer <andres-portainer@users.noreply.github.com>
release/2.25.0
andres-portainer 2024-11-17 16:39:13 -03:00 committed by GitHub
parent 1a39370f5b
commit c59872553a
6 changed files with 57 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
api/exec/compose_stack.go
View File

@ -14,6 +14,7 @@ import (
"github.com/portainer/portainer/api/stacks/stackutils" "github.com/portainer/portainer/api/stacks/stackutils"
"github.com/portainer/portainer/pkg/libstack" "github.com/portainer/portainer/pkg/libstack"
"github.com/docker/cli/cli/config/types"
"github.com/pkg/errors" "github.com/pkg/errors"
) )
@ -25,7 +26,6 @@ type ComposeStackManager struct {
// NewComposeStackManager returns a docker-compose wrapper if corresponding binary present, otherwise nil // NewComposeStackManager returns a docker-compose wrapper if corresponding binary present, otherwise nil
func NewComposeStackManager(deployer libstack.Deployer, proxyManager *proxy.Manager) (*ComposeStackManager, error) { func NewComposeStackManager(deployer libstack.Deployer, proxyManager *proxy.Manager) (*ComposeStackManager, error) {
return &ComposeStackManager{ return &ComposeStackManager{
deployer: deployer, deployer: deployer,
proxyManager: proxyManager, proxyManager: proxyManager,
@ -60,6 +60,7 @@ func (manager *ComposeStackManager) Up(ctx context.Context, stack *portainer.Sta
EnvFilePath: envFilePath, EnvFilePath: envFilePath,
Host: url, Host: url,
ProjectName: stack.Name, ProjectName: stack.Name,
Registries: portainerRegistriesToAuthConfigs(options.Registries),
}, },
ForceRecreate: options.ForceRecreate, ForceRecreate: options.ForceRecreate,
AbortOnContainerExit: options.AbortOnContainerExit, AbortOnContainerExit: options.AbortOnContainerExit,
@ -90,6 +91,7 @@ func (manager *ComposeStackManager) Run(ctx context.Context, stack *portainer.St
EnvFilePath: envFilePath, EnvFilePath: envFilePath,
Host: url, Host: url,
ProjectName: stack.Name, ProjectName: stack.Name,
Registries: portainerRegistriesToAuthConfigs(options.Registries),
}, },
Remove: options.Remove, Remove: options.Remove,
Args: options.Args, Args: options.Args,
@ -103,8 +105,7 @@ func (manager *ComposeStackManager) Down(ctx context.Context, stack *portainer.S
url, proxy, err := manager.fetchEndpointProxy(endpoint) url, proxy, err := manager.fetchEndpointProxy(endpoint)
if err != nil { if err != nil {
return err return err
} } else if proxy != nil {
if proxy != nil {
defer proxy.Close() defer proxy.Close()
} }
@ -120,12 +121,11 @@ func (manager *ComposeStackManager) Down(ctx context.Context, stack *portainer.S
// Pull an image associated with a service defined in a docker-compose.yml or docker-stack.yml file, // Pull an image associated with a service defined in a docker-compose.yml or docker-stack.yml file,
// but does not start containers based on those images. // but does not start containers based on those images.
func (manager *ComposeStackManager) Pull(ctx context.Context, stack *portainer.Stack, endpoint *portainer.Endpoint) error { func (manager *ComposeStackManager) Pull(ctx context.Context, stack *portainer.Stack, endpoint *portainer.Endpoint, options portainer.ComposeOptions) error {
url, proxy, err := manager.fetchEndpointProxy(endpoint) url, proxy, err := manager.fetchEndpointProxy(endpoint)
if err != nil { if err != nil {
return err return err
} } else if proxy != nil {
if proxy != nil {
defer proxy.Close() defer proxy.Close()
} }
@ -140,6 +140,7 @@ func (manager *ComposeStackManager) Pull(ctx context.Context, stack *portainer.S
EnvFilePath: envFilePath, EnvFilePath: envFilePath,
Host: url, Host: url,
ProjectName: stack.Name, ProjectName: stack.Name,
Registries: portainerRegistriesToAuthConfigs(options.Registries),
}) })
return errors.Wrap(err, "failed to pull images of the stack") return errors.Wrap(err, "failed to pull images of the stack")
} }
@ -178,12 +179,12 @@ func createEnvFile(stack *portainer.Stack) (string, error) {
// Copy from default .env file // Copy from default .env file
defaultEnvPath := path.Join(stack.ProjectPath, path.Dir(stack.EntryPoint), ".env") defaultEnvPath := path.Join(stack.ProjectPath, path.Dir(stack.EntryPoint), ".env")
if err = copyDefaultEnvFile(envfile, defaultEnvPath); err != nil { if err := copyDefaultEnvFile(envfile, defaultEnvPath); err != nil {
return "", err return "", err
} }
// Copy from stack env vars // Copy from stack env vars
if err = copyConfigEnvVars(envfile, stack.Env); err != nil { if err := copyConfigEnvVars(envfile, stack.Env); err != nil {
return "", err return "", err
} }
@ -219,3 +220,17 @@ func copyConfigEnvVars(w io.Writer, envs []portainer.Pair) error {
} }
return nil return nil
} }
func portainerRegistriesToAuthConfigs(registries []portainer.Registry) []types.AuthConfig {
var authConfigs []types.AuthConfig
for _, r := range registries {
authConfigs = append(authConfigs, types.AuthConfig{
Username: r.Username,
Password: r.Password,
ServerAddress: r.URL,
})
}
return authConfigs
}

27
api/exec/swarm_stack.go
View File

@ -46,8 +46,7 @@ func NewSwarmStackManager(
dataStore: datastore, dataStore: datastore,
} }
err := manager.updateDockerCLIConfiguration(manager.configPath) if err := manager.updateDockerCLIConfiguration(manager.configPath); err != nil {
if err != nil {
return nil, err return nil, err
} }
@ -63,10 +62,8 @@ func (manager *SwarmStackManager) Login(registries []portainer.Registry, endpoin
for _, registry := range registries { for _, registry := range registries {
if registry.Authentication { if registry.Authentication {
err = registryutils.EnsureRegTokenValid(manager.dataStore, &registry) if err := registryutils.EnsureRegTokenValid(manager.dataStore, &registry); err != nil {
if err != nil { log.Warn().
log.
Warn().
Err(err). Err(err).
Str("RegistryName", registry.Name). Str("RegistryName", registry.Name).
Msg("Failed to validate registry token. Skip logging with this registry.") Msg("Failed to validate registry token. Skip logging with this registry.")
@ -76,8 +73,7 @@ func (manager *SwarmStackManager) Login(registries []portainer.Registry, endpoin
username, password, err := registryutils.GetRegEffectiveCredential(&registry) username, password, err := registryutils.GetRegEffectiveCredential(&registry)
if err != nil { if err != nil {
log. log.Warn().
Warn().
Err(err). Err(err).
Str("RegistryName", registry.Name). Str("RegistryName", registry.Name).
Msg("Failed to get effective credential. Skip logging with this registry.") Msg("Failed to get effective credential. Skip logging with this registry.")
@ -86,10 +82,8 @@ func (manager *SwarmStackManager) Login(registries []portainer.Registry, endpoin
} }
registryArgs := append(args, "login", "--username", username, "--password", password, registry.URL) registryArgs := append(args, "login", "--username", username, "--password", password, registry.URL)
err = runCommandAndCaptureStdErr(command, registryArgs, nil, "") if err := runCommandAndCaptureStdErr(command, registryArgs, nil, ""); err != nil {
if err != nil { log.Warn().
log.
Warn().
Err(err). Err(err).
Str("RegistryName", registry.Name). Str("RegistryName", registry.Name).
Msg("Failed to login.") Msg("Failed to login.")
@ -155,6 +149,7 @@ func (manager *SwarmStackManager) Remove(stack *portainer.Stack, endpoint *porta
func runCommandAndCaptureStdErr(command string, args []string, env []string, workingDir string) error { func runCommandAndCaptureStdErr(command string, args []string, env []string, workingDir string) error {
var stderr bytes.Buffer var stderr bytes.Buffer
cmd := exec.Command(command, args...) cmd := exec.Command(command, args...)
cmd.Stderr = &stderr cmd.Stderr = &stderr
@ -167,8 +162,7 @@ func runCommandAndCaptureStdErr(command string, args []string, env []string, wor
cmd.Env = append(cmd.Env, env...) cmd.Env = append(cmd.Env, env...)
} }
err := cmd.Run() if err := cmd.Run(); err != nil {
if err != nil {
return errors.New(stderr.String()) return errors.New(stderr.String())
} }
@ -192,6 +186,7 @@ func (manager *SwarmStackManager) prepareDockerCommandAndArgs(binaryPath, config
if err != nil { if err != nil {
return "", nil, err return "", nil, err
} }
endpointURL = "tcp://" + tunnelAddr endpointURL = "tcp://" + tunnelAddr
} }
@ -216,6 +211,7 @@ func (manager *SwarmStackManager) prepareDockerCommandAndArgs(binaryPath, config
func (manager *SwarmStackManager) updateDockerCLIConfiguration(configPath string) error { func (manager *SwarmStackManager) updateDockerCLIConfiguration(configPath string) error {
configFilePath := path.Join(configPath, "config.json") configFilePath := path.Join(configPath, "config.json")
config, err := manager.retrieveConfigurationFromDisk(configFilePath) config, err := manager.retrieveConfigurationFromDisk(configFilePath)
if err != nil { if err != nil {
return err return err
@ -246,8 +242,7 @@ func (manager *SwarmStackManager) retrieveConfigurationFromDisk(path string) (ma
return make(map[string]any), nil return make(map[string]any), nil
} }
err = json.Unmarshal(raw, &config) if err := json.Unmarshal(raw, &config); err != nil {
if err != nil {
return nil, err return nil, err
} }

4
api/internal/testhelpers/compose_stack_manager.go
View File

@ -6,6 +6,8 @@ import (
portainer "github.com/portainer/portainer/api" portainer "github.com/portainer/portainer/api"
) )
var _ portainer.ComposeStackManager = &composeStackManager{}
type composeStackManager struct{} type composeStackManager struct{}
func NewComposeStackManager() *composeStackManager { func NewComposeStackManager() *composeStackManager {
@ -31,6 +33,6 @@ func (manager *composeStackManager) Down(ctx context.Context, stack *portainer.S
return nil return nil
} }
func (manager *composeStackManager) Pull(ctx context.Context, stack *portainer.Stack, endpoint *portainer.Endpoint) error { func (manager *composeStackManager) Pull(ctx context.Context, stack *portainer.Stack, endpoint *portainer.Endpoint, options portainer.ComposeOptions) error {
return nil return nil
} }

10
api/portainer.go
View File

@ -1367,7 +1367,13 @@ type (
ValidateFlags(flags *CLIFlags) error ValidateFlags(flags *CLIFlags) error
} }
ComposeOptions struct {
Registries []Registry
}
ComposeUpOptions struct { ComposeUpOptions struct {
ComposeOptions
// ForceRecreate forces to recreate containers // ForceRecreate forces to recreate containers
ForceRecreate bool ForceRecreate bool
// AbortOnContainerExit will stop the deployment if a container exits. // AbortOnContainerExit will stop the deployment if a container exits.
@ -1379,6 +1385,8 @@ type (
} }
ComposeRunOptions struct { ComposeRunOptions struct {
ComposeOptions
// Remove will remove the container after it has stopped // Remove will remove the container after it has stopped
Remove bool Remove bool
// Args are the arguments to pass to the container // Args are the arguments to pass to the container
@ -1394,7 +1402,7 @@ type (
Run(ctx context.Context, stack *Stack, endpoint *Endpoint, serviceName string, options ComposeRunOptions) error Run(ctx context.Context, stack *Stack, endpoint *Endpoint, serviceName string, options ComposeRunOptions) error
Up(ctx context.Context, stack *Stack, endpoint *Endpoint, options ComposeUpOptions) error Up(ctx context.Context, stack *Stack, endpoint *Endpoint, options ComposeUpOptions) error
Down(ctx context.Context, stack *Stack, endpoint *Endpoint) error Down(ctx context.Context, stack *Stack, endpoint *Endpoint) error
Pull(ctx context.Context, stack *Stack, endpoint *Endpoint) error Pull(ctx context.Context, stack *Stack, endpoint *Endpoint, options ComposeOptions) error
} }
// CryptoService represents a service for encrypting/hashing data // CryptoService represents a service for encrypting/hashing data

18
api/stacks/deployments/deployer.go
View File

@ -58,23 +58,25 @@ func (d *stackDeployer) DeployComposeStack(stack *portainer.Stack, endpoint *por
d.lock.Lock() d.lock.Lock()
defer d.lock.Unlock() defer d.lock.Unlock()
d.swarmStackManager.Login(registries, endpoint) options := portainer.ComposeOptions{Registries: registries}
defer d.swarmStackManager.Logout(endpoint)
// --force-recreate doesn't pull updated images // --force-recreate doesn't pull updated images
if forcePullImage { if forcePullImage {
if err := d.composeStackManager.Pull(context.TODO(), stack, endpoint); err != nil { if err := d.composeStackManager.Pull(context.TODO(), stack, endpoint, options); err != nil {
return err return err
} }
} }
err := d.composeStackManager.Up(context.TODO(), stack, endpoint, portainer.ComposeUpOptions{ if err := d.composeStackManager.Up(context.TODO(), stack, endpoint, portainer.ComposeUpOptions{
ForceRecreate: forceRecreate, ComposeOptions: options,
}) ForceRecreate: forceRecreate,
if err != nil { }); err != nil {
d.composeStackManager.Down(context.TODO(), stack, endpoint) d.composeStackManager.Down(context.TODO(), stack, endpoint)
return err
} }
return err
return nil
} }
func (d *stackDeployer) DeployKubernetesStack(stack *portainer.Stack, endpoint *portainer.Endpoint, user *portainer.User) error { func (d *stackDeployer) DeployKubernetesStack(stack *portainer.Stack, endpoint *portainer.Endpoint, user *portainer.User) error {

3
api/stacks/deployments/deployer_remote.go
View File

@ -59,8 +59,7 @@ func (d *stackDeployer) DeployRemoteComposeStack(
// --force-recreate doesn't pull updated images // --force-recreate doesn't pull updated images
if forcePullImage { if forcePullImage {
err := d.composeStackManager.Pull(context.TODO(), stack, endpoint) if err := d.composeStackManager.Pull(context.TODO(), stack, endpoint, portainer.ComposeOptions{}); err != nil {
if err != nil {
return err return err
} }
} }