Skip to content

Commit

Permalink
Add debug logs to KubernetesPersonalAccessTokenManager class (#655)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vinokurig
vinokurig authored Feb 20, 2024
1 parent f9f4c8e commit a691074
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 0 deletions.
4 changes: 4 additions & 0 deletions infrastructures/infrastructure-factory/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@
<groupId>org.eclipse.che.infrastructure</groupId>
<artifactId>infrastructure-kubernetes</artifactId>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
Expand Down
18 changes: 18 additions & 0 deletions ...g/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@
import org.eclipse.che.workspace.infrastructure.kubernetes.CheServerKubernetesClientFactory;
import org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta;
import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespaceFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/** Manages personal access token secrets used for private repositories authentication. */
@Singleton
Expand Down Expand Up @@ -74,6 +76,9 @@ public class KubernetesPersonalAccessTokenManager implements PersonalAccessToken
private final ScmPersonalAccessTokenFetcher scmPersonalAccessTokenFetcher;
private final GitCredentialManager gitCredentialManager;

private static final Logger LOG =
LoggerFactory.getLogger(KubernetesPersonalAccessTokenManager.class);

@Inject
public KubernetesPersonalAccessTokenManager(
KubernetesNamespaceFactory namespaceFactory,
Expand Down Expand Up @@ -171,24 +176,35 @@ private Optional<PersonalAccessToken> doGetPersonalAccessToken(
Subject cheUser, @Nullable String oAuthProviderName, @Nullable String scmServerUrl)
throws ScmConfigurationPersistenceException {
try {
LOG.debug(
"Fetching personal access token for user {} and OAuth provider {}",
cheUser.getUserId(),
oAuthProviderName);
for (KubernetesNamespaceMeta namespaceMeta : namespaceFactory.list()) {
List<Secret> secrets =
namespaceFactory
.access(null, namespaceMeta.getName())
.secrets()
.get(KUBERNETES_PERSONAL_ACCESS_TOKEN_LABEL_SELECTOR);
for (Secret secret : secrets) {
LOG.debug("Checking secret {}", secret.getMetadata().getName());
if (deleteSecretIfMisconfigured(secret)) {
LOG.debug("Secret {} is misconfigured and was deleted", secret.getMetadata().getName());
continue;
}

if (isSecretMatchesSearchCriteria(cheUser, oAuthProviderName, scmServerUrl, secret)) {
LOG.debug("Iterating over secret {}", secret.getMetadata().getName());
PersonalAccessTokenParams personalAccessTokenParams =
this.secret2PersonalAccessTokenParams(secret);
Optional<String> scmUsername =
scmPersonalAccessTokenFetcher.getScmUsername(personalAccessTokenParams);

if (scmUsername.isPresent()) {
LOG.debug(
"Creating personal access token for user {} and OAuth provider {}",
cheUser.getUserId(),
oAuthProviderName);
Map<String, String> secretAnnotations = secret.getMetadata().getAnnotations();

PersonalAccessToken personalAccessToken =
Expand All @@ -212,10 +228,12 @@ private Optional<PersonalAccessToken> doGetPersonalAccessToken(
.secrets()
.inNamespace(namespaceMeta.getName())
.delete(secret);
LOG.debug("Secret {} is misconfigured and was deleted", secret.getMetadata().getName());
}
}
}
} catch (InfrastructureException | UnknownScmProviderException e) {
LOG.debug("Failed to get personal access token", e);
throw new ScmConfigurationPersistenceException(e.getMessage(), e);
}
return Optional.empty();
Expand Down

0 comments on commit a691074

Please sign in to comment.