search

fabric8io / docker-maven-plugin

Maven plugin for running and creating Docker images
https://dmp.fabric8.io
Apache License 2.0
1.88k stars 643 forks source link

Add support for AWS SDK 2.x extended-authentication, as 1.x is reaching its end of life. #1817

Open WillCodeForEver opened 2 months ago

WillCodeForEver commented 2 months ago

Description

Please consider adding support for AWS SDK 2.0 in the extended-authentication option of the plugin. AWS 1.x is reaching its end of life on Dec 31st 2024, we attempted to upgrade to AWS SDK 2.0 and got everything working EXCEPT fabric8io maven plugin which publishes our Docker images to ECR, it fails with "no basic authentication" found.

AWS SDK 2.0 has a migration guide and specifically calls out Credential related classes here: https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/migration-client-credentials.html

Looking through the fabric8 maven plugin code, i can see that the code is attempting to create instances of the relevant classes by their fully qualified package name here: https://github.com/fabric8io/docker-maven-plugin/blob/master/src/main/java/io/fabric8/maven/docker/util/aws/AwsSdkAuthConfigFactory.java

It seems like support can be added to look for AWS SDK 1.x and 2.x credential related class and support both moving forward.

Info

our full plugin config: (this works with 1.x but if we specify 2.x core lib it fails)

        <!-- docker-maven-plugin -->
        <plugin>
          <!-- https://dmp.fabric8.io/ -->
          <groupId>io.fabric8</groupId>
          <artifactId>docker-maven-plugin</artifactId>
          <version>${io.fabric8.version}</version>
          <configuration>
            <imagePullPolicy>always</imagePullPolicy>
            <logStdout>true</logStdout>
            <verbose>true</verbose>
            <saveFile>${project.build.directory}/application-image.tar</saveFile>
            <images>
              <image>
                <registry>${aws.ecr.host}</registry>
                <name>${aws.ecr.repository}:${git.commit.id.abbrev}</name>
                <build>
                  <dockerFile>${project.basedir}/Dockerfile</dockerFile>
                  <filter>false</filter>
                  <network>host</network>
                  <tags>
                    <tag>latest</tag>
                  </tags>
                  <args>
                    <artifactId>${project.artifactId}</artifactId>
                    <artifactVersion>${project.version}</artifactVersion>
                  </args>
                  <buildOptions>
                    <platform>linux/amd64</platform>
                  </buildOptions>
                  <createImageOptions>
                    <platform>linux/amd64</platform>
                  </createImageOptions>
                  <assembly>
                    <name>artifacts</name>
                    <tarLongFileMode>posix</tarLongFileMode>
                    <inline>
                      <!-- Schema: https://maven.apache.org/plugins/maven-assembly-plugin/assembly.html -->
                      <files>
                        <file>
                          <!-- include the application -->
                          <source>
                            ${project.build.directory}/${project.artifactId}-${project.version}.jar
                          </source>
                        </file>
                      </files>
                    </inline>
                  </assembly>
                </build>
              </image>
            </images>
          </configuration>
          <dependencies>
            <dependency>
              <!-- Adding the AWS SDK as a dependency enables all options from the  -->
              <!-- AWS Default Credential Provider Chain for authenticating to ECR. -->
              <!-- See https://dmp.fabric8.io/#extended-authentication for details. -->
              <groupId>com.amazonaws</groupId>
              <artifactId>aws-java-sdk-core</artifactId>
              <version>${aws.java.sdk.core.version}</version>
            </dependency>
          </dependencies>
          <executions>
            <execution>
              <id>build-fargate-image</id>
              <goals>
                <goal>build</goal>
              </goals>
              <phase>package</phase>
            </execution>
            <execution>
              <id>push-fargate-image</id>
              <goals>
                <goal>push</goal>
              </goals>
              <phase>deploy</phase>
            </execution>
          </executions>
        </plugin>

Specifying 2.x dependency gets ignored and ECR publishing fails.

...
          </configuration>
          <dependencies>
            <dependency>
              <!-- Adding the AWS SDK as a dependency enables all options from the  -->
              <!-- AWS Default Credential Provider Chain for authenticating to ECR. -->
              <!-- See https://dmp.fabric8.io/#extended-authentication for details. -->
              <groupId>software.amazon.awssdk</groupId>
              <artifactId>sdk-core</artifactId>
              <version>${software.amazon.awssdk}</version>
            </dependency>
          </dependencies>
          <executions>
    ...
rohanKanojia commented 2 months ago

@WillCodeForEver : Do you have access to AWS registry to test this ? Would it be possible for you to contribute 2.x support to the plugin?

WillCodeForEver commented 2 months ago

@rohanKanojia i took a stab at a patch and was able to test it locally and push to ECR. Unit tests pass, but i can't push my local branch to remote to create a PR. 

ERROR: Permission to fabric8io/docker-maven-plugin.git denied to <my username>
fatal: Could not read from remote repository.