[1.20] backport host auth and fix springboot template (#3301)

* Clean up auth for host builder (#3298)

Signed-off-by: Matej Vašek <[email protected]>

* springboot template fix

* test upstream ci (#3200)

---------

Signed-off-by: Matej Vašek <[email protected]>
Co-authored-by: Matej Vašek <[email protected]>

Author: gauron99

.github/workflows/test-e2e-oncluster-runtime.yaml

@@ -12,6 +12,15 @@ jobs:
         func_builder: ["pack", "s2i"]
     runs-on: ${{ matrix.os }}
     steps:
+      - name: Cleanup space
+        run: |
+          df -h
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          docker system prune -af
+          df -h
       - name: Set Environment Variables
         run: |
           echo "KUBECONFIG=${{ github.workspace }}/hack/bin/kubeconfig.yaml" >> "$GITHUB_ENV"

.github/workflows/test-e2e-oncluster.yaml

@@ -10,6 +10,15 @@ jobs:
         os: ["ubuntu-latest"]
     runs-on: ${{ matrix.os }}
     steps:
+      - name: Cleanup space
+        run: |
+          df -h
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          docker system prune -af
+          df -h
       - name: Set Environment Variables
         run: |
           echo "KUBECONFIG=${{ github.workspace }}/hack/bin/kubeconfig.yaml" >> "$GITHUB_ENV"

.github/workflows/test-e2e-runtime.yaml

@@ -27,6 +27,15 @@ jobs:
             arch: arm64
     runs-on: ${{ matrix.os }}
     steps:
+      - name: Cleanup space
+        run: |
+          df -h
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          docker system prune -af
+          df -h
       - name: Set Environment Variables
         run: |
           echo "KUBECONFIG=${{ github.workspace }}/hack/bin/kubeconfig.yaml" >> "$GITHUB_ENV"

.github/workflows/test-e2e.yaml

@@ -10,6 +10,15 @@ jobs:
         os: ["ubuntu-latest"]
     runs-on: ${{ matrix.os }}
     steps:
+      - name: Cleanup space
+        run: |
+          df -h
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /opt/hostedtoolcache/CodeQL
+          docker system prune -af
+          df -h
       - name: Set Environment Variables
         run: |
           echo "KUBECONFIG=${{ github.workspace }}/hack/bin/kubeconfig.yaml" >> "$GITHUB_ENV"

cmd/build.go

@@ -1,7 +1,6 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 	"strings"
@@ -212,8 +211,6 @@ For more options, run 'func build --help'`, err)
 	}
 	f = cfg.Configure(f) // Returns an f updated with values from the config (flags, envs, etc)
 
-	cmd.SetContext(cfg.WithValues(cmd.Context())) // Some optional settings are passed via context
-
 	// Client
 	clientOptions, err := cfg.clientOptions()
 	if err != nil {
@@ -243,16 +240,6 @@ For more options, run 'func build --help'`, err)
 	return f.Stamp()
 }
 
-// WithValues returns a context populated with values from the build config
-// which are provided to the system via the context.
-func (c buildConfig) WithValues(ctx context.Context) context.Context {
-	// Push
-	ctx = context.WithValue(ctx, fn.PushUsernameKey{}, c.Username)
-	ctx = context.WithValue(ctx, fn.PushPasswordKey{}, c.Password)
-	ctx = context.WithValue(ctx, fn.PushTokenKey{}, c.Token)
-	return ctx
-}
-
 type buildConfig struct {
 	// Globals (builder, confirm, registry, verbose)
 	config.Global

cmd/build_test.go

@@ -89,12 +89,6 @@ func TestBuild_RegistryOrImageRequired(t *testing.T) {
 	testRegistryOrImageRequired(NewBuildCmd, t)
 }
 
-// TestBuild_Authentication ensures that Token and Username/Password auth
-// propagate to pushers which support them.
-func TestBuild_Authentication(t *testing.T) {
-	testAuthentication(NewBuildCmd, t)
-}
-
 // TestBuild_BaseImage ensures that base image is used only with the right
 // builders and propagates into f.Build.BaseImage
 func TestBuild_BaseImage(t *testing.T) {

cmd/client.go

@@ -5,6 +5,8 @@ import (
 	"net/http"
 	"os"
 
+	"github.com/ory/viper"
+
 	"knative.dev/func/cmd/prompt"
 	"knative.dev/func/pkg/builders/buildpacks"
 	"knative.dev/func/pkg/config"
@@ -105,6 +107,23 @@ func newCredentialsProvider(configPath string, t http.RoundTripper) oci.Credenti
 	additionalLoaders := append(k8s.GetOpenShiftDockerCredentialLoaders(), k8s.GetGoogleCredentialLoader()...)
 	additionalLoaders = append(additionalLoaders, k8s.GetECRCredentialLoader()...)
 	additionalLoaders = append(additionalLoaders, k8s.GetACRCredentialLoader()...)
+
+	additionalLoaders = append(additionalLoaders,
+		func(registry string) (oci.Credentials, error) {
+			uname := viper.GetString("username")
+			passw := viper.GetString("password")
+			token := viper.GetString("token")
+			if (uname != "" && passw != "") || token != "" {
+				return oci.Credentials{
+					Username: uname,
+					Password: passw,
+					Token:    token,
+				}, nil
+			}
+			return oci.Credentials{}, creds.ErrCredentialsNotFound
+		},
+	)
+
 	options := []creds.Opt{
 		creds.WithPromptForCredentials(prompt.NewPromptForCredentials(os.Stdin, os.Stdout, os.Stderr)),
 		creds.WithPromptForCredentialStore(prompt.NewPromptForCredentialStore()),

cmd/deploy.go

@@ -313,7 +313,6 @@ For more options, run 'func deploy --help'`, err)
 	if f, err = cfg.Configure(f); err != nil { // Updates f with deploy cfg
 		return
 	}
-	cmd.SetContext(cfg.WithValues(cmd.Context())) // Some optional settings are passed via context
 
 	changingNamespace := func(f fn.Function) bool {
 		// We're changing namespace if:

cmd/deploy_test.go

@@ -1501,74 +1501,6 @@ func testRegistryOrImageRequired(cmdFn commandConstructor, t *testing.T) {
 	}
 }
 
-// TestDeploy_Authentication ensures that Token and Username/Password auth
-// propagate their values to pushers which support them.
-func TestDeploy_Authentication(t *testing.T) {
-	testAuthentication(NewDeployCmd, t)
-}
-
-func testAuthentication(cmdFn commandConstructor, t *testing.T) {
-	// This test is currently focused on ensuring the flags for
-	// explicit credentials (bearer token and username/password) are respected
-	// and propagated to pushers which support this authentication method.
-	// Integration tests must be used to ensure correct integration between
-	// the system and credential helpers (Docker, ecs, acs)
-	t.Helper()
-
-	root := FromTempDirectory(t)
-	_, err := fn.New().Init(fn.Function{Runtime: "go", Root: root, Registry: TestRegistry})
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	var (
-		testUser  = "alice"
-		testPass  = "123"
-		testToken = "example.jwt.token"
-	)
-
-	// Basic Auth: username/password
-	// -----------------------------
-	pusher := mock.NewPusher()
-	pusher.PushFn = func(ctx context.Context, _ fn.Function) (string, error) {
-		username, _ := ctx.Value(fn.PushUsernameKey{}).(string)
-		password, _ := ctx.Value(fn.PushPasswordKey{}).(string)
-
-		if username != testUser || password != testPass {
-			t.Fatalf("expected username %q, password %q.  Got %q, %q", testUser, testPass, username, password)
-		}
-
-		return "", nil
-	}
-
-	cmd := cmdFn(NewTestClient(fn.WithPusher(pusher)))
-	cmd.SetArgs([]string{"--builder", "host", "--username", testUser, "--password", testPass})
-	if err := cmd.Execute(); err != nil {
-		t.Fatal(err)
-	}
-
-	// Basic Auth: token
-	// -----------------------------
-	pusher = mock.NewPusher()
-	pusher.PushFn = func(ctx context.Context, _ fn.Function) (string, error) {
-		token, _ := ctx.Value(fn.PushTokenKey{}).(string)
-
-		if token != testToken {
-			t.Fatalf("expected token %q, got %q", testToken, token)
-		}
-
-		return "", nil
-	}
-
-	cmd = cmdFn(NewTestClient(fn.WithPusher(pusher)))
-
-	cmd.SetArgs([]string{"--builder", "host", "--token", testToken})
-	if err := cmd.Execute(); err != nil {
-		t.Fatal(err)
-	}
-
-}
-
 // TestDeploy_RemoteBuildURLPermutations ensures that the remote, build and git-url flags
 // are properly respected for all permutations, including empty.
 func TestDeploy_RemoteBuildURLPermutations(t *testing.T) {