chore: Reduce Kubernetes namespace list request

Signed-off-by: Anatolii Bazko <[email protected]>

Author: tolusha

infrastructures/infrastructure-factory/src/main/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManager.java

@@ -150,19 +150,14 @@ public PersonalAccessToken fetchAndSave(Subject cheUser, String scmServerUrl)
     return personalAccessToken;
   }
 
-  @Override
-  public Optional<PersonalAccessToken> get(Subject cheUser, String scmServerUrl)
-      throws ScmConfigurationPersistenceException, ScmCommunicationException {
-    return doGetPersonalAccessTokens(cheUser, null, scmServerUrl).stream().findFirst();
-  }
-
   @Override
   public PersonalAccessToken get(String scmServerUrl)
       throws ScmConfigurationPersistenceException, ScmUnauthorizedException,
           ScmCommunicationException, UnknownScmProviderException,
           UnsatisfiedScmPreconditionException {
     Subject subject = EnvironmentContext.getCurrent().getSubject();
-    Optional<PersonalAccessToken> tokenOptional = get(subject, scmServerUrl);
+    Optional<PersonalAccessToken> tokenOptional =
+        doGetPersonalAccessTokens(subject, null, scmServerUrl, null).stream().findFirst();
     if (tokenOptional.isPresent()) {
       return tokenOptional.get();
     } else {
@@ -173,21 +168,38 @@ public PersonalAccessToken get(String scmServerUrl)
 
   @Override
   public Optional<PersonalAccessToken> get(
-      Subject cheUser, String oAuthProviderName, @Nullable String scmServerUrl)
+      Subject cheUser,
+      String oAuthProviderName,
+      @Nullable String scmServerUrl,
+      @Nullable String namespaceName)
       throws ScmConfigurationPersistenceException, ScmCommunicationException {
-    return doGetPersonalAccessTokens(cheUser, oAuthProviderName, scmServerUrl).stream().findFirst();
+    return doGetPersonalAccessTokens(cheUser, oAuthProviderName, scmServerUrl, namespaceName)
+        .stream()
+        .findFirst();
   }
 
   private List<PersonalAccessToken> doGetPersonalAccessTokens(
-      Subject cheUser, @Nullable String oAuthProviderName, @Nullable String scmServerUrl)
+      Subject cheUser,
+      @Nullable String oAuthProviderName,
+      @Nullable String scmServerUrl,
+      @Nullable String namespaceName)
       throws ScmConfigurationPersistenceException, ScmCommunicationException {
     List<PersonalAccessToken> result = new ArrayList<>();
     try {
       LOG.debug(
           "Fetching personal access token for user {} and OAuth provider {}",
           cheUser.getUserId(),
           oAuthProviderName);
-      for (KubernetesNamespaceMeta namespaceMeta : namespaceFactory.list()) {
+
+      // Reduce number of request
+      List<KubernetesNamespaceMeta> namespaceMetas = new ArrayList<>();
+      if (namespaceName != null) {
+        namespaceFactory.fetchNamespace(namespaceName).ifPresent(namespaceMetas::add);
+      } else {
+        namespaceMetas.addAll(namespaceFactory.list());
+      }
+
+      for (KubernetesNamespaceMeta namespaceMeta : namespaceMetas) {
         List<Secret> secrets = doGetPersonalAccessTokenSecrets(namespaceMeta);
 
         for (Secret secret : secrets) {
@@ -394,7 +406,8 @@ public void storeGitCredentials(String scmServerUrl)
       throws UnsatisfiedScmPreconditionException, ScmConfigurationPersistenceException,
           ScmCommunicationException, ScmUnauthorizedException {
     Subject subject = EnvironmentContext.getCurrent().getSubject();
-    Optional<PersonalAccessToken> tokenOptional = get(subject, scmServerUrl);
+    Optional<PersonalAccessToken> tokenOptional =
+        doGetPersonalAccessTokens(subject, null, scmServerUrl, null).stream().findFirst();
     if (tokenOptional.isPresent()) {
       PersonalAccessToken personalAccessToken = tokenOptional.get();
       gitCredentialManager.createOrReplace(personalAccessToken);

infrastructures/infrastructure-factory/src/test/java/org/eclipse/che/api/factory/server/scm/kubernetes/KubernetesPersonalAccessTokenManagerTest.java

@@ -120,7 +120,7 @@ public void shouldTrimBlankCharsInToken() throws Exception {
     // when
     PersonalAccessToken token =
         personalAccessTokenManager
-            .get(new SubjectImpl("user", "user", "t1", false), "http://host1")
+            .get(new SubjectImpl("user", "user", "t1", false), null, "http://host1", null)
             .get();
 
     // then
@@ -231,7 +231,7 @@ public void testGetTokenFromNamespace() throws Exception {
     // when
     PersonalAccessToken token =
         personalAccessTokenManager
-            .get(new SubjectImpl("user", "user1", "t1", false), "http://host1")
+            .get(new SubjectImpl("user", "user1", "t1", false), null, "http://host1", null)
             .get();
 
     // then
@@ -276,8 +276,7 @@ public void shouldGetTokenFromASecretWithSCMUsername() throws Exception {
     // when
     Optional<PersonalAccessToken> tokenOptional =
         personalAccessTokenManager.get(
-            new SubjectImpl("user", "user1", "t1", false), "http://host1");
-
+            new SubjectImpl("user", "user1", "t1", false), null, "http://host1", null);
     // then
     assertTrue(tokenOptional.isPresent());
     assertEquals(tokenOptional.get().getCheUserId(), "user1");
@@ -319,7 +318,7 @@ public void shouldGetTokenFromASecretWithoutSCMUsername() throws Exception {
     // when
     Optional<PersonalAccessToken> tokenOptional =
         personalAccessTokenManager.get(
-            new SubjectImpl("user", "user1", "t1", false), "http://host1");
+            new SubjectImpl("user", "user1", "t1", false), null, "http://host1", null);
 
     // then
     assertTrue(tokenOptional.isPresent());
@@ -378,11 +377,11 @@ public void testGetTokenFromNamespaceWithTrailingSlashMismatch() throws Exceptio
     // when
     PersonalAccessToken token1 =
         personalAccessTokenManager
-            .get(new SubjectImpl("user", "user1", "t1", false), "http://host1.com")
+            .get(new SubjectImpl("user", "user1", "t1", false), null, "http://host1.com", null)
             .get();
     PersonalAccessToken token2 =
         personalAccessTokenManager
-            .get(new SubjectImpl("user", "user1", "t1", false), "http://host2.com/")
+            .get(new SubjectImpl("user", "user1", "t1", false), null, "http://host2.com/", null)
             .get();
 
     // then
@@ -419,7 +418,7 @@ public void shouldDeleteMisconfiguredTokensOnGet() throws Exception {
     // when
     Optional<PersonalAccessToken> token =
         personalAccessTokenManager.get(
-            new SubjectImpl("user", "user1", "t1", false), "http://host1");
+            new SubjectImpl("user", "user1", "t1", false), null, "http://host1", null);
     // then
     assertFalse(token.isPresent());
     verify(nonNamespaceOperation, times(1)).delete(eq(secret1));
@@ -457,7 +456,7 @@ public void shouldDeleteInvalidTokensOnGet() throws Exception {
     // when
     Optional<PersonalAccessToken> token =
         personalAccessTokenManager.get(
-            new SubjectImpl("user", "user1", "t1", false), "http://host1");
+            new SubjectImpl("user", "user1", "t1", false), null, "http://host1", null);
     // then
     assertFalse(token.isPresent());
     verify(nonNamespaceOperation, times(1)).delete(eq(secret1));
@@ -523,7 +522,7 @@ public void shouldReturnFirstValidTokenAndDeleteTheInvalidOne() throws Exception
     // when
     Optional<PersonalAccessToken> token =
         personalAccessTokenManager.get(
-            new SubjectImpl("user", "user1", "t1", false), "http://host1");
+            new SubjectImpl("user", "user1", "t1", false), null, "http://host1", null);
     // then
     assertTrue(token.isPresent());
     assertEquals(token.get().getScmTokenId(), "id2");

infrastructures/kubernetes/src/main/java/org/eclipse/che/workspace/infrastructure/kubernetes/namespace/configurator/OAuthTokenSecretsConfigurator.java

@@ -78,7 +78,10 @@ public void configure(NamespaceResolutionContext namespaceResolutionContext, Str
               try {
                 Subject cheSubject = EnvironmentContext.getCurrent().getSubject();
                 personalAccessTokenManager.get(
-                    cheSubject, s.getMetadata().getAnnotations().get(ANNOTATION_SCM_URL));
+                    cheSubject,
+                    null,
+                    s.getMetadata().getAnnotations().get(ANNOTATION_SCM_URL),
+                    namespaceName);
               } catch (ScmConfigurationPersistenceException | ScmCommunicationException e) {
                 LOG.error(e.getMessage(), e);
               }

wsmaster/che-core-api-auth/src/main/java/org/eclipse/che/security/oauth/EmbeddedOAuthAPI.java

@@ -245,9 +245,10 @@ public OAuthToken getOrRefreshToken(String oauthProvider)
       } else {
         Optional<PersonalAccessToken> tokenOptional;
         try {
-          tokenOptional = personalAccessTokenManager.get(subject, oauthProvider, null);
+          tokenOptional = personalAccessTokenManager.get(subject, oauthProvider, null, null);
           if (tokenOptional.isEmpty()) {
-            tokenOptional = personalAccessTokenManager.get(subject, provider.getEndpointUrl());
+            tokenOptional =
+                personalAccessTokenManager.get(subject, null, provider.getEndpointUrl(), null);
           }
           if (tokenOptional.isPresent()) {
             return newDto(OAuthToken.class).withToken(tokenOptional.get().getToken());

wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerURLParser.java

@@ -94,7 +94,8 @@ private boolean isUserTokenPresent(String repositoryUrl) {
         .anyMatch(t -> Pattern.compile(format(t, schema, host)).matcher(repositoryUrl).matches())) {
       try {
         Optional<PersonalAccessToken> token =
-            personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl);
+            personalAccessTokenManager.get(
+                EnvironmentContext.getCurrent().getSubject(), null, serverUrl, null);
         return token.isPresent() && token.get().getScmTokenName().equals(OAUTH_PROVIDER_NAME);
       } catch (ScmConfigurationPersistenceException | ScmCommunicationException exception) {
         return false;

wsmaster/che-core-api-factory-bitbucket-server/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketServerUserDataFetcher.java

@@ -73,7 +73,7 @@ public BitbucketServerUserDataFetcher(
   }
 
   @Override
-  public GitUserData fetchGitUserData()
+  public GitUserData fetchGitUserData(String namespaceName)
       throws ScmUnauthorizedException, ScmCommunicationException,
           ScmConfigurationPersistenceException, ScmItemNotFoundException {
     Subject cheSubject = EnvironmentContext.getCurrent().getSubject();
@@ -90,7 +90,7 @@ public GitUserData fetchGitUserData()
 
     // Try go get user data using personal access token
     Optional<PersonalAccessToken> personalAccessToken =
-        this.personalAccessTokenManager.get(cheSubject, OAUTH_PROVIDER_NAME, null);
+        this.personalAccessTokenManager.get(cheSubject, OAUTH_PROVIDER_NAME, null, namespaceName);
     if (personalAccessToken.isPresent()) {
       PersonalAccessToken token = personalAccessToken.get();
       HttpBitbucketServerApiClient httpBitbucketServerApiClient =

wsmaster/che-core-api-factory-bitbucket/src/main/java/org/eclipse/che/api/factory/server/bitbucket/BitbucketUserDataFetcher.java

@@ -64,7 +64,8 @@ public BitbucketUserDataFetcher(
   }
 
   @Override
-  public GitUserData fetchGitUserData() throws ScmUnauthorizedException, ScmCommunicationException {
+  public GitUserData fetchGitUserData(String namespaceName)
+      throws ScmUnauthorizedException, ScmCommunicationException {
     OAuthToken oAuthToken;
     try {
       oAuthToken = oAuthAPI.getOrRefreshToken(OAUTH_PROVIDER_NAME);

wsmaster/che-core-api-factory-github-common/src/main/java/org/eclipse/che/api/factory/server/github/AbstractGithubURLParser.java

@@ -115,7 +115,7 @@ private boolean isUserTokenPresent(String repositoryUrl) {
       String serverUrl = serverUrlOptional.get();
       try {
         Optional<PersonalAccessToken> token =
-            tokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl);
+            tokenManager.get(EnvironmentContext.getCurrent().getSubject(), null, serverUrl, null);
         if (token.isPresent()) {
           PersonalAccessToken accessToken = token.get();
           return accessToken.getScmTokenName().equals(providerName);
@@ -265,7 +265,7 @@ private GithubPullRequest getPullRequest(
       // prepare token
       Subject subject = EnvironmentContext.getCurrent().getSubject();
       PersonalAccessToken personalAccessToken = null;
-      Optional<PersonalAccessToken> token = tokenManager.get(subject, githubEndpoint);
+      Optional<PersonalAccessToken> token = tokenManager.get(subject, null, githubEndpoint, null);
       if (token.isPresent()) {
         personalAccessToken = token.get();
       } else if (authenticationRequired) {
@@ -322,7 +322,7 @@ private GithubCommit getLatestCommit(
       // prepare token
       Subject subject = EnvironmentContext.getCurrent().getSubject();
       PersonalAccessToken personalAccessToken = null;
-      Optional<PersonalAccessToken> token = tokenManager.get(subject, githubEndpoint);
+      Optional<PersonalAccessToken> token = tokenManager.get(subject, null, githubEndpoint, null);
       if (token.isPresent()) {
         personalAccessToken = token.get();
       } else if (authenticationRequired) {

wsmaster/che-core-api-factory-github/src/test/java/org/eclipse/che/api/factory/server/github/GithubURLParserTest.java

@@ -239,7 +239,7 @@ public void checkPullRequestFromForkedRepository() throws Exception {
 
     PersonalAccessToken personalAccessToken = mock(PersonalAccessToken.class);
     when(personalAccessToken.getToken()).thenReturn("token");
-    when(personalAccessTokenManager.get(any(Subject.class), anyString()))
+    when(personalAccessTokenManager.get(any(Subject.class), anyString(), eq(null), eq(null)))
         .thenReturn(Optional.of(personalAccessToken));
 
     when(githubApiClient.isConnected(eq("https://github.com"))).thenReturn(true);
@@ -288,7 +288,7 @@ public void checkPullRequestMergedState() throws Exception {
     GithubPullRequest githubPullRequest = mock(GithubPullRequest.class);
     when(githubPullRequest.getState()).thenReturn("merged");
     when(personalAccessToken.getToken()).thenReturn("token");
-    when(personalAccessTokenManager.get(any(Subject.class), anyString()))
+    when(personalAccessTokenManager.get(any(Subject.class), anyString(), eq(null), eq(null)))
         .thenReturn(Optional.of(personalAccessToken));
     when(githubApiClient.isConnected(eq("https://github.com"))).thenReturn(true);
     when(githubApiClient.getPullRequest(anyString(), anyString(), anyString(), anyString()))
@@ -331,7 +331,7 @@ public void shouldParseServerUrWithPullRequestId() throws Exception {
 
     // then
     verify(personalAccessTokenManager, times(2))
-        .get(any(Subject.class), eq("https://github-server.com"));
+        .get(any(Subject.class), eq("https://github-server.com"), eq(null), eq(null));
   }
 
   @Test

wsmaster/che-core-api-factory-gitlab-common/src/main/java/org/eclipse/che/api/factory/server/gitlab/AbstractGitlabUrlParser.java

@@ -81,7 +81,8 @@ private boolean isUserTokenPresent(String repositoryUrl) {
       String serverUrl = serverUrlOptional.get();
       try {
         Optional<PersonalAccessToken> token =
-            personalAccessTokenManager.get(EnvironmentContext.getCurrent().getSubject(), serverUrl);
+            personalAccessTokenManager.get(
+                EnvironmentContext.getCurrent().getSubject(), null, serverUrl, null);
         if (token.isPresent()) {
           PersonalAccessToken accessToken = token.get();
           return accessToken.getScmTokenName().equals(providerName);

wsmaster/che-core-api-factory-gitlab/src/test/java/org/eclipse/che/api/factory/server/gitlab/GitlabUserDataFetcherTest.java

@@ -82,7 +82,7 @@ public void shouldFetchGitUserData() throws Exception {
     PersonalAccessToken token = mock(PersonalAccessToken.class);
     when(token.getToken()).thenReturn("oauthtoken");
     when(token.getScmProviderUrl()).thenReturn(wireMockServer.url("/"));
-    when(personalAccessTokenManager.get(any(Subject.class), eq("gitlab"), eq(null)))
+    when(personalAccessTokenManager.get(any(Subject.class), eq("gitlab"), eq(null), eq(null)))
         .thenReturn(Optional.of(token));
 
     GitUserData gitUserData = gitlabUserDataFetcher.fetchGitUserData();

wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/AbstractGitUserDataFetcher.java

@@ -36,17 +36,17 @@ public AbstractGitUserDataFetcher(
     this.personalAccessTokenManager = personalAccessTokenManager;
   }
 
-  public GitUserData fetchGitUserData()
+  public GitUserData fetchGitUserData(String namespaceName)
       throws ScmUnauthorizedException, ScmCommunicationException,
           ScmConfigurationPersistenceException, ScmItemNotFoundException, ScmBadRequestException {
     Subject cheSubject = EnvironmentContext.getCurrent().getSubject();
     Optional<PersonalAccessToken> tokenOptional =
-        personalAccessTokenManager.get(cheSubject, oAuthProviderName, null);
+        personalAccessTokenManager.get(cheSubject, oAuthProviderName, null, namespaceName);
     if (tokenOptional.isPresent()) {
       return fetchGitUserDataWithPersonalAccessToken(tokenOptional.get());
     } else {
       Optional<PersonalAccessToken> oAuthTokenOptional =
-          personalAccessTokenManager.get(cheSubject, oAuthProviderUrl);
+          personalAccessTokenManager.get(cheSubject, oAuthProviderUrl, null, namespaceName);
       if (oAuthTokenOptional.isPresent()) {
         return fetchGitUserDataWithOAuthToken(oAuthTokenOptional.get().getToken());
       }

wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/GitUserDataFetcher.java

@@ -16,13 +16,15 @@
 import org.eclipse.che.api.factory.server.scm.exception.ScmConfigurationPersistenceException;
 import org.eclipse.che.api.factory.server.scm.exception.ScmItemNotFoundException;
 import org.eclipse.che.api.factory.server.scm.exception.ScmUnauthorizedException;
+import org.eclipse.che.commons.annotation.Nullable;
 
 public interface GitUserDataFetcher {
 
   /**
    * Retrieve a {@link GitUserData} object from concrete scm provider. If OAuthProvider is not
    * configured, then personal access token should be taken into account.
    *
+   * @param namespaceName - the user's namespace name.
    * @return - {@link GitUserData} object.
    * @throws ScmUnauthorizedException - in case if user is not authorized che server to create a new
    *     token. Further user interaction is needed before calling this method next time.
@@ -31,7 +33,25 @@ public interface GitUserDataFetcher {
    * @throws ScmConfigurationPersistenceException - problem occurred during communication with
    *     permanent storage.
    */
-  GitUserData fetchGitUserData()
+  GitUserData fetchGitUserData(@Nullable String namespaceName)
       throws ScmUnauthorizedException, ScmCommunicationException,
           ScmConfigurationPersistenceException, ScmItemNotFoundException, ScmBadRequestException;
+
+  /**
+   * Retrieve a {@link GitUserData} object from concrete scm provider. If OAuthProvider is not
+   * configured, then personal access token should be taken into account.
+   *
+   * @return - {@link GitUserData} object.
+   * @throws ScmUnauthorizedException - in case if user is not authorized che server to create a new
+   *     token. Further user interaction is needed before calling this method next time.
+   * @throws ScmCommunicationException - Some unexpected problem occurred during communication with
+   *     scm provider.
+   * @throws ScmConfigurationPersistenceException - problem occurred during communication with
+   *     permanent storage.
+   */
+  default GitUserData fetchGitUserData()
+      throws ScmUnauthorizedException, ScmCommunicationException,
+          ScmConfigurationPersistenceException, ScmItemNotFoundException, ScmBadRequestException {
+    return fetchGitUserData(null);
+  }
 }

wsmaster/che-core-api-factory/src/main/java/org/eclipse/che/api/factory/server/scm/PersonalAccessTokenManager.java

@@ -40,19 +40,6 @@ PersonalAccessToken fetchAndSave(Subject cheUser, String scmServerUrl)
       throws UnsatisfiedScmPreconditionException, ScmConfigurationPersistenceException,
           ScmUnauthorizedException, ScmCommunicationException, UnknownScmProviderException;
 
-  /**
-   * Gets {@link PersonalAccessToken} from permanent storage.
-   *
-   * @param cheUser Che user object
-   * @param scmServerUrl Git provider endpoint
-   * @return personal access token
-   * @throws ScmConfigurationPersistenceException - problem occurred during communication with
-   *     permanent storage.
-   * @throws ScmCommunicationException - problem occurred during communication with SCM server.
-   */
-  Optional<PersonalAccessToken> get(Subject cheUser, String scmServerUrl)
-      throws ScmConfigurationPersistenceException, ScmCommunicationException;
-
   /**
    * Gets {@link PersonalAccessToken} from permanent storage.
    *
@@ -83,7 +70,10 @@ PersonalAccessToken get(String scmServerUrl)
    * @throws ScmCommunicationException - problem occurred during communication with SCM server.
    */
   Optional<PersonalAccessToken> get(
-      Subject cheUser, String oAuthProviderName, @Nullable String scmServerUrl)
+      Subject cheUser,
+      @Nullable String oAuthProviderName,
+      @Nullable String scmServerUrl,
+      @Nullable String namespaceName)
       throws ScmConfigurationPersistenceException, ScmCommunicationException;
 
   /**