Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RFC: Use default key chain for authentication to the registry #254

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions commands/check.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,8 @@ func performCheck(principal resource.BasicCredentials, version *resource.Version

if auth.Username != "" && auth.Password != "" {
imageOpts = append(imageOpts, remote.WithAuth(auth))
} else {
imageOpts = append(imageOpts, remote.WithAuthFromKeychain(authn.DefaultKeychain))
}

digest, found, err := headOrGet(ref, imageOpts...)
Expand Down
2 changes: 2 additions & 0 deletions commands/in.go
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,8 @@ func get(principal resource.BasicCredentials, digest name.Digest) (v1.Image, err

if auth.Username != "" && auth.Password != "" {
imageOpts = append(imageOpts, remote.WithAuth(auth))
} else {
imageOpts = append(imageOpts, remote.WithAuthFromKeychain(authn.DefaultKeychain))
}

image, err := remote.Image(digest, imageOpts...)
Expand Down
30 changes: 22 additions & 8 deletions commands/out.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ package commands
import (
"encoding/json"
"fmt"
"io"
"net/http"
"path/filepath"

resource "github.com/concourse/registry-image-resource"
"github.com/google/go-containerregistry/pkg/authn"
"github.com/google/go-containerregistry/pkg/name"
Expand All @@ -11,9 +15,6 @@ import (
"github.com/google/go-containerregistry/pkg/v1/tarball"
"github.com/simonshyu/notary-gcr/pkg/gcr"
"github.com/sirupsen/logrus"
"io"
"net/http"
"path/filepath"
)

type OutRequest struct {
Expand Down Expand Up @@ -142,12 +143,25 @@ func (o *out) Execute() error {
}

func outPut(req OutRequest, img v1.Image, ref name.Reference, extraRefs []name.Reference) error {
auth := &authn.Basic{
Username: req.Source.Username,
Password: req.Source.Password,

var auth authn.Authenticator
var authOpt remote.Option
var err error
if req.Source.Username != "" && req.Source.Password != "" {
auth = &authn.Basic{
Username: req.Source.Username,
Password: req.Source.Password,
}
authOpt = remote.WithAuth(auth)
} else {
auth, err = authn.DefaultKeychain.Resolve(ref.Context())
authOpt = remote.WithAuthFromKeychain(authn.DefaultKeychain)
if err != nil {
return fmt.Errorf("resolve target: %w", err)
}
}

err := remote.Write(ref, img, remote.WithAuth(auth))
err = remote.Write(ref, img, authOpt)
if err != nil {
return fmt.Errorf("upload image: %w", err)
}
Expand Down Expand Up @@ -175,7 +189,7 @@ func outPut(req OutRequest, img v1.Image, ref name.Reference, extraRefs []name.R
for _, extraRef := range extraRefs {
logrus.Infof("pushing as tag %s", extraRef.Identifier())

err = remote.Write(extraRef, img, remote.WithAuth(auth), remote.WithTransport(http.DefaultTransport))
err = remote.Write(extraRef, img, authOpt, remote.WithTransport(http.DefaultTransport))
if err != nil {
return fmt.Errorf("tag image: %w", err)
}
Expand Down