Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: support anonymous detect registry scheme #331

Merged
merged 1 commit into from
Dec 9, 2022
Merged

feat: support anonymous detect registry scheme #331

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions apis/artifacts/v1alpha1/registry_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ package v1alpha1
import (
"encoding/json"
"fmt"
"strings"
)

// ImageConfig define sever and multiple docker credentials related content.
Expand Down Expand Up @@ -59,6 +60,7 @@ func GetAuthFromDockerConfigJson(registry string, dockerConfigJsonBytes []byte)
return "", "", fmt.Errorf("no auths found")
}

registry = strings.TrimPrefix(strings.TrimPrefix(registry, "http://"), "https://")
for _, address := range []string{registry, "http://" + registry, "https://" + registry} {
if auth, ok := dockerConfig.Auths[address]; ok {
return auth.Username, auth.Password, nil
Expand Down
7 changes: 4 additions & 3 deletions registry/detect_scheme_by_secret.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,10 +81,11 @@ func (d *RegistrySchemeDetectionBySecret) DetectScheme(ctx context.Context, regi
}
username, password, err := getDockerAuthFromSecret(registry, secret)
if err != nil {
log.Infow("failed to get username and password from secret", "error", err)
return "", fmt.Errorf("failed to get auth from %s: %w", secretKey.String(), err)
log.Debugw("failed to get username and password from secret", "error", err)
}
if username != "" && password != "" {
auths = append(auths, WithBasicAuth(username, password))
}
auths = append(auths, WithBasicAuth(username, password))
}

return d.DefaultRegistrySchemeDetection.DetectScheme(ctx, registry, auths...)
Expand Down
16 changes: 8 additions & 8 deletions registry/detect_scheme_by_secret_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,25 +156,25 @@ var _ = Describe("Test.RegistrySchemeDetectionBySecret", func() {
})
})

When("secret type is dockerconfig but not matched", func() {
When("secret type is dockerconfig but not matched, no authentication information", func() {
BeforeEach(func() {
detect = detect.WithSecretRef(ref)
Expect(testing.LoadKubeResources("testdata/secret.dockerconfig.yaml", clt)).To(Succeed())
})
It("should return error", func() {
Expect(err).ShouldNot(BeNil())
Expect(err.Error()).To(ContainSubstring(`no auth found for registry:`))
It("should NOT return error", func() {
Expect(err).Should(BeNil())
Expect(protocols).Should(Equal("https"))
})
})

When("secret type is token", func() {
When("secret type is token, no authentication information", func() {
BeforeEach(func() {
detect = detect.WithSecretRef(ref)
Expect(testing.LoadKubeResources("testdata/secret.token.yaml", clt)).To(Succeed())
})
It("should return error", func() {
Expect(err).ShouldNot(BeNil())
Expect(err.Error()).To(Equal(`failed to get auth from default/secret-name: unsupported secret type kubernetes.io/service-account-token`))
It("should NOT return error", func() {
Expect(err).Should(BeNil())
Expect(protocols).Should(Equal("https"))
})
})
})
Expand Down