Authenticate to registries with Podman's config #1430
Conversation
tekton-robot
added
the
release-note
|
Hi @digglife. Thanks for your PR. I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
tekton-robot
added
needs-ok-to-test
|
/ok-to-test |
tekton-robot
added
ok-to-test
|
The following is the coverage report on the affected files.
|
|
/retest I checked the integration test log but don't know how it's relevant to my change. So rerun the test and see if it's just a temporary error. |
If Podman's auth.json is found then try to use it for registries authentication. fixes: tektoncd#1422
|
The following is the coverage report on the affected files.
|
|
Added one more test. It's ready for review. |
|
Hi @vdemeester , Could you please review the PR? |
|
/lgtm |
| @@ -23,7 +23,7 @@ eg task). | |||
|
|
|||
| Authentication: | |||
| There are three ways to authenticate against your registry. | |||
| 1. By default, your docker.config in your home directory is used. | |||
| 1. By default, your docker.config in your home directory and podman's auth.json are used. | |||
There was a problem hiding this comment.
It's a "and" or a "or" ? ie both are used or either of them?
There was a problem hiding this comment.
It's an "and". Both are used.
There was a problem hiding this comment.
I guess it should be first check in .docker/config.json for the creds, if it exists then use them if not then check for podman's auth.json.
There was a problem hiding this comment.
I guess it should be first check in
.docker/config.jsonfor the creds, if it exists then use them if not then check for podman's auth.json.
Yes. That's the logic. Resolve creds in order and return once it's found. Do I need to add detailed explanation?
|
|
||
| "github.com/docker/cli/cli/config" | ||
| "github.com/docker/cli/cli/config/types" | ||
| "github.com/docker/docker/pkg/homedir" |
There was a problem hiding this comment.
do we need to import docker homedir just to get the homedir? we already have github.com/mitchellh/go-homedir maybe this can be used instead?
There was a problem hiding this comment.
Yes we can use go-homedir here.
| } | ||
|
|
||
| empty := types.AuthConfig{} | ||
| if cfg == empty { |
There was a problem hiding this comment.
nit: you don't need to go by the empty variable i guess
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: vdemeester The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
tekton-robot
added
the
approved
#1419 | [praveen4g0] Get default sa from configmap defaultconfigs | 2021/07/14-16:15 #1420 | [Pradeep Kumar] Update tkn version to 0.20.0 | 2021/07/21-12:37 #1428 | [Piyush Garg] Fix e2e test failing | 2021/07/23-06:37 #1427 | [Zhu Sheng Li] Remove golden files generated for testing version | 2021/07/23-07:23 #1424 | [Pradeep Kumar] fix rpm build | 2021/07/23-07:37 #1429 | [kim-fitness] Update README.md | 2021/08/06-13:30 #1326 | [Sunghoon Kang] Support `output` option for pipeline/task `start` command | 2021/08/09-09:03 #1430 | [Zhu Sheng Li] Authenticate to registries with Podman's config | 2021/08/10-15:05 #1434 | [Piyush Garg] Fix link in doc | 2021/08/10-18:48 #1378 | [Daniel Helfand] add choco package to tkn repo | 2021/08/10-19:14 null | [Piyush Garg] Bump tekton/pipeline to v0.27.1 | 2021/08/17-13:16 null | [Zhu Sheng Li] Add --keep-since flag to taskrun delete | 2021/08/31-06:35 null | [Zhu Sheng Li] Add value check for since option | 2021/08/31-06:35 null | [vinamra28] Delete runs using resource filter and keep-since | 2021/09/21-09:33 null | [vinamra28] Return error when --resource,--all and --keep-* | 2021/09/21-09:33 null | [Yulia Gaponenko] Bump Hub dependency with latest updates | 2021/09/23-11:26 null | [Piyush Garg] Bump to tektoncd/triggers v0.16.0 | 2021/09/24-07:34 null | [Piyush Garg] Move triggertemplate to use v1beta1 | 2021/09/24-07:34 null | [Piyush Garg] Fix the compilation error in other test pkg | 2021/09/24-07:34 null | [Vincent Demeester] Update some dependencies and remove some replace | 2021/09/28-17:14 null | [Piyush Garg] Update triggerbinding cmd to v1beta1 | 2021/09/29-08:05 null | [Piyush Garg] Update clustertriggerbinding to v1beta1 | 2021/09/29-15:53 null | [Piyush Garg] Fix hardcoded resource version in desc | 2021/09/29-16:17 null | [Piyush Garg] Remove duplicate in triggerbinding | 2021/09/29-16:17 null | [Piyush Garg] Cleanup missed during v1beta1 work | 2021/09/30-05:54 null | [Pradeep Kumar] Adds ignore-running flag to pr,tr delete cmd | 2021/09/30-08:18 null | [Piyush Garg] Update eventlistener list and delete cmd | 2021/09/30-15:56 null | [vinamra28] Update EventListener describe command | 2021/10/01-10:08 null | [vinamra28] Update EventListener logs command | 2021/10/01-10:08 null | [Piyush Garg] Cleanup in builder and pkg for triggers cmd | 2021/10/04-07:49 null | [Piyush Garg] Remove invalid docs files | 2021/10/04-07:49 null | [vinamra28] Add create command for tkn clustertask | 2021/10/04-11:03 null | [vinamra28] Add create command for tkn task | 2021/10/04-11:03 null | [Piyush Garg] Add e2e test for triggers v1beta1 | 2021/10/05-12:52 null | [Piyush Garg] Fix terminal not available after logs in retries pipeline | 2021/10/06-06:41 Signed-off-by: Piyush Garg <[email protected]>
|
Added a release note for this new feature to the Pipelines release notes: https://github.com/openshift/openshift-docs/pull/37369/files |
Changes
If Podman's auth.json is found then try to use it for registries authentication.
fixes: #1422
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
make checkmake generatedRelease Notes