Skip to content

fix: login and logout will leverage docker config and os default store #712

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
priteshbandi merged 2 commits into from
Jun 9, 2023
Merged

fix: login and logout will leverage docker config and os default store #712

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4af9746
refactor credentials store
Wwwsylvia Jun 8, 2023
b08978c
update go mod
Wwwsylvia Jun 9, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmd/notation/login.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ func runLogin(ctx context.Context, opts *loginOpts) error {
registryName, urlDocHowToAuthenticate)
}

// the credential already exists somewhere, ignore the saving error
// the credential already exists but is in plaintext, ignore the saving error
fmt.Fprintf(os.Stderr, "Warning: The credentials store is not set up. It is recommended to configure the credentials store to securely store your credentials. See %s.\n", urlDocHowToAuthenticate)
fmt.Println("Authenticated with existing credentials")
}
Expand Down
3 changes: 1 addition & 2 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ require (
github.com/notaryproject/notation-go v1.0.0-rc.6
github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.1.0-rc3
github.com/oras-project/oras-credentials-go v0.1.1
github.com/oras-project/oras-credentials-go v0.1.2-0.20230609092929-bf5244c85f2a
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.7.0
github.com/spf13/pflag v1.0.5
Expand All @@ -17,7 +17,6 @@ require (

require (
github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
github.com/docker/docker-credential-helpers v0.7.0 // indirect
github.com/fxamacker/cbor/v2 v2.4.0 // indirect
github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect
github.com/go-ldap/ldap/v3 v3.4.4 // indirect
Expand Down
6 changes: 2 additions & 4 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,6 @@ github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A=
github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0=
github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88=
github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo=
github.com/go-asn1-ber/asn1-ber v1.5.4 h1:vXT6d/FNDiELJnLb6hGNa309LMsrCoYFvpwHDF0+Y1A=
Expand All @@ -25,8 +23,8 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.1.0-rc3 h1:fzg1mXZFj8YdPeNkRXMg+zb88BFV0Ys52cJydRwBkb8=
github.com/opencontainers/image-spec v1.1.0-rc3/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8=
github.com/oras-project/oras-credentials-go v0.1.1 h1:9EHrcJ1LcC7N9w2rfB9n8c1be+6IacnmFxywltQHecI=
github.com/oras-project/oras-credentials-go v0.1.1/go.mod h1:188MBZBQQbrLlrOZY37hc8Z4Xjl+wP3PaIJkJuk94JM=
github.com/oras-project/oras-credentials-go v0.1.2-0.20230609092929-bf5244c85f2a h1:9EfGz03gbAnD3kZaHxUZUphSMYpxzzPs3NtaUomxMOo=
github.com/oras-project/oras-credentials-go v0.1.2-0.20230609092929-bf5244c85f2a/go.mod h1:JVdg7a5k7hzTrEeeouwag0aCv7OLrS77r7/6w3gVirU=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
Expand Down
21 changes: 18 additions & 3 deletions internal/auth/credentials.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,30 @@ func NewCredentialsStore() (credentials.Store, error) {
return nil, fmt.Errorf("failed to load config file: %w", err)
}

// use notation config
opts := credentials.StoreOptions{AllowPlaintextPut: false}
primaryStore, err := credentials.NewStore(configPath, opts)
notationStore, err := credentials.NewStore(configPath, opts)
if err != nil {
return nil, fmt.Errorf("failed to create credential store from config file: %w", err)
}
if notationStore.IsAuthConfigured() {
return notationStore, nil
}

fallbackStore, err := credentials.NewStoreFromDocker(opts)
// use docker config
dockerStore, err := credentials.NewStoreFromDocker(opts)
if err != nil {
return nil, fmt.Errorf("failed to create credential store from docker config file: %w", err)
}
return credentials.NewStoreWithFallbacks(primaryStore, fallbackStore), nil
if dockerStore.IsAuthConfigured() {
return dockerStore, nil
}

// detect platform-default native store
if osDefaultStore, ok := credentials.NewDefaultNativeStore(); ok {
return osDefaultStore, nil
}
// if the default store is not available, still use notation store so that
// there won't be errors when getting credentials
return notationStore, nil
}