particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

container/client: rework credentials storage

Browse source 
Instead of keeping an extra field in `Client`, we just use the
existing `sysCtx.DockerAuthConfig` structure. When the context
is later copied during the upload operation the credentials
will be copied as well. It also saves us from syncing the
credentials if we directly use said `sysCtx` for operations.
This commit is contained in:
Christian Kellner 2022-07-11 14:08:46 +02:00 committed by Ondřej Budai
parent 865a899f70
commit e53b9c8bb2
2 changed files with 10 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

5
cmd/osbuild-worker/jobimpl-osbuild.go
View file

@ -749,8 +749,9 @@ func (impl *OSBuildJobImpl) Run(job worker.Job) error {
break break
} }
client.Auth.Username = targetOptions.Username if targetOptions.Username != "" || targetOptions.Password != "" {
client.Auth.Password = targetOptions.Password client.SetCredentials(targetOptions.Username, targetOptions.Password)
}
client.SetTLSVerify(targetOptions.TlsVerify) client.SetTLSVerify(targetOptions.TlsVerify)
sourcePath := path.Join(outputDirectory, jobTarget.OsbuildArtifact.ExportName, jobTarget.OsbuildArtifact.ExportFilename) sourcePath := path.Join(outputDirectory, jobTarget.OsbuildArtifact.ExportName, jobTarget.OsbuildArtifact.ExportFilename)

20
internal/container/client.go
View file

@ -30,18 +30,12 @@ const (
DefaultPolicyPath = "/etc/containers/policy.json" DefaultPolicyPath = "/etc/containers/policy.json"
) )
type Credentials struct {
Username string
Password string
}
// A Client to interact with the given Target object at a // A Client to interact with the given Target object at a
// container registry, like e.g. uploading an image to. // container registry, like e.g. uploading an image to.
// All mentioned defaults are only set when using the // All mentioned defaults are only set when using the
// NewClient constructor. // NewClient constructor.
type Client struct { type Client struct {
Target reference.Named // the target object to interact with Target reference.Named // the target object to interact with
Auth Credentials // credentials to use
ReportWriter io.Writer // used for writing status reports, defaults to os.Stdout ReportWriter io.Writer // used for writing status reports, defaults to os.Stdout
@ -103,8 +97,13 @@ func NewClient(target string) (*Client, error) {
// SetCredentials will set username and password for Client // SetCredentials will set username and password for Client
func (cl *Client) SetCredentials(username, password string) { func (cl *Client) SetCredentials(username, password string) {
cl.Auth.Username = username
cl.Auth.Password = password if cl.sysCtx.DockerAuthConfig == nil {
cl.sysCtx.DockerAuthConfig = &types.DockerAuthConfig{}
}
cl.sysCtx.DockerAuthConfig.Username = username
cl.sysCtx.DockerAuthConfig.Password = password
} }
// SetSkipTLSVerify controls if TLS verification happens when // SetSkipTLSVerify controls if TLS verification happens when
@ -160,11 +159,6 @@ func (cl *Client) UploadImage(ctx context.Context, from, tag string) (digest.Dig
targetCtx := *cl.sysCtx targetCtx := *cl.sysCtx
targetCtx.DockerRegistryPushPrecomputeDigests = cl.PrecomputeDigests targetCtx.DockerRegistryPushPrecomputeDigests = cl.PrecomputeDigests
targetCtx.DockerAuthConfig = &types.DockerAuthConfig{
Username: cl.Auth.Username,
Password: cl.Auth.Password,
}
policyContext, err := signature.NewPolicyContext(cl.policy) policyContext, err := signature.NewPolicyContext(cl.policy)
if err != nil { if err != nil {