From 5b42b6af70e0b4f1fcaf1ee9a21a1c59ed822bd0 Mon Sep 17 00:00:00 2001
From: Ralf Pannemans <ralf.pannemans@sap.com>
Date: Thu, 31 Mar 2022 16:13:21 +0200
Subject: [PATCH] feat(cnbBuild): Support of username/password authorization
 (#3690)

Co-authored-by: Ralf Pannemans <ralf.pannemans@sap.com>
---
 pkg/cnbutils/auth.go      | 15 +++++++++++++++
 pkg/cnbutils/auth_test.go | 16 +++++++++++++++-
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/pkg/cnbutils/auth.go b/pkg/cnbutils/auth.go
index 9c5952b8b..140d9cbb8 100644
--- a/pkg/cnbutils/auth.go
+++ b/pkg/cnbutils/auth.go
@@ -1,6 +1,7 @@
 package cnbutils
 
 import (
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 
@@ -26,6 +27,15 @@ func GenerateCnbAuth(config string, utils BuildUtils) (string, error) {
 
 	auth := map[string]string{}
 	for registry, value := range dockerConfig.AuthConfigs {
+		if value.Auth == "" && value.Username == "" && value.Password == "" {
+			log.Entry().Warnf("docker config.json contains empty credentials for registry %q. Either 'auth' or 'username' and 'password' have to be provided.", registry)
+			continue
+		}
+
+		if value.Auth == "" {
+			value.Auth = encodeAuth(value.Username, value.Password)
+		}
+
 		log.Entry().Debugf("Adding credentials for: registry %q", registry)
 
 		auth[registry] = fmt.Sprintf("Basic %s", value.Auth)
@@ -38,3 +48,8 @@ func GenerateCnbAuth(config string, utils BuildUtils) (string, error) {
 
 	return string(cnbRegistryAuth), nil
 }
+
+func encodeAuth(username, password string) string {
+	auth := username + ":" + password
+	return base64.StdEncoding.EncodeToString([]byte(auth))
+}
diff --git a/pkg/cnbutils/auth_test.go b/pkg/cnbutils/auth_test.go
index 3c683cf53..97d35dc44 100644
--- a/pkg/cnbutils/auth_test.go
+++ b/pkg/cnbutils/auth_test.go
@@ -15,12 +15,26 @@ func TestGenerateCnbAuth(t *testing.T) {
 	}
 
 	t.Run("successfully generates cnb auth env variable", func(t *testing.T) {
-		mockUtils.AddFile("/test/valid_config.json", []byte("{\"auths\":{\"example.com\":{\"username\":\"username\",\"password\":\"password\",\"auth\":\"dXNlcm5hbWU6cGFzc3dvcmQ=\"}}}"))
+		mockUtils.AddFile("/test/valid_config.json", []byte("{\"auths\":{\"example.com\":{\"auth\":\"dXNlcm5hbWU6cGFzc3dvcmQ=\"}}}"))
 		auth, err := cnbutils.GenerateCnbAuth("/test/valid_config.json", mockUtils)
 		assert.NoError(t, err)
 		assert.Equal(t, "{\"example.com\":\"Basic dXNlcm5hbWU6cGFzc3dvcmQ=\"}", auth)
 	})
 
+	t.Run("successfully generates cnb auth env variable from username and password", func(t *testing.T) {
+		mockUtils.AddFile("/test/valid_config.json", []byte("{\"auths\":{\"example.com\":{\"username\":\"username\",\"password\":\"password\"}}}"))
+		auth, err := cnbutils.GenerateCnbAuth("/test/valid_config.json", mockUtils)
+		assert.NoError(t, err)
+		assert.Equal(t, "{\"example.com\":\"Basic dXNlcm5hbWU6cGFzc3dvcmQ=\"}", auth)
+	})
+
+	t.Run("skips registry with empty credentials", func(t *testing.T) {
+		mockUtils.AddFile("/test/valid_config.json", []byte("{\"auths\":{\"example.com\":{}}}"))
+		auth, err := cnbutils.GenerateCnbAuth("/test/valid_config.json", mockUtils)
+		assert.NoError(t, err)
+		assert.Equal(t, "{}", auth)
+	})
+
 	t.Run("successfully generates cnb auth env variable if docker config is not present", func(t *testing.T) {
 		auth, err := cnbutils.GenerateCnbAuth("", mockUtils)
 		assert.NoError(t, err)