self-hosted/watchtower
self-hosted/watchtower
1
0
Fork 0
mirror of https://github.com/containrrr/watchtower.git synced 2024-12-15 09:14:13 +02:00
Code Issues Releases Activity
e2228f1b0b
watchtower/container/trust.go
Simon Aronsson 1b82da1ab7 Setup a working pipeline 
* add tests to ensure function even after switching docker client api version
* switch docker client api version to remove import of Sirupsen and get rid of the casing workaround
* migrate from glide to dep to go modules
* rewrite ci workflow
  * only run publish on version tags
  * only run build on branches
  * update goreleaser config
  * disable automated latest tag push
* remove dependency to v2tec/docker-gobuilder
* remove dead code and files
* add golands .idea folder to gitignore
* add label to released docker images
* add test reporting, add some unit tests
* change test output dir
* fix goreleaser versions
* add debug output for circleci and goreleaser
* disable cgo
2019-04-06 13:57:26 +02:00

103 lines
3.3 KiB
Go
Raw Blame History

package container
import (
"errors"
"os"
"strings"
"github.com/docker/cli/cli/command"
cliconfig "github.com/docker/cli/cli/config"
"github.com/docker/cli/cli/config/configfile"
"github.com/docker/cli/cli/config/credentials"
"github.com/docker/distribution/reference"
"github.com/docker/docker/api/types"
log "github.com/sirupsen/logrus"
)
// EncodedAuth returns an encoded auth config for the given registry
// loaded from environment variables or docker config
// as available in that order
func EncodedAuth(ref string) (string, error) {
auth, err := EncodedEnvAuth(ref)
if err != nil {
auth, err = EncodedConfigAuth(ref)
}
return auth, err
}
// EncodedEnvAuth returns an encoded auth config for the given registry
// loaded from environment variables
// Returns an error if authentication environment variables have not been set
func EncodedEnvAuth(ref string) (string, error) {
username := os.Getenv("REPO_USER")
password := os.Getenv("REPO_PASS")
if username != "" && password != "" {
auth := types.AuthConfig{
Username: username,
Password: password,
}
log.Debugf("Loaded auth credentials %s for %s", auth, ref)
return EncodeAuth(auth)
}
return "", errors.New("Registry auth environment variables (REPO_USER, REPO_PASS) not set")
}
// EncodedConfigAuth returns an encoded auth config for the given registry
// loaded from the docker config
// Returns an empty string if credentials cannot be found for the referenced server
// The docker config must be mounted on the container
func EncodedConfigAuth(ref string) (string, error) {
server, err := ParseServerAddress(ref)
configDir := os.Getenv("DOCKER_CONFIG")
if configDir == "" {
configDir = "/"
}
configFile, err := cliconfig.Load(configDir)
if err != nil {
log.Errorf("Unable to find default config file %s", err)
return "", err
}
credStore := CredentialsStore(*configFile)
auth, err := credStore.Get(server) // returns (types.AuthConfig{}) if server not in credStore
if auth == (types.AuthConfig{}) {
log.Debugf("No credentials for %s in %s", server, configFile.Filename)
return "", nil
}
log.Debugf("Loaded auth credentials %s from %s", auth, configFile.Filename)
return EncodeAuth(auth)
}
// ParseServerAddress extracts the server part from a container image ref
func ParseServerAddress(ref string) (string, error) {
parsedRef, err := reference.Parse(ref)
if err != nil {
return ref, err
}
parts := strings.Split(parsedRef.String(), "/")
return parts[0], nil
}
// CredentialsStore returns a new credentials store based
// on the settings provided in the configuration file.
func CredentialsStore(configFile configfile.ConfigFile) credentials.Store {
if configFile.CredentialsStore != "" {
return credentials.NewNativeStore(&configFile, configFile.CredentialsStore)
}
return credentials.NewFileStore(&configFile)
}
// EncodeAuth Base64 encode an AuthConfig struct for transmission over HTTP
func EncodeAuth(auth types.AuthConfig) (string, error) {
return command.EncodeAuthToBase64(auth)
}
// DefaultAuthHandler will be invoked if an AuthConfig is rejected
// It could be used to return a new value for the "X-Registry-Auth" authentication header,
// but there's no point trying again with the same value as used in AuthConfig
func DefaultAuthHandler() (string, error) {
log.Debug("Authentication request was rejected. Trying again without authentication")
return "", nil
}
Reference in New Issue View Git Blame Copy Permalink