enable login/logut unspecified args
Signed-off-by: Qi Wang <qiwan@redhat.com>
This commit is contained in:
parent
062c7b8a94
commit
45f731aa49
|
@ -8,6 +8,7 @@ import (
|
|||
"github.com/containers/image/v5/types"
|
||||
"github.com/containers/libpod/cmd/podman/registry"
|
||||
"github.com/containers/libpod/pkg/domain/entities"
|
||||
"github.com/containers/libpod/pkg/registries"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
|
@ -23,7 +24,7 @@ var (
|
|||
Short: "Login to a container registry",
|
||||
Long: "Login to a container registry on a specified server.",
|
||||
RunE: login,
|
||||
Args: cobra.ExactArgs(1),
|
||||
Args: cobra.MaximumNArgs(1),
|
||||
Example: `podman login quay.io
|
||||
podman login --username ... --password ... quay.io
|
||||
podman login --authfile dir/auth.json quay.io`,
|
||||
|
@ -48,6 +49,7 @@ func init() {
|
|||
flags.BoolVarP(&loginOptions.GetLoginSet, "get-login", "", false, "Return the current login user for the registry")
|
||||
loginOptions.Stdin = os.Stdin
|
||||
loginOptions.Stdout = os.Stdout
|
||||
loginOptions.AcceptUnspecifiedRegistry = true
|
||||
}
|
||||
|
||||
// Implementation of podman-login.
|
||||
|
@ -62,7 +64,8 @@ func login(cmd *cobra.Command, args []string) error {
|
|||
AuthFilePath: loginOptions.AuthFile,
|
||||
DockerCertPath: loginOptions.CertDir,
|
||||
DockerInsecureSkipTLSVerify: skipTLS,
|
||||
SystemRegistriesConfPath: registries.SystemRegistriesConfPath(),
|
||||
}
|
||||
loginOptions.GetLoginSet = cmd.Flag("get-login").Changed
|
||||
return auth.Login(context.Background(), &sysCtx, &loginOptions.LoginOptions, args[0])
|
||||
return auth.Login(context.Background(), &sysCtx, &loginOptions.LoginOptions, args)
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ import (
|
|||
"github.com/containers/image/v5/types"
|
||||
"github.com/containers/libpod/cmd/podman/registry"
|
||||
"github.com/containers/libpod/pkg/domain/entities"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/containers/libpod/pkg/registries"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
|
@ -39,19 +39,14 @@ func init() {
|
|||
flags.AddFlagSet(auth.GetLogoutFlags(&logoutOptions))
|
||||
logoutOptions.Stdin = os.Stdin
|
||||
logoutOptions.Stdout = os.Stdout
|
||||
logoutOptions.AcceptUnspecifiedRegistry = true
|
||||
}
|
||||
|
||||
// Implementation of podman-logout.
|
||||
func logout(cmd *cobra.Command, args []string) error {
|
||||
sysCtx := types.SystemContext{AuthFilePath: logoutOptions.AuthFile}
|
||||
|
||||
registry := ""
|
||||
if len(args) > 0 {
|
||||
if logoutOptions.All {
|
||||
return errors.New("--all takes no arguments")
|
||||
}
|
||||
registry = args[0]
|
||||
sysCtx := types.SystemContext{
|
||||
AuthFilePath: logoutOptions.AuthFile,
|
||||
SystemRegistriesConfPath: registries.SystemRegistriesConfPath(),
|
||||
}
|
||||
|
||||
return auth.Logout(&sysCtx, &logoutOptions, registry)
|
||||
return auth.Logout(&sysCtx, &logoutOptions, args)
|
||||
}
|
||||
|
|
2
go.mod
2
go.mod
|
@ -10,7 +10,7 @@ require (
|
|||
github.com/containernetworking/cni v0.7.2-0.20200304161608-4fae32b84921
|
||||
github.com/containernetworking/plugins v0.8.5
|
||||
github.com/containers/buildah v1.14.9-0.20200501175434-42a48f9373d9
|
||||
github.com/containers/common v0.10.0
|
||||
github.com/containers/common v0.11.0
|
||||
github.com/containers/conmon v2.0.14+incompatible
|
||||
github.com/containers/image/v5 v5.4.3
|
||||
github.com/containers/psgo v1.5.0
|
||||
|
|
2
go.sum
2
go.sum
|
@ -72,6 +72,8 @@ github.com/containers/buildah v1.14.9-0.20200501175434-42a48f9373d9 h1:EGegltin1
|
|||
github.com/containers/buildah v1.14.9-0.20200501175434-42a48f9373d9/go.mod h1:+2aNsVcd4pVzmVAbOfWN5X+0Lpz2rtICSGXbTSCzdBU=
|
||||
github.com/containers/common v0.10.0 h1:Km1foMJJBIxceA1/UCZcIuwf8sCF71sP5DwE6Oh1BEA=
|
||||
github.com/containers/common v0.10.0/go.mod h1:6A/moCuQITXLqBe5A0WKKTcCfCmEQRbknI05HcPzOL0=
|
||||
github.com/containers/common v0.11.0 h1:uFSBIl9iqoTIv8icBe9lPrYKkmSiGrAWr0a2PyJLrO4=
|
||||
github.com/containers/common v0.11.0/go.mod h1:ag8p8Xp2o1wPAPz/+bA7LVQlDavtg3M15RZLBWt/2KE=
|
||||
github.com/containers/conmon v2.0.14+incompatible h1:knU1O1QxXy5YxtjMQVKEyCajROaehizK9FHaICl+P5Y=
|
||||
github.com/containers/conmon v2.0.14+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
|
||||
github.com/containers/image/v5 v5.4.3 h1:zn2HR7uu4hpvT5QQHgjqonOzKDuM1I1UHUEmzZT5sbs=
|
||||
|
|
|
@ -32,7 +32,6 @@ var _ = Describe("Podman login and logout", func() {
|
|||
)
|
||||
|
||||
BeforeEach(func() {
|
||||
Skip(v2fail)
|
||||
tempdir, err = CreateTempDirInTempDir()
|
||||
if err != nil {
|
||||
os.Exit(1)
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
|
||||
"github.com/containers/image/v5/docker"
|
||||
"github.com/containers/image/v5/pkg/docker/config"
|
||||
"github.com/containers/image/v5/pkg/sysregistriesv2"
|
||||
"github.com/containers/image/v5/types"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
@ -33,9 +34,27 @@ func CheckAuthFile(authfile string) error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// Login login to the server with creds from Stdin or CLI
|
||||
func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginOptions, registry string) error {
|
||||
server := getRegistryName(registry)
|
||||
// Login implements a “log in” command with the provided opts and args
|
||||
// reading the password from opts.Stdin or the options in opts.
|
||||
func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginOptions, args []string) error {
|
||||
var (
|
||||
server string
|
||||
err error
|
||||
)
|
||||
if len(args) > 1 {
|
||||
return errors.Errorf("login accepts only one registry to login to")
|
||||
}
|
||||
if len(args) == 0 {
|
||||
if !opts.AcceptUnspecifiedRegistry {
|
||||
return errors.Errorf("please provide a registry to login to")
|
||||
}
|
||||
if server, err = defaultRegistryWhenUnspecified(systemContext); err != nil {
|
||||
return err
|
||||
}
|
||||
logrus.Debugf("registry not specified, default to the first registry %q from registries.conf", server)
|
||||
} else {
|
||||
server = getRegistryName(args[0])
|
||||
}
|
||||
authConfig, err := config.GetCredentials(systemContext, server)
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "error reading auth file")
|
||||
|
@ -151,11 +170,29 @@ func getUserAndPass(opts *LoginOptions, password, userFromAuthFile string) (stri
|
|||
return strings.TrimSpace(username), password, err
|
||||
}
|
||||
|
||||
// Logout removes the authentication of server from authfile
|
||||
// removes all authtication if specifies all in the options
|
||||
func Logout(systemContext *types.SystemContext, opts *LogoutOptions, server string) error {
|
||||
if server != "" {
|
||||
server = getRegistryName(server)
|
||||
// Logout implements a “log out” command with the provided opts and args
|
||||
func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []string) error {
|
||||
var (
|
||||
server string
|
||||
err error
|
||||
)
|
||||
if len(args) > 1 {
|
||||
return errors.Errorf("logout accepts only one registry to logout from")
|
||||
}
|
||||
if len(args) == 0 && !opts.All {
|
||||
if !opts.AcceptUnspecifiedRegistry {
|
||||
return errors.Errorf("please provide a registry to logout from")
|
||||
}
|
||||
if server, err = defaultRegistryWhenUnspecified(systemContext); err != nil {
|
||||
return err
|
||||
}
|
||||
logrus.Debugf("registry not specified, default to the first registry %q from registries.conf", server)
|
||||
}
|
||||
if len(args) != 0 {
|
||||
if opts.All {
|
||||
return errors.Errorf("--all takes no arguments")
|
||||
}
|
||||
server = getRegistryName(args[0])
|
||||
}
|
||||
if err := CheckAuthFile(opts.AuthFile); err != nil {
|
||||
return err
|
||||
|
@ -169,7 +206,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, server stri
|
|||
return nil
|
||||
}
|
||||
|
||||
err := config.RemoveAuthentication(systemContext, server)
|
||||
err = config.RemoveAuthentication(systemContext, server)
|
||||
switch err {
|
||||
case nil:
|
||||
fmt.Fprintf(opts.Stdout, "Removed login credentials for %s\n", server)
|
||||
|
@ -180,3 +217,16 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, server stri
|
|||
return errors.Wrapf(err, "error logging out of %q", server)
|
||||
}
|
||||
}
|
||||
|
||||
// defaultRegistryWhenUnspecified returns first registry from search list of registry.conf
|
||||
// used by login/logout when registry argument is not specified
|
||||
func defaultRegistryWhenUnspecified(systemContext *types.SystemContext) (string, error) {
|
||||
registriesFromFile, err := sysregistriesv2.UnqualifiedSearchRegistries(systemContext)
|
||||
if err != nil {
|
||||
return "", errors.Wrapf(err, "error getting registry from registry.conf, please specify a registry")
|
||||
}
|
||||
if len(registriesFromFile) == 0 {
|
||||
return "", errors.Errorf("no registries found in registries.conf, a registry must be provided")
|
||||
}
|
||||
return registriesFromFile[0], nil
|
||||
}
|
||||
|
|
|
@ -9,22 +9,28 @@ import (
|
|||
// LoginOptions represents common flags in login
|
||||
// caller should define bool or optionalBool fields for flags --get-login and --tls-verify
|
||||
type LoginOptions struct {
|
||||
// CLI flags managed by the FlagSet returned by GetLoginFlags
|
||||
AuthFile string
|
||||
CertDir string
|
||||
GetLoginSet bool
|
||||
Password string
|
||||
Username string
|
||||
StdinPassword bool
|
||||
Stdin io.Reader
|
||||
Stdout io.Writer
|
||||
// Options caller can set
|
||||
GetLoginSet bool // set to true if --get-login is explicitly set
|
||||
Stdin io.Reader // set to os.Stdin
|
||||
Stdout io.Writer // set to os.Stdout
|
||||
AcceptUnspecifiedRegistry bool // set to true if allows login with unspecified registry
|
||||
}
|
||||
|
||||
// LogoutOptions represents the results for flags in logout
|
||||
type LogoutOptions struct {
|
||||
// CLI flags managed by the FlagSet returned by GetLogoutFlags
|
||||
AuthFile string
|
||||
All bool
|
||||
Stdin io.Reader
|
||||
Stdout io.Writer
|
||||
// Options caller can set
|
||||
Stdin io.Reader // set to os.Stdin
|
||||
Stdout io.Writer // set to os.Stdout
|
||||
AcceptUnspecifiedRegistry bool // set to true if allows logout with unspecified registry
|
||||
}
|
||||
|
||||
// GetLoginFlags defines and returns login flags for containers tools
|
||||
|
|
|
@ -105,6 +105,9 @@ const (
|
|||
DefaultPidsLimit = 2048
|
||||
// DefaultPullPolicy pulls the image if it does not exist locally
|
||||
DefaultPullPolicy = "missing"
|
||||
// DefaultSignaturePolicyPath is the default value for the
|
||||
// policy.json file.
|
||||
DefaultSignaturePolicyPath = "/etc/containers/policy.json"
|
||||
// DefaultRootlessSignaturePolicyPath is the default value for the
|
||||
// rootless policy.json file.
|
||||
DefaultRootlessSignaturePolicyPath = ".config/containers/policy.json"
|
||||
|
@ -129,14 +132,19 @@ func DefaultConfig() (*Config, error) {
|
|||
}
|
||||
|
||||
netns := "bridge"
|
||||
|
||||
defaultEngineConfig.SignaturePolicyPath = DefaultSignaturePolicyPath
|
||||
if unshare.IsRootless() {
|
||||
home, err := unshare.HomeDir()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
sigPath := filepath.Join(home, DefaultRootlessSignaturePolicyPath)
|
||||
if _, err := os.Stat(sigPath); err == nil {
|
||||
defaultEngineConfig.SignaturePolicyPath = sigPath
|
||||
defaultEngineConfig.SignaturePolicyPath = sigPath
|
||||
if _, err := os.Stat(sigPath); err != nil {
|
||||
if _, err := os.Stat(DefaultSignaturePolicyPath); err == nil {
|
||||
defaultEngineConfig.SignaturePolicyPath = DefaultSignaturePolicyPath
|
||||
}
|
||||
}
|
||||
netns = "slirp4netns"
|
||||
}
|
||||
|
|
|
@ -82,7 +82,7 @@ github.com/containers/buildah/pkg/secrets
|
|||
github.com/containers/buildah/pkg/supplemented
|
||||
github.com/containers/buildah/pkg/umask
|
||||
github.com/containers/buildah/util
|
||||
# github.com/containers/common v0.10.0
|
||||
# github.com/containers/common v0.11.0
|
||||
github.com/containers/common/pkg/apparmor
|
||||
github.com/containers/common/pkg/auth
|
||||
github.com/containers/common/pkg/capabilities
|
||||
|
|
Loading…
Reference in New Issue