From 0356183170ed0965831efd0bc20b6c6c177e34ca Mon Sep 17 00:00:00 2001 From: Morten Linderud Date: Wed, 7 Apr 2021 16:02:58 +0200 Subject: [PATCH 1/2] pkg/auth: Ensure DOCKER_CONFIG refers to config.json `REGISTRY_AUTH_FILE` expects a complete path to the authentication file, however `DOCKER_CONFIG` only refers to a configuration directory. The function would only return the directory itself and cause confusing errors when passed onwards to `container/image`. $ DOCKER_CONFIG="/home/fox/.config/docker" podman pull docker.io/alpine Trying to pull docker.io/library/alpine:latest... read /home/fox/.config/docker: is a directory [...] $ DOCKER_CONFIG="/home/fox/.config/docker/config.json" podman pull docker.io/alpine Trying to pull docker.io/library/alpine:latest... open /home/fox/.config/docker/config.json/config.json: not a directory [...] Signed-off-by: Morten Linderud --- common/pkg/auth/auth.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/common/pkg/auth/auth.go b/common/pkg/auth/auth.go index 222924f974..10039473a8 100644 --- a/common/pkg/auth/auth.go +++ b/common/pkg/auth/auth.go @@ -5,6 +5,7 @@ import ( "context" "fmt" "os" + "path/filepath" "strings" "github.com/containers/image/v5/docker" @@ -20,11 +21,13 @@ import ( // --authfile path used in multiple --authfile flag definitions // Will fail over to DOCKER_CONFIG if REGISTRY_AUTH_FILE environment is not set func GetDefaultAuthFile() string { - authfile := os.Getenv("REGISTRY_AUTH_FILE") - if authfile == "" { - authfile = os.Getenv("DOCKER_CONFIG") + if authfile := os.Getenv("REGISTRY_AUTH_FILE"); authfile != "" { + return authfile } - return authfile + if auth_env := os.Getenv("DOCKER_CONFIG"); auth_env != "" { + return filepath.Join(auth_env, "config.json") + } + return "" } // CheckAuthFile validates filepath given by --authfile From 783a6c15512dbbb43f1a463c98e1489639b8e41c Mon Sep 17 00:00:00 2001 From: Morten Linderud Date: Wed, 7 Apr 2021 16:19:39 +0200 Subject: [PATCH 2/2] pkg/auth_test: Fixup tests to assume DOCKER_CONFIG is a directory Signed-off-by: Morten Linderud --- common/pkg/auth/auth_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/pkg/auth/auth_test.go b/common/pkg/auth/auth_test.go index 29808369b9..c0372aaa91 100644 --- a/common/pkg/auth/auth_test.go +++ b/common/pkg/auth/auth_test.go @@ -14,7 +14,7 @@ var _ = Describe("Config", func() { It("validate GetDefaultAuthFile", func() { // Given oldDockerConf, envDockerSet := os.LookupEnv("DOCKER_CONFIG") - os.Setenv("DOCKER_CONFIG", "/tmp/docker.file") + os.Setenv("DOCKER_CONFIG", "/tmp") oldConf, envSet := os.LookupEnv("REGISTRY_AUTH_FILE") os.Setenv("REGISTRY_AUTH_FILE", "/tmp/registry.file") // When // When @@ -26,7 +26,7 @@ var _ = Describe("Config", func() { // Fall back to DOCKER_CONFIG authFile = GetDefaultAuthFile() // Then - gomega.Expect(authFile).To(gomega.BeEquivalentTo("/tmp/docker.file")) + gomega.Expect(authFile).To(gomega.BeEquivalentTo("/tmp/config.json")) os.Unsetenv("DOCKER_CONFIG") // Fall back to DOCKER_CONFIG