91 lines
2.9 KiB
Go
91 lines
2.9 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"os"
|
|
|
|
"github.com/containers/common/pkg/auth"
|
|
"github.com/containers/common/pkg/completion"
|
|
"github.com/containers/image/v5/types"
|
|
"github.com/containers/podman/v3/cmd/podman/common"
|
|
"github.com/containers/podman/v3/cmd/podman/registry"
|
|
"github.com/spf13/cobra"
|
|
)
|
|
|
|
type loginOptionsWrapper struct {
|
|
auth.LoginOptions
|
|
tlsVerify bool
|
|
}
|
|
|
|
var (
|
|
loginOptions = loginOptionsWrapper{}
|
|
loginCommand = &cobra.Command{
|
|
Use: "login [options] [REGISTRY]",
|
|
Short: "Login to a container registry",
|
|
Long: "Login to a container registry on a specified server.",
|
|
RunE: login,
|
|
Args: cobra.MaximumNArgs(1),
|
|
ValidArgsFunction: common.AutocompleteRegistries,
|
|
Example: `podman login quay.io
|
|
podman login --username ... --password ... quay.io
|
|
podman login --authfile dir/auth.json quay.io`,
|
|
}
|
|
)
|
|
|
|
func init() {
|
|
// Note that the local and the remote client behave the same: both
|
|
// store credentials locally while the remote client will pass them
|
|
// over the wire to the endpoint.
|
|
registry.Commands = append(registry.Commands, registry.CliCommand{
|
|
Command: loginCommand,
|
|
})
|
|
flags := loginCommand.Flags()
|
|
|
|
// Flags from the auth package.
|
|
flags.AddFlagSet(auth.GetLoginFlags(&loginOptions.LoginOptions))
|
|
|
|
// Add flag completion
|
|
completion.CompleteCommandFlags(loginCommand, auth.GetLoginFlagsCompletions())
|
|
|
|
// Podman flags.
|
|
flags.BoolVarP(&loginOptions.tlsVerify, "tls-verify", "", false, "Require HTTPS and verify certificates when contacting registries")
|
|
loginOptions.Stdin = os.Stdin
|
|
loginOptions.Stdout = os.Stdout
|
|
loginOptions.AcceptUnspecifiedRegistry = true
|
|
}
|
|
|
|
// Implementation of podman-login.
|
|
func login(cmd *cobra.Command, args []string) error {
|
|
var skipTLS types.OptionalBool
|
|
|
|
if cmd.Flags().Changed("tls-verify") {
|
|
skipTLS = types.NewOptionalBool(!loginOptions.tlsVerify)
|
|
}
|
|
|
|
sysCtx := &types.SystemContext{
|
|
AuthFilePath: loginOptions.AuthFile,
|
|
DockerCertPath: loginOptions.CertDir,
|
|
DockerInsecureSkipTLSVerify: skipTLS,
|
|
}
|
|
setRegistriesConfPath(sysCtx)
|
|
loginOptions.GetLoginSet = cmd.Flag("get-login").Changed
|
|
return auth.Login(context.Background(), sysCtx, &loginOptions.LoginOptions, args)
|
|
}
|
|
|
|
// setRegistriesConfPath sets the registries.conf path for the specified context.
|
|
// NOTE: this is a verbatim copy from c/common/libimage which we're not using
|
|
// to prevent leaking c/storage into this file. Maybe this should go into c/image?
|
|
func setRegistriesConfPath(systemContext *types.SystemContext) {
|
|
if systemContext.SystemRegistriesConfPath != "" {
|
|
return
|
|
}
|
|
if envOverride, ok := os.LookupEnv("CONTAINERS_REGISTRIES_CONF"); ok {
|
|
systemContext.SystemRegistriesConfPath = envOverride
|
|
return
|
|
}
|
|
if envOverride, ok := os.LookupEnv("REGISTRIES_CONFIG_PATH"); ok {
|
|
systemContext.SystemRegistriesConfPath = envOverride
|
|
return
|
|
}
|
|
}
|