From 44725baa98785a7d866b98f3fbf2dd70ccaba348 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Thu, 10 Dec 2020 17:04:09 -0800
Subject: [PATCH] Add support for DOCKERHUB_PUBLIC_PROXY in skipping code

This allows us to inject authentication at a separate layer, thus avoiding rate limiting.
---
 cmd/bashbrew/registry.go | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/cmd/bashbrew/registry.go b/cmd/bashbrew/registry.go
index 79ae018..e35f98e 100644
--- a/cmd/bashbrew/registry.go
+++ b/cmd/bashbrew/registry.go
@@ -3,6 +3,8 @@ package main
 import (
 	"context"
 	"encoding/json"
+	"net/url"
+	"os"
 
 	"github.com/containerd/containerd/images"
 	"github.com/containerd/containerd/reference/docker"
@@ -125,5 +127,19 @@ func fetchRegistryResolveHelper(image string) (string, remotes.Resolver, error)
 		namedRef = docker.TagNameOnly(namedRef)
 		ref = namedRef
 	}
-	return ref.String(), dockerremote.NewResolver(dockerremote.ResolverOptions{}), nil
+	return ref.String(), dockerremote.NewResolver(dockerremote.ResolverOptions{
+		Host: func(host string) (string, error) {
+			if host == "docker.io" {
+				if publicProxy := os.Getenv("DOCKERHUB_PUBLIC_PROXY"); publicProxy != "" {
+					if publicProxyURL, err := url.Parse(publicProxy); err == nil {
+						// TODO Scheme (also not sure if "host:port" will be satisfactory to containerd here, but 🤷)
+						return publicProxyURL.Host, nil
+					} else {
+						return "", err
+					}
+				}
+			}
+			return host, nil
+		},
+	}), nil
 }