Merge pull request #18618 from dnephin/refactor_resolve_auth_config

Refactor ResolveAuthConfig to remove the builder dependency on cli code
2022-11-09 12:21:53 -05:00 · 2015-12-14 15:23:36 +01:00 · 2015-12-14 15:23:36 +01:00 · 5e0283effa
commit 5e0283effa
parent f8bc4ed573 920ea13516
8 changed files with 25 additions and 52 deletions
--- a/api/client/pull.go
+++ b/api/client/pull.go
@ -65,7 +65,7 @@ func (cli *DockerCli) CmdPull(args ...string) error {
 		return err
 	}

-	authConfig := registry.ResolveAuthConfig(cli.configFile, repoInfo.Index)
+	authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, repoInfo.Index)
 	requestPrivilege := cli.registryAuthenticationPrivilegedFunc(repoInfo.Index, "pull")

 	if isTrusted() && !ref.HasDigest() {
--- a/api/client/push.go
+++ b/api/client/push.go
@ -44,7 +44,7 @@ func (cli *DockerCli) CmdPush(args ...string) error {
 		return err
 	}
 	// Resolve the Auth config relevant for this server
-	authConfig := registry.ResolveAuthConfig(cli.configFile, repoInfo.Index)
+	authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, repoInfo.Index)
 	// If we're not using a custom registry, we know the restrictions
 	// applied to repository names and can warn the user in advance.
 	// Custom repositories can have different rules, and we must also
--- a/api/client/search.go
+++ b/api/client/search.go
@ -35,7 +35,7 @@ func (cli *DockerCli) CmdSearch(args ...string) error {
 		return err
 	}

-	authConfig := registry.ResolveAuthConfig(cli.configFile, indexInfo)
+	authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, indexInfo)
 	requestPrivilege := cli.registryAuthenticationPrivilegedFunc(indexInfo, "search")

 	encodedAuth, err := authConfig.EncodeToBase64()
--- a/api/client/trust.go
+++ b/api/client/trust.go
@ -229,7 +229,7 @@ func (cli *DockerCli) trustedReference(ref reference.NamedTagged) (reference.Can
 	}

 	// Resolve the Auth config relevant for this server
-	authConfig := registry.ResolveAuthConfig(cli.configFile, repoInfo.Index)
+	authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, repoInfo.Index)

 	notaryRepo, err := cli.getNotaryRepository(repoInfo, authConfig)
 	if err != nil {
--- a/api/client/utils.go
+++ b/api/client/utils.go
@ -16,7 +16,7 @@ import (
 )

 func (cli *DockerCli) encodeRegistryAuth(index *registry.IndexInfo) (string, error) {
-	authConfig := registry.ResolveAuthConfig(cli.configFile, index)
+	authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, index)
 	return authConfig.EncodeToBase64()
 }

--- a/daemon/daemonbuilder/builder.go
+++ b/daemon/daemonbuilder/builder.go
@ -67,7 +67,7 @@ func (d Docker) Pull(name string) (*image.Image, error) {
 		}

 		resolvedConfig := registry.ResolveAuthConfig(
-			&cliconfig.ConfigFile{AuthConfigs: d.AuthConfigs},
+			d.AuthConfigs,
 			repoInfo.Index,
 		)
 		pullRegistryAuth = &resolvedConfig
--- a/registry/auth.go
+++ b/registry/auth.go
@ -221,10 +221,10 @@ func tryV2TokenAuthLogin(authConfig *cliconfig.AuthConfig, params map[string]str
 }

 // ResolveAuthConfig matches an auth configuration to a server address or a URL
-func ResolveAuthConfig(config *cliconfig.ConfigFile, index *IndexInfo) cliconfig.AuthConfig {
+func ResolveAuthConfig(authConfigs map[string]cliconfig.AuthConfig, index *IndexInfo) cliconfig.AuthConfig {
 	configKey := index.GetAuthConfigKey()
 	// First try the happy case
-	if c, found := config.AuthConfigs[configKey]; found || index.Official {
+	if c, found := authConfigs[configKey]; found || index.Official {
 		return c
 	}

@ -243,7 +243,7 @@ func ResolveAuthConfig(config *cliconfig.ConfigFile, index *IndexInfo) cliconfig

 	// Maybe they have a legacy config file, we will iterate the keys converting
 	// them to the new format and testing
-	for registry, ac := range config.AuthConfigs {
+	for registry, ac := range authConfigs {
 		if configKey == convertToHostname(registry) {
 			return ac
 		}
--- a/registry/auth_test.go
+++ b/registry/auth_test.go
@ -1,9 +1,6 @@
 package registry

 import (
-	"io/ioutil"
-	"os"
-	"path/filepath"
 	"testing"

 	"github.com/docker/docker/cliconfig"
@ -29,38 +26,23 @@ func TestEncodeAuth(t *testing.T) {
 	}
 }

-func setupTempConfigFile() (*cliconfig.ConfigFile, error) {
-	root, err := ioutil.TempDir("", "docker-test-auth")
-	if err != nil {
-		return nil, err
-	}
-	root = filepath.Join(root, cliconfig.ConfigFileName)
-	configFile := cliconfig.NewConfigFile(root)
+func buildAuthConfigs() map[string]cliconfig.AuthConfig {
+	authConfigs := map[string]cliconfig.AuthConfig{}

 	for _, registry := range []string{"testIndex", IndexServer} {
-		configFile.AuthConfigs[registry] = cliconfig.AuthConfig{
+		authConfigs[registry] = cliconfig.AuthConfig{
 			Username: "docker-user",
 			Password: "docker-pass",
 			Email:    "docker@docker.io",
 		}
 	}

-	return configFile, nil
+	return authConfigs
 }

 func TestSameAuthDataPostSave(t *testing.T) {
-	configFile, err := setupTempConfigFile()
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer os.RemoveAll(configFile.Filename())
-
-	err = configFile.Save()
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	authConfig := configFile.AuthConfigs["testIndex"]
+	authConfigs := buildAuthConfigs()
+	authConfig := authConfigs["testIndex"]
 	if authConfig.Username != "docker-user" {
 		t.Fail()
 	}
@ -76,13 +58,8 @@ func TestSameAuthDataPostSave(t *testing.T) {
 }

 func TestResolveAuthConfigIndexServer(t *testing.T) {
-	configFile, err := setupTempConfigFile()
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer os.RemoveAll(configFile.Filename())
-
-	indexConfig := configFile.AuthConfigs[IndexServer]
+	authConfigs := buildAuthConfigs()
+	indexConfig := authConfigs[IndexServer]

 	officialIndex := &IndexInfo{
 		Official: true,
@ -91,19 +68,15 @@ func TestResolveAuthConfigIndexServer(t *testing.T) {
 		Official: false,
 	}

-	resolved := ResolveAuthConfig(configFile, officialIndex)
+	resolved := ResolveAuthConfig(authConfigs, officialIndex)
 	assertEqual(t, resolved, indexConfig, "Expected ResolveAuthConfig to return IndexServer")

-	resolved = ResolveAuthConfig(configFile, privateIndex)
+	resolved = ResolveAuthConfig(authConfigs, privateIndex)
 	assertNotEqual(t, resolved, indexConfig, "Expected ResolveAuthConfig to not return IndexServer")
 }

 func TestResolveAuthConfigFullURL(t *testing.T) {
-	configFile, err := setupTempConfigFile()
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer os.RemoveAll(configFile.Filename())
+	authConfigs := buildAuthConfigs()

 	registryAuth := cliconfig.AuthConfig{
 		Username: "foo-user",
@ -120,7 +93,7 @@ func TestResolveAuthConfigFullURL(t *testing.T) {
 		Password: "baz-pass",
 		Email:    "baz@example.com",
 	}
-	configFile.AuthConfigs[IndexServer] = officialAuth
+	authConfigs[IndexServer] = officialAuth

 	expectedAuths := map[string]cliconfig.AuthConfig{
 		"registry.example.com": registryAuth,
@ -158,13 +131,13 @@ func TestResolveAuthConfigFullURL(t *testing.T) {
 			Name: configKey,
 		}
 		for _, registry := range registries {
-			configFile.AuthConfigs[registry] = configured
-			resolved := ResolveAuthConfig(configFile, index)
+			authConfigs[registry] = configured
+			resolved := ResolveAuthConfig(authConfigs, index)
 			if resolved.Email != configured.Email {
 				t.Errorf("%s -> %q != %q\n", registry, resolved.Email, configured.Email)
 			}
-			delete(configFile.AuthConfigs, registry)
-			resolved = ResolveAuthConfig(configFile, index)
+			delete(authConfigs, registry)
+			resolved = ResolveAuthConfig(authConfigs, index)
 			if resolved.Email == configured.Email {
 				t.Errorf("%s -> %q == %q\n", registry, resolved.Email, configured.Email)
 			}