mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
Refactor ResolveAuthConfig to remove the builder dependency on cli code.
registry.ResolveAuthConfig() only needs the AuthConfigs from the ConfigFile, so this change passed just the AuthConfigs. Signed-off-by: Daniel Nephin <dnephin@gmail.com>
This commit is contained in:
parent
8d36f097cf
commit
920ea13516
8 changed files with 25 additions and 52 deletions
|
@ -65,7 +65,7 @@ func (cli *DockerCli) CmdPull(args ...string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile, repoInfo.Index)
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, repoInfo.Index)
|
||||
requestPrivilege := cli.registryAuthenticationPrivilegedFunc(repoInfo.Index, "pull")
|
||||
|
||||
if isTrusted() && !ref.HasDigest() {
|
||||
|
|
|
@ -44,7 +44,7 @@ func (cli *DockerCli) CmdPush(args ...string) error {
|
|||
return err
|
||||
}
|
||||
// Resolve the Auth config relevant for this server
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile, repoInfo.Index)
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, repoInfo.Index)
|
||||
// If we're not using a custom registry, we know the restrictions
|
||||
// applied to repository names and can warn the user in advance.
|
||||
// Custom repositories can have different rules, and we must also
|
||||
|
|
|
@ -35,7 +35,7 @@ func (cli *DockerCli) CmdSearch(args ...string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile, indexInfo)
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, indexInfo)
|
||||
requestPrivilege := cli.registryAuthenticationPrivilegedFunc(indexInfo, "search")
|
||||
|
||||
encodedAuth, err := authConfig.EncodeToBase64()
|
||||
|
|
|
@ -229,7 +229,7 @@ func (cli *DockerCli) trustedReference(ref reference.NamedTagged) (reference.Can
|
|||
}
|
||||
|
||||
// Resolve the Auth config relevant for this server
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile, repoInfo.Index)
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, repoInfo.Index)
|
||||
|
||||
notaryRepo, err := cli.getNotaryRepository(repoInfo, authConfig)
|
||||
if err != nil {
|
||||
|
|
|
@ -16,7 +16,7 @@ import (
|
|||
)
|
||||
|
||||
func (cli *DockerCli) encodeRegistryAuth(index *registry.IndexInfo) (string, error) {
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile, index)
|
||||
authConfig := registry.ResolveAuthConfig(cli.configFile.AuthConfigs, index)
|
||||
return authConfig.EncodeToBase64()
|
||||
}
|
||||
|
||||
|
|
|
@ -67,7 +67,7 @@ func (d Docker) Pull(name string) (*image.Image, error) {
|
|||
}
|
||||
|
||||
resolvedConfig := registry.ResolveAuthConfig(
|
||||
&cliconfig.ConfigFile{AuthConfigs: d.AuthConfigs},
|
||||
d.AuthConfigs,
|
||||
repoInfo.Index,
|
||||
)
|
||||
pullRegistryAuth = &resolvedConfig
|
||||
|
|
|
@ -221,10 +221,10 @@ func tryV2TokenAuthLogin(authConfig *cliconfig.AuthConfig, params map[string]str
|
|||
}
|
||||
|
||||
// ResolveAuthConfig matches an auth configuration to a server address or a URL
|
||||
func ResolveAuthConfig(config *cliconfig.ConfigFile, index *IndexInfo) cliconfig.AuthConfig {
|
||||
func ResolveAuthConfig(authConfigs map[string]cliconfig.AuthConfig, index *IndexInfo) cliconfig.AuthConfig {
|
||||
configKey := index.GetAuthConfigKey()
|
||||
// First try the happy case
|
||||
if c, found := config.AuthConfigs[configKey]; found || index.Official {
|
||||
if c, found := authConfigs[configKey]; found || index.Official {
|
||||
return c
|
||||
}
|
||||
|
||||
|
@ -243,7 +243,7 @@ func ResolveAuthConfig(config *cliconfig.ConfigFile, index *IndexInfo) cliconfig
|
|||
|
||||
// Maybe they have a legacy config file, we will iterate the keys converting
|
||||
// them to the new format and testing
|
||||
for registry, ac := range config.AuthConfigs {
|
||||
for registry, ac := range authConfigs {
|
||||
if configKey == convertToHostname(registry) {
|
||||
return ac
|
||||
}
|
||||
|
|
|
@ -1,9 +1,6 @@
|
|||
package registry
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"testing"
|
||||
|
||||
"github.com/docker/docker/cliconfig"
|
||||
|
@ -29,38 +26,23 @@ func TestEncodeAuth(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func setupTempConfigFile() (*cliconfig.ConfigFile, error) {
|
||||
root, err := ioutil.TempDir("", "docker-test-auth")
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
root = filepath.Join(root, cliconfig.ConfigFileName)
|
||||
configFile := cliconfig.NewConfigFile(root)
|
||||
func buildAuthConfigs() map[string]cliconfig.AuthConfig {
|
||||
authConfigs := map[string]cliconfig.AuthConfig{}
|
||||
|
||||
for _, registry := range []string{"testIndex", IndexServer} {
|
||||
configFile.AuthConfigs[registry] = cliconfig.AuthConfig{
|
||||
authConfigs[registry] = cliconfig.AuthConfig{
|
||||
Username: "docker-user",
|
||||
Password: "docker-pass",
|
||||
Email: "docker@docker.io",
|
||||
}
|
||||
}
|
||||
|
||||
return configFile, nil
|
||||
return authConfigs
|
||||
}
|
||||
|
||||
func TestSameAuthDataPostSave(t *testing.T) {
|
||||
configFile, err := setupTempConfigFile()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer os.RemoveAll(configFile.Filename())
|
||||
|
||||
err = configFile.Save()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
authConfig := configFile.AuthConfigs["testIndex"]
|
||||
authConfigs := buildAuthConfigs()
|
||||
authConfig := authConfigs["testIndex"]
|
||||
if authConfig.Username != "docker-user" {
|
||||
t.Fail()
|
||||
}
|
||||
|
@ -76,13 +58,8 @@ func TestSameAuthDataPostSave(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestResolveAuthConfigIndexServer(t *testing.T) {
|
||||
configFile, err := setupTempConfigFile()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer os.RemoveAll(configFile.Filename())
|
||||
|
||||
indexConfig := configFile.AuthConfigs[IndexServer]
|
||||
authConfigs := buildAuthConfigs()
|
||||
indexConfig := authConfigs[IndexServer]
|
||||
|
||||
officialIndex := &IndexInfo{
|
||||
Official: true,
|
||||
|
@ -91,19 +68,15 @@ func TestResolveAuthConfigIndexServer(t *testing.T) {
|
|||
Official: false,
|
||||
}
|
||||
|
||||
resolved := ResolveAuthConfig(configFile, officialIndex)
|
||||
resolved := ResolveAuthConfig(authConfigs, officialIndex)
|
||||
assertEqual(t, resolved, indexConfig, "Expected ResolveAuthConfig to return IndexServer")
|
||||
|
||||
resolved = ResolveAuthConfig(configFile, privateIndex)
|
||||
resolved = ResolveAuthConfig(authConfigs, privateIndex)
|
||||
assertNotEqual(t, resolved, indexConfig, "Expected ResolveAuthConfig to not return IndexServer")
|
||||
}
|
||||
|
||||
func TestResolveAuthConfigFullURL(t *testing.T) {
|
||||
configFile, err := setupTempConfigFile()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
defer os.RemoveAll(configFile.Filename())
|
||||
authConfigs := buildAuthConfigs()
|
||||
|
||||
registryAuth := cliconfig.AuthConfig{
|
||||
Username: "foo-user",
|
||||
|
@ -120,7 +93,7 @@ func TestResolveAuthConfigFullURL(t *testing.T) {
|
|||
Password: "baz-pass",
|
||||
Email: "baz@example.com",
|
||||
}
|
||||
configFile.AuthConfigs[IndexServer] = officialAuth
|
||||
authConfigs[IndexServer] = officialAuth
|
||||
|
||||
expectedAuths := map[string]cliconfig.AuthConfig{
|
||||
"registry.example.com": registryAuth,
|
||||
|
@ -158,13 +131,13 @@ func TestResolveAuthConfigFullURL(t *testing.T) {
|
|||
Name: configKey,
|
||||
}
|
||||
for _, registry := range registries {
|
||||
configFile.AuthConfigs[registry] = configured
|
||||
resolved := ResolveAuthConfig(configFile, index)
|
||||
authConfigs[registry] = configured
|
||||
resolved := ResolveAuthConfig(authConfigs, index)
|
||||
if resolved.Email != configured.Email {
|
||||
t.Errorf("%s -> %q != %q\n", registry, resolved.Email, configured.Email)
|
||||
}
|
||||
delete(configFile.AuthConfigs, registry)
|
||||
resolved = ResolveAuthConfig(configFile, index)
|
||||
delete(authConfigs, registry)
|
||||
resolved = ResolveAuthConfig(authConfigs, index)
|
||||
if resolved.Email == configured.Email {
|
||||
t.Errorf("%s -> %q == %q\n", registry, resolved.Email, configured.Email)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue