mirror of
https://github.com/drone-plugins/drone-docker.git
synced 2026-06-13 10:41:32 +08:00
add only docker registry auths to docker config
This commit is contained in:
Aishwarya Lad
@@ -27,9 +27,6 @@ type Config struct {
|
||||
WorkloadIdentity bool
|
||||
Username string
|
||||
AccessToken string
|
||||
BaseImageRegistry string // Docker registry to pull base image
|
||||
BaseImageUsername string // Docker registry username to pull base image
|
||||
BaseImagePassword string // Docker registry password to pull base image
|
||||
}
|
||||
|
||||
type staticTokenSource struct {
|
||||
@@ -103,22 +100,18 @@ func main() {
|
||||
os.Setenv("DOCKER_USERNAME", config.Username)
|
||||
os.Setenv("DOCKER_PASSWORD", config.Password)
|
||||
}
|
||||
//data, err := ioutil.ReadFile("/.docker/config.json")
|
||||
fmt.Println(" Aishwarya config.json is 1.." )
|
||||
|
||||
os.Setenv("PLUGIN_REPO", config.Repo)
|
||||
os.Setenv("PLUGIN_REGISTRY", config.Registry)
|
||||
|
||||
// invoke the base docker plugin binary
|
||||
cmd := exec.Command(docker.GetDroneDockerExecCmd())
|
||||
fmt.Println(" Aishwarya config.json is 2.." )
|
||||
cmd.Stdout = os.Stdout
|
||||
cmd.Stderr = os.Stderr
|
||||
err := cmd.Run()
|
||||
if err != nil {
|
||||
logrus.Fatal(err)
|
||||
}
|
||||
fmt.Println(" Aishwarya config.json is 4.." )
|
||||
}
|
||||
|
||||
func getOauthToken(data []byte) (s string) {
|
||||
|
||||
@@ -2,7 +2,6 @@ package docker
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
@@ -13,7 +12,6 @@ import (
|
||||
"github.com/drone-plugins/drone-docker/internal/docker"
|
||||
"github.com/drone-plugins/drone-plugin-lib/drone"
|
||||
"github.com/pkg/errors"
|
||||
|
||||
)
|
||||
|
||||
type (
|
||||
@@ -172,12 +170,10 @@ func (p Plugin) Exec() error {
|
||||
}
|
||||
defer file.Close()
|
||||
}
|
||||
log.Printf("p.Login.Config .... %s", p.Login.Config)
|
||||
// add docker credentials to the existing config file, else create new
|
||||
if p.Login.Password != "" && p.BaseImagePassword != "" {
|
||||
// add base image docker credentials to the existing config file, else create new
|
||||
if p.BaseImagePassword != "" {
|
||||
json, err := setDockerAuth(p.Login.Username, p.Login.Password, p.Login.Registry,
|
||||
p.BaseImageUsername, p.BaseImagePassword, p.BaseImageRegistry)
|
||||
fmt.Println("json after set Auth: %s", json)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "Failed to set authentication in docker config")
|
||||
}
|
||||
@@ -194,8 +190,6 @@ func (p Plugin) Exec() error {
|
||||
}
|
||||
}
|
||||
}
|
||||
fmt.Println("json after set Auth: %s", json)
|
||||
|
||||
|
||||
// login to the Docker registry
|
||||
if p.Login.Password != "" {
|
||||
@@ -309,16 +303,19 @@ func (p Plugin) Exec() error {
|
||||
|
||||
// helper function to set the credentials
|
||||
func setDockerAuth(username, password, registry, baseImageUsername,
|
||||
baseImagePassword, baseImageRegistry string) ([]byte, error) {
|
||||
dockerConfig := docker.NewConfig()
|
||||
pushToRegistryCreds := docker.RegistryCredentials{
|
||||
Registry: registry,
|
||||
Username: username,
|
||||
Password: password,
|
||||
baseImagePassword, baseImageRegistry string) ([]byte, error) {
|
||||
var credentials []docker.RegistryCredentials
|
||||
// add only docker registry to the config
|
||||
if password != "" && strings.Contains(registry, "docker") {
|
||||
dockerConfig := docker.NewConfig()
|
||||
pushToRegistryCreds := docker.RegistryCredentials{
|
||||
Registry: registry,
|
||||
Username: username,
|
||||
Password: password,
|
||||
}
|
||||
// push registry auth
|
||||
credentials := append(credentials, pushToRegistryCreds)
|
||||
}
|
||||
// push registry auth
|
||||
//credentials := []docker.RegistryCredentials{pushToRegistryCreds}
|
||||
credentials := []docker.RegistryCredentials{}
|
||||
|
||||
if baseImageRegistry != "" {
|
||||
pullFromRegistryCreds := docker.RegistryCredentials{
|
||||
@@ -567,7 +564,6 @@ func commandPush(build Build, tag string) *exec.Cmd {
|
||||
|
||||
// helper function to create the docker daemon command.
|
||||
func commandDaemon(daemon Daemon) *exec.Cmd {
|
||||
fmt.Println(" Aishwarya config.json is 5.." )
|
||||
args := []string{
|
||||
"--data-root", daemon.StoragePath,
|
||||
"--host=unix:///var/run/docker.sock",
|
||||
@@ -649,8 +645,6 @@ func trace(cmd *exec.Cmd) {
|
||||
}
|
||||
|
||||
func GetDroneDockerExecCmd() string {
|
||||
fmt.Println(" Aishwarya config.json is 3.." )
|
||||
|
||||
if runtime.GOOS == "windows" {
|
||||
return "C:/bin/drone-docker.exe"
|
||||
}
|
||||
|
||||
@@ -5,7 +5,6 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
@@ -54,7 +53,7 @@ func (c *Config) SetCredHelper(registry, helper string) {
|
||||
|
||||
func (c *Config) CreateDockerConfigJson(credentials []RegistryCredentials) ([]byte, error) {
|
||||
for _, cred := range credentials {
|
||||
if cred.Registry != "" {
|
||||
if cred.Registry != "" && strings.Contains(cred.Registry, "docker") {
|
||||
|
||||
if cred.Username == "" {
|
||||
return nil, fmt.Errorf("Username must be specified for registry: %s", cred.Registry)
|
||||
@@ -67,7 +66,6 @@ func (c *Config) CreateDockerConfigJson(credentials []RegistryCredentials) ([]by
|
||||
}
|
||||
|
||||
jsonBytes, err := json.Marshal(c)
|
||||
log.Printf("jsonBytes config : %s", jsonBytes)
|
||||
if err != nil {
|
||||
return nil, errors.Wrap(err, "failed to serialize docker config json")
|
||||
}
|
||||
|
||||
@@ -0,0 +1,64 @@
|
||||
package docker
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
const (
|
||||
RegistryV1 string = "https://index.docker.io/v1/"
|
||||
RegistryV2 string = "https://index.docker.io/v2/"
|
||||
RegistryECRPublic string = "public.ecr.aws"
|
||||
)
|
||||
|
||||
func TestConfig(t *testing.T) {
|
||||
c := NewConfig()
|
||||
assert.NotNil(t, c.Auths)
|
||||
assert.NotNil(t, c.CredHelpers)
|
||||
|
||||
c.SetAuth(RegistryV1, "test", "password")
|
||||
expectedAuth := Auth{Auth: "dGVzdDpwYXNzd29yZA=="}
|
||||
assert.Equal(t, expectedAuth, c.Auths[RegistryV1])
|
||||
|
||||
c.SetCredHelper(RegistryECRPublic, "ecr-login")
|
||||
assert.Equal(t, "ecr-login", c.CredHelpers[RegistryECRPublic])
|
||||
|
||||
tempDir, err := ioutil.TempDir("", "docker-config-test")
|
||||
assert.NoError(t, err)
|
||||
defer os.RemoveAll(tempDir)
|
||||
|
||||
credentials := []RegistryCredentials{
|
||||
{
|
||||
Registry: "https://index.docker.io/v1/",
|
||||
Username: "user1",
|
||||
Password: "pass1",
|
||||
},
|
||||
{
|
||||
Registry: "gcr.io",
|
||||
Username: "user2",
|
||||
Password: "pass2",
|
||||
},
|
||||
}
|
||||
|
||||
jsonBytes, err := c.CreateDockerConfigJson(credentials)
|
||||
assert.NoError(t, err)
|
||||
|
||||
configPath := filepath.Join(tempDir, "config.json")
|
||||
err = ioutil.WriteFile(configPath, jsonBytes, 0644)
|
||||
assert.NoError(t, err)
|
||||
|
||||
data, err := ioutil.ReadFile(configPath)
|
||||
assert.NoError(t, err)
|
||||
|
||||
var configFromFile Config
|
||||
err = json.Unmarshal(data, &configFromFile)
|
||||
assert.NoError(t, err)
|
||||
|
||||
assert.Equal(t, c.Auths, configFromFile.Auths)
|
||||
assert.Equal(t, c.CredHelpers, configFromFile.CredHelpers)
|
||||
}
|
||||
Reference in New Issue
Block a user