third/plugin-drone-kaniko-ecr
1
0
Fork 0
mirror of https://github.com/drone/drone-kaniko.git synced 2026-06-04 18:23:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

Support pull with creds when no-push is enabled

Browse Source
This commit is contained in:
Ompragash Viswanathan
2025-03-06 01:19:42 +05:30
parent e56198f84c
commit 2e40bf66ff
1 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/kaniko-acr/main.go
+20 -17
View File
@@ -480,26 +480,29 @@ func setupAuth(tenantId, clientId, cert,
return "", fmt.Errorf("registry must be specified")
}
if noPush {
return "", nil
}
if !noPush {
// When pushing is enabled, do the full token-based authentication.
if clientId != "" {
token, publicUrl, err := getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry)
if err != nil {
return "", errors.Wrap(err, "failed to fetch ACR Token")
}
// case of client secret or cert based auth
if clientId != "" {
// only setup auth when pushing or credentials are defined
token, publicUrl, err := getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry)
if err != nil {
return "", errors.Wrap(err, "failed to fetch ACR Token")
// Set up docker config with credentials for both push and pull.
if err := setDockerAuth(username, token, registry, dockerUsername, dockerPassword, dockerRegistry); err != nil {
return "", errors.Wrap(err, "failed to create docker config")
}
return publicUrl, nil
} else {
return "", fmt.Errorf("managed authentication is not supported")
}
// setup docker config for azure registry and base image docker registry
if err := setDockerAuth(username, token, registry, dockerUsername, dockerPassword, dockerRegistry); err != nil {
return "", errors.Wrap(err, "failed to create docker config")
}
return publicUrl, nil
} else {
return "", fmt.Errorf("managed authentication is not supported")
// When no-push is enabled, we still need to set up pull credentials.
// We do not fetch a token (since we are not pushing) so we pass an empty string for push credentials.
if err := setDockerAuth(username, "", registry, dockerUsername, dockerPassword, dockerRegistry); err != nil {
return "", errors.Wrap(err, "failed to create docker config for pulling base image")
}
return "", nil
}
}