forked from coop-cloud/abra
fix: support registry login details
This commit is contained in:
parent
ae6adace50
commit
f3e55e5023
|
@ -540,6 +540,11 @@ func GetRecipeVersions(recipeName string) (RecipeVersions, error) {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cl, err := client.New("default") // only required for docker.io registry calls
|
||||||
|
if err != nil {
|
||||||
|
logrus.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
versionMeta := make(map[string]ServiceMeta)
|
versionMeta := make(map[string]ServiceMeta)
|
||||||
for _, service := range recipe.Config.Services {
|
for _, service := range recipe.Config.Services {
|
||||||
|
|
||||||
|
@ -564,7 +569,7 @@ func GetRecipeVersions(recipeName string) (RecipeVersions, error) {
|
||||||
|
|
||||||
logrus.Debugf("looking up image: '%s' from '%s'", img, path)
|
logrus.Debugf("looking up image: '%s' from '%s'", img, path)
|
||||||
|
|
||||||
digest, err := client.GetTagDigest(img)
|
digest, err := client.GetTagDigest(cl, img)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.Warn(err)
|
logrus.Warn(err)
|
||||||
continue
|
continue
|
||||||
|
@ -589,7 +594,7 @@ func GetRecipeVersions(recipeName string) (RecipeVersions, error) {
|
||||||
branch := "master"
|
branch := "master"
|
||||||
if _, err := repo.Branch("master"); err != nil {
|
if _, err := repo.Branch("master"); err != nil {
|
||||||
if _, err := repo.Branch("main"); err != nil {
|
if _, err := repo.Branch("main"); err != nil {
|
||||||
logrus.Debugf("failed to select branch in '%s'", recipeDir)
|
logrus.Debugf("failed to select branch in %s", recipeDir)
|
||||||
logrus.Fatal(err)
|
logrus.Fatal(err)
|
||||||
}
|
}
|
||||||
branch = "main"
|
branch = "main"
|
||||||
|
@ -602,12 +607,12 @@ func GetRecipeVersions(recipeName string) (RecipeVersions, error) {
|
||||||
Branch: plumbing.ReferenceName(refName),
|
Branch: plumbing.ReferenceName(refName),
|
||||||
}
|
}
|
||||||
if err := worktree.Checkout(checkOutOpts); err != nil {
|
if err := worktree.Checkout(checkOutOpts); err != nil {
|
||||||
logrus.Debugf("failed to check out '%s' in '%s'", branch, recipeDir)
|
logrus.Debugf("failed to check out %s in %s", branch, recipeDir)
|
||||||
logrus.Fatal(err)
|
logrus.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
logrus.Debugf("switched back to '%s' in '%s'", branch, recipeDir)
|
logrus.Debugf("switched back to %s in %s", branch, recipeDir)
|
||||||
logrus.Debugf("collected '%s' for '%s'", versions, recipeName)
|
logrus.Debugf("collected %s for %s", versions, recipeName)
|
||||||
|
|
||||||
return versions, nil
|
return versions, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,11 +5,14 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"coopcloud.tech/abra/pkg/web"
|
"coopcloud.tech/abra/pkg/web"
|
||||||
"github.com/docker/distribution/reference"
|
"github.com/docker/distribution/reference"
|
||||||
|
"github.com/docker/docker/client"
|
||||||
"github.com/hashicorp/go-retryablehttp"
|
"github.com/hashicorp/go-retryablehttp"
|
||||||
|
"github.com/sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
|
||||||
type RawTag struct {
|
type RawTag struct {
|
||||||
|
@ -33,10 +36,20 @@ func GetRegistryTags(image string) (RawTags, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// getRegv2Token retrieves a registry v2 authentication token.
|
// getRegv2Token retrieves a registry v2 authentication token.
|
||||||
func getRegv2Token(image reference.Named) (string, error) {
|
func getRegv2Token(cl *client.Client, image reference.Named) (string, error) {
|
||||||
img := reference.Path(image)
|
img := reference.Path(image)
|
||||||
authTokenURL := fmt.Sprintf("https://auth.docker.io/token?service=registry.docker.io&scope=repository:%s:pull", img)
|
tokenURL := "https://auth.docker.io/token"
|
||||||
req, err := retryablehttp.NewRequest("GET", authTokenURL, nil)
|
values := fmt.Sprintf("service=registry.docker.io&scope=repository:%s:pull", img)
|
||||||
|
|
||||||
|
username, userOk := os.LookupEnv("DOCKER_USERNAME")
|
||||||
|
password, passOk := os.LookupEnv("DOCKER_PASSWORD")
|
||||||
|
if userOk && passOk {
|
||||||
|
logrus.Debugf("using docker log in credentials for registry token request")
|
||||||
|
values = fmt.Sprintf("%s&grant_type=password&client_id=coopcloud.tech&username=%s&password=%s", values, username, password)
|
||||||
|
}
|
||||||
|
|
||||||
|
fullURL := fmt.Sprintf("%s?%s", tokenURL, values)
|
||||||
|
req, err := retryablehttp.NewRequest("GET", fullURL, nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
@ -61,9 +74,10 @@ func getRegv2Token(image reference.Named) (string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
tokenRes := struct {
|
tokenRes := struct {
|
||||||
Token string
|
AccessToken string `json:"access_token"`
|
||||||
Expiry string
|
Expiry int `json:"expires_in"`
|
||||||
Issued string
|
Issued string `json:"issued_at"`
|
||||||
|
Token string `json:"token"`
|
||||||
}{}
|
}{}
|
||||||
|
|
||||||
if err := json.Unmarshal(body, &tokenRes); err != nil {
|
if err := json.Unmarshal(body, &tokenRes); err != nil {
|
||||||
|
@ -74,7 +88,7 @@ func getRegv2Token(image reference.Named) (string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetTagDigest retrieves an image digest from a v2 registry
|
// GetTagDigest retrieves an image digest from a v2 registry
|
||||||
func GetTagDigest(image reference.Named) (string, error) {
|
func GetTagDigest(cl *client.Client, image reference.Named) (string, error) {
|
||||||
img := reference.Path(image)
|
img := reference.Path(image)
|
||||||
tag := image.(reference.NamedTagged).Tag()
|
tag := image.(reference.NamedTagged).Tag()
|
||||||
manifestURL := fmt.Sprintf("https://index.docker.io/v2/%s/manifests/%s", img, tag)
|
manifestURL := fmt.Sprintf("https://index.docker.io/v2/%s/manifests/%s", img, tag)
|
||||||
|
@ -84,11 +98,15 @@ func GetTagDigest(image reference.Named) (string, error) {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
token, err := getRegv2Token(image)
|
token, err := getRegv2Token(cl, image)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if token == "" {
|
||||||
|
logrus.Fatal("unable to retrieve registry token?")
|
||||||
|
}
|
||||||
|
|
||||||
req.Header = http.Header{
|
req.Header = http.Header{
|
||||||
"Accept": []string{
|
"Accept": []string{
|
||||||
"application/vnd.docker.distribution.manifest.v2+json",
|
"application/vnd.docker.distribution.manifest.v2+json",
|
||||||
|
|
Loading…
Reference in New Issue