diff --git a/cli/command/image/pull.go b/cli/command/image/pull.go index b10558459..16616861b 100644 --- a/cli/command/image/pull.go +++ b/cli/command/image/pull.go @@ -70,7 +70,7 @@ func runPull(ctx context.Context, dockerCLI command.Cli, opts pullOptions) error } } - imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, AuthResolver(dockerCLI), distributionRef.String()) + imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(dockerCLI), distributionRef.String()) if err != nil { return err } diff --git a/cli/command/image/trust.go b/cli/command/image/trust.go index 460bac721..82902db32 100644 --- a/cli/command/image/trust.go +++ b/cli/command/image/trust.go @@ -8,6 +8,7 @@ import ( "github.com/distribution/reference" "github.com/docker/cli/cli/command" + "github.com/docker/cli/cli/config" "github.com/docker/cli/cli/streams" "github.com/docker/cli/cli/trust" "github.com/docker/cli/internal/jsonstream" @@ -68,7 +69,7 @@ func trustedPull(ctx context.Context, cli command.Cli, imgRefAndAuth trust.Image if err != nil { return err } - updatedImgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, AuthResolver(cli), trustedRef.String()) + updatedImgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(cli), trustedRef.String()) if err != nil { return err } @@ -172,7 +173,7 @@ func imagePullPrivileged(ctx context.Context, cli command.Cli, imgRefAndAuth tru // TrustedReference returns the canonical trusted reference for an image reference func TrustedReference(ctx context.Context, cli command.Cli, ref reference.NamedTagged) (reference.Canonical, error) { - imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, AuthResolver(cli), ref.String()) + imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(cli), ref.String()) if err != nil { return nil, err } @@ -210,9 +211,16 @@ func convertTarget(t client.Target) (target, error) { }, nil } -// AuthResolver returns an auth resolver function from a command.Cli -func AuthResolver(cli command.Cli) func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig { +// AuthResolver returns an auth resolver function from a [config.Provider]. +// +// Deprecated: this function was only used internally and will be removed in the next release. +func AuthResolver(dockerCLI config.Provider) func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig { + return authResolver(dockerCLI) +} + +// authResolver returns an auth resolver function from a [config.Provider]. +func authResolver(dockerCLI config.Provider) func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig { return func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig { - return command.ResolveAuthConfig(cli.ConfigFile(), index) + return command.ResolveAuthConfig(dockerCLI.ConfigFile(), index) } } diff --git a/cli/command/trust/common.go b/cli/command/trust/common.go index 7d1d50e29..615051774 100644 --- a/cli/command/trust/common.go +++ b/cli/command/trust/common.go @@ -8,9 +8,10 @@ import ( "strings" "github.com/docker/cli/cli/command" - "github.com/docker/cli/cli/command/image" + "github.com/docker/cli/cli/config" "github.com/docker/cli/cli/trust" "github.com/fvbommel/sortorder" + registrytypes "github.com/moby/moby/api/types/registry" "github.com/sirupsen/logrus" "github.com/theupdateframework/notary" "github.com/theupdateframework/notary/client" @@ -66,7 +67,7 @@ func newNotaryClient(cli command.Streams, imgRefAndAuth trust.ImageRefAndAuth, a // lookupTrustInfo returns processed signature and role information about a notary repository. // This information is to be pretty printed or serialized into a machine-readable format. func lookupTrustInfo(ctx context.Context, cli command.Cli, remote string) ([]trustTagRow, []client.RoleWithSignatures, []data.Role, error) { - imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(cli), remote) + imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(cli), remote) if err != nil { return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, err } @@ -167,3 +168,10 @@ func matchReleasedSignatures(allTargets []client.TargetSignedStruct) []trustTagR }) return signatureRows } + +// authResolver returns an auth resolver function from a [config.Provider]. +func authResolver(dockerCLI config.Provider) func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig { + return func(ctx context.Context, index *registrytypes.IndexInfo) registrytypes.AuthConfig { + return command.ResolveAuthConfig(dockerCLI.ConfigFile(), index) + } +} diff --git a/cli/command/trust/revoke.go b/cli/command/trust/revoke.go index b2e4ad20a..e9e327ec0 100644 --- a/cli/command/trust/revoke.go +++ b/cli/command/trust/revoke.go @@ -7,7 +7,6 @@ import ( "github.com/docker/cli/cli" "github.com/docker/cli/cli/command" - "github.com/docker/cli/cli/command/image" "github.com/docker/cli/cli/trust" "github.com/docker/cli/internal/prompt" "github.com/spf13/cobra" @@ -35,7 +34,7 @@ func newRevokeCommand(dockerCLI command.Cli) *cobra.Command { } func revokeTrust(ctx context.Context, dockerCLI command.Cli, remote string, options revokeOptions) error { - imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(dockerCLI), remote) + imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(dockerCLI), remote) if err != nil { return err } diff --git a/cli/command/trust/sign.go b/cli/command/trust/sign.go index 755794484..540ee1e63 100644 --- a/cli/command/trust/sign.go +++ b/cli/command/trust/sign.go @@ -12,7 +12,6 @@ import ( "github.com/distribution/reference" "github.com/docker/cli/cli" "github.com/docker/cli/cli/command" - "github.com/docker/cli/cli/command/image" "github.com/docker/cli/cli/trust" imagetypes "github.com/moby/moby/api/types/image" registrytypes "github.com/moby/moby/api/types/registry" @@ -45,7 +44,7 @@ func newSignCommand(dockerCLI command.Cli) *cobra.Command { func runSignImage(ctx context.Context, dockerCLI command.Cli, options signOptions) error { imageName := options.imageName - imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(dockerCLI), imageName) + imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(dockerCLI), imageName) if err != nil { return err } diff --git a/cli/command/trust/signer_add.go b/cli/command/trust/signer_add.go index 35d14fb4b..7d708bc60 100644 --- a/cli/command/trust/signer_add.go +++ b/cli/command/trust/signer_add.go @@ -11,7 +11,6 @@ import ( "github.com/docker/cli/cli" "github.com/docker/cli/cli/command" - "github.com/docker/cli/cli/command/image" "github.com/docker/cli/cli/trust" "github.com/docker/cli/internal/lazyregexp" "github.com/docker/cli/opts" @@ -80,7 +79,7 @@ func addSigner(ctx context.Context, dockerCLI command.Cli, options signerAddOpti } func addSignerToRepo(ctx context.Context, dockerCLI command.Cli, signerName string, repoName string, signerPubKeys []data.PublicKey) error { - imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(dockerCLI), repoName) + imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(dockerCLI), repoName) if err != nil { return err } diff --git a/cli/command/trust/signer_remove.go b/cli/command/trust/signer_remove.go index 90659a53a..9f0c6736a 100644 --- a/cli/command/trust/signer_remove.go +++ b/cli/command/trust/signer_remove.go @@ -8,7 +8,6 @@ import ( "github.com/docker/cli/cli" "github.com/docker/cli/cli/command" - "github.com/docker/cli/cli/command/image" "github.com/docker/cli/cli/trust" "github.com/docker/cli/internal/prompt" "github.com/spf13/cobra" @@ -91,7 +90,7 @@ func maybePromptForSignerRemoval(ctx context.Context, dockerCLI command.Cli, rep // removeSingleSigner attempts to remove a single signer and returns whether signer removal happened. // The signer not being removed doesn't necessarily raise an error e.g. user choosing "No" when prompted for confirmation. func removeSingleSigner(ctx context.Context, dockerCLI command.Cli, repoName, signerName string, forceYes bool) (bool, error) { - imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(dockerCLI), repoName) + imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, authResolver(dockerCLI), repoName) if err != nil { return false, err }