Refine warning for storing registry passwords

This change refines the warning message returned during docker login to only warn for unencrypted storage when the users password is being stored. If the remote registry supports identity tokens, omit the warning, since those tokens can be independently managed and revoked. Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2019-04-14 08:01:50 -07:00
parent 58ec72afca
commit 80d2496f99
1 changed files with 2 additions and 1 deletions
--- a/cli/command/registry/login.go
+++ b/cli/command/registry/login.go
@ -143,7 +143,8 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl
 	creds := dockerCli.ConfigFile().GetCredentialsStore(serverAddress)

 	store, isDefault := creds.(isFileStore)
-	if isDefault {
+	// Display a warning if we're storing the users password (not a token)
+	if isDefault && authConfig.Password != "" {
 		err = displayUnencryptedWarning(dockerCli, store.GetFilename())
 		if err != nil {
 			return err