credentialprovider

package
v0.0.0-...-35ad561 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 9, 2018 License: Apache-2.0, Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

Package credentialprovider supplies interfaces and implementations for docker registry providers to expose their authentication scheme.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetPreferredDockercfgPath

func GetPreferredDockercfgPath() string

func ReadUrl

func ReadUrl(url string, client *http.Client, header *http.Header) (body []byte, err error)

func RegisterCredentialProvider

func RegisterCredentialProvider(name string, provider DockerConfigProvider)

RegisterCredentialProvider is called by provider implementations on initialization to register themselves, like so:

func init() {
 	RegisterCredentialProvider("name", &myProvider{...})
}

func SetPreferredDockercfgPath

func SetPreferredDockercfgPath(path string)

Types

type BasicDockerKeyring

type BasicDockerKeyring struct {
	// contains filtered or unexported fields
}

BasicDockerKeyring is a trivial map-backed implementation of DockerKeyring

func (*BasicDockerKeyring) Add

func (dk *BasicDockerKeyring) Add(cfg DockerConfig)

func (*BasicDockerKeyring) Lookup

func (dk *BasicDockerKeyring) Lookup(image string) ([]docker.AuthConfiguration, bool)

Lookup implements the DockerKeyring method for fetching credentials based on image name. Multiple credentials may be returned if there are multiple potentially valid credentials available. This allows for rotation.

type CachingDockerConfigProvider

type CachingDockerConfigProvider struct {
	Provider DockerConfigProvider
	Lifetime time.Duration
	// contains filtered or unexported fields
}

CachingDockerConfigProvider implements DockerConfigProvider by composing with another DockerConfigProvider and caching the DockerConfig it provides for a pre-specified lifetime.

func (*CachingDockerConfigProvider) Enabled

func (d *CachingDockerConfigProvider) Enabled() bool

Enabled implements dockerConfigProvider

func (*CachingDockerConfigProvider) Provide

Provide implements dockerConfigProvider

type DockerConfig

type DockerConfig map[string]DockerConfigEntry

DockerConfig represents the config file used by the docker CLI. This config that represents the credentials that should be used when pulling images from specific image repositories.

func ReadDockerConfigFile

func ReadDockerConfigFile() (cfg DockerConfig, err error)

func ReadDockerConfigFileFromUrl

func ReadDockerConfigFileFromUrl(url string, client *http.Client, header *http.Header) (cfg DockerConfig, err error)

type DockerConfigEntry

type DockerConfigEntry struct {
	Username string
	Password string
	Email    string
}

func (DockerConfigEntry) MarshalJSON

func (ident DockerConfigEntry) MarshalJSON() ([]byte, error)

func (*DockerConfigEntry) UnmarshalJSON

func (ident *DockerConfigEntry) UnmarshalJSON(data []byte) error

type DockerConfigJson

type DockerConfigJson struct {
	Auths       DockerConfig      `json:"auths"`
	HttpHeaders map[string]string `json:"HttpHeaders,omitempty"`
}

DockerConfigJson represents ~/.docker/config.json file info see https://github.com/docker/docker/pull/12009

type DockerConfigProvider

type DockerConfigProvider interface {
	Enabled() bool
	Provide() DockerConfig
}

DockerConfigProvider is the interface that registered extensions implement to materialize 'dockercfg' credentials.

type DockerKeyring

type DockerKeyring interface {
	Lookup(image string) ([]docker.AuthConfiguration, bool)
}

DockerKeyring tracks a set of docker registry credentials, maintaining a reverse index across the registry endpoints. A registry endpoint is made up of a host (e.g. registry.example.com), but it may also contain a path (e.g. registry.example.com/foo) This index is important for two reasons:

  • registry endpoints may overlap, and when this happens we must find the most specific match for a given image
  • iterating a map does not yield predictable results

func MakeDockerKeyring

func MakeDockerKeyring(passedSecrets []api.Secret, defaultKeyring DockerKeyring) (DockerKeyring, error)

MakeDockerKeyring inspects the passedSecrets to see if they contain any DockerConfig secrets. If they do, then a DockerKeyring is built based on every hit and unioned with the defaultKeyring. If they do not, then the default keyring is returned

func NewDockerKeyring

func NewDockerKeyring() DockerKeyring

NewDockerKeyring creates a DockerKeyring to use for resolving credentials, which lazily draws from the set of registered credential providers.

type FakeKeyring

type FakeKeyring struct {
	// contains filtered or unexported fields
}

func (*FakeKeyring) Lookup

func (f *FakeKeyring) Lookup(image string) ([]docker.AuthConfiguration, bool)

type HttpError

type HttpError struct {
	StatusCode int
	Url        string
}

HttpError wraps a non-StatusOK error code as an error.

func (*HttpError) Error

func (he *HttpError) Error() string

Error implements error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL