dockerconfigresolver

package
v2.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 10, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrUnableToInstantiate = errors.New("unable to instantiate docker credentials store")
	ErrUnableToErase       = errors.New("unable to erase credentials")
	ErrUnableToStore       = errors.New("unable to store credentials")
	ErrUnableToRetrieve    = errors.New("unable to retrieve credentials")
)

Errors returned by the credentials store

View Source 
var (
	ErrUnparsableURL     = errors.New("unparsable registry URL")
	ErrUnsupportedScheme = errors.New("unsupported scheme in registry URL")
)

Errors returned by `Parse`

View Source 
var PushTracker = docker.NewInMemoryTracker()

Functions

func New 

func New(ctx context.Context, refHostname string, optFuncs ...Opt) (remotes.Resolver, error)

New instantiates a resolver using $DOCKER_CONFIG/config.json .

$DOCKER_CONFIG defaults to "~/.docker".

refHostname is like "docker.io".

func NewHostOptions 

func NewHostOptions(ctx context.Context, refHostname string, optFuncs ...Opt) (*dockerconfig.HostOptions, error)

NewHostOptions instantiates a HostOptions struct using $DOCKER_CONFIG/config.json .

$DOCKER_CONFIG defaults to "~/.docker".

refHostname is like "docker.io".

Types

type AuthCreds 

type AuthCreds func(string) (string, string, error)

AuthCreds is for docker.WithAuthCreds

func NewAuthCreds 

func NewAuthCreds(refHostname string) (AuthCreds, error)

NewAuthCreds returns AuthCreds that uses $DOCKER_CONFIG/config.json . AuthCreds can be nil.

type Credentials 

type Credentials = types.AuthConfig

type CredentialsStore 

type CredentialsStore struct {
	// contains filtered or unexported fields
}

CredentialsStore is an abstraction in front of docker config API manipulation exposing just the limited functions we need and hiding away url normalization / identifiers magic, and handling of backward compatibility

func NewCredentialsStore 

func NewCredentialsStore(path string) (*CredentialsStore, error)

NewCredentialsStore returns a CredentialsStore from a directory If path is left empty, the default docker `~/.docker/config.json` will be used In case the docker call fails, we wrap the error with ErrUnableToInstantiate

func (*CredentialsStore) Erase 

func (cs *CredentialsStore) Erase(registryURL *RegistryURL) (map[string]error, error)

Erase will remove any and all stored credentials for that registry namespace (including all legacy variants) If we do not find at least ONE variant matching the namespace, this will error with ErrUnableToErase

func (*CredentialsStore) FileStorageLocation 

func (cs *CredentialsStore) FileStorageLocation(registryURL *RegistryURL) string

FileStorageLocation will return the file where credentials are stored for a given registry, or the empty string if it is stored / to be stored in a different place (like an OS keychain, with docker credential helpers)

func (*CredentialsStore) Retrieve 

func (cs *CredentialsStore) Retrieve(registryURL *RegistryURL, checkCredStore bool) (*Credentials, error)

Retrieve gets existing credentials from the store for a certain registry. If none are found, an empty Credentials struct is returned. If we hard-fail reading from the store, indicative of a broken system, we wrap the error with ErrUnableToRetrieve

func (*CredentialsStore) ShellCompletion 

func (cs *CredentialsStore) ShellCompletion() []string

ShellCompletion will return candidate strings for nerdctl logout

func (*CredentialsStore) Store 

func (cs *CredentialsStore) Store(registryURL *RegistryURL, credentials *Credentials) error

Store will save credentials for a given registry On error, ErrUnableToStore

type Opt 

type Opt func(*opts)

Opt for New

func WithAuthCreds 

func WithAuthCreds(ac AuthCreds) Opt

func WithHostsDirs 

func WithHostsDirs(orig []string) Opt

WithHostsDirs specifies directories like /etc/containerd/certs.d and /etc/docker/certs.d

func WithPlainHTTP 

func WithPlainHTTP(b bool) Opt

WithPlainHTTP enables insecure plain HTTP

func WithSkipVerifyCerts 

func WithSkipVerifyCerts(b bool) Opt

WithSkipVerifyCerts skips verifying TLS certs

type RegistryURL 

type RegistryURL struct {
	url.URL
	Namespace *RegistryURL
}

RegistryURL is a struct that represents a registry namespace or host, meant specifically to deal with credentials storage and retrieval inside Docker config file.

func Parse 

func Parse(address string) (*RegistryURL, error)

Parse will return a normalized Docker Registry url from the provided string address

func (*RegistryURL) AllIdentifiers 

func (rn *RegistryURL) AllIdentifiers() []string

AllIdentifiers returns a list of identifiers that may have been used to save credentials, accounting for legacy formats including scheme, with and without ports

func (*RegistryURL) CanonicalIdentifier 

func (rn *RegistryURL) CanonicalIdentifier() string

CanonicalIdentifier returns the identifier expected to be used to save credentials to docker auth config

func (*RegistryURL) IsLocalhost 

func (rn *RegistryURL) IsLocalhost() bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.