Skip to content

Commit

Permalink
Fix setting ServerAddress property in NativeStore
Browse files Browse the repository at this point in the history
This will return the ServerAddress property when using the NativeStore.
This happens when you use docker credential helpers, not the credential
store.

The reason this fix is needed is because it needs to be propagated
properly down towards `moby/moby` project in the following logic:

```golang
func authorizationCredsFromAuthConfig(authConfig registrytypes.AuthConfig) docker.AuthorizerOpt {
	cfgHost := registry.ConvertToHostname(authConfig.ServerAddress)
	if cfgHost == "" || cfgHost == registry.IndexHostname {
		cfgHost = registry.DefaultRegistryHost
	}

	return docker.WithAuthCreds(func(host string) (string, string, error) {
		if cfgHost != host {
			logrus.WithFields(logrus.Fields{
				"host":    host,
				"cfgHost": cfgHost,
			}).Warn("Host doesn't match")
			return "", "", nil
		}
		if authConfig.IdentityToken != "" {
			return "", authConfig.IdentityToken, nil
		}
		return authConfig.Username, authConfig.Password, nil
	})
}
```
This logic resides in the following file :
`daemon/containerd/resolver.go` .

In the case when using the containerd storage feature when setting the
`cfgHost` variable from the `authConfig.ServerAddress` it will always be
empty. Since it will never be returned from the NativeStore currently.
Therefore Docker Hub images will work fine, but anything else will fail
since the `cfgHost` will always be the `registry.DefaultRegistryHost`.

Signed-off-by: Eric Bode <eric.bode@foundries.io>
  • Loading branch information
StealthyCoder committed Nov 11, 2023
1 parent a9ae9b3 commit b24e7f8
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 3 deletions.
4 changes: 4 additions & 0 deletions cli/config/credentials/native_store.go
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ func (c *nativeStore) Get(serverAddress string) (types.AuthConfig, error) {
auth.Username = creds.Username
auth.IdentityToken = creds.IdentityToken
auth.Password = creds.Password
auth.ServerAddress = creds.ServerAddress

return auth, nil
}
Expand All @@ -76,6 +77,9 @@ func (c *nativeStore) GetAll() (map[string]types.AuthConfig, error) {
ac.Username = creds.Username
ac.Password = creds.Password
ac.IdentityToken = creds.IdentityToken
if ac.ServerAddress == "" {
ac.ServerAddress = creds.ServerAddress
}
authConfigs[registry] = ac
}

Expand Down
8 changes: 5 additions & 3 deletions cli/config/credentials/native_store_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -145,9 +145,10 @@ func TestNativeStoreGet(t *testing.T) {
assert.NilError(t, err)

expected := types.AuthConfig{
Username: "foo",
Password: "bar",
Email: "foo@example.com",
Username: "foo",
Password: "bar",
Email: "foo@example.com",
ServerAddress: validServerAddress,
}
assert.Check(t, is.DeepEqual(expected, actual))
}
Expand All @@ -169,6 +170,7 @@ func TestNativeStoreGetIdentityToken(t *testing.T) {
expected := types.AuthConfig{
IdentityToken: "abcd1234",
Email: "foo@example2.com",
ServerAddress: validServerAddress2,
}
assert.Check(t, is.DeepEqual(expected, actual))
}
Expand Down

0 comments on commit b24e7f8

Please sign in to comment.