Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

compat: /auth: parse server address correctly #17581

Merged
merged 1 commit into from
Mar 13, 2023
Merged

compat: /auth: parse server address correctly #17581

merged 1 commit into from
Mar 13, 2023

Conversation

vrothberg
Copy link
Member

Use auth.Login as podman login does which parses and normalizes the
input addresses correctly, especially for docker.io.

[NO NEW TESTS NEEDED] as we do not have means to test logging into
docker.io in CI.

Fixes: #17571
Signed-off-by: Valentin Rothberg vrothberg@redhat.com

Does this PR introduce a user-facing change?

Fix a bug in the Docker-compatible REST APIs `/auth` endpoint to correctly log into Docker Hub.

@openshift-ci openshift-ci bot added release-note approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Feb 20, 2023
@github-actions github-actions bot added the kind/api-change Change to remote API; merits scrutiny label Feb 20, 2023
@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 20, 2023
@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 20, 2023
@vrothberg vrothberg added the bloat_approved Approve a PR in which binary file size grows by over 50k label Feb 20, 2023
Luap99
Luap99 reviewed Feb 20, 2023
View reviewed changes
go.mod Outdated Show resolved Hide resolved
@edsantiago
Copy link
Member

WHOA. Test failures:

# podman --events-backend=file events --stream=false --filter type=image --since 2023-02-20T11:00:02-06:00
[fail expected this got that]

and

#|     FAIL: Image found in events
#| expected: =~ \"Name\":\"quay.io/libpod/testimage:20221018\"
#|   actual:    \{\"ID\":\"f5a99120db6452661930a1db3bf7390eec9b963f5f62c068fa32dc1d550afad3\"\,
\"Name\":\"f5a99120db6452661930a1db3bf7390eec9b963f5f62c068fa32dc1d550afad3\"\,
\"Status\":\"pull\"\,
\"Time\":\"2023-02-20T11:00:13.133325023-06:00\"\,
\"Type\":\"image\"\,\"Attributes\":null\}

...look exactly the same as unexplained but persistent failure in nightly treadmill job

@containers/podman-maintainers PTAL, this looks serious.

@vrothberg
Copy link
Member Author

vrothberg commented Feb 20, 2023 via email

@vrothberg
Copy link
Member Author

containers/common#1339 will fix it. Once that got in, I'll update the PR here along with minor tweaks to the system test.

@vrothberg
Copy link
Member Author

Breaking out the c/common vendor into #17591.

This should buy me some time looking into what breaks because of the /auth changes.

@vrothberg
Copy link
Member Author

@Luap99 @edsantiago PTAL

I'm not happy about the error check but it's a smaller problem than the bug. Will look into separately as changing the error would impact skopeo and buildah as well.

edsantiago
edsantiago approved these changes Feb 21, 2023
View reviewed changes
pkg/api/handlers/compat/auth.go Outdated Show resolved Hide resolved
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Feb 21, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: edsantiago, vrothberg

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [edsantiago,vrothberg]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@vrothberg vrothberg mentioned this pull request Feb 21, 2023
Merged
@vrothberg
Copy link
Member Author

Updated. Vendored in c/common to keep the error handling.

@rhatdan
Copy link
Member

rhatdan commented Feb 22, 2023

LGTM

Luap99
Luap99 reviewed Feb 22, 2023
View reviewed changes
go.mod Outdated Show resolved Hide resolved
@mheon
Copy link
Member

mheon commented Feb 22, 2023

Changes LGTM

Luap99 added a commit to Luap99/common that referenced this pull request Feb 22, 2023
@Luap99
update c/image to latest
815117a 
Something is broken with go get[1] but I was able to manually edit
go.mod and run make vendor.

[1] containers/podman#17581 (comment)

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
@Luap99 Luap99 mentioned this pull request Feb 22, 2023
Merged
Luap99
Luap99 reviewed Feb 23, 2023
View reviewed changes
Copy link
Member

@Luap99 Luap99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You need to update the tests, the runtime-spec update changed the version the tests expect:

podman/libpod/container_internal_test.go

Line 181 in 1cfb29d

stateRegexp := `{"ociVersion":"1\.0\.2-dev","id":"123abc","status":"stopped","bundle":"` + dir + `","annotations":{"a":"b"}}`

@vrothberg
Copy link
Member Author

You need to update the tests, the runtime-spec update changed the version the tests expect:

podman/libpod/container_internal_test.go

Line 181 in 1cfb29d

stateRegexp := `{"ociVersion":"1\.0\.2-dev","id":"123abc","status":"stopped","bundle":"` + dir + `","annotations":{"a":"b"}}`

Thanks! Will do. Had to focus on #17615 until now.

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 2, 2023
@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 13, 2023
@vrothberg
Copy link
Member Author

Rebased, should pass now

@vrothberg
Copy link
Member Author

@rhatdan @Luap99 merge me please

@vrothberg
Copy link
Member Author

or @edsantiago :)

@vrothberg
compat: /auth: parse server address correctly
bad41f6 
Use `auth.Login` as `podman login` does which parses and normalizes the
input addresses correctly, especially for docker.io.

[NO NEW TESTS NEEDED] as we do not have means to test logging into
docker.io in CI.

Fixes: containers#17571
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
@edsantiago
Copy link
Member

/lgtm
/hold

@openshift-ci openshift-ci bot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. lgtm Indicates that a PR is ready to be merged. labels Mar 13, 2023
@vrothberg
Copy link
Member Author

/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 13, 2023
@openshift-merge-robot openshift-merge-robot merged commit 3920799 into containers:main Mar 13, 2023
@cristianrgreco cristianrgreco mentioned this pull request Mar 13, 2023
Merged
@edsantiago edsantiago mentioned this pull request Mar 13, 2023
Closed
@vrothberg vrothberg deleted the fix-17571 branch March 31, 2023 14:51
@TomSweeneyRedHat
Copy link
Member

Also fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2183596 and https://bugzilla.redhat.com/show_bug.cgi?id=2183597

TomSweeneyRedHat pushed a commit to TomSweeneyRedHat/podman that referenced this pull request Mar 31, 2023
@vrothberg @TomSweeneyRedHat
[v4.4.1-rhel] compat: /auth: parse server address correctly
3101c8b 
Use `auth.Login` as `podman login` does which parses and normalizes the
input addresses correctly, especially for docker.io.

This Cherry Picks containers#17581 and
brings in necessary changes to run_test.go from i
containers@5f86fae

Addreses: https://bugzilla.redhat.com/show_bug.cgi?id=2183601 and
https://bugzilla.redhat.com/show_bug.cgi?id=2183602 for the RHEL 8.8 and
9.2 ZeroDay

The original Fixed: containers#17571
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
@TomSweeneyRedHat TomSweeneyRedHat mentioned this pull request Mar 31, 2023
Merged
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 3, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Luap99 Luap99 Luap99 left review comments

@edsantiago edsantiago edsantiago approved these changes

Assignees

@edsantiago edsantiago

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. bloat_approved Approve a PR in which binary file size grows by over 50k kind/api-change Change to remote API; merits scrutiny lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

docker login compatibility issue
7 participants
@vrothberg @edsantiago @rhatdan @mheon @TomSweeneyRedHat @Luap99 @openshift-merge-robot