make docker-credential-wincred work like docker-credential-osxkeychain #139
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This fixes issues fetching docker credentials in libraries like /~https://github.com/google/go-containerregistry that resolve Docker Hub registry url differently (https://index.docker.io vs https://index.docker.io/v1) |
|
@vdemeester It looks like the Travis build is broken for reasons unrelated to our changes. If that is not a correct diagnosis, let @djoyahoy and I know so we fix it :) |
|
CI is now fixed. Can you rebase ? Thanks |
* fetch credentials for server with matching hostname if scheme, path, or port are not provided * if the credential request includes specific scheme, path, or port that does not match entry, don't return * extract url helpers into a package Signed-off-by: Emily Casey <ecasey@pivotal.io> Signed-off-by: Danny Joyce <djoyce@pivotal.io>
ekcasey
force-pushed
the
server-alias-wincred
branch
from
fe0ee73 to
6f4b0a7
Compare
|
@guillaumerose done! |
osxkeychain/osxkeychain_darwin.go
Outdated
| @@ -10,9 +10,8 @@ package osxkeychain | |||
| import "C" | |||
| import ( | |||
| "errors" | |||
| "net/url" | |||
| "github.com/docker/docker-credential-helpers/registryurl" | |||
There was a problem hiding this comment.
nit picking: Can you re-order the imports? goimports should do that for you 😺
wincred/wincred_windows.go
Outdated
| @@ -2,6 +2,8 @@ package wincred | |||
|
|
|||
| import ( | |||
| "bytes" | |||
| "github.com/docker/docker-credential-helpers/registryurl" | |||
There was a problem hiding this comment.
nit: please re-organize the imports here too
| func getTarget(serverURL string) (string, error) { | ||
| s, err := registryurl.Parse(serverURL) | ||
| if err != nil { | ||
| return serverURL, nil |
There was a problem hiding this comment.
nit: return empty string here instead?
There was a problem hiding this comment.
We returned the serverURL here b/c before we made our changes there was never a requirement that the url had to parse successfully (you could still fetch an exact match from the cred store). Happy to change this if you want to make this a requirement.
There was a problem hiding this comment.
Oh right read it too fast, you return a nil error. That's fine then 👍
Signed-off-by: Emily Casey <ecasey@pivotal.io>
wincred/wincred_windows.go
Outdated
| return "", err | ||
| } | ||
|
|
||
| targets := make([]string, 0) |
There was a problem hiding this comment.
nit: var targets []string
wincred/wincred_windows.go
Outdated
| for i := range creds { | ||
| attrs := creds[i].Attributes | ||
| for _, attr := range attrs { | ||
| if strings.Compare(attr.Keyword, "label") == 0 && |
There was a problem hiding this comment.
From the documentation: https://golang.org/pkg/strings/#Compare
Compare is included only for symmetry with package bytes. It is usually clearer and always faster to use the built-in string comparison operators ==, <, >, and so on.
So I guess if attr.Keyword == "label" is simpler 😸
wincred/wincred_windows.go
Outdated
| attrs := creds[i].Attributes | ||
| for _, attr := range attrs { | ||
| if strings.Compare(attr.Keyword, "label") == 0 && | ||
| bytes.Compare(attr.Value, []byte(credentials.CredsLabel)) == 0 { |
There was a problem hiding this comment.
You should use bytes.Equal instead.
What is the real type behind attr.Value? Is it an arbitrary byte slice? Or always a string encoded into bytes? My point is: even if the result is the same, I think it's more clearer to cast attr.Value as string instead.
There was a problem hiding this comment.
This piece of code existed before our PR so weren't sure if attr.Value needed to be a byte slice for a specific reason, happy to make the changes though.
| } | ||
| } | ||
|
|
||
| if target, found := findMatch(s, targets, exactMatch); found { |
There was a problem hiding this comment.
Is this really needed? Can't we just match with approximation? What is the targets length ?
There was a problem hiding this comment.
We assumed that if there were both an exact and an approximate match in the cred store, the exact match would be preferable. We can take the exact match out if you disagree.
There was a problem hiding this comment.
Sounds good 😄 Ok then 👍
Signed-off-by: Emily Casey <ecasey@pivotal.io> Signed-off-by: Danny Joyce <djoyce@pivotal.io>
silvin-lubecki
approved these changes
Apr 29, 2019
|
Thanks everybody! |
thaJeztah
added a commit
to thaJeztah/cli
that referenced
this pull request
Jun 11, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Jun 20, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: f6a4c76fbb6d594f4874dea5059e82eadfae867a Component: cli
thaJeztah
added a commit
to thaJeztah/cli
that referenced
this pull request
Jul 4, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f6a4c76) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah
added a commit
to thaJeztah/cli
that referenced
this pull request
Jul 4, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f6a4c76) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This was referenced Jul 4, 2019
thaJeztah
added a commit
to thaJeztah/cli
that referenced
this pull request
Jul 23, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f6a4c76) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah
added a commit
to thaJeztah/cli
that referenced
this pull request
Aug 8, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f6a4c76) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Aug 8, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f6a4c76fbb6d594f4874dea5059e82eadfae867a) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 24dcc56123634e048dc0c7d8fa2eeff65b97a33a Component: cli
docker-jenkins
pushed a commit
to docker-archive/docker-ce
that referenced
this pull request
Aug 8, 2019
full diff: docker/docker-credential-helpers@5241b46...8a9f93a includes: - docker/docker-credential-helpers#29 C.free(unsafe.Pointer(err)) -> C.g_error_free(err) - docker/docker-credential-helpers#124 pass: changed the way for checking if password-store is initalized - addresses docker/docker-credential-helpers#133 docker-credential-pass commits about 10 times every time I run a docker command - docker/docker-credential-helpers#143 Fix docker-credential-osxkeychain list behaviour in case of missing entry in keychain - docker/docker-credential-helpers#139 make docker-credential-wincred work like docker-credential-osxkeychain Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit f6a4c76fbb6d594f4874dea5059e82eadfae867a) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 11b15544c503d91d8ea3ba782d30d2070a24d84e Component: cli
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Danny Joyce djoyce@pivotal.io
Signed-off-by: Emily Casey ecasey@pivotal.io