Skip to content

Commit

Permalink
Add insecure flag when login registry (#110)
Browse files Browse the repository at this point in the history
  • Loading branch information
pytimer authored and jdolitsky committed Aug 19, 2019
1 parent b285197 commit d56ebb9
Show file tree
Hide file tree
Showing 4 changed files with 19 additions and 8 deletions.
7 changes: 6 additions & 1 deletion cmd/oras/login.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ type loginOptions struct {
configs []string
username string
password string
insecure bool
}

func loginCmd() *cobra.Command {
Expand All @@ -47,6 +48,9 @@ Example - Login with identity token from stdin:
Example - Login with username and password by prompt:
oras login localhost:5000
Example - Login with insecure registry from command line:
oras login --insecure localhost:5000
`,
Args: cobra.ExactArgs(1),
RunE: func(cmd *cobra.Command, args []string) error {
Expand All @@ -60,6 +64,7 @@ Example - Login with username and password by prompt:
cmd.Flags().StringVarP(&opts.username, "username", "u", "", "registry username")
cmd.Flags().StringVarP(&opts.password, "password", "p", "", "registry password or identity token")
cmd.Flags().BoolVarP(&opts.fromStdin, "password-stdin", "", false, "read password or identity token from stdin")
cmd.Flags().BoolVarP(&opts.insecure, "insecure", "k", false, "allow connections to SSL registry without certs")
return cmd
}

Expand Down Expand Up @@ -108,7 +113,7 @@ func runLogin(opts loginOptions) error {
}

// Login
if err := cli.Login(context.Background(), opts.hostname, opts.username, opts.password); err != nil {
if err := cli.Login(context.Background(), opts.hostname, opts.username, opts.password, opts.insecure); err != nil {
return err
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/auth/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ var (
// Client provides authentication operations for remotes.
type Client interface {
// Login logs in to a remote server identified by the hostname.
Login(ctx context.Context, hostname, username, secret string) error
Login(ctx context.Context, hostname, username, secret string, insecure bool) error
// Logout logs out from a remote server identified by the hostname.
Logout(ctx context.Context, hostname string) error
// Resolver returns a new authenticated resolver.
Expand Down
4 changes: 2 additions & 2 deletions pkg/auth/docker/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,10 +84,10 @@ func (suite *DockerClientTestSuite) TearDownSuite() {
func (suite *DockerClientTestSuite) Test_0_Login() {
var err error

err = suite.Client.Login(newContext(), suite.DockerRegistryHost, "oscar", "opponent")
err = suite.Client.Login(newContext(), suite.DockerRegistryHost, "oscar", "opponent", false)
suite.NotNil(err, "error logging into registry with invalid credentials")

err = suite.Client.Login(newContext(), suite.DockerRegistryHost, testUsername, testPassword)
err = suite.Client.Login(newContext(), suite.DockerRegistryHost, testUsername, testPassword, false)
suite.Nil(err, "no error logging into registry with valid credentials")
}
func (suite *DockerClientTestSuite) Test_2_Logout() {
Expand Down
14 changes: 10 additions & 4 deletions pkg/auth/docker/login.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import (
)

// Login logs in to a docker registry identified by the hostname.
func (c *Client) Login(ctx context.Context, hostname, username, secret string) error {
func (c *Client) Login(ctx context.Context, hostname, username, secret string, insecure bool) error {
hostname = resolveHostname(hostname)
cred := types.AuthConfig{
Username: username,
Expand All @@ -21,10 +21,16 @@ func (c *Client) Login(ctx context.Context, hostname, username, secret string) e
cred.Password = secret
}

// Login to ensure valid credential
remote, err := registry.NewService(registry.ServiceOptions{
opts := registry.ServiceOptions{
V2Only: true,
})
}

if insecure {
opts.InsecureRegistries = []string{hostname}
}

// Login to ensure valid credential
remote, err := registry.NewService(opts)
if err != nil {
return err
}
Expand Down

0 comments on commit d56ebb9

Please sign in to comment.