Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Docker credential helpers #460

Merged
merged 9 commits into from Mar 29, 2023
Merged

Add support for Docker credential helpers #460

merged 9 commits into from Mar 29, 2023

Conversation

aaronlehmann
Copy link
Contributor

This adds the ability to retrieve registry credentials from a credential helper specified in credHelpers or credsStore inside ~/.docker/config.json.

@aaronlehmann
Add support for Docker credential helpers
2856980 
This adds the ability to retrieve registry credentials from a credential
helper specified in `credHelpers` or `credsStore` inside
~/.docker/config.json.
@aaronlehmann aaronlehmann requested a review from a team as a code owner March 19, 2023 00:17
@aaronlehmann
Copy link
Contributor Author

@microsoft-github-policy-service agree company="Netflix"

samruddhikhandale
samruddhikhandale reviewed Mar 21, 2023
View reviewed changes
Copy link
Member

@samruddhikhandale samruddhikhandale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, thanks for putting up this PR! Left some minor comments

src/spec-configuration/httpOCIRegistry.ts Outdated Show resolved Hide resolved
src/spec-configuration/httpOCIRegistry.ts Outdated Show resolved Hide resolved
@aaronlehmann
Copy link
Contributor Author

Thanks for the review! I made the suggested changes.

chrmarti
chrmarti requested changes Mar 22, 2023
View reviewed changes
Copy link
Contributor

@chrmarti chrmarti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, left a few comments.

src/spec-configuration/httpOCIRegistry.ts Outdated Show resolved Hide resolved
src/spec-configuration/httpOCIRegistry.ts Outdated Show resolved Hide resolved
@aaronlehmann
Copy link
Contributor Author

Thanks! I've made these changes.

chrmarti
chrmarti requested changes Mar 23, 2023
View reviewed changes
Copy link
Contributor

@chrmarti chrmarti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, thanks! Left another question and ran the linter.

src/spec-configuration/httpOCIRegistry.ts Outdated Show resolved Hide resolved
src/spec-configuration/httpOCIRegistry.ts Show resolved Hide resolved
@aaronlehmann
Copy link
Contributor Author

Thanks, addressed this latest round of comments.

joshspicer
joshspicer reviewed Mar 27, 2023
View reviewed changes
Copy link
Member

@joshspicer joshspicer left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is awesome, thanks for taking the time (triggered the existing unit tests to run on this PR).

Do you have any suggestions on how to craft unit tests for this? Most of our unit tests run in linux, and we do have a subset of them running in windows. Theoretically we could run against macOS too (if we wanted to...)

Currently familiarizing myself with how this works

@joshspicer joshspicer self-assigned this Mar 27, 2023
@aaronlehmann
Copy link
Contributor Author

Do you have any suggestions on how to craft unit tests for this?

Great question. The credential helper "protocol" is very simple and it would be easy to mock a credential helper. But to ensure the returned creds are actually used, we'd need an authenticated registry to connect to, and I'm not sure what kind of test infra exists for that.

joshspicer
joshspicer previously approved these changes Mar 27, 2023
View reviewed changes
Copy link
Member

@joshspicer joshspicer left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 to some of the earlier feedback (which you've addressed). I don't want to block on the tests - I can make it an action item for myself if you don't have the time. There's one minor linting error in CI.

Validated this works well on MacOS with AzureCR creds (this branch is ./devcontainer.js and the current release is on my PATH)

image

@joshspicer joshspicer mentioned this pull request Mar 27, 2023
Open
chrmarti
chrmarti requested changes Mar 28, 2023
View reviewed changes
Copy link
Contributor

@chrmarti chrmarti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the update. Left another comment on the use of a sync call. Otherwise 👍

src/spec-configuration/httpOCIRegistry.ts Outdated Show resolved Hide resolved
chrmarti
chrmarti approved these changes Mar 29, 2023
View reviewed changes
Copy link
Contributor

@chrmarti chrmarti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution!

@chrmarti chrmarti merged commit 66117b4 into devcontainers:main Mar 29, 2023
19 checks passed
@aaronlehmann
Copy link
Contributor Author

Thanks so much for the help geting this through! It's been a great experience.

@joshspicer joshspicer mentioned this pull request Mar 30, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samruddhikhandale samruddhikhandale samruddhikhandale left review comments

@chrmarti chrmarti chrmarti approved these changes

@joshspicer joshspicer joshspicer approved these changes

Assignees

@joshspicer joshspicer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@aaronlehmann @chrmarti @joshspicer @samruddhikhandale