registry: ensure default auth config has address

samuelkarp · samuelkarp · commit 42d1c02750b3 · 2021-07-29T19:57:58.000-07:00
Signed-off-by: Samuel Karp &lt;skarp@amazon.com&gt;
diff --git a/cli/command/registry.go b/cli/command/registry.go
@@ -63,17 +63,14 @@ func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInf
 		indexServer := registry.GetAuthConfigKey(index)
 		isDefaultRegistry := indexServer == ElectAuthServer(context.Background(), cli)
 		authConfig, err := GetDefaultAuthConfig(cli, true, indexServer, isDefaultRegistry)
-		if authConfig == nil {
-			authConfig = &types.AuthConfig{}
-		}
 		if err != nil {
 			fmt.Fprintf(cli.Err(), "Unable to retrieve stored credentials for %s, error: %s.\n", indexServer, err)
 		}
-		err = ConfigureAuth(cli, "", "", authConfig, isDefaultRegistry)
+		err = ConfigureAuth(cli, "", "", &authConfig, isDefaultRegistry)
 		if err != nil {
 			return "", err
 		}
-		return EncodeAuthToBase64(*authConfig)
+		return EncodeAuthToBase64(authConfig)
 	}
 }
 
@@ -92,7 +89,7 @@ func ResolveAuthConfig(ctx context.Context, cli Cli, index *registrytypes.IndexI
 
 // GetDefaultAuthConfig gets the default auth config given a serverAddress
 // If credentials for given serverAddress exists in the credential store, the configuration will be populated with values in it
-func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (*types.AuthConfig, error) {
+func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (types.AuthConfig, error) {
 	if !isDefaultRegistry {
 		serverAddress = registry.ConvertToHostname(serverAddress)
 	}
@@ -101,13 +98,15 @@ func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, is
 	if checkCredStore {
 		authconfig, err = cli.ConfigFile().GetAuthConfig(serverAddress)
 		if err != nil {
-			return nil, err
+			return types.AuthConfig{
+				ServerAddress: serverAddress,
+			}, err
 		}
 	}
 	authconfig.ServerAddress = serverAddress
 	authconfig.IdentityToken = ""
 	res := types.AuthConfig(authconfig)
-	return &res, nil
+	return res, nil
 }
 
 // ConfigureAuth handles prompting of user's username and password if needed
diff --git a/cli/command/registry/login.go b/cli/command/registry/login.go
@@ -114,22 +114,19 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl
 	var response registrytypes.AuthenticateOKBody
 	isDefaultRegistry := serverAddress == authServer
 	authConfig, err := command.GetDefaultAuthConfig(dockerCli, opts.user == "" && opts.password == "", serverAddress, isDefaultRegistry)
-	if authConfig == nil {
-		authConfig = &types.AuthConfig{}
-	}
 	if err == nil && authConfig.Username != "" && authConfig.Password != "" {
-		response, err = loginWithCredStoreCreds(ctx, dockerCli, authConfig)
+		response, err = loginWithCredStoreCreds(ctx, dockerCli, &authConfig)
 	}
 	if err != nil || authConfig.Username == "" || authConfig.Password == "" {
-		err = command.ConfigureAuth(dockerCli, opts.user, opts.password, authConfig, isDefaultRegistry)
+		err = command.ConfigureAuth(dockerCli, opts.user, opts.password, &authConfig, isDefaultRegistry)
 		if err != nil {
 			return err
 		}
 
-		response, err = clnt.RegistryLogin(ctx, *authConfig)
+		response, err = clnt.RegistryLogin(ctx, authConfig)
 		if err != nil && client.IsErrConnectionFailed(err) {
 			// If the server isn't responding (yet) attempt to login purely client side
-			response, err = loginClientSide(ctx, *authConfig)
+			response, err = loginClientSide(ctx, authConfig)
 		}
 		// If we (still) have an error, give up
 		if err != nil {
@@ -152,7 +149,7 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl
 		}
 	}
 
-	if err := creds.Store(configtypes.AuthConfig(*authConfig)); err != nil {
+	if err := creds.Store(configtypes.AuthConfig(authConfig)); err != nil {
 		return errors.Errorf("Error saving credentials: %v", err)
 	}
 
diff --git a/cli/command/registry_test.go b/cli/command/registry_test.go
@@ -145,7 +145,21 @@ func TestGetDefaultAuthConfig(t *testing.T) {
 			assert.Check(t, is.Equal(tc.expectedErr, err.Error()))
 		} else {
 			assert.NilError(t, err)
-			assert.Check(t, is.DeepEqual(tc.expectedAuthConfig, *authconfig))
+			assert.Check(t, is.DeepEqual(tc.expectedAuthConfig, authconfig))
 		}
 	}
 }
+
+func TestGetDefaultAuthConfig_HelperError(t *testing.T) {
+	cli := test.NewFakeCli(&fakeClient{})
+	errBuf := new(bytes.Buffer)
+	cli.SetErr(errBuf)
+	cli.ConfigFile().CredentialsStore = "fake-does-not-exist"
+	serverAddress := "test-server-address"
+	expectedAuthConfig := types.AuthConfig{
+		ServerAddress: serverAddress,
+	}
+	authconfig, err := GetDefaultAuthConfig(cli, true, serverAddress, serverAddress == "https://index.docker.io/v1/")
+	assert.Check(t, is.DeepEqual(expectedAuthConfig, authconfig))
+	assert.Check(t, is.ErrorContains(err, "docker-credential-fake-does-not-exist"))
+}

Original file line number	Diff line number	Diff line change
`@@ -63,17 +63,14 @@ func RegistryAuthenticationPrivilegedFunc(cli Cli, index *registrytypes.IndexInf`
`63`	`63`	`indexServer := registry.GetAuthConfigKey(index)`
`64`	`64`	`isDefaultRegistry := indexServer == ElectAuthServer(context.Background(), cli)`
`65`	`65`	`authConfig, err := GetDefaultAuthConfig(cli, true, indexServer, isDefaultRegistry)`
`66`		`- if authConfig == nil {`
`67`		`- authConfig = &types.AuthConfig{}`
`68`		`- }`
`69`	`66`	`if err != nil {`
`70`	`67`	`fmt.Fprintf(cli.Err(), "Unable to retrieve stored credentials for %s, error: %s.\n", indexServer, err)`
`71`	`68`	`}`
`72`		`- err = ConfigureAuth(cli, "", "", authConfig, isDefaultRegistry)`
	`69`	`+ err = ConfigureAuth(cli, "", "", &authConfig, isDefaultRegistry)`
`73`	`70`	`if err != nil {`
`74`	`71`	`return "", err`
`75`	`72`	`}`
`76`		`- return EncodeAuthToBase64(*authConfig)`
	`73`	`+ return EncodeAuthToBase64(authConfig)`
`77`	`74`	`}`
`78`	`75`	`}`
`79`	`76`
`@@ -92,7 +89,7 @@ func ResolveAuthConfig(ctx context.Context, cli Cli, index *registrytypes.IndexI`
`92`	`89`
`93`	`90`	`// GetDefaultAuthConfig gets the default auth config given a serverAddress`
`94`	`91`	`// If credentials for given serverAddress exists in the credential store, the configuration will be populated with values in it`
`95`		`-func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (*types.AuthConfig, error) {`
	`92`	`+func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, isDefaultRegistry bool) (types.AuthConfig, error) {`
`96`	`93`	`if !isDefaultRegistry {`
`97`	`94`	`serverAddress = registry.ConvertToHostname(serverAddress)`
`98`	`95`	`}`
`@@ -101,13 +98,15 @@ func GetDefaultAuthConfig(cli Cli, checkCredStore bool, serverAddress string, is`
`101`	`98`	`if checkCredStore {`
`102`	`99`	`authconfig, err = cli.ConfigFile().GetAuthConfig(serverAddress)`
`103`	`100`	`if err != nil {`
`104`		`- return nil, err`
	`101`	`+ return types.AuthConfig{`
	`102`	`+ ServerAddress: serverAddress,`
	`103`	`+ }, err`
`105`	`104`	`}`
`106`	`105`	`}`
`107`	`106`	`authconfig.ServerAddress = serverAddress`
`108`	`107`	`authconfig.IdentityToken = ""`
`109`	`108`	`res := types.AuthConfig(authconfig)`
`110`		`- return &res, nil`
	`109`	`+ return res, nil`
`111`	`110`	`}`
`112`	`111`
`113`	`112`	`// ConfigureAuth handles prompting of user's username and password if needed`
Original file line number	Diff line number	Diff line change
`@@ -114,22 +114,19 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl`
`114`	`114`	`var response registrytypes.AuthenticateOKBody`
`115`	`115`	`isDefaultRegistry := serverAddress == authServer`
`116`	`116`	`authConfig, err := command.GetDefaultAuthConfig(dockerCli, opts.user == "" && opts.password == "", serverAddress, isDefaultRegistry)`
`117`		`- if authConfig == nil {`
`118`		`- authConfig = &types.AuthConfig{}`
`119`		`- }`
`120`	`117`	`if err == nil && authConfig.Username != "" && authConfig.Password != "" {`
`121`		`- response, err = loginWithCredStoreCreds(ctx, dockerCli, authConfig)`
	`118`	`+ response, err = loginWithCredStoreCreds(ctx, dockerCli, &authConfig)`
`122`	`119`	`}`
`123`	`120`	`if err != nil \|\| authConfig.Username == "" \|\| authConfig.Password == "" {`
`124`		`- err = command.ConfigureAuth(dockerCli, opts.user, opts.password, authConfig, isDefaultRegistry)`
	`121`	`+ err = command.ConfigureAuth(dockerCli, opts.user, opts.password, &authConfig, isDefaultRegistry)`
`125`	`122`	`if err != nil {`
`126`	`123`	`return err`
`127`	`124`	`}`
`128`	`125`
`129`		`- response, err = clnt.RegistryLogin(ctx, *authConfig)`
	`126`	`+ response, err = clnt.RegistryLogin(ctx, authConfig)`
`130`	`127`	`if err != nil && client.IsErrConnectionFailed(err) {`
`131`	`128`	`// If the server isn't responding (yet) attempt to login purely client side`
`132`		`- response, err = loginClientSide(ctx, *authConfig)`
	`129`	`+ response, err = loginClientSide(ctx, authConfig)`
`133`	`130`	`}`
`134`	`131`	`// If we (still) have an error, give up`
`135`	`132`	`if err != nil {`
`@@ -152,7 +149,7 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl`
`152`	`149`	`}`
`153`	`150`	`}`
`154`	`151`
`155`		`- if err := creds.Store(configtypes.AuthConfig(*authConfig)); err != nil {`
	`152`	`+ if err := creds.Store(configtypes.AuthConfig(authConfig)); err != nil {`
`156`	`153`	`return errors.Errorf("Error saving credentials: %v", err)`
`157`	`154`	`}`
`158`	`155`