Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

registry: repo URL and dockerconfig URL mismatch #749

Merged
merged 1 commit into from
May 31, 2022
Merged

registry: repo URL and dockerconfig URL mismatch #749

merged 1 commit into from
May 31, 2022

Conversation

darkowlzz
Copy link
Contributor

Registry login option should verify that the obtained dockerconfig
credentials are for the same host. When the helmrepo URL and the URL in
dockerconfig don't match, the docker config store returns an
empty auth config, instead of failing. This results in accepting empty
username and password. The HelmRepo would appear to be ready in such
situation because the creds are empty, no login is attempted. But when
a HelmChart tries to use the login options, it'd fail.

@darkowlzz darkowlzz added area/helm Helm related issues and pull requests area/oci OCI related issues and pull requests labels May 31, 2022
@darkowlzz darkowlzz force-pushed the docker-registry-host-mismatch branch 2 times, most recently from aa366c8 to c10c834 Compare May 31, 2022 13:17
makkes
makkes reviewed May 31, 2022
View reviewed changes
Copy link
Member

@makkes makkes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This only fixes the issue with dockerconfig Secrets whereas with generic secrets that don't have username/password fields, the HelmRepository would still show as Ready even though the pull of the chart would fail later on.

@darkowlzz darkowlzz force-pushed the docker-registry-host-mismatch branch from c10c834 to fa031e6 Compare May 31, 2022 18:23
@darkowlzz
registry: repo URL and dockerconfig URL mismatch
f79fd03 
Registry login option should verify that the obtained dockerconfig
credentials are for the same host. When the helmrepo URL and the URL in
docker auth config don't match, the docker config store returns an
empty auth config, instead of failing. This results in accepting empty
username and password. The HelmRepo would appear to be ready in such
situation because the creds are empty, no login is attempted. But when
a HelmChart tries to use the login options, it'd fail.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
@darkowlzz darkowlzz force-pushed the docker-registry-host-mismatch branch from fa031e6 to f79fd03 Compare May 31, 2022 18:39
makkes
makkes approved these changes May 31, 2022
View reviewed changes
Copy link
Member

@makkes makkes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work. Thanks.

@darkowlzz darkowlzz merged commit c68c62c into main May 31, 2022
@darkowlzz darkowlzz deleted the docker-registry-host-mismatch branch May 31, 2022 19:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stefanprodan stefanprodan stefanprodan left review comments

@makkes makkes makkes approved these changes

@hiddeco hiddeco hiddeco approved these changes

Assignees
No one assigned
Labels
area/helm Helm related issues and pull requests area/oci OCI related issues and pull requests
Projects
Maintainers' Focus
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@darkowlzz @makkes @stefanprodan @hiddeco