-
Notifications
You must be signed in to change notification settings - Fork 7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(registry): address anonymous pull issue #12424
Conversation
9f315cb
to
3f41c47
Compare
@@ -105,10 +105,11 @@ func NewClient(options ...ClientOption) (*Client, error) { | |||
if err != nil { | |||
return nil, errors.New("unable to retrieve credentials") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not directly related to this issue, but I am wondering if swallowing the error over doing fmt.Errorf("unable to retrieve credentials: %w, err)
is the best thing to do?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We shouldn't swallow the error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll fill a separate PR to address this to allow you to move on with this quickly.
3f41c47
to
2e94320
Compare
Note, this still needs a second maintainer to approve. |
👍 looks to me to fix the issue:
|
b3c3a97
to
2e94320
Compare
Sorry for the push... Hit the wrong repo. Consider pulling in b3c3a97 which makes it testable and adds unit tests. |
The assumption that either a username and/or password OR an error is returned appears to be wrong, and results in an error later on which looks something like the following: ``` failed to authorize: failed to fetch anonymous token: unexpected status from GET request to https://auth.docker.io/token?scope=repository%3AXXX%2FYYY%3Apull&service=registry.docker.io: 401 Unauthorized ``` To mitigate this, confirm we actually have one of the values before setting the `Authorization` header. Co-authored-by: Joe Julian <me@joejulian.name> Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2e94320
to
fe4c01f
Compare
@joejulian have applied your patch with some minor tweaks, think this should be good to go now. |
Is there a planned patch release for this PR? |
Yes, the release is planned in the Milestone 3.13.1 (https://github.com/helm/helm/milestone/134). |
What this PR does / why we need it:
The assumption that either a username and/or password OR an error is returned appears to be wrong, and results in an error later on which looks something like the following:
To mitigate this, confirm we actually have one of the values before setting the
Authorization
header.Should fix #12423
Special notes for your reviewer:
This could (and should) really have more test coverage, but this is beyond the time I have available at present.
If applicable: