fix: remove special _json_key handling

The approach of base64 encoding the json-like structure appears to work fine. The shape of the moving parts (username, password) was largely reverse engineered by: 1. Generating a service account with gcr access and saving to `key.json`. 2. `cat key.json | docker login -u _json_key --password-stdin https://gcr.io` 3. `cat `~/.docker/config.json` should now contain somethin like:``` "gcr.io" : { "auth" : "..." } The password should typically itself be a json-encoded service account i.e. the contents of `key.json` above. We've replaced the parent commits sprintf json-encoding by using the upstream types. Note: we're panicking on the error here vs. propagating it. This is partially laziness, the perceived unlikihood, and finally the desire to keep this change set as straightforward as possible. ```
jacobstr · Jun 4, 2020 · e33c4e2 · e33c4e2
1 parent a10732b
commit e33c4e2
Show file tree

Hide file tree

Showing 21 changed files with 1,836 additions and 9 deletions.
diff --git a/docker/config/config.go b/docker/config/config.go
@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"github.com/ivanilves/lstags/docker/config/credhelper"
+	"github.com/moby/moby/api/types"
 
 	"github.com/ivanilves/lstags/util/fix"
 )
@@ -54,15 +55,19 @@ func (c *Config) GetCredentials(registry string) (string, string, bool) {
 }
 
 func getAuthJSONString(username, password string) string {
-	if username == "_json_key" {
-		return fmt.Sprintf("%s:%s", username, password)
+	b, err := json.Marshal(types.AuthConfig{
+		Username: "_json_key",
+		Password: password,
+	})
+
+	// Because of the shape of the struct and inputs involved, this should never
+	// happen. We preserve the non error-propagating API for callers, but want
+	// some visibility into this that's better than simply swallowing the error.
+	if err != nil {
+		panic(err)
 	}
 
-	return fmt.Sprintf(
-		`{ "username": "%s", "password": "%s" }`,
-		username,
-		password,
-	)
+	return string(b)
 }
 
 // GetRegistryAuth gets per-registry base64 authentication string

diff --git a/docker/config/config_test.go b/docker/config/config_test.go
@@ -10,8 +10,8 @@ var configFile = "../../fixtures/docker/config.json"
 
 func TestGetRegistryAuth(t *testing.T) {
 	examples := map[string]string{
-		"registry.company.io":     "eyAidXNlcm5hbWUiOiAidXNlcjEiLCAicGFzc3dvcmQiOiAicGFzczEiIH0=",
-		"registry.hub.docker.com": "eyAidXNlcm5hbWUiOiAidXNlcjIiLCAicGFzc3dvcmQiOiAicGFzczIiIH0=",
+		"registry.company.io":     "eyJ1c2VybmFtZSI6Il9qc29uX2tleSIsInBhc3N3b3JkIjoicGFzczEifQ==",
+		"registry.hub.docker.com": "eyJ1c2VybmFtZSI6Il9qc29uX2tleSIsInBhc3N3b3JkIjoicGFzczIifQ==",
 		"registry.mindundi.org":   "",
 	}
 

diff --git a/vendor/github.com/moby/moby/api/types/auth.go b/vendor/github.com/moby/moby/api/types/auth.go