-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug in authorization code for private repos #90
Comments
Hi, I am working on a pull request to fix a bug with private repos that I have discovered. Do you have an example of an image name here so that I can verify works with my new code? |
Hey @jgough, can you explain the issue you found? I've recently have been looking there as well regarding issue #118. "https://index.docker.io/v1/": {
"auth": "bas64decodeduserandpassowrd==",
"email": "your email"
} however, ofelia tries to parse the As a potential fix, I was thinking to do something like: if v, ok := dockercfg.Configs[registry]; ok {
return v
}
// try to fetch configs from docker's default registry urls
if registry == "" {
if v, ok := dockercfg.Configs["https://index.docker.io/v2/"]; ok {
return v
}
if v, ok := dockercfg.Configs["https://index.docker.io/v1/"]; ok {
return v
}
}
return auth
} However, not sure how that would still work with fool registry URLs. Because in the "auths" : {
"https://account_id.dkr.ecr.us-east-1.amazonaws.com" : {
...
} While the image will be specified like: So I was thinking to check how other tools do that but didn't have time yet :( |
My issue was around images of the form
I'm not that familiar with how the configs are usually stored, but in my case it's under the "auths" key in the config. |
* Support more types of image names Now works with many cases of different image names including ports in registry or containers in folders. Verified with the following image formats: host:port/dir/image:tag host:port/image:tag host:port/image host/image:tag image image:tag fixes #31 #90 * improve `parseRegistry` add a check for `.` or `:` in the first part, if it is there, it must be registry URL if not this can be image tag Co-authored-by: Taras <9948629+Trane9991@users.noreply.github.com>
This is related to #31. There is a bug in https://github.com/mcuadros/ofelia/blob/master/core/common.go#L242. The number
2
there should be1
.The rationale is the following: when using docker hub, the containers are inside a folder of the owner (e.g.
mcuadros/ofelia
) but when using any other kind of registry, the first element is the name of the registry and the second could be the name of the container already (e.g.registry/container
). Therefore, with the current code, this condition is missed and the authentication fails.Please, notice that I am not entirely sure that the current code is going to work even for dockerhub as credentials from dockerhub should be prefixed with a repo URL too. The code is not including that repo URL in the search to retrieve the credentials.
The text was updated successfully, but these errors were encountered: