-
Notifications
You must be signed in to change notification settings - Fork 8
/
artifactregistry.go
57 lines (46 loc) · 1.79 KB
/
artifactregistry.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
// Copyright 2022 Namespace Labs Inc; All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
package registry
import (
"bytes"
"context"
"os/exec"
"github.com/google/go-containerregistry/pkg/authn"
"namespacelabs.dev/foundation/internal/artifacts/oci"
c "namespacelabs.dev/foundation/internal/compute"
"namespacelabs.dev/foundation/internal/console"
"namespacelabs.dev/foundation/internal/fnerrors"
"namespacelabs.dev/foundation/std/tasks"
)
var DefaultKeychain oci.Keychain = defaultKeychain{}
type defaultKeychain struct{}
func (defaultKeychain) Resolve(ctx context.Context, r authn.Resource) (authn.Authenticator, error) {
authConfig, err := c.GetValue[authn.AuthConfig](ctx, &obtainAccessToken{})
if err != nil {
return nil, err
}
return authn.FromConfig(authConfig), nil
}
type obtainAccessToken struct {
c.DoScoped[authn.AuthConfig]
}
var _ c.Computable[authn.AuthConfig] = &obtainAccessToken{}
func (obtainAccessToken) Action() *tasks.ActionEvent {
return tasks.Action("gcloud.auth.print-access-token")
}
func (obtainAccessToken) Inputs() *c.In { return c.Inputs() }
func (obtainAccessToken) Output() c.Output { return c.Output{NotCacheable: true} }
func (obtainAccessToken) Compute(ctx context.Context, _ c.Resolved) (authn.AuthConfig, error) {
var out bytes.Buffer
cmd := exec.CommandContext(ctx, "gcloud", "auth", "print-access-token")
cmd.Stdout = &out
cmd.Stderr = console.TypedOutput(ctx, "gcloud", console.CatOutputTool)
if err := cmd.Run(); err != nil {
return authn.AuthConfig{}, fnerrors.InvocationError("gcp-artifactregistry", "failed to obtain gcloud access token: %w", err)
}
return authn.AuthConfig{
Username: "oauth2accesstoken",
Password: out.String(),
}, nil
}