forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cfg.go
106 lines (95 loc) · 3.18 KB
/
cfg.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package dockercfg
import (
"encoding/base64"
"encoding/json"
"io/ioutil"
"os"
"os/user"
"path/filepath"
"strings"
"github.com/GoogleCloudPlatform/kubernetes/pkg/credentialprovider"
docker "github.com/fsouza/go-dockerclient"
"github.com/golang/glog"
"github.com/spf13/pflag"
)
//TODO: Remove this code once the methods in Kubernetes kubelet/dockertools/config.go are public
// Default docker registry server
const (
defaultRegistryServer = "https://index.docker.io/v1/"
PushAuthType = "PUSH_DOCKERCFG_PATH"
PullAuthType = "PULL_DOCKERCFG_PATH"
)
// Helper contains all the valid config options for reading the local dockercfg file
type Helper struct {
}
// NewHelper creates a Flags object with the default values set.
func NewHelper() *Helper {
return &Helper{}
}
// InstallFlags installs the Docker flag helper into a FlagSet with the default
// options and default values from the Helper object.
func (h *Helper) InstallFlags(flags *pflag.FlagSet) {
}
// GetDockerAuth returns a valid Docker AuthConfiguration entry, and whether it was read
// from the local dockercfg file
func (h *Helper) GetDockerAuth(imageName, authType string) (docker.AuthConfiguration, bool) {
dockercfgPath := getDockercfgFile("")
if pathForAuthType := os.Getenv(authType); len(pathForAuthType) > 0 {
glog.V(3).Infof("%s=%s", authType, pathForAuthType)
dockercfgPath = getDockercfgFile(pathForAuthType)
}
if _, err := os.Stat(dockercfgPath); err != nil {
glog.V(3).Infof("Problem accessing %s: %v", dockercfgPath, err)
return docker.AuthConfiguration{}, false
}
cfg, err := readDockercfg(dockercfgPath)
if err != nil {
glog.Errorf("Reading %s failed: ", dockercfgPath, err)
return docker.AuthConfiguration{}, false
}
keyring := credentialprovider.BasicDockerKeyring{}
keyring.Add(cfg)
authConfs, found := keyring.Lookup(imageName)
if !found || len(authConfs) == 0 {
return docker.AuthConfiguration{}, false
}
glog.V(3).Infof("Using %s user for Docker authentication", authConfs[0].Username)
return authConfs[0], true
}
// getDockercfgFile returns the path to the dockercfg file
func getDockercfgFile(path string) string {
var cfgPath string
if path != "" {
cfgPath = path
} else if os.Getenv("DOCKERCFG_PATH") != "" {
cfgPath = os.Getenv("DOCKERCFG_PATH")
} else if currentUser, err := user.Current(); err == nil {
cfgPath = filepath.Join(currentUser.HomeDir, ".dockercfg")
}
glog.V(5).Infof("Found Docker authentication configuration in '%s'", cfgPath)
return cfgPath
}
// readDockercfg reads the contents of a .dockercfg file into a map
// with server name keys and AuthEntry values
func readDockercfg(filePath string) (cfg credentialprovider.DockerConfig, err error) {
content, err := ioutil.ReadFile(filePath)
if err != nil {
return
}
if err := json.Unmarshal(content, &cfg); err != nil {
return nil, err
}
return
}
// getCredentials parses an auth string inside a dockercfg file into
// a username and password
func getCredentials(auth string) (username, password string, err error) {
creds, err := base64.StdEncoding.DecodeString(auth)
if err != nil {
return
}
unamepass := strings.Split(string(creds), ":")
username = unamepass[0]
password = unamepass[1]
return
}