Support auth file environment variable & add change to man pages

Signed-off-by: Qi Wang <qiwan@redhat.com>

cmd/podman/common.go

@@ -458,3 +458,10 @@ func sortFlags(flags []cli.Flag) []cli.Flag {
 	})
 	return flags
 }
+
+func getAuthFile(authfile string) string {
+	if authfile != "" {
+		return authfile
+	}
+	return os.Getenv("REGISTRY_AUTH_FILE")
+}

cmd/podman/login.go

@@ -27,7 +27,7 @@ var (
 		},
 		cli.StringFlag{
 			Name:  "authfile",
-			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
 		},
 		cli.StringFlag{
 			Name:  "cert-dir",
@@ -64,8 +64,9 @@ func loginCmd(c *cli.Context) error {
 	if len(args) == 1 {
 		server = args[0]
 	}
+	authfile := getAuthFile(c.String("authfile"))
 
-	sc := common.GetSystemContext("", c.String("authfile"), false)
+	sc := common.GetSystemContext("", authfile, false)
 
 	// username of user logged in to server (if one exists)
 	userFromAuthFile, err := config.GetUserLoggedIn(sc, server)

cmd/podman/logout.go

@@ -13,7 +13,7 @@ var (
 	logoutFlags = []cli.Flag{
 		cli.StringFlag{
 			Name:  "authfile",
-			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
 		},
 		cli.BoolFlag{
 			Name:  "all, a",
@@ -46,8 +46,9 @@ func logoutCmd(c *cli.Context) error {
 	if len(args) == 1 {
 		server = args[0]
 	}
+	authfile := getAuthFile(c.String("authfile"))
 
-	sc := common.GetSystemContext("", c.String("authfile"), false)
+	sc := common.GetSystemContext("", authfile, false)
 
 	if c.Bool("all") {
 		if err := config.RemoveAllAuthentication(sc); err != nil {

cmd/podman/pull.go

@@ -21,7 +21,7 @@ var (
 	pullFlags = []cli.Flag{
 		cli.StringFlag{
 			Name:  "authfile",
-			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
 		},
 		cli.StringFlag{
 			Name:  "cert-dir",
@@ -124,7 +124,8 @@ func pullCmd(c *cli.Context) error {
 		}
 		imgID = newImage[0].ID()
 	} else {
-		newImage, err := runtime.ImageRuntime().New(getContext(), image, c.String("signature-policy"), c.String("authfile"), writer, &dockerRegistryOptions, image2.SigningOptions{}, true, forceSecure)
+		authfile := getAuthFile(c.String("authfile"))
+		newImage, err := runtime.ImageRuntime().New(getContext(), image, c.String("signature-policy"), authfile, writer, &dockerRegistryOptions, image2.SigningOptions{}, true, forceSecure)
 		if err != nil {
 			return errors.Wrapf(err, "error pulling image %q", image)
 		}

cmd/podman/push.go

@@ -58,7 +58,7 @@ var (
 		},
 		cli.StringFlag{
 			Name:  "authfile",
-			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
 		},
 	}
 	pushDescription = fmt.Sprintf(`
@@ -165,5 +165,7 @@ func pushCmd(c *cli.Context) error {
 		return err
 	}
 
-	return newImage.PushImageToHeuristicDestination(getContext(), destName, manifestType, c.String("authfile"), c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions, forceSecure, nil)
+	authfile := getAuthFile(c.String("authfile"))
+
+	return newImage.PushImageToHeuristicDestination(getContext(), destName, manifestType, authfile, c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions, forceSecure, nil)
 }

cmd/podman/runlabel.go

@@ -21,7 +21,7 @@ var (
 	runlabelFlags = []cli.Flag{
 		cli.StringFlag{
 			Name:  "authfile",
-			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
 		},
 		cli.BoolFlag{
 			Name:  "display",
@@ -165,8 +165,9 @@ func runlabelCmd(c *cli.Context) error {
 			DockerCertPath:              c.String("cert-dir"),
 			DockerInsecureSkipTLSVerify: !c.BoolT("tls-verify"),
 		}
+		authfile := getAuthFile(c.String("authfile"))
 
-		newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, c.String("signature-policy"), c.String("authfile"), stdOut, &dockerRegistryOptions, image.SigningOptions{}, false, false)
+		newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, c.String("signature-policy"), authfile, stdOut, &dockerRegistryOptions, image.SigningOptions{}, false, false)
 	} else {
 		newImage, err = runtime.ImageRuntime().NewFromLocal(runlabelImage)
 	}

cmd/podman/search.go

@@ -25,7 +25,7 @@ var (
 	searchFlags = []cli.Flag{
 		cli.StringFlag{
 			Name:  "authfile",
-			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
 		},
 		cli.StringSliceFlag{
 			Name:  "filter, f",
@@ -114,7 +114,7 @@ func searchCmd(c *cli.Context) error {
 		noTrunc:  c.Bool("no-trunc"),
 		limit:    c.Int("limit"),
 		filter:   c.StringSlice("filter"),
-		authfile: c.String("authfile"),
+		authfile: getAuthFile(c.String("authfile")),
 	}
 	regAndSkipTLS, err := getRegistriesAndSkipTLS(c, registry)
 	if err != nil {