opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-17 15:08:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Support auth file environment variable & add change to man pages

Browse Source 
Signed-off-by: Qi Wang <qiwan@redhat.com>
This commit is contained in:
Qi Wang
2018-10-09 09:26:47 -04:00
parent da5c89497f
commit 88673a5fcf
15 changed files with 47 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/podman/common.go
View File

@ -458,3 +458,10 @@ func sortFlags(flags []cli.Flag) []cli.Flag {
}) })
return flags return flags
} }
func getAuthFile(authfile string) string {
if authfile != "" {
return authfile
}
return os.Getenv("REGISTRY_AUTH_FILE")
}

5
cmd/podman/login.go
View File

@ -27,7 +27,7 @@ var (
}, },
cli.StringFlag{ cli.StringFlag{
Name: "authfile", Name: "authfile",
Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
}, },
cli.StringFlag{ cli.StringFlag{
Name: "cert-dir", Name: "cert-dir",
@ -64,8 +64,9 @@ func loginCmd(c *cli.Context) error {
if len(args) == 1 { if len(args) == 1 {
server = args[0] server = args[0]
} }
authfile := getAuthFile(c.String("authfile"))
sc := common.GetSystemContext("", c.String("authfile"), false) sc := common.GetSystemContext("", authfile, false)
// username of user logged in to server (if one exists) // username of user logged in to server (if one exists)
userFromAuthFile, err := config.GetUserLoggedIn(sc, server) userFromAuthFile, err := config.GetUserLoggedIn(sc, server)

5
cmd/podman/logout.go
View File

@ -13,7 +13,7 @@ var (
logoutFlags = []cli.Flag{ logoutFlags = []cli.Flag{
cli.StringFlag{ cli.StringFlag{
Name: "authfile", Name: "authfile",
Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "all, a", Name: "all, a",
@ -46,8 +46,9 @@ func logoutCmd(c *cli.Context) error {
if len(args) == 1 { if len(args) == 1 {
server = args[0] server = args[0]
} }
authfile := getAuthFile(c.String("authfile"))
sc := common.GetSystemContext("", c.String("authfile"), false) sc := common.GetSystemContext("", authfile, false)
if c.Bool("all") { if c.Bool("all") {
if err := config.RemoveAllAuthentication(sc); err != nil { if err := config.RemoveAllAuthentication(sc); err != nil {

5
cmd/podman/pull.go
View File

@ -21,7 +21,7 @@ var (
pullFlags = []cli.Flag{ pullFlags = []cli.Flag{
cli.StringFlag{ cli.StringFlag{
Name: "authfile", Name: "authfile",
Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
}, },
cli.StringFlag{ cli.StringFlag{
Name: "cert-dir", Name: "cert-dir",
@ -124,7 +124,8 @@ func pullCmd(c *cli.Context) error {
} }
imgID = newImage[0].ID() imgID = newImage[0].ID()
} else { } else {
newImage, err := runtime.ImageRuntime().New(getContext(), image, c.String("signature-policy"), c.String("authfile"), writer, &dockerRegistryOptions, image2.SigningOptions{}, true, forceSecure) authfile := getAuthFile(c.String("authfile"))
newImage, err := runtime.ImageRuntime().New(getContext(), image, c.String("signature-policy"), authfile, writer, &dockerRegistryOptions, image2.SigningOptions{}, true, forceSecure)
if err != nil { if err != nil {
return errors.Wrapf(err, "error pulling image %q", image) return errors.Wrapf(err, "error pulling image %q", image)
} }

6
cmd/podman/push.go
View File

@ -58,7 +58,7 @@ var (
}, },
cli.StringFlag{ cli.StringFlag{
Name: "authfile", Name: "authfile",
Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
}, },
} }
pushDescription = fmt.Sprintf(` pushDescription = fmt.Sprintf(`
@ -165,5 +165,7 @@ func pushCmd(c *cli.Context) error {
return err return err
} }
return newImage.PushImageToHeuristicDestination(getContext(), destName, manifestType, c.String("authfile"), c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions, forceSecure, nil) authfile := getAuthFile(c.String("authfile"))
return newImage.PushImageToHeuristicDestination(getContext(), destName, manifestType, authfile, c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions, forceSecure, nil)
} }

5
cmd/podman/runlabel.go
View File

@ -21,7 +21,7 @@ var (
runlabelFlags = []cli.Flag{ runlabelFlags = []cli.Flag{
cli.StringFlag{ cli.StringFlag{
Name: "authfile", Name: "authfile",
Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "display", Name: "display",
@ -165,8 +165,9 @@ func runlabelCmd(c *cli.Context) error {
DockerCertPath: c.String("cert-dir"), DockerCertPath: c.String("cert-dir"),
DockerInsecureSkipTLSVerify: !c.BoolT("tls-verify"), DockerInsecureSkipTLSVerify: !c.BoolT("tls-verify"),
} }
authfile := getAuthFile(c.String("authfile"))
newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, c.String("signature-policy"), c.String("authfile"), stdOut, &dockerRegistryOptions, image.SigningOptions{}, false, false) newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, c.String("signature-policy"), authfile, stdOut, &dockerRegistryOptions, image.SigningOptions{}, false, false)
} else { } else {
newImage, err = runtime.ImageRuntime().NewFromLocal(runlabelImage) newImage, err = runtime.ImageRuntime().NewFromLocal(runlabelImage)
} }

4
cmd/podman/search.go
View File

@ -25,7 +25,7 @@ var (
searchFlags = []cli.Flag{ searchFlags = []cli.Flag{
cli.StringFlag{ cli.StringFlag{
Name: "authfile", Name: "authfile",
Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
}, },
cli.StringSliceFlag{ cli.StringSliceFlag{
Name: "filter, f", Name: "filter, f",
@ -114,7 +114,7 @@ func searchCmd(c *cli.Context) error {
noTrunc: c.Bool("no-trunc"), noTrunc: c.Bool("no-trunc"),
limit: c.Int("limit"), limit: c.Int("limit"),
filter: c.StringSlice("filter"), filter: c.StringSlice("filter"),
authfile: c.String("authfile"), authfile: getAuthFile(c.String("authfile")),
} }
regAndSkipTLS, err := getRegistriesAndSkipTLS(c, registry) regAndSkipTLS, err := getRegistriesAndSkipTLS(c, registry)
if err != nil { if err != nil {

3
docs/podman-build.1.md
View File

@ -38,6 +38,9 @@ Note: this information is not present in Docker image formats, so it is discarde
Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`. Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--build-arg** *arg=value* **--build-arg** *arg=value*
Specifies a build argument and its value, which will be interpolated in Specifies a build argument and its value, which will be interpolated in

3
docs/podman-container-runlabel.1.md
View File

@ -54,6 +54,9 @@ Any additional arguments will be appended to the command.
Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`. Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--display** **--display**
Display the label's value of the image having populated its environment variables. Display the label's value of the image having populated its environment variables.

3
docs/podman-login.1.md
View File

@ -33,6 +33,9 @@ Username for registry
Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--cert-dir** *path* **--cert-dir** *path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry. Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.

3
docs/podman-logout.1.md
View File

@ -24,6 +24,9 @@ All the cached credentials can be removed by setting the **all** flag.
Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--all, -a** **--all, -a**
Remove the cached credentials for all registries in the auth file Remove the cached credentials for all registries in the auth file

3
docs/podman-pull.1.md
View File

@ -50,6 +50,9 @@ Image stored in local container/storage
Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`. Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--cert-dir** *path* **--cert-dir** *path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry. Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.

3
docs/podman-push.1.md
View File

@ -49,6 +49,9 @@ Image stored in local container/storage
Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`. Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--creds="CREDENTIALS"** **--creds="CREDENTIALS"**
The [username[:password]] to use to authenticate with the registry if required. The [username[:password]] to use to authenticate with the registry if required.

3
docs/podman-search.1.md
View File

@ -29,6 +29,9 @@ Note, searching without a search term will only work for registries that impleme
Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--filter, -f** **--filter, -f**
Filter output based on conditions provided (default []) Filter output based on conditions provided (default [])

2
vendor/github.com/containers/buildah/pkg/cli/common.go generated vendored
View File

@ -83,7 +83,7 @@ var (
}, },
cli.StringFlag{ cli.StringFlag{
Name: "authfile", Name: "authfile",
Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
}, },
cli.StringSliceFlag{ cli.StringSliceFlag{
Name: "build-arg", Name: "build-arg",