From 88673a5fcfcedb3ab3f1039a46b3eba912f35e5c Mon Sep 17 00:00:00 2001
From: Qi Wang <qiwan@redhat.com>
Date: Tue, 9 Oct 2018 09:26:47 -0400
Subject: [PATCH] Support auth file environment variable & add change to man
pages
Signed-off-by: Qi Wang <qiwan@redhat.com>
---
cmd/podman/common.go | 7 +++++++
cmd/podman/login.go | 5 +++--
cmd/podman/logout.go | 5 +++--
cmd/podman/pull.go | 5 +++--
cmd/podman/push.go | 6 ++++--
cmd/podman/runlabel.go | 5 +++--
cmd/podman/search.go | 4 ++--
docs/podman-build.1.md | 3 +++
docs/podman-container-runlabel.1.md | 3 +++
docs/podman-login.1.md | 3 +++
docs/podman-logout.1.md | 3 +++
docs/podman-pull.1.md | 3 +++
docs/podman-push.1.md | 3 +++
docs/podman-search.1.md | 3 +++
vendor/github.com/containers/buildah/pkg/cli/common.go | 2 +-
15 files changed, 47 insertions(+), 13 deletions(-)
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index 1e7f8d4d8f..e342659ed7 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -458,3 +458,10 @@ func sortFlags(flags []cli.Flag) []cli.Flag {
})
return flags
}
+
+func getAuthFile(authfile string) string {
+ if authfile != "" {
+ return authfile
+ }
+ return os.Getenv("REGISTRY_AUTH_FILE")
+}
diff --git a/cmd/podman/login.go b/cmd/podman/login.go
index 8625828de4..76f0f50ff7 100644
--- a/cmd/podman/login.go
+++ b/cmd/podman/login.go
@@ -27,7 +27,7 @@ var (
},
cli.StringFlag{
Name: "authfile",
- Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+ Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
},
cli.StringFlag{
Name: "cert-dir",
@@ -64,8 +64,9 @@ func loginCmd(c *cli.Context) error {
if len(args) == 1 {
server = args[0]
}
+ authfile := getAuthFile(c.String("authfile"))
- sc := common.GetSystemContext("", c.String("authfile"), false)
+ sc := common.GetSystemContext("", authfile, false)
// username of user logged in to server (if one exists)
userFromAuthFile, err := config.GetUserLoggedIn(sc, server)
diff --git a/cmd/podman/logout.go b/cmd/podman/logout.go
index d2a2da7907..099464e4f4 100644
--- a/cmd/podman/logout.go
+++ b/cmd/podman/logout.go
@@ -13,7 +13,7 @@ var (
logoutFlags = []cli.Flag{
cli.StringFlag{
Name: "authfile",
- Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+ Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
},
cli.BoolFlag{
Name: "all, a",
@@ -46,8 +46,9 @@ func logoutCmd(c *cli.Context) error {
if len(args) == 1 {
server = args[0]
}
+ authfile := getAuthFile(c.String("authfile"))
- sc := common.GetSystemContext("", c.String("authfile"), false)
+ sc := common.GetSystemContext("", authfile, false)
if c.Bool("all") {
if err := config.RemoveAllAuthentication(sc); err != nil {
diff --git a/cmd/podman/pull.go b/cmd/podman/pull.go
index 097c885360..8fb3971bd5 100644
--- a/cmd/podman/pull.go
+++ b/cmd/podman/pull.go
@@ -21,7 +21,7 @@ var (
pullFlags = []cli.Flag{
cli.StringFlag{
Name: "authfile",
- Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+ Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
},
cli.StringFlag{
Name: "cert-dir",
@@ -124,7 +124,8 @@ func pullCmd(c *cli.Context) error {
}
imgID = newImage[0].ID()
} else {
- newImage, err := runtime.ImageRuntime().New(getContext(), image, c.String("signature-policy"), c.String("authfile"), writer, &dockerRegistryOptions, image2.SigningOptions{}, true, forceSecure)
+ authfile := getAuthFile(c.String("authfile"))
+ newImage, err := runtime.ImageRuntime().New(getContext(), image, c.String("signature-policy"), authfile, writer, &dockerRegistryOptions, image2.SigningOptions{}, true, forceSecure)
if err != nil {
return errors.Wrapf(err, "error pulling image %q", image)
}
diff --git a/cmd/podman/push.go b/cmd/podman/push.go
index 9f2f418350..331f92cd23 100644
--- a/cmd/podman/push.go
+++ b/cmd/podman/push.go
@@ -58,7 +58,7 @@ var (
},
cli.StringFlag{
Name: "authfile",
- Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+ Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
},
}
pushDescription = fmt.Sprintf(`
@@ -165,5 +165,7 @@ func pushCmd(c *cli.Context) error {
return err
}
- return newImage.PushImageToHeuristicDestination(getContext(), destName, manifestType, c.String("authfile"), c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions, forceSecure, nil)
+ authfile := getAuthFile(c.String("authfile"))
+
+ return newImage.PushImageToHeuristicDestination(getContext(), destName, manifestType, authfile, c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions, forceSecure, nil)
}
diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go
index 2d464b9495..aa7411a5f9 100644
--- a/cmd/podman/runlabel.go
+++ b/cmd/podman/runlabel.go
@@ -21,7 +21,7 @@ var (
runlabelFlags = []cli.Flag{
cli.StringFlag{
Name: "authfile",
- Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+ Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
},
cli.BoolFlag{
Name: "display",
@@ -165,8 +165,9 @@ func runlabelCmd(c *cli.Context) error {
DockerCertPath: c.String("cert-dir"),
DockerInsecureSkipTLSVerify: !c.BoolT("tls-verify"),
}
+ authfile := getAuthFile(c.String("authfile"))
- newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, c.String("signature-policy"), c.String("authfile"), stdOut, &dockerRegistryOptions, image.SigningOptions{}, false, false)
+ newImage, err = runtime.ImageRuntime().New(ctx, runlabelImage, c.String("signature-policy"), authfile, stdOut, &dockerRegistryOptions, image.SigningOptions{}, false, false)
} else {
newImage, err = runtime.ImageRuntime().NewFromLocal(runlabelImage)
}
diff --git a/cmd/podman/search.go b/cmd/podman/search.go
index 49b1b7f7bf..fa11dad328 100644
--- a/cmd/podman/search.go
+++ b/cmd/podman/search.go
@@ -25,7 +25,7 @@ var (
searchFlags = []cli.Flag{
cli.StringFlag{
Name: "authfile",
- Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+ Usage: "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
},
cli.StringSliceFlag{
Name: "filter, f",
@@ -114,7 +114,7 @@ func searchCmd(c *cli.Context) error {
noTrunc: c.Bool("no-trunc"),
limit: c.Int("limit"),
filter: c.StringSlice("filter"),
- authfile: c.String("authfile"),
+ authfile: getAuthFile(c.String("authfile")),
}
regAndSkipTLS, err := getRegistriesAndSkipTLS(c, registry)
if err != nil {
diff --git a/docs/podman-build.1.md b/docs/podman-build.1.md
index a6a8dfbc2e..0cbce15c01 100644
--- a/docs/podman-build.1.md
+++ b/docs/podman-build.1.md
@@ -38,6 +38,9 @@ Note: this information is not present in Docker image formats, so it is discarde
Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
**--build-arg** *arg=value*
Specifies a build argument and its value, which will be interpolated in
diff --git a/docs/podman-container-runlabel.1.md b/docs/podman-container-runlabel.1.md
index 4611aa4d9d..73b7d7e154 100644
--- a/docs/podman-container-runlabel.1.md
+++ b/docs/podman-container-runlabel.1.md
@@ -54,6 +54,9 @@ Any additional arguments will be appended to the command.
Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
**--display**
Display the label's value of the image having populated its environment variables.
diff --git a/docs/podman-login.1.md b/docs/podman-login.1.md
index a0b9a2fe69..a3ee2929ce 100644
--- a/docs/podman-login.1.md
+++ b/docs/podman-login.1.md
@@ -33,6 +33,9 @@ Username for registry
Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json
+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
**--cert-dir** *path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
diff --git a/docs/podman-logout.1.md b/docs/podman-logout.1.md
index 4e001085c7..be0c52e392 100644
--- a/docs/podman-logout.1.md
+++ b/docs/podman-logout.1.md
@@ -24,6 +24,9 @@ All the cached credentials can be removed by setting the **all** flag.
Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json
+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
**--all, -a**
Remove the cached credentials for all registries in the auth file
diff --git a/docs/podman-pull.1.md b/docs/podman-pull.1.md
index 6eff52cea2..86c6823af7 100644
--- a/docs/podman-pull.1.md
+++ b/docs/podman-pull.1.md
@@ -50,6 +50,9 @@ Image stored in local container/storage
Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
**--cert-dir** *path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
diff --git a/docs/podman-push.1.md b/docs/podman-push.1.md
index 40442a98ff..537988ea0e 100644
--- a/docs/podman-push.1.md
+++ b/docs/podman-push.1.md
@@ -49,6 +49,9 @@ Image stored in local container/storage
Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
**--creds="CREDENTIALS"**
The [username[:password]] to use to authenticate with the registry if required.
diff --git a/docs/podman-search.1.md b/docs/podman-search.1.md
index 429c3c5ad2..ea1228f945 100644
--- a/docs/podman-search.1.md
+++ b/docs/podman-search.1.md
@@ -29,6 +29,9 @@ Note, searching without a search term will only work for registries that impleme
Path of the authentication file. Default is ${XDG_\RUNTIME\_DIR}/containers/auth.json
+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
**--filter, -f**
Filter output based on conditions provided (default [])
diff --git a/vendor/github.com/containers/buildah/pkg/cli/common.go b/vendor/github.com/containers/buildah/pkg/cli/common.go
index b54663f5d9..4baf0da69b 100644
--- a/vendor/github.com/containers/buildah/pkg/cli/common.go
+++ b/vendor/github.com/containers/buildah/pkg/cli/common.go
@@ -83,7 +83,7 @@ var (
},
cli.StringFlag{
Name: "authfile",
- Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+ Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override. ",
},
cli.StringSliceFlag{
Name: "build-arg",