opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-01 18:49:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

manifest inspect: support authentication

Browse Source 
Previous tests have worked by pure chance since the client and server
ran on the same host; the server picked up the credentials created by
the client login.

Extend the gating tests and add a new integration test which is further
capable of exercising the remote code.

Note that fixing authentication support requires adding a new
`--authfile` CLi flag to `manifest inspect`.  This will at least allow
for passing an authfile to be bindings.  Username and password are not
yet supported.

Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This commit is contained in:
Valentin Rothberg
2023-07-10 10:52:01 +02:00
parent 7cd1fb77f9
commit a69194b02f
13 changed files with 135 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
pkg/api/handlers/libpod/manifests.go
View File

@@ -153,12 +153,19 @@ func ManifestInspect(w http.ResponseWriter, r *http.Request) {
return
}
imageEngine := abi.ImageEngine{Libpod: runtime}
opts := entities.ManifestInspectOptions{}
_, authfile, err := auth.GetCredentials(r)
if err != nil {
utils.Error(w, http.StatusBadRequest, err)
return
}
defer auth.RemoveAuthfile(authfile)
opts := entities.ManifestInspectOptions{Authfile: authfile}
if _, found := r.URL.Query()["tlsVerify"]; found {
opts.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
}
imageEngine := abi.ImageEngine{Libpod: runtime}
rawManifest, err := imageEngine.ManifestInspect(r.Context(), name, opts)
if err != nil {
utils.Error(w, http.StatusNotFound, err)