opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-21 00:56:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add support for --compat-auth-file in login/logout

Browse Source 
This mostly just inherits the c/common/pkg/auth implementation,
except that AuthFilePath and DockerCompatAuthFilePath can not be set
simultaneously, so don't unnecessarily explicitly set AuthFilePath.
c/common already handles that.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
Miloslav Trmač
2023-11-07 20:41:09 +01:00
parent a3d5814e0e
commit d0b32255e4
6 changed files with 59 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/podman/login.go
View File

@ -96,8 +96,6 @@ func login(cmd *cobra.Command, args []string) error {
} }
sysCtx := &types.SystemContext{ sysCtx := &types.SystemContext{
AuthFilePath: loginOptions.AuthFile,
DockerCertPath: loginOptions.CertDir,
DockerInsecureSkipTLSVerify: skipTLS, DockerInsecureSkipTLSVerify: skipTLS,
} }
setRegistriesConfPath(sysCtx) setRegistriesConfPath(sysCtx)

4
cmd/podman/logout.go
View File

@ -48,9 +48,7 @@ func init() {
// Implementation of podman-logout. // Implementation of podman-logout.
func logout(cmd *cobra.Command, args []string) error { func logout(cmd *cobra.Command, args []string) error {
sysCtx := &types.SystemContext{ sysCtx := &types.SystemContext{}
AuthFilePath: logoutOptions.AuthFile,
}
setRegistriesConfPath(sysCtx) setRegistriesConfPath(sysCtx)
return auth.Logout(sysCtx, &logoutOptions, args) return auth.Logout(sysCtx, &logoutOptions, args)
} }

4
docs/source/markdown/podman-login.1.md.in
View File

@ -32,6 +32,10 @@ For more details about format and configurations of the auth.json file, see cont
@@option cert-dir @@option cert-dir
#### **--compat-auth-file**=*path*
Instead of updating the default credentials file, update the one at *path*, and use a Docker-compatible format.
#### **--get-login** #### **--get-login**
Return the logged-in user for the registry. Return error if no login is found. Return the logged-in user for the registry. Return error if no login is found.

4
docs/source/markdown/podman-logout.1.md.in
View File

@ -27,6 +27,10 @@ Remove the cached credentials for all registries in the auth file
@@option authfile @@option authfile
#### **--compat-auth-file**=*path*
Instead of updating the default credentials file, update the one at *path*, and use a Docker-compatible format.
#### **--help**, **-h** #### **--help**, **-h**
Print usage statement Print usage statement

39
test/e2e/login_logout_test.go
View File

@ -189,6 +189,45 @@ var _ = Describe("Podman login and logout", func() {
Expect(session).Should(ExitCleanly()) Expect(session).Should(ExitCleanly())
}) })
It("podman login and logout --compat-auth-file flag handling", func() {
// A minimal smoke test
compatAuthFile := filepath.Join(podmanTest.TempDir, "config.json")
session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--compat-auth-file", compatAuthFile, server})
session.WaitWithDefaultTimeout()
Expect(session).Should(ExitCleanly())
readAuthInfo(compatAuthFile)
session = podmanTest.Podman([]string{"logout", "--compat-auth-file", compatAuthFile, server})
session.WaitWithDefaultTimeout()
Expect(session).Should(ExitCleanly())
// logout should fail with nonexistent authfile
session = podmanTest.Podman([]string{"logout", "--compat-auth-file", "/tmp/nonexistent", server})
session.WaitWithDefaultTimeout()
Expect(session).To(ExitWithError())
Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory"))
// inconsistent command line flags are rejected
// Pre-create the files to make sure we are not hitting the “file not found” path
authFile := filepath.Join(podmanTest.TempDir, "auth.json")
err := os.WriteFile(authFile, []byte("{}"), 0o700)
Expect(err).ToNot(HaveOccurred())
err = os.WriteFile(compatAuthFile, []byte("{}"), 0o700)
Expect(err).ToNot(HaveOccurred())
session = podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test",
"--authfile", authFile, "--compat-auth-file", compatAuthFile, server})
session.WaitWithDefaultTimeout()
Expect(session).To(ExitWithError())
Expect(session.ErrorToString()).To(Equal("Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously"))
session = podmanTest.Podman([]string{"logout", "--authfile", authFile, "--compat-auth-file", compatAuthFile, server})
session.WaitWithDefaultTimeout()
Expect(session).To(ExitWithError())
Expect(session.ErrorToString()).To(Equal("Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously"))
})
It("podman manifest with --authfile", func() { It("podman manifest with --authfile", func() {
os.Unsetenv("REGISTRY_AUTH_FILE") os.Unsetenv("REGISTRY_AUTH_FILE")

11
test/system/150-login.bats
View File

@ -80,6 +80,17 @@ function setup() {
is "$output" "{}" "credentials removed from $authfile" is "$output" "{}" "credentials removed from $authfile"
} }
@test "podman login inconsistent authfiles" {
ambiguous_file=${PODMAN_LOGIN_WORKDIR}/ambiguous-auth.json
echo '{}' > $ambiguous_file # To make sure we are not hitting the “file not found” path
run_podman 125 login --authfile "$ambiguous_file" --compat-auth-file "$ambiguous_file" localhost:5000
assert "$output" =~ "Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously"
run_podman 125 logout --authfile "$ambiguous_file" --compat-auth-file "$ambiguous_file" localhost:5000
assert "$output" =~ "Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously"
}
# Some push tests # Some push tests
@test "podman push fail" { @test "podman push fail" {