From 3cc17393734a54320968b3cc46cad83f17111492 Mon Sep 17 00:00:00 2001
From: jason <jason@towerofpower.montleon.intra>
Date: Thu, 24 Mar 2022 16:07:36 -0400
Subject: Resolves #13629 Add RegistryAuthHeader to manifest push

Signed-off-by: Jason Montleon <jmontleo@redhat.com>
---
 pkg/api/handlers/libpod/manifests.go | 44 ++++++++++++++++++++++++++++++++++--
 1 file changed, 42 insertions(+), 2 deletions(-)

(limited to 'pkg/api')

diff --git a/pkg/api/handlers/libpod/manifests.go b/pkg/api/handlers/libpod/manifests.go
index 250736579..ad9ad88d1 100644
--- a/pkg/api/handlers/libpod/manifests.go
+++ b/pkg/api/handlers/libpod/manifests.go
@@ -162,13 +162,35 @@ func ManifestAdd(w http.ResponseWriter, r *http.Request) {
 	// Wrapper to support 3.x with 4.x libpod
 	query := struct {
 		entities.ManifestAddOptions
-		Images []string
+		Images    []string
+		TLSVerify bool `schema:"tlsVerify"`
 	}{}
 	if err := json.NewDecoder(r.Body).Decode(&query); err != nil {
 		utils.Error(w, http.StatusInternalServerError, errors.Wrap(err, "Decode()"))
 		return
 	}
 
+	authconf, authfile, err := auth.GetCredentials(r)
+	if err != nil {
+		utils.Error(w, http.StatusBadRequest, err)
+		return
+	}
+	defer auth.RemoveAuthfile(authfile)
+	var username, password string
+	if authconf != nil {
+		username = authconf.Username
+		password = authconf.Password
+	}
+	query.ManifestAddOptions.Authfile = authfile
+	query.ManifestAddOptions.Username = username
+	query.ManifestAddOptions.Password = password
+	if sys := runtime.SystemContext(); sys != nil {
+		query.ManifestAddOptions.CertDir = sys.DockerCertPath
+	}
+	if _, found := r.URL.Query()["tlsVerify"]; found {
+		query.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
+	}
+
 	name := utils.GetName(r)
 	if _, err := runtime.LibimageRuntime().LookupManifestList(name); err != nil {
 		utils.Error(w, http.StatusNotFound, err)
@@ -271,7 +293,7 @@ func ManifestPushV3(w http.ResponseWriter, r *http.Request) {
 		utils.Error(w, http.StatusBadRequest, errors.Wrapf(err, "error pushing image %q", query.Destination))
 		return
 	}
-	utils.WriteResponse(w, http.StatusOK, digest)
+	utils.WriteResponse(w, http.StatusOK, handlers.IDResponse{ID: digest})
 }
 
 // ManifestPush push image to registry
@@ -350,6 +372,24 @@ func ManifestModify(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	authconf, authfile, err := auth.GetCredentials(r)
+	if err != nil {
+		utils.Error(w, http.StatusBadRequest, err)
+		return
+	}
+	defer auth.RemoveAuthfile(authfile)
+	var username, password string
+	if authconf != nil {
+		username = authconf.Username
+		password = authconf.Password
+	}
+	body.ManifestAddOptions.Authfile = authfile
+	body.ManifestAddOptions.Username = username
+	body.ManifestAddOptions.Password = password
+	if sys := runtime.SystemContext(); sys != nil {
+		body.ManifestAddOptions.CertDir = sys.DockerCertPath
+	}
+
 	var report entities.ManifestModifyReport
 	switch {
 	case strings.EqualFold("update", body.Operation):
-- 
cgit v1.2.3-54-g00ecf