From 3cc17393734a54320968b3cc46cad83f17111492 Mon Sep 17 00:00:00 2001
From: jason <jason@towerofpower.montleon.intra>
Date: Thu, 24 Mar 2022 16:07:36 -0400
Subject: Resolves #13629 Add RegistryAuthHeader to manifest push

Signed-off-by: Jason Montleon <jmontleo@redhat.com>
---
 pkg/bindings/manifests/manifests.go | 78 +++++++++++++++++++++++++++++--------
 1 file changed, 62 insertions(+), 16 deletions(-)

(limited to 'pkg/bindings/manifests/manifests.go')

diff --git a/pkg/bindings/manifests/manifests.go b/pkg/bindings/manifests/manifests.go
index 458cb913a..a8f576ecd 100644
--- a/pkg/bindings/manifests/manifests.go
+++ b/pkg/bindings/manifests/manifests.go
@@ -11,7 +11,9 @@ import (
 
 	"github.com/blang/semver"
 	"github.com/containers/image/v5/manifest"
+	imageTypes "github.com/containers/image/v5/types"
 	"github.com/containers/podman/v4/pkg/api/handlers"
+	"github.com/containers/podman/v4/pkg/auth"
 	"github.com/containers/podman/v4/pkg/bindings"
 	"github.com/containers/podman/v4/pkg/bindings/images"
 	"github.com/containers/podman/v4/version"
@@ -93,15 +95,19 @@ func Add(ctx context.Context, name string, options *AddOptions) (string, error)
 
 	if bindings.ServiceVersion(ctx).GTE(semver.MustParse("4.0.0")) {
 		optionsv4 := ModifyOptions{
-			All:         options.All,
-			Annotations: options.Annotation,
-			Arch:        options.Arch,
-			Features:    options.Features,
-			Images:      options.Images,
-			OS:          options.OS,
-			OSFeatures:  nil,
-			OSVersion:   options.OSVersion,
-			Variant:     options.Variant,
+			All:           options.All,
+			Annotations:   options.Annotation,
+			Arch:          options.Arch,
+			Features:      options.Features,
+			Images:        options.Images,
+			OS:            options.OS,
+			OSFeatures:    nil,
+			OSVersion:     options.OSVersion,
+			Variant:       options.Variant,
+			Username:      options.Username,
+			Password:      options.Password,
+			Authfile:      options.Authfile,
+			SkipTLSVerify: options.SkipTLSVerify,
 		}
 		optionsv4.WithOperation("update")
 		return Modify(ctx, name, options.Images, &optionsv4)
@@ -118,11 +124,27 @@ func Add(ctx context.Context, name string, options *AddOptions) (string, error)
 	}
 	reader := strings.NewReader(opts)
 
-	headers := make(http.Header)
+	header, err := auth.MakeXRegistryAuthHeader(&imageTypes.SystemContext{AuthFilePath: options.GetAuthfile()}, options.GetUsername(), options.GetPassword())
+	if err != nil {
+		return "", err
+	}
+
+	params, err := options.ToParams()
+	if err != nil {
+		return "", err
+	}
+	// SkipTLSVerify is special.  We need to delete the param added by
+	// ToParams() and change the key and flip the bool
+	if options.SkipTLSVerify != nil {
+		params.Del("SkipTLSVerify")
+		params.Set("tlsVerify", strconv.FormatBool(!options.GetSkipTLSVerify()))
+	}
+
 	v := version.APIVersion[version.Libpod][version.MinimalAPI]
-	headers.Add("API-Version",
+	header.Add("API-Version",
 		fmt.Sprintf("%d.%d.%d", v.Major, v.Minor, v.Patch))
-	response, err := conn.DoRequest(ctx, reader, http.MethodPost, "/manifests/%s/add", nil, headers, name)
+
+	response, err := conn.DoRequest(ctx, reader, http.MethodPost, "/manifests/%s/add", params, header, name)
 	if err != nil {
 		return "", err
 	}
@@ -179,6 +201,14 @@ func Push(ctx context.Context, name, destination string, options *images.PushOpt
 		return "", err
 	}
 
+	header, err := auth.MakeXRegistryAuthHeader(&imageTypes.SystemContext{AuthFilePath: options.GetAuthfile()}, options.GetUsername(), options.GetPassword())
+	if err != nil {
+		return "", err
+	}
+	v := version.APIVersion[version.Libpod][version.MinimalAPI]
+	header.Add("API-Version",
+		fmt.Sprintf("%d.%d.%d", v.Major, v.Minor, v.Patch))
+
 	params, err := options.ToParams()
 	if err != nil {
 		return "", err
@@ -192,18 +222,18 @@ func Push(ctx context.Context, name, destination string, options *images.PushOpt
 
 	var response *bindings.APIResponse
 	if bindings.ServiceVersion(ctx).GTE(semver.MustParse("4.0.0")) {
-		response, err = conn.DoRequest(ctx, nil, http.MethodPost, "/manifests/%s/registry/%s", params, nil, name, destination)
+		response, err = conn.DoRequest(ctx, nil, http.MethodPost, "/manifests/%s/registry/%s", params, header, name, destination)
 	} else {
 		params.Set("image", name)
 		params.Set("destination", destination)
-		response, err = conn.DoRequest(ctx, nil, http.MethodPost, "/manifests/%s/push", params, nil, name)
+		response, err = conn.DoRequest(ctx, nil, http.MethodPost, "/manifests/%s/push", params, header, name)
 	}
 	if err != nil {
 		return "", err
 	}
 	defer response.Body.Close()
 
-	return idr.ID, err
+	return idr.ID, response.Process(&idr)
 }
 
 // Modify modifies the given manifest list using options and the optional list of images
@@ -223,7 +253,23 @@ func Modify(ctx context.Context, name string, images []string, options *ModifyOp
 	}
 	reader := strings.NewReader(opts)
 
-	response, err := conn.DoRequest(ctx, reader, http.MethodPut, "/manifests/%s", nil, nil, name)
+	header, err := auth.MakeXRegistryAuthHeader(&imageTypes.SystemContext{AuthFilePath: options.GetAuthfile()}, options.GetUsername(), options.GetPassword())
+	if err != nil {
+		return "", err
+	}
+
+	params, err := options.ToParams()
+	if err != nil {
+		return "", err
+	}
+	// SkipTLSVerify is special.  We need to delete the param added by
+	// ToParams() and change the key and flip the bool
+	if options.SkipTLSVerify != nil {
+		params.Del("SkipTLSVerify")
+		params.Set("tlsVerify", strconv.FormatBool(!options.GetSkipTLSVerify()))
+	}
+
+	response, err := conn.DoRequest(ctx, reader, http.MethodPut, "/manifests/%s", params, header, name)
 	if err != nil {
 		return "", err
 	}
-- 
cgit v1.2.3-54-g00ecf