From f95b0995e521e252af52edaf57a31241d364e3d8 Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Thu, 24 Jun 2021 14:35:10 +0200 Subject: remove `pkg/registries` Pull the trigger on the `pkg/registries` package which acted as a proxy for `c/image/pkg/sysregistriesv2`. Callers should be using the packages from c/image directly, if needed at all. Also make use of libimage's SystemContext() method which returns a copy of a system context, further reducing the risk of unintentionally altering global data. [NO TESTS NEEDED] Signed-off-by: Valentin Rothberg --- pkg/api/handlers/compat/auth.go | 14 +++---- pkg/registries/registries.go | 85 ----------------------------------------- 2 files changed, 6 insertions(+), 93 deletions(-) delete mode 100644 pkg/registries/registries.go (limited to 'pkg') diff --git a/pkg/api/handlers/compat/auth.go b/pkg/api/handlers/compat/auth.go index 2c152fbc2..3594c9781 100644 --- a/pkg/api/handlers/compat/auth.go +++ b/pkg/api/handlers/compat/auth.go @@ -9,9 +9,9 @@ import ( DockerClient "github.com/containers/image/v5/docker" "github.com/containers/image/v5/types" + "github.com/containers/podman/v3/libpod" "github.com/containers/podman/v3/pkg/api/handlers/utils" "github.com/containers/podman/v3/pkg/domain/entities" - "github.com/containers/podman/v3/pkg/registries" docker "github.com/docker/docker/api/types" "github.com/pkg/errors" ) @@ -37,15 +37,13 @@ func Auth(w http.ResponseWriter, r *http.Request) { skipTLS = types.NewOptionalBool(true) } + runtime := r.Context().Value("runtime").(*libpod.Runtime) + sysCtx := runtime.SystemContext() + sysCtx.DockerInsecureSkipTLSVerify = skipTLS + fmt.Println("Authenticating with existing credentials...") - sysCtx := types.SystemContext{ - AuthFilePath: "", - DockerCertPath: "", - DockerInsecureSkipTLSVerify: skipTLS, - SystemRegistriesConfPath: registries.SystemRegistriesConfPath(), - } registry := stripAddressOfScheme(authConfig.ServerAddress) - if err := DockerClient.CheckAuth(context.Background(), &sysCtx, authConfig.Username, authConfig.Password, registry); err == nil { + if err := DockerClient.CheckAuth(context.Background(), sysCtx, authConfig.Username, authConfig.Password, registry); err == nil { utils.WriteResponse(w, http.StatusOK, entities.AuthReport{ IdentityToken: "", Status: "Login Succeeded", diff --git a/pkg/registries/registries.go b/pkg/registries/registries.go deleted file mode 100644 index 34c9138e3..000000000 --- a/pkg/registries/registries.go +++ /dev/null @@ -1,85 +0,0 @@ -package registries - -// TODO: this package should not exist anymore. Users should either use -// c/image's `sysregistriesv2` package directly OR, even better, we cache a -// config in libpod's image runtime so we don't need to parse the -// registries.conf files redundantly. - -import ( - "os" - "path/filepath" - - "github.com/containers/image/v5/pkg/sysregistriesv2" - "github.com/containers/image/v5/types" - "github.com/containers/podman/v3/pkg/rootless" - "github.com/pkg/errors" -) - -// userRegistriesFile is the path to the per user registry configuration file. -var userRegistriesFile = filepath.Join(os.Getenv("HOME"), ".config/containers/registries.conf") - -// SystemRegistriesConfPath returns an appropriate value for types.SystemContext.SystemRegistriesConfPath -// (possibly "", which is not an error), taking into account rootless mode and environment variable overrides. -// -// FIXME: This should be centralized in a global SystemContext initializer inherited throughout the code, -// not haphazardly called throughout the way it is being called now. -func SystemRegistriesConfPath() string { - if envOverride, ok := os.LookupEnv("CONTAINERS_REGISTRIES_CONF"); ok { - return envOverride - } - if envOverride, ok := os.LookupEnv("REGISTRIES_CONFIG_PATH"); ok { - return envOverride - } - - if rootless.IsRootless() { - if _, err := os.Stat(userRegistriesFile); err == nil { - return userRegistriesFile - } - } - - return "" -} - -// GetRegistriesData obtains the list of registries -func GetRegistriesData() ([]sysregistriesv2.Registry, error) { - registries, err := sysregistriesv2.GetRegistries(&types.SystemContext{SystemRegistriesConfPath: SystemRegistriesConfPath()}) - if err != nil { - return nil, errors.Wrapf(err, "unable to parse the registries.conf file") - } - return registries, nil -} - -// GetRegistries obtains the list of search registries defined in the global registries file. -func GetRegistries() ([]string, error) { - return sysregistriesv2.UnqualifiedSearchRegistries(&types.SystemContext{SystemRegistriesConfPath: SystemRegistriesConfPath()}) -} - -// GetBlockedRegistries obtains the list of blocked registries defined in the global registries file. -func GetBlockedRegistries() ([]string, error) { - var blockedRegistries []string - registries, err := GetRegistriesData() - if err != nil { - return nil, err - } - for _, reg := range registries { - if reg.Blocked { - blockedRegistries = append(blockedRegistries, reg.Prefix) - } - } - return blockedRegistries, nil -} - -// GetInsecureRegistries obtains the list of insecure registries from the global registration file. -func GetInsecureRegistries() ([]string, error) { - var insecureRegistries []string - registries, err := GetRegistriesData() - if err != nil { - return nil, err - } - for _, reg := range registries { - if reg.Insecure { - insecureRegistries = append(insecureRegistries, reg.Prefix) - } - } - return insecureRegistries, nil -} -- cgit v1.2.3-54-g00ecf