summaryrefslogtreecommitdiff
path: root/cmd/podman/logout.go
blob: a541438c33642190aa46eca39f285d7b3e47c343 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
package main

import (
	"fmt"

	buildahcli "github.com/containers/buildah/pkg/cli"
	"github.com/containers/image/v5/docker"
	"github.com/containers/image/v5/pkg/docker/config"
	"github.com/containers/libpod/cmd/podman/cliconfig"
	"github.com/containers/libpod/cmd/podman/shared"
	"github.com/containers/libpod/pkg/registries"
	"github.com/pkg/errors"
	"github.com/sirupsen/logrus"
	"github.com/spf13/cobra"
)

var (
	logoutCommand     cliconfig.LogoutValues
	logoutDescription = "Remove the cached username and password for the registry."
	_logoutCommand    = &cobra.Command{
		Use:   "logout [flags] REGISTRY",
		Short: "Logout of a container registry",
		Long:  logoutDescription,
		RunE: func(cmd *cobra.Command, args []string) error {
			logoutCommand.InputArgs = args
			logoutCommand.GlobalFlags = MainGlobalOpts
			logoutCommand.Remote = remoteclient
			return logoutCmd(&logoutCommand)
		},
		Example: `podman logout quay.io
  podman logout --all`,
	}
)

func init() {
	if !remote {
		_logoutCommand.Example = fmt.Sprintf("%s\n  podman logout --authfile authdir/myauths.json quay.io", _logoutCommand.Example)

	}
	logoutCommand.Command = _logoutCommand
	logoutCommand.SetHelpTemplate(HelpTemplate())
	logoutCommand.SetUsageTemplate(UsageTemplate())
	flags := logoutCommand.Flags()
	flags.BoolVarP(&logoutCommand.All, "all", "a", false, "Remove the cached credentials for all registries in the auth file")
	flags.StringVar(&logoutCommand.Authfile, "authfile", buildahcli.GetDefaultAuthFile(), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
	markFlagHiddenForRemoteClient("authfile", flags)
}

// logoutCmd uses the authentication package to remove the authenticated of a registry
// stored in the auth.json file
func logoutCmd(c *cliconfig.LogoutValues) error {
	args := c.InputArgs
	if len(args) > 1 {
		return errors.Errorf("too many arguments, logout takes at most 1 argument")
	}
	var server string
	if len(args) == 0 && !c.All {
		registriesFromFile, err := registries.GetRegistries()
		if err != nil || len(registriesFromFile) == 0 {
			return errors.Errorf("no registries found in registries.conf, a registry must be provided")
		}

		server = registriesFromFile[0]
		logrus.Debugf("registry not specified, default to the first registry %q from registries.conf", server)
	}
	if len(args) == 1 {
		server = scrubServer(args[0])
	}

	sc, err := shared.GetSystemContext(c.Authfile)
	if err != nil {
		return err
	}

	if c.All {
		if err := config.RemoveAllAuthentication(sc); err != nil {
			return err
		}
		fmt.Println("Removed login credentials for all registries")
		return nil
	}

	err = config.RemoveAuthentication(sc, server)
	switch errors.Cause(err) {
	case nil:
		fmt.Printf("Removed login credentials for %s\n", server)
		return nil
	case config.ErrNotLoggedIn:
		// username of user logged in to server (if one exists)
		authConfig, err := config.GetCredentials(sc, server)
		if err != nil {
			return errors.Wrapf(err, "error reading auth file")
		}
		islogin := docker.CheckAuth(getContext(), sc, authConfig.Username, authConfig.Password, server)
		if authConfig.IdentityToken != "" && authConfig.Username != "" && authConfig.Password != "" && islogin == nil {
			fmt.Printf("Not logged into %s with podman. Existing credentials were established via docker login. Please use docker logout instead.\n", server)
			return nil
		}
		fmt.Printf("Not logged into %s\n", server)
		return nil
	default:
		return errors.Wrapf(err, "error logging out of %q", server)
	}
}