Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix registry auth regression #97

Merged
merged 1 commit into from Feb 1, 2022
Merged

fix registry auth regression #97

merged 1 commit into from Feb 1, 2022

Conversation

jonasagx
Copy link
Contributor

@jonasagx jonasagx commented Jan 31, 2022
edited

While adding Podman I mistakenly removed a registry condition[1]. The problem was spotted by tests in Syft and Grype.

Question: should that behavior be enforced by tests in Stereoscope?

Also added extra unit tests around Podman.

[1] commit: c30d664

Signed-off-by: Jonas Galvão Xavier jonas.agx@gmail.com

@jonasagx
fix registry auth regression
2844f30 
introduced with commit: c30d664

Signed-off-by: Jonas Galvão Xavier <jonas.agx@gmail.com>
@jonasagx jonasagx self-assigned this Jan 31, 2022
@jonasagx
Copy link
Contributor Author

validated against:

@jonasagx jonasagx requested a review from a team January 31, 2022 23:54
spiffcs
spiffcs reviewed Feb 1, 2022
View reviewed changes
pkg/image/oci/registry_provider.go
@@ -98,6 +91,10 @@ func prepareRemoteOptions(ref name.Reference, registryOptions *image.RegistryOpt
authenticator := registryOptions.Authenticator(ref.Context().RegistryStr())
if authenticator != nil {
opts = append(opts, remote.WithAuth(authenticator))
} else {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are we putting this here now because we still want InsecureSkipTLSVerify to be respected from the config?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for adding this back!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It was removed mistakenly, I expanded the PR description to avoid confusion.

kzantow
kzantow approved these changes Feb 1, 2022
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

pkg/image/oci/registry_provider.go
@@ -98,6 +91,10 @@ func prepareRemoteOptions(ref name.Reference, registryOptions *image.RegistryOpt
authenticator := registryOptions.Authenticator(ref.Context().RegistryStr())
if authenticator != nil {
opts = append(opts, remote.WithAuth(authenticator))
} else {
// use the Keychain specified from a docker config file.
log.Debugf("no registry credentials configured, using the default keychain")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe Infof?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

my vote would be to keep it as debug. (my mental model: info = let me know big-picture execution stages, debug = tell me more about decision points)

@jonasagx jonasagx merged commit f162f1e into anchore:main Feb 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wagoodman wagoodman wagoodman left review comments

@spiffcs spiffcs spiffcs left review comments

@kzantow kzantow kzantow approved these changes

Assignees

@jonasagx jonasagx

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@jonasagx @wagoodman @kzantow @spiffcs