From b12b8a213559e36fae75fb5eb87153e1a3e086be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Mon, 4 Apr 2022 18:49:14 +0200 Subject: [PATCH] Use c/storage/pkg/ioutils.AtomicWriteFiles to update auth.json MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ... so that users can't observe an intermediate empty, or partial, file. (Note that there is still no locking, so two simultaneous updates to auth.json might lose some updates.) Fixes at least the worst impact of https://github.com/containers/image/issues/1365 . Signed-off-by: Miloslav Trmač --- pkg/docker/config/config.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkg/docker/config/config.go b/pkg/docker/config/config.go index 1d73dc405..52734bead 100644 --- a/pkg/docker/config/config.go +++ b/pkg/docker/config/config.go @@ -15,6 +15,7 @@ import ( "github.com/containers/image/v5/pkg/sysregistriesv2" "github.com/containers/image/v5/types" "github.com/containers/storage/pkg/homedir" + "github.com/containers/storage/pkg/ioutils" helperclient "github.com/docker/docker-credential-helpers/client" "github.com/docker/docker-credential-helpers/credentials" "github.com/hashicorp/go-multierror" @@ -605,7 +606,7 @@ func modifyJSON(sys *types.SystemContext, editor func(auths *dockerConfigFile) ( return "", errors.Wrapf(err, "marshaling JSON %q", path) } - if err = ioutil.WriteFile(path, newData, 0600); err != nil { + if err = ioutils.AtomicWriteFile(path, newData, 0600); err != nil { return "", errors.Wrapf(err, "writing to file %q", path) } }