Checking for multiple registries when login/logout #24888
Conversation
|
Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
openshift-ci
bot
added
the
do-not-merge/release-note-label-needed
openshift-merge-robot
added
the
needs-rebase
|
Ephemeral COPR build failed. @containers/packit-build please check. |
openshift-merge-robot
removed
the
needs-rebase
|
Please rebase and squash your commit. Thanks for the PR. |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lslavkov, rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
lslavkov
force-pushed
the
lslavkov-22400
branch
from
17fca17 to
5b6052e
Compare
Signed-off-by: Lazar Slavković-Raco <[email protected]> # Conflicts: # cmd/podman/login.go # cmd/podman/logout.go
lslavkov
force-pushed
the
lslavkov-22400
branch
from
5b6052e to
406024e
Compare
|
@rhatdan I was able to squash it but my commit description got messed up. Hope that is nothing groundbreaking issue |
|
Any chance you could add a test? |
|
Could try but no promises. |
|
@rhatdan should I create separate file for this test or adding additional test case in |
|
@lslavkov Existing login_logout_test file is the preferred place, thanks! |
| registriesFromFile, _ := sysregistriesv2.UnqualifiedSearchRegistries(sysCtx) | ||
| if len(registriesFromFile) > 1 { | ||
| return errors.New("multiple registries in registry.conf, a registry must be provided") | ||
| } |
There was a problem hiding this comment.
This is a breaking change so we cannot accept this until a 6.0 IMO.
And most importantly this code is broken. You always reject more than one registry even if one was specifed as argument on the cli (in the args array)
Any the login code seem shared between buildah and skopeo as well so if we decide to fix this we should fix this for all in https://github.com/containers/common/blob/main/pkg/auth/auth.go
And if you look into that code you see there is already an AcceptUnspecifiedRegistry option which is quite whay you do here but it we can add another case there for this new behavior.
https://github.com/containers/common/blob/514bf04d8e6a6ac19b71147b534875ca8001785f/pkg/auth/auth.go#L137
There was a problem hiding this comment.
So if I understand correctly that registriesFromFile is gonna fail regardless if we add which registry we wish to login?
I understand your point now. The approach there is more elegant that this one. Do you want me to modify to something similar to that? https://github.com/containers/common/blob/514bf04d8e6a6ac19b71147b534875ca8001785f/pkg/auth/auth.go#L137
|
/assign |
|
@Luap99 should I close this PR and redirect my focus to the c/common? |
|
I think it would be best to add this in c/common behind a new option yes. |
Creating a check for
podman loginif there is a multiple registries in theregistry.confto avoid any issues where credential getting replaced bydocker loginFixes #22400