Skip to content

Commit c8ae2e6

Browse files
kostolakostola
committed
Default keychain looks also into $HOME/.config/containers/auth.json
1 parent 6bce25e commit c8ae2e6

File tree

2 files changed

+37
-5
lines changed

2 files changed

+37
-5
lines changed

pkg/authn/keychain.go

+10
Original file line numberDiff line numberDiff line change
@@ -137,6 +137,16 @@ func (dk *defaultKeychain) ResolveContext(_ context.Context, target Resource) (A
137137
if err != nil {
138138
return nil, err
139139
}
140+
} else if fileExists(filepath.Join(home, ".config/containers/auth.json")) {
141+
f, err := os.Open(filepath.Join(home, ".config/containers/auth.json"))
142+
if err != nil {
143+
return nil, err
144+
}
145+
defer f.Close()
146+
cf, err = config.LoadFromReader(f)
147+
if err != nil {
148+
return nil, err
149+
}
140150
} else {
141151
return Anonymous, nil
142152
}

pkg/authn/keychain_test.go

+27-5
Original file line numberDiff line numberDiff line change
@@ -110,22 +110,44 @@ func TestPodmanConfig(t *testing.T) {
110110

111111
os.Unsetenv("DOCKER_CONFIG")
112112
// At first, $DOCKER_CONFIG is unset and $HOME/.docker/config.json isn't
113-
// found, but Podman auth $XDG_RUNTIME_DIR/containers/auth.json is configured.
114-
// This should return Podman's auth $XDG_RUNTIME_DIR/containers/auth.json.
113+
// found. $XDG_RUNTIME_DIR is unset too to simulate macOS/Windows environment
114+
// This should return Podman's auth $HOME/.config/containers/auth.json.
115+
writeConfig(t, filepath.Join(os.Getenv("HOME"), ".config", "containers"), "auth.json",
116+
fmt.Sprintf(`{"auths": {"test.io": {"auth": %q}}}`,
117+
encode("DEFAULT-MAC-WIN-foo", "DEFAULT-MAC-WIN-bar")))
118+
defer func() { os.Remove(filepath.Join(os.Getenv("HOME"), ".config/containers/auth.json")) }()
119+
auth, err := DefaultKeychain.Resolve(testRegistry)
120+
if err != nil {
121+
t.Fatalf("Resolve() = %v", err)
122+
}
123+
got, err := auth.Authorization()
124+
if err != nil {
125+
t.Fatal(err)
126+
}
127+
want := &AuthConfig{
128+
Username: "DEFAULT-MAC-WIN-foo",
129+
Password: "DEFAULT-MAC-WIN-bar",
130+
}
131+
if !reflect.DeepEqual(got, want) {
132+
t.Errorf("got %+v, want %+v", got, want)
133+
}
134+
135+
// Then, XDG_RUNTIME_DIR is populated, to simulate a Linux environment,
136+
// and Podman auth $XDG_RUNTIME_DIR/containers/auth.json is configured.
115137
p := filepath.Join(tmpdir, fmt.Sprintf("%d", fresh))
116138
t.Setenv("XDG_RUNTIME_DIR", p)
117139
writeConfig(t, filepath.Join(p, "containers"), "auth.json",
118140
fmt.Sprintf(`{"auths": {"test.io": {"auth": %q}}}`,
119141
encode("XDG_RUNTIME_DIR-foo", "XDG_RUNTIME_DIR-bar")))
120-
auth, err := DefaultKeychain.Resolve(testRegistry)
142+
auth, err = DefaultKeychain.Resolve(testRegistry)
121143
if err != nil {
122144
t.Fatalf("Resolve() = %v", err)
123145
}
124-
got, err := auth.Authorization()
146+
got, err = auth.Authorization()
125147
if err != nil {
126148
t.Fatal(err)
127149
}
128-
want := &AuthConfig{
150+
want = &AuthConfig{
129151
Username: "XDG_RUNTIME_DIR-foo",
130152
Password: "XDG_RUNTIME_DIR-bar",
131153
}

0 commit comments

Comments
 (0)