[WIP] untangling auth-related code #5925
Draft
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Member
Author
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
thaJeztah
force-pushed
the
simplify_auth
branch
from
5928b3f to
a642647
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
3 times, most recently
from
df692c7 to
8a4f9b4
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
4 times, most recently
from
074b5a7 to
c784802
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
3 times, most recently
from
a3f954e to
26845e4
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
3 times, most recently
from
199969d to
76452e7
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
6 times, most recently
from
c2f0f43 to
62c8255
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
11 times, most recently
from
5d6bc2b to
b8dfa73
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
7 times, most recently
from
6d48c2e to
6e8a0d3
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
2 times, most recently
from
b8ad44d to
356d269
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
2 times, most recently
from
7e6bd69 to
45e453c
Compare
thaJeztah
force-pushed
the
simplify_auth
branch
3 times, most recently
from
0657183 to
2fdb78a
Compare
Lots to do here; too many wrappers everywhere, which may become easier when content trust is removed (which adds another level of abstraction) Signed-off-by: Sebastiaan van Stijn <[email protected]>
Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
force-pushed
the
simplify_auth
branch
from
2fdb78a to
c2671f2
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Really (REALLY) work in progress; slowly untangling some of the auth-code which was wrapper-upon-wrapper-upon-wrapper; often because types like
registry.IndexInfoorregistry.RepositoryInfowere part of the signature.Docker Content Trust added yet-another layer of abstraction on top of that, with
trust.ImageRefAndAuth, which is a wrapper on its own to wrap all those bits.In most cases, all we need is;
And of course, there's the "special cases" for docker hub;
docker.ioorindex.docker.ioPREFIX means "docker hub registry" (actual registry isregistry-1.docker.io(but there's other domains possiblehttps://index.docker.io/v1/as KEY to store credentials for thoseBut there's more to untangle, such as creds-helpers/stores converting "to hostname", but other paths don't, and likely corner-cases, where (e.g.) a trailing
/is missing inhttps://index.docker.io/v1/, etc etc.- Human readable description for the release notes
- A picture of a cute animal (not mandatory but encouraged)