Skip to content

Commit

Permalink
Instrument remote image pulling
Browse files Browse the repository at this point in the history
  • Loading branch information
domust committed Sep 19, 2024
1 parent 9010cd3 commit 2597d9b
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 4 deletions.
2 changes: 1 addition & 1 deletion artifact_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ func TestArtifact(t *testing.T) {
log.SetLevel(logrus.DebugLevel)

digest := "alpine@sha256:60eda2a7bc29a54fe6beae0d72312ea995eb3b8387535e8dbf6767fd1b765d34" // linux/amd64 digest
img, err := image.NewFromRemote(ctx, digest, types.ImageOptions{})
img, err := image.NewFromRemote(ctx, log, digest, types.ImageOptions{})
r.NoError(err)

artifact, err := NewArtifact(img, log, mockBlockCache{}, ArtifactOption{
Expand Down
24 changes: 21 additions & 3 deletions image/remote.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"github.com/google/go-containerregistry/pkg/name"
v1 "github.com/google/go-containerregistry/pkg/v1"
"github.com/google/go-containerregistry/pkg/v1/remote"
"github.com/sirupsen/logrus"
)

type DockerConfig struct {
Expand All @@ -25,7 +26,12 @@ type RegistryAuth struct {
Token string `json:"auth"`
}

func NewFromRemote(ctx context.Context, imageName string, option types.ImageOptions) (ImageWithIndex, error) {
func NewFromRemote(
ctx context.Context,
log logrus.FieldLogger,
imageName string,
option types.ImageOptions,
) (ImageWithIndex, error) {
var nameOpts []name.Option
if option.RegistryOptions.Insecure {
nameOpts = append(nameOpts, name.Insecure)
Expand All @@ -35,14 +41,20 @@ func NewFromRemote(ctx context.Context, imageName string, option types.ImageOpti
return nil, fmt.Errorf("failed to parse the image name: %w", err)
}

img, err := tryRemote(ctx, imageName, ref, option)
img, err := tryRemote(ctx, log, imageName, ref, option)
if err != nil {
return nil, err
}
return img, nil
}

func tryRemote(ctx context.Context, imageName string, ref name.Reference, option types.ImageOptions) (ImageWithIndex, error) {
func tryRemote(
ctx context.Context,
log logrus.FieldLogger,
imageName string,
ref name.Reference,
option types.ImageOptions,
) (ImageWithIndex, error) {
remoteOpts := []remote.Option{
remote.WithContext(ctx),
}
Expand All @@ -55,20 +67,26 @@ func tryRemote(ctx context.Context, imageName string, ref name.Reference, option

// Username/Password based auth.
if len(option.RegistryOptions.Credentials) > 0 {
log.Info("using basic authentication to pull an image")
for _, cred := range option.RegistryOptions.Credentials {
remoteOpts = append(remoteOpts, remote.WithAuth(&authn.Basic{
Username: cred.Username,
Password: cred.Password,
}))
}
} else {
log.Info("using other authentication to pull an image")
domain := ref.Context().RegistryStr()
auth := registry.GetToken(ctx, domain, option.RegistryOptions)
if auth.Username != "" && auth.Password != "" {
log.Info("using cloud provider registry token to pull an image")
remoteOpts = append(remoteOpts, remote.WithAuth(&auth))
} else if option.RegistryOptions.RegistryToken != "" {
log.Info("using bearer token to pull an image")
bearer := authn.Bearer{Token: option.RegistryOptions.RegistryToken}
remoteOpts = append(remoteOpts, remote.WithAuth(&bearer))
} else {
log.Info("not using authentication to pull an image after all")
}
}

Expand Down

0 comments on commit 2597d9b

Please sign in to comment.