From ab6269dddfe68c8c1d43647ac1a6d20517f69aa4 Mon Sep 17 00:00:00 2001
From: jmxnzo <jakob.lammering@ruhr-uni-bochum.de>
Date: Tue, 3 Dec 2024 13:29:32 +0100
Subject: [PATCH] cli: microsoft.genpolicy: Log image reference in case of
 unauthorized access

---
 ...-reference-in-logs-when-auth-failure.patch | 22 +++++++++++++++++++
 .../by-name/microsoft/genpolicy/package.nix   |  6 ++++-
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 packages/by-name/microsoft/genpolicy/0008-genpolicy-include-reference-in-logs-when-auth-failure.patch

diff --git a/packages/by-name/microsoft/genpolicy/0008-genpolicy-include-reference-in-logs-when-auth-failure.patch b/packages/by-name/microsoft/genpolicy/0008-genpolicy-include-reference-in-logs-when-auth-failure.patch
new file mode 100644
index 000000000..afdbbc044
--- /dev/null
+++ b/packages/by-name/microsoft/genpolicy/0008-genpolicy-include-reference-in-logs-when-auth-failure.patch
@@ -0,0 +1,22 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: jmxnzo <jakob.lammering@ruhr-uni-bochum.de>
+Date: Mon, 2 Dec 2024 12:38:04 +0100
+Subject: [PATCH] genpolicy: include reference in logs when auth failure
+
+---
+ src/tools/genpolicy/src/registry.rs | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/tools/genpolicy/src/registry.rs b/src/tools/genpolicy/src/registry.rs
+index bdce2d40e3a7c3ec34137ceb3685fcc94aedcb39..9aa1cde98cd28a8c78d652986408e7738e5d96d6 100644
+--- a/src/tools/genpolicy/src/registry.rs
++++ b/src/tools/genpolicy/src/registry.rs
+@@ -125,7 +125,7 @@ impl Container {
+                 })
+             }
+             Err(oci_distribution::errors::OciDistributionError::AuthenticationFailure(message)) => {
+-                panic!("Container image registry authentication failure ({}). Are docker credentials set-up for current user?", &message);
++                panic!("Container image registry authentication failure ({}) for {}. Are docker credentials set-up for current user?", &message, &reference.whole().as_str());
+             }
+             Err(e) => {
+                 panic!(
diff --git a/packages/by-name/microsoft/genpolicy/package.nix b/packages/by-name/microsoft/genpolicy/package.nix
index b05178fe6..2823fff3a 100644
--- a/packages/by-name/microsoft/genpolicy/package.nix
+++ b/packages/by-name/microsoft/genpolicy/package.nix
@@ -57,8 +57,12 @@ rustPlatform.buildRustPackage rec {
       ./0006-genpolicy-support-HostToContainer-mount-propagation.patch
       # This patch is a port of https://github.com/kata-containers/kata-containers/pull/10136/files
       # to Microsofts genpolicy.
-      # TODO(miampf): remove when picked up by microsoft/kata-containers fork.
+      # TODO(miampf):
       ./0007-genpolicy-support-for-VOLUME-definition-in-container.patch
+
+      # Simple genpolicy logging patch to include the image reference in case of authentication failure
+      # Not merged, TODO(jmxnzo): remove when picked up by microsoft/kata-containers fork
+      ./0008-genpolicy-include-reference-in-logs-when-auth-failure.patch
     ];
   };