From bcc6f25f389d67ba02c4ed6f8e503b99cf42ec41 Mon Sep 17 00:00:00 2001
From: "liheng.zms" <liheng.zms@alibaba-inc.com>
Date: Thu, 25 Jan 2024 15:34:40 +0800
Subject: [PATCH] optimize func ConvertToRegistryAuths

Signed-off-by: liheng.zms <liheng.zms@alibaba-inc.com>
---
 .../criruntime/imageruntime/helpers_test.go      | 16 +++++++++++++++-
 pkg/util/secret/parse.go                         | 13 +++++++------
 2 files changed, 22 insertions(+), 7 deletions(-)

diff --git a/pkg/daemon/criruntime/imageruntime/helpers_test.go b/pkg/daemon/criruntime/imageruntime/helpers_test.go
index 0b6dd74d04..bc43da3760 100644
--- a/pkg/daemon/criruntime/imageruntime/helpers_test.go
+++ b/pkg/daemon/criruntime/imageruntime/helpers_test.go
@@ -86,7 +86,7 @@ func TestMatchRegistryAuths(t *testing.T) {
 				}
 				return []v1.Secret{demo}
 			},
-			Expect: 2,
+			Expect: 1,
 		},
 		{
 			name:  "test5",
@@ -102,6 +102,20 @@ func TestMatchRegistryAuths(t *testing.T) {
 			},
 			Expect: 0,
 		},
+		{
+			name:  "test6",
+			Image: "registry.private.com/app/echoserver:v1",
+			GetSecrets: func() []v1.Secret {
+				demo := v1.Secret{
+					Data: map[string][]byte{
+						"data": []byte("not docker config json"),
+					},
+					Type: v1.SecretTypeOpaque,
+				}
+				return []v1.Secret{demo}
+			},
+			Expect: 0,
+		},
 	}
 	for _, cs := range cases {
 		t.Run(cs.name, func(t *testing.T) {
diff --git a/pkg/util/secret/parse.go b/pkg/util/secret/parse.go
index 5ed48b7309..f3e67e29f2 100644
--- a/pkg/util/secret/parse.go
+++ b/pkg/util/secret/parse.go
@@ -6,7 +6,6 @@ import (
 
 	daemonutil "github.com/openkruise/kruise/pkg/daemon/util"
 	corev1 "k8s.io/api/core/v1"
-	"k8s.io/kubernetes/pkg/credentialprovider"
 	credentialprovidersecrets "k8s.io/kubernetes/pkg/credentialprovider/secrets"
 )
 
@@ -21,20 +20,22 @@ func AuthInfos(ctx context.Context, imageName, tag string, pullSecrets []corev1.
 	return authInfos
 }
 
-var (
-	keyring = credentialprovider.NewDockerKeyring()
-)
-
 func ConvertToRegistryAuths(pullSecrets []corev1.Secret, repo string) (infos []daemonutil.AuthInfo, err error) {
-	keyring, err := credentialprovidersecrets.MakeDockerKeyring(pullSecrets, keyring)
+	keyring, err := credentialprovidersecrets.MakeDockerKeyring(pullSecrets, nil)
 	if err != nil {
 		return nil, err
 	}
+	if keyring == nil {
+		return nil, nil
+	}
 	creds, withCredentials := keyring.Lookup(repo)
 	if !withCredentials {
 		return nil, nil
 	}
 	for _, c := range creds {
+		if c.Username == "" {
+			continue
+		}
 		infos = append(infos, daemonutil.AuthInfo{
 			Username: c.Username,
 			Password: c.Password,