cli/command: Reapply "remove uses of GetAuthConfigKey, ParseRepositoryInfo" and add test#5969
Merged
thaJeztah merged 3 commits intodocker:masterfrom Mar 27, 2025
Merged
Conversation
It's currently slower because it calls registry.ParseRepositoryInfo,
which does a DNS lookup for hostnames to determine if they're a loopback
address (and marked "insecure");
go test -v -run TestRetrieveAuthTokenFromImage
=== RUN TestRetrieveAuthTokenFromImage
=== RUN TestRetrieveAuthTokenFromImage/no-prefix
=== RUN TestRetrieveAuthTokenFromImage/docker.io
=== RUN TestRetrieveAuthTokenFromImage/index.docker.io
=== RUN TestRetrieveAuthTokenFromImage/registry-1.docker.io
=== RUN TestRetrieveAuthTokenFromImage/registry.hub.docker.com
=== RUN TestRetrieveAuthTokenFromImage/[::1]
=== RUN TestRetrieveAuthTokenFromImage/[::1]:5000
=== RUN TestRetrieveAuthTokenFromImage/127.0.0.1
=== RUN TestRetrieveAuthTokenFromImage/localhost
=== RUN TestRetrieveAuthTokenFromImage/localhost:5000
=== RUN TestRetrieveAuthTokenFromImage/no-auth.example.com
--- PASS: TestRetrieveAuthTokenFromImage (0.35s)
--- PASS: TestRetrieveAuthTokenFromImage/no-prefix (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/docker.io (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/index.docker.io (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/registry-1.docker.io (0.08s)
--- PASS: TestRetrieveAuthTokenFromImage/registry.hub.docker.com (0.12s)
--- PASS: TestRetrieveAuthTokenFromImage/[::1] (0.13s)
--- PASS: TestRetrieveAuthTokenFromImage/[::1]:5000 (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/127.0.0.1 (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/localhost (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/localhost:5000 (0.00s)
--- PASS: TestRetrieveAuthTokenFromImage/no-auth.example.com (0.01s)
PASS
ok github.com/docker/cli/cli/command 1.367s
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
…yInfo" This reverts commit f596202, and reapplies 79141ce. > cli/command: remove uses of GetAuthConfigKey, ParseRepositoryInfo > > Re-implement locally, based on the code in github.com/docker/docker/registry, > but leaving out bits that are not used on the client-side, such as > configuration of Mirrors, and configurable insecure-registry, which > are not used on the client side. This commit contains a regression due to a typo in `authConfigKey`; const authConfigKey = "https:/index.docker.io/v1/" Which is missing a `/` after the scheme. Which currently fails the TestRetrieveAuthTokenFromImage test. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This was introduced in 79141ce, which was reverted in f596202, and re-applied in the previous commit. Before this patch, saving credentials worked correctly; docker login -u thajeztah Password: Login Succeeded cat ~/.docker/config.json { "auths": { "https://index.docker.io/v1/": { "auth": "REDACTED" } } } But when resolving the credentials, the credentials stored would not be found; docker pull -q thajeztah/private-test-image Error response from daemon: pull access denied for thajeztah/private-test-image, repository does not exist or may require 'docker login': denied: requested access to the resource is denied With this patch applied: docker pull -q thajeztah/private-test-image docker.io/thajeztah/private-test-image:latest Thanks to mtrmac (Miloslav Trmač) for spotting this mistake! Suggested-by: Miloslav Trmač <mitr@redhat.com> Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah
added
status/2-code-review
kind/refactor
thaJeztah
changed the title
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #5969 +/- ##
==========================================
+ Coverage 59.09% 59.13% +0.03%
==========================================
Files 354 354
Lines 29733 29739 +6
==========================================
+ Hits 17572 17587 +15
+ Misses 11191 11178 -13
- Partials 970 974 +4 🚀 New features to boost your workflow:
|
Benehiko
approved these changes
Mar 26, 2025
Member
Benehiko
left a comment
Benehiko
left a comment
There was a problem hiding this comment.
let's hope this one doesn't get reverted :)
Member
Author
|
@vvoland ptal 🤗 |
vvoland
approved these changes
Mar 27, 2025
Member
Author
|
Bringing this in; just was discussing with @vvoland if we wanted to squash the "fix the regression" commit with the "Reapply" commit (I kept it separate to make it more visible), because it could impact Let's hope that's the case indeed (otherwise blame me!) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
cli/command: add unit-test for RetrieveAuthTokenFromImage
It's currently slower because it calls registry.ParseRepositoryInfo,
which does a DNS lookup for hostnames to determine if they're a loopback
address (and marked "insecure");
Reapply "cli/command: remove uses of GetAuthConfigKey, ParseRepositoryInfo"
This reverts commit f596202, and reapplies
79141ce.
This commit contains a regression due to a typo in
authConfigKey;Which is missing a
/after the scheme.Which currently fails the TestRetrieveAuthTokenFromImage test.
cli/command: fix regression in resolving auth from config
This was introduced in 79141ce, which
was reverted in f596202, and re-applied
in the previous commit.
Before this patch, saving credentials worked correctly;
But when resolving the credentials, the credentials stored would not be found;
With this patch applied:
Thanks to @mtrmac (Miloslav Trmač) for spotting this mistake!
Note that this PR also improves performance, as no DNS lookups happen to determine
if the registry is a loopback (and "insecure");
- Human readable description for the release notes
- A picture of a cute animal (not mandatory but encouraged)