Skip to content

Commit

Permalink
Add handling of incorrect dokcer hub URLs
Browse files Browse the repository at this point in the history
Signed-off-by: alexey.komyakov <[email protected]>
  • Loading branch information
scaps1 committed Jan 21, 2025
1 parent fe99148 commit fb1c87e
Showing 1 changed file with 38 additions and 1 deletion.
39 changes: 38 additions & 1 deletion pkg/providers/k8s/k8s.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,11 @@ package k8s

import (
"context"
"encoding/json"
"fmt"
kubeauth "github.com/google/go-containerregistry/pkg/authn/kubernetes"
corev1 "k8s.io/api/core/v1"
"strings"

"github.com/google/go-containerregistry/pkg/authn"
)
Expand All @@ -21,9 +23,44 @@ func NewProvider(pullSecretsGetter func(image string) []corev1.Secret) *Provider
}
}

func (p Provider) correctDockerRegistry(secrets []corev1.Secret) ([]corev1.Secret, error) {
for i, secret := range secrets {
if secret.Type == corev1.SecretTypeDockerConfigJson {
data, exists := secret.Data[corev1.DockerConfigJsonKey]
if exists {
var dockerConfig map[string]interface{}
if err := json.Unmarshal(data, &dockerConfig); err == nil {
auths, ok := dockerConfig["auths"].(map[string]interface{})
if ok {
for url := range auths {
if strings.Contains(url, "docker.io") && url != "https://index.docker.io/v1/" {
auths["https://index.docker.io/v1/"] = auths[url]
delete(auths, url)
}
}
updatedData, err := json.Marshal(dockerConfig)
if err == nil {
secrets[i].Data[corev1.DockerConfigJsonKey] = updatedData
} else {
return nil, fmt.Errorf("failed to re-marshal docker config: %v", err)
}
}
} else {
return nil, fmt.Errorf("failed to unmarshal docker config: %v", err)
}
}
}
}
return secrets, nil
}

func (p Provider) GetAuthKeychain(registry string) (authn.Keychain, error) {
dereferencedPullSecrets := p.pullSecretsGetter(registry)
kc, err := kubeauth.NewFromPullSecrets(context.TODO(), dereferencedPullSecrets)
correctedSecrets, err := p.correctDockerRegistry(dereferencedPullSecrets)
if err != nil {
return nil, err
}
kc, err := kubeauth.NewFromPullSecrets(context.TODO(), correctedSecrets)
if err != nil {
return nil, fmt.Errorf("error while processing keychain from secrets: %w", err)
}
Expand Down

0 comments on commit fb1c87e

Please sign in to comment.