Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow storing the registry password in a file #360

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Allow storing the registry password in a file #360

wants to merge 2 commits into from

Conversation

kcolford
Copy link

This lets you mount the registry password in a secret that is kept separate from regular configuration. Also it means that the password can be updated dynamically without restarting the process.

@kcolford
Allow storing the registry password in a file
21b19a4 
This lets you mount the registry password in a secret that is kept
separate from regular configuration. Also it means that the password
can be updated dynamically without restarting the process.
@kcolford
Copy link
Author

this is what #348 was supposed to be but that ended up just being an empty PR due a bot automatically updating my fork of this repo

@gkeesh7 gkeesh7 added the enhancement New feature or request label Jul 30, 2024
Anton-Kalpakchiev
Anton-Kalpakchiev reviewed Aug 20, 2024
View reviewed changes
lib/backend/registrybackend/security/security.go Outdated
if c.config.PasswordFile != "" {
passwordBytes, err := ioutil.ReadFile(c.config.PasswordFile)
if err == nil {
return basic.Username, (string)(passwordBytes)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In Go, it's preferred to typecast by calling T(v), where T is the new type and v is the value:
return basic.Username, string(passwordBytes)

Anton-Kalpakchiev
Anton-Kalpakchiev reviewed Aug 20, 2024
View reviewed changes
Copy link
Collaborator

@Anton-Kalpakchiev Anton-Kalpakchiev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi Kieran,
I apologize for the delayed review. I realize there were no tests for the file before you edited it but we want to change this. Can you add a test for the function you're editing?

@gkeesh7
Copy link
Collaborator

gkeesh7 commented Sep 24, 2024

@kcolford Can you please address the comments to take this PR forward.

Thank you.

@kcolford
Copy link
Author

@gkeesh7 I'm not sure how you expect these functions to be tested... all this change does is add a little bit of extra code to fetch the secret from a file instead of inline, it feels like one of those situations that's too obvious to test

@Anton-Kalpakchiev
Copy link
Collaborator

Hi @kcolford, I'd suggest writing a unit test where you create a credentialStore with appropriate values. Then you run the function and assert that its return values are as expected.

To test the specific case where the registry file is read/missing/etc., you can use the os package's CreateTemp function to create a temporary file, which you can then fill with whatever values the test requires. The test would delete the file at the end.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Anton-Kalpakchiev Anton-Kalpakchiev Anton-Kalpakchiev left review comments

Assignees

@kcolford kcolford

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kcolford @gkeesh7 @Anton-Kalpakchiev