This is an automated email from the ASF dual-hosted git repository.
pcongiusti pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-k.git
The following commit(s) were added to refs/heads/main by this push:
new 9d2f52a40 fix(core): Fix docker hub registry configuration
9d2f52a40 is described below
commit 9d2f52a4030e3685d23163c8d43c5b409f4a99a0
Author: Gaelle Fournier <gaelle.fournier.w...@gmail.com>
AuthorDate: Fri Jan 5 16:57:40 2024 +0100
fix(core): Fix docker hub registry configuration
* change default secret generation from CLI for Jib compatibility
* update documentation with configuration for docker hub registry
---
.../pages/installation/registry/dockerhub.adoc | 8 +++++--
pkg/util/registry/registry.go | 28 ++++++++++++----------
pkg/util/registry/registry_test.go | 3 ++-
3 files changed, 24 insertions(+), 15 deletions(-)
diff --git a/docs/modules/ROOT/pages/installation/registry/dockerhub.adoc
b/docs/modules/ROOT/pages/installation/registry/dockerhub.adoc
index 3b68c51d8..79f1d40e9 100644
--- a/docs/modules/ROOT/pages/installation/registry/dockerhub.adoc
+++ b/docs/modules/ROOT/pages/installation/registry/dockerhub.adoc
@@ -13,8 +13,9 @@ kamel install --registry docker.io --organization
your-user-id-or-org --registry
The `--registry-auth-username` and `--registry-auth-password` flags are used
by the `kamel` CLI to create a Kubernetes secret
that holds your credentials for authenticating against the Docker registry.
-In the general case, the `--registry-auth-server` should be used, but it can
be omitted for Docker Hub because it's
-automatically set to `https://index.docker.io/v1/`.
+In the general case, the `--registry-auth-server` should be used ad it's
automatically set to `https://index.docker.io/v1/`. Depending on the
xref:installation/registry/registry.adoc[publish strategy] you are using you
will need to adapt you credentials with the `--registry-auth-server` flag.
**Spectrum** expect `https://index.docker.io/v1/` while **Jib** expect
`docker.io`.
+
+NOTE: **Jib** works with Docker Hub in API v2 out of the box while
**Spectrum** needs some adaptations for it to work.
== Alternative Methods
@@ -26,6 +27,7 @@ Or you can also decide to create it using `kubectl`, with the
following command:
kubectl create secret docker-registry your-secret-name --docker-username
your-user --docker-password your-pass
----
+
Another possibility is to upload to the cluster your entire list of push/pull
secrets:
[source,bash]
@@ -42,3 +44,5 @@ After you've created the secret, you can link it to Camel K
during installation:
----
kamel install --registry docker.io --organization your-user-id-or-org
--registry-secret your-secret-name
----
+
+As with the default method, this depends on the
xref:installation/registry/registry.adoc[publish strategy] you are using. So
make sure any credential contains the valid authentication servers:
`https://index.docker.io/v1/` for **Spectrum** and `docker.io` for **Jib**.
\ No newline at end of file
diff --git a/pkg/util/registry/registry.go b/pkg/util/registry/registry.go
index e2c118e16..623110d70 100644
--- a/pkg/util/registry/registry.go
+++ b/pkg/util/registry/registry.go
@@ -25,6 +25,7 @@ import (
"fmt"
"os"
"path/filepath"
+ "strings"
"github.com/apache/camel-k/v2/pkg/client"
"go.uber.org/multierr"
@@ -32,7 +33,7 @@ import (
)
var knownServersByRegistry = map[string]string{
- "docker.io": "https://index.docker.io/v1/";,
+ "docker.io": "https://index.docker.io/v1/,docker.io";,
}
// Auth contains basic information for authenticating against a container
registry.
@@ -64,7 +65,8 @@ func (a Auth) IsSet() bool {
// validate checks if all fields are populated correctly.
func (a Auth) validate() error {
- if a.getActualServer() == "" || a.Username == "" {
+ actualSevers := a.getActualServers()
+ if len(actualSevers) < 1 || a.Username == "" {
return errors.New("not enough information to generate a
registry authentication file")
}
@@ -82,24 +84,26 @@ func (a Auth) GenerateDockerConfig() ([]byte, error) {
}
func (a Auth) generateDockerConfigObject() DockerConfigList {
- return DockerConfigList{
- map[string]DockerConfig{
- a.getActualServer(): {
- Auth: a.encodedCredentials(),
- },
- },
+ dockerConfigs := make(map[string]DockerConfig)
+ for _, server := range a.getActualServers() {
+ dockerConfigs[server] = DockerConfig{Auth:
a.encodedCredentials()}
}
+ return DockerConfigList{Auths: dockerConfigs}
}
-func (a Auth) getActualServer() string {
+func (a Auth) getActualServers() []string {
if a.Server != "" {
- return a.Server
+ return []string{a.Server}
}
if p, ok := knownServersByRegistry[a.Registry]; ok {
- return p
+ return strings.Split(p, ",")
}
- return a.Registry
+ if a.Registry != "" {
+ return []string{a.Registry}
+ }
+
+ return nil
}
func (a Auth) encodedCredentials() string {
diff --git a/pkg/util/registry/registry_test.go
b/pkg/util/registry/registry_test.go
index 948f2fa20..a9cb29dbb 100644
--- a/pkg/util/registry/registry_test.go
+++ b/pkg/util/registry/registry_test.go
@@ -36,7 +36,8 @@ func TestAuth_GenerateDockerConfig(t *testing.T) {
}
conf, err := a.GenerateDockerConfig()
assert.Nil(t, err)
- assert.Equal(t,
`{"auths":{"https://index.docker.io/v1/":{"auth":"bmljOg=="}}}`, string(conf))
+ assert.Contains(t, string(conf),
`"https://index.docker.io/v1/":{"auth":"bmljOg=="}`)
+ assert.Contains(t, string(conf), `"docker.io":{"auth":"bmljOg=="}`)
a = Auth{
Username: "nic",
