refactor: cleanup GetArtifactRegistryCredentials error handling

Update fluxcd/pkg/auth to v0.18.0 and simplify error handling for
GetArtifactRegistryCredentials() following the improvements made in
the library.

Similar to fluxcd/image-reflector-controller#786, this removes
unnecessary nil checks as the function now returns errors directly
for unsupported providers.

- Replace authentication code in push_artifact.go with loginWithProvider()
- Remove unnecessary authenticator nil check in oci.go
- Remove unused imports (errors, auth packages)

Signed-off-by: cappyzawa <cappyzawa@gmail.com>

cmd/flux/oci.go

@@ -18,7 +18,6 @@ package main
 
 import (
 	"context"
-	"errors"
 	"fmt"
 
 	"github.com/google/go-containerregistry/pkg/crane"
@@ -38,8 +37,5 @@ func loginWithProvider(ctx context.Context, url, provider string) (crane.Option,
 	if err != nil {
 		return nil, fmt.Errorf("could not login to provider %s with url %s: %w", provider, url, err)
 	}
-	if authenticator == nil {
-		return nil, errors.New("unsupported provider")
-	}
 	return crane.WithAuth(authenticator), nil
 }

cmd/flux/push_artifact.go

@@ -19,7 +19,6 @@ package main
 import (
 	"context"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"os"
 	"strings"
@@ -34,9 +33,6 @@ import (
 	"github.com/spf13/cobra"
 	"sigs.k8s.io/yaml"
 
-	"github.com/fluxcd/pkg/auth"
-	"github.com/fluxcd/pkg/auth/azure"
-	authutils "github.com/fluxcd/pkg/auth/utils"
 	"github.com/fluxcd/pkg/oci"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1"
 
@@ -229,18 +225,11 @@ func pushArtifactCmdRun(cmd *cobra.Command, args []string) error {
 
 	if provider := pushArtifactArgs.provider.String(); provider != sourcev1.GenericOCIProvider {
 		logger.Actionf("logging in to registry with provider credentials")
-		var authOpts []auth.Option
-		if provider == azure.ProviderName {
-			authOpts = append(authOpts, auth.WithAllowShellOut())
-		}
-		authenticator, err = authutils.GetArtifactRegistryCredentials(ctx, provider, url, authOpts...)
+		authOpt, err := loginWithProvider(ctx, url, provider)
 		if err != nil {
 			return fmt.Errorf("error during login with provider: %w", err)
 		}
-		if authenticator == nil {
-			return errors.New("unsupported provider")
-		}
-		opts = append(opts, crane.WithAuth(authenticator))
+		opts = append(opts, authOpt)
 	}
 
 	if rootArgs.timeout != 0 {

go.mod

@@ -19,7 +19,7 @@ require (
 	github.com/fluxcd/notification-controller/api v1.6.0
 	github.com/fluxcd/pkg/apis/event v0.17.0
 	github.com/fluxcd/pkg/apis/meta v1.12.0
-	github.com/fluxcd/pkg/auth v0.17.0
+	github.com/fluxcd/pkg/auth v0.18.0
 	github.com/fluxcd/pkg/chartutil v1.3.0
 	github.com/fluxcd/pkg/envsubst v1.4.0
 	github.com/fluxcd/pkg/git v0.32.0

go.sum

@@ -181,8 +181,8 @@ github.com/fluxcd/pkg/apis/kustomize v1.10.0 h1:47EeSzkQvlQZdH92vHMe2lK2iR8aOSEJ
 github.com/fluxcd/pkg/apis/kustomize v1.10.0/go.mod h1:UsqMV4sqNa1Yg0pmTsdkHRJr7bafBOENIJoAN+3ezaQ=
 github.com/fluxcd/pkg/apis/meta v1.12.0 h1:XW15TKZieC2b7MN8VS85stqZJOx+/b8jATQ/xTUhVYg=
 github.com/fluxcd/pkg/apis/meta v1.12.0/go.mod h1:+son1Va60x2eiDcTwd7lcctbI6C+K3gM7R+ULmEq1SI=
-github.com/fluxcd/pkg/auth v0.17.0 h1:jgum55f5K7Db6yI2bi4WeKojTzQS9KxlHCC0CsFs5x8=
-github.com/fluxcd/pkg/auth v0.17.0/go.mod h1:4h6s8VBNuec3tWd4xIReLw8BYPOKaIegjNMEbA4ikTU=
+github.com/fluxcd/pkg/auth v0.18.0 h1:71pGdKe0PVKWQvM3hEuyd3FD9dEUHtMuKMbUeiMl4aA=
+github.com/fluxcd/pkg/auth v0.18.0/go.mod h1:4h6s8VBNuec3tWd4xIReLw8BYPOKaIegjNMEbA4ikTU=
 github.com/fluxcd/pkg/cache v0.9.0 h1:EGKfOLMG3fOwWnH/4Axl5xd425mxoQbZzlZoLfd8PDk=
 github.com/fluxcd/pkg/cache v0.9.0/go.mod h1:jMwabjWfsC5lW8hE7NM3wtGNwSJ38Javx6EKbEi7INU=
 github.com/fluxcd/pkg/chartutil v1.3.0 h1:Zoc+AIyKL4YU4PaLL/iGv9VRLujeWT2Mvj4BLGFGKlg=