diff --git a/cmd/flux/diff_artifact.go b/cmd/flux/diff_artifact.go index 86b82e28..b7293471 100644 --- a/cmd/flux/diff_artifact.go +++ b/cmd/flux/diff_artifact.go @@ -93,7 +93,7 @@ func diffArtifactCmdRun(cmd *cobra.Command, args []string) error { if diffArtifactArgs.provider.String() != sourcev1.GenericOCIProvider { logger.Actionf("logging in to registry with provider credentials") - opt, err := loginWithProvider(ctx, url, diffArtifactArgs.provider.String()) + opt, _, err := loginWithProvider(ctx, url, diffArtifactArgs.provider.String()) if err != nil { return fmt.Errorf("error during login with provider: %w", err) } diff --git a/cmd/flux/list_artifact.go b/cmd/flux/list_artifact.go index f5d37721..02716a4a 100644 --- a/cmd/flux/list_artifact.go +++ b/cmd/flux/list_artifact.go @@ -52,7 +52,7 @@ var listArtifactsCmd = &cobra.Command{ Long: `The list command fetches the tags and their metadata from a remote OCI repository. The command can read the credentials from '~/.docker/config.json' but they can also be passed with --creds. It can also login to a supported provider with the --provider flag.`, Example: ` # List the artifacts stored in an OCI repository - flux list artifact oci://ghcr.io/org/config/app + flux list artifacts oci://ghcr.io/org/config/app `, RunE: listArtifactsCmdRun, } @@ -85,7 +85,7 @@ func listArtifactsCmdRun(cmd *cobra.Command, args []string) error { if listArtifactArgs.provider.String() != sourcev1.GenericOCIProvider { logger.Actionf("logging in to registry with provider credentials") - ociOpt, err := loginWithProvider(ctx, url, listArtifactArgs.provider.String()) + ociOpt, _, err := loginWithProvider(ctx, url, listArtifactArgs.provider.String()) if err != nil { return fmt.Errorf("error during login with provider: %w", err) } diff --git a/cmd/flux/oci.go b/cmd/flux/oci.go index f3bb0dae..c4a70346 100644 --- a/cmd/flux/oci.go +++ b/cmd/flux/oci.go @@ -20,6 +20,7 @@ import ( "context" "fmt" + "github.com/google/go-containerregistry/pkg/authn" "github.com/google/go-containerregistry/pkg/crane" "github.com/fluxcd/pkg/auth" @@ -28,14 +29,14 @@ import ( ) // loginWithProvider gets a crane authentication option for the given provider and URL. -func loginWithProvider(ctx context.Context, url, provider string) (crane.Option, error) { +func loginWithProvider(ctx context.Context, url, provider string) (crane.Option, authn.Authenticator, error) { var opts []auth.Option if provider == azure.ProviderName { opts = append(opts, auth.WithAllowShellOut()) } authenticator, err := authutils.GetArtifactRegistryCredentials(ctx, provider, url, opts...) if err != nil { - return nil, fmt.Errorf("could not login to provider %s with url %s: %w", provider, url, err) + return nil, nil, fmt.Errorf("could not login to provider %s with url %s: %w", provider, url, err) } - return crane.WithAuth(authenticator), nil + return crane.WithAuth(authenticator), authenticator, nil } diff --git a/cmd/flux/pull_artifact.go b/cmd/flux/pull_artifact.go index e24adf12..e87b650c 100644 --- a/cmd/flux/pull_artifact.go +++ b/cmd/flux/pull_artifact.go @@ -94,7 +94,7 @@ func pullArtifactCmdRun(cmd *cobra.Command, args []string) error { if pullArtifactArgs.provider.String() != sourcev1.GenericOCIProvider { logger.Actionf("logging in to registry with provider credentials") - opt, err := loginWithProvider(ctx, url, pullArtifactArgs.provider.String()) + opt, _, err := loginWithProvider(ctx, url, pullArtifactArgs.provider.String()) if err != nil { return fmt.Errorf("error during login with provider: %w", err) } diff --git a/cmd/flux/push_artifact.go b/cmd/flux/push_artifact.go index 54a48651..c37f0ef1 100644 --- a/cmd/flux/push_artifact.go +++ b/cmd/flux/push_artifact.go @@ -225,11 +225,12 @@ func pushArtifactCmdRun(cmd *cobra.Command, args []string) error { if provider := pushArtifactArgs.provider.String(); provider != sourcev1.GenericOCIProvider { logger.Actionf("logging in to registry with provider credentials") - authOpt, err := loginWithProvider(ctx, url, provider) + var opt crane.Option + opt, authenticator, err = loginWithProvider(ctx, url, provider) if err != nil { return fmt.Errorf("error during login with provider: %w", err) } - opts = append(opts, authOpt) + opts = append(opts, opt) } if rootArgs.timeout != 0 { diff --git a/cmd/flux/tag_artifact.go b/cmd/flux/tag_artifact.go index 7ab8148e..626984a9 100644 --- a/cmd/flux/tag_artifact.go +++ b/cmd/flux/tag_artifact.go @@ -82,7 +82,7 @@ func tagArtifactCmdRun(cmd *cobra.Command, args []string) error { if tagArtifactArgs.provider.String() != sourcev1.GenericOCIProvider { logger.Actionf("logging in to registry with provider credentials") - opt, err := loginWithProvider(ctx, url, tagArtifactArgs.provider.String()) + opt, _, err := loginWithProvider(ctx, url, tagArtifactArgs.provider.String()) if err != nil { return fmt.Errorf("error during login with provider: %w", err) }