Mirrors/flux2
1
0
Fork 0
mirror of synced 2026-02-06 19:05:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduce support for shelling out to Azure binaries in authentication

Browse Source 
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
This commit is contained in:
Matheus Pimenta
2025-06-05 19:07:12 +01:00
parent 4c3aed9faf
commit ec3804cc6f
4 changed files with 21 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/flux/oci.go
View File

@@ -23,12 +23,18 @@ import (
"github.com/google/go-containerregistry/pkg/crane"
"github.com/fluxcd/pkg/auth"
"github.com/fluxcd/pkg/auth/azure"
authutils "github.com/fluxcd/pkg/auth/utils"
)
// loginWithProvider gets a crane authentication option for the given provider and URL.
func loginWithProvider(ctx context.Context, url, provider string) (crane.Option, error) {
authenticator, err := authutils.GetArtifactRegistryCredentials(ctx, provider, url)
var opts []auth.Option
if provider == azure.ProviderName {
opts = append(opts, auth.WithAllowShellOut())
}
authenticator, err := authutils.GetArtifactRegistryCredentials(ctx, provider, url, opts...)
if err != nil {
return nil, fmt.Errorf("could not login to provider %s with url %s: %w", provider, url, err)
}

10
cmd/flux/push_artifact.go
View File

@@ -34,6 +34,8 @@ import (
"github.com/spf13/cobra"
"sigs.k8s.io/yaml"
"github.com/fluxcd/pkg/auth"
"github.com/fluxcd/pkg/auth/azure"
authutils "github.com/fluxcd/pkg/auth/utils"
"github.com/fluxcd/pkg/oci"
sourcev1 "github.com/fluxcd/source-controller/api/v1"
@@ -225,9 +227,13 @@ func pushArtifactCmdRun(cmd *cobra.Command, args []string) error {
opts = append(opts, crane.WithAuth(authenticator))
}
if pushArtifactArgs.provider.String() != sourcev1.GenericOCIProvider {
if provider := pushArtifactArgs.provider.String(); provider != sourcev1.GenericOCIProvider {
logger.Actionf("logging in to registry with provider credentials")
authenticator, err = authutils.GetArtifactRegistryCredentials(ctx, pushArtifactArgs.provider.String(), url)
var authOpts []auth.Option
if provider == azure.ProviderName {
authOpts = append(authOpts, auth.WithAllowShellOut())
}
authenticator, err = authutils.GetArtifactRegistryCredentials(ctx, provider, url, authOpts...)
if err != nil {
return fmt.Errorf("error during login with provider: %w", err)
}