Update cli description
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
This commit is contained in:
Somtochi Onyekwere
committed by
Stefan Prodan
Stefan Prodan
parent
4c576bf599
commit
fe4b65972a
@@ -30,13 +30,17 @@ import (
|
|||||||
|
|
||||||
var createSecretOCICmd = &cobra.Command{
|
var createSecretOCICmd = &cobra.Command{
|
||||||
Use: "oci [name]",
|
Use: "oci [name]",
|
||||||
Short: "Create or update a Kubernetes secret for docker authentication",
|
Short: "Create or update a Kubernetes secret for OCI Registry authentication",
|
||||||
Long: `The create secret oci command generates a Kubernetes secret with `,
|
Long: `The create secret oci command generates a Kubernetes secret with `,
|
||||||
Example: ` # Create a secret for a OCI repository using basic authentication
|
Example: ` # Create an OCI authentication secret on disk and encrypt it with Mozilla SOPS
|
||||||
flux create secret oci podinfo-auth \
|
flux create secret oci podinfo-auth \
|
||||||
--url=ghcr.io/stefanprodan/charts \
|
--url=ghcr.io \
|
||||||
--username=username \
|
--username=username \
|
||||||
--password=password
|
--password=password \
|
||||||
|
--export > repo-auth.yaml
|
||||||
|
|
||||||
|
sops --encrypt --encrypted-regex '^(data|stringData)$' \
|
||||||
|
--in-place repo-auth.yaml
|
||||||
`,
|
`,
|
||||||
RunE: createSecretOCICmdRun,
|
RunE: createSecretOCICmdRun,
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -38,12 +38,18 @@ import (
|
|||||||
|
|
||||||
const defaultSSHPort = 22
|
const defaultSSHPort = 22
|
||||||
|
|
||||||
type DockerConfigJson struct {
|
// DockerConfigJSON represents a local docker auth config file
|
||||||
|
// for pulling images.
|
||||||
|
type DockerConfigJSON struct {
|
||||||
Auths DockerConfig `json:"auths"`
|
Auths DockerConfig `json:"auths"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DockerConfig represents the config file used by the docker CLI.
|
||||||
|
// This config that represents the credentials that should be used
|
||||||
|
// when pulling images from specific image repositories.
|
||||||
type DockerConfig map[string]DockerConfigEntry
|
type DockerConfig map[string]DockerConfigEntry
|
||||||
|
|
||||||
|
// DockerConfigEntry holds the user information that grant the access to docker registry
|
||||||
type DockerConfigEntry struct {
|
type DockerConfigEntry struct {
|
||||||
Username string `json:"username,omitempty"`
|
Username string `json:"username,omitempty"`
|
||||||
Password string `json:"password,omitempty"`
|
Password string `json:"password,omitempty"`
|
||||||
@@ -221,7 +227,7 @@ func resourceToString(data []byte) string {
|
|||||||
func generateDockerConfigJson(url, username, password string) ([]byte, error) {
|
func generateDockerConfigJson(url, username, password string) ([]byte, error) {
|
||||||
cred := fmt.Sprintf("%s:%s", username, password)
|
cred := fmt.Sprintf("%s:%s", username, password)
|
||||||
auth := base64.StdEncoding.EncodeToString([]byte(cred))
|
auth := base64.StdEncoding.EncodeToString([]byte(cred))
|
||||||
cfg := DockerConfigJson{
|
cfg := DockerConfigJSON{
|
||||||
Auths: map[string]DockerConfigEntry{
|
Auths: map[string]DockerConfigEntry{
|
||||||
url: {
|
url: {
|
||||||
Username: username,
|
Username: username,
|
||||||
|
|||||||
Reference in New Issue
Block a user