add only docker registry auths to docker config

Author: Aishwarya-Lad

cmd/drone-gar/main.go

@@ -27,9 +27,6 @@ type Config struct {
 	WorkloadIdentity bool
 	Username         string
 	AccessToken      string
-	BaseImageRegistry string // Docker registry to pull base image
-	BaseImageUsername string // Docker registry username to pull base image
-	BaseImagePassword string // Docker registry password to pull base image
 }
 
 type staticTokenSource struct {
@@ -103,22 +100,18 @@ func main() {
 		os.Setenv("DOCKER_USERNAME", config.Username)
 		os.Setenv("DOCKER_PASSWORD", config.Password)
 	}
-	//data, err := ioutil.ReadFile("/.docker/config.json")
-	fmt.Println(" Aishwarya config.json is 1.." )
 
 	os.Setenv("PLUGIN_REPO", config.Repo)
 	os.Setenv("PLUGIN_REGISTRY", config.Registry)
 
 	// invoke the base docker plugin binary
 	cmd := exec.Command(docker.GetDroneDockerExecCmd())
-	fmt.Println(" Aishwarya config.json is 2.." )
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 	err := cmd.Run()
 	if err != nil {
 		logrus.Fatal(err)
 	}
-	fmt.Println(" Aishwarya config.json is 4.." )
 }
 
 func getOauthToken(data []byte) (s string) {

docker.go

@@ -2,7 +2,6 @@ package docker
 
 import (
 	"fmt"
-	"log"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -13,7 +12,6 @@ import (
 	"github.com/drone-plugins/drone-docker/internal/docker"
 	"github.com/drone-plugins/drone-plugin-lib/drone"
 	"github.com/pkg/errors"
-
 )
 
 type (
@@ -172,12 +170,10 @@ func (p Plugin) Exec() error {
 		}
 		defer file.Close()
 	}
-	log.Printf("p.Login.Config ....  %s", p.Login.Config)
-	// add docker credentials to the existing config file, else create new
-	if p.Login.Password != "" && p.BaseImagePassword != "" {
+	// add base image docker credentials to the existing config file, else create new
+	if p.BaseImagePassword != "" {
 		json, err := setDockerAuth(p.Login.Username, p.Login.Password, p.Login.Registry,
 			p.BaseImageUsername, p.BaseImagePassword, p.BaseImageRegistry)
-		fmt.Println("json after set Auth: %s", json)
 		if err != nil {
 			return errors.Wrap(err, "Failed to set authentication in docker config")
 		}
@@ -194,8 +190,6 @@ func (p Plugin) Exec() error {
 			}
 		}
 	}
-	fmt.Println("json after set Auth: %s", json)
-
 
 	// login to the Docker registry
 	if p.Login.Password != "" {
@@ -309,16 +303,19 @@ func (p Plugin) Exec() error {
 
 // helper function to set the credentials
 func setDockerAuth(username, password, registry, baseImageUsername,
-					baseImagePassword, baseImageRegistry string) ([]byte, error) {
-	dockerConfig := docker.NewConfig()
-	pushToRegistryCreds := docker.RegistryCredentials{
-		Registry: registry,
-		Username: username,
-		Password: password,
+	baseImagePassword, baseImageRegistry string) ([]byte, error) {
+	var credentials []docker.RegistryCredentials
+	// add only docker registry to the config
+	if password != "" && strings.Contains(registry, "docker") {
+		dockerConfig := docker.NewConfig()
+		pushToRegistryCreds := docker.RegistryCredentials{
+			Registry: registry,
+			Username: username,
+			Password: password,
+		}
+		// push registry auth
+		credentials := append(credentials, pushToRegistryCreds)
 	}
-	// push registry auth
-	//credentials := []docker.RegistryCredentials{pushToRegistryCreds}
-	credentials := []docker.RegistryCredentials{}
 
 	if baseImageRegistry != "" {
 		pullFromRegistryCreds := docker.RegistryCredentials{
@@ -567,7 +564,6 @@ func commandPush(build Build, tag string) *exec.Cmd {
 
 // helper function to create the docker daemon command.
 func commandDaemon(daemon Daemon) *exec.Cmd {
-	fmt.Println(" Aishwarya config.json is 5.." )
 	args := []string{
 		"--data-root", daemon.StoragePath,
 		"--host=unix:///var/run/docker.sock",
@@ -649,8 +645,6 @@ func trace(cmd *exec.Cmd) {
 }
 
 func GetDroneDockerExecCmd() string {
-	fmt.Println(" Aishwarya config.json is 3.." )
-
 	if runtime.GOOS == "windows" {
 		return "C:/bin/drone-docker.exe"
 	}

internal/docker/config.go

@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
-	"log"
 	"os"
 
 	"github.com/pkg/errors"
@@ -54,7 +53,7 @@ func (c *Config) SetCredHelper(registry, helper string) {
 
 func (c *Config) CreateDockerConfigJson(credentials []RegistryCredentials) ([]byte, error) {
 	for _, cred := range credentials {
-		if cred.Registry != "" {
+		if cred.Registry != "" && strings.Contains(cred.Registry, "docker") {
 
 			if cred.Username == "" {
 				return nil, fmt.Errorf("Username must be specified for registry: %s", cred.Registry)
@@ -67,7 +66,6 @@ func (c *Config) CreateDockerConfigJson(credentials []RegistryCredentials) ([]by
 	}
 
 	jsonBytes, err := json.Marshal(c)
-	log.Printf("jsonBytes config : %s", jsonBytes)
 	if err != nil {
 		return nil, errors.Wrap(err, "failed to serialize docker config json")
 	}

internal/docker/config_test.go

@@ -0,0 +1,64 @@
+package docker
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+const (
+	RegistryV1        string = "https://index.docker.io/v1/"
+	RegistryV2        string = "https://index.docker.io/v2/"
+	RegistryECRPublic string = "public.ecr.aws"
+)
+
+func TestConfig(t *testing.T) {
+	c := NewConfig()
+	assert.NotNil(t, c.Auths)
+	assert.NotNil(t, c.CredHelpers)
+
+	c.SetAuth(RegistryV1, "test", "password")
+	expectedAuth := Auth{Auth: "dGVzdDpwYXNzd29yZA=="}
+	assert.Equal(t, expectedAuth, c.Auths[RegistryV1])
+
+	c.SetCredHelper(RegistryECRPublic, "ecr-login")
+	assert.Equal(t, "ecr-login", c.CredHelpers[RegistryECRPublic])
+
+	tempDir, err := ioutil.TempDir("", "docker-config-test")
+	assert.NoError(t, err)
+	defer os.RemoveAll(tempDir)
+
+	credentials := []RegistryCredentials{
+		{
+			Registry: "https://index.docker.io/v1/",
+			Username: "user1",
+			Password: "pass1",
+		},
+		{
+			Registry: "gcr.io",
+			Username: "user2",
+			Password: "pass2",
+		},
+	}
+
+	jsonBytes, err := c.CreateDockerConfigJson(credentials)
+	assert.NoError(t, err)
+
+	configPath := filepath.Join(tempDir, "config.json")
+	err = ioutil.WriteFile(configPath, jsonBytes, 0644)
+	assert.NoError(t, err)
+
+	data, err := ioutil.ReadFile(configPath)
+	assert.NoError(t, err)
+
+	var configFromFile Config
+	err = json.Unmarshal(data, &configFromFile)
+	assert.NoError(t, err)
+
+	assert.Equal(t, c.Auths, configFromFile.Auths)
+	assert.Equal(t, c.CredHelpers, configFromFile.CredHelpers)
+}