Add authfile flag to pull and push

Push and pull can now access any cached registry credentials from the auth file Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-13 17:04:57 -04:00 · 2017-10-13 17:04:57 -04:00 · d855e2c8ad
commit d855e2c8ad
parent 0914a7a667
13 changed files with 428 additions and 210 deletions
--- a/docs/kpod-pull.1.md
+++ b/docs/kpod-pull.1.md
@ -21,10 +21,10 @@ images from archives and local storage using different transports.
 ## imageID
 Image stored in local container/storage

-## DESTINATION
+## SOURCE

- The DESTINATION is a location to store container images
- The Image "DESTINATION" uses a "transport":"details" format.
+ The SOURCE is a location to get container images
+ The Image "SOURCE" uses a "transport":"details" format.

 Multiple transports are supported:

@ -32,7 +32,7 @@ Image stored in local container/storage
  An existing local directory _path_ storing the manifest, layer tarballs and signatures as individual files. This is a non-standardized format, primarily useful for debugging or noninvasive container inspection.

  **docker://**_docker-reference_
-  An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$HOME/.docker/config.json`, which is set e.g. using `(docker login)`.
+  An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$XDG_RUNTIME_DIR/containers/auth.json`, which is set e.g. using `(kpod login)`.

  **docker-archive:**_path_[**:**_docker-reference_]
  An image is stored in the `docker save` formatted file.  _docker-reference_ is only used when creating such a file, and it must not contain a digest.
@ -40,7 +40,7 @@ Image stored in local container/storage
  **docker-daemon:**_docker-reference_
  An image _docker-reference_ stored in the docker daemon internal storage.  _docker-reference_ must contain either a tag or a digest.  Alternatively, when reading images, the format can also be docker-daemon:algo:digest (an image ID).

-  **oci:**_path_**:**_tag_
+  **oci-archive:**_path_**:**_tag_
  An image _tag_ in a directory compliant with "Open Container Image Layout Specification" at _path_.

  **ostree:**_image_[**@**_/absolute/repo/path_]
@ -54,6 +54,14 @@ Image stored in local container/storage

 ## OPTIONS

+**--authfile**
+
+Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json
+
+**--creds**
+
+Credentials (USERNAME:PASSWORD) to use for authenticating to a registry
+
 **--signature-policy="PATHNAME"**

 Pathname of a signature policy file to use.  It is not recommended that this
@ -75,8 +83,30 @@ Writing manifest to image destination
 Storing signatures
 ```

+```
+# kpod pull --authfile temp-auths/myauths.json docker://docker.io/umohnani/finaltest
+Trying to pull docker.io/umohnani/finaltest:latest...Getting image source signatures
+Copying blob sha256:6d987f6f42797d81a318c40d442369ba3dc124883a0964d40b0c8f4f7561d913
+ 1.90 MB / 1.90 MB [========================================================] 0s
+Copying config sha256:ad4686094d8f0186ec8249fc4917b71faa2c1030d7b5a025c29f26e19d95c156
+ 1.41 KB / 1.41 KB [========================================================] 0s
+Writing manifest to image destination
+Storing signatures
+```
+
+```
+# kpod pull docker.io/umohnani/finaltest
+Trying to pull docker.io/umohnani/finaltest:latest...Getting image source signatures
+Copying blob sha256:6d987f6f42797d81a318c40d442369ba3dc124883a0964d40b0c8f4f7561d913
+ 1.90 MB / 1.90 MB [========================================================] 0s
+Copying config sha256:ad4686094d8f0186ec8249fc4917b71faa2c1030d7b5a025c29f26e19d95c156
+ 1.41 KB / 1.41 KB [========================================================] 0s
+Writing manifest to image destination
+Storing signatures
+```
+
 ## SEE ALSO
-kpod(1), crio(8), crio.conf(5)
+kpod(1), kpod-push(1), crio(8), crio.conf(5)

 ## HISTORY
 July 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>
--- a/docs/kpod-push.1.md
+++ b/docs/kpod-push.1.md
@ -26,7 +26,7 @@ Image stored in local container/storage
  An existing local directory _path_ storing the manifest, layer tarballs and signatures as individual files. This is a non-standardized format, primarily useful for debugging or noninvasive container inspection.

  **docker://**_docker-reference_
-  An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$HOME/.docker/config.json`, which is set e.g. using `(docker login)`.
+  An image in a registry implementing the "Docker Registry HTTP API V2". By default, uses the authorization state in `$XDG_RUNTIME_DIR/containers/auth.json`, which is set e.g. using `(kpod login)`.

  **docker-archive:**_path_[**:**_docker-reference_]
  An image is stored in the `docker save` formatted file.  _docker-reference_ is only used when creating such a file, and it must not contain a digest.
@ -34,7 +34,7 @@ Image stored in local container/storage
  **docker-daemon:**_docker-reference_
  An image _docker-reference_ stored in the docker daemon internal storage.  _docker-reference_ must contain either a tag or a digest.  Alternatively, when reading images, the format can also be docker-daemon:algo:digest (an image ID).

-  **oci:**_path_**:**_tag_
+  **oci-archive:**_path_**:**_tag_
  An image _tag_ in a directory compliant with "Open Container Image Layout Specification" at _path_.

  **ostree:**_image_[**@**_/absolute/repo/path_]
@ -42,6 +42,10 @@ Image stored in local container/storage

 ## OPTIONS

+**--authfile**
+
+Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json
+
 **--creds="CREDENTIALS"**

 Credentials (USERNAME:PASSWORD) to use for authenticating to a registry
@ -84,7 +88,7 @@ This example extracts the imageID image to a local directory in docker format.

 This example extracts the imageID image to a local directory in oci format.

- `# kpod push imageID oci:/path/to/layout`
+ `# kpod push imageID oci-archive:/path/to/layout:image:tag`

 This example extracts the imageID image to a container registry named registry.example.com

@ -94,5 +98,19 @@ This example extracts the imageID image and puts into the local docker container

 `# kpod push imageID docker-daemon:image:tag`

+This example pushes the alpine image to umohnani/alpine on dockerhub and reads the creds from
+the path given to --authfile
+
+```
+# kpod push --authfile temp-auths/myauths.json alpine docker://docker.io/umohnani/alpine
+Getting image source signatures
+Copying blob sha256:5bef08742407efd622d243692b79ba0055383bbce12900324f75e56f589aedb0
+ 4.03 MB / 4.03 MB [========================================================] 1s
+Copying config sha256:ad4686094d8f0186ec8249fc4917b71faa2c1030d7b5a025c29f26e19d95c156
+ 1.41 KB / 1.41 KB [========================================================] 1s
+Writing manifest to image destination
+Storing signatures
+```
+
 ## SEE ALSO
-kpod(1)
+kpod(1), kpod-pull(1), crio(8), crio.conf(5)