Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update securitypolicy tool to support multiple registries #1161

Merged
merged 1 commit into from
Sep 14, 2021
Merged

Update securitypolicy tool to support multiple registries #1161

merged 1 commit into from
Sep 14, 2021

Conversation

SeanTAllen
Copy link
Contributor

Before this change, the securitypolicy tool could authorize with a registry
by providing a username and password as command-line options.

This approach worked fine as long as all images were being pulled from the
same registry. It doesn't work if you need to access multiple registries.

After this change, authorization is provided in the policy.toml on a per-image
basis. This allows for mixing and matching different registries together as
part of a pod.

Signed-off-by: Sean T. Allen [email protected]

@SeanTAllen SeanTAllen requested a review from a team as a code owner September 14, 2021 13:42
dcantah
dcantah reviewed Sep 14, 2021
View reviewed changes
internal/tools/securitypolicy/main.go
auth := authn.Basic{
Username: image.Auth.Username,
Password: image.Auth.Password}
c, _ := auth.Authorization()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was wondering why this was ignored, but turns out it just returns nil always 😂.

dcantah
dcantah approved these changes Sep 14, 2021
View reviewed changes
Copy link
Contributor

@dcantah dcantah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@SeanTAllen
Update securitypolicy tool to support multiple registries
edb95ab 
Before this change, the securitypolicy tool could authorize with a registry
by providing a username and password as command-line options.

This approach worked fine as long as all images were being pulled from the
same registry. It doesn't work if you need to access multiple registries.

After this change, authorization is provided in the policy.toml on a per-image
basis. This allows for mixing and matching different registries together as
part of a pod.

Signed-off-by: Sean T. Allen <[email protected]>
@SeanTAllen
Copy link
Contributor Author

I got two! Can I get a merge?

@anmaxvl anmaxvl merged commit 2811ffe into microsoft:master Sep 14, 2021
@SeanTAllen SeanTAllen deleted the securitypolicy-tool-login branch September 14, 2021 19:15
anmaxvl pushed a commit to anmaxvl/hcsshim that referenced this pull request Nov 17, 2021
@ambarve
Merged PR 5137749: update hcsshim to 057bebe
a0b83d5 
Related work items: microsoft#1062, microsoft#1087, microsoft#1089, microsoft#1095, microsoft#1104, microsoft#1112, microsoft#1117, microsoft#1118, microsoft#1125, microsoft#1137, microsoft#1139, microsoft#1140, microsoft#1141, microsoft#1142, microsoft#1143, microsoft#1145, microsoft#1146, microsoft#1150, microsoft#1151, microsoft#1153, microsoft#1154, microsoft#1155, microsoft#1156, microsoft#1157, microsoft#1158, microsoft#1159, microsoft#1161, microsoft#1162, microsoft#1163, microsoft#1164, microsoft#1165, microsoft#1166, microsoft#1167, microsoft#1168, microsoft#1169, microsoft#1171, microsoft#1172, microsoft#1173, microsoft#1174, microsoft#1178
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anmaxvl anmaxvl anmaxvl approved these changes

@dcantah dcantah dcantah approved these changes

Assignees

@anmaxvl anmaxvl

@dcantah dcantah

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@SeanTAllen @anmaxvl @dcantah