diff --git a/cmd/skopeo/utils.go b/cmd/skopeo/utils.go index c9c15415..6c69e14c 100644 --- a/cmd/skopeo/utils.go +++ b/cmd/skopeo/utils.go @@ -3,6 +3,7 @@ package main import ( "context" "io" + "os" "strings" "github.com/containers/image/v5/pkg/compression" @@ -44,7 +45,8 @@ func sharedImageFlags() ([]cli.Flag, *sharedImageOptions) { return []cli.Flag{ cli.StringFlag{ Name: "authfile", - Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", + Usage: "path of the authentication file. Example: ${XDG_RUNTIME_DIR}/containers/auth.json", + Value: os.Getenv("REGISTRY_AUTH_FILE"), Destination: &opts.authFilePath, }, }, &opts @@ -94,7 +96,7 @@ func dockerImageFlags(global *globalOptions, shared *sharedImageOptions, flagPre flags = append(flags, cli.GenericFlag{ Name: flagPrefix + "authfile", - Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", + Usage: "path of the authentication file. Example: ${XDG_RUNTIME_DIR}/containers/auth.json", Value: newOptionalStringValue(&opts.authFilePath), }, ) diff --git a/cmd/skopeo/utils_test.go b/cmd/skopeo/utils_test.go index 0fa4d145..40e98cb7 100644 --- a/cmd/skopeo/utils_test.go +++ b/cmd/skopeo/utils_test.go @@ -2,6 +2,7 @@ package main import ( "flag" + "os" "testing" "github.com/containers/image/v5/types" @@ -137,13 +138,25 @@ func TestImageDestOptionsNewSystemContext(t *testing.T) { require.NoError(t, err) assert.Equal(t, &types.SystemContext{}, res) + oldXRD, hasXRD := os.LookupEnv("REGISTRY_AUTH_FILE") + defer func() { + if hasXRD { + os.Setenv("REGISTRY_AUTH_FILE", oldXRD) + } else { + os.Unsetenv("REGISTRY_AUTH_FILE") + } + }() + authFile := "/tmp/auth.json" + // Make sure when REGISTRY_AUTH_FILE is set the auth file is used + os.Setenv("REGISTRY_AUTH_FILE", authFile) + // Explicitly set everything to default, except for when the default is “not present” opts = fakeImageDestOptions(t, "dest-", []string{}, []string{ "--dest-compress=false", }) res, err = opts.newSystemContext() require.NoError(t, err) - assert.Equal(t, &types.SystemContext{}, res) + assert.Equal(t, &types.SystemContext{AuthFilePath: authFile}, res) // Set everything to non-default values. opts = fakeImageDestOptions(t, "dest-", []string{ diff --git a/docs/skopeo-copy.1.md b/docs/skopeo-copy.1.md index 036e9d56..9dff6139 100644 --- a/docs/skopeo-copy.1.md +++ b/docs/skopeo-copy.1.md @@ -28,6 +28,9 @@ the images in the list, and the list itself. Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. +Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE +environment variable. `export REGISTRY_AUTH_FILE=path` + **--src-authfile** _path_ Path of the authentication file for the source registry. Uses path given by `--authfile`, if not provided.