Merge pull request #829 from rhatdan/REGISTRY_AUTH_FILE

add support for REGISTRY_AUTH_FILE
2025-06-25 22:32:18 +00:00 · 2020-03-13 09:21:24 -04:00 · 2020-03-13 09:21:24 -04:00 · a7ff66f09e
commit a7ff66f09e
parent a99450c002 df2966b766
3 changed files with 21 additions and 3 deletions
--- a/cmd/skopeo/utils.go
+++ b/cmd/skopeo/utils.go
@ -3,6 +3,7 @@ package main
 import (
 	"context"
 	"io"
+	"os"
 	"strings"

 	"github.com/containers/image/v5/pkg/compression"
@ -44,7 +45,8 @@ func sharedImageFlags() ([]cli.Flag, *sharedImageOptions) {
 	return []cli.Flag{
 		cli.StringFlag{
 			Name:        "authfile",
-			Usage:       "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Usage:       "path of the authentication file. Example: ${XDG_RUNTIME_DIR}/containers/auth.json",
+			Value:       os.Getenv("REGISTRY_AUTH_FILE"),
 			Destination: &opts.authFilePath,
 		},
 	}, &opts
@ -94,7 +96,7 @@ func dockerImageFlags(global *globalOptions, shared *sharedImageOptions, flagPre
 		flags = append(flags,
 			cli.GenericFlag{
 				Name:  flagPrefix + "authfile",
-				Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json",
+				Usage: "path of the authentication file. Example: ${XDG_RUNTIME_DIR}/containers/auth.json",
 				Value: newOptionalStringValue(&opts.authFilePath),
 			},
 		)
--- a/cmd/skopeo/utils_test.go
+++ b/cmd/skopeo/utils_test.go
@ -2,6 +2,7 @@ package main

 import (
 	"flag"
+	"os"
 	"testing"

 	"github.com/containers/image/v5/types"
@ -137,13 +138,25 @@ func TestImageDestOptionsNewSystemContext(t *testing.T) {
 	require.NoError(t, err)
 	assert.Equal(t, &types.SystemContext{}, res)

+	oldXRD, hasXRD := os.LookupEnv("REGISTRY_AUTH_FILE")
+	defer func() {
+		if hasXRD {
+			os.Setenv("REGISTRY_AUTH_FILE", oldXRD)
+		} else {
+			os.Unsetenv("REGISTRY_AUTH_FILE")
+		}
+	}()
+	authFile := "/tmp/auth.json"
+	// Make sure when REGISTRY_AUTH_FILE is set the auth file is used
+	os.Setenv("REGISTRY_AUTH_FILE", authFile)
+
 	// Explicitly set everything to default, except for when the default is “not present”
 	opts = fakeImageDestOptions(t, "dest-", []string{}, []string{
 		"--dest-compress=false",
 	})
 	res, err = opts.newSystemContext()
 	require.NoError(t, err)
-	assert.Equal(t, &types.SystemContext{}, res)
+	assert.Equal(t, &types.SystemContext{AuthFilePath: authFile}, res)

 	// Set everything to non-default values.
 	opts = fakeImageDestOptions(t, "dest-", []string{
--- a/docs/skopeo-copy.1.md
+++ b/docs/skopeo-copy.1.md
@ -28,6 +28,9 @@ the images in the list, and the list itself.
 Path of the authentication file. Default is ${XDG_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
 If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.

+Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
+environment variable. `export REGISTRY_AUTH_FILE=path`
+
 **--src-authfile** _path_

 Path of the authentication file for the source registry. Uses path given by `--authfile`, if not provided.