package authn
import "github.com/google/go-containerregistry/pkg/authn"
Package authn defines different methods of authentication for talking to a container registry.
Index ¶
- Constants
- Variables
- type AuthConfig
- func Authorization(ctx context.Context, authn Authenticator) (*AuthConfig, error)
- func (a AuthConfig) MarshalJSON() ([]byte, error)
- func (a *AuthConfig) UnmarshalJSON(data []byte) error
- type Authenticator
- func FromConfig(cfg AuthConfig) Authenticator
- func Resolve(ctx context.Context, keychain Keychain, target Resource) (Authenticator, error)
- type Basic
- type Bearer
- type ContextAuthenticator
- type ContextKeychain
- type Helper
- type Keychain
- func NewKeychainFromHelper(h Helper) Keychain
- func NewMultiKeychain(kcs ...Keychain) Keychain
- func RefreshingKeychain(inner Keychain, duration time.Duration) Keychain
- type Resource
Constants ¶
const ( // DefaultAuthKey is the key used for dockerhub in config files, which // is hardcoded for historical reasons. DefaultAuthKey = "https://" + name.DefaultRegistry + "/v1/" )
Variables ¶
var ( // DefaultKeychain implements Keychain by interpreting the docker config file. DefaultKeychain = &defaultKeychain{} )
Types ¶
type AuthConfig ¶
type AuthConfig struct { Username string `json:"username,omitempty"` Password string `json:"password,omitempty"` Auth string `json:"auth,omitempty"` // IdentityToken is used to authenticate the user and get // an access token for the registry. IdentityToken string `json:"identitytoken,omitempty"` // RegistryToken is a bearer token to be sent to a registry RegistryToken string `json:"registrytoken,omitempty"` }
AuthConfig contains authorization information for connecting to a Registry Inlined what we use from github.com/docker/cli/cli/config/types
func Authorization ¶
func Authorization(ctx context.Context, authn Authenticator) (*AuthConfig, error)
Authorization calls AuthorizationContext with ctx if the given Authenticator implements ContextAuthenticator, otherwise it calls Resolve with the given Resource.
func (AuthConfig) MarshalJSON ¶
func (a AuthConfig) MarshalJSON() ([]byte, error)
MarshalJSON implements json.Marshaler
func (*AuthConfig) UnmarshalJSON ¶
func (a *AuthConfig) UnmarshalJSON(data []byte) error
UnmarshalJSON implements json.Unmarshaler
type Authenticator ¶
type Authenticator interface { // Authorization returns the value to use in an http transport's Authorization header. Authorization() (*AuthConfig, error) }
Authenticator is used to authenticate Docker transports.
var Anonymous Authenticator = &anonymous{}
Anonymous is a singleton Authenticator for providing anonymous auth.
func FromConfig ¶
func FromConfig(cfg AuthConfig) Authenticator
FromConfig returns an Authenticator that just returns the given AuthConfig.
func Resolve ¶
Resolve calls ResolveContext with ctx if the given Keychain implements ContextKeychain, otherwise it calls Resolve with the given Resource.
type Basic ¶
Basic implements Authenticator for basic authentication.
func (*Basic) Authorization ¶
func (b *Basic) Authorization() (*AuthConfig, error)
Authorization implements Authenticator.
type Bearer ¶
type Bearer struct { Token string `json:"token"` }
Bearer implements Authenticator for bearer authentication.
func (*Bearer) Authorization ¶
func (b *Bearer) Authorization() (*AuthConfig, error)
Authorization implements Authenticator.
type ContextAuthenticator ¶
type ContextAuthenticator interface { // Authorization returns the value to use in an http transport's Authorization header. AuthorizationContext(context.Context) (*AuthConfig, error) }
ContextAuthenticator is like Authenticator, but allows for context to be passed in.
type ContextKeychain ¶
type ContextKeychain interface { ResolveContext(context.Context, Resource) (Authenticator, error) }
ContextKeychain is like Keychain, but allows for context to be passed in.
type Helper ¶
Helper is a subset of the Docker credential helper credentials.Helper interface used by NewKeychainFromHelper.
See: https://pkg.go.dev/github.com/docker/docker-credential-helpers/credentials#Helper
type Keychain ¶
type Keychain interface { // Resolve looks up the most appropriate credential for the specified target. Resolve(Resource) (Authenticator, error) }
Keychain is an interface for resolving an image reference to a credential.
func NewKeychainFromHelper ¶
NewKeychainFromHelper returns a Keychain based on a Docker credential helper implementation that can Get username and password credentials for a given server URL.
func NewMultiKeychain ¶
NewMultiKeychain composes a list of keychains into one new keychain.
func RefreshingKeychain ¶
type Resource ¶
type Resource interface { // String returns the full string representation of the target, e.g. // gcr.io/my-project or just gcr.io. String() string // RegistryStr returns just the registry portion of the target, e.g. for // gcr.io/my-project, this should just return gcr.io. This is needed to // pull out an appropriate hostname. RegistryStr() string }
Resource represents a registry or repository that can be authenticated against.
Source Files ¶
anon.go auth.go authn.go basic.go bearer.go doc.go keychain.go multikeychain.go
Directories ¶
Path | Synopsis |
---|---|
pkg/authn/github | Package github provides a keychain for the GitHub Container Registry. |
- Version
- v0.20.3 (latest)
- Published
- Jan 15, 2025
- Platform
- linux/amd64
- Imports
- 14 packages
- Last checked
- 16 hours ago –
Tools for package owners.