README
¶
Docker Registry Authentication
ORAS v2 Migration Guide
This package provides Docker registry authentication using ORAS (OCI Registry As Storage) v2 library.
Migrating from ORAS v1
Previously, you might have used types.AuthConfig:
// Old ORAS v1 code
authConfig := &types.AuthConfig{
Username: "username",
Password: "password",
}
Now with ORAS v2, use the new authentication approach:
// New ORAS v2 code
client := docker.NewClient(nil)
err := client.Login(ctx, &docker.LoginConfig{
Registry: "example.com",
Username: "username",
Password: "password",
})
Key Changes
- Replaced
types.AuthConfigwithauth.Credential - Authentication is now handled through
auth.Client - More flexible credential management
- Better support for different authentication methods
Features
- Token-based authentication
- Credential store support
- Secure credential handling
Documentation
¶
Index ¶
- func ExampleDockerConfigIntegration()
- func ExampleErrorHandling()
- func ExampleUsage()
- type Client
- func (c *Client) GetAuthClient() *auth.Client
- func (c *Client) GetCredential(ctx context.Context, registry string) (auth.Credential, error)
- func (c *Client) IsLoggedIn(ctx context.Context, registry string) (bool, error)
- func (c *Client) Login(ctx context.Context, config *LoginConfig) error
- func (c *Client) LoginWithToken(ctx context.Context, registry, token string) error
- func (c *Client) Logout(ctx context.Context, registry string) error
- type CredentialStore
- type InMemoryStore
- type LoginConfig
- type TLSClient
- type TLSConfig
- type TLSLoginConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ExampleDockerConfigIntegration ¶
func ExampleDockerConfigIntegration()
ExampleDockerConfigIntegration shows how to integrate with Docker config
func ExampleErrorHandling ¶
func ExampleErrorHandling()
ExampleErrorHandling demonstrates proper error handling
func ExampleUsage ¶
func ExampleUsage()
ExampleUsage demonstrates how to use the ORAS v2 Docker authentication
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client wraps the ORAS v2 authentication client
func NewClient ¶
func NewClient(store CredentialStore) *Client
NewClient creates a new Docker authentication client using ORAS v2
func (*Client) GetAuthClient ¶
GetAuthClient returns the underlying ORAS auth client
func (*Client) GetCredential ¶
GetCredential retrieves the stored credential for a registry
func (*Client) IsLoggedIn ¶
IsLoggedIn checks if we have stored credentials for a registry
func (*Client) Login ¶
func (c *Client) Login(ctx context.Context, config *LoginConfig) error
Login authenticates with a Docker registry using username/password
func (*Client) LoginWithToken ¶
LoginWithToken authenticates with a Docker registry using a token
type CredentialStore ¶
type CredentialStore interface {
Store(ctx context.Context, registry string, cred auth.Credential) error
Get(ctx context.Context, registry string) (auth.Credential, error)
Delete(ctx context.Context, registry string) error
}
CredentialStore provides a simple interface for credential storage
func DefaultCredentialStore ¶
func DefaultCredentialStore() CredentialStore
DefaultCredentialStore returns a default in-memory credential store
type InMemoryStore ¶
type InMemoryStore struct {
// contains filtered or unexported fields
}
InMemoryStore provides an in-memory credential store
func NewInMemoryStore ¶
func NewInMemoryStore() *InMemoryStore
NewInMemoryStore creates a new in-memory credential store
func (*InMemoryStore) Delete ¶
func (s *InMemoryStore) Delete(ctx context.Context, registry string) error
func (*InMemoryStore) Get ¶
func (s *InMemoryStore) Get(ctx context.Context, registry string) (auth.Credential, error)
func (*InMemoryStore) Store ¶
func (s *InMemoryStore) Store(ctx context.Context, registry string, cred auth.Credential) error
type LoginConfig ¶
type LoginConfig struct {
Registry string `json:"registry" yaml:"registry"`
Username string `json:"username" yaml:"username"`
Password string `json:"password" yaml:"password"`
Token string `json:"token,omitempty" yaml:"token,omitempty"`
}
LoginConfig represents the configuration for Docker registry authentication
type TLSClient ¶
type TLSClient struct {
*Client
// contains filtered or unexported fields
}
TLSClient extends the basic Docker auth client with TLS capabilities
func NewTLSClient ¶
func NewTLSClient(store CredentialStore, tlsConfig *TLSConfig) (*TLSClient, error)
NewTLSClient creates a new Docker authentication client with TLS support
func (*TLSClient) GetTLSConfig ¶
GetTLSConfig returns the current TLS configuration
func (*TLSClient) LoginWithTLS ¶
func (c *TLSClient) LoginWithTLS(ctx context.Context, config *TLSLoginConfig) error
LoginWithTLS authenticates with a Docker registry using TLS configuration
func (*TLSClient) UpdateTLSConfig ¶
UpdateTLSConfig updates the TLS configuration for the client
type TLSConfig ¶
type TLSConfig struct {
CertFile string `json:"certFile,omitempty" yaml:"certFile,omitempty"`
KeyFile string `json:"keyFile,omitempty" yaml:"keyFile,omitempty"`
CAFile string `json:"caFile,omitempty" yaml:"caFile,omitempty"`
InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty" yaml:"insecureSkipVerify,omitempty"`
ServerName string `json:"serverName,omitempty" yaml:"serverName,omitempty"`
}
TLSConfig represents TLS configuration for Docker registry authentication
type TLSLoginConfig ¶
type TLSLoginConfig struct {
LoginConfig
TLS *TLSConfig `json:"tls,omitempty" yaml:"tls,omitempty"`
}
TLSLoginConfig combines Docker login configuration with TLS settings
Source Files