Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fallback to anonymous if env or gcloud are not configured #1279

Merged
merged 3 commits into from
Feb 7, 2022
Merged

Fallback to anonymous if env or gcloud are not configured #1279

merged 3 commits into from
Feb 7, 2022

Conversation

imjasonh
Copy link
Collaborator

@imjasonh imjasonh commented Feb 3, 2022
edited
Loading

If google.Keychain is used with NewMultiKeychain, it will be selected to provide credentials to pull or push images for images in GCR/AR. If, in this case, Application Default Credentials aren't configured and gcloud is not available or configured to provide credentials, the keychain will fail, even if the image is otherwise publicly available.

With this change, if the env credential lookup and gcloud credential lookup both fail, instead of returning an error, google.Keychain will fallback to return authn.Anonymous instead. In this case, NewMultiKeychain will fall through each option in turn, until finally using authn.Anonymous if none match and provide credentials.

@imjasonh imjasonh requested a review from jonjohnsonjr February 3, 2022 18:25
@codecov-commenter
Copy link

codecov-commenter commented Feb 3, 2022
edited
Loading

Codecov Report

Merging #1279 (c96a322) into main (9c35968) will increase coverage by 0.00%.
The diff coverage is 77.77%.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1279   +/-   ##
=======================================
  Coverage   73.98%   73.99%           
=======================================
  Files         112      112           
  Lines        8364     8367    +3     
=======================================
+ Hits         6188     6191    +3     
  Misses       1573     1573           
  Partials      603      603
Impacted Files Coverage Δ
pkg/v1/google/auth.go 60.00% <50.00%> (ø)
pkg/v1/google/keychain.go 86.95% <85.71%> (+1.95%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9c35968...c96a322. Read the comment docs.

imjasonh added a commit to imjasonh/ko that referenced this pull request Feb 3, 2022
@imjasonh
TEMP: use google/go-containerregistry#1279
c7f5b5d
imjasonh added a commit to imjasonh/ko that referenced this pull request Feb 3, 2022
@imjasonh
TEMP: use google/go-containerregistry#1279
7443e56
@imjasonh
Fallback to anonymous if env or gcloud are not configured
0b4f249 
Debug-log env or gcloud errors instead of returning an error
@imjasonh imjasonh merged commit 33725d2 into google:main Feb 7, 2022
@halvards halvards mentioned this pull request Apr 28, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonjohnsonjr jonjohnsonjr jonjohnsonjr approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@imjasonh @codecov-commenter @jonjohnsonjr