Skip to content

refactor: use oras-credentials-go for credential management#654

Merged
shizhMSFT merged 2 commits intonotaryproject:mainfrom
Wwwsylvia:use_orascreds
May 23, 2023
Merged

refactor: use oras-credentials-go for credential management#654
shizhMSFT merged 2 commits intonotaryproject:mainfrom
Wwwsylvia:use_orascreds

Conversation

@Wwwsylvia
Copy link
Contributor

@Wwwsylvia Wwwsylvia commented Apr 27, 2023

Resolves: #600
Resolves: #637

@codecov-commenter
Copy link

codecov-commenter commented Apr 27, 2023
edited by codecov bot
Loading

Codecov Report

Attention: Patch coverage is 20.61856% with 77 lines in your changes missing coverage. Please review.

Project coverage is 59.13%. Comparing base (5fdefed) to head (16be413).
Report is 201 commits behind head on main.

Files with missing lines Patch % Lines
cmd/notation/login.go 0.00% 50 Missing ⚠️
internal/auth/credentials.go 0.00% 15 Missing ⚠️
cmd/notation/registry.go 55.55% 5 Missing and 3 partials ⚠️
cmd/notation/logout.go 0.00% 4 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #654      +/-   ##
==========================================
- Coverage   61.35%   59.13%   -2.23%     
==========================================
  Files          42       40       -2     
  Lines        2280     2183      -97     
==========================================
- Hits         1399     1291     -108     
- Misses        782      795      +13     
+ Partials       99       97       -2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@Wwwsylvia Wwwsylvia changed the title refactor: use oras-credentials-go refactor: use oras-credentials-go for credential management Apr 27, 2023
@Wwwsylvia Wwwsylvia changed the title refactor: use oras-credentials-go for credential management refactor: use oras-credentials-go for credential management Apr 27, 2023
@Wwwsylvia
Copy link
Contributor Author

Wwwsylvia commented Apr 27, 2023
edited
Loading

Behaviors of this PR

notation login

  • If the provided credential is invalid or the connection to registry fails, throw an error
    Screenshot 2023-05-11 113659

  • If there is a credentials store configured in the notation config file

    • Save the credential into the configured credentials store

  • If no credentials store is configured, or the notation config file does not exist

    • Use the platform-default credentials store, and set it back to the notation config file
    • If the platform-default credentials store is not installed
      • If the provided credential is identical with the existing credential, print:
        image
      • If the provided credential is different with the saved one, throw an error
        image

notation logout

  • If there is a credentials store configured in the notation config file
    • Remove the credential of the registry
  • If no credentials store is configured, or the notation config file does not exist
    • No operation

Other notation operations that require authentication

Look for the credentials in following order:

  1. notation config file
  • Configured credential helpers
  • Configured credentials store
  • Platform-default credentials store
  • Plaintext credentials
  1. Docker config file
  • Configured credential helpers
  • Configured credentials store
  • Platform-default credentials store
  • Plaintext credentials

Related links

@Wwwsylvia

This comment was marked as duplicate.

Sign in to view
@Wwwsylvia Wwwsylvia marked this pull request as ready for review April 28, 2023 02:26
@Wwwsylvia Wwwsylvia marked this pull request as draft April 28, 2023 03:20
@Wwwsylvia Wwwsylvia force-pushed the use_orascreds branch 4 times, most recently from a3b8249 to 9059f99 Compare April 28, 2023 03:50
@Wwwsylvia Wwwsylvia marked this pull request as ready for review April 28, 2023 04:19
shizhMSFT
shizhMSFT reviewed Apr 28, 2023
View reviewed changes
shizhMSFT
shizhMSFT reviewed Apr 28, 2023
View reviewed changes
JeyJeyGao
JeyJeyGao reviewed May 4, 2023
View reviewed changes
@Wwwsylvia Wwwsylvia marked this pull request as draft May 8, 2023 12:05
@Wwwsylvia Wwwsylvia marked this pull request as ready for review May 9, 2023 03:01
@Wwwsylvia Wwwsylvia force-pushed the use_orascreds branch 3 times, most recently from a2adf1a to 2850ed0 Compare May 10, 2023 11:46
@Wwwsylvia Wwwsylvia mentioned this pull request May 10, 2023
Closed
JeyJeyGao
JeyJeyGao previously approved these changes May 19, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

shizhMSFT
shizhMSFT previously approved these changes May 19, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with nit.

@Wwwsylvia Wwwsylvia dismissed stale reviews from shizhMSFT, JeyJeyGao, and ghost via dac7cd4 May 19, 2023 06:37
JeyJeyGao
JeyJeyGao previously approved these changes May 19, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

ghost
ghost previously approved these changes May 19, 2023
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

shizhMSFT
shizhMSFT previously approved these changes May 19, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Wwwsylvia Wwwsylvia requested a review from ningziwen May 19, 2023 10:08
@Wwwsylvia
use oras-credentials-go
accf976 
Signed-off-by: Sylvia Lei <lixlei@microsoft.com>
@Wwwsylvia Wwwsylvia dismissed stale reviews from shizhMSFT, ghost , and JeyJeyGao via accf976 May 23, 2023 03:29
@Wwwsylvia
update comment
16be413 
Signed-off-by: Sylvia Lei <lixlei@microsoft.com>
@Wwwsylvia Wwwsylvia requested review from a user, JeyJeyGao and shizhMSFT May 23, 2023 03:41
ghost
ghost reviewed May 23, 2023
View reviewed changes
priteshbandi
priteshbandi approved these changes May 23, 2023
View reviewed changes
Copy link
Contributor

@priteshbandi priteshbandi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

JeyJeyGao
JeyJeyGao approved these changes May 23, 2023
View reviewed changes
Copy link
Contributor

@JeyJeyGao JeyJeyGao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

ghost
ghost approved these changes May 23, 2023
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@JeyJeyGao JeyJeyGao mentioned this pull request May 23, 2023
Open
shizhMSFT
shizhMSFT approved these changes May 23, 2023
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@shizhMSFT shizhMSFT merged commit a695b60 into notaryproject:main May 23, 2023
@Wwwsylvia Wwwsylvia deleted the use_orascreds branch May 23, 2023 08:15
@Wwwsylvia Wwwsylvia mentioned this pull request May 24, 2023
Closed
@priteshbandi priteshbandi mentioned this pull request May 26, 2023
Closed
6 tasks
7h3-3mp7y-m4n pushed a commit to 7h3-3mp7y-m4n/notation that referenced this pull request Mar 29, 2025
@Wwwsylvia @7h3-3mp7y-m4n
refactor: use oras-credentials-go for credential management (notary…
18653d9 
…project#654)

Resolves: notaryproject#600 
Resolves: notaryproject#637

---------

Signed-off-by: Sylvia Lei <lixlei@microsoft.com>
FeynmanZhou pushed a commit to FeynmanZhou/notation that referenced this pull request May 15, 2025
@Wwwsylvia @FeynmanZhou
refactor: use oras-credentials-go for credential management (notary…
2b0f7ed 
…project#654)

Resolves: notaryproject#600 
Resolves: notaryproject#637

---------

Signed-off-by: Sylvia Lei <lixlei@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yizha1 yizha1 yizha1 left review comments

@priteshbandi priteshbandi priteshbandi approved these changes

@shizhMSFT shizhMSFT shizhMSFT approved these changes

@gokarnm gokarnm Awaiting requested review from gokarnm gokarnm is a code owner

@justincormack justincormack Awaiting requested review from justincormack

@NiazFK NiazFK Awaiting requested review from NiazFK NiazFK is a code owner

@patrickzheng200 patrickzheng200 Awaiting requested review from patrickzheng200

@rgnote rgnote Awaiting requested review from rgnote rgnote is a code owner

@SteveLasker SteveLasker Awaiting requested review from SteveLasker

@ningziwen ningziwen Awaiting requested review from ningziwen

+2 more reviewers

@JeyJeyGao JeyJeyGao JeyJeyGao approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Usability issue] Notation login error message is confusing Simplify Docker Credential Helper configuration for Notation authentication

8 participants

@Wwwsylvia @codecov-commenter @qweeah @priteshbandi @shizhMSFT @ningziwen @JeyJeyGao @yizha1

Comments