From e88baa0873a90957595ee065b924038bdd7ee310 Mon Sep 17 00:00:00 2001 From: Derek McGowan Date: Thu, 1 Sep 2022 14:28:11 -0700 Subject: [PATCH] Fixup pull authorization and labeling Signed-off-by: Derek McGowan --- pkg/transfer/image/imagestore.go | 2 +- pkg/transfer/image/registry.go | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/pkg/transfer/image/imagestore.go b/pkg/transfer/image/imagestore.go index 5bf310755..831e2758e 100644 --- a/pkg/transfer/image/imagestore.go +++ b/pkg/transfer/image/imagestore.go @@ -62,7 +62,7 @@ func (is *Store) String() string { return fmt.Sprintf("Local Image Store (%s)", is.imageName) } -func (is *Store) FilterHandler(h images.HandlerFunc, cs content.Store) images.HandlerFunc { +func (is *Store) ImageFilter(h images.HandlerFunc, cs content.Store) images.HandlerFunc { h = images.SetChildrenMappedLabels(cs, h, is.labelMap) if is.allMetadata { // Filter manifests by platforms but allow to handle manifest diff --git a/pkg/transfer/image/registry.go b/pkg/transfer/image/registry.go index 03baacc70..7c0de7d07 100644 --- a/pkg/transfer/image/registry.go +++ b/pkg/transfer/image/registry.go @@ -45,10 +45,10 @@ func init() { // Initialize with hosts, authorizer callback, and headers func NewOCIRegistry(ref string, headers http.Header, creds CredentialHelper) *OCIRegistry { // Create an authorizer - var ropts []docker.RegistryOpt + var aopts []docker.AuthorizerOpt if creds != nil { // TODO: Support bearer - authorizer := docker.NewDockerAuthorizer(docker.WithAuthCreds(func(host string) (string, string, error) { + aopts = append(aopts, docker.WithAuthCreds(func(host string) (string, string, error) { c, err := creds.GetCredentials(context.Background(), ref, host) if err != nil { return "", "", err @@ -56,7 +56,10 @@ func NewOCIRegistry(ref string, headers http.Header, creds CredentialHelper) *OC return c.Username, c.Secret, nil })) - ropts = append(ropts, docker.WithAuthorizer(authorizer)) + } + + ropts := []docker.RegistryOpt{ + docker.WithAuthorizer(docker.NewDockerAuthorizer(aopts...)), } // TODO: Apply local configuration, maybe dynamically create resolver when requested