codingworkshop/act
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

container credentials (#868)

Browse Source 
* Chore: add a snapshot target

* Update: support credentials for private containers

Resolves: #788

* fix: rework container credentials

Signed-off-by: hackercat <me@hackerc.at>

* fix: check if Credentials are not nil

* fix: return on missing credentials key

Co-authored-by: hackercat <me@hackerc.at>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
This commit is contained in:
Till!
2021-11-27 19:05:56 +01:00
committed by GitHub
parent e793d03f4b
commit 5bdb9ed0fd
4 changed files with 88 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
pkg/runner/run_context.go
View File

@@ -153,6 +153,11 @@ func (rc *RunContext) startJobContainer() common.Executor {
return true
})
username, password, err := rc.handleCredentials()
if err != nil {
return fmt.Errorf("failed to handle credentials: %s", err)
}
common.Logger(ctx).Infof("\U0001f680 Start image=%s", image)
name := rc.jobContainerName()
@@ -169,8 +174,8 @@ func (rc *RunContext) startJobContainer() common.Executor {
Entrypoint: []string{"/usr/bin/tail", "-f", "/dev/null"},
WorkingDir: rc.Config.ContainerWorkdir(),
Image: image,
Username: rc.Config.Secrets["DOCKER_USERNAME"],
Password: rc.Config.Secrets["DOCKER_PASSWORD"],
Username: username,
Password: password,
Name: name,
Env: envList,
Mounts: mounts,
@@ -836,3 +841,37 @@ func (rc *RunContext) localCheckoutPath() (string, bool) {
}
return "", false
}
func (rc *RunContext) handleCredentials() (username, password string, err error) {
// TODO: remove below 2 lines when we can release act with breaking changes
username = rc.Config.Secrets["DOCKER_USERNAME"]
password = rc.Config.Secrets["DOCKER_PASSWORD"]
container := rc.Run.Job().Container()
if container == nil || container.Credentials == nil {
return
}
if container.Credentials != nil && len(container.Credentials) != 2 {
err = fmt.Errorf("invalid property count for key 'credentials:'")
return
}
ee := rc.NewExpressionEvaluator()
var ok bool
if username, ok = ee.InterpolateWithStringCheck(container.Credentials["username"]); !ok {
err = fmt.Errorf("failed to interpolate container.credentials.username")
return
}
if password, ok = ee.InterpolateWithStringCheck(container.Credentials["password"]); !ok {
err = fmt.Errorf("failed to interpolate container.credentials.password")
return
}
if container.Credentials["username"] == "" || container.Credentials["password"] == "" {
err = fmt.Errorf("container.credentials cannot be empty")
return
}
return username, password, err
}