fix(manifest): Fix propagating auths to pull-/manifest-options (#2067)

Reviewed-by: Cezar Craciunoiu <cezar.craciunoiu@unikraft.io> Approved-by: Cezar Craciunoiu <cezar.craciunoiu@unikraft.io>
unikraft · Jan 13, 2025 · f2b278c · f2b278c
2 parents 7faf749 + c7cd4cc
commit f2b278c
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 25 deletions.
diff --git a/manifest/manager.go b/manifest/manager.go
@@ -311,8 +311,12 @@ func (m *ManifestManager) Catalog(ctx context.Context, qopts ...packmanager.Quer
 	var manifests []*Manifest
 
 	query := packmanager.NewQuery(qopts...)
+	auths := query.Auths()
+	if len(auths) == 0 {
+		auths = m.auths
+	}
 	mopts := []ManifestOption{
-		WithAuthConfig(query.Auths()),
+		WithAuthConfig(auths),
 		WithCacheDir(config.G[config.KraftKit](ctx).Paths.Sources),
 		WithUpdate(query.Remote()),
 		WithDefaultChannelName(m.defaultChannelName),
@@ -507,9 +511,15 @@ func (m *ManifestManager) IsCompatible(ctx context.Context, source string, qopts
 		return m, true, nil
 	}
 
+	query := packmanager.NewQuery(qopts...)
+	auths := query.Auths()
+	if len(auths) == 0 {
+		auths = m.auths
+	}
+
 	if _, err := NewProvider(ctx, source,
 		WithUpdate(packmanager.NewQuery(qopts...).Remote()),
-		WithAuthConfig(m.auths),
+		WithAuthConfig(auths),
 	); err != nil {
 		return nil, false, fmt.Errorf("incompatible source: %w", err)
 	}

diff --git a/manifest/pack_pull_archive.go b/manifest/pack_pull_archive.go
@@ -75,14 +75,20 @@ func pullArchive(ctx context.Context, manifest *Manifest, resource string, check
 		authHeader := ""
 		authenticated := false
 
-		if auth := popts.Auths(u.Host); auth != nil {
-			if len(auth.User) > 0 {
-				authenticated = true
-				authHeader = "Basic " + base64.StdEncoding.
-					EncodeToString([]byte(auth.User+":"+auth.Token))
-			} else if len(auth.Token) > 0 {
-				authenticated = true
-				authHeader = "Bearer " + auth.Token
+		auths := popts.Auths()
+		if auths == nil {
+			auths = manifest.mopts.auths
+		}
+		if auths != nil {
+			if auth, ok := auths[u.Host]; ok {
+				if len(auth.User) > 0 {
+					authenticated = true
+					authHeader = "Basic " + base64.StdEncoding.
+						EncodeToString([]byte(auth.User+":"+auth.Token))
+				} else if len(auth.Token) > 0 {
+					authenticated = true
+					authHeader = "Bearer " + auth.Token
+				}
 			}
 		}
 

diff --git a/manifest/pack_pull_git.go b/manifest/pack_pull_git.go
@@ -157,15 +157,21 @@ func pullGit(ctx context.Context, manifest *Manifest, opts ...pack.PullOption) e
 		}
 		endpoint := u.Host
 
-		if auth := popts.Auths(endpoint); auth != nil {
-			if auth.User != "" && auth.Token != "" {
-				copts.Auth = &githttp.BasicAuth{
-					Username: auth.User,
-					Password: auth.Token,
-				}
-			} else if auth.Token != "" {
-				copts.Auth = &githttp.TokenAuth{
-					Token: auth.Token,
+		auths := popts.Auths()
+		if auths == nil {
+			auths = manifest.mopts.auths
+		}
+		if auths != nil {
+			if auth, ok := auths[endpoint]; ok {
+				if auth.User != "" && auth.Token != "" {
+					copts.Auth = &githttp.BasicAuth{
+						Username: auth.User,
+						Password: auth.Token,
+					}
+				} else if auth.Token != "" {
+					copts.Auth = &githttp.TokenAuth{
+						Token: auth.Token,
+					}
 				}
 			}
 		}

diff --git a/pack/pull_options.go b/pack/pull_options.go
@@ -20,12 +20,8 @@ type PullOptions struct {
 
 // Auths returns the set authentication config for a given domain or nil if the
 // domain was not found.
-func (ppo *PullOptions) Auths(domain string) *config.AuthConfig {
-	if auth, ok := ppo.auths[domain]; ok {
-		return &auth
-	}
-
-	return nil
+func (ppo *PullOptions) Auths() map[string]config.AuthConfig {
+	return ppo.auths
 }
 
 // OnProgress calls (if set) an embedded progress function which can be used to