From f531874be458aac3449e389f81f892efb082ff68 Mon Sep 17 00:00:00 2001 From: Rasmus <2277443+kjellberg@users.noreply.github.com> Date: Tue, 7 Mar 2023 09:49:08 +0100 Subject: [PATCH] Allow registry username to be a reference to secret --- README.md | 8 ++++++-- lib/mrsk/commands/registry.rb | 16 +++++++++------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 83b5fb7e..6dc106fd 100644 --- a/README.md +++ b/README.md @@ -150,10 +150,14 @@ The default registry is Docker Hub, but you can change it using `registry/server ```yaml registry: server: registry.digitalocean.com - username: registry-user-name - password: <%= ENV.fetch("MRSK_REGISTRY_PASSWORD") %> + username: + - DOCKER_REGISTRY_TOKEN + password: + - DOCKER_REGISTRY_TOKEN ``` +A reference to secret `DOCKER_REGISTRY_TOKEN` will look for `ENV["DOCKER_REGISTRY_TOKEN"]` on the machine running MRSK. + ### Using a different SSH user than root The default SSH user is root, but you can change it using `ssh/user`: diff --git a/lib/mrsk/commands/registry.rb b/lib/mrsk/commands/registry.rb index 03304864..62ba58ce 100644 --- a/lib/mrsk/commands/registry.rb +++ b/lib/mrsk/commands/registry.rb @@ -2,7 +2,7 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base delegate :registry, to: :config def login - docker :login, registry["server"], "-u", redact(registry["username"]), "-p", redact(lookup_password) + docker :login, registry["server"], "-u", redact_credentials("username"), "-p", redact_credentials("password") end def logout @@ -10,11 +10,13 @@ class Mrsk::Commands::Registry < Mrsk::Commands::Base end private - def lookup_password - if registry["password"].is_a?(Array) - ENV.fetch(registry["password"].first).dup - else - registry["password"] - end + def redact_credentials(key) + value = if registry[key].is_a?(Array) + ENV.fetch(registry[key].first).dup + else + registry[key] + end + + redact(value) end end