argoproj
fix: oras-go client should fallback to docker config if no credentials specified
I'm using https://github.com/argoproj/argo-cd/issues/17279 to authenticate to Google Artifact Registry as a helm registry using workload identity. Unlike https://github.com/argoproj/argo-cd/issues/10218, the other solution does not require installing ESO. This works in general since helm template can get creds via the $HOME/.docker/config.json. However, if you need to use targetRevision: * with your application, this ends up using the oras-go client here which is only configured for static credentials.
This change adds a backwards compatible change where if both the username and password is not configured, it will use the oras-go credentials package to get the docker config from the environment and use that to get credentials.
Checklist:
- [x] Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
- [x] The title of the PR states what changed and the related issues number (used for the release note).
- [x] The title of the PR conforms to the Toolchain Guide
- [x] I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
- [x] I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
- [x] Does this PR require documentation updates?
- [x] I've updated documentation as required by this PR.
- [x] I have signed off all my commits as required by DCO
- [x] I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
- [x] My build is green (troubleshooting builds).
- [x] My new feature complies with the feature status guidelines.
- [x] I have added a brief description of why this PR is necessary and/or what this PR solves.
- [x] Optional. My organization is added to USERS.md.
- [x] Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 55.84%. Comparing base (
864917b) to head (244bbbb). Report is 12 commits behind head on master.
Additional details and impacted files
@@ Coverage Diff @@
## master #18133 +/- ##
==========================================
+ Coverage 55.82% 55.84% +0.01%
==========================================
Files 320 321 +1
Lines 44431 44497 +66
==========================================
+ Hits 24805 24848 +43
- Misses 17060 17082 +22
- Partials 2566 2567 +1
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
@crenshaw-dev / @blakepettersson, sorry to ping directly but it looks like you've contributed to this file recently. I have a pretty simple fix here that I've been running for months now and would like to get it merged. It seems like too small of a fix for an enhancement proposal.
thank you @nitishfy! I think we need @gdsoumya to approve or dismiss his requested changes
@gdsoumya, I'm waiting for this to release so I can upgrade my production envs, can you help me cherry-pick this to 2.11, 2.12 and 2.13 RCs?
