go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/connection/container/auth/auth.go

go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/connection/container/auth/auth.go (about)

     1  // Copyright (c) Mondoo, Inc.
     2  // SPDX-License-Identifier: BUSL-1.1
     3  
     4  package auth
     5  
     6  import (
     7  	"github.com/google/go-containerregistry/pkg/authn"
     8  	"github.com/rs/zerolog/log"
     9  	"go.mondoo.com/cnquery/logger"
    10  	"go.mondoo.com/cnquery/providers-sdk/v1/vault"
    11  	"go.mondoo.com/cnquery/providers/os/connection/container/image"
    12  )
    13  
    14  func AuthOption(credentials []*vault.Credential) []image.Option {
    15  	remoteOpts := []image.Option{}
    16  	for i := range credentials {
    17  		cred := credentials[i]
    18  		switch cred.Type {
    19  		case vault.CredentialType_password:
    20  			log.Debug().Msg("add password authentication")
    21  			cfg := authn.AuthConfig{
    22  				Username: cred.User,
    23  				Password: string(cred.Secret),
    24  			}
    25  			remoteOpts = append(remoteOpts, image.WithAuthenticator((authn.FromConfig(cfg))))
    26  		case vault.CredentialType_bearer:
    27  			log.Debug().Str("token", string(cred.Secret)).Msg("add bearer authentication")
    28  			cfg := authn.AuthConfig{
    29  				Username:      cred.User,
    30  				RegistryToken: string(cred.Secret),
    31  			}
    32  			remoteOpts = append(remoteOpts, image.WithAuthenticator((authn.FromConfig(cfg))))
    33  		default:
    34  			log.Warn().Msg("unknown credentials for container image")
    35  			logger.DebugJSON(credentials)
    36  		}
    37  	}
    38  	return remoteOpts
    39  }