DockerCLI/cli/command/registry/logout.go

74 lines
2.1 KiB
Go
Raw Normal View History

package registry
import (
"context"
"fmt"
"github.com/docker/cli/cli"
"github.com/docker/cli/cli/command"
"github.com/docker/cli/cli/config/credentials"
"github.com/docker/docker/registry"
"github.com/spf13/cobra"
)
// NewLogoutCommand creates a new `docker logout` command
func NewLogoutCommand(dockerCli command.Cli) *cobra.Command {
cmd := &cobra.Command{
Use: "logout [SERVER]",
Short: "Log out from a registry",
Long: "Log out from a registry.\nIf no server is specified, the default is defined by the daemon.",
Args: cli.RequiresMaxArgs(1),
RunE: func(cmd *cobra.Command, args []string) error {
var serverAddress string
if len(args) > 0 {
serverAddress = args[0]
}
return runLogout(cmd.Context(), dockerCli, serverAddress)
},
Annotations: map[string]string{
"category-top": "9",
},
// TODO (thaJeztah) add completion for registries we have authentication stored for
}
return cmd
}
func runLogout(_ context.Context, dockerCli command.Cli, serverAddress string) error {
var isDefaultRegistry bool
if serverAddress == "" {
registry: don't call "/info" API endpoint to get default registry The CLI currenly calls the `/info` endpoint to get the address of the default registry to use. This functionality was added as part of the initial Windows implementation of the engine. For legal reasons, Microsoft Windows (and thus Docker images based on Windows) were not allowed to be distributed through non-Microsoft infrastructure. As a temporary solution, a dedicated "registry-win-tp3.docker.io" registry was created to serve Windows images. As a result, the default registry was no longer "fixed", so a helper function (`ElectAuthServer`) was added to allow the CLI to get the correct registry address from the daemon. (docker/docker PR's/issues 18019, 19891, 19973) Using separate registries was not an ideal solution, and a more permanent solution was created by introducing "foreign image layers" in the distribution spec, after which the "registry-win-tp3.docker.io" ceased to exist, and removed from the engine through docker/docker PR 21100. However, the `ElectAuthServer` was left in place, quoting from that PR; > make the client check which default registry the daemon uses is still > more correct than leaving it up to the client, even if it won't technically > matter after this PR. There may be some backward compatibility scenarios > where `ElectAuthServer` [sic] is still helpful. That comment was 5 years ago, and given that the engine and cli are released in tandem, and the default registry is not configurable, we can save the extra roundtrip to the daemon by using a fixed value. This patch deprecates the `ElectAuthServer` function, and makes it return the default registry without calling (potentially expensie) `/info` API endpoint. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-28 20:00:50 -04:00
serverAddress = registry.IndexServer
isDefaultRegistry = true
}
var (
regsToLogout = []string{serverAddress}
hostnameAddress = serverAddress
)
if !isDefaultRegistry {
hostnameAddress = credentials.ConvertToHostname(serverAddress)
// the tries below are kept for backward compatibility where a user could have
// saved the registry in one of the following format.
regsToLogout = append(regsToLogout, hostnameAddress, "http://"+hostnameAddress, "https://"+hostnameAddress)
}
fmt.Fprintf(dockerCli.Out(), "Removing login credentials for %s\n", hostnameAddress)
errs := make(map[string]error)
for _, r := range regsToLogout {
if err := dockerCli.ConfigFile().GetCredentialsStore(r).Erase(r); err != nil {
errs[r] = err
}
}
// if at least one removal succeeded, report success. Otherwise report errors
if len(errs) == len(regsToLogout) {
fmt.Fprintln(dockerCli.Err(), "WARNING: could not erase credentials:")
for k, v := range errs {
fmt.Fprintf(dockerCli.Err(), "%s: %s\n", k, v)
}
}
return nil
}