Refine warning for storing registry passwords

This change refines the warning message returned during docker login to
only warn for unencrypted storage when the users password is being stored.
If the remote registry supports identity tokens, omit the warning,
since those tokens can be independently managed and revoked.

Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
This commit is contained in:
Daniel Hiltgen 2019-04-14 08:01:50 -07:00
parent 58ec72afca
commit 80d2496f99
1 changed files with 2 additions and 1 deletions

View File

@ -143,7 +143,8 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { //nolint: gocycl
creds := dockerCli.ConfigFile().GetCredentialsStore(serverAddress) creds := dockerCli.ConfigFile().GetCredentialsStore(serverAddress)
store, isDefault := creds.(isFileStore) store, isDefault := creds.(isFileStore)
if isDefault { // Display a warning if we're storing the users password (not a token)
if isDefault && authConfig.Password != "" {
err = displayUnencryptedWarning(dockerCli, store.GetFilename()) err = displayUnencryptedWarning(dockerCli, store.GetFilename())
if err != nil { if err != nil {
return err return err