mirror of
https://github.com/imjasonh/krust
synced 2026-07-07 22:35:25 +00:00
refactor: consolidate authentication systems
Remove the custom keychain implementation and keep only the simple wrapper around oci-distribution's built-in auth. This change: - Removes 300+ lines of duplicate authentication code - Leverages well-tested oci-distribution auth functionality - Simplifies the codebase and reduces maintenance burden - Maintains full backward compatibility The custom keychain implementation was never used in production code, only the simple resolve_auth function was called. All tests have been updated and are passing. Fixes #17 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
parent
e497d78fea
commit
047d6de9ef
4 changed files with 21 additions and 548 deletions
|
|
@ -1,7 +1,8 @@
|
|||
//! Integration tests for authentication
|
||||
|
||||
use anyhow::Result;
|
||||
use krust::auth::{AuthConfig, DefaultKeychain, Keychain};
|
||||
use krust::auth::{resolve_auth, AuthConfig};
|
||||
use oci_distribution::secrets::RegistryAuth;
|
||||
use std::fs;
|
||||
use tempfile::TempDir;
|
||||
|
||||
|
|
@ -30,25 +31,30 @@ fn test_auth_integration_with_docker_config() -> Result<()> {
|
|||
// Set HOME to temp directory
|
||||
std::env::set_var("HOME", temp_dir.path());
|
||||
|
||||
let keychain = DefaultKeychain::new();
|
||||
|
||||
// Test GitHub Container Registry auth
|
||||
let ghcr_auth = keychain.resolve("ghcr.io/user/image:tag")?;
|
||||
let ghcr_config = ghcr_auth.authorization()?;
|
||||
assert!(!ghcr_config.is_anonymous());
|
||||
assert_eq!(ghcr_config.auth, Some("dGVzdDp0ZXN0MTIz".to_string()));
|
||||
let ghcr_auth = resolve_auth("ghcr.io/user/image:tag")?;
|
||||
match ghcr_auth {
|
||||
RegistryAuth::Basic(user, pass) => {
|
||||
// The base64 "dGVzdDp0ZXN0MTIz" decodes to "test:test123"
|
||||
assert_eq!(user, "test");
|
||||
assert_eq!(pass, "test123");
|
||||
}
|
||||
_ => panic!("Expected Basic auth for ghcr.io"),
|
||||
}
|
||||
|
||||
// Test Docker Hub auth
|
||||
let docker_auth = keychain.resolve("docker.io/library/ubuntu:latest")?;
|
||||
let docker_config = docker_auth.authorization()?;
|
||||
assert!(!docker_config.is_anonymous());
|
||||
assert_eq!(docker_config.username, Some("testuser".to_string()));
|
||||
assert_eq!(docker_config.password, Some("testpass".to_string()));
|
||||
let docker_auth = resolve_auth("docker.io/library/ubuntu:latest")?;
|
||||
match docker_auth {
|
||||
RegistryAuth::Basic(user, pass) => {
|
||||
assert_eq!(user, "testuser");
|
||||
assert_eq!(pass, "testpass");
|
||||
}
|
||||
_ => panic!("Expected Basic auth for docker.io"),
|
||||
}
|
||||
|
||||
// Test unknown registry returns anonymous
|
||||
let unknown_auth = keychain.resolve("unknown.registry.io/image:tag")?;
|
||||
let unknown_config = unknown_auth.authorization()?;
|
||||
assert!(unknown_config.is_anonymous());
|
||||
let unknown_auth = resolve_auth("unknown.registry.io/image:tag")?;
|
||||
assert!(matches!(unknown_auth, RegistryAuth::Anonymous));
|
||||
|
||||
// Clean up
|
||||
std::env::remove_var("HOME");
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue