mirror/login-action
1
0
Fork 0
mirror of https://github.com/docker/login-action.git synced 2026-03-19 20:20:27 +08:00
Code Issues Projects Releases Packages Wiki Activity

add opt-in skip for missing login credentials

Browse source 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax 2026-02-23 16:04:08 +01:00
parent 9fe7774c8f
commit db3673140b
No known key found for this signature in database
GPG key ID: ADE44D8C9D44FBE4
2 changed files with 78 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

89
__tests__/docker.test.ts
View file

@ -1,26 +1,27 @@
import {expect, test, vi} from 'vitest';
import * as path from 'path';
import {afterEach, beforeEach, expect, test, vi} from 'vitest';
import {Docker} from '@docker/actions-toolkit/lib/docker/docker.js';
import {loginStandard, logout} from '../src/docker.js';
process.env['RUNNER_TEMP'] = path.join(__dirname, 'runner');
beforeEach(() => {
delete process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS;
});
afterEach(() => {
delete process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS;
});
test('loginStandard calls exec', async () => {
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => {
return {
exitCode: expect.any(Number),
stdout: expect.any(Function),
stderr: expect.any(Function)
};
const execSpy = vi.spyOn(Docker, 'getExecOutput').mockResolvedValue({
exitCode: 0,
stdout: '',
stderr: ''
});
const username = 'dbowie';
const password = 'groundcontrol';
const registry = 'https://ghcr.io';
const registry = 'ghcr.io';
await loginStandard(registry, username, password);
@ -30,6 +31,7 @@ test('loginStandard calls exec', async () => {
// we don't want to check env opt
callfunc[1].env = undefined;
}
expect(execSpy).toHaveBeenCalledWith(['login', '--password-stdin', '--username', username, registry], {
input: Buffer.from(password),
silent: true,
@ -37,27 +39,68 @@ test('loginStandard calls exec', async () => {
});
});
test('loginStandard throws if username and password are missing', () => {
const execSpy = vi.spyOn(Docker, 'getExecOutput');
const login = loginStandard('ghcr.io', '', '');
expect(execSpy).not.toHaveBeenCalled();
return expect(login).rejects.toThrow('Username and password required');
});
test('loginStandard throws if username is missing', () => {
const execSpy = vi.spyOn(Docker, 'getExecOutput');
const login = loginStandard('ghcr.io', '', 'groundcontrol');
expect(execSpy).not.toHaveBeenCalled();
return expect(login).rejects.toThrow('Username required');
});
test('loginStandard throws if password is missing', () => {
const execSpy = vi.spyOn(Docker, 'getExecOutput');
const login = loginStandard('ghcr.io', 'dbowie', '');
expect(execSpy).not.toHaveBeenCalled();
return expect(login).rejects.toThrow('Password required');
});
test('loginStandard skips if both credentials are missing and env opt-in is enabled', () => {
process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS = 'true';
const execSpy = vi.spyOn(Docker, 'getExecOutput');
const login = loginStandard('ghcr.io', '', '');
expect(execSpy).not.toHaveBeenCalled();
return expect(login).resolves.toBeUndefined();
});
test('loginStandard skips if username is missing and env opt-in is enabled', () => {
process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS = 'true';
const execSpy = vi.spyOn(Docker, 'getExecOutput');
const login = loginStandard('ghcr.io', '', 'groundcontrol');
expect(execSpy).not.toHaveBeenCalled();
return expect(login).resolves.toBeUndefined();
});
test('loginStandard skips if password is missing and env opt-in is enabled', () => {
process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS = 'true';
const execSpy = vi.spyOn(Docker, 'getExecOutput');
const login = loginStandard('ghcr.io', 'dbowie', '');
expect(execSpy).not.toHaveBeenCalled();
return expect(login).resolves.toBeUndefined();
});
test('logout calls exec', async () => {
// eslint-disable-next-line @typescript-eslint/ban-ts-comment
// @ts-ignore
const execSpy = vi.spyOn(Docker, 'getExecOutput').mockImplementation(async () => {
return {
exitCode: expect.any(Number),
stdout: expect.any(Function),
stderr: expect.any(Function)
};
const execSpy = vi.spyOn(Docker, 'getExecOutput').mockResolvedValue({
exitCode: 0,
stdout: '',
stderr: ''
});
const registry = 'https://ghcr.io';
const registry = 'ghcr.io';
await logout(registry, '');
expect(execSpy).toHaveBeenCalledTimes(1);
const callfunc = execSpy.mock.calls[0];
if (callfunc && callfunc[1]) {
// we don't want to check env opt
callfunc[1].env = undefined;
}
expect(execSpy).toHaveBeenCalledWith(['logout', registry], {
ignoreReturnCode: true
});

12
src/docker.ts
View file

@ -1,6 +1,7 @@
import * as core from '@actions/core';
import {Docker} from '@docker/actions-toolkit/lib/docker/docker.js';
import {Util} from '@docker/actions-toolkit/lib/util.js';
import * as aws from './aws.js';
import * as context from './context.js';
@ -34,6 +35,10 @@ export async function logout(registry: string, configDir: string): Promise<void>
}
export async function loginStandard(registry: string, username: string, password: string, scope?: string): Promise<void> {
if ((!username || !password) && skipLoginIfMissingCredsEnabled()) {
core.info(`Skipping login to ${registry}. Username or password is not set and DOCKER_LOGIN_SKIP_IF_MISSING_CREDS is enabled.`);
return;
}
if (!username && !password) {
throw new Error('Username and password required');
}
@ -79,3 +84,10 @@ async function loginExec(registry: string, username: string, password: string, s
core.info('Login Succeeded!');
});
}
function skipLoginIfMissingCredsEnabled(): boolean {
if (process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS) {
return Util.parseBool(process.env.DOCKER_LOGIN_SKIP_IF_MISSING_CREDS);
}
return false;
}