tblyler/reg
1
0
Fork 0
mirror of https://github.com/genuinetools/reg.git synced 2024-05-12 17:38:31 -04:00
Code Issues Projects Releases Wiki Activity

Fix vuln scanning on GCR (#152)

Browse source 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2018-10-17 09:53:20 +02:00 committed by Jess Frazelle
parent 1ea91e7493
commit eb4e1cc686
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
registry/tokentransport.go
View file

@ -8,8 +8,11 @@ import (
"fmt"
"net/http"
"net/url"
"regexp"
)
var gcrMatcher = regexp.MustCompile(`https://([a-z]+\.|)gcr\.io/`)
// TokenTransport defines the data structure for authentication via tokens.
type TokenTransport struct {
Transport http.RoundTripper
@ -148,6 +151,13 @@ func (r *Registry) Token(url string) (string, error) {
}
defer resp.Body.Close()
if resp.StatusCode == http.StatusForbidden && gcrMatcher.MatchString(url) {
// GCR is not sending HTTP 401 on missing credentials but a HTTP 403 without
// any further information about why the request failed. Sending the credentials
// from the Docker config fixes this.
return "", ErrBasicAuth
}
a, err := isTokenDemand(resp)
if err != nil {
return "", err