// GetAuthForRegistry extracts desired docker.AuthConfiguration object from the
// list of docker.AuthConfigurations by registry hostname
func GetAuthForRegistry(auth *docker.AuthConfigurations, image *imagename.ImageName) (result docker.AuthConfiguration, err error) {
registry := image.Registry
// The default registry is "index.docker.io"
if registry == "" || registry == "registry-1.docker.io" {
registry = "index.docker.io"
}
// Optionally override auth took via aws-sdk (through ENV vars)
if image.IsECR() {
if awsRegAuth, err := GetECRAuth(registry, image.GetECRRegion()); err != nil && err != credentials.ErrNoValidProvidersFoundInChain {
return result, err
} else if awsRegAuth.Username != "" {
return awsRegAuth, nil
}
}
if auth == nil {
return
}
if result, ok := auth.Configs[registry]; ok {
return result, nil
}
if result, ok := auth.Configs["https://"+registry]; ok {
return result, nil
}
if result, ok := auth.Configs["https://"+registry+"/v1/"]; ok {
return result, nil
}
// not sure /v2/ is needed, but just in case
if result, ok := auth.Configs["https://"+registry+"/v2/"]; ok {
return result, nil
}
if result, ok := auth.Configs["*"]; ok {
return result, nil
}
return
}
