feat: kubesphere 4.0 (#6115)

* feat: kubesphere 4.0 Signed-off-by: ci-bot <ci-bot@kubesphere.io> * feat: kubesphere 4.0 Signed-off-by: ci-bot <ci-bot@kubesphere.io> --------- Signed-off-by: ci-bot <ci-bot@kubesphere.io> Co-authored-by: ks-ci-bot <ks-ci-bot@example.com> Co-authored-by: joyceliu <joyceliu@yunify.com>
2024-09-06 11:05:52 +08:00
parent b5015ec7b9
commit 447a51f08b
8557 changed files with 546695 additions and 1146174 deletions
--- a/vendor/github.com/google/go-containerregistry/pkg/authn/authn.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/authn/authn.go
@@ -14,6 +14,19 @@

 package authn

+import (
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"strings"
+)
+
+// Authenticator is used to authenticate Docker transports.
+type Authenticator interface {
+	// Authorization returns the value to use in an http transport's Authorization header.
+	Authorization() (*AuthConfig, error)
+}
+
 // AuthConfig contains authorization information for connecting to a Registry
 // Inlined what we use from github.com/docker/cli/cli/config/types
 type AuthConfig struct {
@@ -29,8 +42,74 @@ type AuthConfig struct {
 	RegistryToken string `json:"registrytoken,omitempty"`
 }

-// Authenticator is used to authenticate Docker transports.
-type Authenticator interface {
-	// Authorization returns the value to use in an http transport's Authorization header.
-	Authorization() (*AuthConfig, error)
+// This is effectively a copy of the type AuthConfig. This simplifies
+// JSON unmarshalling since AuthConfig methods are not inherited
+type authConfig AuthConfig
+
+// UnmarshalJSON implements json.Unmarshaler
+func (a *AuthConfig) UnmarshalJSON(data []byte) error {
+	var shadow authConfig
+	err := json.Unmarshal(data, &shadow)
+	if err != nil {
+		return err
+	}
+
+	*a = (AuthConfig)(shadow)
+
+	if len(shadow.Auth) != 0 {
+		var derr error
+		a.Username, a.Password, derr = decodeDockerConfigFieldAuth(shadow.Auth)
+		if derr != nil {
+			err = fmt.Errorf("unable to decode auth field: %w", derr)
+		}
+	} else if len(a.Username) != 0 && len(a.Password) != 0 {
+		a.Auth = encodeDockerConfigFieldAuth(shadow.Username, shadow.Password)
+	}
+
+	return err
+}
+
+// MarshalJSON implements json.Marshaler
+func (a AuthConfig) MarshalJSON() ([]byte, error) {
+	shadow := (authConfig)(a)
+	shadow.Auth = encodeDockerConfigFieldAuth(shadow.Username, shadow.Password)
+	return json.Marshal(shadow)
+}
+
+// decodeDockerConfigFieldAuth deserializes the "auth" field from dockercfg into a
+// username and a password. The format of the auth field is base64(<username>:<password>).
+//
+// From https://github.com/kubernetes/kubernetes/blob/75e49ec824b183288e1dbaccfd7dbe77d89db381/pkg/credentialprovider/config.go
+// Copyright 2014 The Kubernetes Authors.
+// SPDX-License-Identifier: Apache-2.0
+func decodeDockerConfigFieldAuth(field string) (username, password string, err error) {
+	var decoded []byte
+	// StdEncoding can only decode padded string
+	// RawStdEncoding can only decode unpadded string
+	if strings.HasSuffix(strings.TrimSpace(field), "=") {
+		// decode padded data
+		decoded, err = base64.StdEncoding.DecodeString(field)
+	} else {
+		// decode unpadded data
+		decoded, err = base64.RawStdEncoding.DecodeString(field)
+	}
+
+	if err != nil {
+		return
+	}
+
+	parts := strings.SplitN(string(decoded), ":", 2)
+	if len(parts) != 2 {
+		err = fmt.Errorf("must be formatted as base64(username:password)")
+		return
+	}
+
+	username = parts[0]
+	password = parts[1]
+
+	return
+}
+
+func encodeDockerConfigFieldAuth(username, password string) string {
+	return base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
 }