update vendor

Signed-off-by: Roland.Ma <rolandma@yunify.com>

vendor/github.com/deislabs/oras/pkg/auth/client.go

@@ -0,0 +1,24 @@
+package auth
+
+import (
+	"context"
+	"errors"
+	"net/http"
+
+	"github.com/containerd/containerd/remotes"
+)
+
+// Common errors
+var (
+	ErrNotLoggedIn = errors.New("not logged in")
+)
+
+// Client provides authentication operations for remotes.
+type Client interface {
+	// Login logs in to a remote server identified by the hostname.
+	Login(ctx context.Context, hostname, username, secret string, insecure bool) error
+	// Logout logs out from a remote server identified by the hostname.
+	Logout(ctx context.Context, hostname string) error
+	// Resolver returns a new authenticated resolver.
+	Resolver(ctx context.Context, client *http.Client, plainHTTP bool) (remotes.Resolver, error)
+}

vendor/github.com/deislabs/oras/pkg/auth/docker/client.go

@@ -0,0 +1,71 @@
+package docker
+
+import (
+	"os"
+
+	"github.com/deislabs/oras/pkg/auth"
+
+	"github.com/docker/cli/cli/config"
+	"github.com/docker/cli/cli/config/configfile"
+	"github.com/docker/cli/cli/config/credentials"
+	"github.com/pkg/errors"
+)
+
+// Client provides authentication operations for docker registries.
+type Client struct {
+	configs []*configfile.ConfigFile
+}
+
+// NewClient creates a new auth client based on provided config paths.
+// If not config path is provided, the default path is used.
+// Credentials are read from the first config and fall backs to next.
+// All changes will only be written to the first config file.
+func NewClient(configPaths ...string) (auth.Client, error) {
+	var configs []*configfile.ConfigFile
+	for _, path := range configPaths {
+		cfg, err := loadConfigFile(path)
+		if err != nil {
+			return nil, errors.Wrap(err, path)
+		}
+		configs = append(configs, cfg)
+	}
+	if len(configs) == 0 {
+		cfg, err := config.Load(config.Dir())
+		if err != nil {
+			return nil, err
+		}
+		if !cfg.ContainsAuth() {
+			cfg.CredentialsStore = credentials.DetectDefaultStore(cfg.CredentialsStore)
+		}
+		configs = []*configfile.ConfigFile{cfg}
+	}
+
+	return &Client{
+		configs: configs,
+	}, nil
+}
+
+func (c *Client) primaryCredentialsStore(hostname string) credentials.Store {
+	return c.configs[0].GetCredentialsStore(hostname)
+}
+
+// loadConfigFile reads the configuration files from the given path.
+func loadConfigFile(path string) (*configfile.ConfigFile, error) {
+	cfg := configfile.New(path)
+	if _, err := os.Stat(path); err == nil {
+		file, err := os.Open(path)
+		if err != nil {
+			return nil, err
+		}
+		defer file.Close()
+		if err := cfg.LoadFromReader(file); err != nil {
+			return nil, err
+		}
+	} else if !os.IsNotExist(err) {
+		return nil, err
+	}
+	if !cfg.ContainsAuth() {
+		cfg.CredentialsStore = credentials.DetectDefaultStore(cfg.CredentialsStore)
+	}
+	return cfg, nil
+}

vendor/github.com/deislabs/oras/pkg/auth/docker/login.go

@@ -0,0 +1,45 @@
+package docker
+
+import (
+	"context"
+
+	ctypes "github.com/docker/cli/cli/config/types"
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/registry"
+)
+
+// Login logs in to a docker registry identified by the hostname.
+func (c *Client) Login(ctx context.Context, hostname, username, secret string, insecure bool) error {
+	hostname = resolveHostname(hostname)
+	cred := types.AuthConfig{
+		Username:      username,
+		ServerAddress: hostname,
+	}
+	if username == "" {
+		cred.IdentityToken = secret
+	} else {
+		cred.Password = secret
+	}
+
+	opts := registry.ServiceOptions{}
+
+	if insecure {
+		opts.InsecureRegistries = []string{hostname}
+	}
+
+	// Login to ensure valid credential
+	remote, err := registry.NewService(opts)
+	if err != nil {
+		return err
+	}
+	if _, token, err := remote.Auth(ctx, &cred, "oras"); err != nil {
+		return err
+	} else if token != "" {
+		cred.Username = ""
+		cred.Password = ""
+		cred.IdentityToken = token
+	}
+
+	// Store credential
+	return c.primaryCredentialsStore(hostname).Store(ctypes.AuthConfig(cred))
+}

vendor/github.com/deislabs/oras/pkg/auth/docker/logout.go

@@ -0,0 +1,27 @@
+package docker
+
+import (
+	"context"
+
+	"github.com/deislabs/oras/pkg/auth"
+
+	"github.com/docker/cli/cli/config/configfile"
+)
+
+// Logout logs out from a docker registry identified by the hostname.
+func (c *Client) Logout(_ context.Context, hostname string) error {
+	hostname = resolveHostname(hostname)
+
+	var configs []*configfile.ConfigFile
+	for _, config := range c.configs {
+		if _, ok := config.AuthConfigs[hostname]; ok {
+			configs = append(configs, config)
+		}
+	}
+	if len(configs) == 0 {
+		return auth.ErrNotLoggedIn
+	}
+
+	// Log out form the primary config only as backups are read-only.
+	return c.primaryCredentialsStore(hostname).Erase(hostname)
+}

vendor/github.com/deislabs/oras/pkg/auth/docker/resolver.go

@@ -0,0 +1,54 @@
+package docker
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/containerd/containerd/remotes"
+	"github.com/containerd/containerd/remotes/docker"
+	ctypes "github.com/docker/cli/cli/config/types"
+	"github.com/docker/docker/registry"
+)
+
+// Resolver returns a new authenticated resolver.
+func (c *Client) Resolver(_ context.Context, client *http.Client, plainHTTP bool) (remotes.Resolver, error) {
+	return docker.NewResolver(docker.ResolverOptions{
+		Credentials: c.Credential,
+		Client:      client,
+		PlainHTTP:   plainHTTP,
+	}), nil
+}
+
+// Credential returns the login credential of the request host.
+func (c *Client) Credential(hostname string) (string, string, error) {
+	hostname = resolveHostname(hostname)
+	var (
+		auth ctypes.AuthConfig
+		err  error
+	)
+	for _, cfg := range c.configs {
+		auth, err = cfg.GetAuthConfig(hostname)
+		if err != nil {
+			// fall back to next config
+			continue
+		}
+		if auth.IdentityToken != "" {
+			return "", auth.IdentityToken, nil
+		}
+		if auth.Username == "" && auth.Password == "" {
+			// fall back to next config
+			continue
+		}
+		return auth.Username, auth.Password, nil
+	}
+	return "", "", err
+}
+
+// resolveHostname resolves Docker specific hostnames
+func resolveHostname(hostname string) string {
+	switch hostname {
+	case registry.IndexHostname, registry.IndexName, registry.DefaultV2Registry.Host:
+		return registry.IndexServer
+	}
+	return hostname
+}