While the implementation of these is fairly trivial, we want them
to remain the same. This patch adds utilities to handle the encoding
and decoding of the server-URLs.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
commit 2fc2313bb1 changed the errors returned
by the pass credentials-helper to use a errCredentialsNotFound. This error
string is used in the client to distinguish a "not found" error from other
errors. (see [client.Get][1]).
However, there were additional second code-paths that returned a custom error,
which would not be detected as a "not found" error, resulting in an error when
logging out;
Removing login credentials for https://index.docker.io/v1/
WARNING: could not erase credentials:
https://index.docker.io/v1/: error erasing credentials - err: exit status 1, out: `error getting credentials - err: exit status 1, out: `no usernames for https://index.docker.io/v1/``
This patch:
- updates Pass.Get() to return a errCredentialsNotFound if no credentials
were found
- updates Pass.List() to not return an error if any of the domains had no
credentials stored.
[1]: https://github.com/docker/docker-credential-helpers/blob/73b9e5d51f8dc9f598e08a0f2171c5d5a828e76b/client/client.go#L51-L55
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Use stdlib's os.UserHomeDir() instead of depending only on $HOME. Note that
this does not yet does nss lookups for situations where $HOME / $USERPROFILE
is not set.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
commit a13ff50017 simplified the handling of
env-vars in getPassDir(), but moved interpolation of env-vars to the end
of the function.
As a result, a custom path passed through `$PASSWORD_STORE_DIR` would now
be interpolated, instead of taken as-is. For example;
PASSWORD_STORE_DIR=$PWD/world
Would now interpolate `$PWD`, instead of using a literal `$PWD`.
This patch changes the logic to only expand env-vars for the default location.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Pass is described as "The Standard Unix Password Manager", and so it can
easily run on more than just Linux. Namely, it's supported on macOS. The
CLI is identical to the Linux build, which means the Linux helper code
for Pass is fully applicable toward the macOS build - a couple of
renames being the only needed thing, purely for semantic correctness.
Signed-off-by: Ellis Clayton <ellis@ellis.codes>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
/go/src/github.com/docker/docker-credential-helper/pass/pass.go:1:1: package comment should be of the form "Package pass ..."
/go/src/github.com/docker/docker-credential-helper/pass/pass.go:22:7: don't use ALL_CAPS in Go names; use CamelCase
/go/src/github.com/docker/docker-credential-helper/pass/pass.go:22:7: exported const PASS_FOLDER should have comment or be unexported
/go/src/github.com/docker/docker-credential-helper/pass/pass.go:82:1: receiver name h should be consistent with previous receiver name p for Pass
/go/src/github.com/docker/docker-credential-helper/pass/pass.go:94:1: receiver name h should be consistent with previous receiver name p for Pass
/go/src/github.com/docker/docker-credential-helper/pass/pass.go:131:1: receiver name h should be consistent with previous receiver name p for Pass
/go/src/github.com/docker/docker-credential-helper/pass/pass.go:161:1: receiver name h should be consistent with previous receiver name p for Pass
/go/src/github.com/docker/docker-credential-helper/registryurl/url_go18.go:9:1: exported function GetHostname should have comment or be unexported
/go/src/github.com/docker/docker-credential-helper/registryurl/url_go18.go:13:1: exported function GetPort should have comment or be unexported
/go/src/github.com/docker/docker-credential-helper/secretservice/secretservice_linux_test.go:22:2: don't use underscores in Go names; var old_auths should be oldAuths
/go/src/github.com/docker/docker-credential-helper/secretservice/secretservice_linux_test.go:64:2: don't use underscores in Go names; var new_auths should be newAuths
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This also fixes the following issues:
1. Safe for concurrent initialization still (it was before in 'init',
but the alternative to this PR is not)
2. Uses the same password directory during init as it does during
runtime (the change to getPassDir in initialization logic.
3. Prints significantly better errors if initialization fails
4. Has slightly cleaner abstractions by hiding the initialization check
in 'runPass'
The 4th item there does mean there are a few cases where more work is
done before erroring, but that amount of work is trivial and my manual
audit didn't reveal anything that seemed worrying.
Fixes#96, alternative to #106
Signed-off-by: Euan Kemp <euank@euank.com>
As of 8446a40, pass show will include a newline when showing a password.
This causes the pass helper here to reliably fail to initialize since a
password doesn't round-trip.
Before making this change, the pass test would fail if the installed
password-store version was v1.7.1+, and after this change it passes
again.
Fixes#107
Signed-off-by: Euan Kemp <euank@euank.com>
The exec.Command code and os.Getenv implementation were both needlessly
verbose. This replaces them with simpler variations.
Signed-off-by: Euan Kemp <euank@euank.com>
It turns out the cred helpers protocol is to return "" and not an error
when a credential isn't present, so let's do that.
Signed-off-by: Tycho Andersen <tycho@docker.com>
Sebastiaan van Stijn