From 5abbba66e60d434b937e841818857592a9c34080 Mon Sep 17 00:00:00 2001 From: Christian Korneck Date: Thu, 14 Jul 2022 00:04:36 +0200 Subject: [PATCH] dockerhub API change allows PATS so remove warnings --- README.md | 8 ++------ cmd/pushrm.go | 3 +-- provider/dockerhub/dockerhub.go | 2 +- 3 files changed, 4 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 9906c5f..0506446 100644 --- a/README.md +++ b/README.md @@ -107,6 +107,8 @@ pushrm: docker login ``` +Both password and Personal Access Token (PAT) should work. When using a PAT, make sure it has sufficient privileges (`admin` scope). + ### Log in to Harbor v2 registry ``` @@ -244,12 +246,6 @@ A list of all supported env vars is [here](README-containers.md#env-vars). ## Limitations -### Conflict with Dockerhub personal access tokens and 2FA auth - -Pushing READMEs to Dockerhub currently only works with username/password and **not** with [personal access tokens](https://docs.docker.com/docker-hub/access-tokens/). If you have [2FA auth](https://docs.docker.com/docker-hub/2fa/) (two-factor authentication) enabled for your Dockerhub account you're effectively using a personal access token. This is an unfortunate Dockerhub API limitation. - -There are indications (in issues and forum posts) that a new API for Dockerhub might be coming up sooner or later that might fill this gap. Fingers crossed. 🤞 - ### Problem with Harbor2 OpenID connect logins This tool currently doesn't work for Harbor2 users that that authenticate through a 3rd party [OpenID Connect (OIDC) provider](https://goharbor.io/docs/1.10/administration/configure-authentication/oidc-auth/) like auth0, Keycloak, okta, dex, etc). diff --git a/cmd/pushrm.go b/cmd/pushrm.go index a596a89..ae61693 100644 --- a/cmd/pushrm.go +++ b/cmd/pushrm.go @@ -111,8 +111,7 @@ var pushrmCmd = &cobra.Command{ --------- run 'docker login' - (Note: Dockerhub login must be username/password. Personal access tokens / 2FA auth - is not supported. See docs for details.) + (use password or Personal Access Token (PAT) with 'admin' scope) quay diff --git a/provider/dockerhub/dockerhub.go b/provider/dockerhub/dockerhub.go index 0d9fdd9..00f7097 100644 --- a/provider/dockerhub/dockerhub.go +++ b/provider/dockerhub/dockerhub.go @@ -173,7 +173,7 @@ func PatchDescription(jwt string, readme string, namespacename string, reponame msg = msg + ". Server responded: \"" + dat["detail"].(string) + "\"" } if res.StatusCode == 403 { - msg = msg + ". Try \"docker logout\" and \"docker login\". You cannot use a personal access token to log in and must use username and password. If you have 2FA auth enabled in Dockerhub you'll need to disable it for this tool to work. (This is an unfortunate Dockerhub limitation, see docs for more infos.)" + msg = msg + ". Try \"docker logout\" and \"docker login\". If you use a PAT token make sure it has sufficient privileges (\"admin\" scope)." } return fmt.Errorf(msg)