CLI Secret should handle /v2/* API

As we swtich to basic auth for /v2/* API
The CLI secret should handle /v2/* API so that OIDC user can use the
secret to do push/pull
This commit makes such change.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit is contained in:
Daniel Jiang 2020-02-28 02:07:10 +08:00
parent 6709dfb13f
commit de9cd1f964

View File

@ -209,6 +209,7 @@ type oidcCliReqCtxModifier struct{}
func (oc *oidcCliReqCtxModifier) Modify(ctx *beegoctx.Context) bool { func (oc *oidcCliReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
path := ctx.Request.URL.Path path := ctx.Request.URL.Path
if path != "/service/token" && if path != "/service/token" &&
!strings.HasPrefix(path, "/v2") &&
!strings.HasPrefix(path, "/chartrepo/") && !strings.HasPrefix(path, "/chartrepo/") &&
!strings.HasPrefix(path, fmt.Sprintf("/api/%s/chartrepo/", api.APIVersion)) { !strings.HasPrefix(path, fmt.Sprintf("/api/%s/chartrepo/", api.APIVersion)) {
log.Debug("OIDC CLI modifier only handles request by docker CLI or helm CLI") log.Debug("OIDC CLI modifier only handles request by docker CLI or helm CLI")