@@ -17,12 +17,15 @@ limitations under the License.
17
17
package controllers
18
18
19
19
import (
20
+ "bytes"
20
21
"context"
21
22
"fmt"
23
+ "net/url"
22
24
"os"
23
25
"strings"
24
26
"time"
25
27
28
+ "github.com/docker/cli/cli/config"
26
29
"github.com/fluxcd/pkg/apis/meta"
27
30
"github.com/fluxcd/pkg/runtime/conditions"
28
31
helper "github.com/fluxcd/pkg/runtime/controller"
@@ -273,7 +276,7 @@ func (r *HelmRepositoryOCIReconciler) reconcileSource(ctx context.Context, obj *
273
276
}
274
277
275
278
// Construct actual options
276
- logOpt , err := loginOptionFromSecret (secret )
279
+ logOpt , err := loginOptionFromSecret (obj . Spec . URL , secret )
277
280
if err != nil {
278
281
e := & serror.Event {
279
282
Err : fmt .Errorf ("failed to configure Helm client with secret data: %w" , err ),
@@ -352,8 +355,26 @@ func (r *HelmRepositoryOCIReconciler) validateSource(ctx context.Context, obj *s
352
355
return sreconcile .ResultSuccess , nil
353
356
}
354
357
355
- func loginOptionFromSecret (secret corev1.Secret ) (registry.LoginOption , error ) {
356
- username , password := string (secret .Data ["username" ]), string (secret .Data ["password" ])
358
+ func loginOptionFromSecret (registryURL string , secret corev1.Secret ) (registry.LoginOption , error ) {
359
+ var username , password string
360
+ if secret .Type == corev1 .SecretTypeDockerConfigJson {
361
+ dockerCfg , err := config .LoadFromReader (bytes .NewReader (secret .Data [corev1 .DockerConfigJsonKey ]))
362
+ if err != nil {
363
+ return nil , fmt .Errorf ("unable to load Docker config: %w" , err )
364
+ }
365
+ parsedURL , err := url .Parse (registryURL )
366
+ if err != nil {
367
+ return nil , fmt .Errorf ("unable to parse registry URL: %w" , err )
368
+ }
369
+ authConfig , err := dockerCfg .GetAuthConfig (parsedURL .Host )
370
+ if err != nil {
371
+ return nil , fmt .Errorf ("unable to get authentication data from Secret: %w" , err )
372
+ }
373
+ username = authConfig .Username
374
+ password = authConfig .Password
375
+ } else {
376
+ username , password = string (secret .Data ["username" ]), string (secret .Data ["password" ])
377
+ }
357
378
switch {
358
379
case username == "" && password == "" :
359
380
return nil , nil
0 commit comments