dkr_nn

package module

v1.0.9 Latest Latest Go to latest Published: Jun 13, 2023 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fsufitch/docker-credential-no-nonsense

Links

Open Source Insights

README ¶

A no-nonsense Docker credential helper

Are you tired of docker-credential-pass or other Docker credential sources doing weird stuff? I was. Then I made this.

docker-credential-no-nonsense is a credential helper that implements the official interface for credential helpers. It has no system-specific or external dependencies (unlike pass requiring a GPG key, etc). Instead, it encrypts your password using AES-256 and stores it in a user-scoped file ready for later use.

Isn't that neat? Easy and quick, no nonsense.

Installation

To install the credential helper, check the release downloads for your platform. Download that, and put it somewhere on your PATH.

Build from source

If you have Go and Make on your system, you can build the binary by cloning the repository and running:

make

The Makefile can also receive DISTS and GOARGS variables in order to build for a different system (or systems). For example, this will be very verbose and build the code for Linux AMD64 and MacOS ARM64:

make DISTS='linux/amd64 darwin/arm64' GOARGS='-x -v'

If you don't have Go, but do have Docker, you can try this instead. Remember to replace the DISTS value with the target platform, since Docker is always Linux no matter what your host is.

docker build -q --target make . | xargs docker run -v "$(pwd):/app" -e DISTS=darwin/arm64

If you don't have Docker, I'm not sure why this project is of interest.

Usage

This package is executed by the official Docker credential helper entrypoint. Thus, its usage is:

Usage: docker-credential-no-nonsense <store|get|erase|list|version>

To make Docker use it, edit your Docker config (~/.docker/config.json) and set "credsStore": "no-nonsense".

The credential helper can be configured via environment variables:

NO_NONSENSE_ENC_KEY (required!). This is the encryption key proper, for encrypting/decrypting the secrets in the JSON storage. It is required and must be supplied via the environment variable. This is because it is the only way that Docker can pass the value through to the point where it internally uses the helper. **You must set this variable before using any docker commands.

You can set it for your current (Unix-ish) shell and subprocesses by using:

export NO_NONSENSE_ENC_KEY=$(read -srp"Key: " && echo $REPLY)

Or for one time usage:

NO_NONSENSE_ENC_KEY=$(read -srp"Key: " && echo $REPLY) docker ...

NO_NONSENSE_CREDFILE. This is the JSON file that the helper uses to store data. If unset, it will use the default, as defined by XDG for your system. You can check what path it is using by providing the --where flag.

$ docker-credential-no-nonsense --where
/home/developer/.local/share/dkr-no-nonsense-credfile.json

Documentation ¶

Index ¶

Variables
type CredentialFile
- func Load(path string) (*CredentialFile, error)
type CredentialPair
type Encryption
- func NewEncryption(encryptionKey string) (*Encryption, error)
type Helper

Constants ¶

This section is empty.

Variables ¶

View Source

var B64Encoding = base64.StdEncoding

View Source

var CREDFILE string

Functions ¶

This section is empty.

Types ¶

type CredentialFile ¶

type CredentialFile struct {
	Timestamp   time.Time                 `json:"timestamp"`
	Credentials map[string]CredentialPair `json:"credentials"`
}

func Load ¶

func Load(path string) (*CredentialFile, error)

func (CredentialFile) DelCredentials ¶

func (cf CredentialFile) DelCredentials(key string)

func (CredentialFile) GetCredentials ¶

func (cf CredentialFile) GetCredentials(enc Encryption, key string) (username string, password string, err error)

func (CredentialFile) Save ¶

func (cf CredentialFile) Save(path string) error

func (CredentialFile) SetCredentials ¶

func (cf CredentialFile) SetCredentials(enc Encryption, key string, username string, password string) error

type CredentialPair ¶

type CredentialPair struct {
	Username          string `json:"username"`
	EncryptedPassword string `json:"enc_password"`
}

type Encryption ¶

type Encryption struct {
	// contains filtered or unexported fields
}

func NewEncryption ¶

func NewEncryption(encryptionKey string) (*Encryption, error)

func (Encryption) Decrypt ¶

func (enc Encryption) Decrypt(data []byte) ([]byte, error)

func (Encryption) Encrypt ¶

func (enc Encryption) Encrypt(data []byte) ([]byte, error)

func (Encryption) Reencrypt ¶

func (enc Encryption) Reencrypt(data []byte) ([]byte, error)

type Helper ¶

type Helper struct {
	Encryption    Encryption
	CredsFilePath string
}

func (Helper) Add ¶

func (h Helper) Add(c *dkrcred.Credentials) error

func (Helper) Delete ¶

func (h Helper) Delete(serverURL string) error

func (Helper) Get ¶

func (h Helper) Get(serverURL string) (username string, password string, err error)

func (Helper) List ¶

func (h Helper) List() (map[string]string, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
docker-credential-no-nonsense

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL