diff --git a/.github/CODE_OF_CONDUCT.md b/.github/CODE_OF_CONDUCT.md deleted file mode 100644 index cab302dd..00000000 --- a/.github/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,4 +0,0 @@ -# Code of conduct - -- [Moby community guidelines](https://github.com/moby/moby/blob/master/CONTRIBUTING.md#moby-community-guidelines) -- [Docker Code of Conduct](https://github.com/docker/code-of-conduct) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md deleted file mode 100644 index 04b9fac6..00000000 --- a/.github/CONTRIBUTING.md +++ /dev/null @@ -1,289 +0,0 @@ -# Contribute to this repository - -This page contains information about reporting issues as well as some tips and -guidelines useful to experienced open source contributors. - -## Reporting security issues - -The project maintainers take security seriously. If you discover a security -issue, please bring it to their attention right away! - -**Please _DO NOT_ file a public issue**, instead send your report privately to -[security@docker.com](mailto:security@docker.com). - -Security reports are greatly appreciated and we will publicly thank you for it. -We also like to send gifts—if you're into schwag, make sure to let -us know. We currently do not offer a paid security bounty program, but are not -ruling it out in the future. - - -## Reporting other issues - -A great way to contribute to the project is to send a detailed report when you -encounter an issue. We always appreciate a well-written, thorough bug report, -and will thank you for it! - -Check that [the issue database](https://github.com/docker/docker-credential-helpers/issues) -doesn't already include that problem or suggestion before submitting an issue. -If you find a match, you can use the "subscribe" button to get notified on -updates. Do *not* leave random "+1" or "I have this too" comments, as they -only clutter the discussion, and don't help resolving it. However, if you -have ways to reproduce the issue or have additional information that may help -resolving the issue, please leave a comment. - -Include the steps required to reproduce the problem if possible and applicable. -This information will help us review and fix your issue faster. When sending -lengthy log-files, consider posting them as an attachment, instead of posting -inline. - -**Do not forget to remove sensitive data from your logfiles before submitting** - (you can replace those parts with "REDACTED"). - -### Pull requests are always welcome - -Not sure if that typo is worth a pull request? Found a bug and know how to fix -it? Do it! We will appreciate it. - -If your pull request is not accepted on the first try, don't be discouraged! If -there's a problem with the implementation, hopefully you received feedback on -what to improve. - -We're trying very hard to keep this project lean and focused. We don't want it to -do everything for everybody. This means that we might decide against -incorporating a new feature. However, there might be a way to implement that -feature *on top of* code in this project. - -### Design and cleanup proposals - -You can propose new designs for existing features. You can also design -entirely new features. We really appreciate contributors who want to refactor or -otherwise cleanup our project. - -### Sign your work - -The sign-off is a simple line at the end of the explanation for the patch. Your -signature certifies that you wrote the patch or otherwise have the right to pass -it on as an open-source patch. The rules are pretty simple: if you can certify -the below (from [developercertificate.org](https://developercertificate.org)): - -``` -Developer Certificate of Origin -Version 1.1 - -Copyright (C) 2004, 2006 The Linux Foundation and its contributors. - -Everyone is permitted to copy and distribute verbatim copies of this -license document, but changing it is not allowed. - - -Developer's Certificate of Origin 1.1 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the best - of my knowledge, is covered under an appropriate open source - license and I have the right under that license to submit that - work with modifications, whether created in whole or in part - by me, under the same open source license (unless I am - permitted to submit under a different license), as indicated - in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including all - personal information I submit with it, including my sign-off) is - maintained indefinitely and may be redistributed consistent with - this project or the open source license(s) involved. -``` - -Then you just add a line to every git commit message: - - Signed-off-by: Joe Smith - -**Use your real name** (sorry, no pseudonyms or anonymous contributions.) - -If you set your `user.name` and `user.email` git configs, you can sign your -commit automatically with `git commit -s`. - -### Run the unit- and integration-tests - -To validate PRs before submitting them you should run: - -```bash -$ make validate -``` - -To run the tests: - -```bash -$ make test -``` - -To generate new vendored files with go modules run: - -```bash -$ make vendor -``` - - -### Conventions - -- Fork the repository and make changes on your fork in a feature branch -- Submit tests for your changes. See [run the unit- and integration-tests](#run-the-unit--and-integration-tests) - for details. -- [Sign your work](#sign-your-work) - -Write clean code. Universally formatted code promotes ease of writing, reading, -and maintenance. Always run `gofmt -s -w file.go` on each changed file before -committing your changes. Most editors have plug-ins that do this automatically. - -Pull request descriptions should be as clear as possible and include a -reference to all the issues that they address. Be sure that the [commit -messages](#commit-messages) also contain the relevant information. - -### Successful Changes - -Before contributing large or high impact changes, make the effort to coordinate -with the maintainers of the project before submitting a pull request. This -prevents you from doing extra work that may or may not be merged. - -Large PRs that are just submitted without any prior communication are unlikely -to be successful. - -While pull requests are the methodology for submitting changes to code, changes -are much more likely to be accepted if they are accompanied by additional -engineering work. While we don't define this explicitly, most of these goals -are accomplished through communication of the design goals and subsequent -solutions. Often times, it helps to first state the problem before presenting -solutions. - -Typically, the best methods of accomplishing this are to submit an issue, -stating the problem. This issue can include a problem statement and a -checklist with requirements. If solutions are proposed, alternatives should be -listed and eliminated. Even if the criteria for elimination of a solution is -frivolous, say so. - -Larger changes typically work best with design documents. These are focused on -providing context to the design at the time the feature was conceived and can -inform future documentation contributions. - -### Commit Messages - -Commit messages must start with a capitalized and short summary (max. 50 chars) -written in the imperative, followed by an optional, more detailed explanatory -text which is separated from the summary by an empty line. - -Commit messages should follow best practices, including explaining the context -of the problem and how it was solved, including in caveats or follow up changes -required. They should tell the story of the change and provide readers -understanding of what led to it. - -If you're lost about what this even means, please see [How to Write a Git -Commit Message](http://chris.beams.io/posts/git-commit/) for a start. - -In practice, the best approach to maintaining a nice commit message is to -leverage a `git add -p` and `git commit --amend` to formulate a solid -changeset. This allows one to piece together a change, as information becomes -available. - -If you squash a series of commits, don't just submit that. Re-write the commit -message, as if the series of commits was a single stroke of brilliance. - -That said, there is no requirement to have a single commit for a PR, as long as -each commit tells the story. For example, if there is a feature that requires a -package, it might make sense to have the package in a separate commit then have -a subsequent commit that uses it. - -Remember, you're telling part of the story with the commit message. Don't make -your chapter weird. - -### Review - -Code review comments may be added to your pull request. Discuss, then make the -suggested modifications and push additional commits to your feature branch. Post -a comment after pushing. New commits show up in the pull request automatically, -but the reviewers are notified only when you comment. - -Pull requests must be cleanly rebased on top of master without multiple branches -mixed into the PR. - -> **Git tip**: If your PR no longer merges cleanly, use `rebase master` in your -> feature branch to update your pull request rather than `merge master`. - -Before you make a pull request, squash your commits into logical units of work -using `git rebase -i` and `git push -f`. A logical unit of work is a consistent -set of patches that should be reviewed together: for example, upgrading the -version of a vendored dependency and taking advantage of its now available new -feature constitute two separate units of work. Implementing a new function and -calling it in another file constitute a single logical unit of work. The very -high majority of submissions should have a single commit, so if in doubt: squash -down to one. - -- After every commit, [make sure the test suite passes](#run-the-unit--and-integration-tests). - Include documentation changes in the same pull request so that a revert would - remove all traces of the feature or fix. -- Include an issue reference like `closes #XXXX` or `fixes #XXXX` in the PR - description that close an issue. Including references automatically closes - the issue on a merge. -- Do not add yourself to the `AUTHORS` file, as it is regenerated regularly - from the Git history. -- See the [Coding Style](#coding-style) for further guidelines. - - -### Merge approval - -Project maintainers use LGTM (Looks Good To Me) in comments on the code review to -indicate acceptance, or use the Github review approval feature. - - -## Coding Style - -Unless explicitly stated, we follow all coding guidelines from the Go -community. While some of these standards may seem arbitrary, they somehow seem -to result in a solid, consistent codebase. - -It is possible that the code base does not currently comply with these -guidelines. We are not looking for a massive PR that fixes this, since that -goes against the spirit of the guidelines. All new contributions should make a -best effort to clean up and make the code base better than they left it. -Obviously, apply your best judgement. Remember, the goal here is to make the -code base easier for humans to navigate and understand. Always keep that in -mind when nudging others to comply. - -The rules: - -1. All code should be formatted with `gofmt -s`. -2. All code should pass the default levels of - [`golint`](https://github.com/golang/lint). -3. All code should follow the guidelines covered in [Effective Go](http://golang.org/doc/effective_go.html) - and [Go Code Review Comments](https://github.com/golang/go/wiki/CodeReviewComments). -4. Comment the code. Tell us the why, the history and the context. -5. Document _all_ declarations and methods, even private ones. Declare - expectations, caveats and anything else that may be important. If a type - gets exported, having the comments already there will ensure it's ready. -6. Variable name length should be proportional to its context and no longer. - `noCommaALongVariableNameLikeThisIsNotMoreClearWhenASimpleCommentWouldDo`. - In practice, short methods will have short variable names and globals will - have longer names. -7. No underscores in package names. If you need a compound name, step back, - and re-examine why you need a compound name. If you still think you need a - compound name, lose the underscore. -8. No utils or helpers packages. If a function is not general enough to - warrant its own package, it has not been written generally enough to be a - part of a util package. Just leave it unexported and well-documented. -9. All tests should run with `go test` and outside tooling should not be - required. No, we don't need another unit testing framework. Assertion - packages are acceptable if they provide _real_ incremental value. -10. Even though we call these "rules" above, they are actually just - guidelines. Since you've read all the rules, you now know that. - -If you are having trouble getting into the mood of idiomatic Go, we recommend -reading through [Effective Go](https://golang.org/doc/effective_go.html). The -[Go Blog](https://blog.golang.org) is also a great resource. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index 4e48d5f8..00000000 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,30 +0,0 @@ - - -**- What I did** - -**- How I did it** - -**- How to verify it** - -**- Description for the changelog** - - - -**- A picture of a cute animal (not mandatory but encouraged)** - diff --git a/.github/SECURITY.md b/.github/SECURITY.md deleted file mode 100644 index d7af496f..00000000 --- a/.github/SECURITY.md +++ /dev/null @@ -1,12 +0,0 @@ -# Reporting security issues - -The project maintainers take security seriously. If you discover a security -issue, please bring it to their attention right away! - -**Please _DO NOT_ file a public issue**, instead send your report privately to -[security@docker.com](mailto:security@docker.com). - -Security reports are greatly appreciated, and we will publicly thank you for it. -We also like to send gifts—if you're into schwag, make sure to let -us know. We currently do not offer a paid security bounty program, but are not -ruling it out in the future. diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 8d77e584..00000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,10 +0,0 @@ -version: 2 -updates: - - package-ecosystem: "github-actions" - open-pull-requests-limit: 10 - directory: "/" - schedule: - interval: "daily" - labels: - - "dependencies" - - "bot" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6c86f5d9..76efde0e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -38,103 +38,6 @@ jobs: run: | make ${{ matrix.target }} - test: - runs-on: ${{ matrix.os }} - strategy: - fail-fast: false - matrix: - os: - - ubuntu-22.04 - - ubuntu-20.04 - - macOS-11 - - windows-2022 - steps: - - - name: Checkout - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: ${{ env.GO_VERSION }} - - - name: Install deps (ubuntu) - if: startsWith(matrix.os, 'ubuntu-') - run: | - sudo apt-get update - sudo apt-get install -y dbus-x11 gnome-keyring libsecret-1-dev pass - - - name: Install deps (macOS) - if: startsWith(matrix.os, 'macOS-') - run: | - brew install pass - - - name: GPG conf - if: ${{ !startsWith(matrix.os, 'windows-') }} - uses: actions/github-script@v7 - id: gpg - with: - script: | - const fs = require('fs'); - const gnupgfolder = `${require('os').homedir()}/.gnupg`; - if (!fs.existsSync(gnupgfolder)){ - fs.mkdirSync(gnupgfolder); - } - fs.copyFile('.github/workflows/fixtures/gpg.conf', `${gnupgfolder}/gpg.conf`, (err) => { - if (err) throw err; - }); - core.setOutput('key', fs.readFileSync('.github/workflows/fixtures/7D851EB72D73BDA0.key', {encoding: 'utf8'})); - core.setOutput('passphrase', fs.readFileSync('.github/workflows/fixtures/7D851EB72D73BDA0.pass', {encoding: 'utf8'})); - - - name: Import GPG key - if: ${{ !startsWith(matrix.os, 'windows-') }} - uses: crazy-max/ghaction-import-gpg@v6 - with: - gpg_private_key: ${{ steps.gpg.outputs.key }} - passphrase: ${{ steps.gpg.outputs.passphrase }} - trust_level: 5 - - - name: Init pass - if: ${{ !startsWith(matrix.os, 'windows-') }} - run: | - pass init 7D851EB72D73BDA0 - shell: bash - - - name: Test - run: | - make test COVERAGEDIR=${{ env.DESTDIR }} - shell: bash - - - name: Upload coverage - uses: codecov/codecov-action@v4 - with: - file: ${{ env.DESTDIR }}/coverage.txt - token: ${{ secrets.CODECOV_TOKEN }} - - test-sandboxed: - runs-on: ubuntu-22.04 - steps: - - - name: Checkout - uses: actions/checkout@v4 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Test - uses: docker/bake-action@v4 - with: - targets: test - set: | - *.cache-from=type=gha,scope=test - *.cache-to=type=gha,scope=test,mode=max - - - name: Upload coverage - uses: codecov/codecov-action@v4 - with: - file: ${{ env.DESTDIR }}//coverage.txt - token: ${{ secrets.CODECOV_TOKEN }} - build: runs-on: ubuntu-22.04 steps: @@ -168,7 +71,7 @@ jobs: name: Upload artifacts uses: actions/upload-artifact@v4 with: - name: docker-credential-helpers + name: gptscript-credential-helpers path: ${{ env.DESTDIR }}/* if-no-files-found: error - @@ -180,16 +83,3 @@ jobs: with: draft: true files: ${{ env.DESTDIR }}/* - - build-deb: - runs-on: ubuntu-22.04 - steps: - - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Build - run: | - make deb diff --git a/.github/workflows/fixtures/7D851EB72D73BDA0.key b/.github/workflows/fixtures/7D851EB72D73BDA0.key deleted file mode 100644 index 68172737..00000000 --- a/.github/workflows/fixtures/7D851EB72D73BDA0.key +++ /dev/null @@ -1,106 +0,0 @@ ------BEGIN PGP PRIVATE KEY BLOCK----- - -lQdGBF6tzaABEACjFbX7PFEG6vDPN2MPyxYW7/3o/sonORj4HXUFjFxxJxktJ3x3 -N1ayHPJ1lqIeoiY7jVbq0ZdEVGkd3YsKG9ZMdZkzGzY6PQPC/+M8OnzOiOPwUdWc -+Tdhh115LvVz0MMKYiab6Sn9cgxj9On3LCQKpjvMDpPo9Ttf6v2GQIw8h2ACvdzQ -71LtIELS/I+dLbfZiwpUu2fhQT13EJkEnYMOYwM5jNUd66P9itUc7MrOWjkicrKP -oF1dQaCM+tuKuxvD8WLdiwU5x60NoGkJHHUehKQXl2dVzjpqEqHKEBJt9tfJ9lpE -YIisgwB8o3pes0fgCehjW2zI95/o9+ayJ6nl4g5+mSvWRXEu66h71nwM0Yuvquk8 -3me7qhYfDrDdCwcxS5BS1hwakTgUQLD99FZjbx1j8sq96I65O0GRdyU2PR8KIjwu -JrkTH4ZlKxK3FQghUhFoA5GkiDb+eClmRMSni5qg+81T4XChmUkEprA3eWCHL+Ma -xRNNxLS+r6hH9HG5JBxpV3iaTI9HHpnQKhEeaLXqsUTDZliN9hP7Ywo8bpUB8j2d -oWYwDV4dPyMKr6Fb8RDCh2q5gJGbVp8w/NmmBTeL+IP2fFggJkRfyumv3Ul7x66L -tBFQ4rYo4JUUrGweSTneG6REIgxH66hIrNl6Vo/D1ZyknTe1dMOu/BTkkQARAQAB -/gcDAqra8KO+h3bfyu90vxTL1ro4x/x9il7VBcWlIR4cBP7Imgxv+T4hwPIu8P1x -lOlxLNWegFOV0idoTy1o3VLLBev/F+IlspX4A+2XEIddR6nZnKFi0Lv2L4TKgE9E -VJJTszmviDIRLMLN9dWzDfA8hj5tR5Inot92CHRF414AS22JHvlhbFSLQnjqsN+C -n1cQpNOJhkxsSfZsxjnFa/70y/u8v0o8mzyLZmk9HpzRHGzoz8IfpLp8OTqBR9u6 -zzoKLy16zZO55OKbj7h8uVZvDUq9l8iDICpqWMdZqBJIl56MBexYKgYxh3YO/8v2 -oXli+8Xuaq5QLiCN3yT7IbKoYzplnFfaJwFiMh7R1iPLXaYAZ0qdRijlbtseTK1m -oHNkwUbxVzjkh4LfE8UpmMwZn5ZjWni3230SoiXuKy0OHkGvwGvWWAL1mEuoYuUI -mFMcH5MnixP8oQYZKDj2IR/yEeOpdU6B/tr3Tk1NidLf7pUMqG7Ff1NU6dAUeBpa -9xahITMjHvrhgMISY4IYZep5cEnVw8lQTpUJtW/ePMzrFhu3sA7oNdj9joW/VMfz -H7MHwwavtICsYqoqV3lnjX4EC9dW6o8PTUg2u956dmtK7KAyUK/+w2aLNGT28ChN -jhRYHvHzB9Kw5asqI/lTM49eqslBqYQMTTjdBphkYuSZQzNMf291j/ZmoLhD1A1a -S8tUnNygKV4D1cJYgSXfzhFoU8ib/0SPo+KqQ+CzGS+wxXg6WNBA6wepTjpnVVx3 -4JADP8IJcDC3P0iwAreWjSy15F1cvemFFB0SLNUkyZGzsxtKzbM1+8khl68+eazC -LzRj0rxfIF5znWjX1QFhKxCk6eF0IWDY0+b3DBkmChME9YDXJ3TthcqA7JgcX4JI -M4/wdqhgerJYOmj+i2Q0M+Bu02icOJYMwTMMsDVl7XGHkaCuRgZ54eZAUH7JFwUm -1Ct3tcaqiTMmz0ngHVqBTauzgqKDvzwdVqdfg05H364nJMay/3omR6GayIb5CwSo -xdNVwG3myPPradT9MP09mDr4ys2zcnQmCkvTVBF6cMZ1Eh6PQQ8CyQWv0zkaBnqj -JrM1hRpgW4ZlRosSIjCaaJjolN5QDcXBM9TbW9ww+ZYstazN2bV1ZQ7BEjlHQPa1 -BhzMsvqkbETHsIpDNF52gZKn3Q9eIX05BeadzpHUb5/XOheIHVIdhSaTlgl/qQW5 -hQgPGSzSV6KhXEY7aevTdvOgq++WiELkjfz2f2lQFesTjFoQWEvxVDUmLxHtEhaN -DOuh4H3mX5Opn3pLQmqWVhJTbFdx+g5qQd0NCW4mDaTFWTRLFLZQsSJxDSeg9xrY -gmaii8NhMZRwquADW+6iU6KfraBhngi7HRz4TfqPr9ma/KUY464cqim1fnwXejyx -jsb5YHR9R66i+F6P/ysF5w+QuVdDt1fnf9GLay0r6qxpA8ft2vGPcDs4806Huj+7 -Aq5VeJaNkCuh3GR3xVnCFAz/7AtkO6xKuZm8B3q904UuMdSmkhWbaobIuF/B2B6S -eawIXQHEOplK3ic26d8Ckf4gbjeORfELcMAEi5nGXpTThCdmxQApCLxAYYnTfQT1 -xhlDwT9xPEabo98mIwJJsAU5VsTDYW+qfo4qIx8gYoSKc9Xu3yVh3n+9k43Gcm5V -9lvK1slijf+TzODZt/jsmkF8mPjXyP5KOI+xQp/m4PxW3pp57YrYj/Rnwga+8DKX -jMsW7mLAAZ/e+PY6z/s3x1Krfk+Bb5Ph4mI0zjw5weQdtyEToRgveda0GEpvZSBU -ZXN0ZXIgPGpvZUBmb28uYmFyPokCNgQQAQgAIAUCXq3NoAYLCQcIAwIEFQgKAgQW -AgEAAhkBAhsDAh4BAAoJEH2FHrctc72gxtQP/AulaClIcn/kDt43mhYnyLglPfbo -AqPlU26chXolBg0Wo0frFY3aIs5SrcWEf8aR4XLwCFGyi3vya0CUxjghN5tZBYqo -vswbT00zP3ohxxlJFCRRR9bc7OZXCgTddtfVf6EKrUAzIkbWyAhaJnwJy/1UGpSw -SEO/KpastrVKf3sv1wqOeFQ4DFyjaNda+xv3dVWS8db7KogqJiPFZXrQK3FKVIxS -fxRSmKaYN7//d+xwVAEY++RrnL/o8B2kV6N68cCpQWJELyYnJzis9LBcWd/3wiYh -efTyY+ePKUjcB+kEZnyJfLc7C2hll2e7UJ0fxv+k8vHReRhrNWmGRXsjNRxiw3U0 -hfvxD/C8nyqAbeTHp4XDX78Tc3XCysAqIYboIL+RyewDMjjLj5vzUYAdUdtyNaD7 -C6M2R6pN1GAt52CJmC/Z6F7W7GFGoYOdEkVdMQDsjCwScyEUNlGj9Zagw5M2EgSe -6gaHgMgTzsMzCc4W6WV5RcS55cfDNOXtxPsMJTt4FmXrjl11prBzpMfpU5a9zxDZ -oi54ZZ8VPE6jsT4Lzw3sni3c83wm28ArM20AzZ1vh7fk3Sfd0u4Yaz7s9JlEm5+D -34tEyli28+QjCQc18EfQUiJqiYEJRxJXJ3esvMHfYi45pV/Eh5DgRW1305fUJV/6 -+rGpg0NejsHoZdZPnQdGBF6tzaABEAC4mVXTkVk6Kdfa4r5zlzsoIrR27laUlMkb -OBMt+aokqS+BEbmTnMg6xIAmcUT5uvGAc8S/WhrPoYfc15fTUyHIz8ZbDoAg0LO6 -0Io4VkAvNJNEnsSV9VdLBh/XYlc4K49JqKyWTL4/FJFAGbsmHY3b+QU90AS6FYRv -KeBAoiyebrjx0vmzb8E8h3xthVLN+AfMlR1ickY62zvnpkbncSMY/skur1D2KfbF -3sFprty2pEtjFcyB5+18l2IyyHGOlEUw1PZdOAV4/Myh1EZRgYBPs80lYTJALCVF -IdOakH33WJCImtNZB0AbDTABG+JtMjQGscOa0qzf1Y/7tlhgCrynBBdaIJTx95TD -21BUHcHOu5yTIS6Ulysxfkv611+BiOKHgdq7DVGP78VuzA7bCjlP1+vHqIt3cnIa -t2tEyuZ/XF4uc3/i4g0uP9r7AmtET7Z6SKECWjpVv+UEgLx5Cv+ql+LSKYQMvU9a -i3B1F9fatn3FSLVYrL4aRxu4TSw9POb0/lgDNmN3lGQOsjGCZPibkHjgPEVxKuiq -9Oi38/VTQ0ZKAmHwBTq1WTZIrPrCW0/YMQ6yIJZulwQ9Yx1cgzYzEfg04fPXlXMi -vkvNpKbYIICzqj0/DVztz9wgpW6mnd0A2VX2dqbMM0fJUCHA6pj8AvXY4R+9Q4rj -eWRK9ycInQARAQAB/gcDApjt7biRO0PEyrrAiUwDMsJL4/CVMu11qUWEPjKe2Grh -ZTW3N+m3neKPRULu+LUtndUcEdVWUCoDzAJ7MwihZtV5vKST/5Scd2inonOaJqoA -nS3wnEMN/Sc93HAZiZnFx3NKjQVNCwbuEs45mXkkcjLm2iadrTL8fL4acsu5IsvD -LbDwVOPeNnHKl6Hr20e39fK0FuJEyH49JM6U3B1/8385sJB8+E24+hvSF81aMddh -Ne4Bc3ZYiYaKxe1quPNKC0CQhAZiT7LsMfkInXr0hY1I+kISNXEJ1dPYOEWiv0Ze -jD5Pupn34okKNEeBCx+dK8BmUCi6Jgs7McUA7hN0D/YUS++5fuR55UQq2j8Ui0tS -P8GDr86upH3PgEL0STh9fYfJ7TesxurwonWjlmmT62Myl4Pr+RmpS6PXOnhtcADm -eGLpzhTveFj4JBLMpyYHgBTqcs12zfprATOpsI/89kmQoGCZpG6+AbfSHqNNPdy2 -eqUCBhOZlIIda1z/cexmU3f/gBqyflFf8fkvmlO4AvI8aMH3OpgHdWnzh+AB51xj -kmdD/oWel9v7Dz4HoZUfwFaLZ0fE3P9voD8e+sCwqQwVqRY4L/BOYPD5noVOKgOj -ABNKu5uKrobj6rFUi6DTUCjFGcmoF1Sc06xFNaagUNggRbmlC/dz22RWdDUYv5ra -N6TxIDkGC0cK6ujyK0nes3DN0aHjgwWuMXDYkN3UckiebI4Cv/eF9jvUKOSiIcy1 -RtxdazZS4dYg2LBMeJKVkPi5elsNyw2812nEY3du/nEkQYXfYgWOF27OR+g4Y9Yw -1BiqJ1TTjbQnd/khOCrrbzDH1mw00+1XVsT6wjObuYqqxPPS87UrqmMf6OdoYfPm -zEOnNLBnsJ5VQM3A3pcT40RfdBrZRO8LjGhzKTreyq3C+jz0RLa5HNE8GgOhGyck -ME4h+RhXlE8KGM+tTo6PA1NJSrEt+8kZzxjP4rIEn0aVthCkNXK12inuXtnHm0ao -iLUlQOsfPFEnzl0TUPd7+z7j/wB+XiKU/AyEUuB0mvdxdKtqXvajahOyhLjzHQhz -ZnNlgANGtiqcSoJmkJ8yAvhrtQX51fQLftxbArRW1RYk/5l+Gy3azR+gUC17M6JN -jrUYxn0zlAxDGFH7gACHUONwVekcuEffHzgu2lk7MyO1Y+lPnwabqjG0eWWHuU00 -hskJlXyhj7DeR12bwjYkyyjG62GvOH02g3OMvUgNGH+K321Dz539csCh/xwtg7Wt -U3YAphU7htQ1dPDfk1IRs7DQo2L+ZTE57vmL5m0l6fTataEWBPUXkygfQFUJOM6Q -yY76UEZww1OSDujNeY171NSTzXCVkUeAdAMXgjaHXWLK2QUQUoXbYX/Kr7Vvt9Fu -Jh6eGjjp7dSjQ9+DW8CAB8vxd93gsQQGWYjmGu8khkEmx6OdZhmSbDbe915LQTb9 -sPhk2s5/Szsvr5W2JJ2321JI6KXBJMZvPC5jEBWmRzOYkRd2vloft+CSMfXF+Zfd -nYtc6R3dvb9vcjo+a9wFtfcoDsO0MaPSM+9GB25MamdatmGX6iLOy9Re1UABwUi/ -VhTWNkP5uzqx0sDwHEIa2rYOwxpIZDwwjM3oOASCW1DDBQ0BI9KNjfIeL3ubx2mS -2x8hFU9qSK4umoDNbzOqGPSlkdbiPcNjF2ZcSN1qQZiYdwLL5dw6APNyBVjxTN1J -gkCdJ/HwAY+r93Lbl5g8gz8d0vJEyfn//34sn9u+toSTw55GcG9Ks1kSKIeDNh0h -MiPm3HmJAh8EGAEIAAkFAl6tzaACGwwACgkQfYUety1zvaBV9hAAgliX36pXJ59g -3I9/4R68e/fGg0FMM6D+01yCeiKApOYRrJ0cYKn7ITDYmHhlGGpBAie90UsqX12h -hdLP7LoQx7sjTyzQt6JmpA8krIwi2ON7FKBkdYb8IYx4mE/5vKnYT4/SFnwTmnZY -+m+NzK2U/qmhq8JyO8gozdAKJUcgz49IVv2Ij0tQ4qaPbyPwQxIDyKnT758nJhB1 -jTqo+oWtER8q3okzIlqcArqn5rDaNJx+DRYL4E/IddyHQAiUWUka8usIUqeW5reu -zoPUE2CCfOJSGArkqHQQqMx0WEzjQTwAPaHrQbera4SbiV/o4CLCV/u5p1Qnig+Q -iUsakmlD299t//125LIQEa5qzd9hRC7u1uJS7VdW8eGIEcZ0/XT/sr+z23z0kpZH -D3dXPX0BwM4IP9xu31CNg10x0rKwjbxy8VaskFEelpqpu+gpAnxqMd1evpeUHcOd -r5RgPgkNFfba9Nbxf7uEX+HOmsOM+kdtSmdGIvsBZjVnW31nnoDMp49jG4OynjrH -cRuoM9sxdr6UDqb22CZ3/e0YN4UaZM3YDWMVaP/QBVgvIFcdByqNWezpd9T4ZUII -MZlaV1uRnHg6B/zTzhIdMM80AXz6Uv6kw4S+Lt7HlbrnMT7uKLuvzH7cle0hcIUa -PejgXO0uIRolYQ3sz2tMGhx1MfBqH64= -=WbwB ------END PGP PRIVATE KEY BLOCK----- \ No newline at end of file diff --git a/.github/workflows/fixtures/7D851EB72D73BDA0.pass b/.github/workflows/fixtures/7D851EB72D73BDA0.pass deleted file mode 100644 index ba6352f5..00000000 --- a/.github/workflows/fixtures/7D851EB72D73BDA0.pass +++ /dev/null @@ -1 +0,0 @@ -with stupid passphrase \ No newline at end of file diff --git a/.github/workflows/fixtures/generate.sh b/.github/workflows/fixtures/generate.sh deleted file mode 100644 index 2f2af822..00000000 --- a/.github/workflows/fixtures/generate.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/env sh -set -ex - -gpg --batch --gen-key <<-EOF -%echo Generating a standard key -Key-Type: DSA -Key-Length: 1024 -Subkey-Type: ELG-E -Subkey-Length: 1024 -Name-Real: Meshuggah Rocks -Name-Email: meshuggah@example.com -Expire-Date: 0 -# Do a commit here, so that we can later print "done" :-) -%commit -%echo done -EOF diff --git a/.github/workflows/fixtures/gpg-agent.conf b/.github/workflows/fixtures/gpg-agent.conf deleted file mode 100644 index a56651c2..00000000 --- a/.github/workflows/fixtures/gpg-agent.conf +++ /dev/null @@ -1,3 +0,0 @@ -default-cache-ttl 21600 -max-cache-ttl 31536000 -allow-preset-passphrase \ No newline at end of file diff --git a/.github/workflows/fixtures/gpg.conf b/.github/workflows/fixtures/gpg.conf deleted file mode 100644 index 4418c056..00000000 --- a/.github/workflows/fixtures/gpg.conf +++ /dev/null @@ -1,71 +0,0 @@ -################################################################################ -# GnuPG Options - -# (OpenPGP-Configuration-Options) -# Assume that command line arguments are given as UTF8 strings. -utf8-strings - -# (OpenPGP-Protocol-Options) -# Set the list of personal digest/cipher/compression preferences. This allows -# the user to safely override the algorithm chosen by the recipient key -# preferences, as GPG will only select an algorithm that is usable by all -# recipients. -personal-digest-preferences SHA512 SHA384 SHA256 SHA224 -personal-cipher-preferences AES256 AES192 AES CAST5 CAMELLIA192 BLOWFISH TWOFISH CAMELLIA128 3DES -personal-compress-preferences ZLIB BZIP2 ZIP - -# Set the list of default preferences to string. This preference list is used -# for new keys and becomes the default for "setpref" in the edit menu. -default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed - -# (OpenPGP-Esoteric-Options) -# Use name as the message digest algorithm used when signing a key. Running the -# program with the command --version yields a list of supported algorithms. Be -# aware that if you choose an algorithm that GnuPG supports but other OpenPGP -# implementations do not, then some users will not be able to use the key -# signatures you make, or quite possibly your entire key. -# -# SHA-1 is the only algorithm specified for OpenPGP V4. By changing the -# cert-digest-algo, the OpenPGP V4 specification is not met but with even -# GnuPG 1.4.10 (release 2009) supporting SHA-2 algorithm, this should be safe. -# Source: https://tools.ietf.org/html/rfc4880#section-12.2 -cert-digest-algo SHA512 -digest-algo SHA256 - -# Selects how passphrases for symmetric encryption are mangled. 3 (the default) -# iterates the whole process a number of times (see --s2k-count). -s2k-mode 3 - -# (OpenPGP-Protocol-Options) -# Use name as the cipher algorithm for symmetric encryption with a passphrase -# if --personal-cipher-preferences and --cipher-algo are not given. The -# default is AES-128. -s2k-cipher-algo AES256 - -# (OpenPGP-Protocol-Options) -# Use name as the digest algorithm used to mangle the passphrases for symmetric -# encryption. The default is SHA-1. -s2k-digest-algo SHA512 - -# (OpenPGP-Protocol-Options) -# Specify how many times the passphrases mangling for symmetric encryption is -# repeated. This value may range between 1024 and 65011712 inclusive. The -# default is inquired from gpg-agent. Note that not all values in the -# 1024-65011712 range are legal and if an illegal value is selected, GnuPG will -# round up to the nearest legal value. This option is only meaningful if -# --s2k-mode is set to the default of 3. -s2k-count 1015808 - -################################################################################ -# GnuPG View Options - -# Select how to display key IDs. "long" is the more accurate (but less -# convenient) 16-character key ID. Add an "0x" to include an "0x" at the -# beginning of the key ID. -keyid-format 0xlong - -# List all keys with their fingerprints. This is the same output as --list-keys -# but with the additional output of a line with the fingerprint. If this -# command is given twice, the fingerprints of all secondary keys are listed too. -with-fingerprint -with-fingerprint diff --git a/.gitignore b/.gitignore index 5e56e040..813fe5c0 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /bin +.idea/ diff --git a/Dockerfile b/Dockerfile index 7bf255e6..0b7bb309 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ ARG OSXCROSS_VERSION=11.3-r7-debian ARG GOLANGCI_LINT_VERSION=v1.55.2 ARG DEBIAN_FRONTEND=noninteractive -ARG PACKAGE=github.com/docker/docker-credential-helpers +ARG PACKAGE=github.com/gptscript-ai/gptscript-credential-helpers # xx is a helper for cross-compilation FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx @@ -107,8 +107,8 @@ RUN --mount=type=bind,target=. \ set -ex xx-go --wrap make build-pass build-secretservice PACKAGE=$PACKAGE VERSION=$(cat /tmp/.version) REVISION=$(cat /tmp/.revision) DESTDIR=/out - xx-verify /out/docker-credential-pass - xx-verify /out/docker-credential-secretservice + xx-verify /out/gptscript-credential-pass + xx-verify /out/gptscript-credential-secretservice EOT FROM base AS build-darwin @@ -124,8 +124,8 @@ RUN --mount=type=bind,target=. \ xx-go --wrap go install std make build-osxkeychain build-pass PACKAGE=$PACKAGE VERSION=$(cat /tmp/.version) REVISION=$(cat /tmp/.revision) DESTDIR=/out - xx-verify /out/docker-credential-osxkeychain - xx-verify /out/docker-credential-pass + xx-verify /out/gptscript-credential-osxkeychain + xx-verify /out/gptscript-credential-pass EOT FROM base AS build-windows @@ -138,8 +138,8 @@ RUN --mount=type=bind,target=. \ set -ex xx-go --wrap make build-wincred PACKAGE=$PACKAGE VERSION=$(cat /tmp/.version) REVISION=$(cat /tmp/.revision) DESTDIR=/out - mv /out/docker-credential-wincred /out/docker-credential-wincred.exe - xx-verify /out/docker-credential-wincred.exe + mv /out/gptscript-credential-wincred /out/gptscript-credential-wincred.exe + xx-verify /out/gptscript-credential-wincred.exe EOT FROM build-$TARGETOS AS build diff --git a/MAINTAINERS b/MAINTAINERS deleted file mode 100644 index 5867d3a0..00000000 --- a/MAINTAINERS +++ /dev/null @@ -1,136 +0,0 @@ -# docker-credential-helpers maintainers file -# -# This file describes who runs the docker/docker-credential-helpers project and how. -# This is a living document - if you see something out of date or missing, speak up! -# -# It is structured to be consumable by both humans and programs. -# To extract its contents programmatically, use any TOML-compliant parser. -# -# This file is compiled into the MAINTAINERS file in docker/opensource. -# -[Org] - [Org."Core maintainers"] - people = [ - "coolljt0725", - "cpuguy83", - "crosbymichael", - "dnephin", - "duglin", - "estesp", - "jhowardmsft", - "mavenugo", - "mhbauer", - "n4ss", - "runcom", - "stevvooe", - "thajeztah", - "tianon", - "tibor", - "tonistiigi", - "unclejack", - "vdemeester", - "vieux" - ] - -[people] - -# A reference list of all people associated with the project. -# All other sections should refer to people by their canonical key -# in the people section. - - # ADD YOURSELF HERE IN ALPHABETICAL ORDER - - [people.coolljt0725] - Name = "Lei Jitang" - Email = "leijitang@huawei.com" - GitHub = "coolljt0725" - - [people.cpuguy83] - Name = "Brian Goff" - Email = "cpuguy83@gmail.com" - Github = "cpuguy83" - - [people.crosbymichael] - Name = "Michael Crosby" - Email = "crosbymichael@gmail.com" - GitHub = "crosbymichael" - - [people.dnephin] - Name = "Daniel Nephin" - Email = "dnephin@gmail.com" - GitHub = "dnephin" - - [people.duglin] - Name = "Doug Davis" - Email = "dug@us.ibm.com" - GitHub = "duglin" - - [people.estesp] - Name = "Phil Estes" - Email = "estesp@linux.vnet.ibm.com" - GitHub = "estesp" - - [people.jhowardmsft] - Name = "John Howard" - Email = "jhoward@microsoft.com" - GitHub = "jhowardmsft" - - [people.mavenugo] - Name = "Madhu Venugopal" - Email = "madhu@docker.com" - GitHub = "mavenugo" - - [people.mhbauer] - Name = "Morgan Bauer" - Email = "mbauer@us.ibm.com" - GitHub = "mhbauer" - - [people.n4ss] - Name = "Nassim Eddequiouaq" - Email = "eddequiouaq.nassim@gmail.com" - GitHub = "n4ss" - - [people.runcom] - Name = "Antonio Murdaca" - Email = "runcom@redhat.com" - GitHub = "runcom" - - [people.stevvooe] - Name = "Stephen Day" - Email = "stephen.day@docker.com" - GitHub = "stevvooe" - - [people.thajeztah] - Name = "Sebastiaan van Stijn" - Email = "github@gone.nl" - GitHub = "thaJeztah" - - [people.tianon] - Name = "Tianon Gravi" - Email = "admwiggin@gmail.com" - GitHub = "tianon" - - [people.tibor] - Name = "Tibor Vass" - Email = "tibor@docker.com" - GitHub = "tiborvass" - - [people.tonistiigi] - Name = "Tõnis Tiigi" - Email = "tonis@docker.com" - GitHub = "tonistiigi" - - [people.unclejack] - Name = "Cristian Staretu" - Email = "cristian.staretu@gmail.com" - GitHub = "unclejack" - - [people.vdemeester] - Name = "Vincent Demeester" - Email = "vincent@sbr.pm" - GitHub = "vdemeester" - - [people.vieux] - Name = "Victor Vieux" - Email = "vieux@docker.com" - GitHub = "vieux" diff --git a/Makefile b/Makefile index 9868445d..430d7c2a 100644 --- a/Makefile +++ b/Makefile @@ -1,9 +1,10 @@ -PACKAGE ?= github.com/docker/docker-credential-helpers +PACKAGE ?= github.com/gptscript-ai/gptscript-credential-helpers VERSION ?= $(shell ./hack/git-meta version) REVISION ?= $(shell ./hack/git-meta revision) +COMMIT_DATE ?= $(shell .hack/git-meta commit-date) -GO_PKG = github.com/docker/docker-credential-helpers -GO_LDFLAGS = -s -w -X ${GO_PKG}/credentials.Version=${VERSION} -X ${GO_PKG}/credentials.Revision=${REVISION} -X ${GO_PKG}/credentials.Package=${PACKAGE} +GO_PKG = github.com/gptscript-ai/gptscript-credential-helpers +GO_LDFLAGS = -s -w -X ${GO_PKG}/credentials.Version=${VERSION} -X ${GO_PKG}/credentials.Revision=${REVISION} -X ${GO_PKG}/credentials.Package=${PACKAGE} -X main.version=${VERSION} -X main.commit=${REVISION} -X main.date=${COMMIT_DATE} BUILDX_CMD ?= docker buildx DESTDIR ?= ./bin/build @@ -24,7 +25,7 @@ clean: .PHONY: build-% build-%: # build, can be one of build-osxkeychain build-pass build-secretservice build-wincred - go build -trimpath -ldflags="$(GO_LDFLAGS) -X ${GO_PKG}/credentials.Name=docker-credential-$*" -o "$(DESTDIR)/docker-credential-$*" ./$*/cmd/ + go build -trimpath -ldflags="$(GO_LDFLAGS) -X ${GO_PKG}/credentials.Name=gptscript-credential-$*" -o "$(DESTDIR)/gptscript-credential-$*" ./$*/cmd/ # aliases for build-* targets .PHONY: osxkeychain secretservice pass wincred @@ -62,7 +63,7 @@ fmt: .PHONY: validate validate: lint validate-vendor fmt -BUILDIMG:=docker-credential-secretservice-$(VERSION) +BUILDIMG:=gptscript-credential-secretservice-$(VERSION) .PHONY: deb deb: mkdir -p release diff --git a/README.md b/README.md index 389542a7..ae222b52 100644 --- a/README.md +++ b/README.md @@ -1,44 +1,12 @@ -[![GitHub release](https://img.shields.io/github/release/docker/docker-credential-helpers.svg?style=flat-square)](https://github.com/docker/docker-credential-helpers/releases/latest) -[![PkgGoDev](https://img.shields.io/badge/go.dev-docs-007d9c?style=flat-square&logo=go&logoColor=white)](https://pkg.go.dev/github.com/docker/docker-credential-helpers) -[![Build Status](https://img.shields.io/github/actions/workflow/status/docker/docker-credential-helpers/build.yml?label=build&logo=github&style=flat-square)](https://github.com/docker/docker-credential-helpers/actions?query=workflow%3Abuild) -[![Codecov](https://img.shields.io/codecov/c/github/docker/docker-credential-helpers?logo=codecov&style=flat-square)](https://codecov.io/gh/docker/docker-credential-helpers) -[![Go Report Card](https://goreportcard.com/badge/github.com/docker/docker-credential-helpers?style=flat-square)](https://goreportcard.com/report/github.com/docker/docker-credential-helpers) - -## Introduction - -docker-credential-helpers is a suite of programs to use native stores to keep Docker credentials safe. - -## Installation - -Go to the [Releases](https://github.com/docker/docker-credential-helpers/releases) page and download the binary that works better for you. Put that binary in your `$PATH`, so Docker can find it. +This is a fork of https://github.com/docker/docker-credential-helpers for use with GPTScript. ## Building -You can build the credential helpers using Docker: - -```shell -# install emulators -$ docker run --privileged --rm tonistiigi/binfmt --install all - -# create builder -$ docker buildx create --use - -# build credential helpers from remote repository and output to ./bin/build -$ docker buildx bake "https://github.com/docker/docker-credential-helpers.git" - -# or from local source -$ git clone https://github.com/docker/docker-credential-helpers.git -$ cd docker-credential-helpers -$ docker buildx bake -``` - -Or if the toolchain is already installed on your machine: - 1 - Download the source. ```shell -$ git clone https://github.com/docker/docker-credential-helpers.git -$ cd docker-credential-helpers +$ git clone https://github.com/gptscript-ai/gptscript-credential-helpers.git +$ cd gptscript-credential-helpers ``` 2 - Use `make` to build the program you want. That will leave an executable in the `bin` directory inside the repository. @@ -47,64 +15,24 @@ $ cd docker-credential-helpers $ make osxkeychain ``` -3 - Put that binary in your `$PATH`, so Docker can find it. +3 - Put that binary in your `$PATH`, so GPTScript can find it. ```shell -$ cp bin/build/docker-credential-osxkeychain /usr/local/bin/ +$ cp bin/build/gptscript-credential-osxkeychain /usr/local/bin/ ``` -## Usage - -### With the Docker Engine - -Set the `credsStore` option in your `~/.docker/config.json` file with the suffix of the program you want to use. For instance, set it to `osxkeychain` if you want to use `docker-credential-osxkeychain`. - -```json -{ - "credsStore": "osxkeychain" -} -``` - -### With other command line applications - -The sub-package [client](https://godoc.org/github.com/docker/docker-credential-helpers/client) includes -functions to call external programs from your own command line applications. - -There are three things you need to know if you need to interact with a helper: - -1. The name of the program to execute, for instance `docker-credential-osxkeychain`. -2. The server address to identify the credentials, for instance `https://example.com`. -3. The username and secret to store, when you want to store credentials. - -You can see examples of each function in the [client](https://godoc.org/github.com/docker/docker-credential-helpers/client) documentation. - ### Available programs -1. osxkeychain: Provides a helper to use the OS X keychain as credentials store. +1. osxkeychain: Provides a helper to use the macOS keychain as credentials store. 2. secretservice: Provides a helper to use the D-Bus secret service as credentials store. 3. wincred: Provides a helper to use Windows credentials manager as store. 4. pass: Provides a helper to use `pass` as credentials store. #### Note -`pass` needs to be configured for `docker-credential-pass` to work properly. +`pass` needs to be configured for `gptscript-credential-pass` to work properly. It must be initialized with a `gpg2` key ID. Make sure your GPG key exists is in `gpg2` keyring as `pass` uses `gpg2` instead of the regular `gpg`. -## Development - -A credential helper can be any program that can read values from the standard input. We use the first argument in the command line to differentiate the kind of command to execute. There are four valid values: - -- `store`: Adds credentials to the keychain. The payload in the standard input is a JSON document with `ServerURL`, `Username` and `Secret`. -- `get`: Retrieves credentials from the keychain. The payload in the standard input is the raw value for the `ServerURL`. -- `erase`: Removes credentials from the keychain. The payload in the standard input is the raw value for the `ServerURL`. -- `list`: Lists stored credentials. There is no standard input payload. - -This repository also includes libraries to implement new credentials programs in Go. Adding a new helper program is pretty easy. You can see how the OS X keychain helper works in the [osxkeychain](osxkeychain) directory. - -1. Implement the interface `credentials.Helper` in `YOUR_PACKAGE/` -2. Create a main program in `YOUR_PACKAGE/cmd/`. -3. Add make tasks to build your program and run tests. - ## License MIT. See [LICENSE](LICENSE) for more information. diff --git a/client/client.go b/client/client.go index 7ca5ab72..517c537c 100644 --- a/client/client.go +++ b/client/client.go @@ -6,7 +6,7 @@ import ( "fmt" "strings" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) // isValidCredsMessage checks if 'msg' contains invalid credentials error message. diff --git a/client/client_test.go b/client/client_test.go index 0db20057..d4bbd72f 100644 --- a/client/client_test.go +++ b/client/client_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) const ( diff --git a/credentials/credentials.go b/credentials/credentials.go index eac55188..f0505a33 100644 --- a/credentials/credentials.go +++ b/credentials/credentials.go @@ -47,10 +47,10 @@ func (c *Credentials) isValid() (bool, error) { return true, nil } -// CredsLabel holds the way Docker credentials should be labeled as such in credentials stores that allow labelling. -// That label allows to filter out non-Docker credentials too at lookup/search in macOS keychain, -// Windows credentials manager and Linux libsecret. Default value is "Docker Credentials" -var CredsLabel = "Docker Credentials" +// CredsLabel holds the way GPTScript credentials should be labeled as such in credentials stores that allow labelling. +// That label allows to filter out non-GPTScript credentials too at lookup/search in macOS keychain, +// Windows credentials manager and Linux libsecret. Default value is "GPTScript Credentials" +var CredsLabel = "GPTScript Credentials" // SetCredsLabel is a simple setter for CredsLabel func SetCredsLabel(label string) { diff --git a/credentials/version.go b/credentials/version.go index 84377c26..2e035194 100644 --- a/credentials/version.go +++ b/credentials/version.go @@ -5,7 +5,7 @@ var ( Name = "" // Package is filled at linking time - Package = "github.com/docker/docker-credential-helpers" + Package = "github.com/gptscript-ai/gptscript-credential-helpers" // Version holds the complete version number. Filled in at linking time. Version = "v0.0.0+unknown" diff --git a/deb/Dockerfile b/deb/Dockerfile deleted file mode 100644 index ae27517d..00000000 --- a/deb/Dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -# syntax=docker/dockerfile:1 - -ARG GO_VERSION=1.21.6 -ARG DISTRO=ubuntu -ARG SUITE=focal - -FROM golang:${GO_VERSION}-bullseye AS golang - -FROM ${DISTRO}:${SUITE} - -ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -yy debhelper dh-make libsecret-1-dev -RUN mkdir -p /build - -WORKDIR /build -ENV GOPROXY=https://proxy.golang.org|direct -ENV GO111MODULE=off -ENV GOPATH=/build -ENV PATH=$PATH:/usr/local/go/bin:$GOPATH/bin -COPY --from=golang /usr/local/go /usr/local/go - -COPY Makefile . -COPY credentials credentials -COPY secretservice secretservice -COPY pass pass -COPY deb/debian ./debian -COPY deb/build-deb . - -ARG VERSION -ENV VERSION=${VERSION} -ARG REVISION -ENV REVISION=${REVISION} -ARG DISTRO -ENV DISTRO=${DISTRO} -ARG SUITE -ENV SUITE=${SUITE} -RUN /build/build-deb diff --git a/deb/build-deb b/deb/build-deb deleted file mode 100755 index 04d3de1d..00000000 --- a/deb/build-deb +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/env bash -set -ex - -maintainer=$(awk -F ': ' '$1 == "Maintainer" { print $2; exit }' debian/control) - -cat > "debian/changelog" <<-EOF -docker-credential-helpers ($VERSION) $DISTRO-$SUITE; urgency=low - - * New upstream version - - -- $maintainer $(date --rfc-2822) -EOF - -mkdir -p src/github.com/docker/docker-credential-helpers -ln -s /build/credentials /build/src/github.com/docker/docker-credential-helpers/credentials -ln -s /build/secretservice /build/src/github.com/docker/docker-credential-helpers/secretservice -ln -s /build/pass /build/src/github.com/docker/docker-credential-helpers/pass - -dpkg-buildpackage -us -uc - -mkdir /release -mv /docker-credential-* /release diff --git a/deb/debian/compat b/deb/debian/compat deleted file mode 100644 index ec635144..00000000 --- a/deb/debian/compat +++ /dev/null @@ -1 +0,0 @@ -9 diff --git a/deb/debian/control b/deb/debian/control deleted file mode 100644 index 33f2041a..00000000 --- a/deb/debian/control +++ /dev/null @@ -1,25 +0,0 @@ -Source: docker-credential-helpers -Section: admin -Priority: optional -Maintainer: Docker -Homepage: https://dockerproject.org -Standards-Version: 3.9.6 -Vcs-Browser: https://github.com/docker/docker-credential-helpers -Vcs-Git: git://github.com/docker/docker-credential-helpers.git -Build-Depends: debhelper - , dh-make - , libsecret-1-dev - -Package: docker-credential-secretservice -Architecture: any -Depends: libsecret-1-0 - , ${misc:Depends} -Description: docker-credential-secretservice is a credential helper backend - which uses libsecret to keep Docker credentials safe. - -Package: docker-credential-pass -Architecture: any -Depends: pass - , ${misc:Depends} -Description: docker-credential-secretservice is a credential helper backend - which uses the pass utility to keep Docker credentials safe. diff --git a/deb/debian/docker-credential-pass.install b/deb/debian/docker-credential-pass.install deleted file mode 100644 index fb17479b..00000000 --- a/deb/debian/docker-credential-pass.install +++ /dev/null @@ -1 +0,0 @@ -debian/tmp/usr/bin/docker-credential-pass diff --git a/deb/debian/docker-credential-secretservice.install b/deb/debian/docker-credential-secretservice.install deleted file mode 100644 index 4a17630b..00000000 --- a/deb/debian/docker-credential-secretservice.install +++ /dev/null @@ -1 +0,0 @@ -debian/tmp/usr/bin/docker-credential-secretservice diff --git a/deb/debian/rules b/deb/debian/rules deleted file mode 100755 index 4750af38..00000000 --- a/deb/debian/rules +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/make -f - -DESTDIR := $(CURDIR)/debian/tmp - -override_dh_auto_build: - make build-secretservice DESTDIR=bin - make build-pass DESTDIR=bin - -override_dh_auto_install: - install -D bin/docker-credential-secretservice $(DESTDIR)/usr/bin/docker-credential-secretservice - install -D bin/docker-credential-pass $(DESTDIR)/usr/bin/docker-credential-pass - -%: - dh $@ - -override_dh_auto_test: - # no tests - diff --git a/docker-bake.hcl b/docker-bake.hcl index db192b91..5ba28e89 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -57,13 +57,7 @@ target "binaries" { "darwin/amd64", "darwin/arm64", "linux/amd64", - "linux/arm64", - "linux/arm/v7", - "linux/arm/v6", - "linux/ppc64le", - "linux/s390x", - "windows/amd64", - "windows/arm64" + "linux/arm64" ] } diff --git a/go.mod b/go.mod index a8ec1cd8..0c2dd6a1 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/docker/docker-credential-helpers +module github.com/gptscript-ai/gptscript-credential-helpers go 1.19 diff --git a/hack/git-meta b/hack/git-meta index ed4bfb84..65e4cbc6 100755 --- a/hack/git-meta +++ b/hack/git-meta @@ -9,6 +9,9 @@ case $1 in "revision") echo "$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi)" ;; + "commit-date") + git show -s --format=%cI HEAD + ;; *) echo "usage: ./hack/git-meta " exit 1 diff --git a/hack/release b/hack/release index aff1c646..03f9eff9 100755 --- a/hack/release +++ b/hack/release @@ -22,11 +22,11 @@ if [ -n "$CACHE_TO" ]; then done fi -dockerpfx=$(mktemp -t dockercredhelper-pfx.XXXXXXXXXX) -function clean { - rm -f "$dockerpfx" -} -trap clean EXIT +#dockerpfx=$(mktemp -t dockercredhelper-pfx.XXXXXXXXXX) +#function clean { +# rm -f "$dockerpfx" +#} +#trap clean EXIT # release ( @@ -39,21 +39,30 @@ mv -f ./${DESTDIR}/**/* ./${DESTDIR}/ find ./${DESTDIR} -type d -empty -delete # sign binaries -if [ -n "$SIGN" ]; then - for f in "${DESTDIR}"/*".darwin-"*; do - SIGNINGHASH=$(security find-identity -v -p codesigning | grep "Developer ID Application: Docker Inc" | cut -d ' ' -f 4) - xcrun -log codesign -s "$SIGNINGHASH" --force --verbose "$f" - xcrun codesign --verify --deep --strict --verbose=2 --display "$f" - done - for f in "${DESTDIR}"/*".windows-"*; do - echo ${PFX} | base64 -d > "$dockerpfx" - signtool sign /fd SHA256 /a /f pfx /p ${PFXPASSWORD} /d Docker /du https://www.docker.com /t http://timestamp.verisign.com/scripts/timestamp.dll "$f" - done -fi +#if [ -n "$SIGN" ]; then +# for f in "${DESTDIR}"/*".darwin-"*; do +# SIGNINGHASH=$(security find-identity -v -p codesigning | grep "Developer ID Application: Docker Inc" | cut -d ' ' -f 4) +# xcrun -log codesign -s "$SIGNINGHASH" --force --verbose "$f" +# xcrun codesign --verify --deep --strict --verbose=2 --display "$f" +# done +# for f in "${DESTDIR}"/*".windows-"*; do +# echo ${PFX} | base64 -d > "$dockerpfx" +# signtool sign /fd SHA256 /a /f pfx /p ${PFXPASSWORD} /d Docker /du https://www.docker.com /t http://timestamp.verisign.com/scripts/timestamp.dll "$f" +# done +#fi + +# universal binary +( + cd ${DESTDIR} + wget https://github.com/g-linville/makefat/releases/download/v0.1.2/makefat_0.1.2_linux_amd64.tar.gz + tar -xzf makefat_0.1.2_linux_amd64.tar.gz + find . -name "gptscript-credential-osxkeychain-*" -print0 | xargs ./makefat gptscript-credential-osxkeychain + rm -f makefat* gptscript-credential-osxkeychain-* +) # checksums ( cd ${DESTDIR} - sha256sum -b docker-credential-* > ./checksums.txt + sha256sum -b gptscript-credential-* > ./checksums.txt sha256sum -c --strict checksums.txt ) diff --git a/osxkeychain/cmd/main.go b/osxkeychain/cmd/main.go index 08844b47..9656a479 100644 --- a/osxkeychain/cmd/main.go +++ b/osxkeychain/cmd/main.go @@ -3,8 +3,8 @@ package main import ( - "github.com/docker/docker-credential-helpers/credentials" - "github.com/docker/docker-credential-helpers/osxkeychain" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/osxkeychain" ) func main() { diff --git a/osxkeychain/osxkeychain.go b/osxkeychain/osxkeychain.go index e6347304..3ed3138c 100644 --- a/osxkeychain/osxkeychain.go +++ b/osxkeychain/osxkeychain.go @@ -16,8 +16,8 @@ import ( "strconv" "unsafe" - "github.com/docker/docker-credential-helpers/credentials" - "github.com/docker/docker-credential-helpers/registryurl" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/registryurl" ) // errCredentialsNotFound is the specific error message returned by OS X diff --git a/osxkeychain/osxkeychain_test.go b/osxkeychain/osxkeychain_test.go index c82c6490..3d0f1ec2 100644 --- a/osxkeychain/osxkeychain_test.go +++ b/osxkeychain/osxkeychain_test.go @@ -6,7 +6,7 @@ import ( "fmt" "testing" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) func TestOSXKeychainHelper(t *testing.T) { diff --git a/pass/cmd/main.go b/pass/cmd/main.go index 4fe7c1ed..1dd89616 100644 --- a/pass/cmd/main.go +++ b/pass/cmd/main.go @@ -1,8 +1,8 @@ package main import ( - "github.com/docker/docker-credential-helpers/credentials" - "github.com/docker/docker-credential-helpers/pass" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/pass" ) func main() { diff --git a/pass/pass.go b/pass/pass.go index 80af37dd..fbfc5c34 100644 --- a/pass/pass.go +++ b/pass/pass.go @@ -17,7 +17,7 @@ import ( "strings" "sync" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) // PASS_FOLDER contains the directory where credentials are stored diff --git a/pass/pass_test.go b/pass/pass_test.go index 47e5e902..bb8780a5 100644 --- a/pass/pass_test.go +++ b/pass/pass_test.go @@ -6,7 +6,7 @@ import ( "strings" "testing" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) func TestPassHelper(t *testing.T) { diff --git a/secretservice/cmd/main.go b/secretservice/cmd/main.go index 22d2a6d4..f77c040f 100644 --- a/secretservice/cmd/main.go +++ b/secretservice/cmd/main.go @@ -3,8 +3,8 @@ package main import ( - "github.com/docker/docker-credential-helpers/credentials" - "github.com/docker/docker-credential-helpers/secretservice" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/secretservice" ) func main() { diff --git a/secretservice/secretservice.go b/secretservice/secretservice.go index caf0fe7c..982d642b 100644 --- a/secretservice/secretservice.go +++ b/secretservice/secretservice.go @@ -14,7 +14,7 @@ import ( "errors" "unsafe" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) // Secretservice handles secrets using Linux secret-service as a store. diff --git a/secretservice/secretservice_test.go b/secretservice/secretservice_test.go index 21da1042..e31f8259 100644 --- a/secretservice/secretservice_test.go +++ b/secretservice/secretservice_test.go @@ -6,7 +6,7 @@ import ( "strings" "testing" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) func TestSecretServiceHelper(t *testing.T) { diff --git a/wincred/cmd/main.go b/wincred/cmd/main.go index d2bcefb7..80b54680 100644 --- a/wincred/cmd/main.go +++ b/wincred/cmd/main.go @@ -3,8 +3,8 @@ package main import ( - "github.com/docker/docker-credential-helpers/credentials" - "github.com/docker/docker-credential-helpers/wincred" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/wincred" ) func main() { diff --git a/wincred/wincred.go b/wincred/wincred.go index 41c792bc..8145e150 100644 --- a/wincred/wincred.go +++ b/wincred/wincred.go @@ -8,8 +8,8 @@ import ( "strings" winc "github.com/danieljoos/wincred" - "github.com/docker/docker-credential-helpers/credentials" - "github.com/docker/docker-credential-helpers/registryurl" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/registryurl" ) // Wincred handles secrets using the Windows credential service. diff --git a/wincred/wincred_test.go b/wincred/wincred_test.go index ed5f1f84..c51a222d 100644 --- a/wincred/wincred_test.go +++ b/wincred/wincred_test.go @@ -7,7 +7,7 @@ import ( "strings" "testing" - "github.com/docker/docker-credential-helpers/credentials" + "github.com/gptscript-ai/gptscript-credential-helpers/credentials" ) func TestWinCredHelper(t *testing.T) {