Refactor remote.ImageOption (#432)

Author: jonjohnsonjr

pkg/crane/append.go

@@ -16,7 +16,6 @@ package crane
 
 import (
 	"log"
-	"net/http"
 
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -82,12 +81,7 @@ func doAppend(src, dst, tar, output string) {
 		return
 	}
 
-	dstAuth, err := authn.DefaultKeychain.Resolve(dstTag.Context().Registry)
-	if err != nil {
-		log.Fatalf("getting creds for %q: %v", dstTag, err)
-	}
-
-	if err := remote.Write(dstTag, image, dstAuth, http.DefaultTransport); err != nil {
+	if err := remote.Write(dstTag, image, remote.WithAuthFromKeychain(authn.DefaultKeychain)); err != nil {
 		log.Fatalf("writing image %q: %v", dstTag, err)
 	}
 }

pkg/crane/copy.go

@@ -16,7 +16,6 @@ package crane
 
 import (
 	"log"
-	"net/http"
 
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -46,48 +45,43 @@ func doCopy(_ *cobra.Command, args []string) {
 	}
 	log.Printf("Pulling %v", srcRef)
 
-	dstRef, err := name.ParseReference(dst)
-	if err != nil {
-		log.Fatalf("parsing reference %q: %v", dst, err)
-	}
-	log.Printf("Pushing %v", dstRef)
-
-	dstAuth, err := authn.DefaultKeychain.Resolve(dstRef.Context().Registry)
+	desc, err := remote.Get(srcRef, remote.WithAuthFromKeychain(authn.DefaultKeychain))
 	if err != nil {
-		log.Fatalf("getting creds for %q: %v", dstRef, err)
+		log.Fatalf("fetching image %q: %v", srcRef, err)
 	}
 
-	desc, err := remote.Get(srcRef, remote.WithAuthFromKeychain(authn.DefaultKeychain))
+	dstRef, err := name.ParseReference(dst)
 	if err != nil {
-		log.Fatalf("fetching image %q: %v", srcRef, err)
+		log.Fatalf("parsing reference %q: %v", dst, err)
 	}
+	log.Printf("Pushing %v", dstRef)
 
 	switch desc.MediaType {
 	case types.OCIImageIndex, types.DockerManifestList:
 		// Handle indexes separately.
-		if err := copyIndex(desc, dstRef, dstAuth); err != nil {
+		if err := copyIndex(desc, dstRef); err != nil {
 			log.Fatalf("failed to copy index: %v", err)
 		}
 	default:
 		// Assume anything else is an image, since some registries don't set mediaTypes properly.
-		if err := copyImage(desc, dstRef, dstAuth); err != nil {
+		if err := copyImage(desc, dstRef); err != nil {
 			log.Fatalf("failed to copy image: %v", err)
 		}
 	}
 }
 
-func copyImage(desc *remote.Descriptor, dstRef name.Reference, dstAuth authn.Authenticator) error {
+func copyImage(desc *remote.Descriptor, dstRef name.Reference) error {
 	img, err := desc.Image()
 	if err != nil {
 		return err
 	}
-	return remote.Write(dstRef, img, dstAuth, http.DefaultTransport)
+	return remote.Write(dstRef, img, remote.WithAuthFromKeychain(authn.DefaultKeychain))
 }
 
-func copyIndex(desc *remote.Descriptor, dstRef name.Reference, dstAuth authn.Authenticator) error {
+func copyIndex(desc *remote.Descriptor, dstRef name.Reference) error {
 	idx, err := desc.ImageIndex()
 	if err != nil {
 		return err
 	}
-	return remote.WriteIndex(dstRef, idx, dstAuth, http.DefaultTransport)
+	return remote.WriteIndex(dstRef, idx, remote.WithAuthFromKeychain(authn.DefaultKeychain))
 }

pkg/crane/delete.go

@@ -16,7 +16,6 @@ package crane
 
 import (
 	"log"
-	"net/http"
 
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -43,12 +42,7 @@ func doDelete(_ *cobra.Command, args []string) {
 		log.Fatalf("parsing reference %q: %v", ref, err)
 	}
 
-	auth, err := authn.DefaultKeychain.Resolve(r.Context().Registry)
-	if err != nil {
-		log.Fatalf("getting creds for %q: %v", r, err)
-	}
-
-	if err := remote.Delete(r, auth, http.DefaultTransport); err != nil {
+	if err := remote.Delete(r, remote.WithAuthFromKeychain(authn.DefaultKeychain)); err != nil {
 		log.Fatalf("deleting image %q: %v", r, err)
 	}
 }

pkg/crane/list.go

@@ -17,7 +17,6 @@ package crane
 import (
 	"fmt"
 	"log"
-	"net/http"
 
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -44,12 +43,7 @@ func ls(_ *cobra.Command, args []string) {
 		log.Fatalf("parsing repo %q: %v", r, err)
 	}
 
-	auth, err := authn.DefaultKeychain.Resolve(repo.Registry)
-	if err != nil {
-		log.Fatalf("getting creds for %q: %v", repo, err)
-	}
-
-	tags, err := remote.List(repo, auth, http.DefaultTransport)
+	tags, err := remote.List(repo, remote.WithAuthFromKeychain(authn.DefaultKeychain))
 	if err != nil {
 		log.Fatalf("reading tags for %q: %v", repo, err)
 	}

pkg/crane/push.go

@@ -16,7 +16,6 @@ package crane
 
 import (
 	"log"
-	"net/http"
 
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -45,17 +44,12 @@ func push(_ *cobra.Command, args []string) {
 	}
 	log.Printf("Pushing %v", t)
 
-	auth, err := authn.DefaultKeychain.Resolve(t.Registry)
-	if err != nil {
-		log.Fatalf("getting creds for %q: %v", t, err)
-	}
-
 	i, err := tarball.ImageFromPath(src, nil)
 	if err != nil {
 		log.Fatalf("reading image %q: %v", src, err)
 	}
 
-	if err := remote.Write(t, i, auth, http.DefaultTransport); err != nil {
+	if err := remote.Write(t, i, remote.WithAuthFromKeychain(authn.DefaultKeychain)); err != nil {
 		log.Fatalf("writing image %q: %v", t, err)
 	}
 }

pkg/crane/rebase.go

@@ -17,7 +17,6 @@ package crane
 import (
 	"fmt"
 	"log"
-	"net/http"
 
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -86,12 +85,7 @@ func rebase(orig, oldBase, newBase, rebased string) {
 		log.Fatalf("digesting rebased: %v", err)
 	}
 
-	auth, err := authn.DefaultKeychain.Resolve(rebasedTag.Context().Registry)
-	if err != nil {
-		log.Fatalf("getting creds for %q: %v", rebasedTag, err)
-	}
-
-	if err := remote.Write(rebasedTag, rebasedImg, auth, http.DefaultTransport); err != nil {
+	if err := remote.Write(rebasedTag, rebasedImg, remote.WithAuthFromKeychain(authn.DefaultKeychain)); err != nil {
 		log.Fatalf("writing image %q: %v", rebasedTag, err)
 	}
 	fmt.Print(dig.String())

pkg/gcrane/copy.go

@@ -18,7 +18,6 @@ import (
 	"context"
 	"fmt"
 	"log"
-	"net/http"
 	"strings"
 
 	"github.com/google/go-containerregistry/pkg/authn"
@@ -126,7 +125,7 @@ func copyImage(src, dst string, srcAuth, dstAuth authn.Authenticator) error {
 		return fmt.Errorf("reading image %q: %v", src, err)
 	}
 
-	if err := remote.Write(dstRef, img, dstAuth, http.DefaultTransport); err != nil {
+	if err := remote.Write(dstRef, img, remote.WithAuth(dstAuth)); err != nil {
 		return fmt.Errorf("writing image %q: %v", dst, err)
 	}
 
@@ -149,7 +148,7 @@ func copyIndex(src, dst string, srcAuth, dstAuth authn.Authenticator) error {
 		return fmt.Errorf("reading image %q: %v", src, err)
 	}
 
-	if err := remote.WriteIndex(dstRef, idx, dstAuth, http.DefaultTransport); err != nil {
+	if err := remote.WriteIndex(dstRef, idx, remote.WithAuth(dstAuth)); err != nil {
 		return fmt.Errorf("writing image %q: %v", dst, err)
 	}
 

pkg/registry/compatability_test.go

@@ -2,7 +2,6 @@ package registry_test
 
 import (
 	"bytes"
-	"net/http"
 	"net/http/httptest"
 	"strings"
 	"testing"
@@ -29,7 +28,7 @@ func TestPushAndPullContainer(t *testing.T) {
 		t.Fatalf("Unable to make random image: %v", err)
 	}
 
-	if err := remote.Write(d, i, nil, http.DefaultTransport); err != nil {
+	if err := remote.Write(d, i); err != nil {
 		t.Fatalf("Error writing image : %v", err)
 	}
 

pkg/v1/remote/delete.go

@@ -20,15 +20,18 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/google/go-containerregistry/pkg/v1/remote/transport"
 )
 
 // Delete removes the specified image reference from the remote registry.
-func Delete(ref name.Reference, auth authn.Authenticator, t http.RoundTripper) error {
+func Delete(ref name.Reference, options ...Option) error {
+	o, err := makeOptions(ref.Context().Registry, options...)
+	if err != nil {
+		return err
+	}
 	scopes := []string{ref.Scope(transport.DeleteScope)}
-	tr, err := transport.New(ref.Context().Registry, auth, t, scopes)
+	tr, err := transport.New(ref.Context().Registry, o.auth, o.transport, scopes)
 	if err != nil {
 		return err
 	}

pkg/v1/remote/delete_test.go

@@ -21,7 +21,6 @@ import (
 	"net/url"
 	"testing"
 
-	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
 )
 
@@ -52,7 +51,7 @@ func TestDelete(t *testing.T) {
 		t.Fatalf("NewTag() = %v", err)
 	}
 
-	if err := Delete(tag, authn.Anonymous, http.DefaultTransport); err != nil {
+	if err := Delete(tag); err != nil {
 		t.Errorf("Delete() = %v", err)
 	}
 }
@@ -84,7 +83,7 @@ func TestDeleteBadStatus(t *testing.T) {
 		t.Fatalf("NewTag() = %v", err)
 	}
 
-	if err := Delete(tag, authn.Anonymous, http.DefaultTransport); err == nil {
+	if err := Delete(tag); err == nil {
 		t.Error("Delete() = nil; wanted error")
 	}
 }

pkg/v1/remote/descriptor.go

@@ -23,7 +23,6 @@ import (
 	"net/url"
 	"strings"
 
-	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/partial"
@@ -52,17 +51,10 @@ type Descriptor struct {
 	platform v1.Platform
 }
 
-type imageOpener struct {
-	auth      authn.Authenticator
-	transport http.RoundTripper
-	ref       name.Reference
-	platform  v1.Platform
-}
-
 // Get returns a remote.Descriptor for the given reference. The response from
 // the registry is left un-interpreted, for the most part. This is useful for
 // querying what kind of artifact a reference represents.
-func Get(ref name.Reference, options ...ImageOption) (*Descriptor, error) {
+func Get(ref name.Reference, options ...Option) (*Descriptor, error) {
 	acceptable := []types.MediaType{
 		types.DockerManifestSchema2,
 		types.OCIManifestSchema1,
@@ -77,26 +69,19 @@ func Get(ref name.Reference, options ...ImageOption) (*Descriptor, error) {
 
 // Handle options and fetch the manifest with the acceptable MediaTypes in the
 // Accept header.
-func get(ref name.Reference, acceptable []types.MediaType, options ...ImageOption) (*Descriptor, error) {
-	i := &imageOpener{
-		auth:      authn.Anonymous,
-		transport: http.DefaultTransport,
-		ref:       ref,
-		platform:  defaultPlatform,
+func get(ref name.Reference, acceptable []types.MediaType, options ...Option) (*Descriptor, error) {
+	o, err := makeOptions(ref.Context().Registry, options...)
+	if err != nil {
+		return nil, err
 	}
 
-	for _, option := range options {
-		if err := option(i); err != nil {
-			return nil, err
-		}
-	}
-	tr, err := transport.New(i.ref.Context().Registry, i.auth, i.transport, []string{i.ref.Scope(transport.PullScope)})
+	tr, err := transport.New(ref.Context().Registry, o.auth, o.transport, []string{ref.Scope(transport.PullScope)})
 	if err != nil {
 		return nil, err
 	}
 
 	f := fetcher{
-		Ref:    i.ref,
+		Ref:    ref,
 		Client: &http.Client{Transport: tr},
 	}
 
@@ -109,7 +94,7 @@ func get(ref name.Reference, acceptable []types.MediaType, options ...ImageOptio
 		fetcher:    f,
 		Manifest:   b,
 		Descriptor: *desc,
-		platform:   i.platform,
+		platform:   o.platform,
 	}, nil
 }
 

pkg/v1/remote/image.go

@@ -41,9 +41,8 @@ type remoteImage struct {
 
 var _ partial.CompressedImageCore = (*remoteImage)(nil)
 
-// Image provides access to a remote image reference, applying functional options
-// to the underlying imageOpener before resolving the reference into a v1.Image.
-func Image(ref name.Reference, options ...ImageOption) (v1.Image, error) {
+// Image provides access to a remote image reference.
+func Image(ref name.Reference, options ...Option) (v1.Image, error) {
 	acceptable := []types.MediaType{
 		types.DockerManifestSchema2,
 		types.OCIManifestSchema1,

pkg/v1/remote/index.go

@@ -33,9 +33,8 @@ type remoteIndex struct {
 	mediaType    types.MediaType
 }
 
-// Index provides access to a remote index reference, applying functional options
-// to the underlying imageOpener before resolving the reference into a v1.ImageIndex.
-func Index(ref name.Reference, options ...ImageOption) (v1.ImageIndex, error) {
+// Index provides access to a remote index reference.
+func Index(ref name.Reference, options ...Option) (v1.ImageIndex, error) {
 	acceptable := []types.MediaType{
 		types.DockerManifestList,
 		types.OCIImageIndex,

pkg/v1/remote/list.go

@@ -20,7 +20,6 @@ import (
 	"net/http"
 	"net/url"
 
-	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/google/go-containerregistry/pkg/v1/remote/transport"
 )
@@ -30,10 +29,15 @@ type tags struct {
 	Tags []string `json:"tags"`
 }
 
-// List calls /tags/list for the given repository.
-func List(repo name.Repository, auth authn.Authenticator, t http.RoundTripper) ([]string, error) {
+// List calls /tags/list for the given repository, returning the list of tags
+// in the "tags" property.
+func List(repo name.Repository, options ...Option) ([]string, error) {
+	o, err := makeOptions(repo.Registry, options...)
+	if err != nil {
+		return nil, err
+	}
 	scopes := []string{repo.Scope(transport.PullScope)}
-	tr, err := transport.New(repo.Registry, auth, t, scopes)
+	tr, err := transport.New(repo.Registry, o.auth, o.transport, scopes)
 	if err != nil {
 		return nil, err
 	}