actions/runner
1
0
Fork 0
mirror of https://github.com/actions/runner.git synced 2025-12-12 15:13:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use GITHUB_TOKEN for ghcr.io containers if credentials are not provided (#990)

Browse Source 
* Use GITHUB_TOKEN for ghcr.io containers if credentials are not provided

* Use GITHUB_TOKEN also for containers in containers.pkg.github.com
This commit is contained in:
Alberto Gimeno
2021-02-19 03:55:58 +01:00
committed by GitHub
parent 67ff8d3460
commit 1559ff15ec
1 changed files with 3 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/Runner.Worker/ContainerOperationProvider.cs
View File

@@ -198,8 +198,7 @@ namespace GitHub.Runner.Worker
} }
} }
// TODO: Add at a later date. This currently no local package registry to test with UpdateRegistryAuthForGitHubToken(executionContext, container);
// UpdateRegistryAuthForGitHubToken(executionContext, container);
// Before pulling, generate client authentication if required // Before pulling, generate client authentication if required
var configLocation = await ContainerRegistryLogin(executionContext, container); var configLocation = await ContainerRegistryLogin(executionContext, container);
@@ -494,31 +493,14 @@ namespace GitHub.Runner.Worker
private void UpdateRegistryAuthForGitHubToken(IExecutionContext executionContext, ContainerInfo container) private void UpdateRegistryAuthForGitHubToken(IExecutionContext executionContext, ContainerInfo container)
{ {
var registryIsTokenCompatible = container.RegistryServer.Equals("docker.pkg.github.com", StringComparison.OrdinalIgnoreCase); var registryIsTokenCompatible = container.RegistryServer.Equals("ghcr.io", StringComparison.OrdinalIgnoreCase) || container.RegistryServer.Equals("containers.pkg.github.com", StringComparison.OrdinalIgnoreCase);
if (!registryIsTokenCompatible) if (!registryIsTokenCompatible)
{ {
return; return;
} }
var registryMatchesWorkflow = false;
// REGISTRY/OWNER/REPO/IMAGE[:TAG]
var imageParts = container.ContainerImage.Split('/');
if (imageParts.Length != 4)
{
executionContext.Warning($"Could not identify owner and repo for container image {container.ContainerImage}. Skipping automatic token auth");
return;
}
var owner = imageParts[1];
var repo = imageParts[2];
var nwo = $"{owner}/{repo}";
if (nwo.Equals(executionContext.GetGitHubContext("repository"), StringComparison.OrdinalIgnoreCase))
{
registryMatchesWorkflow = true;
}
var registryCredentialsNotSupplied = string.IsNullOrEmpty(container.RegistryAuthUsername) && string.IsNullOrEmpty(container.RegistryAuthPassword); var registryCredentialsNotSupplied = string.IsNullOrEmpty(container.RegistryAuthUsername) && string.IsNullOrEmpty(container.RegistryAuthPassword);
if (registryCredentialsNotSupplied && registryMatchesWorkflow) if (registryCredentialsNotSupplied)
{ {
container.RegistryAuthUsername = executionContext.GetGitHubContext("actor"); container.RegistryAuthUsername = executionContext.GetGitHubContext("actor");
container.RegistryAuthPassword = executionContext.GetGitHubContext("token"); container.RegistryAuthPassword = executionContext.GetGitHubContext("token");