1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-01-20 18:52:16 +00:00
kyverno/pkg/engine/factories/registryclientfactory.go
Charles-Edouard Brétéché a135076661
refactor: remove manual keychain refresh from client (#7806)
Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-07-11 15:19:44 +02:00

50 lines
1.6 KiB
Go

package factories
import (
"context"
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
"github.com/kyverno/kyverno/pkg/engine/adapters"
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
"github.com/kyverno/kyverno/pkg/registryclient"
corev1listers "k8s.io/client-go/listers/core/v1"
)
func DefaultRegistryClientFactory(globalClient engineapi.RegistryClient, secretsLister corev1listers.SecretNamespaceLister) engineapi.RegistryClientFactory {
return &registryClientFactory{
globalClient: globalClient,
secretsLister: secretsLister,
}
}
type registryClientFactory struct {
globalClient engineapi.RegistryClient
secretsLister corev1listers.SecretNamespaceLister
}
func (f *registryClientFactory) GetClient(ctx context.Context, creds *kyvernov1.ImageRegistryCredentials) (engineapi.RegistryClient, error) {
if creds != nil {
registryOptions := []registryclient.Option{
registryclient.WithTracing(),
}
if creds.AllowInsecureRegistry {
registryOptions = append(registryOptions, registryclient.WithAllowInsecureRegistry())
}
if len(creds.Providers) > 0 {
var providers []string
for _, helper := range creds.Providers {
providers = append(providers, string(helper))
}
registryOptions = append(registryOptions, registryclient.WithCredentialProviders(providers...))
}
if len(creds.Secrets) > 0 {
registryOptions = append(registryOptions, registryclient.WithKeychainPullSecrets(f.secretsLister, creds.Secrets...))
}
client, err := registryclient.New(registryOptions...)
if err != nil {
return nil, err
}
return adapters.RegistryClient(client), nil
}
return f.globalClient, nil
}