Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AuthHandshakeMessageHandler: sync behavior with other clients. #43491

Merged
merged 4 commits into from
Oct 7, 2024

Conversation

tmds
Copy link
Member

@tmds tmds commented Sep 17, 2024

Fixes #43319

  • Removes the special handling of the '<token>' username. This value is used as a sentinel from credential-helper scripts/programs. It is already handled by the docker-creds-provider .NET library.

  • When there is no identity token, use the username/password with Basic auth.

- Removes the special handling of the '<token>' username. This value is used
as a sentinel from credential-helper scripts/programs. It is already handled
by the docker-creds-provider .NET library.

- When there is no identity token, use the username/password with Basic auth.
@dotnet-issue-labeler dotnet-issue-labeler bot added Area-Containers Related to dotnet SDK containers functionality untriaged Request triage from a team member labels Sep 17, 2024
@tmds
Copy link
Member Author

tmds commented Sep 17, 2024

@baronfel ptal. This is my understanding of the desired behavior after reading through some of the other clients code.

I am going to do some validation. I wanted to make a PR already to get early feedback.

I will include some tests when we settled on the behavior.

@tmds tmds requested a review from a team as a code owner September 18, 2024 11:23
@tmds
Copy link
Member Author

tmds commented Sep 18, 2024

I've added a test that mocks the server behavior.

Compared to the main branch, there are two functional changes:

@baronfel
Copy link
Member

THANK YOU for the tests here - that's making it much easier to debug and reason about.

@baronfel
Copy link
Member

I can't test this against baronfel/sdk-container-demo because this is targeted at main and the package produced has assembly load issues on a 9 SDK.

@tmds
Copy link
Member Author

tmds commented Sep 18, 2024

I can't test this against baronfel/sdk-container-demo because this is targeted at main and the package produced has assembly load issues on a 9 SDK.

I can target the 9.0 branch, if that helps for verification?

@baronfel
Copy link
Member

That would be incredibly helpful. If testing passed we were going to try to backport the fix to 9 anyway.

@tmds tmds force-pushed the container_auth_update branch from f83a09a to 64204ed Compare September 18, 2024 16:39
@tmds tmds requested review from a team, tmat and arunchndr as code owners September 18, 2024 16:39
@tmds tmds changed the base branch from main to release/9.0.1xx September 18, 2024 16:40
@tmds
Copy link
Member Author

tmds commented Sep 18, 2024

The PR is now targeting the 9.0 branch.

@333fred 333fred removed request for a team, tmat and arunchndr September 18, 2024 16:52
@baronfel baronfel removed the request for review from a team September 18, 2024 17:14
@tmds tmds requested review from a team as code owners September 19, 2024 08:19
@tmds tmds changed the base branch from release/9.0.1xx to main September 19, 2024 08:20
@tmds
Copy link
Member Author

tmds commented Sep 19, 2024

I've changed the target branch back to main.

Sorry for code view requests, it is out of my control.

@baronfel baronfel requested review from a team and removed request for a team September 23, 2024 14:44
@baronfel
Copy link
Member

The one test failure here is the crypto 'no more endpoints' known build error, not relevant to this PR.

@baronfel
Copy link
Member

@tmds it looks like the full-framework test leg is consistently failing, can you take a look?

@tmds
Copy link
Member Author

tmds commented Sep 23, 2024

@baronfel I don't see anything other than the mentioned "There are no more endpoints available from the endpoint mapper." in the Azure CI. Do you see something different in some log/artifact?

I haven't tried to reproduce the issue by running the full-framework tests because I don't have a Windows machine.

@baronfel
Copy link
Member

Oh, in that case that's fine. This error has been endemic recently :(

@tmds
Copy link
Member Author

tmds commented Sep 24, 2024

This error has been endemic recently :(

I skimmed through dotnet/dnceng#3844 and it may not be fixed soon.

Does it affect many tests besides RegistryTests.InsecureRegistry?

If you need to continuously manually filter these out, it may be worth either skipping tests (under a limited set of conditions), or catching the exception and allowing the test to pass at that point.

@tmds
Copy link
Member Author

tmds commented Sep 25, 2024

@baronfel is this good to merge? Or are we waiting for additional reviewers?

Once merged, can you initiate the backport to 9.0?

@baronfel
Copy link
Member

Just awaiting review - we can trigger the backport for sure!

@baronfel
Copy link
Member

baronfel commented Sep 25, 2024

@dotnet/product-construction had to rerun this PR due to the sdk-unified-build leg, I was told to ping you as this happens.

@baronfel
Copy link
Member

baronfel commented Oct 7, 2024

/azp run sdk-unified-build

Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@baronfel baronfel merged commit 0b3ce51 into dotnet:main Oct 7, 2024
37 checks passed
@baronfel
Copy link
Member

baronfel commented Oct 7, 2024

/backport to release/9.0.1xx

Copy link
Contributor

github-actions bot commented Oct 7, 2024

Started backporting to release/9.0.1xx: https://github.com/dotnet/sdk/actions/runs/11220724421

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Area-Containers Related to dotnet SDK containers functionality untriaged Request triage from a team member
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Unable to authenticate against the OpenShift internal registry using a token.
3 participants