Merge pull request #897 from ManoManoTech/panic-oci-auth

Handle nil OCI authenticator with malformed registry

controllers/helmrepository_controller_oci.go

@@ -382,5 +382,9 @@ func oidcAuthFromAdapter(ctx context.Context, url, provider string) (helmreg.Log
 		return nil, err
 	}
 
+	if auth == nil {
+		return nil, fmt.Errorf("could not validate OCI provider %s with URL %s", provider, url)
+	}
+
 	return registry.OIDCAdaptHelper(auth)
 }

controllers/helmrepository_controller_oci_test.go

@@ -229,6 +229,15 @@ func TestHelmRepositoryOCIReconciler_authStrategy(t *testing.T) {
 				*conditions.FalseCondition(meta.ReadyCondition, sourcev1.AuthenticationFailedReason, "failed to get credential from"),
 			},
 		},
+		{
+			name:        "with contextual login provider and invalid repository URL",
+			wantErr:     true,
+			provider:    "aws",
+			providerImg: "oci://123456789000.dkr.ecr.us-east-2.amazonaws.com",
+			assertConditions: []metav1.Condition{
+				*conditions.FalseCondition(meta.ReadyCondition, sourcev1.AuthenticationFailedReason, "failed to get credential from"),
+			},
+		},
 		{
 			name: "with contextual login provider and secretRef",
 			want: ctrl.Result{RequeueAfter: interval},