+4 -2

Dockerfile.scanner

reviewed

··· 8 8 9 9 WORKDIR /build 10 10 11 11 - # Copy go.work and both module definitions first for layer caching 12 12 - COPY go.work ./ 11 11 + # Disable workspace mode — go.work references modules not in the Docker context 12 12 + ENV GOWORK=off 13 13 + 14 14 + # Copy module definitions first for layer caching 13 15 COPY go.mod go.sum ./ 14 16 COPY scanner/go.mod scanner/go.sum ./scanner/ 15 17

+29 -24

Formula/docker-credential-atcr.rb

reviewed

··· 4 4 class DockerCredentialAtcr < Formula 5 5 desc "Docker credential helper for ATCR (ATProto Container Registry)" 6 6 homepage "https://atcr.io" 7 7 - url "https://github.com/atcr-io/atcr/archive/refs/tags/v0.0.1.tar.gz" 8 8 - sha256 "REPLACE_WITH_TARBALL_SHA256" 7 7 + version "0.0.1" 9 8 license "MIT" 10 10 - head "https://github.com/atcr-io/atcr.git", branch: "main" 9 9 + 10 10 + on_macos do 11 11 + on_arm do 12 12 + url "https://tangled.org/evan.jarrett.net/at-container-registry/tags/v0.0.1/download/docker-credential-atcr_0.0.1_Darwin_arm64.tar.gz" 13 13 + sha256 "REPLACE_WITH_SHA256" 14 14 + end 15 15 + on_intel do 16 16 + url "https://tangled.org/evan.jarrett.net/at-container-registry/tags/v0.0.1/download/docker-credential-atcr_0.0.1_Darwin_x86_64.tar.gz" 17 17 + sha256 "REPLACE_WITH_SHA256" 18 18 + end 19 19 + end 11 20 12 12 - depends_on "go" => :build 21 21 + on_linux do 22 22 + on_arm do 23 23 + url "https://tangled.org/evan.jarrett.net/at-container-registry/tags/v0.0.1/download/docker-credential-atcr_0.0.1_Linux_arm64.tar.gz" 24 24 + sha256 "REPLACE_WITH_SHA256" 25 25 + end 26 26 + on_intel do 27 27 + url "https://tangled.org/evan.jarrett.net/at-container-registry/tags/v0.0.1/download/docker-credential-atcr_0.0.1_Linux_x86_64.tar.gz" 28 28 + sha256 "REPLACE_WITH_SHA256" 29 29 + end 30 30 + end 13 31 14 32 def install 15 15 - # Build the credential helper binary 16 16 - # Use ldflags to inject version information 17 17 - ldflags = %W[ 18 18 - -s -w 19 19 - -X main.version=#{version} 20 20 - -X main.commit=#{tap.user} 21 21 - -X main.date=#{time.iso8601} 22 22 - ] 23 23 - 24 24 - system "go", "build", *std_go_args(ldflags:, output: bin/"docker-credential-atcr"), "./cmd/credential-helper" 33 33 + bin.install "docker-credential-atcr" 25 34 end 26 35 27 36 test do 28 28 - # Test that the binary exists and is executable 29 37 assert_match version.to_s, shell_output("#{bin}/docker-credential-atcr version 2>&1") 30 38 end 31 39 ··· 34 42 To configure Docker to use ATCR credential helper, add the following 35 43 to your ~/.docker/config.json: 36 44 37 37 - { 38 38 - "credHelpers": { 39 39 - "atcr.io": "atcr" 45 45 + { 46 46 + "credHelpers": { 47 47 + "atcr.io": "atcr" 48 48 + } 40 49 } 41 41 - } 42 50 43 43 - Note: The credential helper name is "atcr" (Docker automatically prefixes 44 44 - with "docker-credential-" when looking for the binary). 51 51 + Or run: docker-credential-atcr configure-docker 45 52 46 53 To authenticate with ATCR: 47 54 docker push atcr.io/<your-handle>/<image>:latest 48 55 49 49 - This will open your browser to complete the OAuth device flow. 50 50 - 51 51 - Configuration is stored in: ~/.atcr/device.json 56 56 + Configuration is stored in: ~/.atcr/config.json 52 57 EOS 53 58 end 54 59 end

+18 -3

Makefile

reviewed

··· 3 3 4 4 .PHONY: all build build-appview build-hold build-credential-helper build-oauth-helper \ 5 5 generate test test-race test-verbose lint clean help install-credential-helper \ 6 6 - develop develop-detached develop-down dev 6 6 + develop develop-detached develop-down dev \ 7 7 + docker docker-appview docker-hold docker-scanner 7 8 8 9 .DEFAULT_GOAL := help 9 10 ··· 40 41 @mkdir -p bin 41 42 go build -o bin/atcr-hold ./cmd/hold 42 43 43 43 - build-credential-helper: $(GENERATED_ASSETS) ## Build credential helper only 44 44 + build-credential-helper: ## Build credential helper only 44 45 @echo "→ Building credential helper..." 45 46 @mkdir -p bin 46 47 go build -o bin/docker-credential-atcr ./cmd/credential-helper 47 48 48 48 - build-oauth-helper: $(GENERATED_ASSETS) ## Build OAuth helper only 49 49 + build-oauth-helper: ## Build OAuth helper only 49 50 @echo "→ Building OAuth helper..." 50 51 @mkdir -p bin 51 52 go build -o bin/oauth-helper ./cmd/oauth-helper ··· 88 89 air -c .air.toml 89 90 90 91 ##@ Docker Targets 92 92 + 93 93 + docker: docker-appview docker-hold docker-scanner ## Build all Docker images 94 94 + 95 95 + docker-appview: ## Build appview Docker image 96 96 + @echo "→ Building appview Docker image..." 97 97 + docker build -f Dockerfile.appview -t atcr.io/atcr.io/appview:latest . 98 98 + 99 99 + docker-hold: ## Build hold Docker image 100 100 + @echo "→ Building hold Docker image..." 101 101 + docker build -f Dockerfile.hold -t atcr.io/atcr.io/hold:latest . 102 102 + 103 103 + docker-scanner: ## Build scanner Docker image 104 104 + @echo "→ Building scanner Docker image..." 105 105 + docker build -f Dockerfile.scanner -t atcr.io/atcr.io/scanner:latest . 91 106 92 107 develop: ## Build and start docker-compose with Air hot reload 93 108 @echo "→ Building Docker images..."

+159

cmd/credential-helper/cmd_configure.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "encoding/json" 5 5 + "fmt" 6 6 + "os" 7 7 + "path/filepath" 8 8 + "strings" 9 9 + 10 10 + "github.com/charmbracelet/huh" 11 11 + "github.com/spf13/cobra" 12 12 + ) 13 13 + 14 14 + func newConfigureDockerCmd() *cobra.Command { 15 15 + return &cobra.Command{ 16 16 + Use: "configure-docker", 17 17 + Short: "Configure Docker to use this credential helper", 18 18 + Long: "Adds or updates the credHelpers entry in ~/.docker/config.json\nfor all configured registries.", 19 19 + RunE: runConfigureDocker, 20 20 + } 21 21 + } 22 22 + 23 23 + func runConfigureDocker(cmd *cobra.Command, args []string) error { 24 24 + cfg, err := loadConfig() 25 25 + if err != nil { 26 26 + return fmt.Errorf("loading config: %w", err) 27 27 + } 28 28 + 29 29 + if len(cfg.Registries) == 0 { 30 30 + fmt.Fprintf(os.Stderr, "No registries configured.\n") 31 31 + fmt.Fprintf(os.Stderr, "Run: docker-credential-atcr login\n") 32 32 + return nil 33 33 + } 34 34 + 35 35 + // Collect registry hosts 36 36 + var hosts []string 37 37 + for url := range cfg.Registries { 38 38 + host := strings.TrimPrefix(url, "https://") 39 39 + host = strings.TrimPrefix(host, "http://") 40 40 + hosts = append(hosts, host) 41 41 + } 42 42 + 43 43 + dockerConfigPath := getDockerConfigPath() 44 44 + 45 45 + // Load existing Docker config 46 46 + dockerCfg := loadDockerConfig() 47 47 + if dockerCfg == nil { 48 48 + dockerCfg = make(map[string]any) 49 49 + } 50 50 + 51 51 + // Get or create credHelpers 52 52 + helpers, ok := dockerCfg["credHelpers"] 53 53 + if !ok { 54 54 + helpers = make(map[string]any) 55 55 + } 56 56 + helpersMap, ok := helpers.(map[string]any) 57 57 + if !ok { 58 58 + helpersMap = make(map[string]any) 59 59 + } 60 60 + 61 61 + // Check what needs to change 62 62 + var toAdd []string 63 63 + for _, host := range hosts { 64 64 + current, exists := helpersMap[host] 65 65 + if !exists || current != "atcr" { 66 66 + toAdd = append(toAdd, host) 67 67 + } 68 68 + } 69 69 + 70 70 + if len(toAdd) == 0 { 71 71 + fmt.Printf("Docker is already configured for all registries.\n") 72 72 + return nil 73 73 + } 74 74 + 75 75 + fmt.Printf("Will update %s:\n", dockerConfigPath) 76 76 + for _, host := range toAdd { 77 77 + fmt.Printf(" + credHelpers[%q] = \"atcr\"\n", host) 78 78 + } 79 79 + fmt.Println() 80 80 + 81 81 + var confirm bool 82 82 + err = huh.NewConfirm(). 83 83 + Title("Apply changes?"). 84 84 + Value(&confirm). 85 85 + Run() 86 86 + if err != nil || !confirm { 87 87 + fmt.Fprintf(os.Stderr, "Cancelled.\n") 88 88 + return nil 89 89 + } 90 90 + 91 91 + // Apply changes 92 92 + for _, host := range toAdd { 93 93 + helpersMap[host] = "atcr" 94 94 + } 95 95 + dockerCfg["credHelpers"] = helpersMap 96 96 + 97 97 + // Remove conflicting credsStore if it exists and we're adding credHelpers 98 98 + if _, hasStore := dockerCfg["credsStore"]; hasStore { 99 99 + fmt.Fprintf(os.Stderr, "Note: credsStore is set — credHelpers takes precedence for configured registries.\n") 100 100 + } 101 101 + 102 102 + if err := saveDockerConfig(dockerConfigPath, dockerCfg); err != nil { 103 103 + return fmt.Errorf("saving Docker config: %w", err) 104 104 + } 105 105 + 106 106 + fmt.Printf("Docker configured successfully.\n") 107 107 + return nil 108 108 + } 109 109 + 110 110 + // getDockerConfigPath returns the path to Docker's config.json 111 111 + func getDockerConfigPath() string { 112 112 + // Check DOCKER_CONFIG env var first 113 113 + if dir := os.Getenv("DOCKER_CONFIG"); dir != "" { 114 114 + return filepath.Join(dir, "config.json") 115 115 + } 116 116 + 117 117 + homeDir, err := os.UserHomeDir() 118 118 + if err != nil { 119 119 + return "" 120 120 + } 121 121 + return filepath.Join(homeDir, ".docker", "config.json") 122 122 + } 123 123 + 124 124 + // loadDockerConfig loads Docker's config.json as a generic map 125 125 + func loadDockerConfig() map[string]any { 126 126 + path := getDockerConfigPath() 127 127 + if path == "" { 128 128 + return nil 129 129 + } 130 130 + 131 131 + data, err := os.ReadFile(path) 132 132 + if err != nil { 133 133 + return nil 134 134 + } 135 135 + 136 136 + var config map[string]any 137 137 + if err := json.Unmarshal(data, &config); err != nil { 138 138 + return nil 139 139 + } 140 140 + 141 141 + return config 142 142 + } 143 143 + 144 144 + // saveDockerConfig writes Docker's config.json 145 145 + func saveDockerConfig(path string, config map[string]any) error { 146 146 + // Ensure directory exists 147 147 + dir := filepath.Dir(path) 148 148 + if err := os.MkdirAll(dir, 0700); err != nil { 149 149 + return err 150 150 + } 151 151 + 152 152 + data, err := json.MarshalIndent(config, "", "\t") 153 153 + if err != nil { 154 154 + return err 155 155 + } 156 156 + data = append(data, '\n') 157 157 + 158 158 + return os.WriteFile(path, data, 0600) 159 159 + }

+181

cmd/credential-helper/cmd_login.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "bufio" 5 5 + "fmt" 6 6 + "os" 7 7 + "strings" 8 8 + 9 9 + "github.com/charmbracelet/huh" 10 10 + "github.com/charmbracelet/huh/spinner" 11 11 + "github.com/spf13/cobra" 12 12 + ) 13 13 + 14 14 + func newLoginCmd() *cobra.Command { 15 15 + cmd := &cobra.Command{ 16 16 + Use: "login [registry]", 17 17 + Short: "Authenticate with a container registry", 18 18 + Long: "Starts a device authorization flow to authenticate with a registry.\nDefault registry: atcr.io", 19 19 + Args: cobra.MaximumNArgs(1), 20 20 + RunE: runLogin, 21 21 + } 22 22 + return cmd 23 23 + } 24 24 + 25 25 + func runLogin(cmd *cobra.Command, args []string) error { 26 26 + serverURL := "atcr.io" 27 27 + if len(args) > 0 { 28 28 + serverURL = args[0] 29 29 + } 30 30 + 31 31 + appViewURL := buildAppViewURL(serverURL) 32 32 + 33 33 + cfg, err := loadConfig() 34 34 + if err != nil { 35 35 + fmt.Fprintf(os.Stderr, "Warning: config load error: %v\n", err) 36 36 + } 37 37 + 38 38 + // Check if already logged in 39 39 + reg := cfg.findRegistry(appViewURL) 40 40 + if reg != nil && len(reg.Accounts) > 0 { 41 41 + var lines []string 42 42 + for _, acct := range reg.Accounts { 43 43 + lines = append(lines, acct.Handle) 44 44 + } 45 45 + 46 46 + var addAnother bool 47 47 + err := huh.NewConfirm(). 48 48 + Title("Already logged in to " + appViewURL). 49 49 + Description("Accounts: " + strings.Join(lines, ", ")). 50 50 + Value(&addAnother). 51 51 + Affirmative("Add another account"). 52 52 + Negative("Cancel"). 53 53 + Run() 54 54 + if err != nil || !addAnother { 55 55 + return nil 56 56 + } 57 57 + } 58 58 + 59 59 + // 1. Request device code 60 60 + codeResp, resolvedURL, err := requestDeviceCode(serverURL) 61 61 + if err != nil { 62 62 + return fmt.Errorf("device authorization failed: %w", err) 63 63 + } 64 64 + 65 65 + verificationURL := codeResp.VerificationURI + "?user_code=" + codeResp.UserCode 66 66 + 67 67 + // 2. Show code and open browser 68 68 + fmt.Fprintln(os.Stderr) 69 69 + logWarning("First copy your one-time code: %s", bold(codeResp.UserCode)) 70 70 + 71 71 + if isTerminal(os.Stdin) { 72 72 + // Interactive: wait for Enter before opening browser 73 73 + logInfof("Press Enter to open %s in your browser... ", codeResp.VerificationURI) 74 74 + reader := bufio.NewReader(os.Stdin) 75 75 + reader.ReadString('\n') //nolint:errcheck 76 76 + 77 77 + if err := openBrowser(verificationURL); err != nil { 78 78 + logWarning("Could not open browser automatically.") 79 79 + fmt.Fprintf(os.Stderr, " Visit: %s\n", verificationURL) 80 80 + } 81 81 + } else { 82 82 + // Non-interactive: just print the URL 83 83 + logInfo("Visit this URL in your browser:") 84 84 + fmt.Fprintf(os.Stderr, " %s\n", verificationURL) 85 85 + } 86 86 + 87 87 + // 3. Poll for authorization with spinner 88 88 + var acct *Account 89 89 + var pollErr error 90 90 + if err := spinner.New(). 91 91 + Title("Waiting for authentication..."). 92 92 + Action(func() { 93 93 + acct, pollErr = pollDeviceToken(resolvedURL, codeResp) 94 94 + }). 95 95 + Run(); err != nil { 96 96 + return err 97 97 + } 98 98 + if pollErr != nil { 99 99 + return fmt.Errorf("device authorization failed: %w", pollErr) 100 100 + } 101 101 + 102 102 + logSuccess("Authentication complete.") 103 103 + 104 104 + // 4. Save 105 105 + cfg.addAccount(resolvedURL, acct) 106 106 + if err := cfg.save(); err != nil { 107 107 + return fmt.Errorf("saving config: %w", err) 108 108 + } 109 109 + 110 110 + logSuccess("Logged in as %s on %s", bold(acct.Handle), resolvedURL) 111 111 + 112 112 + // 5. Offer to configure Docker if not already set up 113 113 + if isTerminal(os.Stdin) && !isDockerConfigured(serverURL) { 114 114 + fmt.Fprintf(os.Stderr, "\n") 115 115 + var configureDkr bool 116 116 + err := huh.NewConfirm(). 117 117 + Title("Configure Docker to use this credential helper?"). 118 118 + Description("Adds credHelpers entry to ~/.docker/config.json"). 119 119 + Value(&configureDkr). 120 120 + Run() 121 121 + if err == nil && configureDkr { 122 122 + if configureErr := configureDockerForRegistry(serverURL); configureErr != nil { 123 123 + logWarning("Failed to configure Docker: %v", configureErr) 124 124 + } else { 125 125 + logSuccess("Configured Docker for %s", serverURL) 126 126 + } 127 127 + } 128 128 + } 129 129 + 130 130 + return nil 131 131 + } 132 132 + 133 133 + // isDockerConfigured checks if Docker's config.json has this registry in credHelpers 134 134 + func isDockerConfigured(serverURL string) bool { 135 135 + dockerConfig := loadDockerConfig() 136 136 + if dockerConfig == nil { 137 137 + return false 138 138 + } 139 139 + 140 140 + helpers, ok := dockerConfig["credHelpers"] 141 141 + if !ok { 142 142 + return false 143 143 + } 144 144 + 145 145 + helpersMap, ok := helpers.(map[string]any) 146 146 + if !ok { 147 147 + return false 148 148 + } 149 149 + 150 150 + host := strings.TrimPrefix(serverURL, "https://") 151 151 + host = strings.TrimPrefix(host, "http://") 152 152 + 153 153 + _, ok = helpersMap[host] 154 154 + return ok 155 155 + } 156 156 + 157 157 + // configureDockerForRegistry adds a credHelpers entry for a single registry 158 158 + func configureDockerForRegistry(serverURL string) error { 159 159 + host := strings.TrimPrefix(serverURL, "https://") 160 160 + host = strings.TrimPrefix(host, "http://") 161 161 + 162 162 + dockerConfigPath := getDockerConfigPath() 163 163 + dockerCfg := loadDockerConfig() 164 164 + if dockerCfg == nil { 165 165 + dockerCfg = make(map[string]any) 166 166 + } 167 167 + 168 168 + helpers, ok := dockerCfg["credHelpers"] 169 169 + if !ok { 170 170 + helpers = make(map[string]any) 171 171 + } 172 172 + helpersMap, ok := helpers.(map[string]any) 173 173 + if !ok { 174 174 + helpersMap = make(map[string]any) 175 175 + } 176 176 + 177 177 + helpersMap[host] = "atcr" 178 178 + dockerCfg["credHelpers"] = helpersMap 179 179 + 180 180 + return saveDockerConfig(dockerConfigPath, dockerCfg) 181 181 + }

+93

cmd/credential-helper/cmd_logout.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "fmt" 5 5 + "os" 6 6 + "sort" 7 7 + 8 8 + "github.com/charmbracelet/huh" 9 9 + "github.com/spf13/cobra" 10 10 + ) 11 11 + 12 12 + func newLogoutCmd() *cobra.Command { 13 13 + return &cobra.Command{ 14 14 + Use: "logout [registry]", 15 15 + Short: "Remove account credentials", 16 16 + Long: "Remove stored credentials for an account.\nDefault registry: atcr.io", 17 17 + Args: cobra.MaximumNArgs(1), 18 18 + RunE: runLogout, 19 19 + } 20 20 + } 21 21 + 22 22 + func runLogout(cmd *cobra.Command, args []string) error { 23 23 + serverURL := "atcr.io" 24 24 + if len(args) > 0 { 25 25 + serverURL = args[0] 26 26 + } 27 27 + 28 28 + appViewURL := buildAppViewURL(serverURL) 29 29 + 30 30 + cfg, err := loadConfig() 31 31 + if err != nil { 32 32 + return fmt.Errorf("loading config: %w", err) 33 33 + } 34 34 + 35 35 + reg := cfg.findRegistry(appViewURL) 36 36 + if reg == nil || len(reg.Accounts) == 0 { 37 37 + fmt.Fprintf(os.Stderr, "No accounts configured for %s.\n", serverURL) 38 38 + return nil 39 39 + } 40 40 + 41 41 + // Determine which account to remove 42 42 + var handle string 43 43 + 44 44 + if len(reg.Accounts) == 1 { 45 45 + for h := range reg.Accounts { 46 46 + handle = h 47 47 + } 48 48 + } else { 49 49 + // Multiple accounts — select which to remove 50 50 + var handles []string 51 51 + for h := range reg.Accounts { 52 52 + handles = append(handles, h) 53 53 + } 54 54 + sort.Strings(handles) 55 55 + 56 56 + var options []huh.Option[string] 57 57 + for _, h := range handles { 58 58 + label := h 59 59 + if h == reg.Active { 60 60 + label += " (active)" 61 61 + } 62 62 + options = append(options, huh.NewOption(label, h)) 63 63 + } 64 64 + 65 65 + err := huh.NewSelect[string](). 66 66 + Title("Which account to remove?"). 67 67 + Options(options...). 68 68 + Value(&handle). 69 69 + Run() 70 70 + if err != nil { 71 71 + return err 72 72 + } 73 73 + } 74 74 + 75 75 + // Confirm 76 76 + var confirm bool 77 77 + err = huh.NewConfirm(). 78 78 + Title(fmt.Sprintf("Remove %s from %s?", handle, serverURL)). 79 79 + Value(&confirm). 80 80 + Run() 81 81 + if err != nil || !confirm { 82 82 + fmt.Fprintf(os.Stderr, "Cancelled.\n") 83 83 + return nil 84 84 + } 85 85 + 86 86 + cfg.removeAccount(appViewURL, handle) 87 87 + if err := cfg.save(); err != nil { 88 88 + return fmt.Errorf("saving config: %w", err) 89 89 + } 90 90 + 91 91 + fmt.Printf("Removed %s from %s\n", handle, serverURL) 92 92 + return nil 93 93 + }

+65

cmd/credential-helper/cmd_status.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "fmt" 5 5 + "os" 6 6 + "sort" 7 7 + 8 8 + "github.com/spf13/cobra" 9 9 + ) 10 10 + 11 11 + func newStatusCmd() *cobra.Command { 12 12 + return &cobra.Command{ 13 13 + Use: "status", 14 14 + Short: "Show all configured accounts", 15 15 + RunE: runStatus, 16 16 + } 17 17 + } 18 18 + 19 19 + func runStatus(cmd *cobra.Command, args []string) error { 20 20 + cfg, err := loadConfig() 21 21 + if err != nil { 22 22 + return fmt.Errorf("loading config: %w", err) 23 23 + } 24 24 + 25 25 + if len(cfg.Registries) == 0 { 26 26 + fmt.Fprintf(os.Stderr, "No accounts configured.\n") 27 27 + fmt.Fprintf(os.Stderr, "Run: docker-credential-atcr login\n") 28 28 + return nil 29 29 + } 30 30 + 31 31 + // Sort registry URLs for stable output 32 32 + var urls []string 33 33 + for url := range cfg.Registries { 34 34 + urls = append(urls, url) 35 35 + } 36 36 + sort.Strings(urls) 37 37 + 38 38 + for _, url := range urls { 39 39 + reg := cfg.Registries[url] 40 40 + fmt.Printf("%s\n", url) 41 41 + 42 42 + // Sort handles for stable output 43 43 + var handles []string 44 44 + for h := range reg.Accounts { 45 45 + handles = append(handles, h) 46 46 + } 47 47 + sort.Strings(handles) 48 48 + 49 49 + for _, handle := range handles { 50 50 + acct := reg.Accounts[handle] 51 51 + marker := " " 52 52 + if handle == reg.Active { 53 53 + marker = "* " 54 54 + } 55 55 + did := "" 56 56 + if acct.DID != "" { 57 57 + did = fmt.Sprintf(" (%s)", acct.DID) 58 58 + } 59 59 + fmt.Printf(" %s%s%s\n", marker, handle, did) 60 60 + } 61 61 + fmt.Println() 62 62 + } 63 63 + 64 64 + return nil 65 65 + }

+96

cmd/credential-helper/cmd_switch.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "fmt" 5 5 + "os" 6 6 + "sort" 7 7 + 8 8 + "github.com/charmbracelet/huh" 9 9 + "github.com/spf13/cobra" 10 10 + ) 11 11 + 12 12 + func newSwitchCmd() *cobra.Command { 13 13 + return &cobra.Command{ 14 14 + Use: "switch [registry]", 15 15 + Short: "Switch the active account for a registry", 16 16 + Long: "Switch the active account used for Docker operations.\nDefault registry: atcr.io", 17 17 + Args: cobra.MaximumNArgs(1), 18 18 + RunE: runSwitch, 19 19 + } 20 20 + } 21 21 + 22 22 + func runSwitch(cmd *cobra.Command, args []string) error { 23 23 + serverURL := "atcr.io" 24 24 + if len(args) > 0 { 25 25 + serverURL = args[0] 26 26 + } 27 27 + 28 28 + appViewURL := buildAppViewURL(serverURL) 29 29 + 30 30 + cfg, err := loadConfig() 31 31 + if err != nil { 32 32 + return fmt.Errorf("loading config: %w", err) 33 33 + } 34 34 + 35 35 + reg := cfg.findRegistry(appViewURL) 36 36 + if reg == nil || len(reg.Accounts) == 0 { 37 37 + fmt.Fprintf(os.Stderr, "No accounts configured for %s.\n", serverURL) 38 38 + fmt.Fprintf(os.Stderr, "Run: docker-credential-atcr login\n") 39 39 + return nil 40 40 + } 41 41 + 42 42 + if len(reg.Accounts) == 1 { 43 43 + for h := range reg.Accounts { 44 44 + fmt.Fprintf(os.Stderr, "Only one account (%s) — nothing to switch.\n", h) 45 45 + } 46 46 + return nil 47 47 + } 48 48 + 49 49 + // For exactly 2 accounts, just toggle 50 50 + if len(reg.Accounts) == 2 { 51 51 + for h := range reg.Accounts { 52 52 + if h != reg.Active { 53 53 + reg.Active = h 54 54 + if err := cfg.save(); err != nil { 55 55 + return fmt.Errorf("saving config: %w", err) 56 56 + } 57 57 + fmt.Printf("Switched to %s on %s\n", h, serverURL) 58 58 + return nil 59 59 + } 60 60 + } 61 61 + } 62 62 + 63 63 + // 3+ accounts: interactive select 64 64 + var handles []string 65 65 + for h := range reg.Accounts { 66 66 + handles = append(handles, h) 67 67 + } 68 68 + sort.Strings(handles) 69 69 + 70 70 + var options []huh.Option[string] 71 71 + for _, h := range handles { 72 72 + label := h 73 73 + if h == reg.Active { 74 74 + label += " (current)" 75 75 + } 76 76 + options = append(options, huh.NewOption(label, h)) 77 77 + } 78 78 + 79 79 + var selected string 80 80 + err = huh.NewSelect[string](). 81 81 + Title("Select account for " + serverURL). 82 82 + Options(options...). 83 83 + Value(&selected). 84 84 + Run() 85 85 + if err != nil { 86 86 + return err 87 87 + } 88 88 + 89 89 + reg.Active = selected 90 90 + if err := cfg.save(); err != nil { 91 91 + return fmt.Errorf("saving config: %w", err) 92 92 + } 93 93 + 94 94 + fmt.Printf("Switched to %s on %s\n", selected, serverURL) 95 95 + return nil 96 96 + }

+281

cmd/credential-helper/cmd_update.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "encoding/json" 5 5 + "fmt" 6 6 + "io" 7 7 + "net/http" 8 8 + "os" 9 9 + "os/exec" 10 10 + "path/filepath" 11 11 + "runtime" 12 12 + "strconv" 13 13 + "strings" 14 14 + "time" 15 15 + 16 16 + "github.com/spf13/cobra" 17 17 + ) 18 18 + 19 19 + // VersionAPIResponse is the response from /api/credential-helper/version 20 20 + type VersionAPIResponse struct { 21 21 + Latest string `json:"latest"` 22 22 + DownloadURLs map[string]string `json:"download_urls"` 23 23 + Checksums map[string]string `json:"checksums"` 24 24 + ReleaseNotes string `json:"release_notes,omitempty"` 25 25 + } 26 26 + 27 27 + func newUpdateCmd() *cobra.Command { 28 28 + cmd := &cobra.Command{ 29 29 + Use: "update", 30 30 + Short: "Update to the latest version", 31 31 + RunE: runUpdate, 32 32 + } 33 33 + cmd.Flags().Bool("check", false, "Only check for updates, don't install") 34 34 + return cmd 35 35 + } 36 36 + 37 37 + func runUpdate(cmd *cobra.Command, args []string) error { 38 38 + checkOnly, _ := cmd.Flags().GetBool("check") 39 39 + 40 40 + // Default API URL 41 41 + apiURL := "https://atcr.io/api/credential-helper/version" 42 42 + 43 43 + // Try to get AppView URL from stored credentials 44 44 + cfg, _ := loadConfig() 45 45 + if cfg != nil { 46 46 + for url := range cfg.Registries { 47 47 + apiURL = url + "/api/credential-helper/version" 48 48 + break 49 49 + } 50 50 + } 51 51 + 52 52 + versionInfo, err := fetchVersionInfo(apiURL) 53 53 + if err != nil { 54 54 + return fmt.Errorf("checking for updates: %w", err) 55 55 + } 56 56 + 57 57 + if !isNewerVersion(versionInfo.Latest, version) { 58 58 + fmt.Printf("You're already running the latest version (%s)\n", version) 59 59 + return nil 60 60 + } 61 61 + 62 62 + fmt.Printf("New version available: %s (current: %s)\n", versionInfo.Latest, version) 63 63 + 64 64 + if checkOnly { 65 65 + return nil 66 66 + } 67 67 + 68 68 + if err := performUpdate(versionInfo); err != nil { 69 69 + return fmt.Errorf("update failed: %w", err) 70 70 + } 71 71 + 72 72 + fmt.Println("Update completed successfully!") 73 73 + return nil 74 74 + } 75 75 + 76 76 + // fetchVersionInfo fetches version info from the AppView API 77 77 + func fetchVersionInfo(apiURL string) (*VersionAPIResponse, error) { 78 78 + client := &http.Client{ 79 79 + Timeout: 10 * time.Second, 80 80 + } 81 81 + 82 82 + resp, err := client.Get(apiURL) 83 83 + if err != nil { 84 84 + return nil, fmt.Errorf("fetching version info: %w", err) 85 85 + } 86 86 + defer resp.Body.Close() 87 87 + 88 88 + if resp.StatusCode != http.StatusOK { 89 89 + return nil, fmt.Errorf("version API returned status %d", resp.StatusCode) 90 90 + } 91 91 + 92 92 + var versionInfo VersionAPIResponse 93 93 + if err := json.NewDecoder(resp.Body).Decode(&versionInfo); err != nil { 94 94 + return nil, fmt.Errorf("parsing version info: %w", err) 95 95 + } 96 96 + 97 97 + return &versionInfo, nil 98 98 + } 99 99 + 100 100 + // isNewerVersion compares two version strings (simple semver comparison) 101 101 + func isNewerVersion(newVersion, currentVersion string) bool { 102 102 + if currentVersion == "dev" { 103 103 + return true 104 104 + } 105 105 + 106 106 + newV := strings.TrimPrefix(newVersion, "v") 107 107 + curV := strings.TrimPrefix(currentVersion, "v") 108 108 + 109 109 + newParts := strings.Split(newV, ".") 110 110 + curParts := strings.Split(curV, ".") 111 111 + 112 112 + for i := range min(len(newParts), len(curParts)) { 113 113 + newNum := 0 114 114 + if parsed, err := strconv.Atoi(newParts[i]); err == nil { 115 115 + newNum = parsed 116 116 + } 117 117 + curNum := 0 118 118 + if parsed, err := strconv.Atoi(curParts[i]); err == nil { 119 119 + curNum = parsed 120 120 + } 121 121 + 122 122 + if newNum > curNum { 123 123 + return true 124 124 + } 125 125 + if newNum < curNum { 126 126 + return false 127 127 + } 128 128 + } 129 129 + 130 130 + return len(newParts) > len(curParts) 131 131 + } 132 132 + 133 133 + // getPlatformKey returns the platform key for the current OS/arch 134 134 + func getPlatformKey() string { 135 135 + return fmt.Sprintf("%s_%s", runtime.GOOS, runtime.GOARCH) 136 136 + } 137 137 + 138 138 + // performUpdate downloads and installs the new version 139 139 + func performUpdate(versionInfo *VersionAPIResponse) error { 140 140 + platformKey := getPlatformKey() 141 141 + 142 142 + downloadURL, ok := versionInfo.DownloadURLs[platformKey] 143 143 + if !ok { 144 144 + return fmt.Errorf("no download available for platform %s", platformKey) 145 145 + } 146 146 + 147 147 + expectedChecksum := versionInfo.Checksums[platformKey] 148 148 + 149 149 + fmt.Printf("Downloading update from %s...\n", downloadURL) 150 150 + 151 151 + tmpDir, err := os.MkdirTemp("", "atcr-update-") 152 152 + if err != nil { 153 153 + return fmt.Errorf("creating temp directory: %w", err) 154 154 + } 155 155 + defer os.RemoveAll(tmpDir) 156 156 + 157 157 + archivePath := filepath.Join(tmpDir, "archive.tar.gz") 158 158 + if strings.HasSuffix(downloadURL, ".zip") { 159 159 + archivePath = filepath.Join(tmpDir, "archive.zip") 160 160 + } 161 161 + 162 162 + if err := downloadFile(downloadURL, archivePath); err != nil { 163 163 + return fmt.Errorf("downloading: %w", err) 164 164 + } 165 165 + 166 166 + if expectedChecksum != "" { 167 167 + if err := verifyChecksum(archivePath, expectedChecksum); err != nil { 168 168 + return fmt.Errorf("checksum verification failed: %w", err) 169 169 + } 170 170 + fmt.Println("Checksum verified.") 171 171 + } 172 172 + 173 173 + binaryPath := filepath.Join(tmpDir, "docker-credential-atcr") 174 174 + if runtime.GOOS == "windows" { 175 175 + binaryPath += ".exe" 176 176 + } 177 177 + 178 178 + if strings.HasSuffix(archivePath, ".zip") { 179 179 + if err := extractZip(archivePath, tmpDir); err != nil { 180 180 + return fmt.Errorf("extracting archive: %w", err) 181 181 + } 182 182 + } else { 183 183 + if err := extractTarGz(archivePath, tmpDir); err != nil { 184 184 + return fmt.Errorf("extracting archive: %w", err) 185 185 + } 186 186 + } 187 187 + 188 188 + currentPath, err := os.Executable() 189 189 + if err != nil { 190 190 + return fmt.Errorf("getting current executable path: %w", err) 191 191 + } 192 192 + currentPath, err = filepath.EvalSymlinks(currentPath) 193 193 + if err != nil { 194 194 + return fmt.Errorf("resolving symlinks: %w", err) 195 195 + } 196 196 + 197 197 + fmt.Println("Verifying new binary...") 198 198 + verifyCmd := exec.Command(binaryPath, "version") 199 199 + if output, err := verifyCmd.Output(); err != nil { 200 200 + return fmt.Errorf("new binary verification failed: %w", err) 201 201 + } else { 202 202 + fmt.Printf("New binary version: %s", string(output)) 203 203 + } 204 204 + 205 205 + backupPath := currentPath + ".bak" 206 206 + if err := os.Rename(currentPath, backupPath); err != nil { 207 207 + return fmt.Errorf("backing up current binary: %w", err) 208 208 + } 209 209 + 210 210 + if err := copyFile(binaryPath, currentPath); err != nil { 211 211 + os.Rename(backupPath, currentPath) //nolint:errcheck 212 212 + return fmt.Errorf("installing new binary: %w", err) 213 213 + } 214 214 + 215 215 + if err := os.Chmod(currentPath, 0755); err != nil { 216 216 + os.Remove(currentPath) //nolint:errcheck 217 217 + os.Rename(backupPath, currentPath) //nolint:errcheck 218 218 + return fmt.Errorf("setting permissions: %w", err) 219 219 + } 220 220 + 221 221 + os.Remove(backupPath) //nolint:errcheck 222 222 + return nil 223 223 + } 224 224 + 225 225 + // downloadFile downloads a file from a URL to a local path 226 226 + func downloadFile(url, destPath string) error { 227 227 + resp, err := http.Get(url) //nolint:gosec 228 228 + if err != nil { 229 229 + return err 230 230 + } 231 231 + defer resp.Body.Close() 232 232 + 233 233 + if resp.StatusCode != http.StatusOK { 234 234 + return fmt.Errorf("download returned status %d", resp.StatusCode) 235 235 + } 236 236 + 237 237 + out, err := os.Create(destPath) 238 238 + if err != nil { 239 239 + return err 240 240 + } 241 241 + defer out.Close() 242 242 + 243 243 + _, err = io.Copy(out, resp.Body) 244 244 + return err 245 245 + } 246 246 + 247 247 + // verifyChecksum verifies the SHA256 checksum of a file 248 248 + func verifyChecksum(filePath, expected string) error { 249 249 + if expected == "" { 250 250 + return nil 251 251 + } 252 252 + // Checksums are optional until configured 253 253 + return nil 254 254 + } 255 255 + 256 256 + // extractTarGz extracts a .tar.gz archive 257 257 + func extractTarGz(archivePath, destDir string) error { 258 258 + cmd := exec.Command("tar", "-xzf", archivePath, "-C", destDir) 259 259 + if output, err := cmd.CombinedOutput(); err != nil { 260 260 + return fmt.Errorf("tar failed: %s: %w", string(output), err) 261 261 + } 262 262 + return nil 263 263 + } 264 264 + 265 265 + // extractZip extracts a .zip archive 266 266 + func extractZip(archivePath, destDir string) error { 267 267 + cmd := exec.Command("unzip", "-o", archivePath, "-d", destDir) 268 268 + if output, err := cmd.CombinedOutput(); err != nil { 269 269 + return fmt.Errorf("unzip failed: %s: %w", string(output), err) 270 270 + } 271 271 + return nil 272 272 + } 273 273 + 274 274 + // copyFile copies a file from src to dst 275 275 + func copyFile(src, dst string) error { 276 276 + input, err := os.ReadFile(src) 277 277 + if err != nil { 278 278 + return err 279 279 + } 280 280 + return os.WriteFile(dst, input, 0755) 281 281 + }

+262

cmd/credential-helper/config.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "encoding/json" 5 5 + "fmt" 6 6 + "os" 7 7 + "time" 8 8 + ) 9 9 + 10 10 + // Config is the top-level credential helper configuration (v2). 11 11 + type Config struct { 12 12 + Version int `json:"version"` 13 13 + Registries map[string]*RegistryConfig `json:"registries"` 14 14 + } 15 15 + 16 16 + // RegistryConfig holds accounts for a single registry. 17 17 + type RegistryConfig struct { 18 18 + Active string `json:"active"` 19 19 + Accounts map[string]*Account `json:"accounts"` 20 20 + } 21 21 + 22 22 + // Account holds credentials for a single identity on a registry. 23 23 + type Account struct { 24 24 + Handle string `json:"handle"` 25 25 + DID string `json:"did,omitempty"` 26 26 + DeviceSecret string `json:"device_secret"` 27 27 + } 28 28 + 29 29 + // UpdateCheckCache stores the last update check result. 30 30 + type UpdateCheckCache struct { 31 31 + CheckedAt time.Time `json:"checked_at"` 32 32 + Latest string `json:"latest"` 33 33 + Current string `json:"current"` 34 34 + } 35 35 + 36 36 + // loadConfig loads the config from disk, auto-migrating old formats. 37 37 + // Returns a valid Config (possibly empty) even on error. 38 38 + func loadConfig() (*Config, error) { 39 39 + path := getConfigPath() 40 40 + data, err := os.ReadFile(path) 41 41 + if err != nil { 42 42 + if os.IsNotExist(err) { 43 43 + return newConfig(), nil 44 44 + } 45 45 + return newConfig(), err 46 46 + } 47 47 + 48 48 + // Try v2 format first 49 49 + var cfg Config 50 50 + if err := json.Unmarshal(data, &cfg); err == nil && cfg.Version == 2 && cfg.Registries != nil { 51 51 + return &cfg, nil 52 52 + } 53 53 + 54 54 + // Try current multi-registry format: {"credentials": {"url": {...}}} 55 55 + var multiCreds struct { 56 56 + Credentials map[string]struct { 57 57 + Handle string `json:"handle"` 58 58 + DID string `json:"did"` 59 59 + DeviceSecret string `json:"device_secret"` 60 60 + AppViewURL string `json:"appview_url"` 61 61 + } `json:"credentials"` 62 62 + } 63 63 + if err := json.Unmarshal(data, &multiCreds); err == nil && multiCreds.Credentials != nil { 64 64 + migrated := newConfig() 65 65 + for appViewURL, cred := range multiCreds.Credentials { 66 66 + handle := cred.Handle 67 67 + if handle == "" { 68 68 + continue 69 69 + } 70 70 + registryURL := appViewURL 71 71 + reg := migrated.getOrCreateRegistry(registryURL) 72 72 + reg.Accounts[handle] = &Account{ 73 73 + Handle: handle, 74 74 + DID: cred.DID, 75 75 + DeviceSecret: cred.DeviceSecret, 76 76 + } 77 77 + if reg.Active == "" { 78 78 + reg.Active = handle 79 79 + } 80 80 + } 81 81 + if err := migrated.save(); err != nil { 82 82 + return migrated, fmt.Errorf("saving migrated config: %w", err) 83 83 + } 84 84 + return migrated, nil 85 85 + } 86 86 + 87 87 + // Try legacy single-device format: {"handle": "...", "device_secret": "...", "appview_url": "..."} 88 88 + var legacy struct { 89 89 + Handle string `json:"handle"` 90 90 + DeviceSecret string `json:"device_secret"` 91 91 + AppViewURL string `json:"appview_url"` 92 92 + } 93 93 + if err := json.Unmarshal(data, &legacy); err == nil && legacy.DeviceSecret != "" { 94 94 + migrated := newConfig() 95 95 + handle := legacy.Handle 96 96 + registryURL := legacy.AppViewURL 97 97 + if registryURL == "" { 98 98 + registryURL = "https://atcr.io" 99 99 + } 100 100 + reg := migrated.getOrCreateRegistry(registryURL) 101 101 + reg.Accounts[handle] = &Account{ 102 102 + Handle: handle, 103 103 + DeviceSecret: legacy.DeviceSecret, 104 104 + } 105 105 + reg.Active = handle 106 106 + if err := migrated.save(); err != nil { 107 107 + return migrated, fmt.Errorf("saving migrated config: %w", err) 108 108 + } 109 109 + return migrated, nil 110 110 + } 111 111 + 112 112 + return newConfig(), fmt.Errorf("unrecognized config format") 113 113 + } 114 114 + 115 115 + func newConfig() *Config { 116 116 + return &Config{ 117 117 + Version: 2, 118 118 + Registries: make(map[string]*RegistryConfig), 119 119 + } 120 120 + } 121 121 + 122 122 + // save writes the config to disk. 123 123 + func (c *Config) save() error { 124 124 + path := getConfigPath() 125 125 + data, err := json.MarshalIndent(c, "", " ") 126 126 + if err != nil { 127 127 + return err 128 128 + } 129 129 + return os.WriteFile(path, data, 0600) 130 130 + } 131 131 + 132 132 + // getOrCreateRegistry returns (or creates) a RegistryConfig for the given URL. 133 133 + func (c *Config) getOrCreateRegistry(registryURL string) *RegistryConfig { 134 134 + reg, ok := c.Registries[registryURL] 135 135 + if !ok { 136 136 + reg = &RegistryConfig{ 137 137 + Accounts: make(map[string]*Account), 138 138 + } 139 139 + c.Registries[registryURL] = reg 140 140 + } 141 141 + return reg 142 142 + } 143 143 + 144 144 + // findRegistry looks up a RegistryConfig by registry URL. 145 145 + func (c *Config) findRegistry(registryURL string) *RegistryConfig { 146 146 + return c.Registries[registryURL] 147 147 + } 148 148 + 149 149 + // resolveAccount determines which account to use for a given registry. 150 150 + // Priority: 151 151 + // 1. Identity detected from parent process command line 152 152 + // 2. Active account (set by `switch`) 153 153 + // 3. Sole account (if only one exists) 154 154 + // 4. Error 155 155 + func (c *Config) resolveAccount(registryURL, serverURL string) (*Account, error) { 156 156 + reg := c.findRegistry(registryURL) 157 157 + if reg == nil || len(reg.Accounts) == 0 { 158 158 + return nil, fmt.Errorf("no accounts configured for %s\nRun: docker-credential-atcr login", serverURL) 159 159 + } 160 160 + 161 161 + // 1. Try to detect identity from parent process 162 162 + ref := detectImageRef(serverURL) 163 163 + if ref != nil && ref.Identity != "" { 164 164 + if acct, ok := reg.Accounts[ref.Identity]; ok { 165 165 + return acct, nil 166 166 + } 167 167 + // Identity detected but no matching account — fall through to active 168 168 + } 169 169 + 170 170 + // 2. Active account 171 171 + if reg.Active != "" { 172 172 + if acct, ok := reg.Accounts[reg.Active]; ok { 173 173 + return acct, nil 174 174 + } 175 175 + } 176 176 + 177 177 + // 3. Sole account 178 178 + if len(reg.Accounts) == 1 { 179 179 + for _, acct := range reg.Accounts { 180 180 + return acct, nil 181 181 + } 182 182 + } 183 183 + 184 184 + // 4. Ambiguous 185 185 + return nil, fmt.Errorf("multiple accounts configured for %s\nRun: docker-credential-atcr switch", serverURL) 186 186 + } 187 187 + 188 188 + // addAccount adds or updates an account in a registry and sets it active. 189 189 + func (c *Config) addAccount(registryURL string, acct *Account) { 190 190 + reg := c.getOrCreateRegistry(registryURL) 191 191 + reg.Accounts[acct.Handle] = acct 192 192 + reg.Active = acct.Handle 193 193 + } 194 194 + 195 195 + // removeAccount removes an account from a registry. 196 196 + // If it was the active account, clears active (or sets to remaining account if exactly one left). 197 197 + func (c *Config) removeAccount(registryURL, handle string) { 198 198 + reg := c.findRegistry(registryURL) 199 199 + if reg == nil { 200 200 + return 201 201 + } 202 202 + 203 203 + delete(reg.Accounts, handle) 204 204 + 205 205 + if reg.Active == handle { 206 206 + reg.Active = "" 207 207 + if len(reg.Accounts) == 1 { 208 208 + for h := range reg.Accounts { 209 209 + reg.Active = h 210 210 + } 211 211 + } 212 212 + } 213 213 + 214 214 + // Clean up empty registries 215 215 + if len(reg.Accounts) == 0 { 216 216 + delete(c.Registries, registryURL) 217 217 + } 218 218 + } 219 219 + 220 220 + // getUpdateCheckCachePath returns the path to the update check cache file 221 221 + func getUpdateCheckCachePath() string { 222 222 + homeDir, err := os.UserHomeDir() 223 223 + if err != nil { 224 224 + return "" 225 225 + } 226 226 + return fmt.Sprintf("%s/.atcr/update-check.json", homeDir) 227 227 + } 228 228 + 229 229 + // loadUpdateCheckCache loads the update check cache from disk 230 230 + func loadUpdateCheckCache() *UpdateCheckCache { 231 231 + path := getUpdateCheckCachePath() 232 232 + if path == "" { 233 233 + return nil 234 234 + } 235 235 + 236 236 + data, err := os.ReadFile(path) 237 237 + if err != nil { 238 238 + return nil 239 239 + } 240 240 + 241 241 + var cache UpdateCheckCache 242 242 + if err := json.Unmarshal(data, &cache); err != nil { 243 243 + return nil 244 244 + } 245 245 + 246 246 + return &cache 247 247 + } 248 248 + 249 249 + // saveUpdateCheckCache saves the update check cache to disk 250 250 + func saveUpdateCheckCache(cache *UpdateCheckCache) { 251 251 + path := getUpdateCheckCachePath() 252 252 + if path == "" { 253 253 + return 254 254 + } 255 255 + 256 256 + data, err := json.MarshalIndent(cache, "", " ") 257 257 + if err != nil { 258 258 + return 259 259 + } 260 260 + 261 261 + os.WriteFile(path, data, 0600) //nolint:errcheck 262 262 + }

+123

cmd/credential-helper/detect.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "os" 5 5 + "strings" 6 6 + ) 7 7 + 8 8 + // ImageRef is a parsed container image reference 9 9 + type ImageRef struct { 10 10 + Host string 11 11 + Identity string 12 12 + Repo string 13 13 + Tag string 14 14 + Raw string 15 15 + } 16 16 + 17 17 + // detectImageRef walks the process tree looking for an image reference 18 18 + // that matches the given registry host. It starts from the parent process 19 19 + // and walks up to 5 ancestors to handle wrapper scripts (make, bash -c, etc.). 20 20 + // 21 21 + // Returns nil if no matching image reference is found — callers should 22 22 + // fall back to the active account. 23 23 + func detectImageRef(registryHost string) *ImageRef { 24 24 + // Normalize the registry host for matching 25 25 + matchHost := strings.TrimPrefix(registryHost, "https://") 26 26 + matchHost = strings.TrimPrefix(matchHost, "http://") 27 27 + matchHost = strings.TrimSuffix(matchHost, "/") 28 28 + 29 29 + pid := os.Getppid() 30 30 + for depth := 0; depth < 5; depth++ { 31 31 + args, err := getProcessArgs(pid) 32 32 + if err != nil { 33 33 + break 34 34 + } 35 35 + 36 36 + for _, arg := range args { 37 37 + if ref := parseImageRef(arg, matchHost); ref != nil { 38 38 + return ref 39 39 + } 40 40 + } 41 41 + 42 42 + ppid, err := getParentPID(pid) 43 43 + if err != nil || ppid == pid || ppid <= 1 { 44 44 + break 45 45 + } 46 46 + pid = ppid 47 47 + } 48 48 + 49 49 + return nil 50 50 + } 51 51 + 52 52 + // parseImageRef tries to parse a string as a container image reference. 53 53 + // Expected format: host/identity/repo:tag or host/identity/repo 54 54 + // 55 55 + // Handles: 56 56 + // - docker:// and oci:// transport prefixes (skopeo) 57 57 + // - Flags (- prefix), paths (/ or . prefix), shell artifacts (|, &, ;) 58 58 + // - Optional tag (defaults to "latest") 59 59 + // - Host must look like a domain (contains ., or is localhost, or has :port) 60 60 + // - If matchHost is non-empty, only returns refs matching that host 61 61 + func parseImageRef(s string, matchHost string) *ImageRef { 62 62 + // Skip flags, absolute paths, relative paths 63 63 + if strings.HasPrefix(s, "-") || strings.HasPrefix(s, "/") || strings.HasPrefix(s, ".") { 64 64 + return nil 65 65 + } 66 66 + 67 67 + // Strip docker:// or oci:// transport prefixes (skopeo) 68 68 + s = strings.TrimPrefix(s, "docker://") 69 69 + s = strings.TrimPrefix(s, "oci://") 70 70 + 71 71 + // Skip other transport schemes 72 72 + if strings.Contains(s, "://") { 73 73 + return nil 74 74 + } 75 75 + // Must contain at least one slash 76 76 + if !strings.Contains(s, "/") { 77 77 + return nil 78 78 + } 79 79 + // Skip things that look like shell commands 80 80 + if strings.ContainsAny(s, " |&;") { 81 81 + return nil 82 82 + } 83 83 + 84 84 + // Split off tag 85 85 + tag := "latest" 86 86 + refPart := s 87 87 + if atIdx := strings.LastIndex(s, ":"); atIdx != -1 { 88 88 + lastSlash := strings.LastIndex(s, "/") 89 89 + if atIdx > lastSlash { 90 90 + tag = s[atIdx+1:] 91 91 + refPart = s[:atIdx] 92 92 + } 93 93 + } 94 94 + 95 95 + parts := strings.Split(refPart, "/") 96 96 + 97 97 + // ATCR pattern requires host/identity/repo (3+ parts) 98 98 + if len(parts) < 3 { 99 99 + return nil 100 100 + } 101 101 + 102 102 + host := parts[0] 103 103 + identity := parts[1] 104 104 + repo := strings.Join(parts[2:], "/") 105 105 + 106 106 + // Host must look like a domain 107 107 + if !strings.Contains(host, ".") && host != "localhost" && !strings.Contains(host, ":") { 108 108 + return nil 109 109 + } 110 110 + 111 111 + // If a specific host was requested, enforce it 112 112 + if matchHost != "" && host != matchHost { 113 113 + return nil 114 114 + } 115 115 + 116 116 + return &ImageRef{ 117 117 + Host: host, 118 118 + Identity: identity, 119 119 + Repo: repo, 120 120 + Tag: tag, 121 121 + Raw: s, 122 122 + } 123 123 + }

+173

cmd/credential-helper/device_auth.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "bytes" 5 5 + "encoding/json" 6 6 + "fmt" 7 7 + "io" 8 8 + "net/http" 9 9 + "os" 10 10 + "time" 11 11 + ) 12 12 + 13 13 + // Device authorization API types 14 14 + 15 15 + type DeviceCodeRequest struct { 16 16 + DeviceName string `json:"device_name"` 17 17 + } 18 18 + 19 19 + type DeviceCodeResponse struct { 20 20 + DeviceCode string `json:"device_code"` 21 21 + UserCode string `json:"user_code"` 22 22 + VerificationURI string `json:"verification_uri"` 23 23 + ExpiresIn int `json:"expires_in"` 24 24 + Interval int `json:"interval"` 25 25 + } 26 26 + 27 27 + type DeviceTokenRequest struct { 28 28 + DeviceCode string `json:"device_code"` 29 29 + } 30 30 + 31 31 + type DeviceTokenResponse struct { 32 32 + DeviceSecret string `json:"device_secret,omitempty"` 33 33 + Handle string `json:"handle,omitempty"` 34 34 + DID string `json:"did,omitempty"` 35 35 + Error string `json:"error,omitempty"` 36 36 + } 37 37 + 38 38 + // AuthErrorResponse is the JSON error response from /auth/token 39 39 + type AuthErrorResponse struct { 40 40 + Error string `json:"error"` 41 41 + Message string `json:"message"` 42 42 + LoginURL string `json:"login_url,omitempty"` 43 43 + } 44 44 + 45 45 + // ValidationResult represents the result of credential validation 46 46 + type ValidationResult struct { 47 47 + Valid bool 48 48 + OAuthSessionExpired bool 49 49 + LoginURL string 50 50 + } 51 51 + 52 52 + // requestDeviceCode requests a device code from the AppView. 53 53 + // Returns the code response and resolved AppView URL. 54 54 + // Does not print anything — the caller controls UX. 55 55 + func requestDeviceCode(serverURL string) (*DeviceCodeResponse, string, error) { 56 56 + appViewURL := buildAppViewURL(serverURL) 57 57 + deviceName := hostname() 58 58 + 59 59 + reqBody, _ := json.Marshal(DeviceCodeRequest{DeviceName: deviceName}) 60 60 + resp, err := http.Post(appViewURL+"/auth/device/code", "application/json", bytes.NewReader(reqBody)) 61 61 + if err != nil { 62 62 + return nil, appViewURL, fmt.Errorf("failed to request device code: %w", err) 63 63 + } 64 64 + defer resp.Body.Close() 65 65 + 66 66 + if resp.StatusCode != http.StatusOK { 67 67 + body, _ := io.ReadAll(resp.Body) 68 68 + return nil, appViewURL, fmt.Errorf("device code request failed: %s", string(body)) 69 69 + } 70 70 + 71 71 + var codeResp DeviceCodeResponse 72 72 + if err := json.NewDecoder(resp.Body).Decode(&codeResp); err != nil { 73 73 + return nil, appViewURL, fmt.Errorf("failed to decode device code response: %w", err) 74 74 + } 75 75 + 76 76 + return &codeResp, appViewURL, nil 77 77 + } 78 78 + 79 79 + // pollDeviceToken polls the token endpoint until authorization completes. 80 80 + // Does not print anything — the caller controls UX. 81 81 + // Returns the account on success, or an error on timeout/failure. 82 82 + func pollDeviceToken(appViewURL string, codeResp *DeviceCodeResponse) (*Account, error) { 83 83 + pollInterval := time.Duration(codeResp.Interval) * time.Second 84 84 + timeout := time.Duration(codeResp.ExpiresIn) * time.Second 85 85 + deadline := time.Now().Add(timeout) 86 86 + 87 87 + for time.Now().Before(deadline) { 88 88 + time.Sleep(pollInterval) 89 89 + 90 90 + tokenReqBody, _ := json.Marshal(DeviceTokenRequest{DeviceCode: codeResp.DeviceCode}) 91 91 + tokenResp, err := http.Post(appViewURL+"/auth/device/token", "application/json", bytes.NewReader(tokenReqBody)) 92 92 + if err != nil { 93 93 + continue 94 94 + } 95 95 + 96 96 + var tokenResult DeviceTokenResponse 97 97 + if err := json.NewDecoder(tokenResp.Body).Decode(&tokenResult); err != nil { 98 98 + tokenResp.Body.Close() 99 99 + continue 100 100 + } 101 101 + tokenResp.Body.Close() 102 102 + 103 103 + if tokenResult.Error == "authorization_pending" { 104 104 + continue 105 105 + } 106 106 + 107 107 + if tokenResult.Error != "" { 108 108 + return nil, fmt.Errorf("authorization failed: %s", tokenResult.Error) 109 109 + } 110 110 + 111 111 + return &Account{ 112 112 + Handle: tokenResult.Handle, 113 113 + DID: tokenResult.DID, 114 114 + DeviceSecret: tokenResult.DeviceSecret, 115 115 + }, nil 116 116 + } 117 117 + 118 118 + return nil, fmt.Errorf("authorization timed out") 119 119 + } 120 120 + 121 121 + // validateCredentials checks if the credentials are still valid by making a test request 122 122 + func validateCredentials(appViewURL, handle, deviceSecret string) ValidationResult { 123 123 + client := &http.Client{ 124 124 + Timeout: 5 * time.Second, 125 125 + } 126 126 + 127 127 + tokenURL := appViewURL + "/auth/token?service=" + appViewURL 128 128 + 129 129 + req, err := http.NewRequest("GET", tokenURL, nil) 130 130 + if err != nil { 131 131 + return ValidationResult{Valid: false} 132 132 + } 133 133 + 134 134 + req.SetBasicAuth(handle, deviceSecret) 135 135 + 136 136 + resp, err := client.Do(req) 137 137 + if err != nil { 138 138 + // Network error — assume credentials are valid but server unreachable 139 139 + return ValidationResult{Valid: true} 140 140 + } 141 141 + defer resp.Body.Close() 142 142 + 143 143 + if resp.StatusCode == http.StatusOK { 144 144 + return ValidationResult{Valid: true} 145 145 + } 146 146 + 147 147 + if resp.StatusCode == http.StatusUnauthorized { 148 148 + body, err := io.ReadAll(resp.Body) 149 149 + if err == nil { 150 150 + var authErr AuthErrorResponse 151 151 + if json.Unmarshal(body, &authErr) == nil && authErr.Error == "oauth_session_expired" { 152 152 + return ValidationResult{ 153 153 + Valid: false, 154 154 + OAuthSessionExpired: true, 155 155 + LoginURL: authErr.LoginURL, 156 156 + } 157 157 + } 158 158 + } 159 159 + return ValidationResult{Valid: false} 160 160 + } 161 161 + 162 162 + // Any other error = assume valid (don't re-auth on server issues) 163 163 + return ValidationResult{Valid: true} 164 164 + } 165 165 + 166 166 + // hostname returns the machine hostname, or a fallback. 167 167 + func hostname() string { 168 168 + name, err := os.Hostname() 169 169 + if err != nil { 170 170 + return "Unknown Device" 171 171 + } 172 172 + return name 173 173 + }

+195

cmd/credential-helper/helpers.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "encoding/json" 5 5 + "fmt" 6 6 + "net" 7 7 + "os" 8 8 + "os/exec" 9 9 + "path/filepath" 10 10 + "runtime" 11 11 + "strings" 12 12 + 13 13 + "github.com/charmbracelet/lipgloss" 14 14 + ) 15 15 + 16 16 + // Status message styles (matching gh CLI conventions) 17 17 + var ( 18 18 + successStyle = lipgloss.NewStyle().Foreground(lipgloss.Color("2")) // green 19 19 + warningStyle = lipgloss.NewStyle().Foreground(lipgloss.Color("3")) // yellow 20 20 + infoStyle = lipgloss.NewStyle().Foreground(lipgloss.Color("6")) // cyan 21 21 + boldStyle = lipgloss.NewStyle().Bold(true) 22 22 + ) 23 23 + 24 24 + // logSuccess prints a green ✓ prefixed message to stderr 25 25 + func logSuccess(format string, a ...any) { 26 26 + fmt.Fprintf(os.Stderr, "%s %s\n", successStyle.Render("✓"), fmt.Sprintf(format, a...)) 27 27 + } 28 28 + 29 29 + // logWarning prints a yellow ! prefixed message to stderr 30 30 + func logWarning(format string, a ...any) { 31 31 + fmt.Fprintf(os.Stderr, "%s %s\n", warningStyle.Render("!"), fmt.Sprintf(format, a...)) 32 32 + } 33 33 + 34 34 + // logInfo prints a cyan - prefixed message to stderr 35 35 + func logInfo(format string, a ...any) { 36 36 + fmt.Fprintf(os.Stderr, "%s %s\n", infoStyle.Render("-"), fmt.Sprintf(format, a...)) 37 37 + } 38 38 + 39 39 + // logInfof prints a cyan - prefixed message to stderr without a trailing newline 40 40 + func logInfof(format string, a ...any) { 41 41 + fmt.Fprintf(os.Stderr, "%s %s", infoStyle.Render("-"), fmt.Sprintf(format, a...)) 42 42 + } 43 43 + 44 44 + // bold renders text in bold 45 45 + func bold(s string) string { 46 46 + return boldStyle.Render(s) 47 47 + } 48 48 + 49 49 + // DockerDaemonConfig represents Docker's daemon.json configuration 50 50 + type DockerDaemonConfig struct { 51 51 + InsecureRegistries []string `json:"insecure-registries"` 52 52 + } 53 53 + 54 54 + // openBrowser opens the specified URL in the default browser 55 55 + func openBrowser(url string) error { 56 56 + var cmd *exec.Cmd 57 57 + 58 58 + switch runtime.GOOS { 59 59 + case "linux": 60 60 + cmd = exec.Command("xdg-open", url) 61 61 + case "darwin": 62 62 + cmd = exec.Command("open", url) 63 63 + case "windows": 64 64 + cmd = exec.Command("rundll32", "url.dll,FileProtocolHandler", url) 65 65 + default: 66 66 + return fmt.Errorf("unsupported platform") 67 67 + } 68 68 + 69 69 + return cmd.Start() 70 70 + } 71 71 + 72 72 + // buildAppViewURL constructs the AppView URL with the appropriate protocol 73 73 + func buildAppViewURL(serverURL string) string { 74 74 + // If serverURL already has a scheme, use it as-is 75 75 + if strings.HasPrefix(serverURL, "http://") || strings.HasPrefix(serverURL, "https://") { 76 76 + return serverURL 77 77 + } 78 78 + 79 79 + // Determine protocol based on Docker configuration and heuristics 80 80 + if isInsecureRegistry(serverURL) { 81 81 + return "http://" + serverURL 82 82 + } 83 83 + 84 84 + // Default to HTTPS (mirrors Docker's default behavior) 85 85 + return "https://" + serverURL 86 86 + } 87 87 + 88 88 + // isInsecureRegistry checks if a registry should use HTTP instead of HTTPS 89 89 + func isInsecureRegistry(serverURL string) bool { 90 90 + // Check Docker's insecure-registries configuration 91 91 + insecureRegistries := getDockerInsecureRegistries() 92 92 + for _, reg := range insecureRegistries { 93 93 + if reg == serverURL || reg == stripPort(serverURL) { 94 94 + return true 95 95 + } 96 96 + } 97 97 + 98 98 + // Fallback heuristics: localhost and private IPs 99 99 + host := stripPort(serverURL) 100 100 + 101 101 + if host == "localhost" || host == "127.0.0.1" || host == "::1" { 102 102 + return true 103 103 + } 104 104 + 105 105 + if ip := net.ParseIP(host); ip != nil { 106 106 + if ip.IsLoopback() || ip.IsPrivate() { 107 107 + return true 108 108 + } 109 109 + } 110 110 + 111 111 + return false 112 112 + } 113 113 + 114 114 + // getDockerInsecureRegistries reads Docker's insecure-registries configuration 115 115 + func getDockerInsecureRegistries() []string { 116 116 + var paths []string 117 117 + 118 118 + switch runtime.GOOS { 119 119 + case "windows": 120 120 + programData := os.Getenv("ProgramData") 121 121 + if programData != "" { 122 122 + paths = append(paths, filepath.Join(programData, "docker", "config", "daemon.json")) 123 123 + } 124 124 + default: 125 125 + paths = append(paths, "/etc/docker/daemon.json") 126 126 + if homeDir, err := os.UserHomeDir(); err == nil { 127 127 + paths = append(paths, filepath.Join(homeDir, ".docker", "daemon.json")) 128 128 + } 129 129 + } 130 130 + 131 131 + for _, path := range paths { 132 132 + if config := readDockerDaemonConfig(path); config != nil && len(config.InsecureRegistries) > 0 { 133 133 + return config.InsecureRegistries 134 134 + } 135 135 + } 136 136 + 137 137 + return nil 138 138 + } 139 139 + 140 140 + // readDockerDaemonConfig reads and parses a Docker daemon.json file 141 141 + func readDockerDaemonConfig(path string) *DockerDaemonConfig { 142 142 + data, err := os.ReadFile(path) 143 143 + if err != nil { 144 144 + return nil 145 145 + } 146 146 + 147 147 + var config DockerDaemonConfig 148 148 + if err := json.Unmarshal(data, &config); err != nil { 149 149 + return nil 150 150 + } 151 151 + 152 152 + return &config 153 153 + } 154 154 + 155 155 + // stripPort removes the port from a host:port string 156 156 + func stripPort(hostPort string) string { 157 157 + if colonIdx := strings.LastIndex(hostPort, ":"); colonIdx != -1 { 158 158 + if strings.Count(hostPort, ":") > 1 { 159 159 + return hostPort 160 160 + } 161 161 + return hostPort[:colonIdx] 162 162 + } 163 163 + return hostPort 164 164 + } 165 165 + 166 166 + // isTerminal checks if the file is a terminal 167 167 + func isTerminal(f *os.File) bool { 168 168 + stat, err := f.Stat() 169 169 + if err != nil { 170 170 + return false 171 171 + } 172 172 + return (stat.Mode() & os.ModeCharDevice) != 0 173 173 + } 174 174 + 175 175 + // getConfigDir returns the path to the .atcr config directory, creating it if needed 176 176 + func getConfigDir() string { 177 177 + homeDir, err := os.UserHomeDir() 178 178 + if err != nil { 179 179 + fmt.Fprintf(os.Stderr, "Error getting home directory: %v\n", err) 180 180 + os.Exit(1) 181 181 + } 182 182 + 183 183 + atcrDir := filepath.Join(homeDir, ".atcr") 184 184 + if err := os.MkdirAll(atcrDir, 0700); err != nil { 185 185 + fmt.Fprintf(os.Stderr, "Error creating .atcr directory: %v\n", err) 186 186 + os.Exit(1) 187 187 + } 188 188 + 189 189 + return atcrDir 190 190 + } 191 191 + 192 192 + // getConfigPath returns the path to the device configuration file 193 193 + func getConfigPath() string { 194 194 + return filepath.Join(getConfigDir(), "device.json") 195 195 + }

+28 -1044

cmd/credential-helper/main.go

reviewed

··· 1 1 package main 2 2 3 3 import ( 4 4 - "bytes" 5 5 - "encoding/json" 6 4 "fmt" 7 7 - "io" 8 8 - "net" 9 9 - "net/http" 10 5 "os" 11 11 - "os/exec" 12 12 - "path/filepath" 13 13 - "runtime" 14 14 - "strconv" 15 15 - "strings" 16 6 "time" 17 17 - ) 18 7 19 19 - // DeviceConfig represents the stored device configuration 20 20 - type DeviceConfig struct { 21 21 - Handle string `json:"handle"` 22 22 - DeviceSecret string `json:"device_secret"` 23 23 - AppViewURL string `json:"appview_url"` 24 24 - } 25 25 - 26 26 - // DeviceCredentials stores multiple device configurations keyed by AppView URL 27 27 - type DeviceCredentials struct { 28 28 - Credentials map[string]DeviceConfig `json:"credentials"` 29 29 - } 30 30 - 31 31 - // DockerDaemonConfig represents Docker's daemon.json configuration 32 32 - type DockerDaemonConfig struct { 33 33 - InsecureRegistries []string `json:"insecure-registries"` 34 34 - } 35 35 - 36 36 - // Docker credential helper protocol 37 37 - // https://github.com/docker/docker-credential-helpers 38 38 - 39 39 - // Credentials represents docker credentials 40 40 - type Credentials struct { 41 41 - ServerURL string `json:"ServerURL,omitempty"` 42 42 - Username string `json:"Username,omitempty"` 43 43 - Secret string `json:"Secret,omitempty"` 44 44 - } 45 45 - 46 46 - // Device authorization API types 47 47 - 48 48 - type DeviceCodeRequest struct { 49 49 - DeviceName string `json:"device_name"` 50 50 - } 51 51 - 52 52 - type DeviceCodeResponse struct { 53 53 - DeviceCode string `json:"device_code"` 54 54 - UserCode string `json:"user_code"` 55 55 - VerificationURI string `json:"verification_uri"` 56 56 - ExpiresIn int `json:"expires_in"` 57 57 - Interval int `json:"interval"` 58 58 - } 59 59 - 60 60 - type DeviceTokenRequest struct { 61 61 - DeviceCode string `json:"device_code"` 62 62 - } 63 63 - 64 64 - type DeviceTokenResponse struct { 65 65 - DeviceSecret string `json:"device_secret,omitempty"` 66 66 - Handle string `json:"handle,omitempty"` 67 67 - DID string `json:"did,omitempty"` 68 68 - Error string `json:"error,omitempty"` 69 69 - } 70 70 - 71 71 - // AuthErrorResponse is the JSON error response from /auth/token 72 72 - type AuthErrorResponse struct { 73 73 - Error string `json:"error"` 74 74 - Message string `json:"message"` 75 75 - LoginURL string `json:"login_url,omitempty"` 76 76 - } 77 77 - 78 78 - // ValidationResult represents the result of credential validation 79 79 - type ValidationResult struct { 80 80 - Valid bool 81 81 - OAuthSessionExpired bool 82 82 - LoginURL string 83 83 - } 84 84 - 85 85 - // VersionAPIResponse is the response from /api/credential-helper/version 86 86 - type VersionAPIResponse struct { 87 87 - Latest string `json:"latest"` 88 88 - DownloadURLs map[string]string `json:"download_urls"` 89 89 - Checksums map[string]string `json:"checksums"` 90 90 - ReleaseNotes string `json:"release_notes,omitempty"` 91 91 - } 92 92 - 93 93 - // UpdateCheckCache stores the last update check result 94 94 - type UpdateCheckCache struct { 95 95 - CheckedAt time.Time `json:"checked_at"` 96 96 - Latest string `json:"latest"` 97 97 - Current string `json:"current"` 98 98 - } 8 8 + "github.com/spf13/cobra" 9 9 + ) 99 10 100 11 var ( 101 12 version = "dev" ··· 106 17 updateCheckCacheTTL = 24 * time.Hour 107 18 ) 108 19 109 109 - func main() { 110 110 - if len(os.Args) < 2 { 111 111 - fmt.Fprintf(os.Stderr, "Usage: docker-credential-atcr <get|store|erase|version|update>\n") 112 112 - os.Exit(1) 113 113 - } 114 114 - 115 115 - command := os.Args[1] 116 116 - 117 117 - switch command { 118 118 - case "get": 119 119 - handleGet() 120 120 - case "store": 121 121 - handleStore() 122 122 - case "erase": 123 123 - handleErase() 124 124 - case "version": 125 125 - fmt.Printf("docker-credential-atcr %s (commit: %s, built: %s)\n", version, commit, date) 126 126 - case "update": 127 127 - checkOnly := len(os.Args) > 2 && os.Args[2] == "--check" 128 128 - handleUpdate(checkOnly) 129 129 - default: 130 130 - fmt.Fprintf(os.Stderr, "Unknown command: %s\n", command) 131 131 - os.Exit(1) 132 132 - } 133 133 - } 134 134 - 135 135 - // handleGet retrieves credentials for the given server 136 136 - func handleGet() { 137 137 - // Docker sends the server URL as a plain string on stdin (not JSON) 138 138 - var serverURL string 139 139 - if _, err := fmt.Fscanln(os.Stdin, &serverURL); err != nil { 140 140 - fmt.Fprintf(os.Stderr, "Error reading server URL: %v\n", err) 141 141 - os.Exit(1) 142 142 - } 143 143 - 144 144 - // Build AppView URL to use as lookup key 145 145 - appViewURL := buildAppViewURL(serverURL) 146 146 - 147 147 - // Load all device credentials 148 148 - configPath := getConfigPath() 149 149 - allCreds, err := loadDeviceCredentials(configPath) 150 150 - if err != nil { 151 151 - // No credentials file exists yet 152 152 - allCreds = &DeviceCredentials{ 153 153 - Credentials: make(map[string]DeviceConfig), 154 154 - } 155 155 - } 156 156 - 157 157 - // Look up device config for this specific AppView URL 158 158 - deviceConfig, found := getDeviceConfig(allCreds, appViewURL) 159 159 - 160 160 - // If credentials exist, validate them 161 161 - if found && deviceConfig.DeviceSecret != "" { 162 162 - result := validateCredentials(appViewURL, deviceConfig.Handle, deviceConfig.DeviceSecret) 163 163 - if !result.Valid { 164 164 - if result.OAuthSessionExpired { 165 165 - // OAuth session expired - need to re-authenticate via browser 166 166 - // Device secret is still valid, just need to restore OAuth session 167 167 - fmt.Fprintf(os.Stderr, "OAuth session expired. Opening browser to re-authenticate...\n") 168 168 - 169 169 - loginURL := result.LoginURL 170 170 - if loginURL == "" { 171 171 - loginURL = appViewURL + "/auth/oauth/login" 172 172 - } 173 173 - 174 174 - // Try to open browser 175 175 - if err := openBrowser(loginURL); err != nil { 176 176 - fmt.Fprintf(os.Stderr, "Could not open browser automatically.\n") 177 177 - fmt.Fprintf(os.Stderr, "Please visit: %s\n", loginURL) 178 178 - } else { 179 179 - fmt.Fprintf(os.Stderr, "Please complete authentication in your browser.\n") 180 180 - } 181 181 - 182 182 - // Wait for user to complete OAuth flow, then retry 183 183 - fmt.Fprintf(os.Stderr, "Waiting for authentication") 184 184 - for range 60 { // Wait up to 2 minutes 185 185 - time.Sleep(2 * time.Second) 186 186 - fmt.Fprintf(os.Stderr, ".") 187 187 - 188 188 - // Retry validation 189 189 - retryResult := validateCredentials(appViewURL, deviceConfig.Handle, deviceConfig.DeviceSecret) 190 190 - if retryResult.Valid { 191 191 - fmt.Fprintf(os.Stderr, "\n✓ Re-authenticated successfully!\n") 192 192 - goto credentialsValid 193 193 - } 194 194 - } 195 195 - fmt.Fprintf(os.Stderr, "\nAuthentication timed out. Please try again.\n") 196 196 - os.Exit(1) 197 197 - } 198 198 - 199 199 - // Generic auth failure - delete credentials and re-authorize 200 200 - fmt.Fprintf(os.Stderr, "Stored credentials for %s are invalid or expired\n", appViewURL) 201 201 - // Delete the invalid credentials 202 202 - delete(allCreds.Credentials, appViewURL) 203 203 - if err := saveDeviceCredentials(configPath, allCreds); err != nil { 204 204 - fmt.Fprintf(os.Stderr, "Warning: failed to save updated credentials: %v\n", err) 205 205 - } 206 206 - // Mark as not found so we re-authorize below 207 207 - found = false 208 208 - } 209 209 - } 210 210 - credentialsValid: 211 211 - 212 212 - if !found || deviceConfig.DeviceSecret == "" { 213 213 - // No credentials for this AppView 214 214 - // Check if we should attempt interactive authorization 215 215 - // We only do this if: 216 216 - // 1. ATCR_AUTO_AUTH environment variable is set to "1", OR 217 217 - // 2. We're in an interactive terminal (stderr is a terminal) 218 218 - shouldAutoAuth := os.Getenv("ATCR_AUTO_AUTH") == "1" || isTerminal(os.Stderr) 219 219 - 220 220 - if !shouldAutoAuth { 221 221 - fmt.Fprintf(os.Stderr, "No valid credentials found for %s\n", appViewURL) 222 222 - fmt.Fprintf(os.Stderr, "\nTo authenticate, run:\n") 223 223 - fmt.Fprintf(os.Stderr, " export ATCR_AUTO_AUTH=1\n") 224 224 - fmt.Fprintf(os.Stderr, " docker push %s/<user>/<image>:<tag>\n", serverURL) 225 225 - fmt.Fprintf(os.Stderr, "\nThis will trigger device authorization in your browser.\n") 226 226 - os.Exit(1) 227 227 - } 228 228 - 229 229 - // Auto-auth enabled - trigger device authorization 230 230 - fmt.Fprintf(os.Stderr, "Starting device authorization for %s...\n", appViewURL) 231 231 - 232 232 - newConfig, err := authorizeDevice(serverURL) 233 233 - if err != nil { 234 234 - fmt.Fprintf(os.Stderr, "Device authorization failed: %v\n", err) 235 235 - fmt.Fprintf(os.Stderr, "\nFallback: Use 'docker login %s' with your ATProto app-password\n", serverURL) 236 236 - os.Exit(1) 237 237 - } 238 238 - 239 239 - // Save device configuration 240 240 - if err := saveDeviceConfig(configPath, newConfig); err != nil { 241 241 - fmt.Fprintf(os.Stderr, "Failed to save device config: %v\n", err) 242 242 - os.Exit(1) 243 243 - } 244 244 - 245 245 - fmt.Fprintf(os.Stderr, "✓ Device authorized successfully for %s!\n", appViewURL) 246 246 - deviceConfig = newConfig 247 247 - } 248 248 - 249 249 - // Check for updates (non-blocking due to 24h cache) 250 250 - checkAndNotifyUpdate(appViewURL) 251 251 - 252 252 - // Return credentials for Docker 253 253 - creds := Credentials{ 254 254 - ServerURL: serverURL, 255 255 - Username: deviceConfig.Handle, 256 256 - Secret: deviceConfig.DeviceSecret, 257 257 - } 258 258 - 259 259 - if err := json.NewEncoder(os.Stdout).Encode(creds); err != nil { 260 260 - fmt.Fprintf(os.Stderr, "Error encoding response: %v\n", err) 261 261 - os.Exit(1) 262 262 - } 263 263 - } 264 264 - 265 265 - // handleStore stores credentials (Docker calls this after login) 266 266 - func handleStore() { 267 267 - var creds Credentials 268 268 - if err := json.NewDecoder(os.Stdin).Decode(&creds); err != nil { 269 269 - fmt.Fprintf(os.Stderr, "Error decoding credentials: %v\n", err) 270 270 - os.Exit(1) 271 271 - } 272 272 - 273 273 - // This is a no-op for the device auth flow 274 274 - // Users should use the automatic device authorization, not docker login 275 275 - // If they use docker login with app-password, that goes through /auth/token directly 276 276 - } 277 277 - 278 278 - // handleErase removes stored credentials for a specific AppView 279 279 - func handleErase() { 280 280 - // Docker sends the server URL as a plain string on stdin (not JSON) 281 281 - var serverURL string 282 282 - if _, err := fmt.Fscanln(os.Stdin, &serverURL); err != nil { 283 283 - fmt.Fprintf(os.Stderr, "Error reading server URL: %v\n", err) 284 284 - os.Exit(1) 285 285 - } 286 286 - 287 287 - // Build AppView URL to use as lookup key 288 288 - appViewURL := buildAppViewURL(serverURL) 289 289 - 290 290 - // Load all device credentials 291 291 - configPath := getConfigPath() 292 292 - allCreds, err := loadDeviceCredentials(configPath) 293 293 - if err != nil { 294 294 - // No credentials file exists, nothing to erase 295 295 - return 296 296 - } 297 297 - 298 298 - // Remove the specific AppView URL's credentials 299 299 - delete(allCreds.Credentials, appViewURL) 300 300 - 301 301 - // If no credentials remain, remove the file entirely 302 302 - if len(allCreds.Credentials) == 0 { 303 303 - if err := os.Remove(configPath); err != nil && !os.IsNotExist(err) { 304 304 - fmt.Fprintf(os.Stderr, "Error removing device config: %v\n", err) 305 305 - os.Exit(1) 306 306 - } 307 307 - return 308 308 - } 309 309 - 310 310 - // Otherwise, save the updated credentials 311 311 - if err := saveDeviceCredentials(configPath, allCreds); err != nil { 312 312 - fmt.Fprintf(os.Stderr, "Error saving device config: %v\n", err) 313 313 - os.Exit(1) 314 314 - } 315 315 - } 316 316 - 317 317 - // authorizeDevice performs the device authorization flow 318 318 - func authorizeDevice(serverURL string) (*DeviceConfig, error) { 319 319 - appViewURL := buildAppViewURL(serverURL) 320 320 - 321 321 - // Get device name (hostname) 322 322 - deviceName, err := os.Hostname() 323 323 - if err != nil { 324 324 - deviceName = "Unknown Device" 325 325 - } 326 326 - 327 327 - // 1. Request device code 328 328 - fmt.Fprintf(os.Stderr, "Requesting device authorization...\n") 329 329 - 330 330 - reqBody, _ := json.Marshal(DeviceCodeRequest{DeviceName: deviceName}) 331 331 - resp, err := http.Post(appViewURL+"/auth/device/code", "application/json", bytes.NewReader(reqBody)) 332 332 - if err != nil { 333 333 - return nil, fmt.Errorf("failed to request device code: %w", err) 334 334 - } 335 335 - defer resp.Body.Close() 336 336 - 337 337 - if resp.StatusCode != http.StatusOK { 338 338 - body, _ := io.ReadAll(resp.Body) 339 339 - return nil, fmt.Errorf("device code request failed: %s", string(body)) 340 340 - } 341 341 - 342 342 - var codeResp DeviceCodeResponse 343 343 - if err := json.NewDecoder(resp.Body).Decode(&codeResp); err != nil { 344 344 - return nil, fmt.Errorf("failed to decode device code response: %w", err) 345 345 - } 346 346 - 347 347 - // 2. Display authorization URL and user code 348 348 - verificationURL := codeResp.VerificationURI + "?user_code=" + codeResp.UserCode 349 349 - 350 350 - fmt.Fprintf(os.Stderr, "\n╔════════════════════════════════════════════════════════════════╗\n") 351 351 - fmt.Fprintf(os.Stderr, "║ Device Authorization Required ║\n") 352 352 - fmt.Fprintf(os.Stderr, "╚════════════════════════════════════════════════════════════════╝\n\n") 353 353 - fmt.Fprintf(os.Stderr, "Visit this URL in your browser:\n") 354 354 - fmt.Fprintf(os.Stderr, " %s\n\n", verificationURL) 355 355 - fmt.Fprintf(os.Stderr, "Your code: %s\n\n", codeResp.UserCode) 356 356 - 357 357 - // Try to open browser (may fail on headless systems) 358 358 - if err := openBrowser(verificationURL); err == nil { 359 359 - fmt.Fprintf(os.Stderr, "Opening browser...\n\n") 360 360 - } else { 361 361 - fmt.Fprintf(os.Stderr, "Could not open browser automatically (%v)\n", err) 362 362 - fmt.Fprintf(os.Stderr, "Please open the URL above manually.\n\n") 363 363 - } 364 364 - 365 365 - fmt.Fprintf(os.Stderr, "Waiting for authorization") 366 366 - 367 367 - // 3. Poll for authorization completion 368 368 - pollInterval := time.Duration(codeResp.Interval) * time.Second 369 369 - timeout := time.Duration(codeResp.ExpiresIn) * time.Second 370 370 - deadline := time.Now().Add(timeout) 371 371 - 372 372 - dots := 0 373 373 - for time.Now().Before(deadline) { 374 374 - time.Sleep(pollInterval) 375 375 - 376 376 - // Show progress dots 377 377 - dots = (dots + 1) % 4 378 378 - fmt.Fprintf(os.Stderr, "\rWaiting for authorization%s ", strings.Repeat(".", dots)) 379 379 - 380 380 - // Poll token endpoint 381 381 - tokenReqBody, _ := json.Marshal(DeviceTokenRequest{DeviceCode: codeResp.DeviceCode}) 382 382 - tokenResp, err := http.Post(appViewURL+"/auth/device/token", "application/json", bytes.NewReader(tokenReqBody)) 383 383 - if err != nil { 384 384 - fmt.Fprintf(os.Stderr, "\nPoll failed: %v\n", err) 385 385 - continue 386 386 - } 387 387 - 388 388 - var tokenResult DeviceTokenResponse 389 389 - if err := json.NewDecoder(tokenResp.Body).Decode(&tokenResult); err != nil { 390 390 - fmt.Fprintf(os.Stderr, "\nFailed to decode response: %v\n", err) 391 391 - tokenResp.Body.Close() 392 392 - continue 393 393 - } 394 394 - tokenResp.Body.Close() 395 395 - 396 396 - if tokenResult.Error == "authorization_pending" { 397 397 - // Still waiting 398 398 - continue 399 399 - } 400 400 - 401 401 - if tokenResult.Error != "" { 402 402 - fmt.Fprintf(os.Stderr, "\n") 403 403 - return nil, fmt.Errorf("authorization failed: %s", tokenResult.Error) 404 404 - } 405 405 - 406 406 - // Success! 407 407 - fmt.Fprintf(os.Stderr, "\n") 408 408 - return &DeviceConfig{ 409 409 - Handle: tokenResult.Handle, 410 410 - DeviceSecret: tokenResult.DeviceSecret, 411 411 - AppViewURL: appViewURL, 412 412 - }, nil 413 413 - } 414 414 - 415 415 - fmt.Fprintf(os.Stderr, "\n") 416 416 - return nil, fmt.Errorf("authorization timeout") 417 417 - } 418 418 - 419 419 - // getConfigPath returns the path to the device configuration file 420 420 - func getConfigPath() string { 421 421 - homeDir, err := os.UserHomeDir() 422 422 - if err != nil { 423 423 - fmt.Fprintf(os.Stderr, "Error getting home directory: %v\n", err) 424 424 - os.Exit(1) 425 425 - } 426 426 - 427 427 - atcrDir := filepath.Join(homeDir, ".atcr") 428 428 - if err := os.MkdirAll(atcrDir, 0700); err != nil { 429 429 - fmt.Fprintf(os.Stderr, "Error creating .atcr directory: %v\n", err) 430 430 - os.Exit(1) 431 431 - } 432 432 - 433 433 - return filepath.Join(atcrDir, "device.json") 434 434 - } 435 435 - 436 436 - // loadDeviceCredentials loads all device credentials from disk 437 437 - func loadDeviceCredentials(path string) (*DeviceCredentials, error) { 438 438 - data, err := os.ReadFile(path) 439 439 - if err != nil { 440 440 - return nil, err 441 441 - } 442 442 - 443 443 - // Try to unmarshal as new format (map of credentials) 444 444 - var creds DeviceCredentials 445 445 - if err := json.Unmarshal(data, &creds); err == nil && creds.Credentials != nil { 446 446 - return &creds, nil 447 447 - } 448 448 - 449 449 - // Backward compatibility: Try to unmarshal as old format (single config) 450 450 - var oldConfig DeviceConfig 451 451 - if err := json.Unmarshal(data, &oldConfig); err == nil && oldConfig.DeviceSecret != "" { 452 452 - // Migrate old format to new format 453 453 - creds = DeviceCredentials{ 454 454 - Credentials: map[string]DeviceConfig{ 455 455 - oldConfig.AppViewURL: oldConfig, 456 456 - }, 457 457 - } 458 458 - return &creds, nil 459 459 - } 460 460 - 461 461 - return nil, fmt.Errorf("invalid device credentials format") 462 462 - } 463 463 - 464 464 - // getDeviceConfig retrieves a specific device config for an AppView URL 465 465 - func getDeviceConfig(creds *DeviceCredentials, appViewURL string) (*DeviceConfig, bool) { 466 466 - if creds == nil || creds.Credentials == nil { 467 467 - return nil, false 468 468 - } 469 469 - config, found := creds.Credentials[appViewURL] 470 470 - return &config, found 471 471 - } 472 472 - 473 473 - // saveDeviceCredentials saves all device credentials to disk 474 474 - func saveDeviceCredentials(path string, creds *DeviceCredentials) error { 475 475 - data, err := json.MarshalIndent(creds, "", " ") 476 476 - if err != nil { 477 477 - return err 478 478 - } 479 479 - 480 480 - return os.WriteFile(path, data, 0600) 481 481 - } 482 482 - 483 483 - // saveDeviceConfig saves a single device config by adding/updating it in the credentials map 484 484 - func saveDeviceConfig(path string, config *DeviceConfig) error { 485 485 - // Load existing credentials (or create new) 486 486 - creds, err := loadDeviceCredentials(path) 487 487 - if err != nil { 488 488 - // Create new credentials structure 489 489 - creds = &DeviceCredentials{ 490 490 - Credentials: make(map[string]DeviceConfig), 491 491 - } 492 492 - } 493 493 - 494 494 - // Add or update the config for this AppView URL 495 495 - creds.Credentials[config.AppViewURL] = *config 496 496 - 497 497 - // Save back to disk 498 498 - return saveDeviceCredentials(path, creds) 499 499 - } 500 500 - 501 501 - // openBrowser opens the specified URL in the default browser 502 502 - func openBrowser(url string) error { 503 503 - var cmd *exec.Cmd 504 504 - 505 505 - switch runtime.GOOS { 506 506 - case "linux": 507 507 - cmd = exec.Command("xdg-open", url) 508 508 - case "darwin": 509 509 - cmd = exec.Command("open", url) 510 510 - case "windows": 511 511 - cmd = exec.Command("rundll32", "url.dll,FileProtocolHandler", url) 512 512 - default: 513 513 - return fmt.Errorf("unsupported platform") 514 514 - } 515 515 - 516 516 - return cmd.Start() 517 517 - } 518 518 - 519 519 - // buildAppViewURL constructs the AppView URL with the appropriate protocol 520 520 - func buildAppViewURL(serverURL string) string { 521 521 - // If serverURL already has a scheme, use it as-is 522 522 - if strings.HasPrefix(serverURL, "http://") || strings.HasPrefix(serverURL, "https://") { 523 523 - return serverURL 524 524 - } 525 525 - 526 526 - // Determine protocol based on Docker configuration and heuristics 527 527 - if isInsecureRegistry(serverURL) { 528 528 - return "http://" + serverURL 529 529 - } 530 530 - 531 531 - // Default to HTTPS (mirrors Docker's default behavior) 532 532 - return "https://" + serverURL 533 533 - } 534 534 - 535 535 - // isInsecureRegistry checks if a registry should use HTTP instead of HTTPS 536 536 - func isInsecureRegistry(serverURL string) bool { 537 537 - // Check Docker's insecure-registries configuration 538 538 - insecureRegistries := getDockerInsecureRegistries() 539 539 - for _, reg := range insecureRegistries { 540 540 - // Match exact serverURL or just the host part 541 541 - if reg == serverURL || reg == stripPort(serverURL) { 542 542 - return true 543 543 - } 544 544 - } 545 545 - 546 546 - // Fallback heuristics: localhost and private IPs 547 547 - host := stripPort(serverURL) 548 548 - 549 549 - // Check for localhost variants 550 550 - if host == "localhost" || host == "127.0.0.1" || host == "::1" { 551 551 - return true 552 552 - } 553 553 - 554 554 - // Check if it's a private IP address 555 555 - if ip := net.ParseIP(host); ip != nil { 556 556 - if ip.IsLoopback() || ip.IsPrivate() { 557 557 - return true 558 558 - } 559 559 - } 560 560 - 561 561 - return false 562 562 - } 563 563 - 564 564 - // getDockerInsecureRegistries reads Docker's insecure-registries configuration 565 565 - func getDockerInsecureRegistries() []string { 566 566 - var paths []string 567 567 - 568 568 - // Common Docker daemon.json locations 569 569 - switch runtime.GOOS { 570 570 - case "windows": 571 571 - programData := os.Getenv("ProgramData") 572 572 - if programData != "" { 573 573 - paths = append(paths, filepath.Join(programData, "docker", "config", "daemon.json")) 574 574 - } 575 575 - default: 576 576 - // Linux and macOS 577 577 - paths = append(paths, "/etc/docker/daemon.json") 578 578 - if homeDir, err := os.UserHomeDir(); err == nil { 579 579 - // Rootless Docker location 580 580 - paths = append(paths, filepath.Join(homeDir, ".docker", "daemon.json")) 581 581 - } 582 582 - } 583 583 - 584 584 - // Try each path 585 585 - for _, path := range paths { 586 586 - if config := readDockerDaemonConfig(path); config != nil && len(config.InsecureRegistries) > 0 { 587 587 - return config.InsecureRegistries 588 588 - } 589 589 - } 590 590 - 591 591 - return nil 592 592 - } 593 593 - 594 594 - // readDockerDaemonConfig reads and parses a Docker daemon.json file 595 595 - func readDockerDaemonConfig(path string) *DockerDaemonConfig { 596 596 - data, err := os.ReadFile(path) 597 597 - if err != nil { 598 598 - return nil 599 599 - } 600 600 - 601 601 - var config DockerDaemonConfig 602 602 - if err := json.Unmarshal(data, &config); err != nil { 603 603 - return nil 604 604 - } 605 605 - 606 606 - return &config 607 607 - } 608 608 - 609 609 - // stripPort removes the port from a host:port string 610 610 - func stripPort(hostPort string) string { 611 611 - if colonIdx := strings.LastIndex(hostPort, ":"); colonIdx != -1 { 612 612 - // Check if this is IPv6 (has multiple colons) 613 613 - if strings.Count(hostPort, ":") > 1 { 614 614 - // IPv6 address, don't strip 615 615 - return hostPort 616 616 - } 617 617 - return hostPort[:colonIdx] 618 618 - } 619 619 - return hostPort 620 620 - } 621 621 - 622 622 - // isTerminal checks if the file is a terminal 623 623 - func isTerminal(f *os.File) bool { 624 624 - // Use file stat to check if it's a character device (terminal) 625 625 - stat, err := f.Stat() 626 626 - if err != nil { 627 627 - return false 628 628 - } 629 629 - // On Unix, terminals are character devices with mode & ModeCharDevice set 630 630 - return (stat.Mode() & os.ModeCharDevice) != 0 631 631 - } 632 632 - 633 633 - // validateCredentials checks if the credentials are still valid by making a test request 634 634 - func validateCredentials(appViewURL, handle, deviceSecret string) ValidationResult { 635 635 - // Call /auth/token to validate device secret and get JWT 636 636 - // This is the proper way to validate credentials - /v2/ requires JWT, not Basic Auth 637 637 - client := &http.Client{ 638 638 - Timeout: 5 * time.Second, 639 639 - } 640 640 - 641 641 - // Build /auth/token URL with minimal scope (just access to /v2/) 642 642 - tokenURL := appViewURL + "/auth/token?service=" + appViewURL 643 643 - 644 644 - req, err := http.NewRequest("GET", tokenURL, nil) 645 645 - if err != nil { 646 646 - return ValidationResult{Valid: false} 647 647 - } 648 648 - 649 649 - // Set basic auth with device credentials 650 650 - req.SetBasicAuth(handle, deviceSecret) 651 651 - 652 652 - resp, err := client.Do(req) 653 653 - if err != nil { 654 654 - // Network error - assume credentials are valid but server unreachable 655 655 - // Don't trigger re-auth on network issues 656 656 - return ValidationResult{Valid: true} 657 657 - } 658 658 - defer resp.Body.Close() 659 659 - 660 660 - // 200 = valid credentials 661 661 - if resp.StatusCode == http.StatusOK { 662 662 - return ValidationResult{Valid: true} 663 663 - } 664 664 - 665 665 - // 401 = check if it's OAuth session expired 666 666 - if resp.StatusCode == http.StatusUnauthorized { 667 667 - // Try to parse JSON error response 668 668 - body, err := io.ReadAll(resp.Body) 669 669 - if err == nil { 670 670 - var authErr AuthErrorResponse 671 671 - if json.Unmarshal(body, &authErr) == nil && authErr.Error == "oauth_session_expired" { 672 672 - return ValidationResult{ 673 673 - Valid: false, 674 674 - OAuthSessionExpired: true, 675 675 - LoginURL: authErr.LoginURL, 676 676 - } 677 677 - } 678 678 - } 679 679 - // Generic auth failure 680 680 - return ValidationResult{Valid: false} 681 681 - } 682 682 - 683 683 - // Any other error = assume valid (don't re-auth on server issues) 684 684 - return ValidationResult{Valid: true} 685 685 - } 20 20 + // timeNow is a variable so tests can override it. 21 21 + var timeNow = time.Now 686 22 687 687 - // handleUpdate handles the update command 688 688 - func handleUpdate(checkOnly bool) { 689 689 - // Default API URL 690 690 - apiURL := "https://atcr.io/api/credential-helper/version" 23 23 + func main() { 24 24 + rootCmd := &cobra.Command{ 25 25 + Use: "docker-credential-atcr", 26 26 + Short: "ATCR container registry credential helper", 27 27 + Long: `docker-credential-atcr manages authentication for ATCR-compatible container registries. 691 28 692 692 - // Try to get AppView URL from stored credentials 693 693 - configPath := getConfigPath() 694 694 - allCreds, err := loadDeviceCredentials(configPath) 695 695 - if err == nil && len(allCreds.Credentials) > 0 { 696 696 - // Use the first stored AppView URL 697 697 - for _, cred := range allCreds.Credentials { 698 698 - if cred.AppViewURL != "" { 699 699 - apiURL = cred.AppViewURL + "/api/credential-helper/version" 700 700 - break 701 701 - } 702 702 - } 29 29 + It implements the Docker credential helper protocol and provides commands 30 30 + for managing multiple accounts across multiple registries.`, 31 31 + Version: fmt.Sprintf("%s (commit: %s, built: %s)", version, commit, date), 32 32 + SilenceUsage: true, 33 33 + SilenceErrors: true, 703 34 } 704 35 705 705 - versionInfo, err := fetchVersionInfo(apiURL) 706 706 - if err != nil { 707 707 - fmt.Fprintf(os.Stderr, "Failed to check for updates: %v\n", err) 708 708 - os.Exit(1) 709 709 - } 36 36 + // Docker protocol commands (hidden — called by Docker, not users) 37 37 + rootCmd.AddCommand(newGetCmd()) 38 38 + rootCmd.AddCommand(newStoreCmd()) 39 39 + rootCmd.AddCommand(newEraseCmd()) 40 40 + rootCmd.AddCommand(newListCmd()) 710 41 711 711 - // Compare versions 712 712 - if !isNewerVersion(versionInfo.Latest, version) { 713 713 - fmt.Printf("You're already running the latest version (%s)\n", version) 714 714 - return 715 715 - } 42 42 + // User-facing commands 43 43 + rootCmd.AddCommand(newLoginCmd()) 44 44 + rootCmd.AddCommand(newLogoutCmd()) 45 45 + rootCmd.AddCommand(newStatusCmd()) 46 46 + rootCmd.AddCommand(newSwitchCmd()) 47 47 + rootCmd.AddCommand(newConfigureDockerCmd()) 48 48 + rootCmd.AddCommand(newUpdateCmd()) 716 49 717 717 - fmt.Printf("New version available: %s (current: %s)\n", versionInfo.Latest, version) 718 718 - 719 719 - if checkOnly { 720 720 - return 721 721 - } 722 722 - 723 723 - // Perform the update 724 724 - if err := performUpdate(versionInfo); err != nil { 725 725 - fmt.Fprintf(os.Stderr, "Update failed: %v\n", err) 50 50 + if err := rootCmd.Execute(); err != nil { 51 51 + fmt.Fprintf(os.Stderr, "Error: %v\n", err) 726 52 os.Exit(1) 727 727 - } 728 728 - 729 729 - fmt.Println("Update completed successfully!") 730 730 - } 731 731 - 732 732 - // fetchVersionInfo fetches version info from the AppView API 733 733 - func fetchVersionInfo(apiURL string) (*VersionAPIResponse, error) { 734 734 - client := &http.Client{ 735 735 - Timeout: 10 * time.Second, 736 736 - } 737 737 - 738 738 - resp, err := client.Get(apiURL) 739 739 - if err != nil { 740 740 - return nil, fmt.Errorf("failed to fetch version info: %w", err) 741 741 - } 742 742 - defer resp.Body.Close() 743 743 - 744 744 - if resp.StatusCode != http.StatusOK { 745 745 - return nil, fmt.Errorf("version API returned status %d", resp.StatusCode) 746 746 - } 747 747 - 748 748 - var versionInfo VersionAPIResponse 749 749 - if err := json.NewDecoder(resp.Body).Decode(&versionInfo); err != nil { 750 750 - return nil, fmt.Errorf("failed to parse version info: %w", err) 751 751 - } 752 752 - 753 753 - return &versionInfo, nil 754 754 - } 755 755 - 756 756 - // isNewerVersion compares two version strings (simple semver comparison) 757 757 - // Returns true if newVersion is newer than currentVersion 758 758 - func isNewerVersion(newVersion, currentVersion string) bool { 759 759 - // Handle "dev" version 760 760 - if currentVersion == "dev" { 761 761 - return true 762 762 - } 763 763 - 764 764 - // Normalize versions (strip 'v' prefix) 765 765 - newV := strings.TrimPrefix(newVersion, "v") 766 766 - curV := strings.TrimPrefix(currentVersion, "v") 767 767 - 768 768 - // Split into parts 769 769 - newParts := strings.Split(newV, ".") 770 770 - curParts := strings.Split(curV, ".") 771 771 - 772 772 - // Compare each part 773 773 - for i := range min(len(newParts), len(curParts)) { 774 774 - newNum := 0 775 775 - if parsed, err := strconv.Atoi(newParts[i]); err == nil { 776 776 - newNum = parsed 777 777 - } 778 778 - curNum := 0 779 779 - if parsed, err := strconv.Atoi(curParts[i]); err == nil { 780 780 - curNum = parsed 781 781 - } 782 782 - 783 783 - if newNum > curNum { 784 784 - return true 785 785 - } 786 786 - if newNum < curNum { 787 787 - return false 788 788 - } 789 789 - } 790 790 - 791 791 - // If new version has more parts (e.g., 1.0.1 vs 1.0), it's newer 792 792 - return len(newParts) > len(curParts) 793 793 - } 794 794 - 795 795 - // getPlatformKey returns the platform key for the current OS/arch 796 796 - func getPlatformKey() string { 797 797 - os := runtime.GOOS 798 798 - arch := runtime.GOARCH 799 799 - 800 800 - // Normalize arch names 801 801 - switch arch { 802 802 - case "amd64": 803 803 - arch = "amd64" 804 804 - case "arm64": 805 805 - arch = "arm64" 806 806 - } 807 807 - 808 808 - return fmt.Sprintf("%s_%s", os, arch) 809 809 - } 810 810 - 811 811 - // performUpdate downloads and installs the new version 812 812 - func performUpdate(versionInfo *VersionAPIResponse) error { 813 813 - platformKey := getPlatformKey() 814 814 - 815 815 - downloadURL, ok := versionInfo.DownloadURLs[platformKey] 816 816 - if !ok { 817 817 - return fmt.Errorf("no download available for platform %s", platformKey) 818 818 - } 819 819 - 820 820 - expectedChecksum := versionInfo.Checksums[platformKey] 821 821 - 822 822 - fmt.Printf("Downloading update from %s...\n", downloadURL) 823 823 - 824 824 - // Create temp directory 825 825 - tmpDir, err := os.MkdirTemp("", "atcr-update-") 826 826 - if err != nil { 827 827 - return fmt.Errorf("failed to create temp directory: %w", err) 828 828 - } 829 829 - defer os.RemoveAll(tmpDir) 830 830 - 831 831 - // Download the archive 832 832 - archivePath := filepath.Join(tmpDir, "archive.tar.gz") 833 833 - if strings.HasSuffix(downloadURL, ".zip") { 834 834 - archivePath = filepath.Join(tmpDir, "archive.zip") 835 835 - } 836 836 - 837 837 - if err := downloadFile(downloadURL, archivePath); err != nil { 838 838 - return fmt.Errorf("failed to download: %w", err) 839 839 - } 840 840 - 841 841 - // Verify checksum if provided 842 842 - if expectedChecksum != "" { 843 843 - if err := verifyChecksum(archivePath, expectedChecksum); err != nil { 844 844 - return fmt.Errorf("checksum verification failed: %w", err) 845 845 - } 846 846 - fmt.Println("Checksum verified.") 847 847 - } 848 848 - 849 849 - // Extract the binary 850 850 - binaryPath := filepath.Join(tmpDir, "docker-credential-atcr") 851 851 - if runtime.GOOS == "windows" { 852 852 - binaryPath += ".exe" 853 853 - } 854 854 - 855 855 - if strings.HasSuffix(archivePath, ".zip") { 856 856 - if err := extractZip(archivePath, tmpDir); err != nil { 857 857 - return fmt.Errorf("failed to extract archive: %w", err) 858 858 - } 859 859 - } else { 860 860 - if err := extractTarGz(archivePath, tmpDir); err != nil { 861 861 - return fmt.Errorf("failed to extract archive: %w", err) 862 862 - } 863 863 - } 864 864 - 865 865 - // Get the current executable path 866 866 - currentPath, err := os.Executable() 867 867 - if err != nil { 868 868 - return fmt.Errorf("failed to get current executable path: %w", err) 869 869 - } 870 870 - currentPath, err = filepath.EvalSymlinks(currentPath) 871 871 - if err != nil { 872 872 - return fmt.Errorf("failed to resolve symlinks: %w", err) 873 873 - } 874 874 - 875 875 - // Verify the new binary works 876 876 - fmt.Println("Verifying new binary...") 877 877 - verifyCmd := exec.Command(binaryPath, "version") 878 878 - if output, err := verifyCmd.Output(); err != nil { 879 879 - return fmt.Errorf("new binary verification failed: %w", err) 880 880 - } else { 881 881 - fmt.Printf("New binary version: %s", string(output)) 882 882 - } 883 883 - 884 884 - // Backup current binary 885 885 - backupPath := currentPath + ".bak" 886 886 - if err := os.Rename(currentPath, backupPath); err != nil { 887 887 - return fmt.Errorf("failed to backup current binary: %w", err) 888 888 - } 889 889 - 890 890 - // Install new binary 891 891 - if err := copyFile(binaryPath, currentPath); err != nil { 892 892 - // Try to restore backup 893 893 - if renameErr := os.Rename(backupPath, currentPath); renameErr != nil { 894 894 - fmt.Fprintf(os.Stderr, "Warning: failed to restore backup: %v\n", renameErr) 895 895 - } 896 896 - return fmt.Errorf("failed to install new binary: %w", err) 897 897 - } 898 898 - 899 899 - // Set executable permissions 900 900 - if err := os.Chmod(currentPath, 0755); err != nil { 901 901 - // Try to restore backup 902 902 - os.Remove(currentPath) 903 903 - if renameErr := os.Rename(backupPath, currentPath); renameErr != nil { 904 904 - fmt.Fprintf(os.Stderr, "Warning: failed to restore backup: %v\n", renameErr) 905 905 - } 906 906 - return fmt.Errorf("failed to set permissions: %w", err) 907 907 - } 908 908 - 909 909 - // Remove backup on success 910 910 - os.Remove(backupPath) 911 911 - 912 912 - return nil 913 913 - } 914 914 - 915 915 - // downloadFile downloads a file from a URL to a local path 916 916 - func downloadFile(url, destPath string) error { 917 917 - resp, err := http.Get(url) 918 918 - if err != nil { 919 919 - return err 920 920 - } 921 921 - defer resp.Body.Close() 922 922 - 923 923 - if resp.StatusCode != http.StatusOK { 924 924 - return fmt.Errorf("download returned status %d", resp.StatusCode) 925 925 - } 926 926 - 927 927 - out, err := os.Create(destPath) 928 928 - if err != nil { 929 929 - return err 930 930 - } 931 931 - defer out.Close() 932 932 - 933 933 - _, err = io.Copy(out, resp.Body) 934 934 - return err 935 935 - } 936 936 - 937 937 - // verifyChecksum verifies the SHA256 checksum of a file 938 938 - func verifyChecksum(filePath, expected string) error { 939 939 - // Import crypto/sha256 would be needed for real implementation 940 940 - // For now, skip if expected is empty 941 941 - if expected == "" { 942 942 - return nil 943 943 - } 944 944 - 945 945 - // Read file and compute SHA256 946 946 - data, err := os.ReadFile(filePath) 947 947 - if err != nil { 948 948 - return err 949 949 - } 950 950 - 951 951 - // Note: This is a simplified version. In production, use crypto/sha256 952 952 - _ = data // Would compute: sha256.Sum256(data) 953 953 - 954 954 - // For now, just trust the download (checksums are optional until configured) 955 955 - return nil 956 956 - } 957 957 - 958 958 - // extractTarGz extracts a .tar.gz archive 959 959 - func extractTarGz(archivePath, destDir string) error { 960 960 - cmd := exec.Command("tar", "-xzf", archivePath, "-C", destDir) 961 961 - if output, err := cmd.CombinedOutput(); err != nil { 962 962 - return fmt.Errorf("tar failed: %s: %w", string(output), err) 963 963 - } 964 964 - return nil 965 965 - } 966 966 - 967 967 - // extractZip extracts a .zip archive 968 968 - func extractZip(archivePath, destDir string) error { 969 969 - cmd := exec.Command("unzip", "-o", archivePath, "-d", destDir) 970 970 - if output, err := cmd.CombinedOutput(); err != nil { 971 971 - return fmt.Errorf("unzip failed: %s: %w", string(output), err) 972 972 - } 973 973 - return nil 974 974 - } 975 975 - 976 976 - // copyFile copies a file from src to dst 977 977 - func copyFile(src, dst string) error { 978 978 - input, err := os.ReadFile(src) 979 979 - if err != nil { 980 980 - return err 981 981 - } 982 982 - return os.WriteFile(dst, input, 0755) 983 983 - } 984 984 - 985 985 - // checkAndNotifyUpdate checks for updates in the background and notifies the user 986 986 - func checkAndNotifyUpdate(appViewURL string) { 987 987 - // Check if we've already checked recently 988 988 - cache := loadUpdateCheckCache() 989 989 - if cache != nil && time.Since(cache.CheckedAt) < updateCheckCacheTTL && cache.Current == version { 990 990 - // Cache is fresh and for current version 991 991 - if isNewerVersion(cache.Latest, version) { 992 992 - fmt.Fprintf(os.Stderr, "\nNote: A new version of docker-credential-atcr is available (%s).\n", cache.Latest) 993 993 - fmt.Fprintf(os.Stderr, "Run 'docker-credential-atcr update' to upgrade.\n\n") 994 994 - } 995 995 - return 996 996 - } 997 997 - 998 998 - // Fetch version info 999 999 - apiURL := appViewURL + "/api/credential-helper/version" 1000 1000 - versionInfo, err := fetchVersionInfo(apiURL) 1001 1001 - if err != nil { 1002 1002 - // Silently fail - don't interrupt credential retrieval 1003 1003 - return 1004 1004 - } 1005 1005 - 1006 1006 - // Save to cache 1007 1007 - saveUpdateCheckCache(&UpdateCheckCache{ 1008 1008 - CheckedAt: time.Now(), 1009 1009 - Latest: versionInfo.Latest, 1010 1010 - Current: version, 1011 1011 - }) 1012 1012 - 1013 1013 - // Notify if newer version available 1014 1014 - if isNewerVersion(versionInfo.Latest, version) { 1015 1015 - fmt.Fprintf(os.Stderr, "\nNote: A new version of docker-credential-atcr is available (%s).\n", versionInfo.Latest) 1016 1016 - fmt.Fprintf(os.Stderr, "Run 'docker-credential-atcr update' to upgrade.\n\n") 1017 1017 - } 1018 1018 - } 1019 1019 - 1020 1020 - // getUpdateCheckCachePath returns the path to the update check cache file 1021 1021 - func getUpdateCheckCachePath() string { 1022 1022 - homeDir, err := os.UserHomeDir() 1023 1023 - if err != nil { 1024 1024 - return "" 1025 1025 - } 1026 1026 - return filepath.Join(homeDir, ".atcr", "update-check.json") 1027 1027 - } 1028 1028 - 1029 1029 - // loadUpdateCheckCache loads the update check cache from disk 1030 1030 - func loadUpdateCheckCache() *UpdateCheckCache { 1031 1031 - path := getUpdateCheckCachePath() 1032 1032 - if path == "" { 1033 1033 - return nil 1034 1034 - } 1035 1035 - 1036 1036 - data, err := os.ReadFile(path) 1037 1037 - if err != nil { 1038 1038 - return nil 1039 1039 - } 1040 1040 - 1041 1041 - var cache UpdateCheckCache 1042 1042 - if err := json.Unmarshal(data, &cache); err != nil { 1043 1043 - return nil 1044 1044 - } 1045 1045 - 1046 1046 - return &cache 1047 1047 - } 1048 1048 - 1049 1049 - // saveUpdateCheckCache saves the update check cache to disk 1050 1050 - func saveUpdateCheckCache(cache *UpdateCheckCache) { 1051 1051 - path := getUpdateCheckCachePath() 1052 1052 - if path == "" { 1053 1053 - return 1054 1054 - } 1055 1055 - 1056 1056 - data, err := json.MarshalIndent(cache, "", " ") 1057 1057 - if err != nil { 1058 1058 - return 1059 1059 - } 1060 1060 - 1061 1061 - // Ensure directory exists 1062 1062 - dir := filepath.Dir(path) 1063 1063 - if err := os.MkdirAll(dir, 0700); err != nil { 1064 1064 - return 1065 1065 - } 1066 1066 - 1067 1067 - if err := os.WriteFile(path, data, 0600); err != nil { 1068 1068 - return // Cache write failed, non-critical 1069 53 } 1070 54 }

+107

cmd/credential-helper/process_darwin.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "bytes" 5 5 + "encoding/binary" 6 6 + "fmt" 7 7 + "unsafe" 8 8 + 9 9 + "golang.org/x/sys/unix" 10 10 + ) 11 11 + 12 12 + // getProcessArgs uses kern.procargs2 sysctl to get process arguments. 13 13 + // This is the same mechanism ps(1) uses on macOS — no exec.Command needed. 14 14 + // 15 15 + // The kern.procargs2 buffer layout: 16 16 + // 17 17 + // [4 bytes: argc as int32] 18 18 + // [executable path\0] 19 19 + // [padding \0 bytes] 20 20 + // [argv[0]\0][argv[1]\0]...[argv[argc-1]\0] 21 21 + // [env vars...] 22 22 + func getProcessArgs(pid int) ([]string, error) { 23 23 + // kern.procargs2 MIB: CTL_KERN=1, KERN_PROCARGS2=49 24 24 + mib := []int32{1, 49, int32(pid)} //nolint:mnd 25 25 + 26 26 + // First call to get buffer size 27 27 + n := uintptr(0) 28 28 + if err := sysctl(mib, nil, &n, nil, 0); err != nil { 29 29 + return nil, fmt.Errorf("sysctl size query for pid %d: %w", pid, err) 30 30 + } 31 31 + 32 32 + buf := make([]byte, n) 33 33 + if err := sysctl(mib, &buf[0], &n, nil, 0); err != nil { 34 34 + return nil, fmt.Errorf("sysctl read for pid %d: %w", pid, err) 35 35 + } 36 36 + buf = buf[:n] 37 37 + 38 38 + if len(buf) < 4 { 39 39 + return nil, fmt.Errorf("procargs2 buffer too short for pid %d", pid) 40 40 + } 41 41 + 42 42 + // First 4 bytes: argc 43 43 + argc := int(binary.LittleEndian.Uint32(buf[:4])) 44 44 + pos := 4 45 45 + 46 46 + // Skip executable path (null-terminated) 47 47 + end := bytes.IndexByte(buf[pos:], 0) 48 48 + if end == -1 { 49 49 + return nil, fmt.Errorf("no null terminator in exec path for pid %d", pid) 50 50 + } 51 51 + pos += end + 1 52 52 + 53 53 + // Skip padding null bytes 54 54 + for pos < len(buf) && buf[pos] == 0 { 55 55 + pos++ 56 56 + } 57 57 + 58 58 + // Read argc arguments 59 59 + args := make([]string, 0, argc) 60 60 + for i := 0; i < argc && pos < len(buf); i++ { 61 61 + end := bytes.IndexByte(buf[pos:], 0) 62 62 + if end == -1 { 63 63 + args = append(args, string(buf[pos:])) 64 64 + break 65 65 + } 66 66 + args = append(args, string(buf[pos:pos+end])) 67 67 + pos += end + 1 68 68 + } 69 69 + 70 70 + if len(args) == 0 { 71 71 + return nil, fmt.Errorf("no args found for pid %d", pid) 72 72 + } 73 73 + 74 74 + return args, nil 75 75 + } 76 76 + 77 77 + // getParentPID uses kern.proc.pid sysctl to find the parent PID. 78 78 + func getParentPID(pid int) (int, error) { 79 79 + // kern.proc.pid MIB: CTL_KERN=1, KERN_PROC=14, KERN_PROC_PID=1 80 80 + mib := []int32{1, 14, 1, int32(pid)} //nolint:mnd 81 81 + 82 82 + var kinfo unix.KinfoProc 83 83 + n := uintptr(unsafe.Sizeof(kinfo)) 84 84 + 85 85 + if err := sysctl(mib, (*byte)(unsafe.Pointer(&kinfo)), &n, nil, 0); err != nil { 86 86 + return 0, fmt.Errorf("sysctl kern.proc.pid for pid %d: %w", pid, err) 87 87 + } 88 88 + 89 89 + return int(kinfo.Eproc.Ppid), nil 90 90 + } 91 91 + 92 92 + // sysctl is a thin wrapper around unix.Sysctl raw syscall. 93 93 + func sysctl(mib []int32, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error { 94 94 + _, _, errno := unix.Syscall6( 95 95 + unix.SYS___SYSCTL, 96 96 + uintptr(unsafe.Pointer(&mib[0])), 97 97 + uintptr(len(mib)), 98 98 + uintptr(unsafe.Pointer(old)), 99 99 + uintptr(unsafe.Pointer(oldlen)), 100 100 + uintptr(unsafe.Pointer(new)), 101 101 + newlen, 102 102 + ) 103 103 + if errno != 0 { 104 104 + return errno 105 105 + } 106 106 + return nil 107 107 + }

+42

cmd/credential-helper/process_linux.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "fmt" 5 5 + "os" 6 6 + "strconv" 7 7 + "strings" 8 8 + ) 9 9 + 10 10 + // getProcessArgs reads /proc/<pid>/cmdline to get process arguments. 11 11 + func getProcessArgs(pid int) ([]string, error) { 12 12 + data, err := os.ReadFile(fmt.Sprintf("/proc/%d/cmdline", pid)) 13 13 + if err != nil { 14 14 + return nil, fmt.Errorf("reading /proc/%d/cmdline: %w", pid, err) 15 15 + } 16 16 + 17 17 + s := strings.TrimRight(string(data), "\x00") 18 18 + if s == "" { 19 19 + return nil, fmt.Errorf("empty cmdline for pid %d", pid) 20 20 + } 21 21 + 22 22 + return strings.Split(s, "\x00"), nil 23 23 + } 24 24 + 25 25 + // getParentPID reads /proc/<pid>/status to find the parent PID. 26 26 + func getParentPID(pid int) (int, error) { 27 27 + data, err := os.ReadFile(fmt.Sprintf("/proc/%d/status", pid)) 28 28 + if err != nil { 29 29 + return 0, err 30 30 + } 31 31 + 32 32 + for _, line := range strings.Split(string(data), "\n") { 33 33 + if strings.HasPrefix(line, "PPid:") { 34 34 + fields := strings.Fields(line) 35 35 + if len(fields) >= 2 { 36 36 + return strconv.Atoi(fields[1]) 37 37 + } 38 38 + } 39 39 + } 40 40 + 41 41 + return 0, fmt.Errorf("PPid not found in /proc/%d/status", pid) 42 42 + }

+19

cmd/credential-helper/process_other.go

reviewed

··· 1 1 + //go:build !linux && !darwin 2 2 + 3 3 + package main 4 4 + 5 5 + import ( 6 6 + "fmt" 7 7 + "runtime" 8 8 + ) 9 9 + 10 10 + // getProcessArgs is not supported on this platform. 11 11 + // The credential helper falls back to the active account. 12 12 + func getProcessArgs(pid int) ([]string, error) { 13 13 + return nil, fmt.Errorf("process introspection not supported on %s", runtime.GOOS) 14 14 + } 15 15 + 16 16 + // getParentPID is not supported on this platform. 17 17 + func getParentPID(pid int) (int, error) { 18 18 + return 0, fmt.Errorf("process introspection not supported on %s", runtime.GOOS) 19 19 + }

+234

cmd/credential-helper/protocol.go

reviewed

··· 1 1 + package main 2 2 + 3 3 + import ( 4 4 + "encoding/json" 5 5 + "fmt" 6 6 + "os" 7 7 + "strings" 8 8 + 9 9 + "github.com/spf13/cobra" 10 10 + ) 11 11 + 12 12 + // Credentials represents docker credentials (Docker credential helper protocol) 13 13 + type Credentials struct { 14 14 + ServerURL string `json:"ServerURL,omitempty"` 15 15 + Username string `json:"Username,omitempty"` 16 16 + Secret string `json:"Secret,omitempty"` 17 17 + } 18 18 + 19 19 + func newGetCmd() *cobra.Command { 20 20 + return &cobra.Command{ 21 21 + Use: "get", 22 22 + Short: "Get credentials for a registry (Docker protocol)", 23 23 + Hidden: true, 24 24 + RunE: runGet, 25 25 + } 26 26 + } 27 27 + 28 28 + func newStoreCmd() *cobra.Command { 29 29 + return &cobra.Command{ 30 30 + Use: "store", 31 31 + Short: "Store credentials (Docker protocol)", 32 32 + Hidden: true, 33 33 + RunE: runStore, 34 34 + } 35 35 + } 36 36 + 37 37 + func newEraseCmd() *cobra.Command { 38 38 + return &cobra.Command{ 39 39 + Use: "erase", 40 40 + Short: "Erase credentials (Docker protocol)", 41 41 + Hidden: true, 42 42 + RunE: runErase, 43 43 + } 44 44 + } 45 45 + 46 46 + func newListCmd() *cobra.Command { 47 47 + return &cobra.Command{ 48 48 + Use: "list", 49 49 + Short: "List all credentials (Docker protocol extension)", 50 50 + Hidden: true, 51 51 + RunE: runList, 52 52 + } 53 53 + } 54 54 + 55 55 + func runGet(cmd *cobra.Command, args []string) error { 56 56 + // If stdin is a terminal, the user ran this directly (not Docker calling us) 57 57 + if isTerminal(os.Stdin) { 58 58 + fmt.Fprintf(os.Stderr, "The 'get' command is part of the Docker credential helper protocol.\n") 59 59 + fmt.Fprintf(os.Stderr, "It should not be run directly.\n\n") 60 60 + fmt.Fprintf(os.Stderr, "To authenticate with a registry, run:\n") 61 61 + fmt.Fprintf(os.Stderr, " docker-credential-atcr login\n\n") 62 62 + fmt.Fprintf(os.Stderr, "To check your accounts:\n") 63 63 + fmt.Fprintf(os.Stderr, " docker-credential-atcr status\n") 64 64 + return fmt.Errorf("not a pipe") 65 65 + } 66 66 + 67 67 + // Docker sends the server URL as a plain string on stdin (not JSON) 68 68 + var serverURL string 69 69 + if _, err := fmt.Fscanln(os.Stdin, &serverURL); err != nil { 70 70 + return fmt.Errorf("reading server URL: %w", err) 71 71 + } 72 72 + 73 73 + appViewURL := buildAppViewURL(serverURL) 74 74 + 75 75 + cfg, err := loadConfig() 76 76 + if err != nil { 77 77 + fmt.Fprintf(os.Stderr, "Warning: config load error: %v\n", err) 78 78 + } 79 79 + 80 80 + acct, err := cfg.resolveAccount(appViewURL, serverURL) 81 81 + if err != nil { 82 82 + return err 83 83 + } 84 84 + 85 85 + // Validate credentials 86 86 + result := validateCredentials(appViewURL, acct.Handle, acct.DeviceSecret) 87 87 + if !result.Valid { 88 88 + if result.OAuthSessionExpired { 89 89 + loginURL := result.LoginURL 90 90 + if loginURL == "" { 91 91 + loginURL = appViewURL + "/auth/oauth/login" 92 92 + } 93 93 + fmt.Fprintf(os.Stderr, "OAuth session expired for %s.\n", acct.Handle) 94 94 + fmt.Fprintf(os.Stderr, "Please visit: %s\n", loginURL) 95 95 + fmt.Fprintf(os.Stderr, "Then retry your docker command.\n") 96 96 + return fmt.Errorf("oauth session expired") 97 97 + } 98 98 + 99 99 + // Generic auth failure — remove the bad account 100 100 + fmt.Fprintf(os.Stderr, "Credentials for %s are invalid.\n", acct.Handle) 101 101 + fmt.Fprintf(os.Stderr, "Run: docker-credential-atcr login\n") 102 102 + cfg.removeAccount(appViewURL, acct.Handle) 103 103 + cfg.save() //nolint:errcheck 104 104 + return fmt.Errorf("invalid credentials") 105 105 + } 106 106 + 107 107 + // Check for updates (cached, non-blocking) 108 108 + checkAndNotifyUpdate(appViewURL) 109 109 + 110 110 + // Return credentials for Docker 111 111 + creds := Credentials{ 112 112 + ServerURL: serverURL, 113 113 + Username: acct.Handle, 114 114 + Secret: acct.DeviceSecret, 115 115 + } 116 116 + 117 117 + return json.NewEncoder(os.Stdout).Encode(creds) 118 118 + } 119 119 + 120 120 + func runStore(cmd *cobra.Command, args []string) error { 121 121 + var creds Credentials 122 122 + if err := json.NewDecoder(os.Stdin).Decode(&creds); err != nil { 123 123 + return fmt.Errorf("decoding credentials: %w", err) 124 124 + } 125 125 + 126 126 + // Only store if the secret looks like a device secret 127 127 + if !strings.HasPrefix(creds.Secret, "atcr_device_") { 128 128 + // Not our device secret — ignore (e.g., docker login with app-password) 129 129 + return nil 130 130 + } 131 131 + 132 132 + appViewURL := buildAppViewURL(creds.ServerURL) 133 133 + 134 134 + cfg, err := loadConfig() 135 135 + if err != nil { 136 136 + fmt.Fprintf(os.Stderr, "Warning: config load error: %v\n", err) 137 137 + } 138 138 + 139 139 + cfg.addAccount(appViewURL, &Account{ 140 140 + Handle: creds.Username, 141 141 + DeviceSecret: creds.Secret, 142 142 + }) 143 143 + 144 144 + return cfg.save() 145 145 + } 146 146 + 147 147 + func runErase(cmd *cobra.Command, args []string) error { 148 148 + var serverURL string 149 149 + if _, err := fmt.Fscanln(os.Stdin, &serverURL); err != nil { 150 150 + return fmt.Errorf("reading server URL: %w", err) 151 151 + } 152 152 + 153 153 + appViewURL := buildAppViewURL(serverURL) 154 154 + 155 155 + cfg, err := loadConfig() 156 156 + if err != nil { 157 157 + return nil // No config, nothing to erase 158 158 + } 159 159 + 160 160 + reg := cfg.findRegistry(appViewURL) 161 161 + if reg == nil { 162 162 + return nil 163 163 + } 164 164 + 165 165 + // Erase the active account (or sole account) 166 166 + handle := reg.Active 167 167 + if handle == "" && len(reg.Accounts) == 1 { 168 168 + for h := range reg.Accounts { 169 169 + handle = h 170 170 + } 171 171 + } 172 172 + if handle == "" { 173 173 + return nil 174 174 + } 175 175 + 176 176 + cfg.removeAccount(appViewURL, handle) 177 177 + return cfg.save() 178 178 + } 179 179 + 180 180 + func runList(cmd *cobra.Command, args []string) error { 181 181 + cfg, err := loadConfig() 182 182 + if err != nil { 183 183 + // Return empty object 184 184 + fmt.Println("{}") 185 185 + return nil 186 186 + } 187 187 + 188 188 + // Docker list protocol: {"ServerURL": "Username", ...} 189 189 + result := make(map[string]string) 190 190 + for url, reg := range cfg.Registries { 191 191 + // Strip scheme for Docker compatibility 192 192 + host := strings.TrimPrefix(url, "https://") 193 193 + host = strings.TrimPrefix(host, "http://") 194 194 + for _, acct := range reg.Accounts { 195 195 + result[host] = acct.Handle 196 196 + } 197 197 + } 198 198 + 199 199 + return json.NewEncoder(os.Stdout).Encode(result) 200 200 + } 201 201 + 202 202 + // checkAndNotifyUpdate checks for updates in the background and notifies the user 203 203 + func checkAndNotifyUpdate(appViewURL string) { 204 204 + cache := loadUpdateCheckCache() 205 205 + if cache != nil && cache.Current == version { 206 206 + // Cache is fresh and for current version 207 207 + if isNewerVersion(cache.Latest, version) { 208 208 + fmt.Fprintf(os.Stderr, "\nUpdate available: %s (current: %s)\n", cache.Latest, version) 209 209 + fmt.Fprintf(os.Stderr, "Run: docker-credential-atcr update\n\n") 210 210 + } 211 211 + // Check if cache is still fresh (24h) 212 212 + if cache.CheckedAt.Add(updateCheckCacheTTL).After(timeNow()) { 213 213 + return 214 214 + } 215 215 + } 216 216 + 217 217 + // Fetch version info 218 218 + apiURL := appViewURL + "/api/credential-helper/version" 219 219 + versionInfo, err := fetchVersionInfo(apiURL) 220 220 + if err != nil { 221 221 + return // Silently fail 222 222 + } 223 223 + 224 224 + saveUpdateCheckCache(&UpdateCheckCache{ 225 225 + CheckedAt: timeNow(), 226 226 + Latest: versionInfo.Latest, 227 227 + Current: version, 228 228 + }) 229 229 + 230 230 + if isNewerVersion(versionInfo.Latest, version) { 231 231 + fmt.Fprintf(os.Stderr, "\nUpdate available: %s (current: %s)\n", versionInfo.Latest, version) 232 232 + fmt.Fprintf(os.Stderr, "Run: docker-credential-atcr update\n\n") 233 233 + } 234 234 + }

+1 -1

deploy/upcloud/go.mod

reviewed

··· 1 1 module atcr.io/deploy 2 2 3 3 - go 1.25.4 3 3 + go 1.25.7 4 4 5 5 require ( 6 6 github.com/UpCloudLtd/upcloud-go-api/v8 v8.34.3

+165

docs/CREDENTIAL_HELPER_V2.md

reviewed

··· 1 1 + # Credential Helper Rewrite 2 2 + 3 3 + ## Context 4 4 + 5 5 + The current credential helper (`cmd/credential-helper/main.go`, ~1070 lines) is a monolithic single-file binary with a manual `switch` dispatch. It has no help text, hangs silently when run without stdin, embeds interactive device auth inside the Docker protocol `get` command (blocking pushes for up to 2 minutes while polling), and only supports one account per registry. Users want multi-account support (e.g., `evan.jarrett.net` and `michelle.jarrett.net` on the same `atcr.io`) and multi-registry support (e.g., `atcr.io` + `buoy.cr`). 6 6 + 7 7 + ## Approach 8 8 + 9 9 + Rewrite using **Cobra** (already a project dependency) for the CLI framework and **charmbracelet/huh** for interactive prompts (select menus, confirmations, spinners). Separate Docker protocol commands (machine-readable, hidden) from user-facing commands (interactive, discoverable). Model after `gh auth` UX patterns. 10 10 + 11 11 + **Smart account auto-detection**: The `get` command inspects the parent process command line (`/proc/<ppid>/cmdline` on Linux, `ps` on macOS) to determine which image Docker is pushing/pulling. Since ATCR URLs are `host/<identity>/repo:tag`, we can extract the identity and auto-select the matching account — no prompts, no manual switching needed in the common case. 12 12 + 13 13 + ## Command Tree 14 14 + 15 15 + ``` 16 16 + docker-credential-atcr 17 17 + ├── get (Docker protocol — stdin/stdout, hidden, smart account detection) 18 18 + ├── store (Docker protocol — stdin, hidden) 19 19 + ├── erase (Docker protocol — stdin, hidden) 20 20 + ├── list (Docker protocol extension, hidden) 21 21 + ├── login (Interactive device flow with huh prompts) 22 22 + ├── logout (Remove account credentials) 23 23 + ├── status (Show all accounts with active indicators) 24 24 + ├── switch (Switch active account — auto-toggle for 2, select for 3+) 25 25 + ├── configure-docker (Auto-edit ~/.docker/config.json credHelpers) 26 26 + ├── update (Self-update, existing logic preserved) 27 27 + └── version (Built-in via cobra) 28 28 + ``` 29 29 + 30 30 + ## Smart Account Resolution (`get` command) 31 31 + 32 32 + The `get` command resolves which account to use with this priority chain — fully non-interactive: 33 33 + 34 34 + ``` 35 35 + 1. Parse parent process cmdline → extract identity from image ref 36 36 + docker push atcr.io/evan.jarrett.net/test:latest 37 37 + → parent cmdline contains "evan.jarrett.net" → use that account 38 38 + 39 39 + 2. Fall back to active account (set by `switch` command) 40 40 + 41 41 + 3. Fall back to sole account (if only one exists for this registry) 42 42 + 43 43 + 4. Error with helpful message: 44 44 + "Multiple accounts for atcr.io. Run: docker-credential-atcr switch" 45 45 + ``` 46 46 + 47 47 + **Parent process detection** (in `helpers.go`): 48 48 + - Linux: read `/proc/<ppid>/cmdline` (null-separated args) 49 49 + - macOS: `ps -o args= -p <ppid>` 50 50 + - Windows: best-effort via `wmic` or skip (fall to active account) 51 51 + - Parse image ref: find the arg matching `<registry-host>/<identity>/...`, extract `<identity>` 52 52 + - Graceful failure: if parent isn't Docker, cmdline unreadable, or image ref not parseable → fall through to active account 53 53 + 54 54 + ## File Structure 55 55 + 56 56 + ``` 57 57 + cmd/credential-helper/ 58 58 + main.go — Cobra root command, version vars, subcommand registration 59 59 + config.go — Config types, load/save/migrate, getConfigPath 60 60 + device_auth.go — authorizeDevice(), validateCredentials() HTTP logic 61 61 + protocol.go — Docker protocol: get, store, erase, list (all hidden) 62 62 + cmd_login.go — login command (huh prompts + device flow) 63 63 + cmd_logout.go — logout command (huh confirm) 64 64 + cmd_status.go — status display 65 65 + cmd_switch.go — switch command (huh select) 66 66 + cmd_configure.go — configure-docker (edit ~/.docker/config.json) 67 67 + cmd_update.go — update command (moved from existing code) 68 68 + helpers.go — openBrowser, buildAppViewURL, isInsecureRegistry, parentCmdline, etc. 69 69 + ``` 70 70 + 71 71 + ## Config Format (`~/.atcr/device.json`) 72 72 + 73 73 + ```json 74 74 + { 75 75 + "version": 2, 76 76 + "registries": { 77 77 + "https://atcr.io": { 78 78 + "active": "evan.jarrett.net", 79 79 + "accounts": { 80 80 + "evan.jarrett.net": { 81 81 + "handle": "evan.jarrett.net", 82 82 + "did": "did:plc:abc123", 83 83 + "device_secret": "atcr_device_..." 84 84 + }, 85 85 + "michelle.jarrett.net": { 86 86 + "handle": "michelle.jarrett.net", 87 87 + "did": "did:plc:def456", 88 88 + "device_secret": "atcr_device_..." 89 89 + } 90 90 + } 91 91 + }, 92 92 + "https://buoy.cr": { 93 93 + "active": "evan.jarrett.net", 94 94 + "accounts": { ... } 95 95 + } 96 96 + } 97 97 + } 98 98 + ``` 99 99 + 100 100 + **Migration**: `loadConfig()` auto-detects and migrates from old formats: 101 101 + - Legacy single-device `{handle, device_secret, appview_url}` → v2 102 102 + - Current multi-registry `{credentials: {url: {...}}}` → v2 103 103 + - Writes back migrated config on first load 104 104 + 105 105 + ## Key Behavioral Changes 106 106 + 107 107 + | Command | Current | New | 108 108 + |---------|---------|-----| 109 109 + | `get` | Opens browser, polls 2min if no creds | Smart detection → active account → error | 110 110 + | `get` (multi-account) | N/A (single account only) | Auto-detects identity from parent cmdline | 111 111 + | `get` (no stdin) | Hangs forever | Detects terminal, prints help, exits 1 | 112 112 + | `get` (OAuth expired) | Auto-opens browser, polls | Prints login URL, exits 1 | 113 113 + | `store` | No-op | Stores if secret is device secret (`atcr_device_*`) | 114 114 + | `erase` | Removes all creds for host | Removes active account only | 115 115 + | No args | Prints bare usage | Prints full cobra help with all commands | 116 116 + 117 117 + ## Dependencies 118 118 + 119 119 + - `github.com/spf13/cobra` — already in go.mod 120 120 + - `github.com/charmbracelet/huh` — new (pure Go, CGO_ENABLED=0 safe) 121 121 + 122 122 + No changes to `.goreleaser.yaml` needed. 123 123 + 124 124 + ## Implementation Order 125 125 + 126 126 + ### Phase 1: Foundation 127 127 + 1. `helpers.go` — move utility functions verbatim + add `getParentCmdline()` and `detectIdentityFromParent(registryHost)` 128 128 + 2. `config.go` — new config types + migration from old formats 129 129 + 3. `main.go` — Cobra root command, register all subcommands 130 130 + 131 131 + ### Phase 2: Docker Protocol (must work for existing users) 132 132 + 4. `device_auth.go` — extract `authorizeDevice()` + `validateCredentials()` 133 133 + 5. `protocol.go` — `get`/`store`/`erase`/`list` using new config with smart account resolution 134 134 + 135 135 + ### Phase 3: User Commands 136 136 + 6. `cmd_login.go` — interactive device flow with huh spinner 137 137 + 7. `cmd_status.go` — display all registries/accounts 138 138 + 8. `cmd_switch.go` — huh select for account switching 139 139 + 9. `cmd_logout.go` — huh confirm for removal 140 140 + 10. `cmd_configure.go` — Docker config.json manipulation 141 141 + 11. `cmd_update.go` — move existing update logic 142 142 + 143 143 + ### Phase 4: Polish 144 144 + 12. Add `huh` to go.mod 145 145 + 13. Delete old `main.go` contents (replaced by new files) 146 146 + 147 147 + ## What to Keep vs Rewrite 148 148 + 149 149 + **Keep** (move to new files): `openBrowser()`, `buildAppViewURL()`, `isInsecureRegistry()`, `getDockerInsecureRegistries()`, `readDockerDaemonConfig()`, `stripPort()`, `isTerminal()`, `authorizeDevice()` HTTP logic, `validateCredentials()`, all update/version check functions. 150 150 + 151 151 + **Rewrite**: `main()`, `handleGet()` (split into non-interactive `get` with smart detection + interactive `login`), `handleStore()` (implement actual storage), `handleErase()` (multi-account aware), config types and loading. 152 152 + 153 153 + **New**: `list`, `login`, `logout`, `status`, `switch`, `configure-docker` commands. Config migration. Parent process identity detection. huh integration. 154 154 + 155 155 + ## Verification 156 156 + 157 157 + 1. Build: `go build -o bin/docker-credential-atcr ./cmd/credential-helper` 158 158 + 2. Help works: `bin/docker-credential-atcr --help` shows all user commands 159 159 + 3. Protocol works: `echo "atcr.io" | bin/docker-credential-atcr get` returns credentials or helpful error 160 160 + 4. No hang: `bin/docker-credential-atcr get` (no stdin pipe) detects terminal, prints help, exits 161 161 + 5. Smart detection: `docker push atcr.io/evan.jarrett.net/test:latest` auto-selects `evan.jarrett.net` 162 162 + 6. Login flow: `bin/docker-credential-atcr login` triggers device auth with huh prompts 163 163 + 7. Status: `bin/docker-credential-atcr status` shows configured accounts 164 164 + 8. Config migration: Place old-format `~/.atcr/device.json`, run any command, verify auto-migration 165 165 + 9. GoReleaser: `CGO_ENABLED=0 go build ./cmd/credential-helper` succeeds

+2 -2

docs/DEVELOPMENT.md

reviewed

··· 47 47 │ (changes appear instantly in container) 48 48 ▼ 49 49 ┌─────────────────────────────────────────────────────┐ 50 50 - │ Container (golang:1.25.2 base, has all tools) │ 50 50 + │ Container (golang:1.25.7 base, has all tools) │ 51 51 │ │ 52 52 │ ┌──────────────────────────────────────┐ │ 53 53 │ │ Air (hot reload tool) │ │ ··· 107 107 108 108 ```dockerfile 109 109 # Development Dockerfile with hot reload support 110 110 - FROM golang:1.25.2-trixie 110 110 + FROM golang:1.25.7-trixie 111 111 112 112 # Install Air for hot reload 113 113 RUN go install github.com/cosmtrek/air@latest

+24 -1

go.mod

reviewed

··· 9 9 github.com/aws/aws-sdk-go-v2/credentials v1.19.7 10 10 github.com/aws/aws-sdk-go-v2/service/s3 v1.96.0 11 11 github.com/bluesky-social/indigo v0.0.0-20260213003059-85cdd0d6871c 12 12 + github.com/charmbracelet/huh v0.8.0 13 13 + github.com/charmbracelet/huh/spinner v0.0.0-20260216111231-bffc99a26329 14 14 + github.com/charmbracelet/lipgloss v1.1.0 12 15 github.com/did-method-plc/go-didplc v0.0.0-20251009212921-7b7a252b8019 13 16 github.com/distribution/distribution/v3 v3.0.0 14 17 github.com/distribution/reference v0.6.0 ··· 45 48 go.yaml.in/yaml/v4 v4.0.0-rc.4 46 49 golang.org/x/crypto v0.48.0 47 50 golang.org/x/image v0.36.0 51 51 + golang.org/x/sys v0.41.0 48 52 golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da 49 53 gorm.io/gorm v1.31.1 50 54 ) ··· 54 58 github.com/RussellLuo/slidingwindow v0.0.0-20200528002341-535bb99d338b // indirect 55 59 github.com/ajg/form v1.6.1 // indirect 56 60 github.com/antlr4-go/antlr/v4 v4.13.1 // indirect 61 61 + github.com/atotto/clipboard v0.1.4 // indirect 57 62 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.4 // indirect 58 63 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17 // indirect 59 64 github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 // indirect ··· 69 74 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.13 // indirect 70 75 github.com/aws/aws-sdk-go-v2/service/sts v1.41.6 // indirect 71 76 github.com/aws/smithy-go v1.24.0 // indirect 77 77 + github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect 72 78 github.com/aymerick/douceur v0.2.0 // indirect 73 79 github.com/beorn7/perks v1.0.1 // indirect 74 80 github.com/bshuster-repo/logrus-logstash-hook v1.1.0 // indirect 81 81 + github.com/catppuccin/go v0.3.0 // indirect 75 82 github.com/cenkalti/backoff/v5 v5.0.3 // indirect 76 83 github.com/cespare/xxhash/v2 v2.3.0 // indirect 84 84 + github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7 // indirect 85 85 + github.com/charmbracelet/bubbletea v1.3.10 // indirect 86 86 + github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect 87 87 + github.com/charmbracelet/x/ansi v0.10.1 // indirect 88 88 + github.com/charmbracelet/x/cellbuf v0.0.13 // indirect 89 89 + github.com/charmbracelet/x/exp/strings v0.0.0-20240722160745-212f7b056ed0 // indirect 90 90 + github.com/charmbracelet/x/term v0.2.1 // indirect 77 91 github.com/coreos/go-systemd/v22 v22.7.0 // indirect 78 92 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect 79 93 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect 80 94 github.com/docker/docker-credential-helpers v0.9.5 // indirect 81 95 github.com/docker/go-events v0.0.0-20250808211157-605354379745 // indirect 82 96 github.com/docker/go-metrics v0.0.1 // indirect 97 97 + github.com/dustin/go-humanize v1.0.1 // indirect 98 98 + github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect 83 99 github.com/fatih/color v1.18.0 // indirect 84 100 github.com/felixge/httpsnoop v1.0.4 // indirect 85 101 github.com/fsnotify/fsnotify v1.9.0 // indirect ··· 118 134 github.com/jmespath/go-jmespath v0.4.0 // indirect 119 135 github.com/klauspost/cpuid/v2 v2.3.0 // indirect 120 136 github.com/libsql/sqlite-antlr4-parser v0.0.0-20240721121621-c0bdc870f11c // indirect 137 137 + github.com/lucasb-eyer/go-colorful v1.2.0 // indirect 121 138 github.com/mattn/go-colorable v0.1.14 // indirect 122 139 github.com/mattn/go-isatty v0.0.20 // indirect 140 140 + github.com/mattn/go-localereader v0.0.1 // indirect 141 141 + github.com/mattn/go-runewidth v0.0.16 // indirect 123 142 github.com/minio/sha256-simd v1.0.1 // indirect 143 143 + github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect 124 144 github.com/mr-tron/base58 v1.2.0 // indirect 145 145 + github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect 146 146 + github.com/muesli/cancelreader v0.2.2 // indirect 147 147 + github.com/muesli/termenv v0.16.0 // indirect 125 148 github.com/multiformats/go-base32 v0.1.0 // indirect 126 149 github.com/multiformats/go-base36 v0.2.0 // indirect 127 150 github.com/multiformats/go-multibase v0.2.0 // indirect ··· 149 172 github.com/spf13/cast v1.10.0 // indirect 150 173 github.com/spf13/pflag v1.0.10 // indirect 151 174 github.com/subosito/gotenv v1.6.0 // indirect 175 175 + github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect 152 176 gitlab.com/yawning/secp256k1-voi v0.0.0-20230925100816-f2616030848b // indirect 153 177 gitlab.com/yawning/tuplehash v0.0.0-20230713102510-df83abbf9a02 // indirect 154 178 go.opentelemetry.io/auto/sdk v1.2.1 // indirect ··· 181 205 golang.org/x/exp v0.0.0-20260212183809-81e46e3db34a // indirect 182 206 golang.org/x/net v0.50.0 // indirect 183 207 golang.org/x/sync v0.19.0 // indirect 184 184 - golang.org/x/sys v0.41.0 // indirect 185 208 golang.org/x/text v0.34.0 // indirect 186 209 golang.org/x/time v0.14.0 // indirect 187 210 google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57 // indirect

+64

go.sum

reviewed

··· 1 1 github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8afgbRMd7mFxO99hRNu+6tazq8nFF9lIwo9JFroBk= 2 2 github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= 3 3 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= 4 4 + github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= 5 5 + github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= 4 6 github.com/RussellLuo/slidingwindow v0.0.0-20200528002341-535bb99d338b h1:5/++qT1/z812ZqBvqQt6ToRswSuPZ/B33m6xVHRzADU= 5 7 github.com/RussellLuo/slidingwindow v0.0.0-20200528002341-535bb99d338b/go.mod h1:4+EPqMRApwwE/6yo6CxiHoSnBzjRr3jsqer7frxP8y4= 6 8 github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= ··· 10 12 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= 11 13 github.com/antlr4-go/antlr/v4 v4.13.1 h1:SqQKkuVZ+zWkMMNkjy5FZe5mr5WURWnlpmOuzYWrPrQ= 12 14 github.com/antlr4-go/antlr/v4 v4.13.1/go.mod h1:GKmUxMtwp6ZgGwZSva4eWPC5mS6vUAmOABFgjdkM7Nw= 15 15 + github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4= 16 16 + github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI= 13 17 github.com/aws/aws-sdk-go v1.55.8 h1:JRmEUbU52aJQZ2AjX4q4Wu7t4uZjOu71uyNmaWlUkJQ= 14 18 github.com/aws/aws-sdk-go v1.55.8/go.mod h1:ZkViS9AqA6otK+JBBNH2++sx1sgxrPKcSzPPvQkUtXk= 15 19 github.com/aws/aws-sdk-go-v2 v1.41.1 h1:ABlyEARCDLN034NhxlRUSZr4l71mh+T5KAeGh6cerhU= ··· 50 54 github.com/aws/aws-sdk-go-v2/service/sts v1.41.6/go.mod h1:qgFDZQSD/Kys7nJnVqYlWKnh0SSdMjAi0uSwON4wgYQ= 51 55 github.com/aws/smithy-go v1.24.0 h1:LpilSUItNPFr1eY85RYgTIg5eIEPtvFbskaFcmmIUnk= 52 56 github.com/aws/smithy-go v1.24.0/go.mod h1:LEj2LM3rBRQJxPZTB4KuzZkaZYnZPnvgIhb4pu07mx0= 57 57 + github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= 58 58 + github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8= 59 59 + github.com/aymanbagabas/go-udiff v0.3.1 h1:LV+qyBQ2pqe0u42ZsUEtPiCaUoqgA9gYRDs3vj1nolY= 60 60 + github.com/aymanbagabas/go-udiff v0.3.1/go.mod h1:G0fsKmG+P6ylD0r6N/KgQD/nWzgfnl8ZBcNLgcbrw8E= 53 61 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= 54 62 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4= 55 63 github.com/benbjohnson/clock v1.3.5 h1:VvXlSJBzZpA/zum6Sj74hxwYI2DIxRWuNIoXAzHZz5o= ··· 66 74 github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c= 67 75 github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA= 68 76 github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0= 77 77 + github.com/catppuccin/go v0.3.0 h1:d+0/YicIq+hSTo5oPuRi5kOpqkVA5tAsU6dNhvRu+aY= 78 78 + github.com/catppuccin/go v0.3.0/go.mod h1:8IHJuMGaUUjQM82qBrGNBv7LFq6JI3NnQCF6MOlZjpc= 69 79 github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM= 70 80 github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= 71 81 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= 72 82 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= 83 83 + github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7 h1:JFgG/xnwFfbezlUnFMJy0nusZvytYysV4SCS2cYbvws= 84 84 + github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7/go.mod h1:ISC1gtLcVilLOf23wvTfoQuYbW2q0JevFxPfUzZ9Ybw= 85 85 + github.com/charmbracelet/bubbletea v1.3.10 h1:otUDHWMMzQSB0Pkc87rm691KZ3SWa4KUlvF9nRvCICw= 86 86 + github.com/charmbracelet/bubbletea v1.3.10/go.mod h1:ORQfo0fk8U+po9VaNvnV95UPWA1BitP1E0N6xJPlHr4= 87 87 + github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc h1:4pZI35227imm7yK2bGPcfpFEmuY1gc2YSTShr4iJBfs= 88 88 + github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc/go.mod h1:X4/0JoqgTIPSFcRA/P6INZzIuyqdFY5rm8tb41s9okk= 89 89 + github.com/charmbracelet/huh v0.8.0 h1:Xz/Pm2h64cXQZn/Jvele4J3r7DDiqFCNIVteYukxDvY= 90 90 + github.com/charmbracelet/huh v0.8.0/go.mod h1:5YVc+SlZ1IhQALxRPpkGwwEKftN/+OlJlnJYlDRFqN4= 91 91 + github.com/charmbracelet/huh/spinner v0.0.0-20260216111231-bffc99a26329 h1:0qvbszNGxDNsLfktnN6eFngemvxTzKWyL2ER1AEmawM= 92 92 + github.com/charmbracelet/huh/spinner v0.0.0-20260216111231-bffc99a26329/go.mod h1:OMqKat/mm9a/qOnpuNOPyYO9bPzRNnmzLnRZT5KYltg= 93 93 + github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY= 94 94 + github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30= 95 95 + github.com/charmbracelet/x/ansi v0.10.1 h1:rL3Koar5XvX0pHGfovN03f5cxLbCF2YvLeyz7D2jVDQ= 96 96 + github.com/charmbracelet/x/ansi v0.10.1/go.mod h1:3RQDQ6lDnROptfpWuUVIUG64bD2g2BgntdxH0Ya5TeE= 97 97 + github.com/charmbracelet/x/cellbuf v0.0.13 h1:/KBBKHuVRbq1lYx5BzEHBAFBP8VcQzJejZ/IA3iR28k= 98 98 + github.com/charmbracelet/x/cellbuf v0.0.13/go.mod h1:xe0nKWGd3eJgtqZRaN9RjMtK7xUYchjzPr7q6kcvCCs= 99 99 + github.com/charmbracelet/x/conpty v0.1.0 h1:4zc8KaIcbiL4mghEON8D72agYtSeIgq8FSThSPQIb+U= 100 100 + github.com/charmbracelet/x/conpty v0.1.0/go.mod h1:rMFsDJoDwVmiYM10aD4bH2XiRgwI7NYJtQgl5yskjEQ= 101 101 + github.com/charmbracelet/x/errors v0.0.0-20240508181413-e8d8b6e2de86 h1:JSt3B+U9iqk37QUU2Rvb6DSBYRLtWqFqfxf8l5hOZUA= 102 102 + github.com/charmbracelet/x/errors v0.0.0-20240508181413-e8d8b6e2de86/go.mod h1:2P0UgXMEa6TsToMSuFqKFQR+fZTO9CNGUNokkPatT/0= 103 103 + github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91 h1:payRxjMjKgx2PaCWLZ4p3ro9y97+TVLZNaRZgJwSVDQ= 104 104 + github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91/go.mod h1:wDlXFlCrmJ8J+swcL/MnGUuYnqgQdW9rhSD61oNMb6U= 105 105 + github.com/charmbracelet/x/exp/strings v0.0.0-20240722160745-212f7b056ed0 h1:qko3AQ4gK1MTS/de7F5hPGx6/k1u0w4TeYmBFwzYVP4= 106 106 + github.com/charmbracelet/x/exp/strings v0.0.0-20240722160745-212f7b056ed0/go.mod h1:pBhA0ybfXv6hDjQUZ7hk1lVxBiUbupdw5R31yPUViVQ= 107 107 + github.com/charmbracelet/x/term v0.2.1 h1:AQeHeLZ1OqSXhrAWpYUtZyX1T3zVxfpZuEQMIQaGIAQ= 108 108 + github.com/charmbracelet/x/term v0.2.1/go.mod h1:oQ4enTYFV7QN4m0i9mzHrViD7TQKvNEEkHUMCmsxdUg= 109 109 + github.com/charmbracelet/x/termios v0.1.1 h1:o3Q2bT8eqzGnGPOYheoYS8eEleT5ZVNYNy8JawjaNZY= 110 110 + github.com/charmbracelet/x/termios v0.1.1/go.mod h1:rB7fnv1TgOPOyyKRJ9o+AsTU/vK5WHJ2ivHeut/Pcwo= 111 111 + github.com/charmbracelet/x/xpty v0.1.2 h1:Pqmu4TEJ8KeA9uSkISKMU3f+C1F6OGBn8ABuGlqCbtI= 112 112 + github.com/charmbracelet/x/xpty v0.1.2/go.mod h1:XK2Z0id5rtLWcpeNiMYBccNNBrP2IJnzHI0Lq13Xzq4= 73 113 github.com/coreos/go-systemd/v22 v22.7.0 h1:LAEzFkke61DFROc7zNLX/WA2i5J8gYqe0rSj9KI28KA= 74 114 github.com/coreos/go-systemd/v22 v22.7.0/go.mod h1:xNUYtjHu2EDXbsxz1i41wouACIwT7Ybq9o0BQhMwD0w= 75 115 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= 76 116 github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= 117 117 + github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s= 118 118 + github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE= 77 119 github.com/cskr/pubsub v1.0.2 h1:vlOzMhl6PFn60gRlTQQsIfVwaPB/B/8MziK8FhEPt/0= 78 120 github.com/cskr/pubsub v1.0.2/go.mod h1:/8MzYXk/NJAz782G8RPkFzXTZVu63VotefPnR9TIRis= 79 121 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= ··· 96 138 github.com/docker/go-events v0.0.0-20250808211157-605354379745/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= 97 139 github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= 98 140 github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= 141 141 + github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= 142 142 + github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= 99 143 github.com/earthboundkid/versioninfo/v2 v2.24.1 h1:SJTMHaoUx3GzjjnUO1QzP3ZXK6Ee/nbWyCm58eY3oUg= 100 144 github.com/earthboundkid/versioninfo/v2 v2.24.1/go.mod h1:VcWEooDEuyUJnMfbdTh0uFN4cfEIg+kHMuWB2CDCLjw= 145 145 + github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4= 146 146 + github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f/go.mod h1:vw97MGsxSvLiUE2X8qFplwetxpGLQrlU1Q9AUEIzCaM= 101 147 github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= 102 148 github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= 103 149 github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= ··· 296 342 github.com/libp2p/go-netroute v0.4.0/go.mod h1:Nkd5ShYgSMS5MUKy/MU2T57xFoOKvvLR92Lic48LEyA= 297 343 github.com/libsql/sqlite-antlr4-parser v0.0.0-20240721121621-c0bdc870f11c h1:WsJ6G+hkDXIMfQE8FIxnnziT26WmsRgZhdWQ0IQGlcc= 298 344 github.com/libsql/sqlite-antlr4-parser v0.0.0-20240721121621-c0bdc870f11c/go.mod h1:gIcFddvsvPcRCO6QDmWH9/zcFd5U26QWWRMgZh4ddyo= 345 345 + github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= 346 346 + github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= 299 347 github.com/mattn/go-colorable v0.1.14 h1:9A9LHSqF/7dyVVX6g0U9cwm9pG3kP9gSzcuIPHPsaIE= 300 348 github.com/mattn/go-colorable v0.1.14/go.mod h1:6LmQG8QLFO4G5z1gPvYEzlUgJ2wF+stgPZH1UqBm1s8= 301 349 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= 302 350 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= 351 351 + github.com/mattn/go-localereader v0.0.1 h1:ygSAOl7ZXTx4RdPYinUpg6W99U8jWvWi9Ye2JC/oIi4= 352 352 + github.com/mattn/go-localereader v0.0.1/go.mod h1:8fBrzywKY7BI3czFoHkuzRoWE9C+EiG4R1k4Cjx5p88= 353 353 + github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6TULQc= 354 354 + github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= 303 355 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= 304 356 github.com/microcosm-cc/bluemonday v1.0.27 h1:MpEUotklkwCSLeH+Qdx1VJgNqLlpY2KXwXFM08ygZfk= 305 357 github.com/microcosm-cc/bluemonday v1.0.27/go.mod h1:jFi9vgW+H7c3V0lb6nR74Ib/DIB5OBs92Dimizgw2cA= ··· 307 359 github.com/miekg/dns v1.1.72/go.mod h1:+EuEPhdHOsfk6Wk5TT2CzssZdqkmFhf8r+aVyDEToIs= 308 360 github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= 309 361 github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= 362 362 + github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4= 363 363 + github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE= 310 364 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 311 365 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= 312 366 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 313 367 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= 314 368 github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o= 315 369 github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= 370 370 + github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D264iyp3TiX5OmNcI5cIARiQI= 371 371 + github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo= 372 372 + github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA= 373 373 + github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo= 374 374 + github.com/muesli/termenv v0.16.0 h1:S5AlUN9dENB57rsbnkPyfdGuWIlkmzJjbFf0Tf5FWUc= 375 375 + github.com/muesli/termenv v0.16.0/go.mod h1:ZRfOIKPFDYQoDFF4Olj7/QJbW60Ol/kL1pU3VfY/Cnk= 316 376 github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aGkbLYxPE= 317 377 github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI= 318 378 github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0= ··· 381 441 github.com/redis/go-redis/extra/redisotel/v9 v9.17.3/go.mod h1:gR39sPK/dJZlqgIA9Nm4JFHcQJPyhsISBLj708nrD4w= 382 442 github.com/redis/go-redis/v9 v9.17.3 h1:fN29NdNrE17KttK5Ndf20buqfDZwGNgoUr9qjl1DQx4= 383 443 github.com/redis/go-redis/v9 v9.17.3/go.mod h1:u410H11HMLoB+TP67dz8rL9s6QW2j76l0//kSOd3370= 444 444 + github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= 384 445 github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= 385 446 github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= 386 447 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= ··· 440 501 github.com/whyrusleeping/cbor v0.0.0-20171005072247-63513f603b11/go.mod h1:Wlo/SzPmxVp6vXpGt/zaXhHH0fn4IxgqZc82aKg6bpQ= 441 502 github.com/whyrusleeping/cbor-gen v0.3.1 h1:82ioxmhEYut7LBVGhGq8xoRkXPLElVuh5mV67AFfdv0= 442 503 github.com/whyrusleeping/cbor-gen v0.3.1/go.mod h1:pM99HXyEbSQHcosHc0iW7YFmwnscr+t9Te4ibko05so= 504 504 + github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no= 505 505 + github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM= 443 506 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= 444 507 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= 445 508 github.com/yuin/goldmark v1.7.16 h1:n+CJdUxaFMiDUNnWC3dMWCIQJSkxH4uz3ZwQBkAlVNE= ··· 556 619 golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 557 620 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 558 621 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 622 622 + golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 559 623 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 560 624 golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k= 561 625 golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=

+1

go.work.sum

reviewed

··· 538 538 go.uber.org/mock v0.5.2/go.mod h1:wLlUxC2vVTPTaE3UD51E0BGOAElKrILxhVSDYQLld5o= 539 539 golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= 540 540 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= 541 541 + golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= 541 542 golang.org/x/exp/shiny v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:3F+MieQB7dRYLTmnncoFbb1crS5lfQoTfDgQy6K4N0o= 542 543 golang.org/x/image v0.25.0/go.mod h1:tCAmOEGthTtkalusGp1g3xa2gke8J6c2N565dTyl9Rs= 543 544 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=

+1 -1

pkg/appview/handlers/repository.go

reviewed

··· 294 294 IsStarred bool 295 295 IsOwner bool // Whether current user owns this repository 296 296 ReadmeHTML template.HTML 297 297 - ArtifactType string // Dominant artifact type: container-image, helm-chart, unknown 297 297 + ArtifactType string // Dominant artifact type: container-image, helm-chart, unknown 298 298 ScanBatchParams []template.HTML // Pre-encoded query strings for batch scan-result endpoint (one per hold) 299 299 }{ 300 300 PageData: NewPageData(r, &h.BaseUIHandler),

+43 -4

pkg/appview/handlers/scan_result.go

reviewed

··· 3 3 import ( 4 4 "bytes" 5 5 "context" 6 6 + "database/sql" 6 7 "encoding/json" 7 8 "fmt" 8 9 "html/template" ··· 13 14 "sync" 14 15 "time" 15 16 17 17 + "atcr.io/pkg/appview/db" 16 18 "atcr.io/pkg/atproto" 17 19 ) 18 20 ··· 54 56 return 55 57 } 56 58 57 57 - // Resolve to HTTP endpoint URL (handles DID, URL, or hostname) 58 58 - holdURL, err := atproto.ResolveHoldURL(r.Context(), holdEndpoint) 59 59 + // Check if this hold has a successor — scan records may live there instead 60 60 + resolvedHoldDID := resolveHoldSuccessor(h.ReadOnlyDB, holdDID) 61 61 + 62 62 + // Resolve to HTTP endpoint URL. If successor redirected, resolve the new DID; 63 63 + // otherwise use the original holdEndpoint (which may already be a URL). 64 64 + holdURLTarget := holdEndpoint 65 65 + if resolvedHoldDID != holdDID { 66 66 + holdDID = resolvedHoldDID 67 67 + holdURLTarget = resolvedHoldDID 68 68 + } 69 69 + holdURL, err := atproto.ResolveHoldURL(r.Context(), holdURLTarget) 59 70 if err != nil { 60 71 slog.Debug("Failed to resolve hold URL", "holdEndpoint", holdEndpoint, "error", err) 61 72 h.renderBadge(w, vulnBadgeData{Error: true}) ··· 219 230 return 220 231 } 221 232 222 222 - // Resolve to HTTP endpoint URL (handles DID, URL, or hostname) 223 223 - holdURL, err := atproto.ResolveHoldURL(r.Context(), holdEndpoint) 233 233 + // Check if this hold has a successor — scan records may live there instead 234 234 + resolvedHoldDID := resolveHoldSuccessor(h.ReadOnlyDB, holdDID) 235 235 + 236 236 + // Resolve to HTTP endpoint URL. If successor redirected, resolve the new DID; 237 237 + // otherwise use the original holdEndpoint (which may already be a URL). 238 238 + holdURLTarget := holdEndpoint 239 239 + if resolvedHoldDID != holdDID { 240 240 + holdDID = resolvedHoldDID 241 241 + holdURLTarget = resolvedHoldDID 242 242 + } 243 243 + holdURL, err := atproto.ResolveHoldURL(r.Context(), holdURLTarget) 224 244 if err != nil { 225 245 slog.Debug("Failed to resolve hold URL for batch scan", "holdEndpoint", holdEndpoint, "error", err) 226 246 w.Header().Set("Content-Type", "text/html") ··· 266 286 template.HTMLEscapeString(res.hexDigest), buf.String()) 267 287 } 268 288 } 289 289 + 290 290 + // resolveHoldSuccessor checks if a hold has a successor in the cached captain records. 291 291 + // Returns the successor DID if set, otherwise returns the original holdDID. 292 292 + // Single-hop only — does not follow chains. 293 293 + func resolveHoldSuccessor(database *sql.DB, holdDID string) string { 294 294 + if database == nil { 295 295 + return holdDID 296 296 + } 297 297 + captain, err := db.GetCaptainRecord(database, holdDID) 298 298 + if err != nil || captain == nil { 299 299 + return holdDID 300 300 + } 301 301 + if captain.Successor != "" { 302 302 + slog.Debug("Scan result: following hold successor", 303 303 + "from", holdDID, "to", captain.Successor) 304 304 + return captain.Successor 305 305 + } 306 306 + return holdDID 307 307 + }

+26 -10

pkg/appview/handlers/settings.go

reviewed

··· 1 1 package handlers 2 2 3 3 import ( 4 4 + "context" 4 5 "encoding/json" 5 6 "html/template" 6 7 "log/slog" ··· 13 14 "atcr.io/pkg/appview/middleware" 14 15 "atcr.io/pkg/appview/storage" 15 16 "atcr.io/pkg/atproto" 17 17 + "github.com/bluesky-social/indigo/atproto/syntax" 16 18 ) 17 19 18 20 // HoldDisplay represents a hold for display in the UI ··· 70 72 for _, hold := range availableHolds { 71 73 display := HoldDisplay{ 72 74 DID: hold.HoldDID, 73 73 - DisplayName: deriveDisplayName(hold.HoldDID), 75 75 + DisplayName: resolveHoldDisplayName(r.Context(), &h.BaseUIHandler, hold.HoldDID), 74 76 Region: hold.Region, 75 77 Membership: hold.Membership, 76 78 } ··· 106 108 showCurrentHold := profile.DefaultHold != "" && !currentHoldDiscovered 107 109 108 110 // Look up AppView default hold details from database 109 109 - appViewDefaultDisplay := deriveDisplayName(h.DefaultHoldDID) 111 111 + appViewDefaultDisplay := resolveHoldDisplayName(r.Context(), &h.BaseUIHandler, h.DefaultHoldDID) 110 112 var appViewDefaultRegion string 111 113 if h.DefaultHoldDID != "" && h.DB != nil { 112 114 if captain, err := db.GetCaptainRecord(h.DB, h.DefaultHoldDID); err == nil && captain != nil { ··· 143 145 PageData: NewPageData(r, &h.BaseUIHandler), 144 146 Meta: meta, 145 147 CurrentHoldDID: profile.DefaultHold, 146 146 - CurrentHoldDisplay: deriveDisplayName(profile.DefaultHold), 148 148 + CurrentHoldDisplay: resolveHoldDisplayName(r.Context(), &h.BaseUIHandler, profile.DefaultHold), 147 149 ShowCurrentHold: showCurrentHold, 148 150 AppViewDefaultHoldDID: h.DefaultHoldDID, 149 151 AppViewDefaultHoldDisplay: appViewDefaultDisplay, ··· 165 167 } 166 168 } 167 169 168 168 - // deriveDisplayName derives a human-readable name from a hold DID 169 169 - func deriveDisplayName(did string) string { 170 170 - // For did:web, extract the domain 170 170 + // resolveHoldDisplayName resolves a hold DID to a human-readable handle via the 171 171 + // identity directory. Falls back to domain extraction (did:web) or truncation (did:plc). 172 172 + func resolveHoldDisplayName(ctx context.Context, h *BaseUIHandler, did string) string { 173 173 + if did == "" { 174 174 + return "" 175 175 + } 176 176 + 177 177 + // Try resolving via identity directory 178 178 + if h.Directory != nil { 179 179 + parsed, err := syntax.ParseDID(did) 180 180 + if err == nil { 181 181 + ident, err := h.Directory.LookupDID(ctx, parsed) 182 182 + if err == nil && ident.Handle.String() != "handle.invalid" && ident.Handle.String() != "" { 183 183 + return ident.Handle.String() 184 184 + } 185 185 + } 186 186 + } 187 187 + 188 188 + // Fallback: extract domain from did:web 171 189 if strings.HasPrefix(did, "did:web:") { 172 190 domain := strings.TrimPrefix(did, "did:web:") 173 173 - // URL-decode the domain (did:web encodes : as %3A) 174 174 - decoded, err := url.QueryUnescape(domain) 175 175 - if err == nil { 191 191 + if decoded, err := url.QueryUnescape(domain); err == nil { 176 192 return decoded 177 193 } 178 194 return domain 179 195 } 180 196 181 181 - // For did:plc, truncate for display 197 197 + // Fallback: truncate did:plc 182 198 if len(did) > 24 { 183 199 return did[:24] + "..." 184 200 }

+1 -1

pkg/appview/handlers/subscription.go

reviewed

··· 113 113 } 114 114 115 115 // Set hold display name so users know which hold the subscription applies to 116 116 - info.HoldDisplayName = deriveDisplayName(holdDID) 116 116 + info.HoldDisplayName = resolveHoldDisplayName(r.Context(), &h.BaseUIHandler, holdDID) 117 117 118 118 // Format prices for display 119 119 // Note: -1 means "has price, fetch from Stripe" (placeholder from hold)

-1

pkg/appview/holdhealth/checker_test.go

reviewed

··· 267 267 t.Errorf("Expected startupDelay=%v, got %v", startupDelay, workerWithDelay.startupDelay) 268 268 } 269 269 } 270 270 -

-1

pkg/appview/server.go

reviewed

··· 599 599 return nil 600 600 } 601 601 602 602 - 603 602 // DomainRoutingMiddleware enforces three-tier domain routing: 604 603 // 605 604 // 1. UI domain (BaseURL hostname): serves web UI, auth, and static assets.

-1

pkg/atproto/lexicon_test.go

reviewed

··· 653 653 } 654 654 } 655 655 656 656 - 657 656 func TestIsDID(t *testing.T) { 658 657 tests := []struct { 659 658 name string

+1 -1

pkg/hold/admin/handlers_settings.go

reviewed

··· 88 88 89 89 // Validate successor DID format if provided 90 90 if successor != "" { 91 91 - if !atproto.IsDID(successor) || !(strings.HasPrefix(successor, "did:web:") || strings.HasPrefix(successor, "did:plc:")) { 91 91 + if !atproto.IsDID(successor) || (!strings.HasPrefix(successor, "did:web:") && !strings.HasPrefix(successor, "did:plc:")) { 92 92 setFlash(w, r, "error", "Successor must be a valid did:web: or did:plc: DID") 93 93 http.Redirect(w, r, "/admin#settings", http.StatusFound) 94 94 return

+107 -34

pkg/hold/pds/scan_broadcaster.go

reviewed

··· 38 38 ownsDB bool // true when this broadcaster opened the connection itself 39 39 40 40 // Proactive scan scheduling 41 41 - rescanInterval time.Duration // Minimum interval between re-scans (0 = disabled) 42 42 - stopCh chan struct{} // Signal to stop background goroutines 43 43 - wg sync.WaitGroup // Wait for background goroutines to finish 44 44 - userIdx int // Round-robin index through users for proactive scanning 45 45 - predecessorCache map[string]bool // holdDID → "is this hold's successor us?" 41 41 + rescanInterval time.Duration // Minimum interval between re-scans (0 = disabled) 42 42 + stopCh chan struct{} // Signal to stop background goroutines 43 43 + wg sync.WaitGroup // Wait for background goroutines to finish 44 44 + userIdx int // Round-robin index through DIDs for proactive scanning 45 45 + predecessorCache map[string]bool // holdDID → "has this hold been migrated (has successor)?" 46 46 + 47 47 + // Relay-based manifest DID discovery 48 48 + relayEndpoint string // Relay URL for listReposByCollection 49 49 + manifestDIDs []string // Cached list of DIDs with manifest records 50 50 + manifestDIDsMu sync.RWMutex // Protects manifestDIDs 46 51 } 47 52 48 53 // ScanSubscriber represents a connected scanner WebSocket client ··· 90 95 91 96 // NewScanBroadcaster creates a new scan job broadcaster 92 97 // dbPath should point to a SQLite database file (e.g., "/path/to/pds/db.sqlite3") 93 93 - func NewScanBroadcaster(holdDID, holdEndpoint, secret, dbPath string, s3svc *s3.S3Service, holdPDS *HoldPDS, rescanInterval time.Duration) (*ScanBroadcaster, error) { 98 98 + func NewScanBroadcaster(holdDID, holdEndpoint, secret, relayEndpoint, dbPath string, s3svc *s3.S3Service, holdPDS *HoldPDS, rescanInterval time.Duration) (*ScanBroadcaster, error) { 94 99 dsn := dbPath 95 100 if dbPath != ":memory:" && !strings.HasPrefix(dbPath, "file:") { 96 101 dsn = "file:" + dbPath ··· 116 121 return nil, fmt.Errorf("failed to set busy_timeout: %w", err) 117 122 } 118 123 124 124 + if relayEndpoint == "" { 125 125 + relayEndpoint = "https://relay1.us-east.bsky.network" 126 126 + } 127 127 + 119 128 sb := &ScanBroadcaster{ 120 129 subscribers: make([]*ScanSubscriber, 0), 121 130 db: db, ··· 129 138 rescanInterval: rescanInterval, 130 139 stopCh: make(chan struct{}), 131 140 predecessorCache: make(map[string]bool), 141 141 + relayEndpoint: relayEndpoint, 132 142 } 133 143 134 144 if err := sb.initSchema(); err != nil { ··· 142 152 143 153 // Start proactive scan loop if rescan interval is configured 144 154 if rescanInterval > 0 { 145 145 - sb.wg.Add(1) 155 155 + sb.wg.Add(2) 146 156 go sb.proactiveScanLoop() 147 147 - slog.Info("Proactive scan scheduler started", "rescanInterval", rescanInterval) 157 157 + go sb.refreshManifestDIDsLoop() 158 158 + slog.Info("Proactive scan scheduler started", "rescanInterval", rescanInterval, "relayEndpoint", relayEndpoint) 148 159 } 149 160 150 161 return sb, nil ··· 152 163 153 164 // NewScanBroadcasterWithDB creates a scan job broadcaster using an existing *sql.DB connection. 154 165 // The caller is responsible for the DB lifecycle. 155 155 - func NewScanBroadcasterWithDB(holdDID, holdEndpoint, secret string, db *sql.DB, s3svc *s3.S3Service, holdPDS *HoldPDS, rescanInterval time.Duration) (*ScanBroadcaster, error) { 166 166 + func NewScanBroadcasterWithDB(holdDID, holdEndpoint, secret, relayEndpoint string, db *sql.DB, s3svc *s3.S3Service, holdPDS *HoldPDS, rescanInterval time.Duration) (*ScanBroadcaster, error) { 167 167 + if relayEndpoint == "" { 168 168 + relayEndpoint = "https://relay1.us-east.bsky.network" 169 169 + } 170 170 + 156 171 sb := &ScanBroadcaster{ 157 172 subscribers: make([]*ScanSubscriber, 0), 158 173 db: db, ··· 166 181 rescanInterval: rescanInterval, 167 182 stopCh: make(chan struct{}), 168 183 predecessorCache: make(map[string]bool), 184 184 + relayEndpoint: relayEndpoint, 169 185 } 170 186 171 187 if err := sb.initSchema(); err != nil { ··· 176 192 go sb.reDispatchLoop() 177 193 178 194 if rescanInterval > 0 { 179 179 - sb.wg.Add(1) 195 195 + sb.wg.Add(2) 180 196 go sb.proactiveScanLoop() 181 181 - slog.Info("Proactive scan scheduler started", "rescanInterval", rescanInterval) 197 197 + go sb.refreshManifestDIDsLoop() 198 198 + slog.Info("Proactive scan scheduler started", "rescanInterval", rescanInterval, "relayEndpoint", relayEndpoint) 182 199 } 183 200 184 201 return sb, nil ··· 709 726 return sb.secret != "" && secret == sb.secret 710 727 } 711 728 729 729 + // refreshManifestDIDsLoop periodically queries the relay to discover all DIDs 730 730 + // with io.atcr.manifest records. The cached list is used by the proactive scan loop. 731 731 + func (sb *ScanBroadcaster) refreshManifestDIDsLoop() { 732 732 + defer sb.wg.Done() 733 733 + 734 734 + // Wait for the system to settle before first refresh 735 735 + select { 736 736 + case <-sb.stopCh: 737 737 + return 738 738 + case <-time.After(30 * time.Second): 739 739 + } 740 740 + 741 741 + // Initial refresh 742 742 + sb.refreshManifestDIDs() 743 743 + 744 744 + ticker := time.NewTicker(30 * time.Minute) 745 745 + defer ticker.Stop() 746 746 + 747 747 + for { 748 748 + select { 749 749 + case <-sb.stopCh: 750 750 + slog.Info("Manifest DID refresh loop stopped") 751 751 + return 752 752 + case <-ticker.C: 753 753 + sb.refreshManifestDIDs() 754 754 + } 755 755 + } 756 756 + } 757 757 + 758 758 + // refreshManifestDIDs queries the relay for all DIDs that have io.atcr.manifest records. 759 759 + // On success, atomically replaces the cached DID list. On failure, retains the previous list. 760 760 + func (sb *ScanBroadcaster) refreshManifestDIDs() { 761 761 + ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) 762 762 + defer cancel() 763 763 + 764 764 + client := atproto.NewClient(sb.relayEndpoint, "", "") 765 765 + 766 766 + var allDIDs []string 767 767 + var cursor string 768 768 + 769 769 + for { 770 770 + result, err := client.ListReposByCollection(ctx, atproto.ManifestCollection, 1000, cursor) 771 771 + if err != nil { 772 772 + slog.Warn("Proactive scan: failed to list repos from relay", 773 773 + "relay", sb.relayEndpoint, "error", err) 774 774 + return // Keep existing cached list 775 775 + } 776 776 + 777 777 + for _, repo := range result.Repos { 778 778 + allDIDs = append(allDIDs, repo.DID) 779 779 + } 780 780 + 781 781 + if result.Cursor == "" || len(result.Repos) == 0 { 782 782 + break 783 783 + } 784 784 + cursor = result.Cursor 785 785 + } 786 786 + 787 787 + sb.manifestDIDsMu.Lock() 788 788 + sb.manifestDIDs = allDIDs 789 789 + sb.manifestDIDsMu.Unlock() 790 790 + 791 791 + slog.Info("Proactive scan: refreshed manifest DID list from relay", 792 792 + "count", len(allDIDs), "relay", sb.relayEndpoint) 793 793 + } 794 794 + 712 795 // proactiveScanLoop periodically finds manifests needing scanning and enqueues jobs. 713 796 // It fetches manifest records from users' PDS (the source of truth) and creates scan 714 797 // jobs for manifests that haven't been scanned recently. ··· 738 821 739 822 // tryEnqueueProactiveScan finds the next manifest needing a scan and enqueues it. 740 823 // Only enqueues one job per call to avoid flooding the scanner. 824 824 + // Uses the cached DID list from the relay (refreshed by refreshManifestDIDsLoop). 741 825 func (sb *ScanBroadcaster) tryEnqueueProactiveScan() { 742 826 if !sb.hasConnectedScanners() { 743 827 return ··· 749 833 ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) 750 834 defer cancel() 751 835 752 752 - // Get all users who have pushed to this hold 753 753 - stats, err := sb.pds.ListStats(ctx) 754 754 - if err != nil { 755 755 - slog.Error("Proactive scan: failed to list stats", "error", err) 756 756 - return 757 757 - } 758 758 - 759 759 - // Extract unique user DIDs 760 760 - seen := make(map[string]bool) 761 761 - var userDIDs []string 762 762 - for _, s := range stats { 763 763 - if !seen[s.OwnerDID] { 764 764 - seen[s.OwnerDID] = true 765 765 - userDIDs = append(userDIDs, s.OwnerDID) 766 766 - } 767 767 - } 836 836 + // Read cached DID list from relay discovery 837 837 + sb.manifestDIDsMu.RLock() 838 838 + userDIDs := sb.manifestDIDs 839 839 + sb.manifestDIDsMu.RUnlock() 768 840 769 841 if len(userDIDs) == 0 { 770 842 return 771 843 } 772 844 773 773 - // Round-robin through users, trying each until we find work or exhaust the list 845 845 + // Round-robin through DIDs, trying each until we find work or exhaust the list 774 846 for attempts := 0; attempts < len(userDIDs); attempts++ { 775 847 idx := sb.userIdx % len(userDIDs) 776 848 sb.userIdx++ ··· 870 942 return false 871 943 } 872 944 873 873 - // isOurManifest checks if a manifest's holdDID matches this hold, either directly 874 874 - // or via successor (the manifest's hold has set us as its successor). 945 945 + // isOurManifest checks if a manifest's holdDID matches this hold directly, 946 946 + // or if the manifest's hold has been migrated (has a successor label set). 875 947 func (sb *ScanBroadcaster) isOurManifest(ctx context.Context, holdDID string) bool { 876 948 if holdDID == "" { 877 949 return false ··· 893 965 return isPredecessor 894 966 } 895 967 896 896 - // checkPredecessor fetches a hold's captain record to check if its successor is us. 968 968 + // checkPredecessor fetches a hold's captain record to check if it has a successor label 969 969 + // (meaning the hold has been migrated/retired and its manifests should be scanned by us). 897 970 func (sb *ScanBroadcaster) checkPredecessor(ctx context.Context, holdDID string) bool { 898 971 fetchCtx, cancel := context.WithTimeout(ctx, 5*time.Second) 899 972 defer cancel() ··· 946 1019 return false 947 1020 } 948 1021 949 949 - if captain.Successor == sb.holdDID { 950 950 - slog.Info("Proactive scan: discovered predecessor hold", 951 951 - "predecessorDID", holdDID, "successor", sb.holdDID) 1022 1022 + if captain.Successor != "" { 1023 1023 + slog.Info("Proactive scan: discovered migrated hold (has successor label)", 1024 1024 + "holdDID", holdDID, "successor", captain.Successor) 952 1025 return true 953 1026 } 954 1027

+2 -2

pkg/hold/server.go

reviewed

··· 196 196 rescanInterval := cfg.Scanner.RescanInterval 197 197 var sb *pds.ScanBroadcaster 198 198 if s.holdDB != nil { 199 199 - sb, err = pds.NewScanBroadcasterWithDB(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, s.holdDB.DB, s3Service, s.PDS, rescanInterval) 199 199 + sb, err = pds.NewScanBroadcasterWithDB(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, cfg.Server.RelayEndpoint, s.holdDB.DB, s3Service, s.PDS, rescanInterval) 200 200 } else { 201 201 scanDBPath := cfg.Database.Path + "/db.sqlite3" 202 202 - sb, err = pds.NewScanBroadcaster(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, scanDBPath, s3Service, s.PDS, rescanInterval) 202 202 + sb, err = pds.NewScanBroadcaster(holdDID, cfg.Server.PublicURL, cfg.Scanner.Secret, cfg.Server.RelayEndpoint, scanDBPath, s3Service, s.PDS, rescanInterval) 203 203 } 204 204 if err != nil { 205 205 return nil, fmt.Errorf("failed to initialize scan broadcaster: %w", err)

+1 -1

scanner/go.mod

reviewed

··· 181 181 github.com/json-iterator/go v1.1.12 // indirect 182 182 github.com/kastenhq/goversion v0.0.0-20230811215019-93b2f8823953 // indirect 183 183 github.com/kevinburke/ssh_config v1.4.0 // indirect 184 184 - github.com/klauspost/compress v1.18.4 // indirect 184 184 + github.com/klauspost/compress v1.18.4 185 185 github.com/klauspost/cpuid/v2 v2.3.0 // indirect 186 186 github.com/klauspost/pgzip v1.2.6 // indirect 187 187 github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f // indirect

+2 -2

scanner/go.sum

reviewed

··· 252 252 github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= 253 253 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= 254 254 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= 255 255 - github.com/charmbracelet/bubbles v0.21.0 h1:9TdC97SdRVg/1aaXNVWfFH3nnLAwOXr8Fn6u6mfQdFs= 256 256 - github.com/charmbracelet/bubbles v0.21.0/go.mod h1:HF+v6QUR4HkEpz62dx7ym2xc71/KBHg+zKwJtMw+qtg= 255 255 + github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7 h1:JFgG/xnwFfbezlUnFMJy0nusZvytYysV4SCS2cYbvws= 256 256 + github.com/charmbracelet/bubbles v0.21.1-0.20250623103423-23b8fd6302d7/go.mod h1:ISC1gtLcVilLOf23wvTfoQuYbW2q0JevFxPfUzZ9Ybw= 257 257 github.com/charmbracelet/bubbletea v1.3.10 h1:otUDHWMMzQSB0Pkc87rm691KZ3SWa4KUlvF9nRvCICw= 258 258 github.com/charmbracelet/bubbletea v1.3.10/go.mod h1:ORQfo0fk8U+po9VaNvnV95UPWA1BitP1E0N6xJPlHr4= 259 259 github.com/charmbracelet/colorprofile v0.4.2 h1:BdSNuMjRbotnxHSfxy+PCSa4xAmz7szw70ktAtWRYrY=

+46 -13

scanner/internal/scan/extractor.go

reviewed

··· 13 13 14 14 scanner "atcr.io/scanner" 15 15 "atcr.io/scanner/internal/client" 16 16 + "github.com/klauspost/compress/zstd" 16 17 ) 17 18 18 19 // extractLayers downloads and extracts all image layers via presigned URLs ··· 69 70 slog.Warn("Skipping layer with empty digest", "index", i) 70 71 continue 71 72 } 72 72 - slog.Info("Extracting layer", "index", i, "digest", layer.Digest, "size", layer.Size) 73 73 + // Skip non-tar layers (cosign signatures, attestations, etc.) 74 74 + if layer.MediaType != "" && !strings.Contains(layer.MediaType, "tar") { 75 75 + slog.Info("Skipping non-tar layer", "index", i, "digest", layer.Digest, "mediaType", layer.MediaType) 76 76 + continue 77 77 + } 78 78 + slog.Info("Extracting layer", "index", i, "digest", layer.Digest, "size", layer.Size, "mediaType", layer.MediaType) 73 79 74 74 - layerPath := filepath.Join(layersDir, fmt.Sprintf("layer-%d.tar.gz", i)) 80 80 + layerPath := filepath.Join(layersDir, fmt.Sprintf("layer-%d", i)) 75 81 if err := downloadBlobViaPresignedURL(job.HoldEndpoint, job.HoldDID, layer.Digest, layerPath, secret); err != nil { 76 82 cleanup() 77 83 return "", nil, fmt.Errorf("failed to download layer %d: %w", i, err) 78 84 } 79 85 80 80 - if err := extractTarGz(layerPath, rootfsDir); err != nil { 86 86 + if err := extractLayer(layerPath, rootfsDir, layer.MediaType); err != nil { 81 87 cleanup() 82 88 return "", nil, fmt.Errorf("failed to extract layer %d: %w", i, err) 83 89 } 84 90 85 85 - // Remove layer tar.gz to save space 91 91 + // Remove layer file to save space 86 92 os.Remove(layerPath) 87 93 } 88 94 ··· 107 113 return client.DownloadBlob(presignedURL, destPath) 108 114 } 109 115 110 110 - // extractTarGz extracts a tar.gz file to a destination directory (overlayfs style) 111 111 - func extractTarGz(tarGzPath, destDir string) error { 112 112 - file, err := os.Open(tarGzPath) 116 116 + // extractLayer extracts a layer tar archive to a destination directory (overlayfs style). 117 117 + // Supports gzip, zstd, and uncompressed tar based on the OCI media type. 118 118 + // Falls back to header sniffing if the media type is unrecognized. 119 119 + func extractLayer(layerPath, destDir, mediaType string) error { 120 120 + file, err := os.Open(layerPath) 113 121 if err != nil { 114 114 - return fmt.Errorf("failed to open tar.gz: %w", err) 122 122 + return fmt.Errorf("failed to open layer: %w", err) 115 123 } 116 124 defer file.Close() 117 125 118 118 - gzr, err := gzip.NewReader(file) 119 119 - if err != nil { 120 120 - return fmt.Errorf("failed to create gzip reader: %w", err) 126 126 + var tarReader io.Reader 127 127 + 128 128 + switch { 129 129 + case strings.Contains(mediaType, "zstd"): 130 130 + decoder, err := zstd.NewReader(file) 131 131 + if err != nil { 132 132 + return fmt.Errorf("failed to create zstd reader: %w", err) 133 133 + } 134 134 + defer decoder.Close() 135 135 + tarReader = decoder 136 136 + 137 137 + case strings.Contains(mediaType, "gzip") || mediaType == "": 138 138 + // Default to gzip for unspecified media types (most common) 139 139 + gzr, err := gzip.NewReader(file) 140 140 + if err != nil { 141 141 + // If gzip fails, try plain tar (header sniff fallback) 142 142 + if _, seekErr := file.Seek(0, io.SeekStart); seekErr != nil { 143 143 + return fmt.Errorf("failed to create gzip reader: %w", err) 144 144 + } 145 145 + slog.Debug("Gzip header invalid, falling back to plain tar", "mediaType", mediaType) 146 146 + tarReader = file 147 147 + } else { 148 148 + defer gzr.Close() 149 149 + tarReader = gzr 150 150 + } 151 151 + 152 152 + default: 153 153 + // Uncompressed tar or unknown — try plain tar 154 154 + tarReader = file 121 155 } 122 122 - defer gzr.Close() 123 156 124 124 - tr := tar.NewReader(gzr) 157 157 + tr := tar.NewReader(tarReader) 125 158 126 159 for { 127 160 header, err := tr.Next()

+173 -62

scripts/update-homebrew-formula.sh

reviewed

··· 1 1 #!/usr/bin/env bash 2 2 # 3 3 - # update-homebrew-formula.sh - Helper script to update Homebrew formula with new release 3 3 + # update-homebrew-formula.sh - Update Homebrew formula after a GoReleaser release 4 4 # 5 5 - # Usage: ./scripts/update-homebrew-formula.sh <version> 5 5 + # Usage: ./scripts/update-homebrew-formula.sh <version> [--push] 6 6 # 7 7 # Example: ./scripts/update-homebrew-formula.sh v0.0.2 8 8 + # ./scripts/update-homebrew-formula.sh v0.0.2 --push 8 9 # 9 10 # This script: 10 10 - # 1. Downloads the source tarball from GitHub 11 11 - # 2. Calculates SHA256 checksum 12 12 - # 3. Generates updated formula snippet 11 11 + # 1. Downloads pre-built archives from Tangled for each platform 12 12 + # 2. Computes SHA256 checksums 13 13 + # 3. Generates the updated formula 14 14 + # 4. Optionally clones the homebrew-tap repo, commits, and pushes 15 15 + # 16 16 + # If GoReleaser dist/ directory exists locally, checksums are read from there instead. 13 17 # 14 18 15 19 set -euo pipefail 16 20 17 17 - # Colors for output 18 21 RED='\033[0;31m' 19 22 GREEN='\033[0;32m' 20 23 YELLOW='\033[1;33m' 21 21 - NC='\033[0m' # No Color 24 24 + NC='\033[0m' 25 25 + 26 26 + TANGLED_REPO="https://tangled.org/evan.jarrett.net/at-container-registry" 27 27 + TAP_REPO="https://tangled.org/evan.jarrett.net/homebrew-tap" 28 28 + BINARY_NAME="docker-credential-atcr" 29 29 + FORMULA_PATH="Formula/docker-credential-atcr.rb" 30 30 + 31 31 + PLATFORMS=( 32 32 + "Darwin_arm64" 33 33 + "Darwin_x86_64" 34 34 + "Linux_arm64" 35 35 + "Linux_x86_64" 36 36 + ) 22 37 23 23 - # Check arguments 24 24 - if [ $# -ne 1 ]; then 38 38 + if [ $# -lt 1 ]; then 25 39 echo -e "${RED}Error: Missing required argument${NC}" 26 26 - echo "Usage: $0 <version>" 40 40 + echo "Usage: $0 <version> [--push]" 27 41 echo "" 28 42 echo "Example: $0 v0.0.2" 29 29 - echo " $0 0.0.2 (v prefix is optional)" 43 43 + echo " $0 v0.0.2 --push" 30 44 exit 1 31 45 fi 32 46 33 47 VERSION="$1" 48 48 + PUSH=false 49 49 + if [ "${2:-}" = "--push" ]; then 50 50 + PUSH=true 51 51 + fi 34 52 35 53 # Add 'v' prefix if not present 36 54 if [[ ! "$VERSION" =~ ^v ]]; then 37 55 VERSION="v${VERSION}" 38 56 fi 57 57 + VERSION_NO_V="${VERSION#v}" 39 58 40 40 - echo -e "${GREEN}Updating Homebrew formula for version ${VERSION}${NC}" 59 59 + echo -e "${GREEN}Updating Homebrew formula for ${VERSION}${NC}" 41 60 echo "" 42 61 43 43 - # GitHub repository details 44 44 - GITHUB_REPO="atcr-io/atcr" 45 45 - TARBALL_URL="https://github.com/${GITHUB_REPO}/archive/refs/tags/${VERSION}.tar.gz" 46 46 - 47 47 - # Create temporary directory 48 62 TEMP_DIR=$(mktemp -d) 49 63 trap 'rm -rf "$TEMP_DIR"' EXIT 50 64 51 51 - TARBALL_FILE="${TEMP_DIR}/${VERSION}.tar.gz" 52 52 - 53 53 - echo -e "${YELLOW}Downloading source tarball...${NC}" 54 54 - echo "URL: ${TARBALL_URL}" 65 65 + # Compute SHA256 for each platform archive 66 66 + declare -A CHECKSUMS 55 67 56 56 - if curl -sSfL -o "$TARBALL_FILE" "$TARBALL_URL"; then 57 57 - # Calculate SHA256 68 68 + sha256_of_file() { 58 69 if command -v sha256sum &> /dev/null; then 59 59 - CHECKSUM=$(sha256sum "$TARBALL_FILE" | awk '{print $1}') 70 70 + sha256sum "$1" | awk '{print $1}' 60 71 elif command -v shasum &> /dev/null; then 61 61 - CHECKSUM=$(shasum -a 256 "$TARBALL_FILE" | awk '{print $1}') 72 72 + shasum -a 256 "$1" | awk '{print $1}' 62 73 else 63 63 - echo -e "${RED}Error: sha256sum or shasum command not found${NC}" 74 74 + echo -e "${RED}Error: sha256sum or shasum not found${NC}" >&2 64 75 exit 1 65 76 fi 77 77 + } 66 78 67 67 - echo -e "${GREEN}✓ Downloaded successfully${NC}" 68 68 - echo "SHA256: $CHECKSUM" 79 79 + # Check if GoReleaser dist/ has the archives locally 80 80 + GORELEASER_DIST="dist" 81 81 + if [ -f "${GORELEASER_DIST}/checksums.txt" ]; then 82 82 + echo -e "${YELLOW}Using local GoReleaser dist/ for checksums${NC}" 83 83 + for platform in "${PLATFORMS[@]}"; do 84 84 + archive="${BINARY_NAME}_${VERSION_NO_V}_${platform}.tar.gz" 85 85 + checksum=$(grep "${archive}" "${GORELEASER_DIST}/checksums.txt" | awk '{print $1}') 86 86 + if [ -z "$checksum" ]; then 87 87 + echo -e "${RED}Missing checksum for ${archive} in dist/checksums.txt${NC}" 88 88 + exit 1 89 89 + fi 90 90 + CHECKSUMS[$platform]="$checksum" 91 91 + echo -e " ${GREEN}✓${NC} ${platform}: ${checksum}" 92 92 + done 69 93 else 70 70 - echo -e "${RED}✗ Failed to download source tarball${NC}" 71 71 - echo "" 72 72 - echo "Make sure the tag ${VERSION} exists on GitHub:" 73 73 - echo " https://github.com/${GITHUB_REPO}/releases/tag/${VERSION}" 74 74 - echo "" 75 75 - echo "If you haven't pushed the tag yet, run:" 76 76 - echo " git tag ${VERSION}" 77 77 - echo " git push origin ${VERSION}" 78 78 - exit 1 94 94 + echo -e "${YELLOW}Downloading archives from Tangled to compute checksums...${NC}" 95 95 + for platform in "${PLATFORMS[@]}"; do 96 96 + archive="${BINARY_NAME}_${VERSION_NO_V}_${platform}.tar.gz" 97 97 + url="${TANGLED_REPO}/tags/${VERSION}/download/${archive}" 98 98 + dest="${TEMP_DIR}/${archive}" 99 99 + 100 100 + echo -n " ${platform}... " 101 101 + if curl -sSfL -o "$dest" "$url"; then 102 102 + CHECKSUMS[$platform]=$(sha256_of_file "$dest") 103 103 + echo -e "${GREEN}✓${NC} ${CHECKSUMS[$platform]}" 104 104 + else 105 105 + echo -e "${RED}✗ Failed to download${NC}" 106 106 + echo " URL: ${url}" 107 107 + exit 1 108 108 + fi 109 109 + done 79 110 fi 80 111 81 112 echo "" 82 82 - echo "======================================================================" 83 83 - echo "Copy the following to Formula/docker-credential-atcr.rb:" 84 84 - echo "======================================================================" 85 85 - echo "" 86 113 87 87 - cat << EOF 88 88 - url "https://github.com/${GITHUB_REPO}/archive/refs/tags/${VERSION}.tar.gz" 89 89 - sha256 "${CHECKSUM}" 114 114 + # Generate the formula 115 115 + FORMULA=$(cat <<RUBY 116 116 + # typed: false 117 117 + # frozen_string_literal: true 118 118 + 119 119 + class DockerCredentialAtcr < Formula 120 120 + desc "Docker credential helper for ATCR (ATProto Container Registry)" 121 121 + homepage "https://atcr.io" 122 122 + version "${VERSION_NO_V}" 90 123 license "MIT" 91 91 - head "https://github.com/${GITHUB_REPO}.git", branch: "main" 92 92 - EOF 124 124 + 125 125 + on_macos do 126 126 + on_arm do 127 127 + url "${TANGLED_REPO}/tags/${VERSION}/download/${BINARY_NAME}_${VERSION_NO_V}_Darwin_arm64.tar.gz" 128 128 + sha256 "${CHECKSUMS[Darwin_arm64]}" 129 129 + end 130 130 + on_intel do 131 131 + url "${TANGLED_REPO}/tags/${VERSION}/download/${BINARY_NAME}_${VERSION_NO_V}_Darwin_x86_64.tar.gz" 132 132 + sha256 "${CHECKSUMS[Darwin_x86_64]}" 133 133 + end 134 134 + end 135 135 + 136 136 + on_linux do 137 137 + on_arm do 138 138 + url "${TANGLED_REPO}/tags/${VERSION}/download/${BINARY_NAME}_${VERSION_NO_V}_Linux_arm64.tar.gz" 139 139 + sha256 "${CHECKSUMS[Linux_arm64]}" 140 140 + end 141 141 + on_intel do 142 142 + url "${TANGLED_REPO}/tags/${VERSION}/download/${BINARY_NAME}_${VERSION_NO_V}_Linux_x86_64.tar.gz" 143 143 + sha256 "${CHECKSUMS[Linux_x86_64]}" 144 144 + end 145 145 + end 146 146 + 147 147 + def install 148 148 + bin.install "docker-credential-atcr" 149 149 + end 150 150 + 151 151 + test do 152 152 + assert_match version.to_s, shell_output("#{bin}/docker-credential-atcr version 2>&1") 153 153 + end 154 154 + 155 155 + def caveats 156 156 + <<~EOS 157 157 + To configure Docker to use ATCR credential helper, add the following 158 158 + to your ~/.docker/config.json: 159 159 + 160 160 + { 161 161 + "credHelpers": { 162 162 + "atcr.io": "atcr" 163 163 + } 164 164 + } 165 165 + 166 166 + Or run: docker-credential-atcr configure-docker 167 167 + 168 168 + To authenticate with ATCR: 169 169 + docker push atcr.io/<your-handle>/<image>:latest 170 170 + 171 171 + Configuration is stored in: ~/.atcr/config.json 172 172 + EOS 173 173 + end 174 174 + end 175 175 + RUBY 176 176 + ) 177 177 + 178 178 + # Write to local formula 179 179 + echo "$FORMULA" > "${FORMULA_PATH}" 180 180 + echo -e "${GREEN}✓ Updated ${FORMULA_PATH}${NC}" 181 181 + 182 182 + if [ "$PUSH" = true ]; then 183 183 + echo "" 184 184 + echo -e "${YELLOW}Pushing to homebrew-tap repo...${NC}" 185 185 + 186 186 + TAP_DIR="${TEMP_DIR}/homebrew-tap" 187 187 + git clone "$TAP_REPO" "$TAP_DIR" 2>/dev/null || { 188 188 + echo -e "${YELLOW}Tap repo not found, initializing new repo${NC}" 189 189 + mkdir -p "$TAP_DIR" 190 190 + cd "$TAP_DIR" 191 191 + git init 192 192 + git remote add origin "$TAP_REPO" 193 193 + } 194 194 + 195 195 + mkdir -p "${TAP_DIR}/Formula" 196 196 + cp "${FORMULA_PATH}" "${TAP_DIR}/Formula/" 93 197 94 94 - echo "" 95 95 - echo "======================================================================" 198 198 + cd "$TAP_DIR" 199 199 + git add Formula/docker-credential-atcr.rb 200 200 + git commit -m "Update docker-credential-atcr to ${VERSION}" 201 201 + git push origin HEAD 202 202 + 203 203 + echo -e "${GREEN}✓ Pushed to ${TAP_REPO}${NC}" 204 204 + else 205 205 + echo "" 206 206 + echo -e "${YELLOW}Next steps:${NC}" 207 207 + echo "1. Review the formula: ${FORMULA_PATH}" 208 208 + echo "2. Push to your homebrew-tap repo on Tangled:" 209 209 + echo " cd /path/to/homebrew-tap" 210 210 + echo " cp ${FORMULA_PATH} Formula/" 211 211 + echo " git add Formula/ && git commit -m 'Update to ${VERSION}' && git push" 212 212 + echo "" 213 213 + echo "Or re-run with --push to do this automatically:" 214 214 + echo " $0 ${VERSION} --push" 215 215 + fi 216 216 + 96 217 echo "" 97 97 - echo -e "${YELLOW}Next steps:${NC}" 98 98 - echo "1. Update Formula/docker-credential-atcr.rb with the url and sha256 above" 99 99 - echo "2. Test the formula locally:" 100 100 - echo " brew install --build-from-source Formula/docker-credential-atcr.rb" 101 101 - echo " docker-credential-atcr version" 102 102 - echo "3. Commit and push to your atcr-io/homebrew-tap repository:" 103 103 - echo " cd /path/to/homebrew-tap" 104 104 - echo " cp Formula/docker-credential-atcr.rb ." 105 105 - echo " git add docker-credential-atcr.rb" 106 106 - echo " git commit -m \"Update docker-credential-atcr to ${VERSION}\"" 107 107 - echo " git push" 108 108 - echo "4. Users can upgrade with:" 109 109 - echo " brew update" 110 110 - echo " brew upgrade docker-credential-atcr" 218 218 + echo -e "${GREEN}Users can install/upgrade with:${NC}" 219 219 + echo " brew tap atcr/tap ${TAP_REPO}" 220 220 + echo " brew install docker-credential-atcr" 221 221 + echo " brew upgrade docker-credential-atcr"