raw authentication to registries

Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2025-10-14 20:43:38 +08:00 · 2025-09-05 18:43:09 +02:00
parent bdf14dc173
commit 9fc23e88e3
9 changed files with 212 additions and 23 deletions
--- a/src/context.ts
+++ b/src/context.ts
@@ -6,6 +6,7 @@ export interface Inputs {
  password: string;
  ecr: string;
  logout: boolean;
+  registryAuth: string;
 }

 export function getInputs(): Inputs {
@@ -14,6 +15,7 @@ export function getInputs(): Inputs {
    username: core.getInput('username'),
    password: core.getInput('password'),
    ecr: core.getInput('ecr'),
-    logout: core.getBooleanInput('logout')
+    logout: core.getBooleanInput('logout'),
+    registryAuth: core.getInput('registry-auth')
  };
 }
--- a/src/docker.ts
+++ b/src/docker.ts
@@ -36,11 +36,7 @@ export async function loginStandard(registry: string, username: string, password
  loginArgs.push('--username', username);
  loginArgs.push(registry);

-  if (registry) {
-    core.info(`Logging into ${registry}...`);
-  } else {
-    core.info(`Logging into Docker Hub...`);
-  }
+  core.info(`Logging into ${registry}...`);
  await Docker.getExecOutput(loginArgs, {
    ignoreReturnCode: true,
    silent: true,
--- a/src/main.ts
+++ b/src/main.ts
@@ -1,21 +1,61 @@
+import * as yaml from 'js-yaml';
+import * as core from '@actions/core';
 import * as actionsToolkit from '@docker/actions-toolkit';

 import * as context from './context';
 import * as docker from './docker';
 import * as stateHelper from './state-helper';

+interface Auth {
+  registry: string;
+  username: string;
+  password: string;
+  ecr: string;
+}
+
 export async function main(): Promise<void> {
-  const input: context.Inputs = context.getInputs();
-  stateHelper.setRegistry(input.registry);
-  stateHelper.setLogout(input.logout);
-  await docker.login(input.registry, input.username, input.password, input.ecr);
+  const inputs: context.Inputs = context.getInputs();
+  stateHelper.setLogout(inputs.logout);
+
+  if (inputs.registryAuth && (inputs.registry || inputs.username || inputs.password || inputs.ecr)) {
+    throw new Error('Cannot use registry-auth with other inputs');
+  }
+
+  if (!inputs.registryAuth) {
+    stateHelper.setRegistries([inputs.registry || 'docker.io']);
+    await docker.login(inputs.registry || 'docker.io', inputs.username, inputs.password, inputs.ecr || 'auto');
+    return;
+  }
+
+  const auths = yaml.load(inputs.registryAuth) as Auth[];
+  if (auths.length == 0) {
+    throw new Error('No registry to login');
+  }
+
+  const registries: string[] = [];
+  for (const auth of auths) {
+    if (!auth.registry) {
+      registries.push('docker.io');
+    } else {
+      registries.push(auth.registry);
+    }
+  }
+  stateHelper.setRegistries(registries.filter((value, index, self) => self.indexOf(value) === index));
+
+  for (const auth of auths) {
+    await core.group(`Login to ${auth.registry || 'docker.io'}`, async () => {
+      await docker.login(auth.registry || 'docker.io', auth.username, auth.password, auth.ecr || 'auto');
+    });
+  }
 }

 async function post(): Promise<void> {
  if (!stateHelper.logout) {
    return;
  }
-  await docker.logout(stateHelper.registry);
+  for (const registry of stateHelper.registries.split(',')) {
+    await docker.logout(registry);
+  }
 }

 actionsToolkit.run(main, post);
--- a/src/state-helper.ts
+++ b/src/state-helper.ts
@@ -1,10 +1,10 @@
 import * as core from '@actions/core';

-export const registry = process.env['STATE_registry'] || '';
+export const registries = process.env['STATE_registries'] || '';
 export const logout = /true/i.test(process.env['STATE_logout'] || '');

-export function setRegistry(registry: string) {
-  core.saveState('registry', registry);
+export function setRegistries(registries: string[]) {
+  core.saveState('registries', registries.join(','));
 }

 export function setLogout(logout: boolean) {