Instrument remote image pulling

domust · domust · commit 2597d9ba86e1 · 2024-09-19T12:10:28.000+03:00
diff --git a/artifact_test.go b/artifact_test.go
@@ -18,7 +18,7 @@ func TestArtifact(t *testing.T) {
 	log.SetLevel(logrus.DebugLevel)
 
 	digest := "alpine@sha256:60eda2a7bc29a54fe6beae0d72312ea995eb3b8387535e8dbf6767fd1b765d34" // linux/amd64 digest
-	img, err := image.NewFromRemote(ctx, digest, types.ImageOptions{})
+	img, err := image.NewFromRemote(ctx, log, digest, types.ImageOptions{})
 	r.NoError(err)
 
 	artifact, err := NewArtifact(img, log, mockBlockCache{}, ArtifactOption{
diff --git a/image/remote.go b/image/remote.go
@@ -13,6 +13,7 @@ import (
 	"github.com/google/go-containerregistry/pkg/name"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/remote"
+	"github.com/sirupsen/logrus"
 )
 
 type DockerConfig struct {
@@ -25,7 +26,12 @@ type RegistryAuth struct {
 	Token    string `json:"auth"`
 }
 
-func NewFromRemote(ctx context.Context, imageName string, option types.ImageOptions) (ImageWithIndex, error) {
+func NewFromRemote(
+	ctx context.Context,
+	log logrus.FieldLogger,
+	imageName string,
+	option types.ImageOptions,
+) (ImageWithIndex, error) {
 	var nameOpts []name.Option
 	if option.RegistryOptions.Insecure {
 		nameOpts = append(nameOpts, name.Insecure)
@@ -35,14 +41,20 @@ func NewFromRemote(ctx context.Context, imageName string, option types.ImageOpti
 		return nil, fmt.Errorf("failed to parse the image name: %w", err)
 	}
 
-	img, err := tryRemote(ctx, imageName, ref, option)
+	img, err := tryRemote(ctx, log, imageName, ref, option)
 	if err != nil {
 		return nil, err
 	}
 	return img, nil
 }
 
-func tryRemote(ctx context.Context, imageName string, ref name.Reference, option types.ImageOptions) (ImageWithIndex, error) {
+func tryRemote(
+	ctx context.Context,
+	log logrus.FieldLogger,
+	imageName string,
+	ref name.Reference,
+	option types.ImageOptions,
+) (ImageWithIndex, error) {
 	remoteOpts := []remote.Option{
 		remote.WithContext(ctx),
 	}
@@ -55,20 +67,26 @@ func tryRemote(ctx context.Context, imageName string, ref name.Reference, option
 
 	// Username/Password based auth.
 	if len(option.RegistryOptions.Credentials) > 0 {
+		log.Info("using basic authentication to pull an image")
 		for _, cred := range option.RegistryOptions.Credentials {
 			remoteOpts = append(remoteOpts, remote.WithAuth(&authn.Basic{
 				Username: cred.Username,
 				Password: cred.Password,
 			}))
 		}
 	} else {
+		log.Info("using other authentication to pull an image")
 		domain := ref.Context().RegistryStr()
 		auth := registry.GetToken(ctx, domain, option.RegistryOptions)
 		if auth.Username != "" && auth.Password != "" {
+			log.Info("using cloud provider registry token to pull an image")
 			remoteOpts = append(remoteOpts, remote.WithAuth(&auth))
 		} else if option.RegistryOptions.RegistryToken != "" {
+			log.Info("using bearer token to pull an image")
 			bearer := authn.Bearer{Token: option.RegistryOptions.RegistryToken}
 			remoteOpts = append(remoteOpts, remote.WithAuth(&bearer))
+		} else {
+			log.Info("not using authentication to pull an image after all")
 		}
 	}
 
