oras-project · Wwwsylvia · Sep 25, 2023 · Sep 22, 2023 · Sep 22, 2023 · Sep 22, 2023
@@ -1,7 +1,5 @@
 # Credential Management for [oras-go](https://github.com/oras-project/oras-go)
 
-> **Warning** This project is currently under initial development. APIs may and will be changed incompatibly from one commit to another.
-
 [![Build Status](https://github.com/oras-project/oras-credentials-go/actions/workflows/build.yml/badge.svg?event=push&branch=main)](https://github.com/oras-project/oras-credentials-go/actions/workflows/build.yml?query=workflow%3Abuild+event%3Apush+branch%3Amain)
 [![codecov](https://codecov.io/gh/oras-project/oras-credentials-go/branch/main/graph/badge.svg)](https://codecov.io/gh/oras-project/oras-credentials-go)
 [![Go Report Card](https://goreportcard.com/badge/github.com/oras-project/oras-credentials-go)](https://goreportcard.com/report/github.com/oras-project/oras-credentials-go)
@@ -13,7 +11,10 @@
 
 `oras-credentials-go` is a credential management library designed for [`oras-go`](https://github.com/oras-project/oras-go). It supports reading, saving, and removing credentials from Docker configuration files and external credential stores that follow the [Docker credential helper protocol](https://docs.docker.com/engine/reference/commandline/login/#credential-helper-protocol).
 
-Once it reaches a fairly stable version (e.g. `v1.0.0-rc.1`), `oras-credentials-go` will be merged into `oras-go` (See [discussion](https://github.com/oras-project/oras-credentials-go/discussions/80)). After that, this repository will be archived.
+> [!IMPORTANT]
+> The APIs previously located in this library have been moved to [`oras-go`](https://github.com/oras-project/oras-go). As a result, these APIs are now deprecated and users should use [the packages](https://pkg.go.dev/oras.land/oras-go/v2/registry/remote/credentials) in `oras-go` instead.
+>
+> This repository will now be used for developing experimental features scoped to credentials management. If any of these features are deemed stable and applicable to `oras-go`, they may be moved there in the future.
 
 ## Versioning
 

@@ -16,82 +16,43 @@ limitations under the License.
 package credentials
 
 import (
-	"context"
-	"errors"
-	"fmt"
-	"strings"
-
-	"github.com/oras-project/oras-credentials-go/internal/config"
-	"oras.land/oras-go/v2/registry/remote/auth"
+	credentials "oras.land/oras-go/v2/registry/remote/credentials"
 )
 
 // FileStore implements a credentials store using the docker configuration file
 // to keep the credentials in plain-text.
 //
 // Reference: https://docs.docker.com/engine/reference/commandline/cli/#docker-cli-configuration-file-configjson-properties
-type FileStore struct {
-	// DisablePut disables putting credentials in plaintext.
-	// If DisablePut is set to true, Put() will return ErrPlaintextPutDisabled.
-	DisablePut bool
-
-	config *config.Config
-}
+//
+// Deprecated: This type is now simply [credentials.FileStore] of oras-go.
+//
+// [credentials.FileStore]: https://pkg.go.dev/oras.land/oras-go/v2/registry/remote/credentials#FileStore
+type FileStore = credentials.FileStore
 
 var (
 	// ErrPlaintextPutDisabled is returned by Put() when DisablePut is set
 	// to true.
-	ErrPlaintextPutDisabled = errors.New("putting plaintext credentials is disabled")
+	//
+	// Deprecated: This type is now simply [credentials.ErrPlaintextPutDisabled] of oras-go.
+	//
+	// [credentials.ErrPlaintextPutDisabled]: https://pkg.go.dev/oras.land/oras-go/v2/registry/remote/credentials#ErrPlaintextPutDisabled
+	ErrPlaintextPutDisabled = credentials.ErrPlaintextPutDisabled
 	// ErrBadCredentialFormat is returned by Put() when the credential format
 	// is bad.
-	ErrBadCredentialFormat = errors.New("bad credential format")
+	//
+	// Deprecated: This type is now simply [credentials.ErrBadCredentialFormat] of oras-go.
+	//
+	// [credentials.ErrBadCredentialFormat]: https://pkg.go.dev/oras.land/oras-go/v2/registry/remote/credentials#ErrBadCredentialFormat
+	ErrBadCredentialFormat = credentials.ErrBadCredentialFormat
 )
 
 // NewFileStore creates a new file credentials store.
 //
 // Reference: https://docs.docker.com/engine/reference/commandline/cli/#docker-cli-configuration-file-configjson-properties
+//
+// Deprecated: This funciton now simply calls [credentials.NewFileStore] of oras-go.
+//
+// [credentials.NewFileStore]: https://pkg.go.dev/oras.land/oras-go/v2/registry/remote/credentials#NewFileStore
 func NewFileStore(configPath string) (*FileStore, error) {
-	cfg, err := config.Load(configPath)
-	if err != nil {
-		return nil, err
-	}
-	return newFileStore(cfg), nil
-}
-
-// newFileStore creates a file credentials store based on the given config instance.
-func newFileStore(cfg *config.Config) *FileStore {
-	return &FileStore{config: cfg}
-}
-
-// Get retrieves credentials from the store for the given server address.
-func (fs *FileStore) Get(_ context.Context, serverAddress string) (auth.Credential, error) {
-	return fs.config.GetCredential(serverAddress)
-}
-
-// Put saves credentials into the store for the given server address.
-// Returns ErrPlaintextPutDisabled if fs.DisablePut is set to true.
-func (fs *FileStore) Put(_ context.Context, serverAddress string, cred auth.Credential) error {
-	if fs.DisablePut {
-		return ErrPlaintextPutDisabled
-	}
-	if err := validateCredentialFormat(cred); err != nil {
-		return err
-	}
-
-	return fs.config.PutCredential(serverAddress, cred)
-}
-
-// Delete removes credentials from the store for the given server address.
-func (fs *FileStore) Delete(_ context.Context, serverAddress string) error {
-	return fs.config.DeleteCredential(serverAddress)
-}
-
-// validateCredentialFormat validates the format of cred.
-func validateCredentialFormat(cred auth.Credential) error {
-	if strings.ContainsRune(cred.Username, ':') {
-		// Username and password will be encoded in the base64(username:password)
-		// format in the file. The decoded result will be wrong if username
-		// contains colon(s).
-		return fmt.Errorf("%w: colons(:) are not allowed in username", ErrBadCredentialFormat)
-	}
-	return nil
+	return credentials.NewFileStore(configPath)
 }
@@ -877,34 +877,3 @@ func TestFileStore_Delete_notExistConfig(t *testing.T) {
 		t.Errorf("Stat(%s) error = %v, wantErr %v", configPath, err, wantErr)
 	}
 }
-
-func Test_validateCredentialFormat(t *testing.T) {
-	tests := []struct {
-		name    string
-		cred    auth.Credential
-		wantErr error
-	}{
-		{
-			name: "Username contains colon",
-			cred: auth.Credential{
-				Username: "x:y",
-				Password: "z",
-			},
-			wantErr: ErrBadCredentialFormat,
-		},
-		{
-			name: "Password contains colon",
-			cred: auth.Credential{
-				Username: "x",
-				Password: "y:z",
-			},
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			if err := validateCredentialFormat(tt.cred); !errors.Is(err, tt.wantErr) {
-				t.Errorf("validateCredentialFormat() error = %v, wantErr %v", err, tt.wantErr)
-			}
-		})
-	}
-}
@@ -2,7 +2,7 @@ module github.com/oras-project/oras-credentials-go
 
 go 1.19
 
-require oras.land/oras-go/v2 v2.3.0
+require oras.land/oras-go/v2 v2.3.1-0.20230925030825-cb8c8bc3075c
 
 require (
 	github.com/opencontainers/go-digest v1.0.0 // indirect

@@ -4,5 +4,5 @@ github.com/opencontainers/image-spec v1.1.0-rc4 h1:oOxKUJWnFC4YGHCCMNql1x4YaDfYB
 github.com/opencontainers/image-spec v1.1.0-rc4/go.mod h1:X4pATf0uXsnn3g5aiGIsVnJBR4mxhKzfwmvK/B2NTm8=
 golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
 golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
-oras.land/oras-go/v2 v2.3.0 h1:lqX1aXdN+DAmDTKjiDyvq85cIaI4RkIKp/PghWlAGIU=
-oras.land/oras-go/v2 v2.3.0/go.mod h1:GeAwLuC4G/JpNwkd+bSZ6SkDMGaaYglt6YK2WvZP7uQ=
+oras.land/oras-go/v2 v2.3.1-0.20230925030825-cb8c8bc3075c h1:znOn5Gb/vfBI/rvruoeqUHyJEfi9woL6r/IvqnFpqRQ=
+oras.land/oras-go/v2 v2.3.1-0.20230925030825-cb8c8bc3075c/go.mod h1:LTHGmKO431CaOWkqgadzYq0sEixlO+EN/zShuWvT1Yg=