mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2024-11-10 07:04:24 +00:00
[chore] - set custom transport for the Docker client (#3156)
* set custom transport for docker * fix lint
This commit is contained in:
ahrav
GitHub
parent
04a13385a8
commit
ddb7211ded
1 changed files with 30 additions and 14 deletions
|
|
@ -5,7 +5,10 @@ import (
|
|||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/google/go-containerregistry/pkg/authn"
|
||||
"github.com/google/go-containerregistry/pkg/name"
|
||||
|
|
@ -382,29 +385,42 @@ func (s *Source) processChunk(ctx context.Context, info chunkProcessingInfo, chu
|
|||
}
|
||||
|
||||
func (s *Source) remoteOpts() ([]remote.Option, error) {
|
||||
defaultTransport := &http.Transport{
|
||||
Proxy: http.ProxyFromEnvironment,
|
||||
DialContext: (&net.Dialer{
|
||||
Timeout: 30 * time.Second,
|
||||
KeepAlive: 30 * time.Second,
|
||||
}).DialContext,
|
||||
ForceAttemptHTTP2: true,
|
||||
MaxIdleConns: s.concurrency * 4,
|
||||
IdleConnTimeout: 90 * time.Second,
|
||||
TLSHandshakeTimeout: 10 * time.Second,
|
||||
ExpectContinueTimeout: 1 * time.Second,
|
||||
MaxIdleConnsPerHost: s.concurrency * 2,
|
||||
}
|
||||
|
||||
var opts []remote.Option
|
||||
opts = append(opts, remote.WithTransport(defaultTransport))
|
||||
|
||||
switch s.conn.GetCredential().(type) {
|
||||
case *sourcespb.Docker_Unauthenticated:
|
||||
return nil, nil
|
||||
case *sourcespb.Docker_BasicAuth:
|
||||
return []remote.Option{
|
||||
remote.WithAuth(&authn.Basic{
|
||||
Username: s.conn.GetBasicAuth().GetUsername(),
|
||||
Password: s.conn.GetBasicAuth().GetPassword(),
|
||||
}),
|
||||
}, nil
|
||||
opts = append(opts, remote.WithAuth(&authn.Basic{
|
||||
Username: s.conn.GetBasicAuth().GetUsername(),
|
||||
Password: s.conn.GetBasicAuth().GetPassword(),
|
||||
}))
|
||||
case *sourcespb.Docker_BearerToken:
|
||||
return []remote.Option{
|
||||
remote.WithAuth(&authn.Bearer{
|
||||
Token: s.conn.GetBearerToken(),
|
||||
}),
|
||||
}, nil
|
||||
opts = append(opts, remote.WithAuth(&authn.Bearer{
|
||||
Token: s.conn.GetBearerToken(),
|
||||
}))
|
||||
case *sourcespb.Docker_DockerKeychain:
|
||||
return []remote.Option{
|
||||
remote.WithAuthFromKeychain(authn.DefaultKeychain),
|
||||
}, nil
|
||||
opts = append(opts, remote.WithAuthFromKeychain(authn.DefaultKeychain))
|
||||
default:
|
||||
return nil, fmt.Errorf("unknown credential type: %T", s.conn.Credential)
|
||||
}
|
||||
|
||||
return opts, nil
|
||||
}
|
||||
|
||||
func baseAndTagFromImage(image string) (base, tag string, hasDigest bool) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue