From 3a7826d48cabb2721209d4c2b61e12ddb6c91ada Mon Sep 17 00:00:00 2001
From: Vyacheslav Starostin <vyacheslav.starostin@sap.com>
Date: Fri, 24 Nov 2023 13:19:54 +0600
Subject: [PATCH] Fetch source creds from Vault

---
 cmd/imagePushToRegistry_generated.go        | 17 +++++++++++++++--
 pkg/docker/docker.go                        |  6 ------
 resources/metadata/imagePushToRegistry.yaml | 11 +++++++++--
 3 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/cmd/imagePushToRegistry_generated.go b/cmd/imagePushToRegistry_generated.go
index 15b17ed55b..52c25e2d98 100644
--- a/cmd/imagePushToRegistry_generated.go
+++ b/cmd/imagePushToRegistry_generated.go
@@ -48,7 +48,8 @@ func ImagePushToRegistryCommand() *cobra.Command {
 		Long: `In case you want to pull an existing image from a remote container registry, a source image and source registry needs to be specified.<br />
 This makes it possible to move an image from one registry to another.
 
-imagePushToRegistry is not similar in functionality to containerPushToRegistry (which is currently a groovy based step and only be used in jenkins). currently imagePushToRegistry only`,
+The imagePushToRegistry is not similar in functionality to containerPushToRegistry (which is currently a groovy based step and only be used in jenkins).
+Currently the imagePushToRegistry only supports copying a local image or image from source remote registry to destination registry.`,
 		PreRunE: func(cmd *cobra.Command, _ []string) error {
 			startTime = time.Now()
 			log.SetStepName(STEP_NAME)
@@ -135,7 +136,7 @@ imagePushToRegistry is not similar in functionality to containerPushToRegistry (
 
 func addImagePushToRegistryFlags(cmd *cobra.Command, stepConfig *imagePushToRegistryOptions) {
 	cmd.Flags().StringVar(&stepConfig.TargetImage, "targetImage", os.Getenv("PIPER_targetImage"), "Defines the name (incl. tag) of the target image. If empty, sourceImage will be used.")
-	cmd.Flags().StringVar(&stepConfig.SourceImage, "sourceImage", os.Getenv("PIPER_sourceImage"), "Defines the name (incl. tag) of the source image to be pushed to a new image defined in `targetDockerImage`. This is helpful for moving images from one location to another.")
+	cmd.Flags().StringVar(&stepConfig.SourceImage, "sourceImage", os.Getenv("PIPER_sourceImage"), "Defines the name (incl. tag) of the source image to be pushed to a new image defined in `targetImage`. This is helpful for moving images from one location to another.")
 	cmd.Flags().StringVar(&stepConfig.SourceRegistryURL, "sourceRegistryUrl", os.Getenv("PIPER_sourceRegistryUrl"), "Defines a registry url from where the image should optionally be pulled from, incl. the protocol like `https://my.registry.com`*\"")
 	cmd.Flags().StringVar(&stepConfig.SourceRegistryUser, "sourceRegistryUser", os.Getenv("PIPER_sourceRegistryUser"), "Username of the source registry where the image should be pushed pulled from.")
 	cmd.Flags().StringVar(&stepConfig.SourceRegistryPassword, "sourceRegistryPassword", os.Getenv("PIPER_sourceRegistryPassword"), "Password of the source registry where the image should be pushed pulled from.")
@@ -222,6 +223,12 @@ func imagePushToRegistryMetadata() config.StepData {
 								Name:  "commonPipelineEnvironment",
 								Param: "container/repositoryUsername",
 							},
+
+							{
+								Name:    "registryCredentialsVaultSecretName",
+								Type:    "vaultSecret",
+								Default: "docker-registry",
+							},
 						},
 						Scope:     []string{"PARAMETERS", "STAGES", "STEPS"},
 						Type:      "string",
@@ -236,6 +243,12 @@ func imagePushToRegistryMetadata() config.StepData {
 								Name:  "commonPipelineEnvironment",
 								Param: "container/repositoryPassword",
 							},
+
+							{
+								Name:    "registryCredentialsVaultSecretName",
+								Type:    "vaultSecret",
+								Default: "docker-registry",
+							},
 						},
 						Scope:     []string{"PARAMETERS", "STAGES", "STEPS"},
 						Type:      "string",
diff --git a/pkg/docker/docker.go b/pkg/docker/docker.go
index 283f7aa68a..d0619b7dd9 100644
--- a/pkg/docker/docker.go
+++ b/pkg/docker/docker.go
@@ -16,7 +16,6 @@ import (
 	cranecmd "github.com/google/go-containerregistry/cmd/crane/cmd"
 	"github.com/google/go-containerregistry/pkg/authn"
 	"github.com/google/go-containerregistry/pkg/crane"
-	"github.com/google/go-containerregistry/pkg/logs"
 	"github.com/google/go-containerregistry/pkg/name"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/remote"
@@ -31,11 +30,6 @@ type AuthEntry struct {
 	Auth string `json:"auth,omitempty"`
 }
 
-func init() {
-	logs.Warn.SetOutput(os.Stderr)
-	logs.Progress.SetOutput(os.Stderr)
-}
-
 // MergeDockerConfigJSON merges two docker config.json files.
 func MergeDockerConfigJSON(sourcePath, targetPath string, utils piperutils.FileUtils) error {
 	if exists, _ := utils.FileExists(sourcePath); !exists {
diff --git a/resources/metadata/imagePushToRegistry.yaml b/resources/metadata/imagePushToRegistry.yaml
index e2564974d0..76d1ee3c6e 100644
--- a/resources/metadata/imagePushToRegistry.yaml
+++ b/resources/metadata/imagePushToRegistry.yaml
@@ -5,7 +5,8 @@ metadata:
     In case you want to pull an existing image from a remote container registry, a source image and source registry needs to be specified.<br />
     This makes it possible to move an image from one registry to another.
 
-    imagePushToRegistry is not similar in functionality to containerPushToRegistry (which is currently a groovy based step and only be used in jenkins). currently imagePushToRegistry only
+    The imagePushToRegistry is not similar in functionality to containerPushToRegistry (which is currently a groovy based step and only be used in jenkins).
+    Currently the imagePushToRegistry only supports copying a local image or image from source remote registry to destination registry.
 
 spec:
   inputs:
@@ -32,7 +33,7 @@ spec:
             param: container/imageNameTag
       - name: sourceImage
         type: string
-        description: Defines the name (incl. tag) of the source image to be pushed to a new image defined in `targetDockerImage`. This is helpful for moving images from one location to another.
+        description: Defines the name (incl. tag) of the source image to be pushed to a new image defined in `targetImage`. This is helpful for moving images from one location to another.
         mandatory: true
         scope:
           - PARAMETERS
@@ -62,6 +63,9 @@ spec:
         resourceRef:
           - name: commonPipelineEnvironment
             param: container/repositoryUsername
+          - type: vaultSecret
+            name: registryCredentialsVaultSecretName
+            default: docker-registry
       - name: sourceRegistryPassword
         type: string
         description: Password of the source registry where the image should be pushed pulled from.
@@ -72,6 +76,9 @@ spec:
         resourceRef:
           - name: commonPipelineEnvironment
             param: container/repositoryPassword
+          - type: vaultSecret
+            name: registryCredentialsVaultSecretName
+            default: docker-registry
       - name: targetRegistryUrl
         description: Defines a registry url from where the image should optionally be pushed to, incl. the protocol like `https://my.registry.com`*"
         type: string