diff --git a/cmd/notation/cache.go b/cmd/notation/cache.go index fd163df4f..f42fd612c 100644 --- a/cmd/notation/cache.go +++ b/cmd/notation/cache.go @@ -34,7 +34,6 @@ var ( flagLocal, flagUsername, flagPassword, - flagPlainHTTP, }, ArgsUsage: "[reference|manifest_digest]", Action: listCachedSignatures, @@ -62,7 +61,6 @@ var ( flagLocal, flagUsername, flagPassword, - flagPlainHTTP, }, Action: pruneCachedSignatures, } @@ -76,7 +74,6 @@ var ( flagLocal, flagUsername, flagPassword, - flagPlainHTTP, }, Action: removeCachedSignatures, } diff --git a/cmd/notation/common.go b/cmd/notation/common.go index 04161ecc3..473295dc6 100644 --- a/cmd/notation/common.go +++ b/cmd/notation/common.go @@ -6,18 +6,18 @@ var ( flagUsername = &cli.StringFlag{ Name: "username", Aliases: []string{"u"}, - Usage: "username for generic remote access", + Usage: "Username for registry operations", EnvVars: []string{"NOTATION_USERNAME"}, } flagPassword = &cli.StringFlag{ Name: "password", Aliases: []string{"p"}, - Usage: "password for generic remote access", + Usage: "Password for registry operations", EnvVars: []string{"NOTATION_PASSWORD"}, } flagPlainHTTP = &cli.BoolFlag{ Name: "plain-http", - Usage: "remote access via plain HTTP", + Usage: "Registry access via plain HTTP", } flagMediaType = &cli.StringFlag{ Name: "media-type", diff --git a/cmd/notation/list.go b/cmd/notation/list.go index aa5b29602..05400e1c6 100644 --- a/cmd/notation/list.go +++ b/cmd/notation/list.go @@ -15,7 +15,6 @@ var listCommand = &cli.Command{ Flags: []cli.Flag{ flagUsername, flagPassword, - flagPlainHTTP, }, Action: runList, } diff --git a/cmd/notation/login.go b/cmd/notation/login.go index 45630276d..3d1329817 100644 --- a/cmd/notation/login.go +++ b/cmd/notation/login.go @@ -3,6 +3,9 @@ package main import ( "errors" "fmt" + "io" + "os" + "strings" "github.com/notaryproject/notation/pkg/auth" "github.com/urfave/cli/v2" @@ -10,14 +13,25 @@ import ( ) var loginCommand = &cli.Command{ - Name: "login", - Usage: "Log in the specified registry hostname", - ArgsUsage: "", + Name: "login", + Usage: "Provides credentials for authenticated registry operations", + UsageText: `notation login [options] [server] + +Example - Login with provided username and password: + notation login -u -p registry.example.com + +Example - Login using $NOTATION_USERNAME $NOTATION_PASSWORD variables: + notation login registry.example.com`, + ArgsUsage: "[server]", Flags: []cli.Flag{ flagUsername, flagPassword, - flagPlainHTTP, + &cli.BoolFlag{ + Name: "password-stdin", + Usage: "Take the password from stdin", + }, }, + Before: readPassword, Action: runLogin, } @@ -65,3 +79,24 @@ func newCredentialFromInput(username, password string) orasauth.Credential { } return c } + +func readPassword(ctx *cli.Context) error { + if ctx.Bool("password-stdin") { + password, err := readLine() + if err != nil { + return err + } + ctx.Set(flagPassword.Name, password) + } + return nil +} + +func readLine() (string, error) { + passwordBytes, err := io.ReadAll(os.Stdin) + if err != nil { + return "", err + } + password := strings.TrimSuffix(string(passwordBytes), "\n") + password = strings.TrimSuffix(password, "\r") + return password, nil +} diff --git a/cmd/notation/logout.go b/cmd/notation/logout.go index 615f8e50c..5eb707210 100644 --- a/cmd/notation/logout.go +++ b/cmd/notation/logout.go @@ -10,7 +10,7 @@ import ( var logoutCommand = &cli.Command{ Name: "logout", Usage: "Log out the specified registry hostname", - ArgsUsage: "", + ArgsUsage: "[server]", Action: runLogout, } diff --git a/cmd/notation/main.go b/cmd/notation/main.go index 2b7beab16..fd2bea3a4 100644 --- a/cmd/notation/main.go +++ b/cmd/notation/main.go @@ -18,6 +18,9 @@ func main() { Name: "CNCF Notary Project", }, }, + Flags: []cli.Flag{ + flagPlainHTTP, + }, Commands: []*cli.Command{ signCommand, verifyCommand, diff --git a/cmd/notation/pull.go b/cmd/notation/pull.go index 9a3b52d36..3d4051dcc 100644 --- a/cmd/notation/pull.go +++ b/cmd/notation/pull.go @@ -26,7 +26,6 @@ var pullCommand = &cli.Command{ flagOutput, flagUsername, flagPassword, - flagPlainHTTP, }, Action: runPull, } diff --git a/cmd/notation/push.go b/cmd/notation/push.go index 3147a67dc..1d5eab871 100644 --- a/cmd/notation/push.go +++ b/cmd/notation/push.go @@ -19,7 +19,6 @@ var pushCommand = &cli.Command{ flagSignature, flagUsername, flagPassword, - flagPlainHTTP, }, Action: runPush, } diff --git a/cmd/notation/sign.go b/cmd/notation/sign.go index 31c51c920..47104f218 100644 --- a/cmd/notation/sign.go +++ b/cmd/notation/sign.go @@ -36,7 +36,6 @@ var signCommand = &cli.Command{ }, flagUsername, flagPassword, - flagPlainHTTP, flagMediaType, cmd.FlagPluginConfig, }, diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index 085cdec45..ad4ad0492 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -40,7 +40,6 @@ var verifyCommand = &cli.Command{ flagLocal, flagUsername, flagPassword, - flagPlainHTTP, flagMediaType, }, Action: runVerify,