Do not create temporary file when dealing with container registry credentials

[programmer04]

Problem Statement

Currently due to the limitations of oras-go the easiest (and basically the only possible, sensible way) is to deal with Dockder credentials when they are stored as a file. It doesn't provide API for supplying them in this format as a string, []byte or io.Reader, etc. Hence a temporary file is created to supply those credentials, see

gateway-operator/controller/kongplugininstallation/image/image.go

Lines 121 to 139 in c87be57

	// CredentialsStoreFromString expects content of typical configuration as a string, described
	// in https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry
	// and returns credentials.Store.
	// This is typical way how private registries are used with Docker and Kubernetes.
	func CredentialsStoreFromString(s string) (credentials.Store, error) {
	// TODO: Now we create temporary file, which is not great and should be changed,
	// but it's the only way to use credentials.NewFileStore(...) which robustly
	// parses config.json (format used by Docker and Kubernetes).
	tmpFile, err := os.CreateTemp("", "credentials")
	if err != nil {
	return nil, fmt.Errorf("failed to create temporary file: %w", err)
	}
	defer os.Remove(tmpFile.Name())
	defer tmpFile.Close()
	if _, err = tmpFile.WriteString(s); err != nil {
	return nil, fmt.Errorf("failed to write credentials to file: %w", err)
	}
	return credentials.NewFileStore(tmpFile.Name())
	}

It's not the best approach from a security, maintainability, and extensibility point of view.

Proposed Solution

Submit PR to oras-go that will extend the API of this library to be able to consume credentials in Docker's config.json format not only from a file directly but from one of string, []byte or io.Reader.

In case something like that is not an option provide an implementation in KGO codebase.

Acceptance Criteria

• Temporary file is not created as a workaround for dealing with credentials in Docker's config.json format