fix docker credential type errors (dependabot#9091)

Co-authored-by: Noorul Islam K M <noorul@noorul.com>
ylecuyer · Feb 21, 2024 · 12a7b8d · 12a7b8d
1 parent c676f59
commit 12a7b8d
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 24 deletions.
diff --git a/docker/lib/dependabot/docker/utils/credentials_finder.rb b/docker/lib/dependabot/docker/utils/credentials_finder.rb
@@ -4,19 +4,23 @@
 require "aws-sdk-ecr"
 require "base64"
 
+require "dependabot/credential"
 require "dependabot/errors"
 
 module Dependabot
   module Docker
     module Utils
       class CredentialsFinder
+        extend T::Sig
+
         AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+)\.amazonaws\.com/
         DEFAULT_DOCKER_HUB_REGISTRY = "registry.hub.docker.com"
 
         def initialize(credentials)
           @credentials = credentials
         end
 
+        sig { params(registry_hostname: String).returns(T.nilable(Dependabot::Credential)) }
         def credentials_for_registry(registry_hostname)
           registry_details =
             credentials
@@ -42,8 +46,10 @@ def using_dockerhub?(registry)
 
         private
 
+        sig { returns(T::Array[Dependabot::Credential]) }
         attr_reader :credentials
 
+        sig { params(registry_details: Dependabot::Credential).returns(Dependabot::Credential) }
         def build_aws_credentials(registry_details)
           # If credentials have been generated from AWS we can just return them
           return registry_details if registry_details["username"] == "AWS"
@@ -75,7 +81,7 @@ def build_aws_credentials(registry_details)
             ecr_client.get_authorization_token.authorization_data.first.authorization_token
           username, password =
             Base64.decode64(@authorization_tokens[registry_hostname]).split(":")
-          registry_details.merge("username" => username, "password" => password)
+          registry_details.merge(Dependabot::Credential.new({ "username" => username, "password" => password }))
         rescue Aws::Errors::MissingCredentialsError,
                Aws::ECR::Errors::UnrecognizedClientException,
                Aws::ECR::Errors::InvalidSignatureException

diff --git a/docker/spec/dependabot/docker/update_checker_spec.rb b/docker/spec/dependabot/docker/update_checker_spec.rb
@@ -24,12 +24,12 @@
   let(:ignored_versions) { [] }
   let(:raise_on_ignored) { false }
   let(:credentials) do
-    [{
+    [Dependabot::Credential.new({
       "type" => "git_source",
       "host" => "github.com",
       "username" => "x-access-token",
       "password" => "token"
-    }]
+    })]
   end
 
   let(:dependency) do
@@ -1107,17 +1107,17 @@ def stub_tag_with_no_digest(tag)
 
       context "with authentication credentials" do
         let(:credentials) do
-          [{
+          [Dependabot::Credential.new({
             "type" => "git_source",
             "host" => "github.com",
             "username" => "x-access-token",
             "password" => "token"
-          }, {
+          }), Dependabot::Credential.new({
             "type" => "docker_registry",
             "registry" => "registry-host.io:5000",
             "username" => "grey",
             "password" => "pa55word"
-          }]
+          })]
         end
 
         before do
@@ -1130,15 +1130,15 @@ def stub_tag_with_no_digest(tag)
 
         context "that don't have a username or password" do
           let(:credentials) do
-            [{
+            [Dependabot::Credential.new({
               "type" => "git_source",
               "host" => "github.com",
               "username" => "x-access-token",
               "password" => "token"
-            }, {
+            }), Dependabot::Credential.new({
               "type" => "docker_registry",
               "registry" => "registry-host.io:5000"
-            }]
+            })]
           end
 
           it { is_expected.to eq("17.10") }

diff --git a/docker/spec/dependabot/docker/utils/credentials_finder_spec.rb b/docker/spec/dependabot/docker/utils/credentials_finder_spec.rb
@@ -10,12 +10,12 @@
 RSpec.describe Dependabot::Docker::Utils::CredentialsFinder do
   subject(:finder) { described_class.new(credentials) }
   let(:credentials) do
-    [{
+    [Dependabot::Credential.new({
       "type" => "docker_registry",
       "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com",
       "username" => "grey",
       "password" => "pa55word"
-    }]
+    })]
   end
 
   describe "#credentials_for_registry" do
@@ -30,12 +30,12 @@
     context "with a non-AWS registry" do
       let(:registry) { "my.registry.com" }
       let(:credentials) do
-        [{
+        [Dependabot::Credential.new({
           "type" => "docker_registry",
           "registry" => "my.registry.com",
           "username" => "grey",
           "password" => "pa55word"
-        }]
+        })]
       end
 
       it { is_expected.to eq(credentials.first) }
@@ -46,23 +46,23 @@
 
       context "with 'AWS' as the username" do
         let(:credentials) do
-          [{
+          [Dependabot::Credential.new({
             "type" => "docker_registry",
             "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com",
             "username" => "AWS",
             "password" => "pa55word"
-          }]
+          })]
         end
 
         it { is_expected.to eq(credentials.first) }
       end
 
       context "without a username or password" do
         let(:credentials) do
-          [{
+          [Dependabot::Credential.new({
             "type" => "docker_registry",
             "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com"
-          }]
+          })]
         end
 
         context "and a valid AWS response (via proxying)" do
@@ -75,7 +75,7 @@
           end
 
           it "returns details without credentials" do
-            expect(found_credentials).to eq(
+            expect(found_credentials.to_h).to eq(
               "type" => "docker_registry",
               "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com"
             )
@@ -85,12 +85,12 @@
 
       context "with as AKID as the username" do
         let(:credentials) do
-          [{
+          [Dependabot::Credential.new({
             "type" => "docker_registry",
             "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com",
             "username" => "AKIAIHYCC4QXL4X2OTCQ",
             "password" => "pa55word"
-          }]
+          })]
         end
 
         context "and an invalid secret key as the password" do
@@ -145,7 +145,7 @@
           end
 
           it "returns an updated set of credentials" do
-            expect(found_credentials).to eq(
+            expect(found_credentials.to_h).to eq(
               "type" => "docker_registry",
               "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com",
               "username" => "AWS",
@@ -157,10 +157,10 @@
 
       context "using the default credentials provider" do
         let(:credentials) do
-          [{
+          [Dependabot::Credential.new({
             "type" => "docker_registry",
             "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com"
-          }]
+          })]
         end
 
         context "and a valid AWS response" do
@@ -175,7 +175,7 @@
           end
 
           it "returns updated, valid credentials" do
-            expect(found_credentials).to eq(
+            expect(found_credentials.to_h).to eq(
               "type" => "docker_registry",
               "registry" => "695729449481.dkr.ecr.eu-west-2.amazonaws.com",
               "username" => "foo",