MCPcopy Index your code
hub / github.com/docker/docker-agent / NewDefaultProvider

Function NewDefaultProvider

pkg/environment/default.go:16–56  ·  view source on GitHub ↗

NewDefaultProvider creates a provider chain with OS env, run secrets, credential helper (if configured), Docker Desktop, pass, and keychain providers. The whole chain is wrapped so that values shaped like "op://..." are resolved as 1Password secret references through the `op` CLI. When running insi

()

Source from the content-addressed store, hash-verified

14// [SandboxTokenProvider] is prepended so that DOCKER_TOKEN is read from the
15// JSON file written by the host-side token writer.
16func NewDefaultProvider() Provider {
17 var providers []Provider
18
19 // Inside a sandbox the Docker Desktop backend API is unreachable and
20 // any DOCKER_TOKEN env var is a stale one-shot value.
21 // Workaround: Prepend a file-based provider that reads the continuously-refreshed token.
22 // The host writes the token file into the config directory (mounted read-only
23 // into the sandbox), so we must read from GetConfigDir — not GetDataDir.
24 if InSandbox() {
25 providers = append(providers,
26 NewSandboxTokenProvider(SandboxTokensFilePath(paths.GetConfigDir())),
27 )
28 }
29
30 providers = append(providers,
31 NewOsEnvProvider(),
32 NewRunSecretsProvider(),
33 )
34
35 // Add credential helper provider if configured
36 if cfg, err := userconfig.Load(); err == nil && cfg.CredentialHelper != nil && cfg.CredentialHelper.Command != "" {
37 providers = append(providers, NewCredentialHelperProvider(cfg.CredentialHelper.Command, cfg.CredentialHelper.Args...))
38 }
39
40 // Docker Desktop provider comes after credential helper
41 providers = append(providers, NewDockerDesktopProvider())
42
43 // Append pass provider at the end if available
44 if passProvider, err := NewPassProvider(); err == nil {
45 providers = append(providers, passProvider)
46 }
47
48 // Append keychain provider if available
49 if keychainProvider, err := NewKeychainProvider(); err == nil {
50 providers = append(providers, keychainProvider)
51 }
52
53 // Resolve any "op://" secret references through the 1Password CLI,
54 // regardless of which provider returned the value.
55 return NewOnePasswordProvider(NewMultiProvider(providers...))
56}

Callers 9

AskMethod · 0.92
computedEnvProviderMethod · 0.92
runInSandboxFunction · 0.92
runFunction · 0.92
runFunction · 0.92
runFunction · 0.92
runFunction · 0.92
runFunction · 0.92
runFunction · 0.92

Calls 13

GetConfigDirFunction · 0.92
LoadFunction · 0.92
InSandboxFunction · 0.85
NewSandboxTokenProviderFunction · 0.85
SandboxTokensFilePathFunction · 0.85
NewOsEnvProviderFunction · 0.85
NewRunSecretsProviderFunction · 0.85
NewDockerDesktopProviderFunction · 0.85
NewPassProviderFunction · 0.85
NewKeychainProviderFunction · 0.85
NewOnePasswordProviderFunction · 0.85

Tested by

no test coverage detected