remoteOptions builds the options for a puller, reusing the exact remote.Option slice crane assembled (transport, context, platform, user-agent, jobs, ...). crane keeps the authenticator at index 0, so we only override that entry: authn.Anonymous for the first attempt, or the keychain (crane's origin
(auth authn.Authenticator)
| 263 | // authn.Anonymous for the first attempt, or the keychain (crane's original |
| 264 | // option) for the credentialed fallback. |
| 265 | func (s *session) remoteOptions(auth authn.Authenticator) []remote.Option { |
| 266 | opts := slices.Clone(s.opts.Remote) |
| 267 | if auth != nil && len(opts) > 0 { |
| 268 | opts[0] = remote.WithAuth(auth) |
| 269 | } |
| 270 | return opts |
| 271 | } |
| 272 | |
| 273 | // shouldRetryWithCredentials reports whether an anonymous registry request |
| 274 | // failed in a way that authenticating might fix: the registry denied access |
no test coverage detected