search

docker / docker-credential-helpers

Programs to keep Docker login credentials safe by storing in platform keystores
MIT License
1.05k stars 166 forks source link

Repeatative 'login' keychain password prompt - MacOS Sonoma, Apple SIlicon #319

Closed cidrbl0ck closed 4 months ago

cidrbl0ck commented 4 months ago

M3 MacBookPro - Sonoma 14.3.1 Server: Docker Engine - 25.0.3 - darwin/arm64 Client: Docker Engine - 25.0.4 - darwin/arm64 Docker-credential-osxkeychain - 0.7.0 Orbstack - 1.4.3 Homebrew 4.2.11 Arm64 Installed via brew install --cask docker I can run docker login <registry> and login successfully. But when I attempt a docker pull <registry>:/image when I reach the first letter in the registries name, the docker-credential-osxkeychain pops up wanting to use index.docker.io in my keychain.

That's fine, I enter my password and click on Always Allow. As soon as I type the very next letter (and every subsequent one) yet another keychain prompt appears.. identical to the first. I don't know if my password is not being accepted.. I mean I only have the one. But Allow nor Always Allow actually seems to allow this request. if I try to be sneaky and pound the keys quickly I can get two before the popup appears, yet it's not just one but two popups.

Found this Issue

 ben@BufferOverflow  ~/Downloads  spctl -a /usr/local/bin/docker-credential-osxkeychain
/usr/local/bin/docker-credential-osxkeychain: rejected (the code is valid but does not seem to be an app)
 ben@BufferOverflow  ~/Downloads  spctl -a /usr/local/bin/docker-credential-osxkeychain
/usr/local/bin/docker-credential-osxkeychain: rejected (the code is valid but does not seem to be an app)
 ben@BufferOverflow  ~/Downloads  echo https://index.docker.io/v1/ | docker-credential-osxkeychain get
{"ServerURL":"https://index.docker.io/v1/","Username":"yyyyy","Secret":"xxxxxx"}
 ben@BufferOverflow  ~/Downloads  codesign --force --deep -s - docker-credential-osxkeychain
docker-credential-osxkeychain: No such file or directory
 ben@BufferOverflow  ~/Downloads  codesign --force --deep -s - /usr/local/bin/docker-credential-osxkeychain
/usr/local/bin/docker-credential-osxkeychain: replacing existing signature
/usr/local/bin/docker-credential-osxkeychain: internal error in Code Signing subsystem
 ben@BufferOverflow  ~/Downloads  spctl -a /usr/local/bin/docker-credential-osxkeychain
/usr/local/bin/docker-credential-osxkeychain: rejected (the code is valid but does not seem to be an app)
 ben@BufferOverflow  ~/Downloads 
cidrbl0ck commented 4 months ago

Ok so after a reboot from installing the sonoma 14.3.4 update last night this appears to no longer be a problem.