ssh_auth_podman_push_lib/
lib.rs

1// ssh_auth_podman_push/src/lib.rs
2
3// region: auto_md_to_doc_comments include README.md A //!
4//! # ssh_auth_podman_push
5//!
6//! **Store and use encrypted docker-hub secret_token with SSH key**  
7//! ***version: 1.1.9 date: 2025-04-01 author: [bestia.dev](https://bestia.dev) repository: [GitHub](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push)***
8//!
9//!  ![work-in-progress](https://img.shields.io/badge/work_in_progress-yellow)
10//!  ![rustlang](https://img.shields.io/badge/rustlang-orange)
11//!  ![docker-hub](https://img.shields.io/badge/docker_hub-orange)
12//!
13//!  [![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/blob/main/LICENSE)
14//!  [![Rust](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/workflows/rust_fmt_auto_build_test/badge.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/)
15//!  [![crates.io](https://img.shields.io/crates/v/ssh_auth_podman_push.svg)](https://crates.io/crates/ssh_auth_podman_push)
16//!  [![Documentation](https://docs.rs/ssh_auth_podman_push/badge.svg)](https://docs.rs/ssh_auth_podman_push/)
17//!  [![Lib.rs](https://img.shields.io/badge/Lib.rs-rust-orange.svg)](https://lib.rs/crates/ssh_auth_podman_push/)  
18//!  [![Rust](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/workflows/rust_fmt_auto_build_test/badge.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/)
19//!  [![Newest docs](https://img.shields.io/badge/newest_docs-blue.svg)](https://CRUSTDE-ContainerizedRustDevEnv.github.io/ssh_auth_podman_push/ssh_auth_podman_push/index.html)
20//!  ![ssh_auth_podman_push](https://bestia.dev/webpage_hit_counter/get_svg_image/1719458563.svg)
21//!
22//! [![Lines in Rust code](https://img.shields.io/badge/Lines_in_Rust-539-green.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/)
23//! [![Lines in Doc comments](https://img.shields.io/badge/Lines_in_Doc_comments-306-blue.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/)
24//! [![Lines in Comments](https://img.shields.io/badge/Lines_in_comments-66-purple.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/)
25//! [![Lines in examples](https://img.shields.io/badge/Lines_in_examples-0-yellow.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/)
26//! [![Lines in tests](https://img.shields.io/badge/Lines_in_tests-1-orange.svg)](https://github.com/CRUSTDE-ContainerizedRustDevEnv/ssh_auth_podman_push/)
27//!
28//! Hashtags: #maintained #ready-for-use #rustlang #automation #workflow  
29//! My projects on GitHub are more like a tutorial than a finished product: [bestia-dev tutorials](https://github.com/bestia-dev/tutorials_rust_wasm).  
30//! I recommend using the [CRUSTDE - Containerized Rust Development Environment](https://github.com/CRUSTDE-ContainerizedRustDevEnv/crustde_cnt_img_pod) to write Rust projects on Linux, isolated from your system.  
31//!
32//! ## Motivation
33//!
34//! To access docker-hub you need a username+password or an access secret_token.  
35//! IMPORTANT: Treat access secret_tokens like your password and keep them secret. Store your secret_tokens securely in a credential manager for example.  
36//! Access secret_tokens are impossible to remember for an average human. We need to store them somewhere.  
37//! FYI: Podman is an alternative "drop-in replacement" for Docker.  
38//! I am sure they both store the docker-hub secret_token for login with the command:
39//!
40//! ```bash
41//! podman login --username user_name docker.io
42//! docker login --username user_name docker.io
43//! ```
44//!
45//! WARNING: Be aware that they store the secret_token in "plain-text" in the file: `${XDG_RUNTIME_DIR}/containers/auth.json`.  
46//! Ok, it is not really plain-text, but base64 encoding is not a security feature.  
47//! This means that every attacker that can get to this well-known file, can log in to our Docker Hub account. No bueno!!!
48//!
49//! I want to secure this secret_token with encryption with an SSH key.  
50//! We have already a lot of experience creating, managing and securing our SSH keys. The private key is secured by a passphrase we can remember and type. Every use of the secret_token will need user interaction to type the passphrase. Very secure.  
51//!
52//! If we are very self-confident in our current session, we can store the SSH key in ssh-agent and write our passphrase only once.  
53//! WARNING: a dedicated attacker could read from ssh-agent and discover the access secret_token without our user interaction. Use this at your discretion.  
54//!
55//! ## Replacement command
56//!
57//! Put the executable `ssh_auth_podman_push` into the folder you intend to use it.  
58//! After copying, make it executable with `chmod +x ssh_auth_podman_push`.  
59//! Instead of `podman push...` use `ssh_auth_podman_push`.  
60//! If it finds the encrypted secret_token it will ask you for the passphrase to the private SSH key.  
61//! Else it will ask you to store the encrypted secret_token with the SSH prvate key. It will be secured behind a passphrase as SSH keys do.
62//!
63//! ## Development details
64//!
65//! Read the development details in a separate md file:
66//! [DEVELOPMENT.md](DEVELOPMENT.md)
67//!
68//! ## Releases changelog
69//!
70//! Read the releases changelog in a separate md file:
71//! [RELEASES.md](RELEASES.md)
72//!
73//! ## TODO
74//!
75//! And code happily ever after...
76//!
77//! ## Open-source and free as a beer
78//!
79//! My open-source projects are free as a beer (MIT license).  
80//! I just love programming.  
81//! But I need also to drink. If you find my projects and tutorials helpful, please buy me a beer by donating to my [PayPal](https://paypal.me/LucianoBestia).  
82//! You know the price of a beer in your local bar ;-)  
83//! So I can drink a free beer for your health :-)  
84//! [Na zdravje!](https://translate.google.com/?hl=en&sl=sl&tl=en&text=Na%20zdravje&op=translate) [Alla salute!](https://dictionary.cambridge.org/dictionary/italian-english/alla-salute) [Prost!](https://dictionary.cambridge.org/dictionary/german-english/prost) [Nazdravlje!](https://matadornetwork.com/nights/how-to-say-cheers-in-50-languages/) 🍻
85//!
86//! [//bestia.dev](https://bestia.dev)  
87//! [//github.com/bestia-dev](https://github.com/bestia-dev)  
88//! [//bestiadev.substack.com](https://bestiadev.substack.com)  
89//! [//youtube.com/@bestia-dev-tutorials](https://youtube.com/@bestia-dev-tutorials)  
90//!
91// endregion: auto_md_to_doc_comments include README.md A //!
92
93// access to modules
94mod encrypt_decrypt_with_ssh_key_mod;
95mod error_mod;
96
97use crate::encrypt_decrypt_with_ssh_key_mod as ende;
98
99// `pub use` allows the caller of the lib to access modules functions, structs or all(*)
100pub use ende::docker_io_api_token_mod::docker_io_config_initialize;
101pub use ende::docker_io_api_token_mod::push_to_docker_hub;
102
103// // https://github.com/shiena/ansicolor/blob/master/README.md
104
105/// ANSI color
106#[allow(dead_code)]
107pub const RED: &str = "\x1b[31m";
108/// ANSI color
109#[allow(dead_code)]
110pub const YELLOW: &str = "\x1b[33m";
111/// ANSI color
112#[allow(dead_code)]
113pub const GREEN: &str = "\x1b[32m";
114/// ANSI color
115#[allow(dead_code)]
116pub const RESET: &str = "\x1b[0m";
117/// ANSI color
118#[allow(dead_code)]
119pub const BLUE: &str = "\x1b[34m";