func CreateRegistryCredentialFromString()

in graph/registry_credential.go [57:125]

• 63 lines of code
• 16 McCabe index (conditional complexity)

func CreateRegistryCredentialFromString(str string) (*RegistryCredential, error) {
	var cred RegistryCredential
	if err := json.Unmarshal([]byte(str), &cred); err != nil {
		return nil, errors.Wrap(err, "unable to unmarshal Credentials from string")
	}

	usernameType := strings.ToLower(cred.UsernameType)
	passwordType := strings.ToLower(cred.PasswordType)

	if cred.Registry == "" {
		return nil, errInvalidRegName
	}

	var retVal *RegistryCredential

	isOpaque := usernameType == Opaque && passwordType == Opaque
	hasVaultSecret := usernameType == VaultSecret || passwordType == VaultSecret
	isMSI := usernameType == "" && passwordType == ""

	if isOpaque {
		if cred.Username == "" {
			return nil, errInvalidUsername
		}
		if cred.Password == "" {
			return nil, errInvalidPassword
		}
		retVal = &RegistryCredential{
			Registry:     cred.Registry,
			Username:     cred.Username,
			UsernameType: usernameType,
			Password:     cred.Password,
			PasswordType: passwordType,
		}
	} else if hasVaultSecret {
		if cred.Username == "" {
			return nil, errInvalidUsername
		}
		if cred.Password == "" {
			return nil, errInvalidPassword
		}
		if cred.Identity == "" {
			return nil, errInvalidIdentity
		}
		retVal = &RegistryCredential{
			Registry:     cred.Registry,
			Username:     cred.Username,
			UsernameType: usernameType,
			Password:     cred.Password,
			PasswordType: passwordType,
			Identity:     cred.Identity,
		}
	} else if isMSI {
		if cred.Identity == "" {
			return nil, errInvalidIdentity
		}
		if cred.AadResourceID == "" {
			return nil, errInvalidAadResourceID
		}
		retVal = &RegistryCredential{
			Registry:      cred.Registry,
			Identity:      cred.Identity,
			AadResourceID: cred.AadResourceID,
		}
	} else {
		return nil, errCouldNotClassify
	}

	return retVal, nil
}